Abstract: Embodiments of the present disclosure disclose a method for transmitting terminal information and a related product. The method includes: receiving, by a first network element included in a network device, first information from a terminal.

Abstract: Systems, methods, and software of directly connecting a SIM-less device with a cellular network. In one embodiment, User Equipment (UE) includes a Subscriber Identity Module (SIM) provisioned with a plurality of subscription profiles for subscriptions to the cellular network. The UE establishes a direct communication with a SIM-less device that does not have a subscription with the cellular network. The UE selects one of the subscriptions provisioned in the SIM as a temporary subscription assigned to the SIM-less device to allow the SIM-less device to establish a direct connection with the cellular network using the temporary subscription, and transmits a message to the SIM-less device via the direct communication containing subscription credentials for the temporary subscription. The SIM-less device may therefore register with the cellular network using the subscription credentials provided by the UE, and establish a direct connection with the cellular network using the temporary subscription.

Abstract: Systems for and methods of training a spoofing detection model include receiving a plurality of customer call interactions; classifying each of the plurality of customer call interactions as a spoofed call or a non-spoofed call using a spoofing detection model; generating a voiceprint for each of the plurality of customer call interactions; comparing the generated voiceprints; grouping the generated voiceprints into one or more clusters based on the comparing, wherein each cluster represents a single speaker; locating a cluster containing a spoofed call and a non-spoofed call, thereby indicating that the non-spoofed call was misclassified by the spoofing detection model; and updating the spoofing detection model with the non-spoofed call.

Abstract: The disclosed computer-implemented method for authenticating application points of entry to prevent unauthorized use of locked mobile applications may include (i) identifying one or more mobile applications having an access restriction and a group of application entry points associated with at least one mobile application function, (ii) intercepting a series of device inputs from a user for accessing the application entry points to bypass the access restriction for the mobile applications, (iii) requesting authentication credentials to bypass the access restriction from the application entry points, (iv) determining that the requested authentication credentials are invalid, and (v) performing a security action that protects against potentially malicious activity associated with unauthorized access to the mobile applications upon determining that the requested authentication credentials are invalid. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The present invention discloses methods and systems for communicating at a cellular router between a first wireless communication module and a first subscriber identity module (SIM). The cellular router receives a first request from a first wireless communication module and encapsulates the first request in a first modified request. The cellular router then sends the first modified request to a first SIM card in a first communication apparatus and waits for a first modified reply. While waiting for the first modified reply the cellular router sends at least one halt message to the first wireless communication module after a first time threshold. After receiving the first modified reply, the cellular router decapsulates the first modified reply to retrieve a first reply and sends the first reply to the first wireless communication module where the first modified reply is a reply to the first modified request.

Abstract: Disclosed are various embodiments for managing radio-based private networks. In one embodiment, a cellular network comprises at least one cell that provides a radio-based private network coverage of a site of an organization. The system further comprises at least one computing device in a cloud provider network that implements one or more network functions for an associated core network of the radio-based private network.

Abstract: An operation for restricting an operation for an application of a mobile information terminal by a user other than an authorized user of the mobile information terminal is received. Whether or not the user is the authorized user of the mobile information terminal is authenticated. When the user is authenticated to be the authorized user, the operation for the application of the mobile information terminal is allowed. When the user is not authenticated to be the authorized user, the operation for the application of the mobile information terminal is restricted.

Abstract: Embodiments of this application provide key update methods and apparatuses in the field of communications technologies. A communications system includes a terminal and a core network device. The terminal can access the core network device using both a first access technology and a second access technology. The first connection and the second connection have a shared key. Key update for the first connection is performed in obtaining a first key identifier that identifies a first key obtained by performing the key update for the first connection. In response to determining that the second connection is in a connected state, the shared key for the second connection and a second key identifier that identifies the shared key are retained. The shared key is kept using for the second connection before performing key update for the second connection.

Abstract: A system, for managing wireless devices within a restricted area is disclosed, wherein the system constructs models, containing attributes/characteristics and at least prior history data information associated with wireless devices, wherein the information is used to determine whether the wireless devices are allowed to operate within the area by the device responding to a plurality of inquiries that require the device and/or the user to provide information which is compared to the modeled data.

