Abstract: A method for pairing a robotic device with an application of a communication device, including the application receiving an indication to pair the robotic device with the application; the application receiving a password for the first Wi-Fi network; the robotic device enabling pairing of the robotic device with the application upon the user pressing at least one button on a user interface of the robotic device; the application displaying a map of an environment of the robotic device and a status of the robotic device and receiving mapping, cleaning, and scheduling information.

Abstract: A method of performing communication, by a terminal, in a wireless communication system, the method including receiving a radio resource control (RRC) release message; identifying configuration information for suspending based on the received RRC release message; suspending bearers including a data radio bearer (DRB) and a signaling radio bearer (SRB), except an SRB0; and indicating a packet data convergence protocol (PDCP) suspend of the DRB.

Abstract: A method and system for securely and traceably enabling playing back of content on a playback device of a plurality of playback devices, in which each of the plurality of playback devices comprises a cryptographic function module (CFM). In one embodiment, the method comprises accepting a first input in the playback device from a content licensing agency; generating, in the device, a first output from the first input according to a proprietary cryptographic function using the CFM, the first output necessary to enable playback of the content by the playback device, the proprietary cryptographic function being one of a family of proprietary cryptographic functions executable by the CFM of each of the plurality of playback devices; and enabling the playback of the content by the device at least in part according to the first output.

Abstract: Allowing access to regulated content (e.g., FDA regulated) via mobile devices can increase operational efficiency of companies that have this type of content, and allow users to quickly interact with this content even when outside of the company office. Yet, mobile devices present security issues in ensuring that the integrity of the regulated content is maintained. A regulated content management system applies a multi-step validation and authentication process to allow mobile access to regulated content. The system validates a mobile application installed on the device for regulated content access, the mobile device itself, and the credentials of the user trying to access the content before access is granted. This thus provides users with access to regulated content in a mobile environment while maintaining the integrity of the regulated content.

Abstract: An automobile device receives first data from transmitter(s) located in an automobile. A random access preamble is transmitted on an uplink carrier to a base station in response to a pre-defined condition being met based on the first data or a value of an internal timer or a user input. A time alignment command is received from the base station. Uplink signal transmission timing of the uplink carrier is adjusted according to the time alignment command. A network server transmits, via the base station over a non-GBR bearer, a first message configured to trigger establishment of a connection to the network server. A second message configured to cause transmission of the first data to the network server is received from the network server via the base station over the non-GBR bearer. The first data is encrypted and transmitted to the base station via an established non-GBR bearer.

Abstract: In one embodiment, there is a content delivery system comprising: a communication network; a media component configured to transmit media content and associated metadata to user devices; a store holding permission vouchers for users of the system; an auxiliary content management component configured to: receive a request for auxiliary content insertion information from a user device, the request comprising an identifier of a user of the user device and an identifier of desired media content; access said store to determine permission for consumption of the desired media content in a resource constrained playout mode at the device based on at least one permission voucher for the user; generate auxiliary content insertion information based on the identifier of the user, the identifier of the desired media content and the at least one permission voucher; and transmit the generated auxiliary content insertion information to the user device.

Abstract: Application configurations can be merged to enhance multi-layer performance. When a layering system is employed, a layering registry filter driver can create a merged registry hive that includes the contents of each operating system registry hive as well as the contents of each registry hive of a mounted layer. The merged registry hive will therefore form a single location that the layering registry filter driver can access to complete a registry operation.

Abstract: An automobile device transmits data to a server in a communication network. The automobile device records the data received from one or more transmitters located in an automobile. The automobile device transmits a random access preamble on an uplink carrier to a base station when a pre-defined condition is met. The automobile device encrypts the data and transmits the encrypted data to a server via a base station.

Abstract: A system, method, and apparatus for a network topology aided by a smart agent download are disclosed. The method involves authenticating, with at least one authenticator device, at least one claimant. The method further involves transmitting, by at least one transmission source, the smart agent download to at least one receiving source associated with at least one claimant. In one or more embodiments, at least one transmission source is employed in a Lower Earth Orbiting (LEO) Iridium satellite. Also, the method involves receiving, by at least one receiving source, the smart agent download. In addition, the method involves executing, by at least one processor, the smart agent download. Further, the method involves monitoring, by the smart agent download, network behavior. The monitoring of network behavior includes monitoring the users on the network, monitoring data passing through the network, and monitoring the quantity of data passing through the network.

