Mobile sender controlled data access and data deletion method and system

Data security system using mobile communications device

Mobile sender controlled data access and data deletion method and system

Data security system using mobile communications device

FAKE BASE STATION DETECTION

RADIO FREQUENCY COMMUNICATIONS DETECTION FOR SUBSCRIBER ACCESS CONTROL

A radio frequency (RF) communication that is transmitted by a subscriber device to a base station of a wireless carrier network on a corresponding allocated communication frequency of the wireless carrier network is monitored. A device identifier of the subscriber device is extracted from the RF communication and sent to a core network of the wireless carrier network for an indication of whether a subscriber associated with the subscriber device is eligible to access a resource. In response to receiving a notification from the core network that the subscriber is eligible to access the resource, whether the subscriber device with the device identifier is permitted to access the resource is determined based at least on device access information stored in an access control database of the device. The subscriber device is granted access when the device access information indicates that the subscriber device is permitted to access the resource.

METHOD FOR UPDATING AN AVAILABILITY INDICATOR OF A VEHICLE RESERVATION CONTROL APPARATUS

Confirming authenticity of a user to a third-party system

A telecommunications network server system provides a digital identifier to a user device. The digital identifier may include identification data corresponding to a user of the user device. In addition, the telecommunications network server system receives, from one or more third-party systems, requests to authenticate the user for an electronic transaction with the respective third-party system. The telecommunications network server system provides a unique electronic transaction code to each third-party system. Responsive to receiving from the user device one of the unique electronic transaction codes, the telecommunications network server system provides, to the respective third-party system, authentication of the user.

SUPPLY AUTHENTICATION VIA TIMING CHALLENGE RESPONSE

In an example implementation, a print supply cartridge comprises a microcontroller to receive a timing challenge and enable authentication of the cartridge by providing a challenge response. The challenge response is provided in a challenge response time that falls within an expected time window.

METHOD AND DEVICE FOR DETECTING A FRAUDULENT DIAGNOSIS REQUEST MADE TO A VEHICLE

Controlling distribution of resources on a network

Disclosed are various embodiments for controlling distribution of resources on a network. In one embodiment, a distribution service receives a request from a client device to access resources hosted by a distribution service. In response, the distribution service determines whether the client device is authorized to access the distribution service. The distribution service identifies which of the resources hosted by the distribution service are accessible to the client device based on the resource grouping identifiers associated with the client device. The distribution service determines which distribution rules are associated with the identified resources, the distribution rules including location rules and time rules. The distribution service then transmits the identified resources and identified distribution rules to the client device, where the resources are configured to be exclusively accessible via a containerized client application on the client device while the client device satisfies ...

Token and cryptogram using transaction specific information

Systems and methods for token processing are disclosed. An access device can provide access device data to a mobile communication device. The communication device generates a token request including the access device data and communication device data and sends the token request to a server computer. The server computer returns a token and a token cryptogram to the mobile communication device. The token and the cryptogram may be used in a transaction.

SYSTEMS AND MECHANISM TO CONTROL THE LIFETIME OF AN ACCESS TOKEN DYNAMICALLY BASED ON ACCESS TOKEN USE

A data management system manages secured data for a plurality of users. The data management system utilizes an access authorization system to authenticate users seeking access to the data management system. The access authorization system provides access tokens to authenticated users. The access tokens enable the authenticated users to access the data management system without again providing authentication data. The access authorization system includes, for each user, an access policy that governs whether the users can use the access tokens to access the data management system. The access tokens have a finite lifetime. If the users use the access tokens within the finite lifetime and if the users satisfy all of the access rules of the access policies, then the lifetime of the access tokens can be extended a finite number of times.

Authenticating a user of an electronic device

Application control method and mobile terminal

An application control method and a mobile terminal are provided. The method is applicable to a mobile terminal including a processor and an artificial intelligence (AI) module. Whether a current user is a registered user is detected by the processor when detecting that an application running on the mobile terminal belongs to a preset application set. A monitoring instruction carrying an identification of the running application is sent to the AI module by the processor when detecting that the current user is the registered user. A monitoring strategy of the running application associated with the registered user is acquired by the AI module, where the monitoring strategy includes a monitoring parameter and a corresponding monitoring parameter threshold. The running application is closed by the AI module when detecting that a value of the monitoring parameter of the running application is greater than or equal to the monitoring parameter threshold.

SHORT RANGE WIRELESS TRANSLATION METHODS AND SYSTEMS FOR HANDS-FREE FARE VALIDATION

Systems and methods using Bluetooth with a user application on a mobile device to facilitate hands-free fare validation at a transit station. Utilizes a set of signal strength detection data points and timestamps from a mobile device and synchronizes location data points and timestamps from a camera and determines an estimated location of the mobile device according to the set of signal strength detection data points and timestamps from the mobile device and the location data points and timestamps from the camera. This provides enhanced accuracy in determining the correct mobile device. The system computing device determines that the mobile device contains a valid ticket or does not, wherein the mobile device contains a valid ticket and the system computing device determines the estimated location of the mobile device is within a predetermined area the system computing device will mark the ticket as used and allow entry.

METHOD AND APPARATUS FOR ISSUING A CREDENTIAL FOR AN INCIDENT AREA NETWORK

A method (400) and apparatus for issuing an incident-issued credential for an incident area network (140). One embodiment provides an identity server including an electronic processor (210) configured to receive an agency-issued credential and retrieve a first set of attributes from the agency-issued credential. The electronic processor (210) is also configured to map the first set of attributes to a scope of a service available through an incident area network (140). The electronic processor (210) is further configured to generate the incident-issued credential for the incident area network (140) including the scope and issue the incident-issued credential to a user device (130).

SERVICE SUPPORT DEVICE, SERVICE SUPPORT METHOD, AND NON-TRANSITORY COMPUTER-READABLE RECORDING MEDIUM

SYSTEMS, APPARATUSES AND METHODS FOR SECURE INDUCTIVE PAIRING BETWEEN TWO DEVICES

Devices, systems and methods are provided to improve pairing between two devices by employing an inductive antenna circuit (e.g., 13.56 MHz) in addition to another wireless communication antenna circuit (e.g., 2.4 GHz) and a pairing protocol to minimize pairing between unintended devices. Communications via inductive antenna circuit (e.g., 13.56 MHz) require that the devices to be paired to be in close proximity to each other, which increases the likelihood of intended pairing between these devices. When the inductive pulses of the first device are detected by the second device, the second device commences advertising signals with time stamps. The inductive pulses and the time stamps facilitate synchronizing scanning windows of the first device with the advertising signals of the second device to lessen the likelihood of interference of advertising pulses from an unintended device.

The invention relates to a method for securing the transmission of at least one data packet along a data path of a telecommunications network, corresponding computer program product and device.

DYNAMIC ENCRYPTION FOR SCHEDULED MESSAGE DELIVERY

Techniques and architectures enable a wireless communications system to receive and transmit a message for which a user of a mobile device has specified to be delivered on a particular date and time to a contact in an address book of the user. Further, the network securely stores the message by encrypting the message with a strength of encryption that is based on the length of time that the message will be stored before its scheduled delivery. 1. A wireless communications network comprising:one or more processors;a non-transitory storage medium; and{'claim-text': ['receive, from a primary remote client device, a message, a delivery time for when the message is to be delivered, and a recipient delivery address;', 'apply an encryption to the message to produce an encrypted message, wherein a strength of the encryption is based on the delivery time;', 'store the encrypted message in a database;', 'compare a system time to the delivery time; and', 'upon or after determining that the system time is substantially equal to the delivery time, decrypt the encrypted message and transmit the message to the recipient delivery address.'], '#text': 'instructions stored in the non-transitory storage medium, the instructions being executable by the one or more processors to:'}2. The wireless communications network of claim 1 , wherein the instructions are further executable by the one or more processors to:prior to transmitting the message to the recipient delivery address, transmit a notification to the recipient delivery address; andreceive, from a remote client device corresponding to the recipient delivery address, permission to transmit the message to the recipient delivery address.3. The wireless communications network of claim 1 , wherein the strength of the encryption is further based on present or predicted demands on memory resources of the wireless communications network.4. The wireless communications network of claim 1 , wherein the strength of the encryption is further ...

Priority access to a priority access channel

Techniques for priority access to a priority access channel are described. In at least some embodiments, a portion of the radio spectrum is divided into general access (GA) channels and priority access (PA) channels. Levels of access to the different channels are controlled based upon priority levels of devices attempting to access the channels. For instance, embodiments employ a channel database that tracks available GA channels and PA channels, and notifies various devices of the available channels. The channel database may also track keys for PA channels that enable authentication of devices for priority access to PA channels. In at least some embodiments, tracking available GA channels and PA channels enables underutilized radio channels to be identified for various uses, such as for wireless broadband communication.

