Abstract: An information handling system of a Radio Access Network (RAN) system operating a secure network slice orchestration system may comprise a network interface device of the RAN system transceiving data within a 5G New Radio (NR) frequency band with an endpoint computing device, the network interface device receiving an instruction from a client solutions management (CSM) platform to assign a network slice within the 5G NR frequency band, based on a security profile associating the endpoint computing device with a security tier, to a network slice as established by a software defined network (SDN) controller within a sub-portion of the 5G NR frequency band, the secure network slice orchestration system determining the endpoint computing device is associated with the network slice within a communications profile received from the CSM platform, and the SDN controller establishing a virtual access point transceiving data within the network slice with the endpoint computing device.

Abstract: A system includes a source code repository which stores source code entries, which include instructions in a programming language for performing computing tasks. A style repository stores a style profile. Each style profile includes predefined style features associated with formatting characteristics of the stored source code entries. A source code analyzer receives a source code which includes instructions in the programming language for performing a computing task. Style features of the source code are determined. The style features include characteristics of a format of the source code. The source code analyzer determines whether the style features correspond to predefined style features indicated by a style profile. If this is the case, the source code is stored in the source code repository. If this is not the case, storage of the source code is prevented.

Abstract: Systems and methods are provided herein for providing user-based resource allocation using OFDMA functionality. This may be accomplished by a WAP receiving a request for access to a network from a first device, wherein the first device is configured to communicate with the WAP using OFDMA. The request for access comprises an identifier and role associated with the first device. The WAP then determine if a second device associated with the same identifier as the first device is being allocated one or more RUs for communicating with the network. If there is a second device associated with the identifier being allocated RUs for communicating with the network, the WAP determines a number of one or more RUs to provide to the first device based on the role associated with the first device and one or more conditions stored in a database.

Abstract: Embodiments implement multifactor authentication without a user footprint. An application programming interface call from a client application can be received that includes a messaging identifier. A transaction identifier can be transmitted to the client application and stored. Using a shared secret, a temporary password can be generated, where the shared secret can be associated with the transaction identifier and can be stored. The temporary password can be transmitted to the messaging identifier. A second application programming interface call can be received that includes a reference transaction identifier and input, where a user provides the input to the client application. The user can be authenticated when the reference transaction identifier matches a transaction identifier stored and the input matches an expected password that is based on a stored shared secret associated with the matching stored transaction identifier.

Abstract: In order to achieve the above-described object, a disclosure of this specification provides a method for performing, by a UE, a PDU session establishment request, in case information on a LADN area is changed. The method may include the steps of performing a first PDU session establishment request for a first LADN area, in case the first PDU session establishment request is transmitted from outside of the first LADN area, receiving a Reject message rejecting the first PDU session establishment request from a network system, in case the Reject message is received, transmitting a registration update request for updating a LADN area to the network system, receiving information on an updated second LADN area (LADN Service Area 2) as a response to the registration update request, and performing a second PDU session establishment request for the second LADN area.

Abstract: The present disclosure pertains to provisioning of credentials, and in particular to provisioning of authentication credentials to a computer device for accessing a cloud platform computer system. The computer device obtains sensor data and sends a request including a device identifier to a provisioning server using a provisioning server network address. The computer device receives a response, from the provisioning server, including a platform credential and a platform server network address of a platform server. The computer device stores the platform credential. The computer device sends the sensor data and the platform credential to the platform server using the platform server network address.

Abstract: A method and system for real-time qualification of rental customers allows a rental company to quickly qualify a customer making an online reservation of a rental vehicle, such as a car share rental, without requiring the customer to be a member or have a membership or to be pre-qualified. The system includes: a database operative to store account information associated with a customer for a rental transaction; an input component operative to receive from the customer an uploaded image of the customer's driver's license and an uploaded second image of the customer; and a processor operative with the database to use the uploaded driver's license image, the uploaded second image and information associated with the uploaded second image to qualify the customer for a rental transaction.

