Abstract: Methods, devices, and systems are provided for optimizing the dissemination of information in various types of systems such as an access control system. More specifically, there are provided herein various mechanisms to provide a modified agent path such that an agent following the modified agent path, may update at least one non-networked reader. The update of the at least one non-networked reader not occurring if the agent follows an unmodified agent path.

Abstract: The present disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates Beyond 4th-Generation (4G) communication system such as Long Term Evolution (LTE). A method for communicating by a user equipment with a macro cell base station and a small cell base station in a communication system is provided. The method comprises applying a first base station security key to a first communication link with the macro cell base station; generating a second base station security key to be used for a second communication link with the small cell base station based on the first base station security key; applying the second base station security key to the second communication link with the small cell base station; and communicating through at least one of the first communication link and the second communication link.

Abstract: A system and method are described for reducing traffic when connecting an Internet of Things (IoT) device to an IoT hub. For example, one embodiment of a system comprises: an Internet of Things (IoT) device comprising a wireless communication module to establish communication with a plurality of IoT hubs over local wireless communication channels, advertising control logic to transmit first advertising beacons to the plurality of IoT hubs indicating that the IoT device is connectable; each of the IoT hubs to attempt to connect with the IoT device to provide commands and/or data to the IoT device, the IoT device to establish a connection with a first IoT hub of the plurality of IoT hubs to receive the commands and/or data from the first IoT hub; and the advertising control logic to begin transmitting a second advertising beacon to the IoT hubs indicating that the IoT device is not connectable after establishing the connection with the first IoT hub.

Abstract: Novel tools and techniques are provided for implementing self-organizing mobile networks (“SOMNETs”) of drones and platforms. In various embodiments, a computing system might receive first data from each of a plurality of vehicles; might receive second data from each of a plurality of platforms; might analyze the first data to determine a status of each vehicle; and might analyze the second data to determine a status of each platform. Based at least in part on the analyzed first and second data, the computing system might generate at least one of first control instructions to at least one first vehicle of the plurality of vehicles or second control instructions to at least one first platform of the plurality of platforms that respectively cause the at least one first vehicle to perform one or more first actions or cause the at least one first platform to perform one or more second actions.

Abstract: A malicious party may attempt to avoid a mobile network operator (MNO) contract involved with subsidy-lock by inserting an interfering piece of hardware called a proxy SIM in a device. The device provided herein uses an authentication technique to guard against a proxy-SIM attack. The device includes a secure element (SE) with subscriber identity module (SIM) functionality present on the SE. The device sends the SE a nonce to be signed over. The SE signs using a public key infrastructure (PKI) private key of the SE and provides a response. The device evaluates whether the response contains a valid signature. If the validation is successful, the device relies on SIM data provided in the response to continue with activation of the device, so that the device can provide services under the MNO contract. If the validation fails, the device will not attempt to access network services with the SIM functionality.

Abstract: A communication device for handling multiple cellular radio operations in a wireless communication system comprises a storage device for storing instructions and a processing circuit coupled to the storage device. The processing circuit is configured to execute the instructions stored in the storage device. The instructions comprise transmitting a first user equipment (UE) capability to a first network, when the communication device attaches to the first network; and transmitting a second UE capability to the first network, when the communication device attaches to the first network and a second network, wherein the second UE capability is different from the first UE capability.

Abstract: The present disclosure relates to authenticating transactions based on actions performed on a merchant and a customer device. An example method generally includes receiving, from a point of sale system, data identifying a transaction, wherein the data includes a merchant identifier and a payment account identifier. A transaction system determines, based on the merchant identifier and the payment account identifier, a merchant device and a customer device on which user movement recording is to be activated; and instructs the merchant device and customer device to activate movement recording. The transaction system receives merchant movement data describing a recorded user movement performed using the merchant device and customer movement data describing a recorded user movement performed using the customer device.