CONFIRMING AUTHENTICITY OF A USER TO A THIRD-PARTY SYSTEM

A telecommunications network server system provides a digital identifier to a user device. The digital identifier may include identification data corresponding to a user of the user device. In addition, the telecommunications network server system receives, from one or more third-party systems, requests to authenticate the user for an electronic transaction with the respective third-party system. The telecommunications network server system provides a unique electronic transaction code to each third-party system. Responsive to receiving from the user device one of the unique electronic transaction codes, the telecommunications network server system provides, to the respective third-party system, authentication of the user.

IMPROVED PROCESSING OF A WIFI NETWORK ACCESS REQUEST ACCORDING TO THE WPS-PBC PROTOKEY

Terminal device and method for identifying malicious AP using the same

SECURITY INTERFACE FOR A MOBILE DEVICE

BRAKE DISK LOCK

The invention relates to a brake disk lock comprising a brake disk detection device, a sensor for detecting a positional change of the lock, an alarm module that is configured to output an alarm when the sensor detects a relevant positional change of the lock, an unlocking motor for unlocking the lock, an authentication module for a wireless authentication of a user of the lock, and an actuation element that can be actuated by the user and by means of which the authentication module can be activated. A further subject is a locking system comprising such a lock and a mobile end device by means of which a user of the brake disk lock can authenticate himself thereat. The invention further relates to a method of unlocking a brake disk lock.

REAL-TIME AUTHORIZATION OF INITIATED DATA EXCHANGES BASED ON TOKENIZED DATA HAVING LIMITED TEMPORAL OR GEOGRAPHIC VALIDITY

The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that, among other things, authorize initiated exchanges of data based on tokenized data characterized by a limited temporal or geographic validity. For example, an apparatus may receive a first signal that includes first information identifying a first geographic position of a client device. The apparatus may also obtain a digital token representative of a pre-authorization of a data exchange between the client device and a terminal device during a corresponding temporal interval. The terminal device may, for example, be disposed within a geographic region that includes the first geographic position of the client device. The apparatus may generate and transmit a second signal that includes the digital token to the client device. In some examples, the apparatus may transmit the second signal being through a programmatic interface associated with an application program executed by the client ...

WIRELESS CONNECTION METHOD OF A COMMUNICATING OBJECT HAS A LOCAL COMMUNICATION NETWORK, COMPUTER PROGRAM AND ACCESS EQUIPMENT CORRESPONDING.

Supply authentication via timing challenge response

In an example implementation, a print supply cartridge comprises a microcontroller to receive a timing challenge and enable authentication of the cartridge by providing a challenge response. The challenge response is provided in a challenge response time that falls within an expected time window. WO 2015/030818 PCT/US2013/057674 300-, Print Engine 302 Controller 106 CPI8 Reference 320CPU108 Logic 136 Mounting Assembly Data Cryptographic Challenge Memory 304 from Algorithm 118 Response 130 110 Host Authentication Challenge Resp. Session Power Algorithm 126 Time 131 Key 124 Supply Timing Challenge 128 Characterization 308 (Challenge Parameters) Data 134 Carridge Microcontroller 112 9atig Dedicated 306 Memory Challenge Logic 312 - - --- 312 1 Ink I 31 "Drops 1/316 - - - - - - - -/ 310 Media Transport Assembly ...

Method and apparatus for issuing a credential for an incident area network

A method (400) and apparatus for issuing an incident-issued credential for an incident area network (140). One embodiment provides an identity server including an electronic processor (210) configured to receive an agency-issued credential and retrieve a first set of attributes from the agency-issued credential. The electronic processor (210) is also configured to map the first set of attributes to a scope of a service available through an incident area network (140). The electronic processor (210) is further configured to generate the incident-issued credential for the incident area network (140) including the scope and issue the incident-issued credential to a user device (130).

Apparatus and method for controlling network access of an application on a mobile terminal

Identity authentication method and communication terminal

ELECTRONIC APPARATUS, CONTROL AUTHORITY AUTHENTICATION METHOD THEREOF AND USER TERMINAL APPARATUS

IDENTITY CONTROL SYSTEM AND METHOD

Network defending system, method and apparatus, and server

Provisioning authentication system and method via timing challenge response

METHOD AND DEVICE FOR DETECTING A FRAUDULENT DIAGNOSTIC REQUEST ON A VEHICLE

호스트 추적 서비스에 대한 공격을 방지할 수 있는 소프트웨어 정의 네트워크 및 이에 포함되는 컨트롤러

... 호스트 추적 서비스에 대한 공격을 방지할 수 있는 소프트웨어 정의 네트워크 및 이에 포함되는 컨트롤러가 개시된다. 개시된 소프트웨어 정의 네트워크는 상기 소프트웨어 정의 네트워크의 데이터 평면에 위치하며, 적어도 하나의 호스트(host)와 연결되는 복수의 스위치; 및 상기 소프트웨어 정의 네트워크의 컨트롤 평면에 위치하며, 상기 복수의 스위치를 제어하며, 상기 복수의 스위치와 각각 연결된 적어도 하나의 호스트의 위치를 인식하는 호스트 추적 시스템(Host Tracking Service)이 수행되는 컨트롤러;를 포함하되, 상기 복수의 스위치 중 스위치 A는 상기 스위치 A와 연결된 호스트 A로부터 패킷을 수신하고, 상기 패킷에 기초하여 상기 호스트 A의 주소 정보 메시지를 상기 컨트롤러로 전송하고, 상기 컨트롤러는 상기 주소 정보 메시지와 상기 컨트롤러에 저장된 상기 호스트의 이전 주소 정보를 이용하여 상기 호스트 A가 호스트 추적 시스템에 대한 공격을 수행하는 호스트인지 여부를 판단한다.

METHOD AND SYSTEM FOR RELAY ATTACK DETECTION

A method preventing relay attacks between first and second devices is disclosed. The method includes providing, by a first device, a command message, receiving a request message and providing a response message to a second device. The time period between the receipt of the command message and the transmission of the response message by the first device is compared to another time period between the time when the command message was sent and the response message was received by the second device. If those times substantially match, then the first device can have assurance that a relay attack is not occurring.

Controlling distribution of resources on a network

Disclosed are various embodiments for controlling distribution of resources on a network. In one embodiment, a distribution service receives a request from a client device to access resources hosted by a distribution service. In response, the distribution service determines whether the client device is authorized to access the distribution service. The distribution service identifies which of the resources hosted by the distribution service are accessible to the client device based on the resource grouping identifiers associated with the client device. The distribution service determines which distribution rules are associated with the identified resources, the distribution rules including location rules and time rules. The distribution service then transmits the identified resources and identified distribution rules to the client device, where the resources are configured to be exclusively accessible via a containerized client application on the client device while the client device satisfies ...

Method and apparatus for issuing a credential for an incident area network

A method (400) and apparatus for issuing an incident-issued credential for an incident area network (140). One embodiment provides an identity server including an electronic processor (210) configured to receive an agency-issued credential and retrieve a first set of attributes from the agency-issued credential. The electronic processor (210) is also configured to map the first set of attributes to a scope of a service available through an incident area network (140). The electronic processor (210) is further configured to generate the incident-issued credential for the incident area network (140) including the scope and issue the incident-issued credential to a user device (130).

