Abstract: An electronic device for providing geolocation independent content rights management includes a non-transitory storage medium and a processing unit. The processing unit executes instructions stored in the non-transitory storage medium to receive a request for content from a content access device and, if the content access device is registered to an account associated with a geolocation, provides access to the content. In some implementations, the processing unit may determine if the content access device is registered using a token corresponding to the request. In various implementations, the processing unit may verify that one or more digital rights management and/or persistence policies allow the access, such as where access may be provided to one copy of the content at a time.

Abstract: Embodiments include a system, method, and computer program product that authenticates a caller using calling party information. In an embodiment, an authentication device receives the call request and associated calling party information that includes a calling party number. The authentication device retrieves parameters associated with the calling party number, where a retrieved parameter is a number of accounts linked to the calling party number. The authentication device determines whether the number of accounts is between one and a threshold value, inclusive, and verifies that the call request originates from a location or a device associated with the calling party number. Based on the verifying and determining, the authentication device generates an authentication result that indicates whether the calling party number is authenticated.

Abstract: A user authentication system for an electronic device for use with a plurality of wireless wearable medical sensors (WMSs) and a wireless base station that receives a biomedical data stream (biostream) from each WMS. The system includes a BioAura engine located on a server, the server has a wireless transmitter/receiver with receive buffers that store the plurality of biostreams, the BioAura engine has a look up stage and a classifier, the classifier generates an authentication output based on the plurality of biostreams, the authentication output authenticates the user's access to the electronic device. The wireless base station has a transmitter/receiver having receive buffers that store the biomedical data from each WMS, the wireless base station has a communication engine that retrieves the biostream from each WMS and transmits the plurality of biostreams to the server.

Abstract: A hearing instrument includes: a radio for reception of a broadcasted message; an authenticator configured for authentication of a transmitter of the broadcasted message; and a receiver configured for converting the broadcasted message into an acoustic signal for transmission towards an eardrum of a user of the hearing instrument upon successful authentication of the transmitter of the broadcasted message.

Abstract: Computer implemented methods are presented. The methods include, for instance: obtaining a user credential for login to a mobile device from a user. By use of a multi-layered authentication, based on the user credential, and a discreet user identity verification, the user determined to be unauthorized would operate the mobile device in a precaution mode, which discreetly creates secure records of activities of the user.

Abstract: A method of detecting a transmitting device within an obstruction rich environment is disclosed. The method may involve detecting the transmitting device with a wireless transmission detection facility; communicating signal information relating to the detected transmitting device from the wireless transmission detection facility to a central unit; determining the location of the transmitting device; displaying information of the detection and location of the transmitting device through a user interface; and providing an action facility for causing actions related to the detected transmitting device.

Abstract: Embodiments of this application provide a method, an apparatus, and a system for managing an international mobile subscriber identity (IMSI) status of a terminal device. An IMSI of a second terminal device is activated or deactivated through interaction between a first terminal device and a core network node, so that the second terminal device does not participate in activating or deactivating the IMSI of the second terminal device. Therefore, power consumption of the second terminal device can be reduced, and a requirement of an Internet of Things application scenario can be met.

Abstract: A card registry system is configured to automatically identify financial card information in one or more credit files associated with a consumer and populate a card registry account of the consumer with the identified financial card information. Once the financial card information has been obtained from the credit file(s), the card registry system may transmit cancellation and/or reissuance requests to the respective card issuers in the instance that one or more cards are compromised, so that the financial cards may be easily and efficiently cancelled and/or reissued at the request of the consumer.

Abstract: The disclosed computer-implemented method for preventing loss of possession factors may include (i) identifying an account of a user that is associated with a possession factor that is used by the user to perform a multi-factor authentication procedure that is required when accessing the account of the user, (ii) monitoring one or more attributes of at least one of the user and the possession factor, (iii) determining, based at least in part on the one or more attributes of at least one of the user and the possession factor, that the possession factor has likely been lost, and (iv) performing a security action in response to determining that the possession factor has likely been lost to prevent the user from being unable to perform the multi-factor authentication procedure. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A method of dynamically changing a read status of an electronic message. A computer accesses a communication management system that manages electronic messages among members of a participating team. The computer reviews at least one electronic message transmitted to a member of the participating team and analyzes a read status of the electronic message of the member to identify an unread electronic message. The computer also tracks a location of the member of the participating team and identifies a meeting between members of the participating team based on the location. The computer will update the read status if members of the participating team discuss content of the unread electronic message during the meeting.