Abstract: System, apparatus, and methods are provided for effective allocation of cyclic prefix resources in OFDM systems under benign channel conditions. Methods may include a first network device receiving a transmission, from a second network device, comprising a symbol and a cyclic prefix. The first network device determines a first signal for a useable portion of the cyclic prefix and determines a second signal for a portion of the symbol corresponding to the useable portion of the cyclic prefix. The first network device determines a third signal based on the first signal and the second signal.

Abstract: A method begins by a processing module obtaining a unique retrieval matrix based on an identity of the playback device and sending a request for retrieval of a set of encoded broadcast data slices to a dispersed storage network (DSN) memory, wherein the request includes the unique retrieval matrix and identity of the set of encoded broadcast data slices. The method continues with the processing module receiving a subset of the set of encoded broadcast data slices from the DSN memory, wherein the subset of the set of encoded broadcast data slices is based on the unique retrieval matrix. The method continues with the processing module storing the subset of the sets of encoded broadcast data slices.

Abstract: AltBOC-modulated satellite navigation signals transmitted in the two partial bands E5a and E5b of the so-called E5 frequency band are received using a common antenna (19) and thereafter are processed separately in an analog manner in the HF front-end in two physically different incoming signal paths for the two partial bands and then digitized and coherently summed to form a complete digital E5 band signal, which is fed to a digital signal processor, in which code acquisition and code tracking are performed using PRN reference code sequences produced in the receiver and tracking of the carrier phase is performed and raw data for the final navigation calculation are determined therefrom.

Abstract: Reduction of audio truncation when transcoding speech data from one coding format to another. Embodiments include receiving packets of a first communication session containing first encrypted speech data encoded according to a vocoder of a first type and encrypted using an encryption protocol, and containing a first encryption protocol identification information distributed among the received packets. Further embodiments include extracting the first encryption protocol identification information from the received packets and processing the received packets based on the first encryption identification information. Embodiments include transmitting one or more voice header packets containing a second encryption protocol identification information in a second communication session as well as transmitting packets in the second communication session containing second encrypted speech data encoded according to a vocoder of a second type.

Abstract: A method and apparatus for a satellite system. A satellite system is comprised of a communications system in a satellite and a number of computers associated with the satellite. The communications system is configured to receive first information and transmit second information from the satellite to a remote platform over a number of communications links. The number of computers is configured to identify a block of information for encryption from instructions in the first information. The number of computers is further configured to generate a key from a portion of the block of information based on the instructions. The number of computers is further configured to perform an exclusive OR operation on the block of information using the key to form a block of encrypted information. The number of computers is further configured to transmit the block of encrypted information.

Abstract: A watermark generator for providing a watermark signal in dependence on binary message data includes an information processor configured to provide, in dependence on a single message bit of the binary message data, a 2-dimensional spread information representing the message bit in the form of a set of time-frequency-domain values. The watermark generator also includes a watermark signal provider configured to provide the watermark signal on the basis of the 2-dimensional spread information. A watermark detector, methods and computer programs are also described.

Abstract: Systems and methods for authenticating key rotation communications. Key rotation communications can include a key counter known to both a headend device and a station. Comparison between a local key counter and the key counter included in the key rotation communication can be used to authenticate the key rotation communication.

Abstract: A short-range communication tag includes a transmitter, a clock circuit providing a clock value and a memory containing a unique identification value. The tag further includes a processor which generates encryption keys with a period of K seconds and combines the unique identification value with the encryption key, according to a predetermined encryption method, to generate an obfuscated unique identification value. The tag further includes a short-range transmitter to transmit the tag identification value.