Abstract: The present disclosure relates to systems, non-transitory computer-readable media, and methods for dynamically providing a activity dashboard for display within a graphical user interface. In particular, the disclosed systems can intelligently display, within the activity dashboard, insights of digital activity within an application of a child account. For example, the disclosed systems can monitor digital activity associated with recent contacts and groups, contact updates, and digital media items exchanged in messaging chat threads. In turn, the disclosed system can selectively surface one or more portions (and/or indications) of the monitored digital activity in the activity dashboard along with corresponding actionable options available for user selection.

Abstract: An electronic device include: a display, an input unit, at least one processor, and a memory. The input unit includes at least one biometrics sensor and the memory includes instructions. The processor is configured to perform user authentication based on biometric sensing information obtained through the at least one biometrics sensor in response to an input to the input unit. In response to successfully performing the user authentication, the processor is configured to identify whether a duration of the input exceeds a first threshold time. The processor is configured to perform a first function when the duration is less than or equal to the first threshold time. The processor is also configured to perform a second function when the duration exceeds the first threshold time.

Abstract: A method includes receiving, at an access point, an access request from a first device after an expiration of a first passcode. The access request is encrypted based on the first passcode. The method includes making a determination by the access point before an expiration of a usage time of a first passcode usage list that an identifier of the first device is included in the first passcode usage list. The method also includes, in response to making the determination, generating, at the access point, data representing a second passcode by encrypting the second passcode using the first passcode; and sending the data representing the second passcode from the access point to the first device.

Abstract: A gaming system is provided. The gaming system allows users to access applications via gaming communication devices coupled to a communication network. At least a portion of the network may be wireless. The gaming applications include gambling, financial, entertainment service, and other types of transactions. The system may include a user location determination feature to prevent users from conducting transactions from unauthorized areas.

Abstract: An indoor geolocation system for determining a location in three-dimensional space includes a plurality of base stations and a mobile device movable about an indoor environment in three dimensions. The mobile device detects electromagnetic signals in the indoor environment emitted by devices other than the base stations, and generates a signal profile based on the signals. The mobile device transmits the signal profile to one or more of the base stations, which forward the signal profile to a remote server. The system determines a location of the in three-dimensional space of the mobile device by comparing the signal profile to data regarding signal profiles at a plurality of locations in the indoor environment. The data regarding signal profiles in the indoor environment may have been captured by a detection device other than the mobile device at a time prior to the detection of the electromagnetic signals by the mobile device.

Abstract: A card registry system is configured to automatically identify financial card information in one or more credit files associated with a consumer and populate a card registry account of the consumer with the identified financial card information. Once the financial card information has been obtained from the credit file(s), the card registry system may transmit cancellation and/or reissuance requests to the respective card issuers in the instance that one or more cards are compromised, so that the financial cards may be easily and efficiently cancelled and/or reissued at the request of the consumer.

Abstract: According to one aspect of the present invention for accomplishing the aforementioned purpose, a mobile authentication method performed by a portable user device comprises the steps of extracting a telephone number of the portable user device, transmitting member information including the telephone number to an authentication server, receiving a user authentication number using the member information from the authentication server, extracting unique user identifiers (UUID) of an application (app) installed in the portable user device, and transmitting the extracted UUID of the app and the received user authentication number to a service server.

Abstract: A method of detecting and disabling offending devices includes monitoring for a radio frequency signal. When an offending device initializes and registers with a cell tower, it emits the radio frequency signal. After the radio frequency signal is detected, a message including an identification of the radio frequency signal is transmitted to a receiver of a base station. Responsive to receiving the message, the base station sends a secure transaction that includes an indication of the radio frequency signal to a processor of a cellular carrier system. Responsive to receiving the secure transaction, the processor of the cellular carrier system correlates a time and the radio frequency signal with an account associated with the registration of the offending device, disconnects from the offending device, and disables an account associated with the offending device.

Abstract: A voice alarm notification device of a fire alarm system, comprising: a network port for receiving an alarm notification signal; an audio file library in which the audio files include audio voice message files; a speaker; a processor unit connected to the network port for processing an alarm notification signal and for selecting one of the audio files from the library to be played through the speaker; and a Bluetooth module for establishing a Bluetooth communication link to the voice alarm notification device, via which link an audio voice file can be received. The device is arranged to add the audio voice file received via the Bluetooth communication link to the library so as to be available for selection by the processor unit when it receives an alarm notification signal.

