Abstract: Methods, systems, and devices for wireless communications are described. For example, a transmitting wireless device, such as a user equipment or a base station, may apply a first set of digital pre-distortion (DPD) coefficients to a plurality of antenna elements to form a first transmit beam. The wireless device may determine to switch from using the first transmit beam to using a second transmit beam that is different from the first transmit beam and may apply a second set of DPD coefficients to the plurality of antenna elements to form the second transmit beam, where the second set of DPD coefficients is different from the first set of DPD coefficients. The wireless device may transmit signaling using the second transmit beam based at least in part on applying the second set of DPD coefficients.

Abstract: Embodiments of a device and method are disclosed. In an embodiment, a method of communications involves determining a time-division multiplex (TDM) communications schedule over an asymmetrical point-to-point link and at a communications device, transmitting or receiving data according to the TDM communications schedule over the asymmetrical point-to-point link. The TDM communications schedule specifies multiple non-overlapping transmission time slots for different communications devices and a silent period for echo fade-out between consecutive transmission time slots of the non-overlapping transmission time slots.

Abstract: An OLT (10) is provided with a priority control bypass circuit (16) and an encryption/decryption bypass circuit (17), or an ONU (20) is provided with a priority control bypass circuit (26) and an encryption/decryption bypass circuit (27), and one or both of encryption/decryption processing and priority control processing are bypassed in accordance with a priority control bypass instruction (BP) and an encryption/decryption bypass instruction (BE), which are set in advance. This reduces a processing delay that occurs in the OLT or the ONU.

Abstract: An invention aimed at keeping in a secret and indecipherable form any type of information or data that can be stored, transmitted, displayed or expressed by any means or format, regardless of what its content or purpose may be and to keep the original information inaccessible to unauthorized persons, by means of a cryptographic technique, procedure or process of encryption widely applicable, either physically (hardware), logically (software) or mixed (Firmware) and other forms that may be created in the future.

Abstract: The present disclosure relates to a sensor network, machine type communication (MTC), machine-to-machine (M2M) communication, and technology for internet of things (IoT). The present disclosure may be applied to intelligent services based on the above technologies, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. A method for transmitting power transmitting unit (PTU) presence information is provided. The method includes receiving an advertisement message from a power receiving unit (PRU); determining whether a current state is a state that power is supplied to a resonator; and outputting PTU presence information indicating that a PTU exists, or transmitting the PTU presence information to a management server, if the current state is the state that the power is not supplied to the resonator.

Abstract: The disclosed computer-implemented method for detecting credential theft may include (i) monitoring a secured computing system's credential store that may include at least one sensitive credential that may be used to facilitate authentication of a user that is attempting to access the secured computing system, (ii) gathering, while monitoring the credential store, primary evidence of an attempted theft of the sensitive credential from the credential store, (iii) gathering corroborating evidence of the attempted theft of the sensitive credential, and (iv) performing a security action in response to gathering the primary evidence and the corroborating evidence of the attempted theft. The primary evidence of the attempted theft of the sensitive credential may include evidence of any suspicious access of the sensitive credential from the credential store that occurs outside of a procedure of authenticating the user. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A reservation request is received for a data transport session. The reservation request contains a requested class of communication service through the asynchronous network. The state of the network along the route is then preferably determined and at least one end-to-end route through the network is obtained. The route is based on the requested class of communication service and the state of the network. The data transport session is then controlled, such that data is forced to travel along at least one route through the asynchronous network. This is preferably done by controlling multiple data controllers dispersed along the at least one route by mapping specific data protocols to specific routes, or mapping specific data protocols to specific ports in each data controller. If a state of the asynchronous network indicates that the route cannot transport data in conformity to the class of communication service, then the route is changed to a backup route through the network.

Abstract: A method for exchanging content among communication entities over a communication network includes: checking for a trigger command along with the saved content in a memory of a first entity (510), identifying at least one second entity with which the content has to be exchanged (520), enabling a handshake message from the first entity, upon identifying the trigger command, to the second entity ensuring about the appropriate decoding block (530), converting the saved content of the first entity into symbols until a termination character is encountered (540), wherein the converted symbols are sent as deliberately terminated call(s) through a set of permissible unique identifier(s) to the second entity and translating one or more intervals of the duration of the call of the deliberately terminated calls (one Subscriber Identity Module (SIM)) or the unique numbers (more than one SIM) into unique symbols at the second entity to form a message (550).