Abstract: A method of a wireless communication device of acquiring position information. The method comprises transmitting, to a service-providing node, a request for service, receiving, from the service-providing node, a request for information indicating the position of the wireless communication device, receiving, from a network node, information indicating a position of the wireless communication device, the information having been provided with an indication of authenticity by the network node, and transmitting, to the service-providing node, the position information having been provided with an indication of authenticity.

Abstract: An embodiment of this application provides a communications method. The method includes: generating, by an first base station, a radio resource control release message on which encryption and integrity protection are performed by using a new key; and sending, by the first base station, the radio resource control release message to a second base station, thereby improving security of communication between the serving device and the terminal and reducing signaling overheads for performing key negotiation over an air interface.

Abstract: In one example, a home network associated with a user equipment obtains an authentication request to authenticate the user equipment to a serving network. The home network generates an authentication vector of a mobile security protocol. The authentication vector includes an indication that the user equipment is to be authenticated using a multi-factor authentication process. The home network provides the authentication vector to the serving network to prompt a response from the user equipment that is in accordance with the multi-factor authentication process. The home network authenticates the user equipment to the serving network based on the response.

Abstract: Systems, methods and devices are provided for provisioning a computerized device. The system may include a distributor computer that is connected to the computerized device and is operable to receive a first digital asset and transmit it to the computerized device, and a server that is connected to the distributor computer, and that transmits the first digital asset to the distributor computer when a first authorizing condition is met, the first digital asset being configured to cause the computerized device to become partially provisioned, wherein the server transmits a second digital asset to the computerized device, and the computerized device is functional after the second digital asset is transmitted to the computerized device.

Abstract: Systems, methods, computer-readable media, and apparatuses for identifying and executing one or more interactive condition evaluation tests to generate an output are provided. In some examples, user information may be received by a system and one or more interactive condition evaluation tests may be identified. An instruction may be transmitted to a computing device of a user and executed on the computing device to enable functionality of one or more sensors that may be used in the identified tests. A user interface may be generated including instructions for executing the identified tests. Upon initiating a test, data may be collected from one or more sensors in the computing device. The data collected may be transmitted to the system and may be processed using one or more machine learning datasets to generate an output.

Abstract: A system for authenticating a user attempting to access a computing device or a software application executing thereon. A data storage device stores one or more digital images or frames of video of face(s) of authorized user(s) of the device. The system subsequently receives from a first video camera one or more digital images or frames of video of a face of the user attempting to access the device and compares the image of the face of the user attempting to access the device with the stored image of the face of the authorized user of the device. To ensure the received video of the face of the user attempting to access the device is a real-time video of that user, and not a forgery, the system further receives a first photoplethysmogram (PPG) obtained from a first body part (e.g., a face) of the user attempting to access the device, receives a second PPG obtained from a second body part (e.g., a fingertip) of the user attempting to access the device, and compares the first PPG with the second PPG.

Abstract: Some embodiments of the invention provide a method for a trusted (or originator) device to modify the security state of a target device (e.g., unlocking the device) based on a securing ranging operation (e.g., determining a distance, proximity, etc.). The method of some embodiments exchanges messages as a part of a ranging operation in order to determine whether the trusted and target devices are within a specified range of each other before allowing the trusted device to modify the security state of the target device. In some embodiments, the messages are derived by both devices based on a shared secret and are used to verify the source of ranging signals used for the ranging operation. In some embodiments, the method is performed using multiple different frequency bands.

Abstract: A first base station (BS) transmitting a secondary node (SN) Addition Request message to a second BS for a communication device; receiving a SN Addition Request Acknowledge message from the second BS, wherein the SN Addition Request Acknowledge message comprises a first plurality of configurations which configure the communication device to communicate with the second BS and configure a data radio bearer (DRB) which is a SCG split bearer; transmitting a first message comprising the first plurality of configurations to the communication device, wherein the second BS communicates with the communication device according to the first plurality of configurations; receiving a second message indicating the SCG failure from the communication device; initiating a SN Modification procedure with the second BS to recover the SCG failure, or transmitting a third message configuring the DRB to be a master cell group bearer or a MCG split bearer to the communication device.