Behavior-based identity verification

스마트 카드 응용을 위한 보안 검증 방법 및 디바이스

... 본 출원은 정보 보안 기술 분야에 관한 것이며, 특히 스마트 카드 애플리케이션을 위한 보안 검증 방법 및 장치에 관한 것이다. 본 방법은, 스마트 카드 애플리케이션이 외부와의 서비스 처리를 수행할 때 현재 서비스의 관련 데이터를 획득하는 단계; 상기 현재 서비스의 관련 데이터 및 보안 파라미터를 판단하는 단계; 및 상기 현재 서비스의 관련 데이터가 상기 보안 파라미터를 준수하지 않는 경우, 상기 현재 서비스를 종료하는 단계를 포함한다. 본 방법에 대응하는 장치는 설명된 방법을 실행하기 위해 가상 스마트 카드 애플리케이션에 내장될 수 있거나, 또는 eSE 칩에서의 스마트 카드 애플리케이션과 독립적으로 구현될 수 있다. 본 출원의 구현예에서의 방법 및 장치에 기초하여, 서비스의 지리적 위치, 시간, 거래 정보 등이 판단되어, 스마트 카드 애플리케이션을 이용하여 서비스를 수행할 때 보안성을 보장한다.

methods for providing secure communication between devices hoc it Endpoints and of operating a communication device and dual mode communication device

METHOD AND DEVICE FOR UNLOCKING COMMUNICATION, AND COMPUTER STORAGE MEDIUM

Aspects of the disclosure provide a method and device for unlocking communications. The method can include that, after a connection is established with a second device, a preset time interval for communications in an unlocking process is determined. The method can further include that, after the preset time interval for communications is determined, unlocking communication with the second device is performed according to the preset time interval for communications. 1. A method for unlocking communication that is applied to a first device , the method comprising:determining, by the first device, a preset time interval for communications in an unlocking process after the first device establishes a connection with a second device; andperforming, by the first device, unlocking communication with the second device according to the preset time interval for communications after the first device determines the preset time interval for the communications.2. The method of claim 1 , wherein determining claim 1 , by the first device claim 1 , the preset time interval for the communications in the unlocking process further comprises:determining the preset time interval for communications in a manner of negotiation with the second device.3. The method of claim 1 , wherein the unlocking process includes multiple communications claim 1 , and performing claim 1 , the first device claim 1 , unlocking communication with the second device according to the preset time interval for communications further comprises:performing data exchange for a single data packet according to the preset time interval for communications in a process of each of multiple communications with the second device.4. The method of claim 3 , wherein performing claim 3 , by the first device claim 3 , data exchange for the single data packet further comprises:sending a single data packet to the second device according to a preset sequence of the multiple communications in the process of each of the multiple ...

BRAKE DISK LOCK

Abstract The invention relates to a brake disk lock comprising a brake disk detection device, a sensor for detecting a positional change of the lock, an alarm module that is configured to output an alarm when the sensor detects a relevant positional change of the lock, an unlocking motor for unlocking the lock, an authentication 10 module for a wireless authentication of a user of the lock, and an actuation element that can be actuated by the user and by means of which the authentication module can be activated. A further subject is a locking system comprising such a lock and a mobile end device by means of which a user of the brake disk lock can authenticate himself thereat. The invention further relates to a 15 method of unlocking a brake disk lock.

Method and system for relay attack detection

The hot spot of the wireless local area network access authentication method and device

Systems and methods for conducting secure VOIP multi-party calls

System and method for establishing secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.

Local Authentication of Communications Device

A device and method for locally authenticating an accessor device to access an operable device. The method comprises receiving reservation information at a validation device from an access granting device, the reservation information identifying one or more accessor devices as having permission to utilize the operable device, where the operable device is local to (e.g., within a predetermined proximity) of the validation device. The method further comprises receiving a request from an accessor device requesting permission to utilize the operable device, the request including an identifier of the requesting accessor device, validating the request based on the reservation information and the identifier, and when validation is successful, granting to the requesting accessor device permission to utilize the operable device. The method may further include receiving an instruction from the access granting device to revoke such permission from the requesting accessor device, and revoking such permission from the requesting accessor device. 1. A validation device for granting an accessor device access to an operable device , the operable device located within a predetermined proximity of the validation device , comprising:a processor;a transceiver communicably coupled with the processor, the transceiver configured to communicate over a network with at least one accessor device and an access granting device that manages access of accessor devices to an operable device; and receive, via the transceiver, reservation information from the access granting device, wherein the reservation information identifies one or more of the accessor devices as having permission to utilize the operable device;', 'receive, via the transceiver, a request from one of the accessor devices requesting permission to utilize the operable device, the request including an identifier of the requesting accessor device;', 'validate the request based on the reservation information and the identifier of the ...

Systems and mechanism to control the lifetime of an access token dynamically based on access token use

A data management system manages secured data for a plurality of users. The data management system utilizes an access authorization system to authenticate users seeking access to the data management system. The access authorization system provides access tokens to authenticated users. The access tokens enable the authenticated users to access the data management system without again providing authentication data. The access authorization system includes, for each user, an access policy that governs whether the users can use the access tokens to access the data management system. The access tokens have a finite lifetime. If the users use the access tokens within the finite lifetime and if the users satisfy all of the access rules of the access policies, then the lifetime of the access tokens can be extended a finite number of times.

On-demand network function re-authentication based on key refresh

Methods, systems, and devices for wireless communication are described. A user equipment (UE) may determine that a security context with a network node has been established for more than a threshold time period. The UE may identify, based on a key hierarchy, a parent network node associated with the network node. The UE may transmit a key refresh request message to the parent network node to trigger a key refresh procedure between the parent network node and the network node. The UE may perform a procedure with the network node to establish a new security context based on the key refresh procedure.

Provisioning remote units over a block chain network

Electronic lock and key for performing an unlock operation

An electronic unlocking system includes an electronic lock and an electronic key. The electronic key includes processing circuitry and transmission circuitry. The processing circuitry is configured to obtain at least one piece of feature data when an unlock operation is triggered. The at least one piece of feature data includes data representing a user that triggers the unlock operation. The processing circuitry is configured to encrypt the obtained at least one piece of feature data to obtain encrypted data. The transmission circuitry is configured to send the encrypted data to the electronic lock to cause the electronic lock to execute the unlock operation.

BIOMETRIC GENERATE OF A ONE-TIME PASSWORD ("OTP") ON A SMARTWATCH

One-time password (“OTP”) generation on a smartwatch is provided. OTP generation may include communication between an application on a smartwatch and an application on a smartphone. The request for an OTP may be received at the smartwatch. A biometric identifier may also be received at the smartwatch. The smartwatch application may communicate with the smartphone application. An OTP may be generated within a third-party library within the smartphone application. The generated OTP may be transmitted from the smartphone application to the smartwatch application. The OTP may be displayed on the smartwatch.

타이밍 질문 응답을 통한 공급 인증

... 예시적인 구현에서, 인쇄 공급 카트리지는 타이밍 질문을 수신하고 질문 응답을 제공함으로써 카트리지를 인증할 수 있게 하는 마이크로컨트롤러를 포함한다. 질문 응답은 예상 시간 윈도우 내에 드는 질문 응답 시간 내에서 제공된다.

엔에프씨 태그를 이용한 개인 정보 보호 시스템 및 방법

... 엔에프씨 태그를 이용한 개인 정보 보호 시스템 및 방법이 제공된다. 디바이스가 NFC 태그로부터 수신되는 전화 번호를 이용하여 통화를 수행하는 방법은, 상기 NFC 태그에 근접함에 따라, 상기 NFC 태그로부터 전화 번호 및 상기 전화 번호와 관련된 발신 제한 정보를 수신하는 단계; 상기 발신 제한 정보에 기초하여, 상기 수신된 전화 번호를 갖는 다른 디바이스로의 발신을 제한할지를 결정하는 단계; 및 상기 결정에 기초하여, 상기 다른 디바이스로의 발신을 제한하는 단계;를 포함한다.

Secure distance determination protocol

Preferential access to priority access channels

APPARATUS AND METHOD FOR PROVIDING AND MANAGING SECURITY INFORMATION IN COMMUNICATION SYSTEM

The computer of the user authentication method and system

A DEVICE, COMPUTER PROGRAM AND METHOD

Peer-to-peer enhanced authentication

For temporarily joining the WiFi network system and method

타이밍 질문 응답을 통한 공급 인증

... 예시적인 구현에서, 인쇄 공급 카트리지는 타이밍 질문을 수신하고 질문 응답을 제공함으로써 카트리지를 인증할 수 있게 하는 마이크로컨트롤러를 포함한다. 질문 응답은 예상 시간 윈도우 내에 드는 질문 응답 시간 내에서 제공된다.

서비스 툴 크리덴셜 관리

... 서비스 툴 크리덴셜 관리 시스템은, 복수의 명령어를 저장하도록 동작 가능한 저장 매체, 및 서비스 툴을 사용하여 장비 제어기에 액세스하기 위한 크리덴셜 요청을 네트워크화 서버에 전송하는 명령어를 실행하도록 구성된 적어도 하나의 프로세서를 포함한다. 적어도 하나의 프로세서는, 또한, 크리덴셜 요청에 응답하여 액세스 크리덴셜을 수신하고, 장비 제어기와의 상호작용 동안 액세스 크리덴셜의 하나 이상의 필드를 이용하여 액세스 크리덴셜에 대응하는 장비 제어기에 대한 서비스 툴의 액세스 레벨을 가능하게 하는 명령어를 실행하도록 구성된다.