Abstract: An electronic wager based gaming system includes primary communication devices, a game administration server component, and a player account server component, all adapted to communicate with separate third party computing (i.e., player) devices, such as smart phones. The game administration component administers wager based game play on player devices and communicates game inputs and results therewith via primary communication devices. The player account component facilitates new player account creation by providing unique verification information to the player device (such as via display to the player) and facilitating the reception of player specific financial information from the player via a separate secondary communication device. This secondary device can involve a voice call with a human operator for the system, where the operator enters the new player information, which is then sent back to the player device via the primary communication device and confirmed by the player over the voice call.

Abstract: A method and system for authenticating a user includes providing an invocation element capable of being activated by a single user action, receiving an indication that the invocation element has been activated, obtaining a location of a wireless device associated with the user, determining whether the wireless device is associated with an authorized user, approving the user to use the application based on a predetermined location criterion, and producing an indication that the user has been authenticated.

Abstract: In a network having an encryptor device having an encryption module, a plaintext interface and a ciphertext interface, wherein the encryption module encrypts data transferred from the plaintext interface to a black network through the ciphertext interface and decrypts data transferred from the ciphertext interface to a plaintext network through the plaintext interface, wherein the plaintext interface can be connected through the plaintext link to a plaintext network and wherein the ciphertext interface can be connected through a ciphertext link to a black network, a system and method for reflecting a link failure. A link failure is detected at the ciphertext interface and the link failure is reflected to the plaintext interface.

Abstract: Technologies for handling a call based on user identification include determining a personal profile identification for a user of a communal mobile communication device and initiating a call to a personal communication device using a phone number of the personal communication device and the personal profile identification. The personal communication device may apply a call treatment to the incoming call based on the personal profile identification. Additionally, the personal communication device may originate a call to a call recipient of the communal mobile communication device using a personal profile identification to identify the call recipient. The communal mobile communication device may apply a call treatment to the incoming call based on the personal profile identification.

Abstract: A cloud computing service to securely process queries on a database. A security device and method of operation are also disclosed. The security device may be provisioned with a private key of a subscriber to the cloud service and may have processing hardware that uses that key, sequestering the key and encryption processing in hardware that others, including operating personnel of the cloud service, cannot readily access. Processing within the security device may decrypt queries received from the subscriber and may encrypt responses for communication over a public network. The device may perform functions on clear text, thereby limiting the amount of clear text data processed on the cloud platform, while limiting bandwidth consumed in communicating with the subscriber. Such processing may include formatting data, including arguments in a query, in a security protocol used by the cloud platform.

Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data that may be communicated using multiple communications paths.

Abstract: Methods and systems of concealing access patterns to data storage, such as within servers of a cloud computing environment are presented. Server data storage is securely partitioned into smaller electronic data storage partitions of predetermined size. The client side maintains a shuffling buffer and position map for these blocks as stored on the electronic data storage partitions of the server. Concealment is performed with respect to accesses from the client to server using an oblivious sorting protocol. Access operation is concealed with each block being randomly assigned to any of the data storage partitions, and whenever a block is accessed, the block is logically removed from its current partition and logically assigned to a fresh random partition selected from all partitions, while the client maintains tracking of which partition each block is associated with at any point of time.

Abstract: Systems and methods are disclosed for securing VoIP communication. A VoIP device sends a multiple pipe scrambling request, wherein the multiple pipe scrambling request includes (1) a numeric value indicating the number pipes, (2) an IP address for each pipe, and (3) a port number for each pipe. The VoIP device receives confirmation that the scrambling request was received and sends data packets randomly to one or more available pipes on a receiving VoIP device.

Abstract: Secure communication of information over a wireless link with apparatus including a blade management module and a plurality of blade servers, the blade servers connected for data communications with the blade management module through at least one wired link, the blade servers also connected for data communications with the blade management module through at least one wireless link, including sharing an encryption key between the blade management module and one or more of the blade servers only through the at least one wired link connecting the blade management module to the one or more blade servers; encrypting information by the blade management module with the encryption key; transmitting the encrypted information by the blade management module to the one or more blade servers through the at least one wireless link; and decrypting the encrypted information by the blade server with the encryption key.