Abstract: Techniques for sending information without interruption during a change in ciphering configuration are described. A user equipment (UE) communicates with a wireless communication network for a call. The UE sends first information to the wireless network using a first ciphering configuration. For a change in ciphering configuration, the UE selects an activation time for a second ciphering configuration and sends a security message with the activation time. This activation time is the time at which the UE applies the second ciphering configuration to transmission sent to the wireless network. The UE thereafter sends second information (e.g., a measurement report message) using the first ciphering configuration after sending the security message and before the activation time. The UE sends third information using the second ciphering configuration after the activation time.

Abstract: A method includes, in a mobile communication terminal, receiving a signal, which carries media content that has been encrypted after being compressed in accordance with a compression protocol having a plurality of predefined configurations. Each configuration specifies a respective compression mode of the compression protocol. The received signal is decrypted, and one or more parameters that define a configuration of the compression protocol that was used for compressing the media content are determined from the decrypted signal. An absence of match is detected when the determined one or more parameters do not match any of the plurality of predetermined configurations of the compression protocol. An error in decrypting the received signal is identified based on detecting the absence of a match.

Abstract: A method and device for processing Single Radio Voice Call Continuity (SRVCC) switching, and a related terminal are disclosed. In a technical solution of the disclosure, two sets of authentication parameters can be stored during the process of SRVCC switching, one set of which is stored into a card and the other set is stored into a temporary data area, and specific access to the authentication parameters is controlled by a switch variable so that a user does not need to consider using which data area. It is determined, after the SRVCC switching succeeds or fails, whether authentication parameters in the temporary data area need to be written into the card. Calculated authentication parameters are directly written into the card after the SRVCC switching is started, so that update of the authentication parameters is more flexible and signalling interaction with a network can be reduced.

Abstract: The present invention is directed toward secure access systems. Specifically, a method, system, and device are described that employ a synchronized pseudo-random number generator to secure communications between endpoints involved in a communication. If synchronization is lost between two devices, the two devices can regain synchronization by switching to use of a different pseudo-random number generator that is used for resynchronization instead of communications.

Abstract: A wireless power supply apparatus generates an electric signal frequency-modulated or otherwise phase-modulated according to a transmission-side code that is determined beforehand with a wireless power reception apparatus. The electric signal thus generated is transmitted via a transmission coil so as to generate an electric power signal including any one of an electric field, a magnetic field, and an electromagnetic field. The wireless power reception apparatus receives the electric power signal using a reception coil. A control unit changes the impedance of a resonance circuit that comprises the reception coil and a resonance capacitor, according to a reception-side code that is to correspond to the transmission-side code.

Abstract: A secure optical communication system and method are disclosed. Short optical pulses are first modulated with data, then dispersed in time so that they spread out over multiple bit periods, then the desired code is applied to the dispersed pulses. The encoding may include frequency shifts or phase shifts or other. The dispersed optical symbols overlap in time so an applied code chip thus acts on multiple symbols simultaneously. There are generally multiple code chips per dispersed symbol. The coding device does not need to be synchronized to the data rate. Multiple wavelength division multiplexed channels may be encoded simultaneously. The signal propagates to a decoder that is synchronized with encoder to apply a complementary code thereby canceling out the effect of the encoder. The encoder and decoder can be realized by varying the wavelength of an optical pump to a parametric amplifier, allowing for a wide-band frequency shift.

Abstract: Systems and methods for wireless communications are provided. These include data deciphering components, interrupt processing components, adaptive aggregations methods, optimized data path processing, buffer pool processing, application processing where data is formatted in a suitable format for a destination process, and Keystream bank processing among other hardware acceleration features. Such systems and methods are provided to simplify logic designs and mitigate processing steps during wireless network data processing.

Abstract: Provided are system, methods, and computer-readable media for systems, methods, and computer-readable media for secure digital communications and networks. The system provides for secure communication between nodes through the use of a subscription between two nodes based on unique identifiers that are unique to each node, and communication between nodes without a subscription may be blocked. Additionally, secure communications between a node and a remote node are dynamically encrypted using asymmetric and symmetric encryption. The encryption algorithms and key lengths may be changed at each subsequent negotiation between a node and a remote node.