Abstract: In one embodiment, a technique including receiving, from a client system of a user, a first location of the client system. The technique further including receiving, from the client system, an ID of an access point detected by the client system. The technique also including accessing, by the one or more computing devices, an index to determine a second location of the access point based on the ID. The technique further including determining, by the one or more computing devices, a refined location of the client system based on the first location and the second location. The technique also including generating, by the one or more computing devices, a prioritized list of regions based on the refined location and user data. The technique further including transmitting, by the one or more computing devices, information associated with the prioritized list of regions to the client system.

Abstract: For security purposes, a limited profile SIM, card which preferably does not permit voice communications is provided. For example, the card might support only SMS-type communications. During installation, when the SIM card is initially inserted, or installed in a respective product, a smart phone, table or laptop computer for example, the SIM card pairs with, or becomes bonded to, the product. That card cannot be used subsequently with any other gsm-type module. Responsive to the evaluation at the server, the server transmits a request to operator services for a selected network, for example a GSM 3G or 4G cellular-type communications network. This request can include information as to the SIM card, product and end user for the network along with a request that the profile of the SIM card be modified to include any and all services to be provided, such as voice and/or data. The end user information can be stored in a communications system data base.

Abstract: A security capability negotiation method is applicable to perform security capability negotiation during a mobile network handover. Moreover, a security capability negotiation system is also provided. Consistent with the provided system and method, it may be unnecessary for the MME to know the security capability of the corresponding eNB in a certain manner during a handover from a 2G/3G network to an LTE network. Meanwhile, during the handover from the LTE network to the 3G network, the SGSN does not need to introduce new requirements.

Abstract: A method for operation of a deception management server, for detecting and hindering attackers who target containerized clusters of a network, including learning the network environment, including finding existing container instances, finding existing services and relationships, extracting naming conventions in the environment, and classifying the most important assets in the environment, creating deceptions based on the learning phase, the deceptions including one or more of (i) secrets, (ii) environment variables pointing to deceptive databases, web servers or active directories, (iii) mounts, (iv) additional container instances comprising one or more of file server, database, web applications and SSH, (v) URLs to external services, and (vi) namespaces to fictional environments, planting the created deceptions via a container orchestrator, via an SSH directly to the containers, or via the container registry, and issuing an alert when an attacker attempts to connect to a deceptive entity.

Abstract: Endpoints in a computer network create connections to a deception server without sending any payload data. The connections create records of the connection on the endpoints, by which an attacker accesses the deception server. Received packets that include payload data are determined to be unauthorized. The deception server acquires IP addresses in various VLANS and provides these IP addresses to the endpoints over a secure channel. The connections from the endpoints to the deception server are not performed on the secure channel. IP addresses acquired by the deception server are not assigned to an interface. Instead, NAT is used to route packets including the IP addresses to various engagement servers. Each IP address is assigned a unique hostname in order to appear as multiple distinct servers. The deception server further generates broadcast traffic to generate other records that may be used to lure an attacker to the deception server.

Abstract: A computer detects a user computing device when the user enters the store and receives the user's purchase history and preference information from a database. The computer receives a list and/or recipe that the user inputs into the application. This list and/or recipe is a list of items that the user plans to purchase. The computer identifies an item on the list, determines whether the item is in stock, and generates a route through the store so the user will reach each item on his list. The computer transmits the route to the user's computing device to be displayed.

Abstract: A smart home interaction system is presented. It is built on a multi-modal, multithreaded conversational dialog engine. The system provides a natural language user interface for the control of household devices, appliances or household functionality. The smart home automation agent can receive input from users through sensing devices such as a smart phone, a tablet computer or a laptop computer. Users interact with the system from within the household or from remote locations. The smart home system can receive input from sensors or any other machines with which it is interfaced. The system employs interaction guide rules for processing reaction to both user and sensor input and driving the conversational interactions that result from such input. The system adaptively learns based on both user and sensor input and can learn the preferences and practices of its users.

Abstract: Aspects of the subject disclosure may include, for example, a method comprising authenticating, by a server comprising a processor, a communication device to a first communication network, in accordance with authentication information stored in a first repository of the first communication network. The method also comprises determining, by the server, that a second communication network is accessible to the communication device. The method further comprises providing, by the server, the authentication information to a second repository of the second communication network in accordance with the determining, wherein the providing is performed independently of a request from the second communication network. Other embodiments are disclosed.

