Abstract: A portable terminal apparatus includes a display unit displaying an image, an operation input unit inputting a user operation, and a wireless communication unit performing wireless communication by a wireless LAN, and at a time of startup from a sleep state, a remote control button is displayed on the display unit when a mutual communication with a predetermined access point can be performed in the wireless communication unit, and when the remote control button is selected, a remote control signal corresponding to the selected remote control button is transmitted.

Abstract: Disclosed herein are methods and apparatus for location based broadcast channel selection and update for mobile devices. The location based broadcast channel selection and update method includes determining a location of a mobile device. The location is checked against a current location area. A query is sent to a license server with the location if the location is beyond the current location area. A list of television broadcast channels associated with the location is sent by the license server and the received list of television broadcast channels are mapped against the current list of television broadcast channels. The mobile device is reconfigured with the mapped list of television broadcast channels.

Abstract: A packet processing method includes receiving, by an aggregation gateway, a first tunnel establishment request message sent by a home gateway, and sending a first tunnel establishment success message to the home gateway; receiving, by the aggregation gateway, a second tunnel establishment request message sent by the home gateway, and sending a second tunnel establishment success message to the home gateway; associating, by the aggregation gateway, a first tunnel with a second tunnel according to an identifier of the home gateway; and sending a downlink packet to the home gateway by using the first tunnel and/or the second tunnel. The embodiments of the present application may increase bandwidth.

Abstract: A permission vector comprising a plurality of permission sets is used to manage permissions to resources of a resource provider. Each of the plurality of permission sets may correspond to a different resource of the resource provider, wherein each resource of the resource provider has an orthogonal relationship to the other resources. Each permission set may include one or more permission elements that define permissions granted to a user for accessing a corresponding resource element of a resource. The permission vector may be used to determine whether to fulfill user requests submitted to the resource provider to perform an operation that includes accessing a set of requested resources.

Abstract: A communication device including a non-SIM based client is authenticated for accessing an IMS network. An internet protocol identity is received from the communication device. The internet protocol identity is not associated with a SIM. Authentication information associated with the internet protocol identity is requested and received from the communication device. A determination is made whether the communication device is authenticated based on the internet protocol identity and the authentication information. If the communication device is determined to be authenticated, the communication device is allowed access to the IMS network.

Abstract: A user equipment (UE) is configured to scan for device-to-device synchronization sources based on scanning configuration information. The UE is configured to report detection of a device-to-device synchronization source to an Evolved Universal Terrestrial Radio Access Network (E-UTRAN) Node B (eNB) in response to determining that the device-to-device synchronization source meets one or more reporting requirements of the scanning configuration information. The UE is configured to receive a communication from the eNB enabling the UE as a synchronization source and transmit signals to provide a synchronization reference to one or more in-range UEs including the device-to-device synchronization source.

Abstract: A user device may be authorized to access a telecommunications network, such as a cellular network, after completing a boot process that includes a device activation phase and a network activation phase. An application resident on the user device initiates, in the device activation phase, a device eligibility check over a secondary communication network such as a WLAN. Device eligibility may be determined by whether the user device was legitimately sold. If the user device fails the eligibility check, the boot process is stopped, rendering the user device inactive. If the user device passes the eligibility check, the application initiates the network activation phase in which the user device is checked against a blacklist. If the user device is blacklisted, the boot process is shut down. If the user device is not blacklisted, the boot process completes normally.

Abstract: A method, apparatus and computer program product may be provided for securing multiple NAS connections over a plurality of access types. An exemplary method may comprise receiving, at an access mobility function (AMF), a first registration request from user equipment (UE) over a first access type, establishing a main NAS context comprising at least a key set identifier for identifying a key for the AMF (KAMF), NAS integrity and encryption keys and a selected algorithm for all NAS links, wherein establishing the main NAS context comprises establishing the KAMF, and subsequently deriving, from the KAMF, the NAS integrity and NAS encryption keys and establishing a first NAS sub-context corresponding to a first access type, the first NAS sub-context comprising at least a first NAS link identification number, a first uplink packet count, a first downlink packet count.

