Abstract: An authentication method for a group of devices connected to a network includes selecting the first controller as a coordinator, the coordinator being configured to manage a group key to be used in common in the group. The method includes generating the group key, and performing first mutual authentication and second mutual authentication. The method also includes sharing the group key with each device for which the first mutual authentication has been successful, and sharing the group key with each second controller for which the second mutual authentication has been successful. The method further includes encrypting transmission data by using the group key to generate encrypted data, generating, authentication data by using the group key, and simultaneously broadcasting a message to each device for which the first mutual authentication has been successful and each second controller for which the second mutual authentication has been successful.

Abstract: The present disclosure relates to a communication technique of fusing a 5G communication system for supporting higher data transmission rate beyond a 4G system with an IoT technology and a system thereof, and provides an intelligent service based on the 5G communication technology and the IoT related technology. A method of an initial access and mobility management function (AMF) in a wireless communication system, includes receiving, from a base station, a registration request message including information on a requested slice; determining whether to reroute the registration request message based on subscription information; transmitting, to a network repository function (NRF), a first message to request information on a target AMF which has required capabilities to serve a terminal; receiving, from the NRF, a second message including information on the target AMF; and rerouting, to the target AMF, the registration request message based on the determination.

Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for managing blockchain-based centralized ledger systems. One of the methods includes transmitting individual timestamp requests for to-be-timestamped blocks in a blockchain to a trust time server independent from a blockchain-based centralized ledger system that stores data in the blockchain, the blockchain including a plurality of blocks storing transaction data, receiving respective timestamps and associated signatures for the to-be-timestamped blocks from the trust time server, and storing information of the respective timestamps and associated signatures for the to-be-timestamped blocks in respective timestamped blocks in the blockchain, any adjacent two of the timestamped blocks in the blockchain being anchored with each other.

Abstract: An operation control device for controlling operation of an operation device with respect to an operation object includes: operation logic unit that stores in advance an operation logic related to sensor information; virtual object setting unit that sets an operation object to be estimated based on sensor information, as a virtual operation object having an attribute related to presence probability and an operation-related attribute; virtual object operation determination unit that determines whether it is possible to perform an operation with respect to the virtual operation object, based on the attribute related to a presence probability and the operation-related attribute; and operation control unit that controls an operation of the operation device with respect to the operation object by using an operation logic stored in the operation logic means, based on sensor information output from the sensor and a determination result by the virtual object operation determination unit.

Abstract: The present application provides a facial data collection and verification solution. In this solution, after collecting a face sample, a collection device uses the face sample and check data including a random number as to-be-signed data, performs signature by using a device private key, to obtain a facial data signature, and then obtains trusted facial data based on the to-be-signed data, the facial data signature, and a digital certificate that includes a device public key. When performing verification on the trusted facial data, a facial recognition server sequentially performs verification on the digital certificate that includes the device public key, the facial data signature, and the check data. Because content used for the verification process is added for the face sample on the collection device, subsequent verification cannot succeed if a transmitted communication packet is replaced by an attacker. Therefore, a replay attack is prevented at the collection source.

Abstract: An authentication request is sent to a server. An authentication request reply message is received from the server. A biometric feature input by a user is received. A biometric feature template identifier (ID) corresponding to the received biometric feature is acquired using the received biometric feature. The acquired biometric feature template ID is compared with a stored biometric feature template ID included in an enable record that is used for biometric feature verification and created during a biometric feature verification enabling process. When the two biometric feature template IDs are consistent, an authentication response message is generated. The authentication response message is sent to the server for verification. Verification includes comparing the biometric feature template ID in the authentication response message with the biometric feature template ID in a saved user record. The verification succeeds if the two biometric feature template IDs are consistent; otherwise an error is reported.

Abstract: An encrypted communication system includes on-board devices configured to perform encrypted communication with a server located outside a vehicle. Each of the on-board devices includes an encrypted communication portion configured to perform encrypted communication with the server using an encryption key unique to a corresponding one of the on-board devices and a priority setting portion configured to set priority ranks of the on-board devices for encrypted communication. When each of the on-board devices performs encrypted communication with the server and if any one of the on-board devices is set to a higher priority rank, the on-board device is configured to perform encrypted communication with the server via the encrypted communication portion of the on-board device having the higher priority rank.