Abstract: A radio terminal (UE 100) used for a mobile communication system receives, from a base station (eNB 200), an identifier allocated to the radio terminal by the base station before the radio terminal shifts from a connected state to a standby state, holds the identifier while the radio terminal is in the standby state, scrambles a bit sequence using the held identifier and transmits the scrambled bit sequence to the base station.

Abstract: A Wi-Fi access point device (APD) includes a controller, a radio, and a memory. The memory contains instructions for establishing a programmed secure Wi-Fi onboarding SSID with the client device with connection to the external network. The controller is configured to instruct the radio to broadcast the open Wi-Fi onboarding SSID for a predetermined period of time. The controller is also configured to: instruct the radio to broadcast an established programmed secure Wi-Fi onboarding SSID; onboard the Wi-Fi APD to the external network, based on information communicated between the Wi-Fi client device and the Wi-Fi APD over the established programmed secure Wi-Fi onboarding SSID; and instruct the radio to stop the broadcast of the open Wi-Fi onboarding SSID at the earlier of a termination of the predetermined time period and the onboarding of the Wi-Fi APD to the external network.

Abstract: A method includes receiving, by an embedded universal integrated circuit card (eUICC), first information from a local profile assistant (LPA), where the first information includes a first certificate issuer (CI) public key identifier, and the first CI public key identifier is a CI public key identifier that the eUICC does not have. The method further includes sending, by the eUICC, second information to an OPS, where the second information includes the first CI public key identifier. The method further includes receiving, by the eUICC, a patch package from the OPS, where the patch package includes at least a first CI public key corresponding to the first CI public key identifier. The method further includes updating, by the eUICC, a CI public key of the eUICC by using the first CI public key.

Abstract: An example method of operation may include one or more of identifying an outbound call placed by a mobile device subscribed to a protected carrier network, determining the outbound call is destined for a destination telephone number that was stored in a call history of the mobile device, determining the destination telephone number is a scam call suspect telephone number based on one or more identified call filter parameters associated with the destination telephone number, and forwarding a scam call notification to the mobile device while the outbound call is dialing the destination telephone number.

Abstract: A UE communicates with a network gateway to access a provisioning device via a provisioning network. The provisioning device uses identification data of the UE to authenticate the UE for a primary network, and provides primary network configuration data to the UE. Using the primary network configuration data, the UE communicates with the network gateway to access the primary network. The primary network configuration data can include data to enable the UE to establish communications with one or more private networks accessible via the primary network.

Abstract: Disclose herein are embodiments related to a system made up of a lighting fixture and a radio frequency detection device. The lighting fixture having a secure housing and at least one power connection, and the radio frequency detection device being designed to operatively connect to the at least one power connection device within the lighting fixture.

Abstract: According to one embodiment, a method for establishing a connection of a mobile terminal to a mobile radio communication network is described comprising a first common control plane function of a mobile radio communication network receiving a connection request from a mobile terminal; the first common control plane function authenticating the mobile terminal including generating an authentication context of the mobile terminal; the first common control plane function forwarding the connection request and transmitting the authentication context of the mobile terminal to a second common control plane function of the mobile radio communication network and the second common control plane function connecting the mobile terminal to the mobile radio communication network.

Abstract: This disclosure describes, in part, techniques and systems for enabling new devices introduced into respective environments (“provisionee devices”) to be provisioned by existing devices in the respective environments (“provisioner devices”) in a manner in which the provisioning requests sent by the provisioner devices are allocated over time and, thus, do not overwhelm the provisioning system(s) at any given time.

Abstract: Unauthorized tracking devices, including those that change their identification information periodically, are detected to protect an individual's privacy. A mobile device of a user detects a first advertisement signal from an unknown wireless device, the first advertisement signal containing information representative of the unknown device. Multiple advertisement signals may be received as the mobile device moves a distance greater than a broadcast range away from the location where the first signal was detected. Responsive to detecting a second advertisement signal containing the same identity information after the mobile device has moved at least the distance greater than the broadcast range away from the location where the first signal was detected, the system generates an interface on the mobile device. The generated interface indicates to a user of the mobile device the presence of an unknown device.