Abstract: A dual-mode mobile device and a method for coordinating calls for the dual-mode mobile device over a first and second connection within a controlled environment is disclosed. The method includes communications between a monitoring server and the dual-mode mobile device over the first connection while the dual-mode mobile device conducts the call over the second connection. The monitoring server transmits control messages to the dual-mode mobile device to control operations of the dual-mode mobile device and establishment of the call and also monitors operations of the dual-mode mobile device as well as the communications transmitted and received by the dual-mode mobile device during the call.

Abstract: A method and a device for a coordinated beamforming for overlapping BSS (OBSS) in WLAN are shown. In an embodiment the method includes transmitting, by a first access point (AP) of the plurality of APs, to other APs of the plurality of APs a first coordinated beamforming (CB) announcement message, wherein the first CB announcement message includes an identifier (ID) of the first AP, an ID of each station (STA) associated with the first AP, and a beamforming capability information of the first AP and receiving, by the first AP, a second CB announcement message from a second AP of the plurality of APs.

Abstract: A system for protecting personal data contained on an RFID-enabled device, suitable for use with an RFID system including an RFID reader configured to extract information from an RFID chip associated with the RFID-enabled device, includes a personal data protection system including a personal data protection device configured to prevent reading of the RFID chip associated with an RFID-enabled personal item.

Abstract: A communication apparatus may cause a display to display a first inquiry message in a case where an apparatus search signal is received from an external apparatus, the apparatus search signal being for searching a target apparatus which is to establish a wireless connection with the external apparatus, and the first inquiry message being for inquiring a user whether a particular wireless connection is to be established between the communication apparatus and the external apparatus. The communication apparatus may establish the particular wireless connection between the communication apparatus and the external apparatus in a case where it is selected by the user, in response to the first inquiry message, that the particular wireless connection is to be established.

Abstract: According to an embodiment, an update control apparatus is to control update of software in a terminal connected to a network. The update control apparatus includes a first communication circuit, a second communication circuit, and a processor. The first communication circuit is configured to communicate with a server located outside the network. The second communication circuit is configured to communicate with the terminal through the network. The processor is configured to: receive update data to update the software from the server using the first communication circuit; transmit the update data to the terminal, as well as receive an update result indicating whether update of the software has succeeded, together with verification data, from the terminal using the second communication circuit; and verify, using the verification data, whether the update result is proper data.

Abstract: A computer detects a user computing device when the user enters the store and receives the user's purchase history and preference information from a database. The computer receives a list and/or recipe that the user inputs into the application. This list and/or recipe is a list of items that the user plans to purchase. The computer identifies an item on the list, determines whether the item is in stock, and generates a route through the store so the user will reach each item on his list. The computer transmits the route to the user's computing device to be displayed.

Abstract: A first terminal initiates a communication session with a second terminal by sending a first session request to a server for initiating a communication channel with the second terminal, receiving a first session response from the server, said first response including an identifier for a session channel and data relevant to the second terminal, sending a second session request to the second terminal including an identifier for the first terminal, receiving a third session response from the second terminal, and establishing a connection over the session channel.

Abstract: A system and method for recognizing patterns in wireless device locations using wireless device location data derived from a communications signaling network is provided. By using wireless network supported signaling operations and messages, location data concerning the whereabouts of wireless devices, and hence wireless device users, may be obtained. The location data derived from communications signaling network may be statistically analyzed to reveal potential geographic patterns that may indicate meaningful behaviors of the purported users of the wireless devices.

Abstract: A profile server provides a communication profile for communication via a communication network. The communication profile is assigned to a subscriber identity module. The profile server includes: a database, configured to store a plurality of subscriptions comprising a plurality of identifications, wherein an identification is assigned to each subscription, and wherein each subscription comprises subscription data for generating a communication profile; a communication interface, configured to receive an identification from the subscriber identity module; and a processor, configured to call up a subscription from the database, wherein the subscription is assigned to the received identification, to extract subscription data from the called up subscription, and to generate the communication profile based on the extracted subscription data.