Abstract: In an embodiment, the present invention discloses a method for accessing a network by UE, a core network entity, a base station, and first UE. The method includes determining, by a base station, that first UE provides relay for the second UE; and sending, by the base station, a first message including a first identifier to the first UE. The first message is used to manage a data radio bearer DRB of the first UE so that the DRB of the first UE is used to transmit data of the second UE, and the first identifier is in a one-to-one correspondence with the second UE.

Abstract: A data transmission method, a first device, and a second device, for use in implementing secure data transmission between a terminal device in a non-active state and a base station. The method comprises: a first device determines a transmission message comprising transmission data and a secure context identifier of a terminal device, the terminal device being in a non-active state; the first device sends the transmission message to a second device; the second device matches the secure context identifier of the terminal device with a secure context identifier of at least one local terminal device, and determines, on the basis of the matching result, whether to activate the security of the terminal device.

Abstract: This disclosure relates to techniques for efficient sparse network resource usage and connection release procedures. According to some embodiments, a wireless device may utilize techniques for efficiently releasing a radio resource control (RRC) connection, including techniques that avoid or reduce the occurrence of random access procedures when out-of-sync with the network when the RRC connection is being released. In some embodiments, a wireless device may utilize techniques for efficiently sparsely using network uplink resources, including techniques that avoid or reduce the occurrence of random access procedures to regain timing alignment to perform uplink communication when out-of-sync with the network.

Abstract: One example method of operation may include identifying call data associated with a received call, identifying call parameters from the call data, and the call parameters include one or more call routing parameters associated with call routing of the call and one or more call session parameters associated with a call session of the call, assigning weights to one or more of the call routing parameters and the call session parameters, determining a scam score for the call based on a sum of the weights applied to the call routing parameters and the call session parameters, and blocking the call when the scam score is greater than or equal to a predetermined threshold scam score.

Abstract: In some examples, a system extracts features from event data representing events in a computing environment, trains ensembles of machine-learning models for respective analytics modules of a plurality of different types of analytics modules, and detects, by the different types of analytics modules using the respective trained ensembles of machine-learning models, an anomalous entity in response to further event data.

Abstract: A method, computer program product and system for generating false data for suspicious users. A suspicious user is identified. Actions of the user are then tracked. The user attempting to access sensitive information is detected. Relevant false sensitive information corresponding to the sensitive information is then detected. The relevant false sensitive information is then mapped to the sensitive information. The relevant false sensitive information is provided to the suspicious user. In response to user input, at least one command is executed, where the at least one command includes the relevant false sensitive information and not the sensitive information.

Abstract: In an aspect, the present disclosure provides an electronic device for OTP authentication of a present location, comprising: a power source, a processor, and a memory in a housing; a strap comprising first and second ends, and a first wire extending from the first end to the second end of the strap and forming an external loop, wherein the first wire establishes a first electrical connection between the power source and the processor; and a second electrical connection operatively connected to the processor and the memory, the processor configured to generate an OTP, only when the processor is connected to the power source by the first electrical connection without interruption once the first electrical connection is established. The OTP authentication may be time-based one-time password (TOTP) authentication, and the generated OTP may be a time-based one-time password (TOTP).

Abstract: Disclosed are various examples for establishing encrypted channels or tunnels within a TCP or other communication session between a tunnel endpoint and tunnel client on a client device. A tunnel client on the client device can determine an encryption level based upon a bundle identifier of the application originating the network traffic, the destination of the network traffic, the category of the application, or other factors.

Abstract: A password service receives user input identifying a particular account and uses a detecting device for detecting an event related to user interaction with a physical location at a predefined time interval. The password service generates questions based on the detected event and selects a set of questions specific for the particular account from among the generated questions. The password service receives further user input comprising one or more received responses to each question of the set of questions and generates a password for the particular account based on the one or more received responses.

Abstract: An embodiment of the invention may include a method, computer program product and system for authenticating a user device. The embodiment may include receiving a plurality of device parameter from a user device. The embodiment may include selecting a user profile having a plurality of user profile characteristics based on determining a match between at least one device characteristic of the plurality of device characteristics with at least one user profile characteristic of the plurality of user profile characteristics. The embodiment may include determining whether a device parameter from the plurality of device characteristics of the user device matches a user profile parameter of the plurality of user profile characteristics. The embodiment may include increasing a device value based on determining that the device parameter matches the user profile parameter. The embodiment may include authenticating the user device based on determining that the device value is above a threshold value.

