Abstract: Disclosed is a mobile terminal including a touch screen display, a power button and an activation button for turning on the touch screen display. Upon detection of one-time pressing of the activation button while the touch screen display is turned off, the terminal is configured to turn on the touch screen display and perform a fingerprint authentication function in addition to turning on the touch screen display. The touch screen display displays a lock screen thereon as it is turned on in response to the detection of one-time pressing, and the lock screen is displayed on the touch screen display when the fingerprint authentication function is being performed. A lock state of the terminal continues when the fingerprint authentication function fails to authenticate a user, and the lock state is released for enabling other functions of the terminal when the fingerprint authentication function authenticates a user.

Abstract: The present disclosure relates to methods and devices for mitigating the impact from Internet attacks in a Radio Access Network, RAN (10), using Internet transport. This object is obtained by a method performed in a User Equipment, UE (13) associated with the RAN (10) using Internet transport. The method comprises receiving from at least a network node (11, 12, 21, 22, 23) in the RAN (10), information associated with an Internet attack. Obtaining, based on the information, a mitigation action, the mitigation action mitigating the impact of the attack on the RAN service. The method further comprises to perform the obtained mitigation action to mitigate the impact on the RAN service level.

Abstract: A reception unit receives positional information of a terminal device from the terminal device via a base station device that uses at least one of a plurality of channels. A generation unit generates channel information related to a channel in scan processing of the terminal device on the basis of the positional information received by the reception unit. A transmission unit transmits the channel information generated by the generation unit to the terminal device via the base station device.

Abstract: A card registry system is configured to automatically identify financial card information in one or more credit files associated with a consumer and populate a card registry account of the consumer with the identified financial card information. Once the financial card information has been obtained from the credit file(s), the card registry system may transmit cancellation and/or reissuance requests to the respective card issuers in the instance that one or more cards are compromised, so that the financial cards may be easily and efficiently cancelled and/or reissued at the request of the consumer.

Abstract: A home management system comprises a controller configured to determine that a status of a particular mobile device registered with the home management controller is of concern; transmit to the particular mobile device a request notification to enable the registered mobile device to determine a device location in the background; receive a location notification from the particular mobile device in response to the request notification; and based on the received location notification, determine the status of the particular mobile device.

Abstract: A system includes a model generating component to generate a prediction tree model based on training data and an input component to receive input data including a destination in a geographical area. A computation component identifies at least one parking venue or at least one parking space near the destination in the geographical area and to generate at least one parking prediction corresponding to the at least one parking venue or the at least one parking space based at least in part on applying the input data to the prediction tree model. A presentation component presents the at least one parking venue or the at least one parking space and to present the at least one parking prediction to a user.

Abstract: A method and apparatus of acquiring information on a primary radio access technology (RAT) system in a wireless communication system is provided. An entity of a secondary RAT system transmits a request for information on the primary RAT system to a multi-RAT device, and upon transmitting the request, starting a waiting timer which has a default value. If it is determined that the information on the primary RAT system cannot be acquired, by the multi-RAT device, until the waiting timer expires, the entity of the secondary RAT system reconfigures the waiting timer by a fixed value or a dynamic value.

Abstract: A method and apparatus for receiving extended access barring (EAB) parameters in a wireless communication system is provided. A user equipment (UE) receives an EAB parameter, and receives an EAB parameter modification. The received EAB parameter is invalidated upon receiving the EAB parameter modification. The UE also waits for applying EAB until modified EAB parameter is received, and receives the modified EAB parameter.

Abstract: An advanced automatic loop detection apparatus and method in short message service (SMS) two-way messaging is provided. The apparatus may receive a reply message from a mobile device, and detect whether a loop is occurring when the reply message is received from the mobile device.

Abstract: A method for temporarily blocking incoming and outgoing wireless communication is provided with a mobile-phone disrupting unit and a motion sensor in a vehicle. A current speed of the vehicle is monitored with the motion sensor and then a plurality of communication disrupting signals is emitted by the mobile-phone disrupting unit if the current speed of the vehicle exceeds a minimum-speed threshold. When the current speed drops to the minimum-speed threshold or a lower speed, the process of emitting the plurality of disrupting signals is disabled so that the user can utilize the mobile phone. The mobile-phone disrupting unit and the motion sensor is either operatively integrated into the vehicle or housed within a self-containing enclosure.