Abstract: A method is provided for verifying a user's identity. The method has the following steps: connecting a first and a second data processing device for data communication; running a software application in the second data processing device; for user verification, receiving user identification data in the second data processing device, the user identification data comprising reference data; receiving one or more images of a document assigned to the user in the second data processing device; determining measurement data from image data providing a digital representation of the one or more images; comparing the reference data to the measurement data determined from the digital representation of the one or more images; and providing verification data in the second data processing device, the verification data indicative of the user's identity being verified in the step of comparing the reference data to the measurement data.

Abstract: Systems, computer products, and methods are described herein for an improved secure certificate system for identifying potential authorized and unauthorized interactions between a web browser and a website. The certificate system utilizes stored certification requirements (e.g., pinned certification requirements, third-party certification requirement system, or the like), and compares the stored certification requirements with received certification requirements. The system may notify the user or prevent the interaction between the web browser and website when the stored certification requirements do not meet the received certification requirements (e.g., a threshold requirement of certificates to validate, validated certificates, or the like). The certificate system allows the interaction between the web browser and website when the stored certification requirements meet the received certification requirements and the website is verified based on the certification requirements.

Abstract: A system and methods are provided for establishing an authenticated and encrypted communication connection between two devices with at most two round-trip communications. During establishment of an initial authenticated, encrypted communication connection (or afterward), a first device (e.g., a server) provides the second device (e.g., a client) with a token (e.g., a challenge) that lives or persists beyond the current connection. After that connection is terminated and the second device initiates a new connection, it uses the token as part of the handshaking process to reduce the necessary round-trip communications to one.

Abstract: Personal Digital Server (“PDS”) is a unique computer application for the storage, updating, management and sharing of all types of digital media files, including audio, video, images and documents, irrespective of their format. PDS provides users with a single location to store and access, both locally and remotely, all of their digital media. It also provides the user total control of the overall management of these assets.

Abstract: This technology uses a bootstrap key (“BSK”) to securely onboard a computing device to a network. A unique BSK associated with an onboarding computing device is used to verify for various deployment models (1) that the computing device has proof the computing device is connecting to the correct wired or wireless network and (2) that the network has proof the computing device is trusted. The BSK may be an associated BSK or an embedded BSK. A computing device receives a signed voucher from the manufacturer authorized signing authority (“MASA”) before the computing device may onboard to a network. The MASA will issue a voucher to a Bootstrapping Remote Secure Key Infrastructure (“BRSKI”) registrar if the registrar proves knowledge of the computing device's BSK to the MASA or the registrar has an established trust relationship with the MASA.

Abstract: A computer-implemented method for detecting replay attack comprises: obtaining at least one candidate transaction for adding to a blockchain; verifying if an identification of the candidate transaction exists in an identification database, the identification database comprising a plurality of identifications within a validation range; and in response to determining that the identification does not exist in the identification database, determining that the candidate transaction is not associated with a replay attack.

Abstract: An authentication device outputs a first challenge value corresponding to a random number along with a first authentication request. A second challenge value is input to the authentication device along with a second authentication request, and the authentication device outputs a second response value which is obtained by encrypting a value corresponding to the second challenge value by using a common key by a symmetric key cryptosystem. A first response value corresponding to the first challenge value is input to the authentication device, and the authentication device decides whether or not a decrypting result which is obtained by decrypting the first response value by using the common key and a value corresponding to the first challenge value coincide with each other.

Abstract: System and method for establishing secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.

Abstract: Embodiments herein include, for example, a method, comprising: generating a shared symmetric key to begin a communication session among a group of users by a first user; distributing, by the first user, the generated shared symmetric key to each user in the group of users; communicating within the communication session among a group of users, where each user encrypts a message to the group of users to be distributed through the communication session using the generated shared symmetric key, and each user decrypts a message received from the communication session using the generated shared symmetric key.