Abstract: A method of operating a second network access node comprises configuring the second network access node to act as a secondary network access node for a dual connectivity mode for a terminal device in which a first network access node acts as a master network access node. The method further comprises establishing, while acting as a secondary network access node for the dual connectivity mode, that the second network access node should switch to acting as a master network access node, deriving a new master network access node security key for use by the second network access node when switched to acting as a master network access node for the dual connectivity mode, and configuring the second network access node to act a master network access node for the dual connectivity mode using the new master network access node security key.

Abstract: A method, apparatus and computer program product may be provided for signaling-based remote provisioning and updating of protection policy information in a SEPP of a visited network. A method may include obtaining, at a home network node (hSEPP), protection policy information from a local repository in a home network or via configuration. The hSEPP is a network node at a boundary of the home netowork, and the home network is a public land mobile network (hPLMN). The method includes distributing, via a signaling interface, the protection policy information to a visited network node (vSEPP) within a visited network (vPLMN). The vSEPP is a network node at a boundary of a second network. The protection policy information includes information regarding protection of signaling messages addressed for network functions (NFs) hosted in the hPLMN and is configured for enabling the vSEPP to selectively protect outgoing messages to hSEPP in the home network.

Abstract: Some embodiments use text and/or image processing methods to determine whether a user of an electronic messaging platform is subject to an online threat such as cyberbullying, sexual grooming, and identity theft, among others. In some embodiments, a text content of electronic messages is automatically harvested and aggregated into conversations. Conversation data are then analyzed to extract various threat indicators. A result of a text analysis may be combined with a result of an analysis of an image transmitted as part of the respective conversation. When a threat is detected, some embodiments automatically send a notification to a third party (e.g., parent, teacher, etc.

Abstract: A method and apparatus of a device that authorizes a device for a service is described. In an exemplary embodiment, the device intercepts a request for a web page from a web browser executing on the device, wherein the request includes an indication associated with an authorization request for the service and the web page provides the service. In addition, the device presents an authorization user interface on the device. The device further performs a local authorization using a set of user credentials entered via the authorization user interface. The device additionally performs a server authorization with a server. Furthermore, the device redirects the web browser to the requested web page, wherein the web browser is authorized for the service provided by the web page.

Abstract: An intelligent voice recognition method, voice recognition apparatus and intelligent computing device are disclosed. An intelligent voice recognition method of a voice recognition apparatus according to an embodiment of the present invention detects a voice of a user, receives an authentication request from the user, and performs authentication for the user on the basis of a result of determination of whether authentication for the user has recently been performed and a result of recognition of the voice of the user, thereby reducing a time and the quantity of calculations necessary for user authentication. One or more of the voice recognition apparatus and the intelligent computing device can be associated with artificial intelligence (AI) modules, unmanned aerial vehicle (UAV) robots, augmented reality (AR) devices, virtual reality (VR) devices, 5G service related devices, etc.

Abstract: Methods and systems disclosed herein describe using machine learning to lock and unlock a device. Machine learning may be trained to recognize one or more features. Once the device has been trained to recognize one or more features, a user may define an unlock condition for the device using the one or more trained features. After defining the unlock condition, the device may be locked by verifying the one or more features that the user defined as the unlock condition using machine learning. When verification is successful, the device may be unlocked and the user allowed to access the device.

Abstract: Methods and apparatus for obtaining status from an isolated AP that cannot connect to a remote management server are described. The status information is obtained from a second device and then provided, via the second device, to the remote management server. At least some of the disclosed embodiments are utilized in a system including a plurality of access points, which can provide alternate pathways to the remote management server. The remote management server determines a remedial action based on the status information.

Abstract: A dialing list comprising call records can be processed by a call handling component(s) in a contact center in various dialing modes. A call record may be processed to originate a voice call, where the agent manually dials the call as a voice telephone call. In another embodiment, one or more call records can be processed to originate a SMS text call or group text call, where the agent also determines when the call(s) originates. The agent is presented with a graphical user interface tailored to the dialing mode. The dialing mode used may be defined by the dialing list the call record is retrieved from, information from within the call record itself, application of a rule, or input from the agent. The dialing mode may be altered under certain conditions. When the call is originated, various compliance oriented tests, including calling windows and call attempts, are performed.