Abstract: Embodiments of a system and method for controlling a device charging on a wireless charger are generally described herein. A method may include disabling, in response to determining that the device is currently charging on the wireless charger, haptic feedback at the device, determining whether the device is in a night mode or a day mode, in response to determining that the device is in the night mode and currently charging on the wireless charger, disabling notifications of the device, and enabling, in response to determining that the device is in the day mode, the haptic feedback and the notifications when the device has been removed from the wireless charger.

Abstract: Embodiments are described for a pattern-based control system that learns and applies device usage patterns for identifying and disabling devices exhibiting abnormal usage patterns. The system can learn a user's normal usage pattern or can learn abnormal usage patterns, such as a typical usage pattern for a stolen device. This learning can include human or algorithmic identification of particular sets of usage conditions (e.g., locations, changes in settings, personal data access events, application events, IMU data, etc.) or training a machine learning model to identify usage condition combinations or sequences. Constraints (e.g., particular times or locations) can specify circumstances where abnormal pattern matching is enabled or disabled. Upon identifying an abnormal usage pattern, the system can disable the device, e.g., by permanently destroying a physical component, semi-permanently disabling a component, or through a software lock or data encryption.

Abstract: This application provides a communication method and a communications device. The method includes: A first device receives a first message sent by a second device. The first message is used to indicate a bearer configuration of a bearer of the first device and an initial status of the bearer configuration, and the bearer configuration includes a first bearer configuration and/or a second bearer configuration. The first device determines the bearer configuration and the initial status of the bearer configuration based on the first message. According to the technical solutions in embodiments of this application, a bearer configuration of a terminal device and an initial status of the bearer configuration of the terminal can be indicated.

Abstract: A device control method includes monitoring location of a first user device of a first user and receiving an indication of a location of a second user device. The method further includes monitoring use of the second user device and determining a first time of use on the second user device. The first time of use on the second user device is allocated to a use time of a second user based on the location of the first user device relative to the location of the second user device, and a functional component of a third user device of the second user is disabled based at least on the use time of the second user.

Abstract: Techniques for facilitating messaging in a group-based communication system between a calling device and one or more client devices. A first user operating a calling device may send a request to a call server computing device to send a call-based communication via the group-based communication system. The call-based communication may include voice or textual data. The call server computing device may receive the call-based communication and may format the call-based communication to send to the group-based communication system. The call server may send the formatted call-based communication to the group-based communication system for presentation via the one or more client devices.

Abstract: Methods, systems, and computer readable media for rank processing in network function selection. A method includes periodically receiving, at a network function discovery node, and from each producer network function of a number of producer network functions, a current load value specifying a computing load carried by the producer network function. The network function discovery node is configured for performing service discovery between network functions of a telecommunications core network. The method includes determining, for each producer network function, an available capacity for the producer network function based on the current load value and a published capacity of the producer network function. The method includes responding to a network function discovery request from a consumer network function using the available capacity of each producer network function.

Abstract: A security strategy providing apparatus of a vehicle includes a communication circuit, a power controller, and at least one control circuit electrically connected to the communication circuit and the power controller. The at least one control circuit is configured to detect a connection of an external apparatus or an inflow of external data, and to block at least part of a function provided by the vehicle, at least part of power supplied by the power controller, or the at least part of the function and the at least part of the power, based on a detection result of the connection of the external apparatus or the inflow of the external data.

Abstract: Facilitate configuration of authentication information for a service provided over IP network when there is no shared authentication information between IoT device and service provider device for a service used by IoT device, an intermediary device capable of authenticating legitimate access mediates between devices. An example: a cipher key CK stored in intermediary device and IoT device, as a result of SIM authentication of the SIM of the IoT device, is used as master key for services used by IoT device. By generating unique application key for a service used by IoT device on the intermediary device and IoT device on the basis of master key, and sending it to service provider apparatus from intermediary device by secure connection, common keys are set as authentication information to IoT device and service provider apparatus. A SIM authentication process for generating cipher key can suppress SQN attack based on a bad request.