Abstract: A method and system for a wireless local area network user accessing a fixed broadband network, the method includes: a broadband network gateway (BNG) device initiating an identity authenticating process to an authentication authorization accounting (AAA) server for a wireless local area network (WLAN) user; after the AAA server successfully authenticates the WLAN user, the BNG device acquiring a mobility identifier of the WLAN user from the AAA server; after receiving the mobility identifier of the WLAN user, the BNG device allowing the mobility access of the WLAN user.

Abstract: According to an aspect of the invention, a method for personalizing a secure element for a mobile device is conceived, wherein an application is stored in the secure element and wherein the application is pre-provisioned by loading secure credentials into the application without tying said secure credentials to a specific user of the secure element.

Abstract: An inmate mobile device for communicating with an outsider mobile device is provided. An identity data item, of the device, includes an inmate identifier of an inmate user of the inmate mobile device, a verified data and a restrictions repository. Also included is a media capture module configured to obtain an initial verification data from the inmate user of the inmate mobile device, and an outsider client application configured to receive the initial verification data from the media capture module, determine that the inmate verification data and the inmate verified data match, generate a connection request targeting the outsider mobile device. The connection request includes the inmate identifier of the inmate user and an outsider identifier of an outsider user of the outsider mobile device. The inmate application is also further configured to send the connection request to a server system.

Abstract: A method in a subscriber identity module, a subscriber identity module, a method in a user device and a user device for provisioning of network information is provided. Moreover, a method in a first network node and a first network node for managing network information is provided. The first network node receives a request for the network information, wherein the request comprises information about capabilities of the user device. Next, the first network node generates network information according to a format selected according to the capabilities of the user device. The network information is received by the user device. Next, the user device provisions the network information into the subscriber identity module.

Abstract: A method that incorporates teachings of the subject disclosure may include, for example, storing, by a universal integrated circuit card including at least one processor, a digital root certificate locking a communication device to a network provider, and disabling an activation of the communication device responsive to receiving an indication of a revocation of the stored digital root certificate from a certificate authority, wherein the indication of the revocation of the stored digital root certificate is associated with a revocation of permission for an identity authority to issue a security activation information to the communication device on behalf of the network provide. Other embodiments are disclosed.

Abstract: The present invention relates to base stations, and a terminal. The primary base station execute the following steps, receiving, by a primary base station, security parameter update request information that is sent by a secondary base station and carries an encryption algorithm, wherein the security parameter update request information comprises the encryption algorithm; adding, by the primary base station, the encryption algorithm in the received security parameter update request information to reconfiguration information; sending, by the primary base station, the reconfiguration information carrying the encryption algorithm to a terminal; and receiving, by the primary base station, reconfiguration complete information sent by the terminal. Thereby, the present invention implements a reconfiguration process in a network architecture in which a primary base station is separated from a secondary base station.

Abstract: The embodiment of the present invention provides a method for processing information and method for sending priority information and apparatus. The method for processing information includes: after receiving information sent to a logged-on account, according to the priority information corresponding to the account sent by a network side device, a terminal determining whether the priority thereof is the highest; the priority information comprises the identifiers and priorities of various terminals which log on the account; if yes, starting up a corresponding application program according to the received information; and if no, not starting up the application program corresponding to the received information. The method for sending priority information includes: a network side device determining various terminals which have already logged on the same account; for various terminals logging on the same account, the network side device sending the priority information of the account to various terminals.

Abstract: Mobile device applications may be enabled to function with greater reliability and performance with greater network visibility and control over the network infrastructure. A mobile device may be enabled with multiplexing across physical and virtual network interfaces. The mobile device may communicate with a server to access specific IP cell towers with wireless to wired offload capability. Various devices including drones, blimps, and towers may be enabled with several antenna arrays including 4x4, 8x8, and 16 plus coupled to radio frequency transmit and receive units to enable better coverage for a specific location. Vehicles may be enabled with millimeter wave length communication, WiFi, WLAN, and cellular connectivity. These devices may be enabled to signal one another to describe lane changes, intended movements, potential hazards or likelihood of a crash. The vehicles may be autonomous self-driving vehicles which form a self-driving unit.