Abstract: A method for providing improved personalized security mechanisms for transferring electronic data is disclosed. In an embodiment, the method comprises generating, at a client computer, a user key pair, wherein the user key pair comprises a user private key and a user public key; transmitting the user public key from the client computer to a server computer; receiving, at the client computer, from the server computer, a user account public key; generating a virtual memory stick (“VMS”) file and including, in the VMS file, one or more keys and one or more passphrases; encrypting the VMS file with a protection passphrase to generate an encrypted VMS file; and transmitting the encrypted VMS file to the server computer.

Abstract: A method of enabling applications to reference user information is provided, including receiving a request for a user identifier that references a user of the application and sending a second request for the user identifier to a server. The second request may include a second user identifier that references the user and a second authentication token for the second user identifier. Furthermore, the second user identifier and the second authentication token are not accessible by the user. The method includes receiving the user identifier and an authentication token for the first user identifier. The user identifier corresponds to the second identifier; and providing the user identifier and authentication token to the application. A method of enabling an application to identify users associated with a user of the application is provided; the method may include receiving, from the server, user identifiers that reference one or more users scoped to the application.

Abstract: Disclosed herein are a fixed-location Internet-of-Things (IoT) device for protecting secure storage access information and a method for protecting secure storage access information of the fixed-location IoT device.

Abstract: Data packets passing from a source to a destination in a network according to a Service Function Chain (SFC) are processed by an ordered sequence of at least one service function (SF). For each SF in the SFC in order, a current value of a function, such as a hash function, is recursively computed including, as input values, at least current identifying data that identifies a corresponding current one of the SFs, and a value of the function output from an immediately preceding SF. After computing the current value of the function for a selected SF in the SFC, the current value of the function is compared with an expected value. If the value of the function for the selected SF is the same as the expected value, the data packet is allowed to be transmitted to a subsequent processing stage; if not, then an error response action is taken.

Abstract: A security method and system for capturing user specific binary information used to identify the user; using the user specific binary information to generate a secured primary code, generating strong user credentials for accessing web based or applications logins, intercepting credential requests from local applications or remote web sites, regenerating strong user credentials dynamically, using the secure primary code to generate encryption keys for protection of data inside or outside the machine of creation, and using secure primary code protection in conjunction with subsidiary key exchanges to allow data sharing while retaining data security.

Abstract: A method and apparatus prevents hacker code from infecting an application program by requiring decryption of the application program prior to running the application program on a computer. The method includes steps of: providing a security device that is a separate unit from components necessary to operate the computer; storing a symmetric private key on the security device; using the device symmetric private key to produce an encrypted application program upon first installation; thereafter decrypting that part of the encrypted application program needed implement a command to run the application program; and, decrypting, on the fly, only those follow-on parts of the encrypted application program needed to perform functions called for during operation of the application program.

Abstract: In one embodiment, a system includes a processing circuit and logic integrated with the processing circuit, executable by the processing circuit, or integrated with and executable by the processing circuit. The logic is configured to cause the processing circuit to limit functionality of a remote controlled device during periods of time that a user of the remote controlled device is not authenticated, and to receive identity information of the user of the remote controlled device via an authentication process, with the identity information establishing an identity of the user. Also, the logic is configured to cause the processing circuit to authenticate the user prior to allowing full functionality of the remote controlled device, send an indication of the identity of the user to the remote controlled device, and provide full functionality of the remote controlled device to the user in response to successfully authenticating the user.

Abstract: A pseudonymous proximity location device and methods of operating and/or interacting with the same are provided. The pseudonymous proximity location device is configured to provide meaningful information to authorized reading devices but useless information to non-authorized reading devices, thereby prohibiting the use of the pseudonymous proximity location device by unauthorized reading devices.

Abstract: Methods, systems, and computer-readable storage media for a trust management system (TMS) in connected devices including a service provider device and a service consumer device, actions including receiving, by the TMS, side information associated with the service provider device, the side information including profile data and context data, processing, by the TMS, the side information using a computer-executable stereotype model to determine a prior trust value, determining, by the TMS, a trust value using a computer-executable experiential trust model, and at least partially based on the prior trust value, and selectively conducting a transaction between the service consumer device, and the service provider device based on the trust value.

Abstract: An approach is provided to automatically replicate content to certain servers in a networking environment based on, amongst other metrics, location of third parties accessing information in a social networking environment. The approach includes obtaining content from a user within a networked environment and analyzing information of one or more third parties that have access to the networked environment and who have an association with the user. The approach further includes replicating the content to one or more servers within the networked environment based on the analyzed information of the one or more third parties.