Abstract: A method is provided for selecting one out of a plurality of participants in a network-based video meeting.

Abstract: A system and method to automatically modify the functionality of telephones when they are located in particular environments. Located in each such environment is a low power radio transmitter with limited range. When the telephone detects a signal from the low power transmitter, the telephone changes its mode of operation such as by turning off a speaker or a ring signal capability or a normal display capability or a normal key input capability. The environment may be within a vehicle.

Abstract: Methods and apparatus are provided for providing UE EPS capability information and receiving non-access stratum (NAS) security algorithm information for an interworking procedure in the 5GS network. In one novel aspect, the UE provides the UE EPS capability information in cleartext before the security mode procedure, and the NAS security algorithm information is included in a security mode command message during the security mode procedure. In one embodiment, the UE EPS capability information is an S1 mode indicator or the 5GMM capability information including the Si mode indicator. In another novel aspect, the network provides the NAS security algorithm information before interworking procedure from 5GS to LTE. In one embodiment, the network provides the NAS security algorithm information in the Registration Accept message. In another embodiment, the network provides the NAS security algorithm information in handover procedure from the 5GS to LTE.

Abstract: An electronic device and method are disclosed herein. The electronic device includes memory storing a certificate list including first certificate data of the electronic device, and second certificate data of an external electronic device, a short-range wireless communication circuit, and a processor.

Abstract: Electrical device designed to operate in an alternative operating mode in which the electrical device accesses a mobile telephony network (2), the electrical device having a central processing component (3) designed to manage the operation of the electrical device, a reception device (15) for receiving a SIM card (16), a presence detector (17) for detecting the presence of the SIM card, and a communication module (6) dedicated to communications with the mobile telephony network and linked to the reception device (15), the electrical device being characterized in that the central processing component (3) comprises a detection input (22) linked to the presence detector (17), such that the central processing component (3) is designed to determine whether or not the SIM card (16) is positioned in the reception device (15) without activating the communication module (6).

Abstract: An approach for preventing electronic devices from repeatedly attempting to register or connect to a mobile network when they are not permitted to communicate using the mobile network. Embodiments determine whether the electronic device and/or associated SIM is permitted to communicate using the mobile network. In response to determining that the electronic device and/or SIM is not permitted to communicate using the mobile network, the contents of the SIM are modified to prevent the SIM from providing, to other components of the electronic device, communication data used to make a connection or authentication request to the mobile network.

Abstract: An integrity protection method, a terminal and a base station are provided. The integrity protection method, which is applied to a terminal, includes: performing an integrity protection check on data packets transmitted on a DRB, a split bearer corresponding to the DRB or a logical channel corresponding to the DRB, and determining whether an integrity protection of the DRB fails based on a result of the integrity protection check; and when it is determined that the integrity protection of the DRB fails, suspending the DRB or continuing receiving data packets carried by the DRB.

Abstract: A wireless device configured to temporarily unlock includes a processor configured to execute an unlocking application and a lock mechanism. The processor implementing the unlocking application to control the lock mechanism to unlock based on one of the following: the location provided by a location determination device or based on a time and date provided from the transceiver and/or the processor. A process to temporarily unlock a wireless device is also disclosed.

Abstract: A system for reducing power consumption in a wireless network includes a station (e.g., Wi-Fi sensor) and an access point in wireless communication with the station. The station has at least a low-power sleep mode and an active mode. The system can be configured to assign a static Internet Protocol (IP) address to the station and disable re-negotiation of an encryption key while the station is in sleep mode. The system can further be configured to force the station to communicate via 802.11g and to transmit data to a proxy service while in active mode before returning to sleep mode upon receiving a response from the proxy service. Further, an association timeout period associated with the station can be configured to be at least twice as long as a wake-up period associated with the station.