Abstract: A data portion of a physical layer (PHY) data unit is generated to include a service field that consists of eight or less bits. When it is determined that the PHY data unit is to be generated according to a first mode of operation of a long range communication protocol, the PHY data unit is generated according to a first format to include the data portion. When it is determined that the PHY data unit is to be generated according to a second mode of operation of the long range communication protocol, the PHY data unit is generated according to a second format to include the data portion, including using a slower clock rate as compared to the first format. The second mode of operation provides longer range communications as compared to the first mode of operation.

Abstract: A method and system for securely monitoring an operating system of a mobile wireless communication device for unauthorized modifications. A secure application is provided on universal integrated circuit card of the mobile wireless communication device. The secure application is configured to control the wireless connectivity of the mobile wireless communication device, and communicate with a wireless communications network. A monitoring application is provided in a trusted sub-processor of the processor of the mobile wireless communication device. A secure communication link is established between the secure application and the monitoring application. A heartbeat token is generated by the trusted sub-processor, based on a modification status for the operating system and at least one system variable. The secure application receives the heartbeat token, and determines that an unauthorized software modification exists based on the heartbeat token.

Abstract: A method of operation of a self-locking mass storage system includes: providing storage media and an inactivity timer; timing a period of read/write inactivity of the storage media using the inactivity timer; comparing the period of read/write inactivity against a preset maximum idle time; locking access to the storage media when the period of read/write inactivity exceeds the preset maximum idle time; and, resetting the period of read/write inactivity following read/write activity while the self-locking mass-storage system is in an unlocked state.

Abstract: A control panel is used to control and/or monitor an automation system. The automation system may also be used in connection with one or more enhanced services, such as a remote access service. The remote access service may allow a user to control or monitor some or all aspects of the automation system through a remote computing device. To use the remote access service, or other enhanced services, the user may register to associate the user with the control panel of the automation system. If it is determined that the user has not registered, the service provider may send a message to the control panel. The message may prompt the user to register for the enhanced service. Optionally, contact information may be requested to allow a message to be sent to a personal device of the user to facilitate registration or use of the enhanced service.

Abstract: A car control system is disclosed. The car control system for controlling a car by being linked with a car control device (electronic control unit, ECU) that is installed inside the car for electronic control of the car can include: an authentication server configured to perform access authentication for a user terminal and configured to generate an authentication result based on least one of terminal information of the user terminal and vehicle identification information; and a car access device configured to be directly connected with the car control device through an internal network of the car and configured to determine whether a car control request for control of the car by the user terminal is to be relayed to the car control device according to the authentication result of the user terminal.

Abstract: Confusion between service providers due to the technical limitation of a GPS sensor included in a wireless communication device of a service user is avoided. A data transmission device connected to a server and for transmitting visit data to a wireless communication device is disclosed. The data transmission device may include a button part, when pressed, for transmitting to the server visit data of the wireless communication device; and touch screen touching parts connected to the button part so as to input an electrical signal to a touch screen of the wireless communication device. The visit data may be transmitted to the wireless communication device from the server when the button is pressed and an electric signal is input to the touch screen. The at least one touch screen touching part may include a plurality of touch screen touching parts, and each of the data transmission devices in a predetermined area may have different layouts of the touch screen touching parts.

Abstract: A communication network includes an instructor wireless communication device and a plurality of student wireless communication devices, which may be conventional smartphones. The student devices do not communicate with the wireless service provider, but communicate with the instructor device in the classroom via a short-range communication network established between the student devices and the instructor device directly or via an access point. In one embodiment, communication with the cellphone network service provider is cut off by disabling the network transceiver in each student device. The instructor device can exchange question and answer data with the student devices. The system can be configured to provide security in student responses to prevent potential cheating. Student answers may be automatically collected, collated, and graded. The answers are accompanied by an ID that uniquely identifies each student.

Abstract: In accordance with one example embodiment of the present invention a method is provided for adapting and customizing the attributes and the functionalities of a connected object according to preferences, settings and permissions associated with a user paired with said connected object. In some implementations, at least part of the inputs and adjustments imparted by said user to said connected object via an input/output user interface could seamlessly translate into other connected objects that belong to the same class and are paired with said user. In other implementations, the pairing of connected target objects with user IDs provides novel functionalities.

