Abstract: The invention relates to a method for generating an authentication key in a security module which stores a first root key (K_root_A) shared with a first network entity, the method including the following steps: sending a transfer request to a second network entity, receiving a first secret (S_b1) from the second network entity, generating a secret generation key (Kb1) from the first root key and from the first secret, receiving from the second network entity a second secret (S_b2) and an authentication message of the second secret calculated by means of the secret generation key transmitted to the second network entity by the first network entity, verifying the authentication message by means of the secret generation key, generating a second root key (K_root_B) if the verification is positive, said second root key being generated from the second secret (S_b2) and from the secret generation key (Kb1), and used to generate an authentication key to access a network of the second network entity.

Abstract: A server has a processor and a memory connected to the processor. The memory stores instructions executed by the processor to collect scan lists from client devices. Each scan list specifies a WiFi access point identifier collected by a client device and geographic coordinates of the client device when the WiFi access point identifier was collected. A cluster of geographic coordinates is formed around a designated WiFi access point. A centroid within the cluster is identified. The location of the centroid is ascribed as the geographic position of the designated WiFi access point. A client device is advised when the designated WiFi access point is a known mobile WiFi access point to facilitate connection between the client device and the known mobile WiFi access point.

Abstract: Provided are a transmission method, terminal and system for application software. In the method, a first terminal creates a wireless hotspot; a second terminal joins a wireless network constructed by the wireless hotspot when joining request information sent by the second terminal is received; and interaction of application software with the second terminal is performed based on the wireless network. By the technical solution, the application software may be shared among these terminals, and the users do not have to download the application software from the network so as to save the data consumption of the users. Moreover, downloaded application software may also be shared among these terminals through application store clients on the terminals, so as to improve enthusiasm of the user in searching for and downloading the application software and facilitate popularization of the application store clients as well as the application software thereof.

Abstract: Embodiments of the present invention relate to the field of wireless communications technologies, and in particular, to a CA processing method and device, so as to provide a CA processing scheme applicable to a network sharing scenario. In the embodiments of the present invention, a second cell is determined according to a first PLMN ID used by a CA user equipment in a first cell and a frequency supported by the CA user equipment, where the first cell is a cell that the CA UE currently accesses, CA can be performed on a second PLMN ID supported by the second cell and the first PLMN ID used by the CA user equipment in the first cell, and a frequency used by the second cell can be supported by the CA user equipment; and, according to the determined second cell, a CA cell is configured for the CA user equipment.

Abstract: A method of conserving battery power of mobile devices within a location-based group starts with server receiving location data and proximity information from each of the mobile devices. Location data received from first mobile device includes the first mobile device's location. Proximity information received from first mobile device includes an identification of mobile devices within a predetermined radius of first mobile device's location. Server identifies based on location data and proximity information a specific location and forms a subgroup of mobile devices that are within a predetermined radius of the specific location. Server queries and receives a level of power associated with each mobile devices in the subgroup and transmits control signals to each mobile devices in the subgroup to shut down radio functions based on the level of power. Other embodiments are also described.

Abstract: The present disclosure provides a method, system, device, and terminal for network initialization of a multimedia playback device. The method includes: screening, by a terminal, a wireless access point of the multimedia playback device; connecting the terminal to a first wireless network of the wireless access point of the multimedia playback device; and sending, by the terminal, parameter information of a second wireless network, to which the terminal connects, to the multimedia playback device through the first wireless network, which allows the multimedia playback device to be connected to the second wireless network according to the parameter information of the second wireless network, so as to complete initialization. The method for network initialization of a multimedia playback device does not need to download a specific application to perform multistep network initialization nor to input a series of IP addresses through a network browser and make complicated settings to perform network initialization.

Abstract: A network access control method and apparatus. The network access control method includes configuring network access permission of a first application, where the network access permission includes allowing the first application to access a network resource using a first type of network access point, and the first type of network access point includes at least one first network access point, accessing a second network access point, where the second network access point belongs to the first type of network access point, and when the first application is running, allowing the first application to access the network resource using the second network access point, and when a third network access point is accessed, and when the third network access point does not belong to the first type of network access point, prohibiting the first application from accessing the network resource using the third network access point.