Via the intermediate to provide limited access to the service equipment

METHODS OF CONTEXT-BASED MOBILE DEVICE FEATURE CONTROL AND MOBILE DEVICES EMPLOYING THE SAME

Methods and systems for context-based mobile device feature control are provided. One method comprises determining, with a mobile device, one or more contexts corresponding to the mobile device; selecting, from a predetermined set of security protocols, a security protocol corresponding to the determined one or more contexts; and adjusting a permission setting for one or more functional features of the mobile device based upon the selected security protocol. One apparatus comprises one or more features configure to input data, output data, transform data, or a combination thereof; and a controller configured to: determine one or more contexts corresponding to the mobile computing device, to select, from a predetermined set of security protocols, a security protocol corresponding to the determined one or more contexts, and to adjust a permission setting for the one or more functional features based upon the selected security protocol. 1. A method , comprising:determining, with a mobile device, one or more contexts corresponding to the mobile device;selecting, from a predetermined set of security protocols, a security protocol corresponding to the determined one or more contexts; andadjusting a permission setting for one or more functional features of the mobile device based upon the selected security protocol.2. The method of claim 1 , wherein the one or more contexts comprise a location of the mobile device claim 1 , a wireless network to which the mobile device is connected claim 1 , a proximity of the mobile device to a security beacon claim 1 , a local time of the mobile device claim 1 , a detected movement of the mobile device claim 1 , a proximity of the mobile device to a second mobile device claim 1 , or a combination thereof.3. The method of claim 1 , wherein the one or more functional features of the mobile device include a camera device claim 1 , a microphone device claim 1 , a sensor device claim 1 , a display device claim 1 , a data storage device claim ...

SUBSCRIBER-DRIVEN SHARING OF A COMMUNICATIONS SERVICE USING A VSIM

cartucho de suprimento de impressora e dispositivo de suprimento substituível

SYSTEM, APPARATUS AND METHOD FOR SECURE NETWORK BRIDGING USING A RENDEZVOUS SERVICE AND MULTIPLE KEY DISTRIBUTION SERVERS

APPARATUS AND METHOD FOR FLEXIBLE SECURE TIME OF FLIGHT MEASUREMENTS

Some embodiments include an electronic device, method, and computer program product for enabling secure time of flight (SToF) measurements for wireless communication packets that include ranging packets with zero padded random sequence waveforms, especially at higher frequency bands (e.g., 60 GHz) and in non-line of sight (NLOS) scenarios. Some embodiments provide a flexible protocol to allow negotiation of various security parameters and SToF operation parameters. For example, some embodiments employ: phase tracking and signaling to support devices with phase noise constraints to mitigate phase noise at higher frequencies; determining a number of random sequences (RSs) used for SToF to support consistency checks and channel verification; additional rules supporting sub-phases of the SToF operation; and/or determining First Path (FP), Sub-Optimal, and/or Hybrid path AWV modes and the pre-conditioning usage of these modes. 1. An electronic device for transmitting a ranging packet with a secure ranging waveform that enables secure time of flight (SToF) determination , comprising:a memory;one or more processors coupled to the memory, wherein the one or more processors are configured to:establish a link with a second electronic device;perform a first path beamforming (FPBF) operation with the second electronic device;receive a FPBF antenna weight vector (AWV); andtransmit, using the FPBF AWV, the ranging packet.2. The electronic device of claim 1 , wherein to transmit the ranging packet claim 1 , the one or more processors are configured to:determine a sub-optimal path AWV comprising a combination of the FPBF AWV and a best path beamforming (BPBF) AWV; andtransmit one or more fields of the ranging packet using the sub-optimal path AWV.3. The electronic device of claim 1 , wherein to transmit the ranging packet claim 1 , the one or more processors are configured to:transmit a first portion of the ranging packet, comprising the secure ranging waveform using the FPBF AWV; ...

Wireless network communication connecting method

SUPPLY AUTHENTICATION VIA TIMING CHALLENGE RESPONSE

Device and method for transmitting electronic key thereof

SYSTEMS AND METHODS FOR AUTHENTICATING TIME-SENSITIVE NETWORK ELEMENTS

Device-side, translator functions may be authenticated by elements of a 5 G core network before communications involving such functions are allowed to occur, or continue to occur.

ASSOCIATING A USER SERVICE WITH A TELEPHONY IDENTIFIER

Associating a user service with a telephony identifier. The user service is accessible by a user of a telephony device via an application on the telephony device. The telephony device is operable in a radio telephony network (RTN) and is contactable via the telephony identifier when operating in the RTN. Network equipment: communicates, between the network equipment and the application on the telephony device, first data comprising a communicated token; receives, from the telephony device, second data comprising a received token, wherein the second data is received from the telephony device via an RTN-native service; receives, from a network node in the RTN, the telephony identifier in control signalling associated with the RTN-native service; and based at least on correlating the received token with the communicated token, associates the received telephony identifier with the user service. 1. A method of associating a user service , which is accessible by a user of a telephony device via an application on the telephony device , with a telephony identifier , the telephony device being operable in a radio telephony network , RTN , and being contactable via the telephony identifier when operating in the RTN , the method being performed by network equipment and comprising:communicating, between the network equipment and the application on the telephony device, first data comprising a communicated token;receiving, from the telephony device, second data comprising a received token, wherein the second data is received from the telephony device via an RTN-native service;receiving, from a network node in the RTN, the telephony identifier in control signalling associated with the RTN-native service; andbased at least on correlating the received token with the communicated token, associating the received telephony identifier with the user service,wherein the application on the telephony device does not have permission to access information in incoming Short Message Service, ...

Digital authentication system

Processing module and associated method

method for providing an indication of time and location authenticatable

Payment assistance method, device and device

BRAKE DISK LOCK

The invention relates to a brake disk lock comprising a brake disk detection device, a sensor for detecting a positional change of the lock, an alarm module that is configured to output an alarm when the sensor detects a relevant positional change of the lock, an unlocking motor for unlocking the lock, an authentication module for a wireless authentication of a user of the lock, and an actuation element that can be actuated by the user and by means of which the authentication module can be activated. A further subject is a locking system comprising such a lock and a mobile end device by means of which a user of the brake disk lock can authenticate himself thereat. The invention further relates to a method of unlocking a brake disk lock. 1. A brake disk lock comprisinga brake disk detection device;a sensor for detecting a positional change of the lock;an alarm module that is configured to output an alarm when the sensor detects a relevant positional change of the lock,an unlocking motor for unlocking the lock;an authentication module for a wireless authentication of a user of the lock; andan actuation element that can be actuated by the user and by means of which the authentication module can be activated.2. The lock in accordance with claim 1 ,wherein a relevant positional change is present when the position of the lock relative to a starting position changes by more than a predefined amount in at least one spatial direction.3. The lock in accordance with claim 2 ,wherein that position of the lock is the starting position that the sensor determines when the brake disk detection device detects the presence of a brake disk and the lock has not changed its position for a predefined minimum period.4. The lock in accordance with claim 3 ,wherein the predetermined minimum period of time is in the range of some seconds.5. The lock in accordance with claim 1 ,wherein the alarm module is configured only to read the sensor when the brake disk detection device detects the ...

SERVICE SUPPORT DEVICE, SERVICE SUPPORT METHOD, AND NON-TRANSITORY COMPUTER-READABLE RECORDING MEDIUM

Residential system

Machine learning coordinated wireless networking

For privacy known shared management computing system and the method of operating the same

Application control method and related product

SUPPLY AUTHENTICATION VIA TIMING CHALLENGE RESPONSE

METHOD, SYSTEM, AND APPARATUS FOR SECURE WIRELESS CONNECTION GENERATION

Provided is a system and apparatus employing an extremely secure method of encrypting both wireless internet connections and wireless peripherals to a computer, cellphone, tablet, TV, stereo, or any other wireless device. The method differs from other techniques in that it generates more unique random seeds from which to generate incredibly long security keys between two or more devices. The system also acts as a filter between computers and devices so that infected devices cannot infect the host when generating keys. It uses secure data cables which generate no electromagnetic fields. It can also detect an attempt to tap into the line to snoop on the keys created. It also generates private/private security keys for wireless/internet use. 1. An encryption device for establishing encrypted communications channels between a first device and a second device , comprising:a processor with memory;a first wired connection for connecting to said first device;a second wired connection for connecting to said second device;one or more peripherals; and a. reading data from said one or more peripherals and generating one or more random number seeds from said data;', 'b. generating a set of public/private encryption keys using one of said random number seeds;', 'c. encrypting connections to said first and second devices using said public/private encryption keys over said first and second wired connections, respectively;', 'd. generating one or more private/private encryption keys using one or more of said random number seeds; and', 'e. transmitting said one or more private/private encryption keys to said first and said second devices over said first and second wired connections, respectively., 'software, stored in said memory and execute by said processor, said software performing the functions of2. The encryption device of wherein said encryption device and said first or second devices are the same device.3. The encryption device of wherein said peripherals are selected from a ...