Abstract: Embodiments of the invention are directed at an enhanced data interface (EDI) for contactless communications between a mobile application operating on a mobile device and an access device (e.g., contactless reader) that allows for enhanced verification between the mobile device and access device. One embodiment of the invention is directed to a method. The method comprises a mobile device receiving a request for available applets from an access device and providing a list of available applets including trusted applet identifiers and untrusted applet identifiers to the access device. The method further comprises receiving a selection of an untrusted applet identifier from the list and an entity identifier associated with the access device, validating that the access device is authorized to access credentials associated with the selected untrusted applet identifier using the entity identifier, and providing the credentials associated with the selected untrusted applet identifier to the access device.

Abstract: A method and apparatus for intersystem mobility security context handling between different radio access networks which can include a receiver configured to receive a tracking area update message from a user terminal. The message can include a first key identifier configured to identify a mapped security context and a second key identifier configured to identify a cached security context. A verifier can be configured to verify the tracking area update message with a key identified by the first or second key identifier.

Abstract: The present disclosure relates to methods and devices for mitigating the impact from Internet attacks in a Radio Access Network, RAN, using Internet transport. This object is obtained by a method performed in network node in a RAN, using Internet transport. The method comprises obtaining intrusion detection information informing the network node that the RAN is under attack. The method further comprises selecting, based on the intrusion detection information, a mitigation action, the mitigation action mitigating the impact of the attack on the RAN service. Further the method comprises performing the selected mitigation action to mitigate the impact on the RAN service level.

Abstract: Techniques of detecting telecom fraud involve applying a combination of real-time data analysis and risk models typically used in authentication applications to phone call metadata that is streamed to a database server on a continual basis to derive phone usage patterns as the database server receives the phone usage data. The database server then compares the derived phone usage patterns to patterns of fraudulent phone usage in order to detect SIM box or SIM cloning fraud in the streamed data. A comparison result that indicates the likelihood of such fraud in a vast set of phone calls may take the form of a risk score derived using risk models typically found in authentication applications.

Abstract: A mobile communications device receives and handles an encoded message. State data about the encoded message is generated based upon a first access of the encoded message. The device stores the generated message state data in a cache of the mobile communications device; generates a message indicator based upon the message state data stored in the cache of the mobile device; and processes the encoded message on a background thread running on the mobile device. The process determines that a message state change has occurred since the message was last opened and provides an updated message indicator to a user of the mobile device that reflects the message state change.

Abstract: A mobile user device, configured to communicate over a wireless medium and a corresponding computer-implemented method is described. The mobile user device in one embodiment may comprise a near field communication interface for at least sending response information to a receiver in one or more near field transmissions; and a communication control module, connected with said near field communication interface. To improve the security of the mobile user device, the communication control module is configured to control whether said response information is sent by said near field communication interface in dependence of at least a communication safety parameter.

Abstract: A server holds correspondence information in which a device identifier of a device for which an authentication process is successful and area network information concerning an area network including a controller are associated with each other. In the case where the authentication process is successful, the device holds area network information concerning an area network including a controller for which authentication is successful. In response to a connection request from a new device, the server checks whether an identifier of the new device is registered in the correspondence information. If the identifier is registered, the server determines whether the area network information associated with the identifier matches the area network information held by the new device. If the pieces of information do not match, the server detects the new device as an unauthorized device.

Abstract: RFID-to-Bluetooth selective adapter with multiple RFID integrated chips mounted on RFID elevator controller, having customized RFID transponders, a bluetooth module, and an extended I/O connector is disclosed. Customized RFID transponders include RFID Integrated chips, RFID sensor coils, and a SPNT switch. Extended I/O connector is configured to allow connection of customized RFID transponders by coupling to SPNT switches. Bluetooth module instructs which one of SPNT switches is to be opened or closed, which then connects one RFID sensor coil with one corresponding RFID Integrated chip, while other RFID sensor coils and remaining RFID Integrated chips are disconnected. Selection criteria of chosen RFID IC by Bluetooth module is in accordance with preconfigured allocated access right given to each user by an administrator and is programmed on flash memory, EEprom memory of Bluetooth module, in APP, or on cloud authentication server. More than one customized RFID transponder can be chained together.