Abstract: A system may store a plurality of first records comprising a first variable in a first data storage format. The system may also store a plurality of second records comprising a second variable in a second data storage format. The first data storage format may have a different data structure than the second data storage format. The system may then generate a catalog including a first location of the first variable and a second location of the second variable. The first location identifies the first data storage format, which is where the first variable is stored. The second location identifies the second data storage format, which is where the second variable is stored. The system may then receive a request to access at least one of the first variable or the second variable and access the first variable and/or the second variable in response to the request.

Abstract: A mobile station wirelessly communicates with a plurality of wireless base stations using multiple access. A first wireless base station in the multiple access controls a control plane of a second wireless base station in the multiple access to control a connection between the mobile station and the second wireless base station.

Abstract: A mobile terminal is disclosed. The mobile terminal includes a touch panel and an input detection part, a display part, a determination part, and an execution part. The input detection part is configured to detect inputs to the touch panel. The display part is configured to display an object corresponding to a lock state in which predetermined processing based on inputs detected by the input detection part is not executed. The determination part is configured to determine whether or not a predetermined input to the object is detected by the input detection part. The execution part is configured to release the lock state and execute predetermined processing if the determination part determines that a predetermined input to the object is detected.

Abstract: The present disclosure relates to methods and devices for mitigating the impact from Internet attacks in a Radio Access Network, RAN, using Internet transport. This object is obtained by a method performed in network node in a Core network, CN, of mitigating the impact from Internet attacks in a Radio Access Network, RAN, using Internet transport. The method comprises receiving, from at least a network node in a Radio Access Network, RAN, an intrusion detection report, the intrusion detection report comprises information about an Internet attack in the RAN. The method further comprises selecting based on the information, a mitigation action, the mitigation action mitigating the impact of the attack on the RAN service level. Further the method comprises performing the selected mitigation action to mitigate the impact on the RAN service level.

Abstract: In one example, a method includes receiving a feature vector that characterizes a call history for a telephone network subscriber, wherein the feature vector comprises respective categorical values for one or more categorical features and respective continuous values for one or more continuous features, and applying, to the categorical values, a first algorithm to determine a categorical score for the feature vector. The example method further includes applying, to the continuous values, an isolation forest algorithm to determine a continuous score for the feature vector, and outputting, in response to determining at least one of the categorical score for the feature vector and the continuous score for the feature vector indicate the feature vector is anomalous, an indication that the feature vector is anomalous.

Abstract: A data communication system verifies Network Function Virtualization (NFV) parameters. The data system transfers communications for devices by executing hypervisors to generate an NFV processing environment with multiple NFV time slices. The system executes virtual Network Elements (vNEs) during the NFV time slices. The system associates the communication devices with the NFV time slices based on the execution of the vNEs during the time slices. The system yields NFV data indicating an actual NFV time slice used to transfer data communications for an individual communication device and a trusted NFV time slice for that communication device. The system transfers alert data for the communication device if the actual NFV time slice does not correspond to the trusted NFV time slice.

Abstract: The present invention disclosed a method and an apparatus for authenticating a terminal in a mobile communication system, the method includes: an authenticating end obtains first authentication information sent by a terminal, the terminal is configured to obtain first certification information inputted by a user, and determine the first authentication information according to the first certification information, the first certification information is information certified by a target software; the authentication server authenticates the terminal according to the first authentication information; after the authentication server has successfully authenticate the terminal according to the first authentication information, a mobile communication authorize the terminal to access the mobile communication. The present invention solves the problem in the related art that the SIM card has restricted development of the terminal to be lighter and thinner.

Abstract: A method for controlling an authentication state of an electronic device according to various embodiments of the present disclosure includes authenticating user login with representative authentication information in a first application requiring user authentication, identifying temporary authentication information when authenticating the user in the first application, storing the identified temporary authentication information and the representative authentication information, deciding whether temporary authentication information is identical to the stored temporary authentication information by identifying the temporary authentication information while using the first application, and maintaining the authentication state if the temporary authentication is identical to the stored temporary authentication information.

Abstract: A wireless connection may be established between a mobile device and a reader device and/or a sensor. The reader device and/or sensor may authenticate the mobile device. The reader device and/or sensor may receive a credential or token from the mobile device. An action may be performed based on certain criteria such as if the credential or token is valid.