Abstract: Session meshes can be managed. When a session is to be initiated, session mesh devices can be detected and identified. Based on the session mesh devices that are part of a session mesh, a session mesh policy can be created to define configurations for the session mesh devices that will ensure that the session mesh complies with applicable security requirements. The session mesh policy can be distributed to one or more client computing devices in the session mesh which can apply the configurations to the session mesh devices. In conjunction with applying the configurations to the session mesh devices, the client computing devices can provide confirmation that the session mesh has been configured in accordance with the session mesh policy. The session can then be initiated.

Abstract: The present disclosure provides an access method, an internet of things platform, an application device and a service device. The access method applied to the internet of things platform includes: receiving an operation request message transmitted by an application device for accessing a service device, where the operation request message carries position information of the application device; determining whether the application device is capable of establishing connection with the service device according to the position information of the application device; when determining that the application device is capable of establishing connection with the service device, transmitting an operation response message carrying instruction information to the application device, where the instruction information is used to instruct the application device to access the service device.

Abstract: A data packet transits through a series of network nodes (a series of intermediate hops) while being transmitted from a source node to a destination node. A network node (router, gateway, server, or any network device) that handles the data packet, adds new information to the file header of the data packet. The new header information identifies the previous and next network nodes in the transmission path. The network node further validates information provided by a previous node, and generates further new header information that attests as to the validity of the information provided by the previous node. The network node secures and signs the new information cryptographically, and adds the new information to the file header. If a malicious actor attempts to tamper with the data packet, or routing thereof, the secured header information renders such tampering discoverable, enabling performance of a responsive action.

Abstract: There is provided mechanisms for configuring use of keys for security protecting packets communicated between a wireless device and a network node. A method is performed by the wireless device. The method comprises exchanging key use information with the network node in conjunction with performing a key change procedure with the network node during which a first key is replaced with a second key. The key use information indicates which of the packets are security protected using which of the first key and the second key.

Abstract: A mobile device is configured to photograph an object and includes a user interface having a display panel to display an image and a touch panel to receive a user command, a network interface to wirelessly communicate with an external network, a memory to store a password and data for operations of the mobile device, and a control unit to control the user interface, the network interface, and the memory to perform a first process during a normal mode, and to perform a second operation during a power saving mode. The first process includes setting an area condition and a wireless communication condition. The second process includes unlocking the mobile device according to the area condition and the wireless communication condition.

Abstract: A technique for hiding topological information in a message that leaves a trusted network-domain is presented. The message pertains to a subscriber session and comprises a Fully Qualified Domain Name (FQDN) of a message originator. The originator is located in a first network domain, and the message is directed towards a destination in a second network domain. A method aspect comprises the steps of receiving the message, determining the FQDN comprised in the message and determining an identifier associated with the message. The identifier comprises at least one of a subscriber identifier, a session identifier and a destination identifier. Further, the method comprises applying a cryptographic operation on the FQDN and the identifier, or on information derived therefrom, to generate a cryptographic value. The message is then processed by substituting at least a portion of the FQDN with the cryptographic value prior to forwarding the message towards the second network domain.

Abstract: Systems and methods are described for embodiments of a mobile virtualization platform (MVP) that may be embedded in an end user mobile device or comprise part of the firmware loaded on the device. The MVP may implement a thin layer of software embedded on the device to decouple applications and data from the underlying hardware, thus enabling the device to concurrently run multiple operating systems. Furthermore, the MVP may enable applications to run concurrently per each base band.

Abstract: The present disclosure is directed to mobile correctional facility robots and systems and methods for coordinating mobile correctional facility robots to perform various tasks in a correctional facility. The mobile correctional facility robots can be used to perform many of the tasks traditionally assigned to correctional facility guards to help reduce the number of guards needed in any given correctional facility. When cooperation is employed among multiple mobile correctional facility robots to execute tasks, a central controller can be used to coordinate the efforts of the multiple robots to improve the performance of the overall system of robots as compared to the performance of the robots when working in uncoordinated effort to execute the tasks.

Abstract: Method and apparatus are provided for priority fallback of SUCI calculation. In accordance with some implementation, a UE may transmit, in response to receiving an indication of authentication failure for a first SUCI based on a first SUCI parameter, a second SUCI based on a second SUCI parameter different from the first SUCI parameter. In accordance with some implementation, the UE may further transmit a SUCI with NULL SUCI parameter if the UE determines all SUCI parameters supported by the UE has been rejected by the network.