Abstract: A method includes controlling security in a communication system that involves a node capable of routing traffic according to one or more security algorithms with respective security levels. The node is adapted to estimate at least one safety degree relating to the node, to select at least one security algorithm of the one or more security algorithms, depending on the estimated safety degree; and to activate the at least one security algorithm.

Abstract: Disclosed is a method of rekeying radios for link layer encryption (LLE) in a radio network using a bifurcated crypto period. During a first portion of a first LLE crypto period during which a first LLE key (LEK) is used to LLE encrypt communications between a base station and mobile stations operating within a corresponding coverage area of the base station, a radio network communications device prevents individual ones of the mobile stations from requesting a second LEK to be used during a second LLE crypto period after the first LLE crypto period. During a second portion of the first LLE crypto period, the radio network communications device allows individual ones of the mobile stations to request the second LEK. A mobile station configured to operate in accordance with the bifurcated crypto period, and provide information regarding keys in its possession via an authentication response ISP, is also disclosed.

Abstract: In a MBMS system, a base station generates a data control task and a first header control task and second header control task corresponding to each terminal device for a MBMS function module. Each header control task synchronizes a compression state with an associated terminal device and transmits only header information to the terminal device, and the data control task distributes content information to the terminal device separately from header information.

Abstract: Multiple encryption in a multi-band multi-protocol hybrid wired/wireless network may include receiving on a first PHY channel of an access point, a request for initiation of a communication session from an originating access device. The received request may be acknowledged on the first PHY channel and the originating access device may be authenticated on a second PHY channel. One or more encryption/decryption keys may be provided for use during the communication session. A third PHY channel or the first or second PHY channels may host the communication session. The authentication information may be requested and delivered to the originating access device via a second PHY channel. The encryption key may be delivered to the originating access device via the first PHY channel or the second PHY channel. Additionally, information may be tunneled over a virtual channel established between the originating and a terminating access device.

Abstract: A wireless power supply apparatus generates an electric signal frequency-modulated or otherwise phase-modulated according to a transmission-side code that is determined beforehand with a wireless power reception apparatus. The electric signal thus generated is transmitted via a transmission coil so as to generate an electric power signal including any one of an electric field, a magnetic field, and an electromagnetic field. The wireless power reception apparatus receives the electric power signal using a reception coil. A control unit changes the impedance of a resonance circuit that comprises the reception coil and a resonance capacitor, according to a reception-side code that is to correspond to the transmission-side code.

Abstract: A computer-implemented method for providing access to data accounts within user profiles via cloud-based storage services may include (1) identifying a user profile associated with a user of a cloud-based storage service, (2) identifying a plurality of data accounts within the user profile associated with the user of the cloud-based storage service, (3) detecting a request from a client-based application associated with the user of the cloud-based storage service to access at least a portion of data stored in a data account within the user profile, (4) locating a unique account name that identifies the data account in the request, and then (5) satisfying the request from the client-based application associated with the user to access the portion of data stored in the data account via the cloud-based storage service. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Mechanisms for evaluating downgrader code in application code with regard to a target deployment environment. Downgrader code in the application code is identified. Based on an input string, an output string that the downgrader code outputs in response to receiving the input string is identified. One or more sets of illegal string patterns are retrieved. Each of the one or more sets of illegal string patterns is associated with a corresponding deployment environment. The illegal string patterns are string patterns that a downgrader identifies in the information flow for security purposes. A determination is made as to whether the downgrader code is compatible with the target deployment environment based on the one or more sets of illegal string patterns and the output string. An output indicative of the results of the determining is generated.

Abstract: A method is described for negotiating the use of multi-link ciphering and for the generation of unique keys for each of the links using a single 4-way handshake protocol exchange.