Abstract: The invention is a method for managing profiles in a secure element that has several profiles comprising files organized in respective logical tree structures comprising respective root files. The root files have identifiers whose values are different from 0x3F00 and the method comprises the step of enabling browsing of the logical tree structure comprising a targeted root file in response to the receipt of a Select file command aiming at selecting said targeted root file.

Abstract: A system and method for establishing a pairwise temporal key (PTK) between two devices based on a shared master key and using a single message authentication codes (MAC) algorithm is disclosed. The devices use the shared master key to independently compute four MACs representing the desired PTK, a KCK, and a first and a second KMAC. The Responder sends its first KMAC to the Initiator, which retains the computed PTK only if it verifies that the received first KMAC equals its computed first KMAC and hence that the Responder indeed possesses the purportedly shared master key. The Initiator sends a third message including the second KMAC to the Responder. The Responder retains the computed PTK only if it has verified that the received second KMAC equals its computed second KMAC and hence that the Initiator indeed possesses the purportedly shared master key.

Abstract: An identity verification method includes: receiving an identity verification instruction from a server; in response to the identity verification instruction, determining local hardware information of local hardware and first pre-stored mobile phone number information, wherein the first pre-stored mobile phone number information is mobile phone number information pre-stored locally; sending, to the server, the local hardware information and the first pre-stored mobile phone number information as identity information to be verified; and receiving a verification result generated by the server based on the identity information to be verified. The technical solutions according to the disclosure can simplify operations for identity verification.

Abstract: A system and method operate on a first electronic device and a second electronic device. The first device has a control system and a cryptographic communications module. The second device has a key generator, a user interface, and a cryptographic communications module. The second device generates a single-mission cryptographic key that is securely programmed into the first device, and the first device is deployed to a remote location. The user interface receives a command for controlling the first device. The second device encrypts the command according to the cryptographic key, and transmits the encrypted command to the first device. The first device authenticates the command, decrypts it, and passes the decrypted command to the control system. The first device may be actively guided ordnance, and the second device may be a control element for controlling the actively guided ordnance. The key may be automatically obfuscated upon mission completion or termination.

Abstract: A component for processing a datum requiring protection, which component implements at least one security function for protecting the datum requiring protection, and a method for implementing a security function for protecting a datum requiring protection in such a component. The datum requiring protection is assigned to a protection target class. The security function includes at least one protective measure from a selection of protective measures associated with the protection target class.

Abstract: A communication method and a system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for internet of things (IoT) are provided. The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. A system and a method for validating authenticity of a base station and/or information received from the base station are provided.

Abstract: A mobile terminal includes a wireless communication unit configured to perform wireless communication with an artificial intelligence device, an artificial intelligence unit configured to recognize a loss state of the mobile terminal if information included in a signal received from the artificial intelligence device indicates the loss state of the mobile terminal and to generate a control signal for switching an operation mode of the mobile terminal according to the recognized loss state, and a controller configured to set the operation mode of the mobile terminal to a loss mode for restricting use of the mobile terminal according to the generated control signal.

Abstract: A method, computer program product, and computer system directed toward identification of potential social engineering activity associated with at least a portion of a communication on a communication channel based upon, at least in part, a match between a first set of audio features with a second set of one or more audio features. The first set of one or more audio features are extracted from at least a portion of a communication on a communication channel. The first set of one or more audio features from at least a portion of the communication are compared to a second set of one or more audio features to determine that at least a portion of the first set of audio features matches the second set of one or more audio features.