Abstract: Systems, methods, and instrumentalities are disclosed for enforcing limited mobility in a mobile network. For example, a wireless transmit/receive unit (WTRU) may receive (e.g., receive from a network) a mapping of physical cell identifications (PCIs) to area identifications (AIDs). The WTRU may determine a first PCI associated with a first neighbor cell. The WTRU may determine, based on the first PCI and the PCIs to AIDs mapping, whether the WTRU is allowed to access the first neighbor cell. The WTRU may perform cell selection or reselection with the first neighbor cell as a cell selection or reselection candidate. The WTRU may perform cell selection or reselection based on the WTRU determining that the WTRU is allowed to access the first neighbor cell. The WTRU may determine that the WTRU is allowed to access the first neighbor cell based on the first PCI and the PCIs to AIDs mapping.

Abstract: A home appliance configured to be registered in a server, the home appliance includes: a wireless fidelity (Wi-Fi) module, based on the home appliance being registered in the server, communicatively connected to an access point (AP) and configured to periodically operate in an AP mode through a virtual interface, and a controller configured to control the Wi-Fi module to periodically operate in the AP mode. The Wi-Fi module is configured to generate a beacon signal to search for an unregistered home appliance based on the Wi-Fi module being operated in the AP mode.

Abstract: A method and system is disclosed for training a machine learning model by generating first training input that includes a first number of reports at a first point in time. The reports are submitted by the users of the gaming platform and identify incidents where content of the gaming platform violates a policy of use associated with the gaming platform. The method and system generates second training input including a number of resources active at the first point in time. The method and system generates first target output identifies a number of resources sufficient to evaluate the target percentage of the first number of reports. The method and system provide the training data to train the machine learning model on (i) a set of training inputs comprising the first training input and the second training input, and (ii) a set of target outputs comprising the first target output.

Abstract: A method may comprise comparing a first data set with a second data set, the first data set associating a first plurality of names with a first plurality of roles, and the second data set associating a second plurality of names with a second plurality of roles. The method may further comprise generating a third data set based on an outcome of the comparing, such that the third data set associates a subset of the first plurality of names with a subset of the second plurality of roles. Apparatuses, methods, and software for performing these and other functions are also described.

Abstract: The system comprises an interface and a processor. The interface is configured to receive a request from an application for authorization to access, wherein access to the application is requested by a user, and receive a task request from the application for authorization to access a task, wherein access to the task is requested by the user. The processor is configured to authenticate the request from the application for authorization to access, determine that the task comprises a sensitive task, determine a user authentication device, provide a challenge for a digital credential to the user authentication device, wherein the digital credential is backed by data stored in a distributed ledger, receive a response from the user authentication device, determine the response is valid, and provide an authorization to access the sensitive task.

Abstract: Methods, systems, and computing platforms for mobile data communication are disclosed. Processor(s) may be configured to electronically receive a plurality of user mobile interaction data to initiate a session on processing server. The processor(s) may be configured to electronically process the user mobile interaction data with AI including predefined user activity data for actions. The processor(s) may be configured to electronically determine whether one of more of the user mobile voice data samples includes a session key data command and responsive to the session key data command, electronically initiating a biometric authentication of the user mobile voice data samples. In some implementations, the system processor(s) may be configured to electronically initiate a second computing session for the computer platform while receiving the plurality of user mobile interaction voice data.

Abstract: One or more computing devices, systems, and/or methods for presenting content of an application are provided. For example, a first content interface, associated with an application, may be displayed using a first device. First activity performed using the first content interface may be detected. The first activity may be analyzed to generate a first activity profile associated with the first content interface. A first request to access the application may be received from the first device. The first activity profile may be selected from a plurality of activity profiles associated with the user account, based upon a determination that the first request is associated with the first content interface. Content items of the content items database may be prioritized, based upon the first activity profile, to generate a list of content items associated with the first content interface. The list of content items may be displayed by the first device.