Abstract: Provided is a radio communication base station device which can prevent damage of ARQ control in an ARQ in which a response signal (ACK/NACK) channel is shared by a plurality of mobile stations. In the device, a repetition unit (106) repeats a response signal inputted from a modulation unit (105) so as to obtain a plurality of identical response signals and outputs the plurality of response signals to a scrambling unit (107). The scrambling unit (107) scrambles the identical response signals by using a scrambling code corresponding to a mobile station ID number inputted from an allocation information generation unit (101) (that is, a scrambling code unique to each of mobile stations) and outputs the scrambled response signals to an S/P unit (108).

Abstract: The invention provides a method for performing an authentication (and a system for performing the method), in conjunction with a transaction, utilizing a primary channel and a secondary channel. The method may include an authenticating entity, such as a bank, (1) receiving from a customer primary authentication information via a primary channel; (2) the authenticating entity processing the primary authentication information, and retrieving customer information based on the primary authentication information; (3) the authenticating entity transmitting secondary authentication information to the customer via a secondary channel, the secondary channel being different than the primary channel; (4) the authenticating entity receiving from the customer at least a portion of the secondary authentication information; and (5) the authenticating entity performing authentication processing on the secondary authentication information received from the customer.

Abstract: A handheld device includes: a transmitter or receiver of a signal beam for quantum key distribution; and a source of alignment beams that diverge from each other in a pattern that matches sensors on a station containing a receiver or transmitter for the quantum key distribution. The alignment beams from the handheld device are of sufficient intensity to produce on the station visible spots that facilitate manual alignment of the handheld device. The station can measure a position and a direction of respective alignment beams and dynamically steer the signal beam according to the measurements.

Abstract: Tampering monitoring system can detect whether protection control module is tampered with even if some of detection modules are tampered with. Tampering monitoring system includes protection control module detection modules, and management device. Protection control module includes: generation unit generating d pieces of distribution data from computer program, n and d being positive integers, d smaller than n; selection unit selecting d detection modules; and distribution unit distributing d pieces of distribution data to d detection modules. Each detection module judges whether received piece of distribution data is authentic to detect whether protection control module is tampered with, and transmits judgment result indicating whether protection control module is tampered with. Management device receives judgment results from d detection modules and manages protection control module with regard to tampering by using received judgment results.

Abstract: A secure, open-air communication system utilizes a plurality of “decoy” data signals to hide one or more true data signals. The true data signal(s) are channel hopped with the plurality of decoy data signals to form a multi-channel “scrambled” output signal that is thereafter transmitted in an open-air communication system. The greater the number of decoy signals, the greater the security provided to the open-air system. Further security may be provided by encrypting both the true and decoy signals prior to scrambling and/or by utilizing a spatially diverse set of transmitters and receivers. Without the knowledge of the channel assignment(s) for the true signal(s), an eavesdropper may be able to intercept (and, with time, perhaps descramble) the open-air transmitted signals, will not be able to distinguish the true data from the decoys without also knowing the channel assignment(s).

Abstract: A method for securely transmitting data from a sender computer system to a receiver computer system comprises receiving cleartext message by a first intelligent agent environment; splitting said message into a plurality of message fragments; creating an intelligent agent for each message fragment; generating a key for each message fragment; encrypting each said message fragment to produce a respective encrypted message fragment; and transmitting each intelligent agent with said respective encrypted message fragment as a data payload. The method may further comprise receiving each intelligent agent with its respective encrypted message fragment as a data payload by a second intelligent agent environment at the receiver computer system; locating each of a set of agents; decrypting each encrypted respective message fragment to produce a respective cleartext message fragment; and collaborating by the set of agents to recombine cleartext message fragments to form a cleartext message.

Abstract: A method for efficiently deriving a traffic encryption key for data encryption is disclosed. A method of generating a traffic encryption key (TEK) comprises the steps of receiving, by a mobile station from base station, a first nonce and first security materials for deriving the traffic encryption key (TEK) and deriving the traffic encryption key (TEK) using one or more of the first nonce, the authentication key (AK), and the first security materials.