Abstract: A computer-implemented method for preventing tracking of mobile devices may include (1) identifying, from a first device with wireless networking capability, an initial service set identifier used by the first device as identification for a wireless network, where a second device with wireless networking capability also uses the initial service set identifier, (2) determining, based at least in part on a time indicator at the first device, that the initial service set identifier is to be changed, (3) generating a new service set identifier for use by the first device instead of the initial service set identifier, where the new service set identifier is generated with an identifier generation algorithm that is also used by the second device, and (4) replacing use of the initial service set identifier by the first device with use of the new service set identifier. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Novel tools and techniques are provided for implementing self-organizing mobile networks (“SOMNETs”) of drones and platforms. In various embodiments, a computing system might receive first data from each of a plurality of vehicles; might receive second data from each of a plurality of platforms; might analyze the first data to determine a status of each vehicle; and might analyze the second data to determine a status of each platform. Based at least in part on the analyzed first and second data, the computing system might generate at least one of first control instructions to at least one first vehicle of the plurality of vehicles or second control instructions to at least one first platform of the plurality of platforms that respectively cause the at least one first vehicle to perform one or more first actions or cause the at least one first platform to perform one or more second actions.

Abstract: In some embodiments, a first server computer may be provided. The first server computer may comprise a processor and a computer readable medium coupled to the processor. The computer readable medium may include code executable by the processor for implementing a method. The method may include the step of electronically receiving an authorization request message that includes a first device verification value from a merchant for a first transaction, where the first device verification value may have been received by the merchant from a mobile device based on an interaction between the mobile device and an access device. In some embodiments, the mobile device may have received the first verification value based on a first request. The method may further include the step of determining by a data processor if the first device verification value corresponds to a stored device verification value.

Abstract: Systems and methods for providing secure communications in an open network are provided. One method can comprise storing first information associated with a user device and a first network device. The first network device can be at a first location and can be configured to establish a secure connection between the user device and a first network. The user device can be detected via a second network device. A secure connection between the user device and a second network can be established via the second network device based upon at least a portion of the first information.

Abstract: A portable terminal with a body having a front surface with a display unit and rear surface including a rear password input device provided on a rear surface of the body, which is opposite to the display device, to receive a password for setting or releasing of use restriction, a storage device that stores the input password for the setting of the use restriction, and a control device that determines the releasing of the use restriction by comparing the password for the releasing of the use restriction, which is input into the rear password input device, with the stored password for the setting of the use restriction. The input of the password for the setting or the releasing of the use restriction is prevented from being exposed to other persons, so that the security of the portable terminal is remarkably improved.

Abstract: A method of detecting telephony fraud in the case of a mobile telephony device roaming at a visited network, the visited network being other than a home network of said mobile telephony device, cross-network triggering being available between said visited network and said home network. The method comprises detecting a non-correlation between said cross-network triggering and activity of said mobile telephony device, testing to find out if profile manipulation has taken place of a profile of said mobile telephony device held at said visited network, and upon detecting that profile manipulation has taken place taking remedial action such as blocking current calls and overwriting the manipulated profile.

Abstract: In some aspects, a method for configuring channel access parameters in a wireless communication system includes determining, at an access point, an enhanced distributed channel access (EDCA) parameter for a first subset of stations of a plurality of stations, the first subset of stations capable of transmitting multi-user uplink transmissions. The method further includes generating an information element including the EDCA parameter. The method further includes transmitting the information element such that the information element is decodable by the first subset of stations and not by a second subset of stations of the plurality of stations.

Abstract: Methods, systems, and devices for enhanced neighbor discovery through enhanced automatic neighbor relations (ANR) and for detecting cell identifier confusion and are described. Neighboring base stations may provide information to one another, including using ANR, that may avoid or help to resolve cell identity confusion. For example, a NHN-ID may be defined to avoid or resolve cell identify confusion. A wireless device, such as a base station or a user equipment (UE), may determine whether neighboring cells are using a common cell identifier and may adjust operations accordingly. For example, a device may detect physical cell identity (PCI) confusion by determining whether two neighboring cells have the same PCI and different Evolved Universal Terrestrial Access Network (E-UTRAN) Cell Global Identifiers (ECGIs) or different Neutral Host Network Identifier (NHN-IDs). A network entity may then inform the neighboring cells having the same PCI of the confusion.

Abstract: This application discloses a method of provisioning an electronic device. The electronic device proactively broadcasts an advertising packet that includes a device identifier associated with the electronic device. A server receives the device identifier via a client device, and issues a link approval response when it verifies that the electronic device associated with the device identifier is available for provisioning in association with a user account. In response to the link approval response, the electronic device and the client device establish communication via a short range wireless link. The client device encrypts at least a portion of network credentials of a secure wireless network using a password key generated at the server, and provides the encrypted network credentials to the electronic device. The electronic device decrypts the encrypted network credentials using a key generated at the electronic device, and accesses the secure wireless network using the decrypted network credentials.