Abstract: A wearable device can establish a verified session with a host device (e.g., by establishing that the wearable device is present in the vicinity of the host device and is currently being worn). The existence of such a verified session can be used to control user access to sensitive information that may be stored in or otherwise accessible to a host device. For example, the host device and/or application programs executing thereon can be configured to restrict a user's ability to invoke program functionality that accesses sensitive information based on whether a verified session with a wearable device is currently in progress.

Abstract: Systems and methods for creation of a device identity (ID) for mobile communications devices may capture equipment identification information and subscriber identification information for mobile communications devices and combine them to create a device identity for each pairing of equipment identification information and subscriber identification information captured. Such mobile communications devices, may be operating in association with a controlled-environment facility and the equipment identification information and subscriber identification information are captured by a controlled-environment facility mobile communications managed access system (central access point) and/or by a controlled-environment facility contraband mobile communications device assessment system (access point(s)).

Abstract: The present invention provides a system and method for providing subscribers an electronic emergency response portal on a network. In accordance with an aspect of the present invention, there is provided a method for providing subscribers an electronic emergency response portal on a network having the following steps: receiving real property information from a subscriber module; storing the real property information in a database; creating a secure portal for the subscriber module over a network, the secure portal providing an interface to one or more emergency response parties, wherein the one or more emergency response parties are given access to the interface if a permission setting to the interface is granted by the subscriber module; and providing real property information to the subscriber module and the one or more emergency response parties based on the permission setting.

Abstract: Techniques are described for wireless communication. A method for wireless communication at a user equipment (UE) includes establishing a connection with a network node; receiving from the network node, as part of establishing the connection, an AS security indication indicating an AS protocol layer for protecting data packets; and configuring AS security protection for data packets based at least in part on the AS security indication and the indicated AS protocol layer. A method for configuring AS security includes establishing a connection with a UE; receiving from a network access device controller, as part of establishing the connection, an AS security indication indicating an AS protocol layer for protecting data packets; and configuring AS security protection for data packets transmitted to or received from the UE based at least in part on the AS security indication and the indicated AS protocol layer.

Abstract: Methods for managing access to protected resources within a computing environment and detecting anomalies related to access control events are described. An access control system may acquire a request for access to a protected resource, identify a username associated with the request, acquire contextual information associated with the request for access (e.g., a time of day associated with a location of a device making the request), acquire a baseline set of rules for the username, detect a deviation from the baseline set of rules based on the contextual information, acquire additional authentication information in response to detecting the deviation, authorize access to the protected resource based on the additional authentication information, generate a record of the request for access including the contextual information, and update the baseline set of rules if an intrusion to the access control system has not been detected within a threshold period of time.

Abstract: Aspects of the subject disclosure may include, for example, a system that manages utilization of mobile subscriber identity information including enabling use of such information by different communication devices. The use of the same mobile subscriber identity information by multiple devices can be based on detecting device identification information associated with a registration request. Other embodiments are disclosed.

Abstract: An exemplary mobile device activation system may receive, by way of a mobile device not currently activated on a mobile network, a request to initiate an activation process to activate the mobile device on the mobile network, authenticate the mobile device to a user account associated with the mobile network, establish an activation session with the authenticated mobile device, receive, during the activation session and by way of the authenticated mobile device, user input indicating a user-selected activation parameter for the authenticated mobile device, and activate the authenticated mobile device on the mobile network based on the user-selected activation parameter for the authenticated mobile device.

Abstract: Described herein are methods, systems and programs for managing the sharing of video, audio and data communications between users over the internet in the most efficient manner. The video, audio and data communications secured by means of advanced encryption standard (AES) like in the form of 128-bit or other encryption standard and efficiently communicated across a Web Real-Time Communication (WebRTC) protocol.

Abstract: Systems, computer program products, and methods are described herein for remotely controlling access to a mobile device. The present invention is configured to receive an indication that a transaction executed by a user is misappropriate, wherein the transaction is executed by the user using a mobile device; transmit control signals configured to cause the misappropriation application to begin running in the background of the mobile device; initiate, via the misappropriation application, one or more actions to be executed on the mobile device of the user based on at least receiving the indication that the transaction executed by the user is misappropriate; determine an alternative communication form associated with the user; transmit a notification to the user via the alternate communication form, when the notification further comprises an indication that one or more functionalities of the mobile device has been limited.