Brake disc lock

CONFIRMING AUTHENTICITY OF A USER TO A THIRD-PARTY SYSTEM

Secure aggregation of IoT messages

A system includes processing circuitry; and a memory device including instructions embodied thereon, wherein the instructions, which when executed by the processing circuitry, configure the processing circuitry to perform operations comprising: accessing input data, at an aggregator node, the input data including sensor data from a plurality of sensor nodes, each sensor data having a respective signature; validating the sensor data by using respective cryptographic hash functions on the sensor data and evaluating the respective result using the respective signature; performing an aggregation function on the sensor data to produce aggregate data; executing a hash function on the aggregate data to produce a hash value for the aggregate data bundling the sensor data, respective signatures of the sensor data, aggregate data, and hash value for the aggregate data in a data structure; and exposing the data structure to subscriber nodes on the IoT network.

MOBILE SENDER CONTROLLED DATA ACCESS AND DATA DELETION METHOD AND SYSTEM

SERVICE TOOL CREDENTIAL MANAGEMENT

SYSTEMS AND METHODS FOR CONDUCTING SECURE VOIP MULTI-PARTY CALLS

Synchronized Online/Offline Clock In Management

Systems, devices, and methods for synchronized clock in management. In an embodiment, a system enables users to clock in to a cloud computing platform over a network through remote clock in devices, regardless of whether the remote clock in devices are online or offline. A clock in manager on the platform is configured to communicate with clock in assistants on remote clock in devices and to manage clock in of users in self and group clock in modes. A predetermined threshold may be used to determine a match with respect to a captured image. A clock in manager may intelligently determine the predetermined threshold according to algorithms based on training data. Face scan guides, liveness detection, and fraud detection may be included. A report engine supports presentations of filtered data from a control panel including map displays of devices or clock in events according to geolocation. 1. A system enabling users to clock in to a cloud computing platform over a network through remote devices , regardless of whether the remote devices are online or offline , comprising:a clock in manager configured to communicate with a plurality of applications accessed by remote devices to manage clock in of users in at least one of a self clock in mode or a group clock in mode; anda database, coupled to the platform, configured to store clock in encoding data, wherein the clock in encoding data includes facial image data representing a digital image of a user face and associated encoding of the facial image data,wherein the clock in manager is configured to send validated encoding data for an authorized user to a respective application for local storage in memory on a remote device, whereby the respective application may verify a clock in by a user in a self clock in mode based on a comparison of encoding data captured at the time of clock in with validated encoding data stored in the local storage in memory on the remote device even when offline, and the respective application ...

BUILDING OR ENCLOSURE TERMINATION CLOSING AND/OR OPENING APPARATUS, AND METHOD FOR OPERATING A BUILDING OR ENCLOSURE TERMINATION

The invention relates to a building or enclosure termination opening and/or closing apparatus () having communication signed or encrypted by means of a key, and to a method for operating such. To allow simple, convenient and secure use by exclusively authorised users, the apparatus comprises: a first and a second user terminal (), with secure forwarding of a time-limited key from the first to the second user terminal being possible. According to an alternative, individual keys are generated by a user identification () and a secret device key (). 1. A building or enclosure termination opening and/or closing apparatus comprising: a building or enclosure termination communication device configured to receive and/or transmit encrypted and/or signed messages, and', 'an individual authentication device for each building or enclosure termination opening and/or closing device which initiates the actuation signal on receipt of a valid authentication code generated from one or more code keys, and with, 'a building or enclosure termination opening and/or closing device comprising an actuator that can be actuated by an actuation signal to allow or block access through a building or enclosure termination,'} at least one second individual mobile user terminal is provided which comprises a user terminal communication device configured to transmit and/or receive encrypted and/or signed messages, a memory configured to store at least one temporary user key, and an encryption device configured to encrypt and/or sign messages with the at least one temporary user key, wherein the first individual mobile user terminal is configured to receive or to generate from user defaults information about a time limit for temporary authentication of a second user and to generate from that information about the time limit and from the individual user key a temporary user key that includes information about the individual user key and the time limit and to forward the temporary user key to the at ...

SECURE SHORT MESSAGE SERVICE (SMS) COMMUNICATIONS

Systems, methods, and computer program products for providing secure messaging communications are disclosed. For example, a computer-implemented method may include receiving an encrypted message and a key from a sender associated with a first computing device where the encrypted message is generated by the first computing device, verifying the received key at least in part based on a comparison with a pre-determined key, processing one or more unique factors associated with the sender in view of verifying the received key, decrypting the encrypted message, re-encrypting a result of the decrypting using a key of a receiver associated with a second computing device, and sending the re-encrypted result to the receiver associated with the second computing device. 1. (canceled)2. A system , comprising:a non-transitory memory; and receiving, by a cryptography application of a user device from a text messaging application of the user device, a request to encrypt a message for sending to a remote device;', 'applying, by the cryptography application, a message authentication code (MAC) function to a device identifier of the user device and a variable negotiated between the user device and the remote device;', 'generating, by the cryptography application, a MAC value based on the applying;', 'encrypting, by the cryptography application, the message using an encryption key generated based on at least one of the device identifier or the variable;', 'passing, by the cryptography application, the encrypted message and the MAC value to the text messaging application; and', 'causing the text messaging application to transmit the encrypted message along with the MAC value to the remote device over a network, wherein the MAC value enables at least one of the message or a user of the user device to be authenticated by the remote device based on the MAC value., 'one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non- ...

Systems and mechanism to control the lifetime of an access token dynamically based on access token use

A data management system manages secured data for a plurality of users. The data management system utilizes an access authorization system to authenticate users seeking access to the data management system. The access authorization system provides access tokens to authenticated users. The access tokens enable the authenticated users to access the data management system without again providing authentication data. The access authorization system includes, for each user, an access policy that governs whether the users can use the access tokens to access the data management system. The access tokens have a finite lifetime. If the users use the access tokens within the finite lifetime and if the users satisfy all of the access rules of the access policies, then the lifetime of the access tokens can be extended a finite number of times.

DATA SECURITY SYSTEM USING MOBILE COMMUNICATIONS DEVICE

Embodiments of the invention provide systems and methods to unlock an account associated with a user for a limited period of time to enable the user conduct a transaction using funds from that account. In one embodiment of the invention, the user may select options relating to the transaction using a payment menu provided at a mobile communications device associated with the user. A notification message is received at the mobile communications device informing the user that the account is unlocked for a certain period of time and for a certain amount. After the transaction is complete, the user is notified and the account is locked again. 120.-. (canceled)21. A method comprising:receiving, at a server computer from a mobile communications device, a request message to unlock an account associated with a user for conducting two or more transactions on the account;transmitting, by the server computer to the mobile communications device, a request for a passcode, a total number of transactions, and an unlock amount;receiving, by the server computer from the mobile communications device, the passcode, the unlock amount, and the total number of transactions specified by the user;verifying, by the server computer, the passcode based on account information associated with the user stored in a database communicatively coupled to the server computer;unlocking, by the server computer, the account for a limited period of time, for the unlock amount, and for the total number of transactions, to allow conducting transactions using the account within the limited period of time and for the total number of transactions using a personal identification number (PIN), wherein a total amount associated with the transactions is less than or equal to the unlock amount;receiving a plurality of first authorization request messages, corresponding to a respective plurality of first transactions, comprising a respective plurality of first transaction amounts;determining, by a lock-unlock module ...

Remotely Controlling Devices Using Short Message Service

A first device communicates with a remote second device by sending an SMS message that includes an encrypted first device phone number portion and a command, which may also be encrypted. The second device receives the SMS message and decrypts the encrypted first device phone number portion to verify the authenticity of the message by comparing it with a first device phone number included with the message by a cellular carrier. Successful decryption authenticates the first device, and the command is then executed, after being decrypted if it had been encrypted. Further authentication can optionally include decrypting an encrypted unique device identifier and/or phone number of the second device. The second device may also consider an embedded time stamp to determine whether the command is superseded by a subsequently issued command. 1. A method of communicating between a first device and a second device that is disposed remotely to the first device , the first device having a first device phone number and the second device having a second device phone number , the method comprising:receiving, by the second device from the first device, a message including an encrypted first device phone number portion and a command;decrypting, by the second device, the encrypted first device phone number portion and thereby obtaining, by the second device, a decrypted first device phone number portion;using, by the second device, the decrypted first device phone number portion to verify the authenticity of the message; andresponsive to the authenticity of the message being verified, executing, by the second device, the command.2. The method of claim 1 , including:receiving, by the second device, the command as an encrypted command;decrypting, by the second device, the encrypted command to obtain the command.3. The method of claim 1 , wherein the executing claim 1 , by the second device claim 1 , the command puts the second device in a lost mode.4. The method of claim 1 , wherein the ...