Abstract: A device search apparatus includes: a communication device which wirelessly communicates with a device; an input device to which information is inputted; a display device which displays information; and a processing device which, if input information including a predetermined keyword is received via the input device, searches for a device, using the communication device, extracts a device associated with a device name included in the input information from among the devices detected by the search, and displays a device indication representing each of the extracted devices on the display device.

Abstract: A digital letter of approval (DLOA) is used by a subscription manager (SM) server to determine whether a device is compliant with requirements for an application to be provisioned. If the device is compliant, the application is provisioned to the device or to an embedded universal integrated circuit card (eUICC) included in the device. To increase the security of the device DLOA, the device DLOA is linked to the eUICC, in some embodiments. The linkage may be based on one or more platform label fields in the device DLOA. A database is consulted, in some embodiments, to confirm a relationship between the device and the eUICC identified in the device DLOA. In some embodiments, the eUICC signs the device DLOA and the device DLOA with eUICC signature is sent to the SM server. In some embodiments, the device provides a device signature on the DLOA independent of the eUICC.

Abstract: Systems, apparatus, user equipment (UE), evolved node B (eNB), computer readable media, and methods are described for multi-carrier listen before talk operations. In various embodiments, a transmitting device may assign one or more primary carriers to perform listen before talk (LBT) operations, with non-primary carriers performing a channel sensing operation at the end of the LBT operations of at least one primary channel. In various embodiments, the LBT operations at the primary carriers may use a shared random countdown number or an independent random countdown.

Abstract: Disclosed is a method of operating a terminal on which an application for an instant messaging service is installed, the method that displays a first user interface (UI) for switching an input mode in a chatting interface of a chatroom in which a user of the application is participating, based on whether the user is assigned an authority to emphasize a message in the chatroom, switches the input mode from a first mode which is a normal mode to a second mode for emphasizing a message, in response to a user input with respect to the first UI, emphasizes a message input in the second mode for a predetermined period in a predetermined manner, and cancels the emphasizing of the message input in the second mode, when the predetermined time elapses.

Abstract: A universal opt-in/opt-out client allows a user to connect to the APIs for various different sites which have the user's data. The universal client orchestrates opting out on any of the site lists provided by default, or sites which the user selects. The universal client enables the user to select total or partial opt-ins or opt-outs with granular control, on one or more web or decentralized sites, where the user may wish to allow some uses of data and access to data but would also like to restrict others. When a user is calibrating their privacy and data settings, a company or site may provide reasons and incentives for the user to allow access to certain data. This allows users to have simultaneous global control over their personal data while enabling the user to receive compensation for the use of their personal data, and allowing companies to have access to better data.

Abstract: An activation request from a user device that includes a promotion identifier of a promotion campaign is received at a server, in which the promotion identifier is encapsulated by a machine-readable code that further includes a network address of the server. The activation request is routed from the user device to the server via the network address. A determination of whether an embedded Subscriber Identity Module (eSIM) profile associated with the promotion campaign is available for download to the user device is made. When the eSIM profile is available, the eSIM profile is sent to the user device such that the user device is able to use the eSIM profile to access telecommunication services of a Mobile Network Operator (MNO) according to one or more terms of the promotion campaign. When the eSIM profile is unavailable, an indication that the promotion identifier is invalid is sent to the user device.

Abstract: A generic access control procedure is proposed. Every action that is subject to access control is associated with an access category, and each access category is in turn associated with a set of access control parameters. From the APP layer, a UE detects an action that is subject to access control. The UE obtains and stores access categorization rules. In NAS layer, the UE determines the access category for the action. The UE then determines the set of access control parameters for the action. In AS layer, the UE finally applies the set of access control parameters to the action and makes a barring decision for the action. By defining a generic access control procedure and separating access control functions into NAS layer and AS layer, the generic access control is simplified and extendible.

Abstract: Methods and systems are provided for sending messages in a security system. In particular, a new message syntax can include one or more positive assertions that may be verified. The receiver of the message or credential may verify all the positive assertions. In other configurations, one or more nodes that relay the message from the sender to the receiver can verify the positive assertions or may create one or more of the positive assertions. In this way, the network or entities used to relay the message can also be checked.

