Abstract: A method and system for securely monitoring an operating system of a mobile wireless communication device for unauthorized modifications. A secure application is provided on universal integrated circuit card of the mobile wireless communication device. The secure application is configured to control the wireless connectivity of the mobile wireless communication device, and communicate with a wireless communications network. A monitoring application is provided in a trusted sub-processor of the processor of the mobile wireless communication device. A secure communication link is established between the secure application and the monitoring application. A heartbeat token is generated by the trusted sub-processor, based on a modification status for the operating system and at least one system variable. The secure application receives the heartbeat token, and determines that an unauthorized software modification exists based on the heartbeat token.

Abstract: The embodiment of the present invention provides a method for processing information and method for sending priority information and apparatus. The method for processing information includes: after receiving information sent to a logged-on account, according to the priority information corresponding to the account sent by a network side device, a terminal determining whether the priority thereof is the highest; the priority information comprises the identifiers and priorities of various terminals which log on the account; if yes, starting up a corresponding application program according to the received information; and if no, not starting up the application program corresponding to the received information. The method for sending priority information includes: a network side device determining various terminals which have already logged on the same account; for various terminals logging on the same account, the network side device sending the priority information of the account to various terminals.

Abstract: Mobile device applications may be enabled to function with greater reliability and performance with greater network visibility and control over the network infrastructure. A mobile device may be enabled with multiplexing across physical and virtual network interfaces. The mobile device may communicate with a server to access specific IP cell towers with wireless to wired offload capability. Various devices including drones, blimps, and towers may be enabled with several antenna arrays including 4x4, 8x8, and 16 plus coupled to radio frequency transmit and receive units to enable better coverage for a specific location. Vehicles may be enabled with millimeter wave length communication, WiFi, WLAN, and cellular connectivity. These devices may be enabled to signal one another to describe lane changes, intended movements, potential hazards or likelihood of a crash. The vehicles may be autonomous self-driving vehicles which form a self-driving unit.

Abstract: A data portion of a physical layer (PHY) data unit is generated to include a service field that consists of eight or less bits. When it is determined that the PHY data unit is to be generated according to a first mode of operation of a long range communication protocol, the PHY data unit is generated according to a first format to include the data portion. When it is determined that the PHY data unit is to be generated according to a second mode of operation of the long range communication protocol, the PHY data unit is generated according to a second format to include the data portion, including using a slower clock rate as compared to the first format. The second mode of operation provides longer range communications as compared to the first mode of operation.

Abstract: A method that incorporates teachings of the subject disclosure may include, for example, storing, by a universal integrated circuit card including at least one processor, a digital root certificate locking a communication device to a network provider, and disabling an activation of the communication device responsive to receiving an indication of a revocation of the stored digital root certificate from a certificate authority, wherein the indication of the revocation of the stored digital root certificate is associated with a revocation of permission for an identity authority to issue a security activation information to the communication device on behalf of the network provide. Other embodiments are disclosed.

Abstract: A method of operation of a self-locking mass storage system includes: providing storage media and an inactivity timer; timing a period of read/write inactivity of the storage media using the inactivity timer; comparing the period of read/write inactivity against a preset maximum idle time; locking access to the storage media when the period of read/write inactivity exceeds the preset maximum idle time; and, resetting the period of read/write inactivity following read/write activity while the self-locking mass-storage system is in an unlocked state.

Abstract: A control panel is used to control and/or monitor an automation system. The automation system may also be used in connection with one or more enhanced services, such as a remote access service. The remote access service may allow a user to control or monitor some or all aspects of the automation system through a remote computing device. To use the remote access service, or other enhanced services, the user may register to associate the user with the control panel of the automation system. If it is determined that the user has not registered, the service provider may send a message to the control panel. The message may prompt the user to register for the enhanced service. Optionally, contact information may be requested to allow a message to be sent to a personal device of the user to facilitate registration or use of the enhanced service.

Abstract: A car control system is disclosed. The car control system for controlling a car by being linked with a car control device (electronic control unit, ECU) that is installed inside the car for electronic control of the car can include: an authentication server configured to perform access authentication for a user terminal and configured to generate an authentication result based on least one of terminal information of the user terminal and vehicle identification information; and a car access device configured to be directly connected with the car control device through an internal network of the car and configured to determine whether a car control request for control of the car by the user terminal is to be relayed to the car control device according to the authentication result of the user terminal.