Abstract: The present application provides a system and method for a set of Extensible Authentication Protocols (EAPs) based on ECC (Elliptic Curve Cryptography) and SKE (Symmetric Key Encryption) mechanisms (with a suitable permutation) that can serve Confidentiality, Authentication, Authorization and Accounting (CAAA) issues at an affordable cost. According to one embodiment, a method and system of ECC and SKE based EAPs (through a permutation technique) which can avoid replay attacks. The application also provides a light weight security with better performance in comparison to the lower layer chip level security provided by 2G, 3G or 4G Applications and no certificates exchanged during the communication.

Abstract: A method for coupling protected digital data object, for example an application program, and a specified computer, which allows for, if desired, individual components of the computer to be modified. A cryptographic key is generated on the basis of current components of a computer in order to decrypt an encrypted, computer-specific authorization code for executing a protected digital data object on the computer. The computer-specific authorization code is encrypted with a key based on original components of the computer. The key can be determined from the current components of the computer even if they are different from the original components of the computer.

Abstract: Apparatus and method for synchronizing encryption keys among a cluster of security appliances and stand alone lifetime key management, LKM, appliances. The cluster includes security appliances where new encryption keys are generated and assigned to an SNS ID with an SNS CTR (counter). The security appliances inside a cluster have local sequence counters and share their keys. One security appliance is a coordinator with which the LKMs will synchronize. Each LKM also has a SNS ID and local sequence counter from which increasing sequence numbers are generated. In each security appliance in a cluster, the up-to-date stored sets of keys are organized with respect to SNS IDs and SNS CTRs associated with the other cluster members. The object keys are stored in the SNS space and a peer map associates a given peer with a given SNS ID, and version numbers are assigned and incremented when a key is modified.

Abstract: A mobile communication device (1) is connectable to a memory device (MIF) that comprises a plurality of memorysectors (0-F), wherein at least one application is stored in at least one memory sector. the memory sectors are protected against unauthorized access 5 by sector keys (key A, key B, 4). The mobile communication device (1) comprises an applications manager (MAM) being adapted to disable the stored applications (TK1, AC1, AC2, TR2, TR3, CP1, TR4, AC3, TK3) when triggered by an external trigger event.

Abstract: An apparatus, system and method provides an out-of-synchronization detection by using a network layer checksum. A process operating at an upper layer verifies that a checksum embedded in a network layer header is correct before encrypting and transmitting a data packet containing the header and a payload. The data packet is received through a wireless communication channel at a receiver and decrypted. A calculated checksum is calculated on the received payload at the receiver and compared to the received checksum embedded in the header. A key stream used at the receiver for decrypting the received encrypted data packets is determined to be out of synchronization with a key stream used at the transmitter to encrypt the data packets if the calculated checksum is not equal to the network layer checksum.

Abstract: Method and apparatus for encrypting transmission traffic at separate protocol layers L1, L2, and L3 so that separate encryption elements can be assigned to separate types of transmission traffic, which allows the implementation of different levels of encryption according to service requirements. Encryption elements use variable value inputs, called crypto-syncs, along with semi-permanent encryption keys to protect from replay attacks from rogue mobile stations. Since crypto-sync values vary, a method for synchronizing crypto-syncs at the mobile station and base station is also presented.

Abstract: Methods and apparatus for providing personalized content to a user of a wireless network include establishing an anonymous user identifier and delivering the user identifier to a content provider are disclosed. Based on the user identifier, communication with a predetermined data source is established or predetermined data content is selected. In some embodiments, a device identifier is provided in addition to the user identifier and device specific personalized content is delivered to the user. In one example, a device identifier and a user identifier are based on a mobile station serial number and a subscriber identity module (SIM) and are used in an HTTP header. The anonymous user identifier can be based on a SIM serial number, or a hash of the SIM serial number so that user information such as a user phone numbers is not available to content providers.

Abstract: An identification friend or foe (IFF) system and method can covertly identify an object as friend or foe (FoF). An encoded illumination signal can be calculated using a detected ambient signal and an identification (ID) signal and emitted. The encoded illumination signal can be detected by analyzing a detected ambient signal and decoded using a specified key.