Abstract: A method and system distributes N shares of a secret among cooperating entities by forming a mathematical construct that has an embedded internal structure to allow authentication of a reconstructed secret. The mathematical construct can be a splitting polynomial constructed using the secret, a key and a message authentication code (MAC) as coefficients. The splitting polynomial is evaluated at N random evaluation points to obtain N result values. N shares of the secret are generated and distributed among the cooperating entities for storage. A reconstructed secret can be authenticated by computing the MAC of the reconstructed secret and verifying a relationship among the coefficients of a reconstructed splitting polynomial using the MAC. If the coefficients do not satisfy the relationship, one or more additional shares of the secret can be used to reconstruct the splitting polynomial and the secret.

Abstract: Modifications to authentication and authorization messages are used to allow an authentication server to query both an access network and a terminal device connecting over the access network to determine whether both nodes support the terminal device forming a plurality of packet data network connections that can support tunnels. This allows a non-3GPP access network to offer terminal devices the ability to connect to a 3GPP core network with multiple connections.

Abstract: Methods, devices, and computer program products for transmitting and receiving discovery and paging messages in a wireless communication device are described herein. In one aspect, a wireless apparatus operable in a wireless communication system includes a processor configured to encrypt at least a portion of a discovery packet using one or more credentials of an application that, when executed, provides one or more services, the discovery packet including information for advertising at least one service provided by the application to one or more receiving devices. The wireless apparatus further includes a transmitter configured to transmit the discovery packet for being received by the one or more receiving devices.

Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing data in and communicating data with cloud computing resources. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security.

Abstract: Configuration data for a programmable integrated circuit device is at least partially encrypted according to at least one encryption scheme. A plurality of key stores store a plurality of decryption keys for the at least one encryption scheme. Control circuitry identifies a required key from the at least partially encrypted configuration data and generates a key selection signal. Key selection circuitry responsive to the key selection signal reads the plurality of key stores and provides the required key to the control circuitry. The control circuitry may include decryption circuitry that decrypts the at least partially encrypted configuration data using the required key. In some embodiments, different portions of the configuration data, which may represent separate partial reconfigurations of the device, require different decryption keys. Keys may be generated from combinations of the contents of the key stores.

Abstract: A system and method provides secure channels for communication in a virtual universe by employing a packet interception layer for incoming and outgoing data packets. A data path is defined and is sequentially encrypted with the public keys of servers in the path. Decryption and identification of the next server occurs in a sequential manner in which the path is known only to the sender.

Abstract: The invention relates to a device for processing datastreams in a communications unit with two mutually-separate data-processing regions, which provide at least two separate message paths. The message paths are connected respectively to a message transmitter and a message receiver, wherein, in each message path, an encoding module is provided, which is connected both to a first data-processing region and also to a second data-processing region. Furthermore, in the second data-processing region, a distribution unit is provided, which is connected to the message paths of the first data-processing region and to all encoding modules of the corresponding message paths in order to distribute given messages in a targeted manner.

Abstract: Users of mobile terminals in a communication network are provided controlled access to files in a file system through the steps of configuring the files as a file body containing a file content and a file header containing content profile information; providing a security identity module and a secure agent; storing in the security identity module user profile information identifying a set of content profiles allowed for access to the file system; extracting, via the secure agent, the content profile information from the headers of the files; retrieving, via the secure agent, the user profile information stored in the security identity module; checking the user profile information and the content profile information; and providing the user with access to those files in the file system for which the user profile information and the content profile information are found to match.

Abstract: A communication system 10 includes a head end 12. The head end communicates with a system gateway 26. A plurality of user devices 28 is coupled to the gateway 26 that includes a memory device 94 for storing content therein. The gateway 26 receives the plurality of first encrypted signals and stores the signals in the memory device 94. The storing in the memory device 94 may be performed after further encryption. One of the user devices 28 generates a request for content and communicates the request to the gateway 26. The gateway 26 communicates content corresponding to the request to the user device 28.

Abstract: Disclosed is a method of rekeying radios for link layer encryption (LLE) in a radio network using a bifurcated crypto period. During a first portion of a first LLE crypto period during which a first LLE key (LEK) is used to LLE encrypt communications between a base station and mobile stations operating within a corresponding coverage area of the base station, a radio network communications device prevents individual ones of the mobile stations from requesting a second LEK to be used during a second LLE crypto period after the first LLE crypto period. During a second portion of the first LLE crypto period, the radio network communications device allows individual ones of the mobile stations to request the second LEK. A mobile station configured to operate in accordance with the bifurcated crypto period, and provide information regarding keys in its possession via an authentication response ISP, is also disclosed.