Abstract: Methods, systems, apparatuses, and computer program products are provided for automatically determining a home realm. An authentication request receiver interface may receive a request to access a resource and a device identifier from a client device. An authenticator may be enacted in response to receiving the request to access the resource that includes a home realm discoverer and an authentication user interface (UI) provider. The home realm discoverer may determine, based at least on the device identifier, the home realm from a plurality of realms. The authentication UI provider may provide, to the client device, an authentication UI via which a flat-name username can be submitted. Based at least on a flat-name user name and the determined home realm, access to the resource may be granted. In this manner, a user may input a flat-name username during sign-in, rather than inputting a realm or an entire e-mail address.

Abstract: Embodiments of this application provide example data analytics methods and example data analytics apparatuses. An example method carried out by a user plane data processing network element includes: obtaining information about at least one feature set from a data analytics network element, where information about each feature set in the information about the at least one feature set corresponds to at least one service type or at least one execution rule; obtaining a feature parameter of user plane data based on the information about the at least one feature set; sending the feature parameter to the data analytics network element; obtaining a response result of the feature parameter from the data analytics network element; obtaining, based on the response result, a service type associated with the user plane data or an execution rule associated with the user plane data.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for blockchain-based service processing. One of the methods includes receiving a service processing request by a first service processing platform from a first user. The first service processing platform is one of a plurality of service processing platforms that access a blockchain network, and service data of the first user is shared between the plurality of service processing platforms over the blockchain network. In response to a determination that the service processing request involves a second service processing platform of the plurality of service processing platforms, it is determined whether the service processing request is permitted to be executed. In response to determining that the service processing request is permitted to be executed, the service processing request is executed over the blockchain network.

Abstract: Various implementations disclosed herein provide a method for authenticating users to an enterprise network using closed subscriber groups. The method includes determining whether the client device is associated with a subscriber group that corresponds to the enterprise network. The method further includes granting the client device access to the enterprise network in response to determining that the client device is associated with the subscriber group that corresponds to the enterprise network.

Abstract: Disclosed herein is a method and system for detecting, monitoring and/or controlling one or more of mobile services for a mobile communication device (also referred to herein as a Controllable Mobile Device or CMD), and in particular, when the device is being used and the vehicle, operated by the user of the device, is moving. The present method and system determines whether the vehicle is being operated by a user that may also have access to a mobile communication device which, if used concurrently while the vehicle is in operation, may lead to unsafe operation of the vehicle. If the mobile services control system determines that a vehicle operator has potentially unsafe access to a mobile communication device, the mobile services control system may restrict operator access to one or more services that would otherwise be available to the operator via the mobile communication device.

Abstract: Aspects for initial mobile assessments for use in carrier-based blocking of contraband telecommunication devices are disclosed. In one such aspect, a contractor performs an initial assessment at a correctional facility using memory and a rapid deployable network including a controller configured to regulate wireless transmissions from or to the facility. The system systematically gathers information from the facility as to authorized wireless devices. The controller allows wireless transmissions to and from authorized devices to pass between the wireless device and a remote location via the network. Conversely, the controller blocks transmissions to or from unauthorized devices. After the initial assessment and follow-up assessments, the contractor departs the facility and sends the identifying information of the unauthorized devices to at least one database for use in network carrier-level blocking of unauthorized transmissions.

Abstract: An approach is provided that identifies Internet of Things (IoT) network anomalies. The approach receives IoT endpoint device data at an attestation entity included in the network. The data is logged to a secured ledger and analyzed. Conditions pertaining to the IoT endpoint devices are analyzed with the analysis being based on a set of network policy data. Based on the analysis, the approach detects network anomalies that correspond to the IoT endpoint devices. These network anomalies and their corresponding IoT endpoint devices are then reported.

Abstract: Systems and methods of controlling a docking station comprise establishing, by the wireless access point, a USB connection tunnelled over a local area wireless network connection with the mobile device, receiving, by the wireless access point over the USB connection, a request for an Internet Protocol (IP) or a Media Access Control (MAC) network address of the display controller, transmitting, by the wireless access point in response to the request, the IP or the MAC network address of the display controller to the mobile device over the USB connection, and receiving, by the wireless access point, the at least video data addressed to the IP or the MAC network address of the display controller and switching the at least video data addressed to the IP or the MAC network address of the display controller directly to the display controller without passing via the USB controller.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for blockchain-based service processing. One of the methods includes receiving a service processing request by a first service processing platform from a first user. The first service processing platform is one of a plurality of service processing platforms that access a blockchain network, and service data of the first user is shared between the plurality of service processing platforms over the blockchain network. In response to a determination that the service processing request involves a second service processing platform of the plurality of service processing platforms, it is determined whether the service processing request is permitted to be executed. In response to determining that the service processing request is permitted to be executed, the service processing request is executed over the blockchain network.