Abstract: A network authentication system includes a client terminal, an authentication server authenticating connection of the client terminal with an external network, and a plurality of authentication switches controlling communication of the client terminal with the external network. The authentication switch includes an authentication server processing unit notifying the authentication server of authentication terminal information, and a receiving port filter receives a specific packet. The authentication server, includes a terminal management storing unit storing the authentication terminal information, and an authentication switch management processing unit which, in order that the authentication switch authenticate the client terminal, determines filter information, that is set in the receiving port filter, based on the authentication terminal information, and notifies the authentication switch of the filter information.

Abstract: An acquisition processing section acquires information data addressed to a user and a notification processing section gives notification of the acquired information addressed to the user. When a plurality of users have logged in concurrently, the notification processing section gives notification of user identification information identifying the addressee of the information, along with the information. On the other hand, when only one user has logged in, the notification processing section gives notification of the information but does not give notification of the user identification information. A login managing unit manages login users. The notification processing section determines whether or not to give notification of the user identification information depending on whether one user or a plurality of users are managed by the login managing unit.

Abstract: Embodiments of the invention are directed to systems and methods for maintaining coherency between different entities in a distributed system. A coherency module automatically detects a change in state in a first entity, wherein the change in state relates to a change in functional code in the first entity. A synchronization message is transmitted to a second entity to synchronize data in the second entity with data in the first entity as a result of the change in state. The second entity is configured to synchronize the data in the second entity with the data in the first entity after receiving the synchronization message.

Abstract: Embodiments of the present disclosure provide an access control method and apparatus. The method includes: generating, by a network device, an access control message that includes an access control parameter, where the access control message is used to instruct user equipment to determine, according to the access control parameter after receiving the access control message, whether to initiate access, and the access control parameter includes an access control parameter based on a traffic class or an access control parameter based on an access class; and sending, by the network device, the access control message to the UE. The technical solutions of the present disclosure may reduce a signaling burden on a network and may enable the network device to provide more precise and flexible control of the UE.

Abstract: An apparatus comprising a system with an array of sensors, sound and light emitting and receiving devices having at least one object control from a monitored object comprised of an operator, a patient, an animal, or machine, control of at least one performance parameter of the system; at least one iris/retina biometric sensor; at least one physiological iris/pupil sensor; at least one infinite random light emitter; said at least one iris/pupil biometric sensor; said at least one physiological pupil sensor and said one infinite random light emitter operatively connected and synchronized communication with each other utilizing at least one central processing unit; said at least one biometric sensor and said at least one physiological sensor delivering a parallel array of sensory readings to said central processing unit; said central processing unit capable of detecting a normal or an abnormal sensory reading; said at least one central processing unit capable of effecting said at least one performance parameter

Abstract: A user equipment (UE), method, and non-transitory computer-readable medium for fast VoWiFi handoff using internet key exchange (IKE) v2 optimization. The UE includes a memory and one or more processors operably connected to the memory, wherein the one or more processors are configured to determine reference signal received power (RSRP) for a long term evolution (LTE) signal and reference signal strength indicator (RSSI) for a WiFi signal, in response to at least the RSSI of the WiFi signal being greater than an RSSI threshold, perform a pre-setup of the IPsec tunnel, determine whether a handoff is to be performed, and in response to a determination that the handoff is to be performed, perform a completion of the IPsec tunnel.

Abstract: Shopping assistance using an interactive character is provided on a shopping device in a retail store. Input requesting assistance from a character displayed on the shopping device is received on the shopping device. The input is processed. A response is determined based on the input and a character personality profile for the character displayed. The response is generated through the character on the shopping device, providing shopping assistance.

Abstract: A vehicle-mounted electronic component with a smart power supply interface includes a smart power supply interface module and a component function module. At the vehicle-side, the smart power supply interface module is connected with the vehicle fuse fox and with the CAN bus of the vehicle, and also is connected with the vehicle transmission gear and the vehicle-mounted sensing module respectively. At the component-side, the smart power supply interface module has an ACC output interface and an ACC enhanced output interface for the gating connection of the ACC interface of the component function module.