Control Signaling in a Wireless Communication System

A wireless communication device ( 16 ) is configured for use in a wireless communication system ( 10 ). The wireless communication device ( 16 ) is configured to receive control signaling ( 22 ) that indicates a certain wait time ( 24 ) for which the wireless communication device ( 16 ) is required to wait before sending a certain control message ( 20 ) to network equipment ( 18 ). A subset of possible wait times must be indicated by integrity-protected control signaling. The wireless communication device ( 16 ) may therefore also be configured to accept or reject the certain wait time ( 24 ) as being required before sending the certain control message ( 20 ), based on whether the received control signaling ( 22 ) was integrity protected and on whether the certain wait time ( 24 ) is included in the subset of possible wait times which must be indicated by integrity-protected control signaling.

IN-VEHICLE AUTHENTICATION DEVICE AND PORTABLE DEVICE AUTHENTICATION METHOD

An in-vehicle authentication device may perform wireless communication with a portable device in a vicinity of a vehicle. The in-vehicle authentication device may transmit a call signal that requests a reply of a response signal to the portable device. The in-vehicle authentication device may transmit an authentication request signal that requests a reply of an authentication signal to the portable device when the in-vehicle authentication device determines that the portable device exists in the vicinity of the vehicle by receiving the response signal. The in-vehicle authentication device may authenticate the portable device that transmits the authentication signal based on the authentication signal when the authentication signal is received. 1. An in-vehicle authentication device comprising:a wireless communication unit configured to perform wireless communication with a portable device in a vicinity of a vehicle;a call signal transmission unit configured to transmit a call signal that requests a reply of a response signal to the portable device via the wireless communication unit;an authentication request signal transmission unit configured to transmit an authentication request signal that requests a reply of an authentication signal to the portable device via the wireless communication unit when the authentication request signal transmission unit determines that the portable device exists in the vicinity of the vehicle by receiving the response signal via the wireless communication unit;an authentication execution unit configured to authenticate the portable device that transmits the authentication signal based on the authentication signal when the authentication signal is received via the wireless communication unit;a no-authentication signal state detection unit configured to detect a no-authentication signal state in which the authentication signal is not received from the portable device in response to the authentication request signal transmitted based on ...

SENSOR PROVISIONING IN WIRELESS SENSOR NETWORKS

A method for sensor provisioning in a wireless sensor network includes determining, at a gateway, that no neighboring gateway is present; in response to no neighboring gateway present, measuring signal strengths from a plurality of sensors; based on the measured signal strengths, identifying a sensor from the plurality of sensors to be paired with the gateway; and in response to identifying the sensor, pairing the gateway and the sensor to enable a secured connection between the gateway and the sensor. 120.-. (canceled)21. A method , comprising:determining, at a gateway, that no neighboring gateway is present; measuring signal strengths from a plurality of sensors;', 'based on the measured signal strengths, pairing at least one sensor from the plurality of sensors with the gateway., 'in response to determining that no neighboring gateway is present, starting, by the gateway, a sensor discovery process, wherein the sensor discovery process comprises22. The method of claim 21 , further comprising:receiving a whitelist from a server, the whitelist including security information for pairing the gateway and the at least one sensor; andin response to receiving the whitelist, pairing the gateway and the at least one sensor based on the security information.23. The method of claim 21 , wherein the gateway is in a first power saving mode and the at least one sensor is in a second power saving mode.24. The method of claim 23 , wherein the first and second power saving modes are time synchronized.25. The method of claim 23 , wherein during the first power saving mode claim 23 , the gateway wakes up at a regular time interval.26. The method of claim 25 , wherein the at least one sensor has no motion detection capability claim 25 , and during the second power saving mode claim 25 , the at least one sensor wakes up at a same time interval as the gateway.27. The method of claim 23 , wherein the at least one sensor has a motion detection capability claim 23 , and during the second ...

Apparatus and method for providing and managing security information in communication system

The present disclosure relates to a technology for a sensor network, machine to machine (M2M) communication, machine type communication (MTC), and Internet of things (IoT). The present disclosure relates to an operation method of a first device in a communication system, the operation method comprising a step of receiving, from a server, security information of a second device associated with the first device, wherein the security information includes a first parameter associated with an operation of the second device, and attribute information associated with the first parameter.

Systems and methods for location-based automated authentication

Systems and methods for location-based automated authentication are disclosed. A system comprises a mobile device, a sensor and a backend platform. The sensor and the backend platform are in network communication. The mobile device is operable to continuously transmit Bluetooth Low Energy (BLE) signals comprising encrypted transitory identifiers. The sensor is operable to receive a BLE signal from the mobile device when the mobile device is within a predetermined range, and communicate over a network connection the encrypted transitory identifier comprised in the BLE signal to the backend platform. The backend platform is operable to extract a unique identifier and a changing encrypted identifier from the received encrypted transitory identifier, generate a changing encrypted identifier, and validate a user identification by comparing the generated changing encrypted identifier and the extracted changing encrypted identifier.

PERSONAL SECURITY SYSTEM

A method for providing assistance to each of a plurality of users, each having been enrolled as a member of a community includes receiving, at a server, communications from corresponding mobile devices, each of which is associated with a user who has enrolled as a member in a first community. These emergency communications were initiated by activation of respective personal security buttons on the mobile devices, and provide information about respective security conditions. In response to the communications, the server alerts corresponding first and second security services that are appropriate responding to the respective security conditions. 1. A method comprising receiving , at a communication server , a communication concerning a personal mobile handset that is coupled to a mobile communication system and that is associated with a corresponding user of said mobile communication system , said user having been enrolled as a member of a first community , said communication server having been configured to initiate communication with each security service from a set of security services and causing said communication server to select a first security service from said set of security services based on a location from which said communication originated and to inform said first security service of said call.2. The method of claim 1 , further comprising transmitting at least some information received by said first security service to a police department associated with said location from which said communication originated.3. The method of claim 1 , further comprising causing the communication server to query a location-based server to determine said location from which said communication originated.4. The method of claim 1 , further comprising selecting said first community to be an association of users claim 1 , each of whom is entitled to receive emergency services from said first security service as a result of having been enrolled in said first community.5. The ...

SYSTEMS, DEVICES, AND METHODS FOR MANAGING AND CONTROLLING A DEVICE BASED ON LOCATION

Systems, devices and methods for managing and controlling a device based on location. The systems, devices, and methods track a device entering and leaving a geofence, then manage and control features and applications on the device. 1. A computer-based method for managing and controlling a user device based on location , comprising:defining one or more policy definitions;storing the one or more policy definitions in a database;activating an application on the user device based on the location of the user device;retrieving the one or more policy definitions;receiving telemetry information of the user device, wherein the telemetry information includes at least screen time data;updating status of the user device in the database, based on the telemetry information;transmitting a push notification to the user device; andlocking the user device based on the one or more policy definitions.2. The computer-based method of claim 1 , wherein the location of the user device indicates the user device enters a defined geographic area.3. The computer-based method of claim 1 , wherein receiving telemetry information of the user device periodically.4. The computer-based method of claim 1 , wherein the one or more policy definitions include at least one of a period of time the application can be activated claim 1 , activities allowed when the application is activated claim 1 , actions to perform when the user device is not in compliance claim 1 , and geofencing configurations.5. The computer-based method of claim 4 , wherein the period of time the application can be activated includes one or more blocks of time a user of the user device is in class.6. The computer-based method of claim 4 , wherein the period of time the application can be activated includes one or more blocks of time a user of the user device is at work.7. The computer-based method of claim 4 , wherein the actions to perform when the user device is not in compliance include one of locking the user device claim 4 , ...

Timestamp based onboarding process for wireless devices

A method, apparatus, and system for provisioning a device onto a network using a non-secure communication channel between the device and a provisioner is described. The provisioner receives a timestamp-based on-time password (TOTP), and a universal resource identifier (URI) from the device and provides the TOTP and an out-of-band (OOB) UUID to a remote server over a secure communication channel identified by the URI. The device is then provisioned onto a network based on comparisons of the UUID and the TOTP.