Abstract: A method for operating a field device is disclosed, the field device having settings and/or functions classified into different security levels, where one of the settings and/or functions of the field device is selected by a user, at least one security measure is implemented depending upon the security level with which the selected setting and/or function is associated, and the security measure determines whether the selected setting and/or function of the field device is released for the user.

Abstract: Devices and methods of disrupting data transfer between an RFID interrogation device (50, 50?) and an RFID data storage device (30, 30?) to be protected, are provided. An example of an embodiment of an RFID signal disruptor device includes a container (41, 141) and an RFID signal disruptor circuit (151, 161, 161?, 171, 171?, 271, 271?) configured to substantially disrupt the signal provided by the RFID interrogation device (50, 50?) when the RFID signal disruptor device is positioned to protect the RFID data storage device (30, 30?).

Abstract: Methods and systems for dynamically allowing a guest device to a join a private citizens broadband radio systems (CBRS) network. The method includes determining one of a location of the guest device and a location of a public safety incident. The public safety incident is associated with the guest device. The method also includes determining that one of the location of the guest device and the location of the public safety incident is in a coverage area of the private CBRS network. The method further includes reconfiguring the private CBRS network to allow operation of the guest device on the private CBRS network, and operating the guest device on the private CBRS network.

Abstract: A method for mitigating intrusions to a mobile operating system (OS) that begins with the instantiation of secure services and corresponding data in secure service partitions by a secure multivisor running on a mobile device running a secure real-time operating system (RTOS). One of the secure services can be a biometric security service having corresponding biometric data defining a user's identity. The secure multivisor can instantiate a user space partition running a virtual machine with a guest OS having installed client software applications. When the virtual machine, a client software application, or a user requests interaction with the secure RTOS that meets a predefined privilege threshold, the biometric security service can determine the biometric identity of the user. When the determined biometric identity of the user matches a required biometric identity of the interaction, the biometric security service can allow the interaction with the secure RTOS.

Abstract: Embodiments of the invention are directed to systems, methods, and computer program products for electroencephalogram patterning recognition for user authentication into one or more physical or digital locations. In this way, the system may generate a spectral analysis baseline electroencephalogram reading for a user that can be segmented and analyzed based on a specific time span associated with a known stimulus or event, and diagnostic applications generally focus on either event-related potentials or the like. Upon initiating a request to enter a location requiring authentication, an electroencephalogram reading may be generated and patterned after the baseline electroencephalogram reading for the user. The system may perform patterned recognition of the readings and provide an authentication confidence of the user for authentication into the location.

Abstract: Disclosed are an apparatus for estimating a pedestrian position based on pedestrian motion recognition, and a method therefor. The method for estimating the pedestrian position based on pedestrian motion recognition includes recognizing a specific motion of a plurality of motions of the pedestrian, performing a unique pedestrian dead-reckoning (PDR) technique corresponding to the recognized specific motion among unique PDR techniques for each of the plurality of motions of the pedestrian, and estimating the pedestrian's position by the performed unique PDR technique.

Abstract: In certain embodiments, a network edge device comprises a memory storage, a networking component configured to communicate with a mobile device and a database comprising application attributes, and a processor. The processor, in certain embodiments, is located within the network edge device and is operable to receive application traffic from the mobile device (the application traffic being associated with an application), classify the application traffic by associating the application traffic with an application ID, and send a query comprising the application ID to the database comprising application attributes. In addition, the processor, in certain embodiments, is operable to receive a response, from the database comprising application attributes, comprising one or more application attributes associated with the application, wherein the response is based in part on the application ID, and to enforce a policy based in part on the application attribute.

Abstract: Aspects of the subject disclosure may include, for example, a first network device receiving from a second network device a software, the first network device adjusting operations at the first network device according to the software, the first network device providing a digital signature to the software to generate an adjusted software where the digital signature indicates that the first network device has received the software, and the first network device transmitting, to a third network device, the adjusted software. Other embodiments are disclosed.