Abstract: An electronic social networking environment enables the transfer of stored value between users of the environment. A transfer may be in the form of a gift from one user to another. The stored value may represent actual currency or virtual currency. The stored value may be redeemed within or outside the electronic social networking environment, and may be redeemed with one or more merchants. The stored value may be redeemed for a physical item or service or for a virtual item or service.

Abstract: Provided are methods and apparatuses for establishing a wireless communications connection by using biometric information of a user. A method of operating an electronic device includes operations of: acquiring first biometric information; transmitting first sub-information of the first biometric information to a terminal within a certain time from an instant of acquiring the first biometric information; receiving from the terminal second sub-information of second biometric information of a user who uses the terminal; and comparing second sub-information of the first biometric information corresponding to the second sub-information of the second biometric information with the second sub-information of the second biometric information. If it is determined as a result of the comparing that the second sub-information of the first biometric information matches the second sub-information of the second biometric information, a pairing with the terminal is established through a wireless network.

Abstract: A method to securely send, to the device the cryptographic key and the local wireless network credentials with an authenticity verification to ensure that the device is safe to be added to the local network. Those credentials are sent using a NFC enabled device to the internal EEPROM with NFC interface embedded on the target connected device. The method enforces the configuration setup process to avoid critical vulnerabilities in IoT devices, minimizing security and privacy issues to the final user and avoid any unauthorized device to be added to the network. When a new IoT device is added, assuming that this new device has no security key embedded and no stored authentication credentials, a secure mobile application will send that information to the device using NFC. This application has an interface to configure the device in a single step.

Abstract: The present application is directed to a computer-implemented device for reserving a path in a network. The device includes a non-transitory memory operably coupled to a processor. The processor is configured to perform the instruction of sending a path computation request to a backbone router via a routing protocol path. The processor is also configured to perform the instruction of receiving a computation reply from the backbone router path based upon the request. The processor is also configured to perform the instruction of assigning a soft cell on the path between the source and the destination device. The application is also directed to a computer-implemented device for reserving a path between a source device and destination device.

Abstract: The present disclosure provides a bootstrapping server, a network application function (NAF), a system and methods for establishing secure communication between a machine to machine (M2M) device and a NAF. A method for establishing secure communication between the NAF and M2M device comprises receiving a first data object, tunneling the first data object to the M2M device, via an interface between the NAF and the M2M device, for enabling the M2M device to derive first information to establish said secure communication, receiving a second data object and deriving second information for use in establishing said secure communication with the M2M device.

Abstract: An entity authentication method includes: an entity A generates and sends NA to an entity B; the entity B generates NB and ZSEEDB, computes a key MKA?KEIA and first encrypted authentication data AuthEncDataB, and sends the NB?NA?AuthEncDataB to the entity A for verification; the entity A generates ZSEEDA, computes second encrypted authentication data AuthEncDataA, a shared key seed Z, a master key MK and a first message authentication identifier MacTagA, and sends the NA?NB?AuthEncDataA?MacTagA to the entity B for verification; the entity B computes Z, MK and MacTagA, compares the MacTagA with the received MacTagA, and if the two are equal, considers that the entity A is valid; the entity B computes and sends a second message authentication identifier MacTagB to the entity A; and the entity A computes MacTagB, compares the MacTagB with the received MacTagB, and if the two are equal, considers that the entity B is valid.

Abstract: An apparatus includes a computing system that is configured to receive, from an electronic device, a verification message indicating that the electronic device is not corrupt. The computing system is also configured to receive, from the electronic device, a unique universal identifier (UUID) that is associated with an application stored in a memory of the electronic device. The computing system is further configured to receive, from a management server of the one or more management servers, a server key stored in a credential store and that is associated with the UUID received from the electronic device. In addition, the computing system is configured to establish one or more secure channels for electronic data communication with the electronic device based on the received UUID and the server key.