METHOD FOR MANAGING A REAL TIME DETECTION OF A SCENE BY A WIRELESS COMMUNICATION APPARATUS AND CORRESPONDING APPARATUS

A method of real-time scene detection performed by a wireless communication device includes, performing a first scene detection measurement to determine that the wireless communication device is located in a first scene. The first scene detection measurement is performed at first instant in time. The first scene is a type of environment. The method further includes associating the first scene with a corresponding reference scene of a predetermined set of reference scenes, determining a reference duration associated with the corresponding reference scene, and performing a second scene detection measurement immediately following expiration of the reference duration measured from the first instant in time. 1. A method of real-time scene detection performed by a wireless communication device , the method comprising:at first instant in time, performing a first scene detection measurement to determine that the wireless communication device is located in a first scene, the first scene being a type of environment;associating the first scene with a corresponding reference scene of a predetermined set of reference scenes;determining a reference duration associated with the corresponding reference scene; andimmediately following expiration of the reference duration measured from the first instant in time, performing a second scene detection measurement.2. The method of claim 1 , further comprising:performing K previous scene detection measurements prior to the first instant in time to determine that the wireless communication device is located in K previous scenes, K being a positive integer;associating each of the K previous scenes with a respective reference scene of the predetermined set of reference scenes; andwherein determining the reference duration comprises determining the reference duration associated with the corresponding reference scene and with each respective reference scene of the K previous scenes.3. The method of claim 2 , further comprising:determining a ...

A system for social interaction by means of telecommunication system

A system for social interaction by means of telecommunication system is provided by the use of a button to activate the GPS social media social interaction for a short time and short range and provide indirect communication only for those in the immediate time and space relative to the user until direct communication is authorised.

System and method for time based anomaly detection in an in-vehicle communication network

A system and method for providing security to a network may include maintaining, by a processor, a model of an expected behavior of data communications over the in-vehicle communication network; receiving, by the processor, a message sent over the network; determining, by the processor, based on the model and based on a timing attribute of the message, whether or not the message complies with the model; and if the message does not comply with the model then performing, by the processor, at least one action related to the message.

Method and system for establishing wireless communications services to a vehicle

A vehicle processing device authenticates that an authorized user has requested an action by the vehicle and generates an authentication acknowledgement message. At least two security devices being present within the cabin of, or close to, the vehicle during a predetermined period following an authentication trigger event that occurs while the user performs a predetermined sequence of authentication activities (i.e., button presses, operating the vehicle or a part of it, etc.) provides a basis for the authentication acknowledgement message. Typically, information unique to each security device has been associated with the vehicle at a service provider's server. The authentication acknowledgement may include an activation code that results from processing the information, unique to each security device, received from the security devices and other random information, such as date. A service provider's server, or a user device, provides services to, or can access, respectively, the vehicle upon receiving the authentication acknowledgement.

ENHANCED AGGREGATED RE-AUTHENTICATION FOR WIRELESS DEVICES

Methods and systems for group re-authentication of devices in a wireless telecommunication network are provided. According to one aspect, a method of operation of a base station in a wireless telecommunication network comprises receiving a group authentication request message from a mobility management entity, the group authentication request message comprising a group identifier; identifying at least one user equipment as belonging to a group identified by the group identifier; sending an individual authentication request message to each identified UE; receiving an authentication response from at least one of the identified UE; aggregating the received at least one authentication response to create a group authentication response message; and sending the group authentication response message to the mobility management entity. 1. A method of operation of a Base Station , BS , in a wireless telecommunications network , the method comprising:receiving a group authentication request message, the group authentication request message comprising a group identifier;identifying at least one User Equipment, UE, as belonging to a group identified by the group identifier;sending an individual authentication request message to each identified UE;receiving an authentication response from at least one of the identified UE; the aggregating step comprises performing aggregation for a specified duration of time; or', 'the aggregating step is performed until a specified number of authentication responses are received; and, 'aggregating the received at least one authentication response to create a group authentication response message wheresending the group authentication response message.2. The method of wherein the group authentication request message is received from a Mobility Management Entity claim 1 , MME claim 1 , or the group authentication response message is sent to the MME.3. (canceled)4. The method of wherein identifying the at least one UE as belonging to the group ...

METHOD AND SYSTEM FOR SECURELY AUTHENTICATING AN ELECTRONIC USER DEVICE TO A VEHICLE

A vehicle processing device authenticates that an authorized user has requested an action by the vehicle and generates an authentication acknowledgement message. At least two security devices being present within the cabin of, or close to, the vehicle during a predetermined period following an authentication trigger event that occurs while the user performs a predetermined sequence of authentication activities (i.e., button presses, operating the vehicle or a part of it, etc.) provides a basis for the authentication acknowledgement message. Typically, information unique to each security device has been associated with the vehicle at a service provider's server. The authentication acknowledgement may include an activation code that results from processing the information, unique to each security device, received from the security devices and other random information, such as date. A service provider's server, or a user device, provides services to, or can access, respectively, the vehicle upon receiving the authentication acknowledgement. 1. A system , comprising:a first security device that includes first unique information that is uniquely associated with a vehicle;a second security device that includes second unique information that is uniquely associated with the vehicle; receive a request to associate a user equipment device with the vehicle;', 'receive the first unique information transmitted in a first security signal from the first security device;', 'receive the second unique information transmitted in a second security signal from the second security device;', 'determine that the first security signal was transmitted during a predetermined authentication period that began after the receiving of the request to associate the user equipment device with the vehicle;', 'determine that the second security signal was transmitted during the predetermined authentication period; and', 'associate the user device with the vehicle when a determination is made that the ...

Multi-Factor Autonomous SIM Lock

Aspects of the subject disclosure may include, for example, initializing a secure timer in a wireless device, determining whether a subscriber identification module (SIM) card installed in the wireless device comprises a carrier identity that matches a carrier identity stored in the machine-readable medium, establishing a network connection with a trusted server, starting the secure timer if the SIM card and network connection are satisfactory, periodically checking the network connection and SIM card until expiry of the secure timer, penalizing the secure timer responsive to a failure of the network connection or SIM card check, and responsive to expiry of the secure timer, unlocking a SIM lock. Other embodiments are disclosed. 1. A wireless device , comprising:a processing system including a processor; anda memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations, the operations comprising:initializing a secure timer;determining that a valid subscriber identification module (SIM) card is installed in the wireless device, resulting in a first determination;determining that a network connection has been established between the wireless device and a trusted server, resulting in a second determination;starting the secure timer if both the first determination and the second determination are true;penalizing the secure timer if the first determination or the second determination are false;repeating the first determination, the second determination, and the penalizing steps until expiry of the secure timer; andresponsive to expiry of the secure timer, unlocking a SIM lock.2. The wireless device of claim 1 , wherein the penalizing the secure timer comprises pausing the secure timer.3. The wireless device of claim 1 , wherein the penalizing the secure timer comprises resetting the secure timer to an earlier elapsed time setting where the first determination and the second determination passed.4. The ...

LOCATION BASED SHARING OF A NETWORK ACCESS CREDENTIAL

A network access credential can be shared among devices based on location information for a device. Location information can include timed fingerprint location information. In an aspect, location information can be associated with a location of user equipment. This location information can be correlated with network access credentials. Location information can be used to access a relevant network access credential. The relevant network access credential can be shared with other devices. In an embodiment, sharing a network access credential can be between mobile devices. In another embodiment, sharing a network access credential can be between a remote computing device and a mobile device. Sharing a credential can allow for access to a network without having to generate or input new credentials. 1. A first user equipment , comprising:a processor; and communicating timed fingerprint location information to a credential selection device, wherein the timed fingerprint location information is based on a differential time measurement for a first NodeB site pair of devices, wherein the timed fingerprint location information enables determining a historical geographic location value corresponding to a historical differential timing measurement of the first NodeB site pair of devices, and wherein the first NodeB site pair of devices comprises a first NodeB device and a second NodeB device;', 'receiving, from the credential selection device, a network access credential selected according to the historical geographic location value; and', 'enabling access, based on the network access credential, to a network by the first user equipment., 'a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising2. The first user equipment of claim 1 , wherein the credential selection device is located remotely from the first user equipment.3. The first user equipment of claim 1 , wherein the credential selection device ...