Abstract: Confusion between service providers due to the technical limitation of a GPS sensor included in a wireless communication device of a service user is avoided. A data transmission device connected to a server and for transmitting visit data to a wireless communication device is disclosed. The data transmission device may include a button part, when pressed, for transmitting to the server visit data of the wireless communication device; and touch screen touching parts connected to the button part so as to input an electrical signal to a touch screen of the wireless communication device. The visit data may be transmitted to the wireless communication device from the server when the button is pressed and an electric signal is input to the touch screen. The at least one touch screen touching part may include a plurality of touch screen touching parts, and each of the data transmission devices in a predetermined area may have different layouts of the touch screen touching parts.

Abstract: A communication network includes an instructor wireless communication device and a plurality of student wireless communication devices, which may be conventional smartphones. The student devices do not communicate with the wireless service provider, but communicate with the instructor device in the classroom via a short-range communication network established between the student devices and the instructor device directly or via an access point. In one embodiment, communication with the cellphone network service provider is cut off by disabling the network transceiver in each student device. The instructor device can exchange question and answer data with the student devices. The system can be configured to provide security in student responses to prevent potential cheating. Student answers may be automatically collected, collated, and graded. The answers are accompanied by an ID that uniquely identifies each student.

Abstract: The present disclosure relates to methods and devices for mitigating the impact from Internet attacks in a Radio Access Network, RAN, using Internet transport. This object is obtained by a method performed in network node in a RAN, using Internet transport. The method comprises obtaining intrusion detection information informing the network node that the RAN is under attack. The method further comprises selecting, based on the intrusion detection information, a mitigation action, the mitigation action mitigating the impact of the attack on the RAN service. Further the method comprises performing the selected mitigation action to mitigate the impact on the RAN service level.

Abstract: Embodiments of the invention are directed at an enhanced data interface (EDI) for contactless communications between a mobile application operating on a mobile device and an access device (e.g., contactless reader) that allows for enhanced verification between the mobile device and access device. One embodiment of the invention is directed to a method. The method comprises a mobile device receiving a request for available applets from an access device and providing a list of available applets including trusted applet identifiers and untrusted applet identifiers to the access device. The method further comprises receiving a selection of an untrusted applet identifier from the list and an entity identifier associated with the access device, validating that the access device is authorized to access credentials associated with the selected untrusted applet identifier using the entity identifier, and providing the credentials associated with the selected untrusted applet identifier to the access device.

Abstract: A method and apparatus for intersystem mobility security context handling between different radio access networks which can include a receiver configured to receive a tracking area update message from a user terminal. The message can include a first key identifier configured to identify a mapped security context and a second key identifier configured to identify a cached security context. A verifier can be configured to verify the tracking area update message with a key identified by the first or second key identifier.

Abstract: In accordance with one example embodiment of the present invention a method is provided for adapting and customizing the attributes and the functionalities of a connected object according to preferences, settings and permissions associated with a user paired with said connected object. In some implementations, at least part of the inputs and adjustments imparted by said user to said connected object via an input/output user interface could seamlessly translate into other connected objects that belong to the same class and are paired with said user. In other implementations, the pairing of connected target objects with user IDs provides novel functionalities.

Abstract: A mobile user device, configured to communicate over a wireless medium and a corresponding computer-implemented method is described. The mobile user device in one embodiment may comprise a near field communication interface for at least sending response information to a receiver in one or more near field transmissions; and a communication control module, connected with said near field communication interface. To improve the security of the mobile user device, the communication control module is configured to control whether said response information is sent by said near field communication interface in dependence of at least a communication safety parameter.

Abstract: A server holds correspondence information in which a device identifier of a device for which an authentication process is successful and area network information concerning an area network including a controller are associated with each other. In the case where the authentication process is successful, the device holds area network information concerning an area network including a controller for which authentication is successful. In response to a connection request from a new device, the server checks whether an identifier of the new device is registered in the correspondence information. If the identifier is registered, the server determines whether the area network information associated with the identifier matches the area network information held by the new device. If the pieces of information do not match, the server detects the new device as an unauthorized device.