Abstract: An embodiment of a data transmission method is executed by a server that includes a memory that stores first unique number data presenting a first unique number and second unique number data presenting a second unique number, in association with each other, and includes receiving a first unique number data presenting a first unique number from a first electronic device in the first unique number reception step. Whether the first unique number presented by the first unique number data received in the first unique number reception step matches the first unique number presented by the first unique number data stored in the memory is determined in the determination step. The second unique number data stored in association with the first unique number data stored in the memory is transmitted to the first electronic device when determined in the determination step that they match.

Abstract: Disclosed herein are different techniques for enabling a mobile device to dynamically support different authentication algorithms. A first technique involves configuring an eUICC included in the mobile device to implement various authentication algorithms that are utilized by MNOs (e.g., MNOs with which the mobile device can interact). Specifically, this technique involves the eUICC storing executable code for each of the various authentication algorithms. According to this technique, the eUICC is configured to manage at least one eSIM, where the eSIM includes (i) an identifier that corresponds to one of the various authentication algorithms implemented by the eUICC, and (ii) authentication parameters that are compatible with the authentication algorithm.

Abstract: An unauthorized access point is identified during a periodic scan on the wireless network and storing a MAC address for the unauthorized access point and monitored for connection attempts. In response to an attempt by the unauthorized access point to connect to a wireless station or in response to the wireless station attempt to connect to the unauthorized access point, a spoofed probe response is transmitted to prevent a connection. The probe response can include a channel switching element and the MAC address of the unauthorized access point.

Abstract: A short message service (SMS) message is encrypted using an encryption key stored at a user equipment and an access and mobility management function (AMF) and the encrypted SMS message is added to a payload of a non-access stratum (NAS) message that includes an NAS header. Integrity protection is applied to the NAS message using an integrity key stored at the user equipment and the AMF and the integrity-protected NAS message is transmitted. The NAS message is received via an NAS link between the user equipment and the AMF. An integrity check is performed on the NAS message using the integrity key. An encrypted short message service (SMS) message is extracted from a payload of the NAS message in response to the integrity check being successful and the encrypted SMS message is decrypted using the encryption key.

Abstract: An authentication and registration system is provided which can reduce a burden at the time of authentication and registration while ensuring security when a single apparatus is used to perform authentication and registration of identification information on another apparatus. In an authentication and registration system (1), an authentication request signal is transmitted from a mobile terminal (3) to a registration server (2). When two sets of identification information VIN and IMSI received before and after the authentication request signal match each other, the registration server (2) transmits an authentication code signal to an on-board controller (4) so that an authentication code is displayed on a DA apparatus (23).

Abstract: A method of providing a wireless communication link to a mobile communication device. The method comprises providing a first wireless communication link by a first WiFi access point (AP) to the mobile device, where the first AP broadcasts a first SSID, establishing a communication session between the mobile device and a destination communication device via the first wireless communication link, determining locations of the mobile device by a server, and, based on a change of the locations of the mobile device, sending a WiFi handoff command by the server to a second WiFi AP, where the WiFi handoff command comprises authentication credentials of the mobile device. The method further comprises providing a second wireless communication link based on the authentication credentials by a second AP to the mobile device, where the second AP broadcasts the first SSID and the communication session is continued over the second wireless communication link.

Abstract: A technique for controlling access to a radio access network administered by an access device. The device obtains an item of data indicating that the presence of a user has been detected in a detection zone. An access request requesting access to the radio access network is received from an applicant device, the radio access network being prohibited by the access device for a device with physical address corresponding to that of the applicant device. The applicant device, identified by the address, is then authorized by the access device to access the radio access network.

Abstract: A controller for controlling the display of secondary digital content displayed in an overlay above a primary video stream. The controller includes a touch interface device, a processor, and a memory storing non-transitory instructions. These instructions, when executed, can include (i) detecting a first input gesture by a user on the touch interface device, (ii) in response to detecting the first input gesture, selecting an application for display, (iii) detecting a second input gesture by the user on the touch interface device, (iv) in response to detecting the second input gesture, scrolling through a currently-displayed layer of the selected application displayed, (v) detecting a third input gesture by the user on the touch interface device, and (vi) in response to detecting the third input gesture, scrolling between layers of the selected application in a simulated Z-space.