Abstract: A card registry system is configured to automatically identify financial card information in one or more credit files associated with a consumer and populate a card registry account of the consumer with the identified financial card information. Once the financial card information has been obtained from the credit file(s), the card registry system may transmit cancellation and/or reissuance requests to the respective card issuers in the instance that one or more cards are compromised, so that the financial cards may be easily and efficiently cancelled and/or reissued at the request of the consumer.

Abstract: In a call forwarding system, a management apparatus of the call forwarding system determines service terminals capable of near field wireless communication within a reception range of near field wireless communication, generates a terminal list, and receives a call event message reporting the receipt of a call from a reference terminal. The management apparatus may transmit a call report message including the terminal list to the reference terminal and the service terminals. The management apparatus may forward the call initially received by the reference terminal to a terminal which transmitted a receipt request message by transmitting a call forwarding request message to the reference terminal. The management apparatus may transmit, to the reference terminal and the service terminals, a receipt report message reporting the call was forwarded. According to a change receipt message or upon non-receipt by an intended terminal, the call may be reforwarded to another terminal.

Abstract: A method for operating a station when discovering a service includes generating a first identifier of the service, generating a second identifier of the service in accordance with a first parameter, and transmitting a request instructing a generating of a third identifier, the request including the first identifier of the service and the first parameter. The method includes receiving a first response including the third identifier, determining that the first response is not valid when the second and third identifiers are not equal, and determining that the first response is valid when the second and third identifiers are equal.

Abstract: An advanced automatic loop detection apparatus and method in short message service (SMS) two-way messaging is provided. The apparatus may receive a reply message from a mobile device, and detect whether a loop is occurring when the reply message is received from the mobile device.

Abstract: The invention relates a wireless node and to a method for operating the wireless node, wherein the wireless node comprises a controller arranged for communicating wirelessly with at least one further wireless node so as to determine an ability of the wireless node and to create a network, wherein a characteristic of the network depends on the determined ability of the wireless node.

Abstract: Methods and systems are described for controlling an automation and security system. According to at least one embodiment, an apparatus for data storage in an automation and security system includes a processor, a memory in electronic communication with the processor, and instructions stored in the memory. The instructions are executable by a processor to receive data at a first device, store a copy of the data on the first device, fragment the data into a plurality of data fragments, transmit the plurality of data fragments to a plurality of remote devices, and store some of the plurality of data fragments on each of the plurality of remote devices.

Abstract: A method for controlling user equipment (UE) to access a communications network of a high-speed moving vehicle, a core network control plane node device, a base station, UE, and a communications system. The method includes determining that UE accessing a public network is first-type UE, and transferring the UE to the communications network of the high-speed moving vehicle. The first-type UE is UE used by a user taking the high-speed moving vehicle.

Abstract: Devices, systems, and methods for allowing parents to view and track smart phone activities of their children can include one or more child software modules. The module can be installed on each child's smart phone. The module can access and extract data from or about more than one of the smart phone's other software applications, including at least two of the following: a texting application, a social media application, an image application that facilitates transmission or reception of images, and a web browser application. The module can further send the extracted data to an analysis server. The module can also monitor location data. Moreover, the system can include an analysis server that can identify potentially harmful language, images, and websites. Further, the system can include a parent portal. The parent portal can receive results from the analysis server.

Abstract: A group supporting apparatus and related computer readable recording medium to execute a process including: collecting input contents, which are input by participants via terminals, from the terminals; arranging the collected input contents into input content groups based on groups to which the participants belong; setting a representative flag on each of representative input contents selected from the respective input content groups; extracting the representative input contents and matching input contents, which match a predetermined extracting condition and are different from the representative input contents, from the collected input contents; and displaying a list of the representative input contents and the matching input contents on a display device that all the participants are able to view at a same time.