Abstract: Techniques of detecting telecom fraud involve applying a combination of real-time data analysis and risk models typically used in authentication applications to phone call metadata that is streamed to a database server on a continual basis to derive phone usage patterns as the database server receives the phone usage data. The database server then compares the derived phone usage patterns to patterns of fraudulent phone usage in order to detect SIM box or SIM cloning fraud in the streamed data. A comparison result that indicates the likelihood of such fraud in a vast set of phone calls may take the form of a risk score derived using risk models typically found in authentication applications.

Abstract: A mobile communications device receives and handles an encoded message. State data about the encoded message is generated based upon a first access of the encoded message. The device stores the generated message state data in a cache of the mobile communications device; generates a message indicator based upon the message state data stored in the cache of the mobile device; and processes the encoded message on a background thread running on the mobile device. The process determines that a message state change has occurred since the message was last opened and provides an updated message indicator to a user of the mobile device that reflects the message state change.

Abstract: RFID-to-Bluetooth selective adapter with multiple RFID integrated chips mounted on RFID elevator controller, having customized RFID transponders, a bluetooth module, and an extended I/O connector is disclosed. Customized RFID transponders include RFID Integrated chips, RFID sensor coils, and a SPNT switch. Extended I/O connector is configured to allow connection of customized RFID transponders by coupling to SPNT switches. Bluetooth module instructs which one of SPNT switches is to be opened or closed, which then connects one RFID sensor coil with one corresponding RFID Integrated chip, while other RFID sensor coils and remaining RFID Integrated chips are disconnected. Selection criteria of chosen RFID IC by Bluetooth module is in accordance with preconfigured allocated access right given to each user by an administrator and is programmed on flash memory, EEprom memory of Bluetooth module, in APP, or on cloud authentication server. More than one customized RFID transponder can be chained together.

Abstract: In a monitoring camera system, a master device registers a smart phone and a wireless router therein in advance. If sensor detection information is received from a human sensor, the master device requests a monitoring camera to transmit image/audio data, and sends image/audio data transmitted from the monitoring camera to the smart phone via the wireless router. The smart phone displays the image data sent from the monitoring camera on a touch panel.

Abstract: A server computer system identifies a request from an application hosted on a mobile device to consume a protected resource hosted by a cloud. The request is transmitted via a resource authorization protocol. The server computer system identifies a token state of an application on the mobile device. The token state is stored in a policy data store that is separate from expiration data that is stored on an access token on the mobile device. The server computer system determines whether the token state violates a security policy that is associated with a user that is assigned to the mobile device and prevents consumption of the protected resource in response to a determination that the token state violates the security policy. The server computer system allows consumption of the protected resource in response to a determination that the token state does not violate the security policy.

Abstract: A device and software utilizing Global Positioning Satellite (GPS) technologies for monitoring and recovering portable computing devices and, a method and system for acquiring such devices, protecting data on such devices, and for compensating owners of devices. A GPS mechanism of the invention provides real time tracking of missing devices that may be coordinated with security agencies to intercept and recover missing computing devices. When a stolen device is unrecoverable, the invention may receive a signal to initiate data recovery where a wireless network is available to recover data for the owner. Alternatively, the GPS mechanism instructs the device to encrypt or destroy stored data files to prevent commercial espionage or privacy violations. The invention discloses a software system and method for computing a purchase price of the GPS mechanism, computing compensation for loss of the device and lost data.

Abstract: The invention relates to a method for enabling post issuance operation on a secure element connectable to a communication device. The method allows an SE controlling party to perform remotely operations such as creation of new security domains for an external party, loading, and installation of applications of an external party and management functions including personalization and activation of applications loaded on the SE for an external party. The method includes the steps of: collecting data stored on the SE suitable for identification of the SE and data for contacting the SE controlling party; creating an initial data packet from the collected data, sending the data packet to a party which can be the external party, an agent of the external party, the SE controlling party, an agent of the SE controlling party. The invention further relates to a communication device and a software application for implementing the method.

Abstract: Machine-to-machine (M2M) devices are used to enable the automatic collection of fingerprint data without human intervention at various locations in a wireless communication system. A location server receives fingerprint data collected by one or more M2M devices positioned at fixed locations in the wireless communication system, and stores the fingerprint data received for each of the one or more M2M devices in the location database to associate the received fingerprint data with the fixed location of the corresponding M2M device. The collected fingerprint data characterizes the radio environment at the fixed location of the corresponding M2M device, where each M2M device corresponds to one fixed location in a fingerprint grid.