Abstract: A mobile station includes: a communication circuitry configured to communicate with a plurality of base stations utilizing radio resources provided by a first base station and a second base station connected via a network interface; and a controller configured to be capable to configure with a first signaling radio bearer between the mobile station and the first base station and a second signaling radio bearer between the mobile station and the second base station simultaneously.

Abstract: A wearable device can establish a verified session with a host device (e.g., by establishing that the wearable device is present in the vicinity of the host device and is currently being worn). The existence of such a verified session can be used to control user access to sensitive information that may be stored in or otherwise accessible to a host device. For example, the host device and/or application programs executing thereon can be configured to restrict a user's ability to invoke program functionality that accesses sensitive information based on whether a verified session with a wearable device is currently in progress.

Abstract: A method for using a network and a secure element, whereby the secure element of a device receives a request for usages data from the device. The secure element sends the usage data to the device in response to the request. The usage data enable the device to use the network. The secure element applies a timer to measure a delay time. The device shall only use the network, after the delay time has expired. The secure element prevents the usage of the network by the device until the delay time has expired.

Abstract: In a communication system comprising a first network operatively coupled to a second network, wherein the first network comprises a first security edge protection proxy element operatively coupled to a second security edge protection proxy element of the second network, a method comprises configuring at least a given one of the first and second security edge protection proxy elements to determine whether to apply at least one security operation at the transport level for incoming packets based at least in part on source and destination networks for the incoming packets.

Abstract: Systems and methods are directed to monitoring the communications to and from a mobile communication device in accordance with one or more embodiments. For example in accordance with an embodiment, data services a mobile communication device's applications may be monitored against smart contracts stored in a central data center repository and/or written to a blockchain. Other data services may include all forms of communications between the mobile communication device and a third party along with changes to application or data within the mobile communication device. Monitoring the mobile communication device may be done to determine compliance with the smart contracts and whether a penalty or reward on device usage should be applied.

Abstract: In currently available mobile devices (e.g., a user equipment (UE)), no authentication occurs at the mobile device to answer an incoming call at the mobile device. In an aspect of the disclosure, a method, a computer-readable medium, and an apparatus for secure call answering are provided. The apparatus is a first UE. The apparatus receives an incoming call originated from a second UE. The apparatus determines whether the incoming call originated from the second UE is a secure incoming call. The apparatus also receives a secure authentication input upon determining that the incoming call is a secure incoming call. Further, the apparatus determines whether the secure authentication input matches with authentication information upon receiving the secure authentication input. Additionally, the apparatus answers the received secure incoming call originated from the second UE when the received secure authentication input matches the authentication information.

Abstract: A system for supporting transactions by mobile devices includes a mobile transaction platform server hosting and managing a plurality of wallet services and at least one interface by which a service provider may discover and access the wallet services to build and distribute at least one wallet service to a services ecosystem, wherein the at least one wallet service enables implementation of a mobile transaction according to a template.

Abstract: Systems and methods herein enable a mobile device to detect that a user is traveling in association with a vehicle based at least on motion data. In some embodiments, accelerometer data is used. Motion data is leveraged in combination with various observations regarding vehicular movement to determine whether or not a mobile device is located in or on the vehicle. For instance, before entering the state of vehicular movement, it can be determined that the user is first in a walking state (e.g., walking to the car, bus, etc., and entering it). Likewise, after exiting the state of vehicular movement, the user re-enters the walking state (e.g., after stepping out of the car, bus, etc., the user again begins walking). Further, it can be determined that when the user is in the walking state, the accelerometer signals appear different to any accelerometer signals seen in the vehicular movement state.

Abstract: Techniques for providing service-based security per subscription and/or equipment identifiers in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for service-based security per subscription and/or equipment identifiers in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting subscription and/or equipment identifier information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the subscription and/or equipment identifier information.

Abstract: Devices, systems and methods are disclosed for determining an electromagnetic signature for authenticating a device, a user, and/or a location. In exemplary embodiments, a magnetometer captures an electromagnetic signature which is then compared with one or more authorized electromagnetic signatures. If the electromagnetic signature matches an authorized electromagnetic signature, then access is granted. The magnetometer is integrated into a communication device having a processor and a logic. The magnetometer captures an electromagnetic signature of a surrounding environment and detects motion of the communication device through the captured electromagnetic signature. The logic on the communication device locks or unlocks features of the device based upon the captured electromagnetic signature. In further embodiments of the subject disclosure, the magnetometer is in communication with a server which authenticates a user or communication device to provide access to a remote location.