Abstract: A method in a communication network for facilitating handover of a user equipment (UE) from access via a source access path to access via a target access path is provided. An internet protocol (IP) access is provided to the UE via the source access path and an indication that the UE has configured a communication interface for the target access path is obtained. Switching from providing IP access via the source access path to providing IP access to the UE via the target access path is performed. Further, instructions for releasing communication resources for the source access path are sent after the indication that the communication interface has been configured for the target access path is obtained.

Abstract: Embodiments are presented for controlling usage of a communications device, whereby for a given number of messages generated from the device the operator (e.g., a child, person, etc.) has to successfully answer a question before a further batch of messages can be sent. The number of messages that can be sent before a question is to be answered can be configured by a parent. Further, a modifiable data store can be utilized to store questions, from which questions for presentation on the communication device can be sourced. The questions can relate to subject matter the child is studying at school, a standardized test, trivia, provided by a third party.

Abstract: A storage device security system includes a server that is coupled to a storage device, a storage controller, a configuration IHS, and a remote access controller. The remote access controller receives a storage device access key request and a storage controller Globally Unique Identifier (GUID) from the storage controller. The remote access controller also receives a server GUID from the server. The remote access controller also receives a security key from the configuration IHS over a network. The remote access controller is configured to use a remote access controller Media Access Control (MAC) address, the storage controller GUID, the server IHS GUID, and the security key to generate a storage device access key. The remote access controller may then provide the storage device access key to the storage controller, and storage controller may use the storage device access key to access the storage device coupled to the server IHS.

Abstract: A method and apparatus are disclosed for adding serving cells in a wireless communication system. The method includes a UE (User Equipment) is served by a first cell controlled by a first eNB (evolved Node B), wherein multiple radio bearers (RBs) for the UE are allocated to the first eNB and there is a MAC (Medium Access Control) entity in the UE for supporting the first cell. The method also includes the UE receives a RRC (Radio Resource Control) message for adding a second cell controlled by a second eNB to the UE, wherein a RB among the multiple RBs is relocated to the second eNB according to information included in the RRC message. The method further includes the UE re-establishes a RLC (Radio Link Control) entity corresponding to the RB and does not reset the MAC entity in response to the relocation of the RB.

Abstract: A card registry system is configured to automatically identify financial card information in one or more credit files associated with a consumer and populate a card registry account of the consumer with the identified financial card information. Once the financial card information has been obtained from the credit file(s), the card registry system may transmit cancellation and/or reissuance requests to the respective card issuers in the instance that one or more cards are compromised, so that the financial cards may be easily and efficiently cancelled and/or reissued at the request of the consumer.

Abstract: A the network-side distribution point in a telecommunications network includes an input measurement function which monitors the total power delivered to the power combiner from the various customer premises, and an output measurement function which monitors the total power requirements of the components of the distribution point. The data from these monitoring functions are used by a power extraction control unit to control the combiner/extraction unit to draw power from the forward power feed to makes up any shortfall in the power required to operate the components. This allows each customer premises system to deliver power to the distribution point at a rate determined only by the services it is itself using, and without any need for co-ordination between the distribution point and the customer premises systems.

Abstract: Systems and methods are included for detecting driving based on user-specific models for driving detection, and restricting access to an application of the user device while a user is driving. A management agent installed on the user device can collect data from sensors in a user device and provide the data to a management server, which can build a user-specific model for driving detection for that user. The management agent can then use that user-specific model for detecting when the user is driving. When the agent determines that the user is driving, it can enforce a driving policy that limits access to applications and delay or modify notifications generated by applications.

Abstract: An authentication server, an application device and a probability-based user authentication system and method are disclosed. To simplify authentication while keeping a high level of security, the authentication server comprises at least an authentication probability evaluation module for determining a probability of requestor identification. The authentication server is configured to at least receive an authentication request from an authenticator, said authentication request comprises at least user identification data. The authentication probability evaluation module is configured upon reception of said user identification data to receive user behavior information, corresponding to the received user identification data from a user information database; and to determine a user probability value by comparing at least said user behavior information with authenticator application data. The requestor is authenticated in dependence of said determined user probability value.