Abstract: Various methods are provided for facilitating a software smart card environment consisting of multiple virtual UICCs (vUICC). One example method may comprise determining the location of one or more applications stored on a plurality of vUICCs, wherein the plurality of vUICCs are hosted in a secure environment. The method may also comprise receiving a request from a terminal application to execute an application of the one or more applications stored on the plurality of vUICCs. The method may further comprise determining a vUICC identification relating to the requested application. The method may further comprise causing a logical channel to be established with the requested application on a vUICC using the determined vUICC identification. Similar and related example apparatuses and example computer program products are also provided.

Abstract: The present invention relates to a system and method for processing a lost password by selectively providing a reset process under the password in the long-term memory of the user. According to the present invention, the system includes a user terminal including: a long-term memory condition registration unit receiving the registration of long-term memory conditions; a long-term condition determination unit determining the long-term memory conditions are satisfied; a user identification unit, after the occurrence of a lost password, authenticating the user through a user identification verification scheme or through a enhanced user identification verification scheme whether or not the password resides in the long-term memory of the user, and a lost state resetting unit cancelling the lost password occurrence state.

Abstract: Methods for managing a local Terminal Equipment (TE) accessing a network are provided. In accordance with this disclosure, the MT will not send the key(s) information to the TE until having received a notice of successful authentication from the TE or having decided that the message forwarded by the TE is a response message of successful authentication, which makes the procedure more reasonable and saves the network resources the method further includes a management list containing the identities of local TEs on the basis of the modified procedure.

Abstract: To allow devices to authenticate to a wide area mobile network when they temporarily do not have a connection to a SIM card and to authenticate the base station and so protect against false base stations, a system is provided where certain authentication credentials are pre-fetched while connection to the SIM card and the authentication subsystem of the wide area mobile network are in signaling connection. These advance credentials are then presented by the devices in authentication requests without requiring access via the mobile network or the connected presence of the SIM card being necessary for successful authentication.

Abstract: A novel method for out-of-band key verification that improves on both the usability and the security of the numeric-code method is provided. The method use portions of the generated keys as inputs to perform procedural image generation to produce a visualization at each of the two devices that the user can visually compare and confirm. This visualization can be a static image or a motion animation. The method can uses more of the key data to generate visualizations with more features to reduce the likelihood of false matches. The method can also use less key data to allow for quicker comparison and confirmation.

Abstract: The claimed subject matter includes techniques for discovering to and connecting to a service controller. The claimed subject matter may disclose a processor and a memory of a service controller to store connection information, an access credential, and an access credential hash. A beacon broadcaster to broadcast the connection information and the access credential hash to a client device, may also be disclosed. The present disclosure may also include an access credential director to send the access credential to an out-of-band communicator. The present disclosure may also include a client connector to receive a connection request from the client device and allow access to a client device based on the client device's use of the connection information.

Abstract: The secure messaging app described herein allows a user to create a secure social feed in order to share content with just a few friends or thousands of recipients. The user encrypts their content and then publishes the encrypted content to the secure social feed. Accordingly, only authorized recipients can decrypt and view the content. Furthermore, the user may administer the secure social feed to manage the addition and/or removal of users from the secure social feed. Further, the user periodically updates the parameters of the secure social feed to manage users' access to the feed.

Abstract: A comprehensive solution for providing secure mobile communication is provided. The system includes techniques for authentication and control of communication end-points; chain of trust to ensure devices are certified as authentic; contact list management; peer-to-peer encrypted voice, email, and texting communication; and a technique for bypassing an IP PBX to ensure high levels of security. The system is able to support use of commodity mobile communication devices (e.g., smart phones, laptops) over public carrier networks.