Abstract: This disclosure describes techniques that facilitate selectively interacting with a computing resource based on receipt of an incoming voice command. Particularly, a voice control integration system may parse content of an incoming voice command to authenticate an identity of the client, and further determine an intended meaning of the incoming voice command. In doing so, the voice control integration system may interact with a computing resource to perform an action that fulfills a client request. Computing resources may be associated with service providers or client devices of a client. Further, the voice control integration system may authenticate a client identity based on a one or two-factor authentication protocol, of which one may correspond to a biometric analysis of the incoming voice command. Further, a second-factor of the two-factor authentication protocol may be implemented via a voice interaction device, another client device accessible to the client, or a combination of both.

Abstract: In some implementations, (i) audio data representing a voice command spoken by a speaker and (ii) a speaker identification result indicating that the voice command was spoken by the speaker are obtained. A voice action is selected based at least on a transcription of the audio data. A service provider corresponding to the selected voice action is selected from among a plurality of different service providers. One or more input data types that the selected service provider uses to perform authentication for the selected voice action are identified. A request to perform the selected voice action and (i) one or more values that correspond to the identified one or more input data types are provided to the service provider.

Abstract: Embodiments relate to methods and systems for managing media content distribution rights to a media client on a craft to ensure that the distribution of media content items is consistent with media content distribution rights.

Abstract: Disclosed herein are an apparatus and method for providing a secure execution environment for a mobile cloud.

Abstract: This application relates to the field of communications technologies, and in particular, to a profile download technology. In a profile download method, a primary device obtains an embedded integrated circuit card identifier (EID) of a secondary device, where the EID is used by the primary device to obtain, from a mobile operator server, profile download information that matches the EID; receives the profile download information from the mobile operator server; and sends the profile download information to the secondary device, where the profile download information is used by the secondary device to download a profile from a profile management server, and the profile is installed in an embedded UICC (eUICC) of the secondary device after the download is complete.

Abstract: Systems, methods and devices for provisioning a computerized device(s). The system may include a distributor computer that is connected to the computerized device, and is operable to receive a digital asset and transmit it to the device. The system may include a digital asset management server that is connected to the distributor computer, and is operable to transmit the digital asset to the distributor computer, and a provisioning controller that is connected to the distributor computer and the digital asset management server, and is operable to cause transmission of the digital asset to the distributor computer. The system can include a second distributor computer that is connected to the digital asset management server and the device (e.g., at a later time), and that receives a second digital asset and transmits it to the device, wherein the second digital asset causes the device to become partially or fully functional.

Abstract: A user equipment (UE) explicitly accounts for a coverage enhancement (CE or sometimes called enhanced coverage) feature in a public land mobile network (PLMN) search and/or selection. By explicitly using CE indicators in PLMN search and/or selection, a UE can determine whether to use a PLMN that may only be available in CE mode for voice services or data services, or fail to meet criteria, such as high data rate, that cannot be provided in CE mode. For example a UE can use the PLMN search and/or selection with (1) automatic PLMN selection at switch-on or recovery from lack of coverage, (2) higher priority PLMN selection, (3) manual PLMN selection, and/or (4) limited service capabilities while in CE mode.

Abstract: An electronic device includes a wireless communication circuit, a light emitting device, and a control circuit. The wireless communication circuit establishes wireless communication with a first external device. The light emitting device emits light. The control circuit shares information on a location of the electronic device with the first external device. The control circuit also receives a first signal from the first external device via the wireless communication circuit, and, in response to the first signal, the light emitting device emits light according to a selected flashing pattern which indicates at least a part of the location of the electronic device.

Abstract: An online system receives a request from a user of a manager transmitter to generate a unique beacon identifier (ID) associated with a physical location. Responsive to receiving the beacon ID from the online system, the manager transmitter transmits a Bluetooth signal comprising the beacon ID to user client devices, which send the beacon ID to the online system for identification. Responsive to detecting that a received signal strength exceeds a threshold, a location context module classifies the instance of the user client device detecting the signal as an example of a user being present at the physical location. A location prediction module uses the instance as training data to train a machine-learning model to predict the presence of online system users at the physical location.