Abstract: A device includes: a short-range communicator which is configured to communicate with at least one mobile terminal by a short-range communication method; and a controller which is configured to determine whether a mobile terminal targeted for approaching is a registered mobile terminal if it is detected that the mobile terminal approaches the device, and controls the short-range communicator to receive the first authentication information corresponding to the device from the approached mobile terminal if the approached mobile terminal is determined as the registered mobile terminal, and authenticate a user of the device through the received first authentication information. With this, a user can be authenticated by a simple method of making the mobile terminal approach the device without inputting his/her authentication information, thereby improving user's convenience and strengthening security effect.

Abstract: After detecting an access-intent operation, an electronic device establishes a connection with a second electronic device using a communication protocol. The electronic devices exchange identifiers, and the second electronic device provides information specifying a preferred channel to use with a second communication protocol. Based at least in part on the preferred channel of the second electronic device and on communication contexts of the electronic devices, the electronic device selects a channel and transmits to the second electronic device information specifying the selected channel. The electronic device remotely accesses credential information based on the exchanged identifiers, and using the credential information, the electronic devices establish a secure connection via the selected channel using the second communication protocol. The electronic device determines a distance to the second electronic device using wireless ranging via the secure connection.

Abstract: A wireless communication system includes one or more base stations able to divide resources between multiple network operators sharing the base station. A shared base station is configured to monitor a contribution to the load on the base station associated with network operators sharing the base station resources and to provide the determined contribution to the load to one or more other base stations for use in load balancing between the base stations.

Abstract: An electronic device comprising: a microphone; a communication circuit; a memory; and at least one processor operatively coupled to the memory, configured to: acquire voice data by using the microphone; identify a user corresponding to the voice data; select an external device based at least in part on an identity of the user; and transmit a connection request to the external device by using the communication circuit.

Abstract: In a query-response model system of network communication, to protect user data privacy, a plurality of Camouflage Queries are automatically generated to be sent along with Intended Queries. The mix of intended queries and the Camouflage Queries masks and obscures the intended queries. Camouflage Messages or queries create a noisy background and thus lower the signal to noise ratio (SNR) for a server or interceptor to detect the intended queries.

Abstract: An application server for non-returned return merchandise authorization (RMA) asset recovery. The application comprises an application stored in the memory that, when executed by the processor, examines related entries in a data store for status of return merchandise authorization mobile communication devices, and calculates time duration since shipment of the replacement mobile communication device unless a return merchandise authorization mobile communication device is received that was replaced by the replacement mobile communication device. The application further examines provisioning status of return merchandise authorization mobile communication devices, and responsive to return merchandise authorization mobile communication devices being associated with a new telephone number, suspends communication service to the return merchandise authorization mobile communication device and the corresponding replacement mobile communication device.

Abstract: A wireless router, comprising a location information acquisition module configured to acquire location information of a mobile device and an identity information collection module configured to store a predetermined location model to determine a match between the location information and the predetermined location model based on a corresponding relation between the predetermined location model and identity information of the mobile device. A wireless router further comprising an authentication and authorization module configured to determine a match between the location information and the predetermined location model and to authenticate and authorize the mobile device to access a network.

Abstract: An efficient and robust system 100 of privacy protection to provide security of a computing device by identifying and detecting unauthorized intrusion/peek problems related to computing device's environment/surrounding is disclosed. The system 100 includes a detector unit 102 for detecting data related to environment/surrounding of the computing device; a processing unit 104 for processing the detected data and a recommendation unit 106 to notify the user about the threat posed by environment/surrounding. The present disclosure enables device owner to access his device more freely in vulnerable surroundings.

Abstract: The invention relates to a first network unit (See) which comprises a secure hardware component (HK) for saving and running software. A second network unit (P) comprises a secure software component (SK) for saving and running software. A method for secure communication comprises: saving a first common secret, a first algorithm and a second algorithm on the network units; sending a first date from the second network unit to the first network unit; running the first algorithm on the first network unit and on the second network unit wherein the input is in each case formed by the second common secret and the first date; sending of a second date from the first network unit to the second network unit; running the second algorithm on the first network unit and on the second network unit; wherein the input is formed in each case by the second common secret and the second date; and use of the third common secret for a secure communication.