Abstract: Described here is a wireless network management system and methods that may include the use of Authorized Device Specific SSIDs (ADSSs), Access Point Managers, Registries, and Wireless Enabled Devices (WEDs) for providing a roaming service. Systems described here may include access points which may establish connections with WEDs using suitable SSIDs and credentials, where WEDs may attempt to connect to access points broadcasting suitable SSIDs automatically when in range. Access point hardware of use in systems described in the present disclosure may be able to broadcast multiple SSIDs, publicly or hidden, and may form one or more virtual access points (VAPs) perceivable by WEDs in range of the access point. Multi-region access point systems described here include a registry used to store information about services associated with WEDs, and are able to return the information to Access Points in multiple regions to provide service to the WEDs.

Abstract: The embodiments herein relate to a method performed by an AAA server (113) for enabling a non-SIM device (101b) to access a first network (100a) via a second network (100b). Based on a request for authorization to the first network (100a) from the non-SIM device (101b), the AAA server (113) obtains an identity associated with the non-SIM device (101b). The AAA server (113) transmits a request for a user profile associated with a user of the non-SIM device (101b) to the subscriber database (110). The request comprises the obtained identity for the non-SIM device (101b). The AAA server (113) receives, from the subscriber database (110), the requested user profile for the non-SIM device (101b). Based on the received user profile, the AAA server (113) authorizes the non-SIM device (101b) to access the first network (100a) via the second network (100b).

Abstract: A mobile apparatus communicatively connectable to a display apparatus includes a display screen configured to display a user interface comprising a plurality of user interface windows respectively corresponding to a plurality of applications running on the mobile apparatus. The mobile apparatus also includes a controller configured to control the user interface to display an indication that indicates supportability by the display apparatus of the plurality of applications running on the mobile apparatus in response to receiving a synchronizing request for synchronizing with the display apparatus.

Abstract: An authentication server transmits a random number to and receives a other information from a service provider. Later, the first random number is received from a requester and a provider identifier, the received other information and provider authentication policy requirements are transmitted to the requester. A user identifier and validation information are received from the requester. The received validation information is determined to correspond to the provider authentication policy requirements, and compared with stored user validation information associated with the received user identifier to authenticate the requester. A message, including both the random number and other information, signed with a credential of the requesting user is received and transmitted to the first provider.

Abstract: A mobile terminal apparatus checks if a user is a proper user based on the operation of the user and, if the result of authentication is negative, uploads predetermined data, which is part of data stored in a memory, to a predetermined server. After the transmission is completed, the mobile terminal apparatus erases the uploaded data from the memory. It is also possible to instruct the mobile terminal apparatus to upload and erase data from an external source using an electronic mail or a telephone tone signal sequence. This may protect data contained in mobile terminal apparatus that has been lost, from a person who improperly attempts to access the data.

Abstract: Inter-carrier scanning is triggered in a mobile device based at least in part on location thereof. Femto access point (AP) that can serve the mobile device can determine location through cell or sector identifier that is extracted via scan(s) of macro wireless environment of the femto AP. Femto AP can rank extracted sector identifier(s) and establish home macro sector (HMS) identifier(s), and also can generate scanning requirements for idle-mode scan(s) by a mobile device that operates in a HMS and is authorized to access wireless coverage through the femto AP. Scanning requirement(s) can force periodic inter-carrier measurements of a HMS wireless environment, and establish HMS-specific radio link quality threshold(s). Wireless network can receive at least one of HMS identifier(s) and scanning requirement(s) and deliver same to mobile device(s) authorized to exploit wireless coverage through femto AP associated with the HMS ID(s) and the scanning requirement(s).

Abstract: A mobile terminal is disclosed. The mobile terminal includes a touch panel and an input detection part, a display part, a determination part, and an execution part. The input detection part is configured to detect inputs to the touch panel. The display part is configured to display an object corresponding to a lock state in which predetermined processing based on inputs detected by the input detection part is not executed. The determination part is configured to determine whether or not a predetermined input to the object is detected by the input detection part. The execution part is configured to release the lock state and execute predetermined processing if the determination part determines that a predetermined input to the object is detected.

Abstract: Systems and methods for locating a cellular phone are provided. More particularly, systems and methods are provided that allow the location of a requested user's cellular phone to be provided to a requesting user's device (e.g., a second cellular phone) based on access rights defined by the requested user. Location descriptions may be provided at a multitude of levels. For example, if a cellular phone, or an identity associated to (e.g., logged into) a cellular phone, has been given access rights to a cell phone's exact location for an indefinite amount of time, that cell phone can receive, on command, the exact location of the approved cell phone. Other levels of location information that can be granted include, for example, proximities, states, and countries.