Abstract: In a monitoring camera system, a master device registers a smart phone and a wireless router therein in advance. If sensor detection information is received from a human sensor, the master device requests a monitoring camera to transmit image/audio data, and sends image/audio data transmitted from the monitoring camera to the smart phone via the wireless router. The smart phone displays the image data sent from the monitoring camera on a touch panel.

Abstract: A server computer system identifies a request from an application hosted on a mobile device to consume a protected resource hosted by a cloud. The request is transmitted via a resource authorization protocol. The server computer system identifies a token state of an application on the mobile device. The token state is stored in a policy data store that is separate from expiration data that is stored on an access token on the mobile device. The server computer system determines whether the token state violates a security policy that is associated with a user that is assigned to the mobile device and prevents consumption of the protected resource in response to a determination that the token state violates the security policy. The server computer system allows consumption of the protected resource in response to a determination that the token state does not violate the security policy.

Abstract: Various methods are provided for facilitating a software smart card environment consisting of multiple virtual UICCs (vUICC). One example method may comprise determining the location of one or more applications stored on a plurality of vUICCs, wherein the plurality of vUICCs are hosted in a secure environment. The method may also comprise receiving a request from a terminal application to execute an application of the one or more applications stored on the plurality of vUICCs. The method may further comprise determining a vUICC identification relating to the requested application. The method may further comprise causing a logical channel to be established with the requested application on a vUICC using the determined vUICC identification. Similar and related example apparatuses and example computer program products are also provided.

Abstract: The present invention relates to a system and method for processing a lost password by selectively providing a reset process under the password in the long-term memory of the user. According to the present invention, the system includes a user terminal including: a long-term memory condition registration unit receiving the registration of long-term memory conditions; a long-term condition determination unit determining the long-term memory conditions are satisfied; a user identification unit, after the occurrence of a lost password, authenticating the user through a user identification verification scheme or through a enhanced user identification verification scheme whether or not the password resides in the long-term memory of the user, and a lost state resetting unit cancelling the lost password occurrence state.

Abstract: A device and software utilizing Global Positioning Satellite (GPS) technologies for monitoring and recovering portable computing devices and, a method and system for acquiring such devices, protecting data on such devices, and for compensating owners of devices. A GPS mechanism of the invention provides real time tracking of missing devices that may be coordinated with security agencies to intercept and recover missing computing devices. When a stolen device is unrecoverable, the invention may receive a signal to initiate data recovery where a wireless network is available to recover data for the owner. Alternatively, the GPS mechanism instructs the device to encrypt or destroy stored data files to prevent commercial espionage or privacy violations. The invention discloses a software system and method for computing a purchase price of the GPS mechanism, computing compensation for loss of the device and lost data.

Abstract: Machine-to-machine (M2M) devices are used to enable the automatic collection of fingerprint data without human intervention at various locations in a wireless communication system. A location server receives fingerprint data collected by one or more M2M devices positioned at fixed locations in the wireless communication system, and stores the fingerprint data received for each of the one or more M2M devices in the location database to associate the received fingerprint data with the fixed location of the corresponding M2M device. The collected fingerprint data characterizes the radio environment at the fixed location of the corresponding M2M device, where each M2M device corresponds to one fixed location in a fingerprint grid.

Abstract: The invention relates to a method for enabling post issuance operation on a secure element connectable to a communication device. The method allows an SE controlling party to perform remotely operations such as creation of new security domains for an external party, loading, and installation of applications of an external party and management functions including personalization and activation of applications loaded on the SE for an external party. The method includes the steps of: collecting data stored on the SE suitable for identification of the SE and data for contacting the SE controlling party; creating an initial data packet from the collected data, sending the data packet to a party which can be the external party, an agent of the external party, the SE controlling party, an agent of the SE controlling party. The invention further relates to a communication device and a software application for implementing the method.