Abstract: An electronic device can be commissioned with an identifier for use in a centralized tracking system. The electronic device is assigned an interim unique identifier and authentication key, for instance by a manufacturer of the electronic device. The electronic device and the centralized tracking system each separately generate a permanent unique identifier and a permanent authentication key based on the interim unique identifier and interim authentication key, without requiring the permanent unique identifier and permanent authentication key from being transmitted between the electronic device and the central tracking server. Upon generating the permanent unique identifier and permanent authentication key, tracking device functionality can be enabled within the electronic device, enabling the electronic device to function as a tracking device within the centralized tracking system.

Abstract: Methods, systems and computer program products for operating a voice response system based on non-human audio sources are provided. Aspects include receiving, by a voice response system, an audio signal from non-human source and analyzing the audio signal to identify a source of the audio signal. Based on a determination that the source of the audio signal is controllable by the voice response system, aspects include instructing, by the voice response system, the source of the audio signal to take an action based on the audio signal. Based on a determination that the source of the audio signal is not controllable by the voice response system, aspects include providing an alert, by the voice response system that indicates the source of the audio signal.

Abstract: A system that provides a service order is provided. The system defines a service action including metadata that defines a pattern of a structured request to perform work on a customer-facing service that is based on a customer-facing service specification. The system further defines a customer-facing service specification including metadata that defines a customer-facing service that is provided, where a customer-facing service includes a technology-agnostic abstraction of a holistic capability. The system further defines a service order, where the service order includes one or more service order lines, where each service order line includes a service action and a customer-facing service based on a customer-facing service specification.

Abstract: A communication device includes a memory to store a contact list, a communication, and tagged contacts and tagged communication form of the tagged contacts; a processor to receive an incoming communication transmitted to the communication device determine identification information from the incoming communication; and determine if the incoming communication meets a criterion for a third party user of the communication device to view the incoming communication. To determine if the incoming communication meets the criterion, the processor compares the determined identification information from the incoming communication to the tagged communication form of the tagged contacts. If the incoming communication meets the criterion, then the processor displays the incoming communication, and if the incoming communication does not meet the criterion, then the processor does not display the incoming communication.

Abstract: The present disclosure generally relates to a computerized method comprising: communicating access details of the facility from the mobile device to the facility for a first authentication process, the mobile device located in the vicinity of the facility initially in a secured state for preventing access thereto; receiving a request notification on the mobile device in response to positive authentication of the access details from the first authentication process, the request notification comprising a request for biometric data of the user; receiving an input of the biometric data on the mobile device; and communicating the biometric data from the mobile device to a host server for a second authentication process, wherein the facility is configured to change from the secured state to an unsecured state in response to positive authentication of the biometric data from the second authentication process, thereby providing, to the user, access to the facility.

Abstract: A method for electronic file transfer having user coordinated electronic device recognition of at least two mobile devices in close proximity using a one touch simultaneous action on the software interface, contextual user preference, and secure real-time approvals by users for transfer or exchange of digital material between mobile devices using host server, database storage, and backups of transfer material.

Abstract: A method (30) and system (10) for automatically configuring wireless local area network (WLAN) devices (21, 22, 23) of a wireless residential access network (20) is provided. An automatic authorization process initiated by an access point (21) is enabled by utilizing a back-end-network (40, 50) and results in the activation of a basic service set identifier (BSSID) based on which auto-pairing of at least one station (22) with the access point (21) is realized. An automatic authentication process of the at least one station (22) is enabled based on a comparison of an identification provided by the station (22) against a list of unique device identifiers installed in the access point (21) during the automatic authorization process. The authentication process results in granting or denying access to the residential access network (20) for the at least one station (22).

Abstract: The present disclosure discloses a system and method for providing multi-factor authorization for IEEE 802.1x-enabled networks. Specifically, a network device authenticates a client device to obtain access to network resources in a network via a network authentication protocol. The network device then detects a device quarantine trigger indicating an increased level of suspicion that a current user of the client device is a non-authenticated user. In response to the device quarantine trigger, the network device temporarily places the client device from an authenticated state to a quarantined state pending completion of a particular workflow by the current user. The client device has limited access to the network resources while in the quarantined state regardless of a previous successful user and/or device authentication.

Abstract: A method for authenticating a user using a user device connected to a communications network, the method comprising an implicit phase, wherein said implicit phase comprises performing at least one task within a workflow, said at least one task necessary to move forward within said workflow; storing information associated with said performing of at least one task; comparing said stored information with a stored user profile; and determining whether said authentication of said user is successful or unsuccessful based on said comparing.