Abstract: In a communication system in which two communication entities seek to have a private or confidential communication session, a trust relationship needs first be established. The trust relationship is based on the determination of a shared secret which in turn is generated from contextual information. The contextual information can be derived from the circumstances surrounding the communication session. For example, the contextual information can include topological information, time-based information, and transactional information. The shared secret may be self-generated or received from a third party. In either event, the shared secret may be used as key material for any cryptographic protocol used between the communication entities.

Abstract: A computer computes an SSID and a key from a string. The computer wirelessly accesses a wireless-access-device preconfigured with the SSID and the key.

Abstract: A server device initiates a traffic encapsulation key (TEK) re-key sequence for a group virtual private network (VPN), based on an upcoming expiration time for an existing TEK. The server device sends, via a push message during a first time period immediately after the initiating, a new TEK to members of the group VPN. The server device receives, during a second time period that immediately follows the first time period, a pull request, for the new TEK, from one of the members of the group VPN, and sends, to the one of the members, the new TEK, where the re-key sequence transitions all the members of the group VPN from the existing TEK key to the new TEK key before the expiration time for the existing TEK.

Abstract: Utilizing the AAA infrastructure to dynamically allocate the various parameters needed to establish the security association between the Foreign Agent and the Home Agent. The present invention uses the AAA server as a central entity to dynamically generate and distribute the chosen security association parameters needed to support the Foreign Agent and Home Agent security association based on a request from the Foreign Agent. The AAA server can also dynamically assigns a unique SPI value to the Foreign Agent and Home Agent pairs. The various parameters that can be allocated in the present invention include a FA-HA shared secret key or a public/private key pair, an authentication algorithm and mode, a FA-HA secret key lifetime, and security parameter index or security index values. The present invention also can assist in making sure that the Foreign Agent and the Home Agent stay synchronized with respect to their security association.

Abstract: A network device includes an input circuit and a key mixing circuit. The input circuit is configured to receive i) a message and ii) a plurality of packets from a transmitting device. The message includes i) an address of the transmitting device and ii) a predetermined value for a count. Each of the plurality of packets i) is encapsulated and ii) includes the address of the transmitting device and one of a plurality of values for the count. The message is received prior to receiving the plurality of packets. The key mixing circuit is configured to generate a plurality of seeds based on the message. Each of the plurality of seeds is based on i) a predetermined key, ii) the address of the transmitting device, and iii) the predetermined value for the count. The plurality of seeds is used to decapsulate the plurality of packets.

Abstract: A method and system for out-of-band authentication of messages transmitted, e.g. as packets, on a communication network, whereby a first stream of data is received by a sender control module from a sender; the first stream of data is transmitted over a first channel, e.g. a non-secure data channel, toward a receiver control module; the sender control module generates authentication data of the first stream of data; the authentication data are transmitted from the sender control module to the receiver control module on a second channel, e.g. a secure data channel, distinct from the first channel; and a stream of data received by the receiver control module is checked using the authentication data. Before sending the authentication data, the sender control module transmits a control message including synchronization data to the receiver control module over the second channel.

Abstract: Methods, systems and apparatus are provided for recovering registration information at a home network when the home network determines that it has experienced a loss of the registration information. The home network communicates a triggering message to at least one visited network to initiate registration information recovery, and the visited network responds to the triggering message by communicating registration information for objects that are located at the visited network and that are associated with the home network. These objects may include, for example, subscriber units and/or talk groups that are associated with the home network and have roamed to the visited network.

Abstract: Trust establishment in short range protocol pairing between client and proxy devices includes a first aspect in which application level security is used to encrypt all packets transmitted between the client and proxy. An application-based security derives a public key from the General Bootstrapping Architecture (GBA) and used that public key to generate an encryption key in an AES encryption algorithm. A second aspect provides for out of band security to be used to establish short range protocol pairing. In this second aspect, the client and proxy exchange identification information over a third party network that is out of band to the short range protocol. With this identification information exchanged out of band, the client and proxy may establish pairing in the short range protocol.