Abstract: Systems and methods for backing up data are provided. Data objects or blocks of data can be encrypted with individualized keys. The keys are generated from the unencrypted data objects or blocks. The encrypted data objects or blocks and fingerprints of the encrypted data objects or blocks can be uploaded to a datacenter. Even though the data objects or blocks are encrypted, deduplication can be performed by the datacenter or before the data object is uploaded to the datacenter. In addition, access can be controlled by encrypting the key used to encrypt the data object with access keys to generate one or more access codes. The key to decrypt the encrypted data object is obtained by decrypting the access code.

Abstract: Techniques for implementing public key infrastructure using blockchains are described. An apparatus may receive, from a introducee principal, a proof-of-work. The apparatus may combine the proof-of-work with an identifier of the introducee principal. The apparatus may generate an introduction of the introducee principal. The introduction may include signing, using an asymmetric private key assigned to the apparatus, the combination of the proof-of-work and the identifier of the introducee principal. The apparatus may publish the introduction of the introducee principal to a blockchain.

Abstract: An authentication server determines that a user entering authentication data is in physical possession of a client device by determining that the user has observed changes in the state of hardware elements of the client device that are effected outside of a remote desktop protocol. The authentication server causes the client device to prompt the user to observe the hardware element of the client device for state changes and receives data generated by the user representing observed state changes. If the data accurately represents the changes in the state of the hardware element, the user is determined to be in physical possession of the client device.

Abstract: An example method for file sharing over secure connections comprises: establishing a secure client connection; receiving a client request identifying a file residing on the file sharing host; transmitting an identifier and a parameter of the secure client connection via a management connection to the file sharing host; receiving a host request to establish a secure host connection, the host request comprising the identifier of the secure client connection; establishing the secure host connection using the parameter of the secure client connection identified by the received identifier; forwarding, over the secure host connection, a first data packet received over the secure client connection, the first data packet comprising at least part of the client request; and forwarding, over the secure client connection, a second data packet received over the secure host connection, the second data packet comprising at least part of the file identified by the client request.

Abstract: Efficient memory management can be provided in a multi-tenant virtualized environment by encrypting data to be written in memory by a virtual machine using a cryptographic key specific to the virtual machine. Encrypting data associated with multiple virtual machines using a cryptographic key unique to each virtual machine can minimize exposure of the data stored in the memory shared by the multiple virtual machines. Thus, some embodiments can eliminate write cycles to the memory that are generally used to initialize the memory before a virtual machine can write data to the memory if the memory was used previously by another virtual machine.

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for creating custom platform objects for a multi-tenant non-relational database environment. A database system maintains a multi-tenant non-relational database associated with multiple enterprises and a number of records for each of the enterprises. The system also maintains a dynamic virtual table associated with a number of records. A request is received from one of the enterprises to define a custom data object within the database system, uniquely associated with an enterprise. The request is processed, and a custom object is generated based on the request. The custom object defines database columns corresponding to the data object and the enterprise. The virtual table is updated to include virtual columns corresponding to the database column definitions, and existing columns of a shared table in the non-relational database are updated to match the virtual columns.

Abstract: In a transient storage device (TSD) with multiple authentication silos, a host computing device connected to the TSD is configured by the TSD to discover and act upon various types of authentication information in the silos. One or more logical combinations of authentication silos are switched to the authenticated state to grant access to an associated storage area. A particular ordering of authentication silos may be required to achieve a valid combination of authenticated silos. Ordering may be suggested by configuration information in the TSD. Ordering may also be based upon whether or not user input is required for authenticating a given authentication silo, the environment of use of the TSD, or a hierarchy from most trusted to least trusted authentication silo. With this information, the host proceeds with the most efficient authentication sequence leading to a grant of access to the storage area.

Abstract: A quantum key generation system including two photon detector units, two photon entanglement chains extending between the two photon detector units, and a plurality of multicore fiber links each including at least two non-uniform cores structurally configured to provide non-uniform photon propagation delay. Each photon entanglement chain includes at least one quantum repeater structurally configured to entangle a pair of photons and first and second terminating quantum memories optically coupled the quantum repeater using the multicore fiber links such that photons received by the first and the second terminating quantum memories are entangled with photons entangled by the quantum repeater.