Abstract: A system and method for efficiently enabling local security connectivity between electronic devices over multiple bearers. Electronic devices are configured to advertise, over each bearer, their respective configuration parameters for each bearer. After a connection has been established between the electronic devices over a first bearer, the two electronic devices use the first bearer to establish connections over the other bearers using the configuration parameters contained in the advertisements and advertised over the first bearer. Shared keys are established for the other bearers either using keys derived from the first shared key or by using the first secure connection as an out-of-band channel. The present invention also provides for the creation of an ad hoc WLAN connection once a Bluetooth connection has been established.

Abstract: A base station generates a unicast channel, a MBMS channel, and a pilot channel, that are multiplied by a scrambling code specific to a particular cell. The pilot channel is replicated as necessary. The unicast channel and the MBMS channel are time-multiplexed. For data in a unit transmission frame, a same frequency component is multiplied by a same scrambling code.

Abstract: A network is configured to transmit data using only one color, the one color being associated with a community of interest. At least one network device is attached to the network, the at least one network device being associated with the community of interest and configured to receive data from the network using only the one color.

Abstract: An approach is provided for minimizing co-channel interference in a communication system is disclosed. A header of a first frame is scrambled based on a first unique word. A header of a second frame is scrambled based on a second unique word. The first frame including the corresponding scrambled header and the second frame including the corresponding scrambled header are transmitted, respectively, over adjacent co-channels of the communication system. Each of the frames further includes a payload and a pilot block. The payload and the pilot block of the first frame are scrambled based on a first scrambling sequence. The payload and the pilot block of the second frame are scrambled based on a second scrambling sequence. The above arrangement is particularly suited to a digital satellite broadcast and interactive system.

Abstract: A system and method for securing wireless communications are provided. A method for secure communications by a first user includes estimating a channel between the first user and a second user, thereby producing an first phase estimate of the channel, generating a first block of secret bits based on the first phase estimate of the channel, and transmitting public information regarding the first block of secret bits to the second user. The second user makes use of the public information to generate a second block of secret bits.

Abstract: A secure, open-air communication system utilizes a plurality of “decoy” data signals to hide one or more true data signals. The true data signal(s) are channel hopped with the plurality of decoy data signals to form a multi-channel “scrambled” output signal that is thereafter transmitted in an open-air communication system. The greater the number of decoy signals, the greater the security provided to the open-air system. Further security may be provided by encrypting both the true and decoy signals prior to scrambling and/or by utilizing a spatially diverse set of transmitters and receivers. Without the knowledge of the channel assignment(s) for the true signal(s), an eavesdropper may be able to intercept (and, with time, perhaps descramble) the open-air transmitted signals, will not be able to distinguish the true data from the decoys without also knowing the channel assignment(s).

Abstract: A dual-mode wireless sensor network system including a local wireless sensor, a local event processing device, and a remote event processing device is provided. The local wireless sensor detects and announces an abnormal event. The local event processing device and the remote event processing device receive the abnormal event announcement. When the local wireless sensor detects the abnormal event, the local wireless sensor encrypts an abnormal event message related to the abnormal event with a regular mode key and transmits the encrypted abnormal event message to the local event processing device. When the local wireless sensor does not receive a response message from the local event processing device, the local wireless sensor encrypts the abnormal event message with a special mode key and transmits the encrypted abnormal event message to the remote event processing device. Thereby, the abnormal event can be successfully announced even with highly protected privacy.

Abstract: An encryption chip is programmable to process a variety of secret key and public key encryption algorithms. The chip includes a pipeline of processing elements, each of which can process a round within a secret key algorithm. Data is transferred between the processing elements through dual port memories. A central processing unit allows for processing of very wide data words from global memory in single cycle operations. An adder circuit is simplified by using plural relatively small adder circuits with sums and carries looped back in plural cycles. Multiplier circuitry can be shared between the processing elements and the central processor by adapting the smaller processing element multipliers for concatenation as a very wide central processor multiplier.