Abstract: A mobile communication terminal, a service provider device and methods are disclosed wherein a plurality of services from a service provider is supported. According to the invention the storing of service provider settings, which are related to the service provider, in a memory location specific for the service provider is facilitated.

Abstract: The present disclosure relates to a communication method and system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services.

Abstract: An electronic device is provided. The electronic device includes a memory to store an application, a communication interface to communicate with an external device, and a processor operatively connected with the memory and the communication interface. The processor determines whether the application is authenticated if receiving an installation request or an execution request of the application, generates a policy file associated with a domain of the application if the application is authenticated, and assigns the application to a specified domain, which is accessible to a secure area of the memory, based on the generated policy file.

Abstract: Novel tools and techniques are provided for implementing self-organizing mobile networks (“SOMNETs”) of drones and platforms. In various embodiments, a computing system might receive first data from each of a plurality of vehicles; might receive second data from each of a plurality of platforms; might analyze the first data to determine a status of each vehicle; and might analyze the second data to determine a status of each platform. Based at least in part on the analyzed first and second data, the computing system might generate at least one of first control instructions to at least one first vehicle of the plurality of vehicles or second control instructions to at least one first platform of the plurality of platforms that respectively cause the at least one first vehicle to perform one or more first actions or cause the at least one first platform to perform one or more second actions.

Abstract: Techniques for providing service-based security per user location in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for service-based security per user location in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting user location information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the user location information.

Abstract: Techniques for providing service-based security per user location in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for service-based security per user location in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting user location information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the user location information.

Abstract: A method of enabling and disabling operating authority of handheld device is provided. The method includes following steps of: detecting whether a user is holding a handheld device; control the handheld device to enable an operating authority when detecting that the user is holding the handheld device; detecting whether the user stops holding the handheld device; control the handheld device to disable the operating authority when detecting that the user stops holding the handheld device. It may effectively manage the operating authority and simplify the operation of enabling and disabling the operating authority via enabling and disabling the operating authority automatically according to the user-holding status of the handheld device.

Abstract: Various embodiments are generally directed to techniques to detect and eradicate malware attacks by employing information indicative of malware activity received from both endpoint devices and network devices proving network services to endpoint devices. An apparatus to detect malware includes a processor component, an analysis component for execution by the processor component to employ a trust level assigned to a device in a network as a factor in an analysis of an indication received from the device of a malware attack, and an eradication component for execution by the processor component to determine an action to take through the network to eradicate the malware attack based on the analysis. Other embodiments are described and claimed.

Abstract: The present disclosure provides a communication method, a network-side device, and user equipment. The method includes: receiving, by a network-side device, a radio resource control RRC connection reestablishment request message, where the RRC connection reestablishment request message is used to request to perform RRC connection reestablishment; and sending, by the network-side device, an RRC connection reestablishment indication message, where the RRC connection reestablishment indication message carries a configuration parameter, and the configuration parameter includes at least one of a signaling radio bearer SRB2 configuration parameter or a data radio bearer DRB configuration parameter. The network-side device sends only the RRC connection reestablishment indication message, thereby effectively reducing a reestablishment delay and physical resource overheads.

Abstract: A method begins by a processing module identifying a geographic area of an adverse condition and identifying a user device of a plurality of user devices potentially associated with the identified geographic area. The method continues with the processing module issuing a safety notification to the user device, where the safety notification includes one or more of the identified geographic area and a safety status request. The method continues with the processing module receiving, from the user device, a safety status response, where the safety status response includes at least one of location information generated by the user device and a safety status level generated by the user device. The method continues with the processing module indicating the safety status level.

Abstract: Techniques for providing service-based security per data network name in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for service-based security per data network name in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting network name information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the network name information.

Abstract: A wireless access point receives configuration information assigned to a particular service provider. The configuration information includes information indicating a wireless network identifier (such as a network name or SSID value) assigned to the service provider. The wireless network identifier is available for use by communication devices to establish a wireless connection with the wireless access point and perform multiple different functions. For example, the configuration information can include multiple resource links assigned to the particular service provider. Via use of the wireless network identifier, a communication device can establish a wireless communication link with the wireless access point. The communication device communicates a selected one of the multiple links to the wireless access point to indicate which of multiple functions (such as online sign-up or actual use of wireless network services) can is being requested.