Abstract: A base station determines a window of time for arrival of uplink signals, wherein the window of time includes a start based on a first expected time of arrival for a first uplink signal from a first UE and an end based on a second expected time of arrival for a second uplink signal from a second UE. The base station detection detects a false base station, such as a L1 man-in-the-middle false base station, based on an uplink signal being received outside of the determined window of time for the arrival of uplink signals.

Abstract: It is recognized herein that current messaging protocols for internet of things (IoT) architectures are often weak from a security perspective, and are often poorly suited for resource-constrained devices. An example IoT system described herein combines device authentication and application-layer key establishment using facilities of IoT messaging protocols. The IoT system may include a Trust Broker, which acts as a registration point for devices, and an edge gateway, which manages communication between a given device and the trust broker (and IoT servers). The edge gateway may acquire a trusted role, such that it may be a secure intermediary for device-server messaging, and such that it can facilitate authentication of devices to services.

Abstract: Decoy data is generated from regular data. A deep neural network, which has been trained with the regular data, is trained with the decoy data. The trained deep neural network, responsive to a client request comprising input data, is operated on the input data. Post-processing is performed using at least an output of the operated trained deep neural network to determine whether the input data is regular data or decoy data. One or more actions are performed based on a result of the performed post-processing.

Abstract: Apparatuses, methods, and systems are disclosed for user equipment authentication. One method includes transmitting, from a user equipment, a request message to one or more network devices. The method includes, in response to transmitting the request message, attempting authentication with the one or more network devices. The method includes, in response to successfully authenticating with the one or more network devices, transmitting a message comprising first location information corresponding to the user equipment to the one or more network devices.

Abstract: A device is configured to process contactless payments by wirelessly reading account information from enabled payment instruments and providing the account information, along with other information, to a remote payment processing system. The device has an embedded reader, such as a near-field communications (NFC) reader or a radio-frequency identification (RFID) reader. The operating system of the device has a device driver that provides access to the embedded reader. The device driver is implemented as part of the operating system kernel in order to protect it from access by non-privileged software. A POS application installed on the device uses the device driver to obtain payment instrument information from a payment instrument such as a credit card. Before providing the payment instrument information to the POS application, the device driver encrypts the payment instrument information using a public key provided by the payment processing system.

Abstract: In a controller that operates a control program which executes sequence control or the like together with a data processing program which executes a complex arithmetic operation or the like, I/O resource information is shared with a shared memory, and an access right to the I/O resource information by the data processing program is controlled using read-in prohibited information and write-in permitted information.

Abstract: An integrated security system is described that integrates broadband and mobile access and control with conventional security systems and premise devices to provide a tri-mode security network (broadband, cellular/GSM, POTS access) that enables users to remotely stay connected to their premises. The integrated security system, while delivering remote premise monitoring and control functionality to conventional monitored premise protection, complements existing premise protection equipment. The integrated security system integrates into the premise network and couples wirelessly with the conventional security panel, enabling broadband access to premise security systems. Automation devices (cameras, lamp modules, thermostats, etc.) can be added, enabling users to remotely see live video and/or pictures and control home devices via their personal web portal or webpage, mobile phone, and/or other remote client device.

Abstract: Facilitating secure conveyance of location information and other information in advanced networks (e.g., 4G, 5G, and beyond) is provided herein. Operations of a system can comprise transforming, at a chipset level of the device, information indicative of a location of the device into a binary representation of the information indicative of the location of the device. The operations can also comprise embedding the binary representation of the information indicative of the location of the device into a message. Further, the operations can comprise facilitating a transmission of the message and the binary representation of the information indicative of the location of the device to a network device of a communications network.