Abstract: Systems and methodologies are described that facilitate supporting multiple access modes for a base station in a wireless communication environment. The base station can leverage hybrid, closed, or open access mode. A whitelist of a mobile device that successfully registers on the base station can be selectively updated to include a CSG ID of the base station. For example, the CSG ID of the base station can be added to the whitelist when the base station operates in closed access mode, while adding the CSG ID can be skipped when the base station operates in hybrid access mode. According to another example, the CSG ID can be selectively added based upon a received accept cause value. Additionally or alternatively, a CSG ID and an access mode indicator can be transmitted from a base station to a network node for implementing access control and/or paging optimization at the network node.

Abstract: The application provides methods and devices for implementing wireless access point connection authentication. The method includes acquiring a connection authentication request of a user device generated during a connection with a target wireless access point; and executing an authentication module corresponding to the access point type information to complete the connection authentication of the target wireless access point on the basis of access point type information corresponding to the target wireless access point. Compared with the prior art, the method and device meet the diversified demand on the connection authentication when the users connect to the wireless access points in practice and meet the needs of connection authentication of various types of wireless access points.

Abstract: A trajectory determining device is designed for determining trajectory data (10) based on signaling data associating mobile communication device identifiers, time markers and signaling identifiers, at least some of the signaling identifiers designating a location cell. These trajectory data are used in order to identify pairs of movement markers associated with a same mobile communication device identifier, and corresponding signaling data, the time markers of which are between the time markers of a given pair, are reprocessed in order to return classified movement data (16) associating movement type data and departure and arrival data determined from location cells associated with the signaling data and a group of chosen locations.

Abstract: A computer-implemented method is described. The method includes generating, for display on a computing device, an identification rendering viewable on a display of the device, the identification rendering including an authority indicator and a digital image of a person. The method further includes the device triggering an interactive effect associated with the identification rendering. The triggering occurs in response to the device receiving a trigger input and the trigger can be from any input or communications sensor of the computing device. The triggered interactive effect includes an authority indicator and a freshness indicator that enables an individual viewing the display to validate the identity of the person associated with the digital image. Validation can be based on at least one of a characteristic of the interactive effect and attributes of the person or the authority indicator.

Abstract: A portable terminal device (1) sets a security level for each application in accordance with position, and stores the level in a memory (102). The security level determines whether each application is displayed or made executable on a display portion (114a) in locked state and unlocked state. A control unit (101) refers to the security level and determines the application displayed on the display portion (114a) in accordance with position information acquired by a position information acquisition unit (GPS reception unit) (104), and makes executable the application selected by the user. Thus, the portable terminal device (1) offers user-friendliness while ensuring security strength.

Abstract: Embodiments of the disclosed technology include systems and methods that can establish a communication link with a customer device, can receive call information from the customer device, can retrieve a customer profile based on a comparison of the call information to stored call information, and can save the customer profile as temporary profile data. Embodiments can receive identifying information from the customer device and, responsive to determining, based on a comparison of the identifying information to the temporary profile data, that the communication link is authenticated, connect the communication link to an authenticated call path. Responsive to determining that a predetermined amount of time has elapsed without determining that the communication link is authenticated, embodiments can determine that the communication link is unauthenticated and can connect the communication link to an unauthenticated call path and delete the temporary profile data.

Abstract: The present disclosure relates to a mobile terminal capable of fingerprint recognition, and a control method thereof. A mobile terminal according to the present disclosure may include a terminal body, a display unit disposed on a front surface of the body, a sensing unit configured to receive a user's touch input to recognize the user's fingerprint, and a controller configured to display preset screen information on the display unit while the user's touch input is applied to the sensing unit based on the authentication of the recognized user's fingerprint.

Abstract: There are provided measures for venue owner-controllable per-venue service configuration. Such measures could comprise configuring a per-venue service model of services of a network operator for terminal devices of subscribers of the network operator on the basis of an input by a venue owner of a venue, the per-venue service model including at least one configurable parameter for defining a venue-based service for terminal devices of subscribers residing in a specified venue area of the venue, and controlling provision of services of the network operator to terminal devices or subscribers of terminal devices in accordance with the per-venue service model depending on applicability thereof for the service provision.