Abstract: Disclosed is a mobile terminal including a touch screen display, a camera, a power button and an activation button for turning on the touch screen display. The mobile terminal has a first function and a second function to perform in response to user input and provides user settings for configuring at least one of the first and second functions such that the at least one of the first and second functions is performed along with turning on the touch screen display when pressing of the activation button is detected while the touch screen display is turned off. The mobile terminal is configured to perform the first and second functions depending upon length of pressing of the activation button in addition to turning on the touch screen display.

Abstract: A mobile terminal supporting a voice messaging method includes a microphone for capturing sound waves and converting the sound waves into an audio signal, a storage unit for storing the audio signal, an audio data generation unit for generating audio data packets with the audio signal, a packet data communication network interface unit for providing a packet data communication network, and a control unit for controlling the microphone, audio storage unit, audio data generation unit, and packet data communication network interface unit to capture the audio signal and transmit the audio signal as audio data packets in response to audio message transmission request entered during a mobile messenger service session.

Abstract: A source device for systems and methods of verifying an authentication based on dynamic scoring is disclosed, wherein the source device is configured to receive at least one identification feature from a user, and to communicate the identification feature to a verification unit. The verification unit is configured to generate a base verification score associated with the user based on at least one identification input, the identification input comprising the identification feature, a feature validity rating, and a source device validity rating, to receive a request to access a service, wherein the verification unit compares the base verification score with a service authorization threshold associated with the service, and to grant access to the service when the base verification score meets the service authorization threshold.

Abstract: A method and system for enabling one or more communication services on a wireless device are provided. The method comprises: sending a request for provisioning information from a carrier provisioning system to a device developer provisioning system; receiving, from the device developer provisioning system, secure provisioning information corresponding to the request; and sending the secure provisioning information corresponding to the request from the carrier provisioning system to the wireless device.

Abstract: A communication system according to the present invention includes a plurality of terminal devices that are able to communicate mutually. Each of the terminal devices includes a voice input conversion device, a voice transmitting device, a voice receiving device, and a voice reproducing device. When there is a plurality of voice signals which has not been completed reproduction, the voice reproducing device reproduces after arranging the voice signals so that respective voices corresponding to the respective voice signals do not overlap.

Abstract: Techniques are provided for pushing secure notifications to a mobile computing device. For example, a method for pushing secure notifications includes a push service platform receiving a push notification message request from an entity registered with the push service platform, processing the push notification message request to generate a secure push notification message, and sending the secure push notification message to a target mobile computing device through a native third-party push service associated with the target mobile computing device. The secure push notification message includes a message ID (identifier) that corresponds to message content associated with the push notification message request.

Abstract: Presented herein are techniques for enabling the zero touch deployment of devices having an integrated wireless wide area network (WWAN) interface. In one example, a device with a wireless wide area network interface is initialized and attaches to the wireless wide area network. The device receives, via the integrated wireless wide area network interface, a data message that includes a configuration file for the device. The device extracts the configuration file from the data message and uses the configuration file to perform configuration operations.

Abstract: A picking method includes having in a mobile device data and an application running on the mobile device. An order made up of a number of items to be picked from the warehouse is communicated from a host to a client application of the mobile device. The mobile device provides instructions of a sequence of locations to pick and the items to be picked at each location without further communications from the host. A corresponding picking system is provided.

Abstract: In an image output apparatus for outputting an image supplied from an image supply apparatus, the image supply apparatus and the image output apparatus are connected wirelessly and send and receive data. The state of the wireless connection is determined and the image to be output is changed in accordance with the determined state of the connection.

Abstract: This inventions relates to an identity suspension method and system for a mobile device designed for operation with a subscriber identification module (SIM) card, wherein the mobile device further includes a virtual SIM device. The virtual SIM device acts as a bridge between a remotely located SIM card, and the mobile device. The virtual SIM device can detect when the mobile device requests an identity or when the cellular services provider is attempting to authenticate the identity associated with the mobile device. Should the virtual SIM device sense that the process may not be completed for any reason, the virtual SIM device returns a transient error to the mobile device and effectively present a new “parking” identity to the mobile device using procedures defined in SIM toolkit.