Abstract: Methods for managing a local Terminal Equipment (TE) accessing a network are provided. In accordance with this disclosure, the MT will not send the key(s) information to the TE until having received a notice of successful authentication from the TE or having decided that the message forwarded by the TE is a response message of successful authentication, which makes the procedure more reasonable and saves the network resources the method further includes a management list containing the identities of local TEs on the basis of the modified procedure.

Abstract: To allow devices to authenticate to a wide area mobile network when they temporarily do not have a connection to a SIM card and to authenticate the base station and so protect against false base stations, a system is provided where certain authentication credentials are pre-fetched while connection to the SIM card and the authentication subsystem of the wide area mobile network are in signaling connection. These advance credentials are then presented by the devices in authentication requests without requiring access via the mobile network or the connected presence of the SIM card being necessary for successful authentication.

Abstract: A novel method for out-of-band key verification that improves on both the usability and the security of the numeric-code method is provided. The method use portions of the generated keys as inputs to perform procedural image generation to produce a visualization at each of the two devices that the user can visually compare and confirm. This visualization can be a static image or a motion animation. The method can uses more of the key data to generate visualizations with more features to reduce the likelihood of false matches. The method can also use less key data to allow for quicker comparison and confirmation.

Abstract: The claimed subject matter includes techniques for discovering to and connecting to a service controller. The claimed subject matter may disclose a processor and a memory of a service controller to store connection information, an access credential, and an access credential hash. A beacon broadcaster to broadcast the connection information and the access credential hash to a client device, may also be disclosed. The present disclosure may also include an access credential director to send the access credential to an out-of-band communicator. The present disclosure may also include a client connector to receive a connection request from the client device and allow access to a client device based on the client device's use of the connection information.

Abstract: A comprehensive solution for providing secure mobile communication is provided. The system includes techniques for authentication and control of communication end-points; chain of trust to ensure devices are certified as authentic; contact list management; peer-to-peer encrypted voice, email, and texting communication; and a technique for bypassing an IP PBX to ensure high levels of security. The system is able to support use of commodity mobile communication devices (e.g., smart phones, laptops) over public carrier networks.

Abstract: The secure messaging app described herein allows a user to create a secure social feed in order to share content with just a few friends or thousands of recipients. The user encrypts their content and then publishes the encrypted content to the secure social feed. Accordingly, only authorized recipients can decrypt and view the content. Furthermore, the user may administer the secure social feed to manage the addition and/or removal of users from the secure social feed. Further, the user periodically updates the parameters of the secure social feed to manage users' access to the feed.

Abstract: The embodiments herein relate to a method performed by an AAA server (113) for enabling a non-SIM device (101b) to access a first network (100a) via a second network (100b). Based on a request for authorization to the first network (100a) from the non-SIM device (101b), the AAA server (113) obtains an identity associated with the non-SIM device (101b). The AAA server (113) transmits a request for a user profile associated with a user of the non-SIM device (101b) to the subscriber database (110). The request comprises the obtained identity for the non-SIM device (101b). The AAA server (113) receives, from the subscriber database (110), the requested user profile for the non-SIM device (101b). Based on the received user profile, the AAA server (113) authorizes the non-SIM device (101b) to access the first network (100a) via the second network (100b).

Abstract: Described here is a wireless network management system and methods that may include the use of Authorized Device Specific SSIDs (ADSSs), Access Point Managers, Registries, and Wireless Enabled Devices (WEDs) for providing a roaming service. Systems described here may include access points which may establish connections with WEDs using suitable SSIDs and credentials, where WEDs may attempt to connect to access points broadcasting suitable SSIDs automatically when in range. Access point hardware of use in systems described in the present disclosure may be able to broadcast multiple SSIDs, publicly or hidden, and may form one or more virtual access points (VAPs) perceivable by WEDs in range of the access point. Multi-region access point systems described here include a registry used to store information about services associated with WEDs, and are able to return the information to Access Points in multiple regions to provide service to the WEDs.

Abstract: A mobile apparatus communicatively connectable to a display apparatus includes a display screen configured to display a user interface comprising a plurality of user interface windows respectively corresponding to a plurality of applications running on the mobile apparatus. The mobile apparatus also includes a controller configured to control the user interface to display an indication that indicates supportability by the display apparatus of the plurality of applications running on the mobile apparatus in response to receiving a synchronizing request for synchronizing with the display apparatus.