Abstract: A mobile communications system is proposed in which a two stage procedure is used for setting up Radio Bearers within a mobile communications device and UTRAN. In the first stage, both the mobile device and UTRAN perform ciphering based on an old Start value. In the second stage, the mobile device and UTRAN perform ciphering based on a new Start value. In this way, data communication using the Radio Bearers can start without waiting for the mobile device to confirm completion of the setup procedure.

Abstract: Embodiments of the present invention provide a method and a device for synchronizing an uplink ciphering parameter in unacknowledged mode. The method for synchronizing an uplink ciphering parameter in unacknowledged mode includes: sending an indication message to a terminal when detecting that an unrecoverable error occurs in an uplink packet or that the uplink packet is invalid, where the indication message is used to instruct the terminal to initialize an uplink ciphering parameter; receiving a response message sent by the terminal; and initializing the uplink ciphering parameter according to an initial value of the ciphering parameter. The embodiments of the present invention solve a service defect, namely, a break of the communication link caused by synchronization of an uplink ciphering parameter between the terminal and the radio network controller in unacknowledged mode, and shorten the time of synchronizing the uplink ciphering parameter without interrupting the service.

Abstract: A successive approximation register switched capacitor analog to digital converter utilizes a high frequency clock for controlling comparator reset switches and a clock distribution block to operate at lower sample rates. The successive approximation cycles are clocked with the high frequency clock so that the reset switches stay within the leakage limit irrespective of the sample rate but the end of conversion signal is delayed to mimic the slower sample rate.

Abstract: A telephone system comprising switching circuitry configured for coupling a call to a telephone extension coupled to the system, voice processing circuitry configured for automatically interacting with the call, a microprocessor, a first data bus connected between the microprocessor and the switching circuitry, and a second data bus connected between the microprocessor and the voice processing circuitry.

Abstract: A dual cryptographic keying system. In particular implementations, a method includes responsive to an initial session key negotiation, storing security association information for a tunnel in a security association memory; responsive to a session key renegotiation, storing security association information for the tunnel in a cache; decrypting received packets associated with the tunnel conditionally using the security association information in the cache or the security association information in the security association memory; and upon an expiration condition, overwriting the security association information, for the tunnel, in the security association memory with the security association information, for the tunnel, copied from the cache.

Abstract: The present invention is directed to security systems and methods for mobile network-based data environments. The present invention provides an integration of security, mobile computing, wireless and IT infrastructure management technology, to create a new level of automation and enforcement to enable the transparent application of mobile security across an enterprise, while embracing end user “transparency” and “ease of use” and empowering IT administration.

Abstract: The present invention provides a system and method for a set of Extensible Authentication Protocols (EAPs) that can serve Confidentiality, Authentication, Authorization and Accounting (CAAA) issues at an affordable cost. According to one embodiment of the invention, a system and method is provided to generate random sequences (through prime numbers) which can be used in the authentication process of certificateless extensible authentication protocols (EAPs) for mobile and wireless communications. The invention also provides a light weight security with better performance in comparison to the lower layer chip level security provided by 2G, 3G or 4G applications.

Abstract: The disclosed technology provides a system and method of synchronizing cryptographic operation between a transmitter and a receiver. A transmitter can communicate encrypted data to a receiver according to a first communications protocol, and communicate a transmitter number and a portion of the encrypted data to the receiver according to a second communications protocol. The receiver can be in communication with a memory space containing locations that are each associated with an encrypted data and that can contain a previous receiver number. The receiver can receive transmitted encrypted data and an associated transmitter number and can search the memory space to find a location wherein the encrypted data associated with the location is entirely, or in part, the same as the transmitted encrypted data. When such a location is found, the receiver can compare the transmitter number with the previous receiver number stored in the location.

Abstract: A software defined radio device and a download server store a plurality of common keys in common key data. The download server arbitrarily determines a common key from the common key data and conveys information identifying the common key to be used to the software defined radio device. An authenticator of the software defined radio device identifies a common key from the common key data using the information identifying the common key, authenticates using the common key, and performs subsequent communications using the common key. When sending software, a hash value is attached for confirming the security. A device ID of the software defined radio device is also attached to data for confirming which software defined radio device receives the software. The software is securely downloaded by a common key encryption having smaller processing requirements than those of a public key encryption.