Abstract: A projector includes: a projection unit which projects a first image onto a projection surface; a detection unit which detects a position of an indicator on the projection surface; a first storage unit which stores a second image including a figure drawn according to the position of the indicator; an acquisition unit which acquires information for specifying a transmission destination of the second image via a wireless reader/writer; a communication unit which communicates via a network; and a transmission unit which transmits the second image via the communication unit to the transmission destination specified by the information acquired by the acquisition unit.

Abstract: Techniques for enabling cloud authentication of Layer 2-connected member devices via an IP-connected active device are provided. In one set of embodiments, the member device can transmit, to the active device, a request to authenticate the member device with a cloud management platform. The member device can further receive, from the active device, an encrypted nonce generated by the cloud management platform in response to the request, where the encrypted nonce is encrypted using a public key of the member device. The member device can decrypt the encrypted nonce using a private key of the member device to generate a decrypted nonce and can transmit the decrypted nonce to the active device. The member device can then receive, from the active device, a token generated by the cloud management platform indicating that the member device has been authenticated by the platform.

Abstract: The present invention relates to a method of providing voice recognition. The method comprises the steps of receiving a packetised voice data of a person to be identified over a packet-switched network, comparing the voice data with a stored voice data of a user and, based on the comparison, providing an indication of the likelihood that the person to be identified is the user, wherein the step of receiving the voice data comprises waiting for sufficient voice data to be received.

Abstract: A hosting provider may be bi-directionally authenticated with one or more media repositories. The hosting provider preferably has domain name registration and hosting capabilities. The media repositories may collect data (such as pictures and/or files) from one or more users. Once authenticated, the hosting provider and media repositories may cooperate in storing, aggregating and transmitting data to a user. Routes may be hosted by the hosting provider and used to organize and access the data. For example, a user may enter a route into a browser and receive media/data, possibly from a plurality of media repositories, that is associated with that route. In another example, the user may enter a route into the browser and be redirected from the hosting provider to a website of the media repository.

Abstract: An appliance includes a processor, a medium, a registration application, and a monitoring application. The registration application includes instructions in the medium that, when read and executed by the processor, configure the registration application to write a transaction identifier to a start message, the transaction identifier identifying the appliance, write a dataset of interest identifier to the start message, and send the start message to a database. The dataset of interest identifies a group of appliances including the appliance. The monitoring application includes instructions in the medium that, when read and executed by the processor, configure the monitoring application to monitor operations executed on the appliance, write data resulting from the operations to a data message, and send the data message anonymously to the database. The data message is signed with a member key associated with the group of appliances.

Abstract: Wireless communications systems and methods related to the reduction in a probability of collision for grant-less transmissions from internet of everything (IOE) devices while not increasing search complexity at a base station are disclosed. An IOE device randomly selects a first access resource from a common pool that the base station searches to initiate a transmission. If a metric associated with the data transmission is predicted to exceed a threshold, the IOE device also requests a second access resource from a reserved access pool from the base station, that the base station does not search. The IOE includes the request in the data transmission. The base station and the IOE device switch to the second access resource after the base station identifies an available resource from the reserved access pool and the IOE device completes the data transmission using the second access resource.

Abstract: Secure application-to-application communication is disclosed. A shared encryption key may be used to encrypt data to be transferred from a first mobile application to a second mobile application. The encrypted data is provided to a shared storage location. The second mobile application is configured to retrieve the encrypted data from the shared storage location.

Abstract: Systems and methods authenticate with application extensions. An application extension requests a token from a local application. The local application generates a token and either inserts the token into a protected storage accessible only by the application extension being run by the current user or returns the token back to the application extension after being confirmed by the legitimate user. The application extension uses the token to authenticate itself with the local application.

Abstract: A method of cell detection, for a user equipment (UE) of a first cell, wherein the first cell operates on a first frequency, from a second cell, wherein UE is served by the second cell, and the second cell operates on a second frequency different form the first frequency, is disclosed. The method comprises performing cell detection on the first frequency while the UE is associated with the second cell on the second frequency; detecting at least one cell identification (ID) candidate on the first frequency; determining whether verification of cell ID is to be done prior or after a predetermined event has occurred; and if it is determined that verification is to be done after the predetermined event, postponing the verification and performing the verification after the predetermined event has occurred. Methods of cell identification and handover are also disclosed. A communication apparatus and a computer program are also disclosed.