Priority Access to a Priority Access Channel

A system for controlling access to priority access wireless resources divides a radio spectrum into first wireless resources for use by general access devices and second wireless resources for use by priority access devices. A base station receives, from a server, information concerning the first and second wireless resources, including resource entries corresponding to each of the first and second wireless resources. Upon receiving a request for available wireless resources from a general access device, the base station provides one of the resource entries corresponding to the second wireless resources. The system includes a general access device which aggregates resource entries for the first and second resources for communication with another general access device. When the general access device detects priority access to the second resource, the general access device either releases the second resource or reduces transmission power on the aggregated first and second resources. 1. An apparatus comprising:one or more processors; andone or more computer-readable storage media having instructions stored thereon that, responsive to execution by the one or more processors, cause the one or more processors to perform operations including:receiving, from a server, information concerning available wireless resources, the information including resource entries corresponding to wireless resources for use by priority access devices and resource entries corresponding to wireless resources for use by general access devices;receiving a query for available wireless resources from a general access device;providing, to the general access device, one resource entry of the resource entries corresponding to wireless resources for use by the priority access devices;receiving an indication of a change of wireless resource availability; andproviding a notification of the change in wireless resource availability to the server.2. The apparatus of claim 1 , wherein:the query includes a ...

Network interface for tracking radio resource utilization

A method is provided for performing RAN-usage-based tracking in a wireless core network. The method includes obtaining a plan code for a communication device connecting to a radio access network (RAN); associating, based on the plan code, the communication device with a RAN-usage-based plan; and reporting, after the associating, a tracking instance of RAN usage by the communication device.

SUBSCRIBER-DRIVEN SHARING OF A COMMUNICATIONS SERVICE

A system and method for facilitating service sharing (e.g., voice services, data services, multimedia services, etc.) in a network environment (). In one example arrangement, upon receiving an input at a host subscriber device (), a request is generated () to a host subscriber's service provider network () for instantiating a virtual subscriber identification module (vSIM) populated with the host subscriber's service profile with respect to a service. A guest user's authentication information is provided () for performing guest registration and remote provisioning () for the vSIM, the remote provisioning including allocation of a temporary phone number and an IP address, which may be used in a mapping relationship for routing calls or sessions engaged by the guest () using a service shared with the host subscriber ().

APPARATUS AND METHOD FOR DETECTING COUNTERFEIT ADVERTISER IN WIRELESS COMMUNICATION SYSTEM

The present disclosure relates to a sensor network, machine type communication (MTC), machine-to-machine (M2M) communication, and technology for internet of things (IoT). The present disclosure may be applied to intelligent services based on the above technologies, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. A method for detecting a counterfeit advertiser by a server includes detecting a random delay time or a cumulative interval for a reference device based on a time stamp for an advertisement packet received from the reference device, and detecting a random delay time or a cumulative interval for a receiving device other than the reference device based on a time stamp for an advertisement packet received from the receiving device. 1. A method for detecting a counterfeit advertiser by an electronic device in a wireless communication system , the method comprising:receiving an advertisement packet and a first time stamp for the advertisement packet from a reference device;receiving an advertisement packet and a second time stamp for the advertisement packet from a receiving device; anddetermining whether an advertiser which broadcasts the advertisement packet received from the receiving device is a counterfeit advertiser based on a first value obtained from the first time stamp and a second value obtained from the second time stamp, wherein the first value includes a delay time or a cumulative interval for the reference device and the second value includes a delay time or a cumulative interval for the receiving device.2. The method of claim 1 , wherein the determining of whether the advertiser which broadcasts the advertisement packet received from the receiving device is the counterfeit advertiser claim 1 , comprises:determining that the advertiser which broadcasts the advertisement packet received from the receiving device as the counterfeit advertiser if a ...

MULTI-SLICING ORCHESTRATION SYSTEM AND METHOD FOR SERVICE AND/OR CONTENT DELIVERY

Aspects of the subject disclosure may include, for example, detecting a first communication device including an application based on contemporaneous access of a first service and second service functions, wherein the application communicates via first and second user data traffic flows associated with the first and second service functions. An association is facilitated of the first user data traffic flow with a first logical network slice, wherein the first user data traffic flow is conveyed by the first logical network slice. An association is facilitated of the second user data traffic flow with a second logical network slice, wherein the first and second user data traffic flows are conveyed contemporaneously by the first and second logical network slices. Other embodiments are disclosed. 1. A device , comprising:a processing system including a processor; and facilitating an association of a first user data traffic flow with a first logical network slice of a mobile network, the first user data traffic flow being conveyed by the first logical network slice and associated with a mobile application of a first mobile device contemporaneously accessing a first service function and a second service function via the mobile network; and', 'facilitating an association of a second user data traffic flow with a second logical network slice of the mobile network, wherein the second user data traffic flow is conveyed by the second logical network slice contemporaneously with conveyance of the first user data traffic flow by the first logical network slice, and wherein the first user data traffic flow conveyed by the first logical network slice is isolated from the second user data traffic flow conveyed by the second logical network slice., 'a memory that stores executable instructions that, when executed by the processing system, facilitate performance of operations, the operations comprising2. The device of claim 1 , wherein the operations further comprise:determining that ...

SYSTEMS FOR CLASSROOM MEDIA SHARING

Systems herein allow a student to share media with other students in a classroom with the permission of a teacher. The student can send a sharing request to a management server with a sender student device. The management server can identify a teacher device and send the sharing request to the teacher device for approval. When the request is granted, the student device can supply an address local to the sender device, from which the media will stream. The management server can send the address and an authentication token to other recipient student devices. The management server can further lock the recipient student devices into the sharing location to ensure that each student device will stream the media. At the request of the teacher device or the sender student device, the streaming can end. 120-. (canceled)21. A method for sharing media , comprising:receiving a sharing request at a teacher device from a sender device;in an instance when the sharing request is permitted based on a selection on a graphical user interface at the teacher device, sending a message that grants the sharing request to the sender device; wherein the receiver devices stream the media from the sharing location at the sender device by using the validation criteria, and', 'wherein the receiver devices are identified based on being associated with an environment common to the sender device; and, 'sending, to receiver devices, validation criteria and a sharing location at the sender device,'}sending a lock command to the receiver devices, the lock command locking the receiver devices into the sharing location during streaming.221. The method of claim , wherein the message includes a sharing token , and wherein the validation criteria include a validation token that is derived from the sharing token.231. The method of claim , wherein locking the receiver devices includes sending a web lock command to the receiver devices , the web lock command preventing the receiver devices from accessing a ...

System and method for performing building-wide wireless network intrusion detection via connected luminaires

A method ( 100 ) and connected lighting system ( 10 ) for detecting an intruder to a wireless network ( 24 ) of a connected lighting system formed by a plurality of luminaires ( 14 ). Each luminaire receives ( 120 ), over a designated time interval, a physical layer characteristic of each client device ( 26 ) accessing the wireless network. An array ( 50 ) of reference distributions is retrieved ( 110 ) by a processor of the system. Each reference distribution corresponds to an expected distribution of the characteristics for one of the luminaires during a corresponding time interval. An observed distribution is generated ( 130 ) for each luminaire, representing an actual distribution of values of the characteristic received by one of the luminaires over the designated time interval. Each observed distribution is compared ( 140 ) to the appropriate reference distribution for the designated interval in order to detect an anomaly and initiate an alarm status.

ADVANCED PARKING MANAGEMENT SYSTEM

A parking management system that facilitates motorist guidance, payment, violation detection, and enforcement using highly accurate space occupancy detection, unique vehicle identification and guidance displays is described. The system enables reduced time to find parking, congestion mitigation, accurate violation detection, and easier enforcement, and increased payment and enforcement revenues to cities. 1. A system for managing parking , comprising:an occupancy detection sensor that is configured to detect a change in occupancy state in a parking space;a reservations indicator display configured to display a sufficiently unique identifier to indicate an identity of a reservation holder, situated in proximity to the parking space and configured to change responsive to a vehicle entering or exiting the parking space or upon authentication of the reservation holder in a reserved parking space or upon an accepted reservation;a user device including a mobile application configured to request a reservation associated with an intended parking session by inputting one or more parameters;one or more processors configured to provide information to a user device of the reservation holder regarding available or expected choices for parking for the intended parking session;the user device further configured to select, via the mobile application, a choice for parking based on the available or expected choices for parking for the intended parking session;the one or more processors further configured to authenticate whether a vehicle occupancy event in the reserved parking space belongs to the reservation holder for the reserved parking space; andthe one or more processors further configured to manage processing of violations and exceptions upon determining that an identity of the parked vehicle in the reserved parking space cannot be confirmed.2. The system of claim 1 , wherein the authentication is automatically performed from an in-vehicle device mounted in an interior or an ...

TEMPORARY PAIRING FOR WIRELESS DEVICES

A device providing temporary pairing for wireless devices may include a memory and at least one processor configured to receive a request to temporarily pair with a wireless device. The at least one processor may be further configured to pair with the wireless device, wherein the pairing comprises generating a link key for connecting to the wireless device. The at least one processor may be further configured to connect to the wireless device using the link key. The at least one processor may be further configured to initiate a timer upon disconnecting from the wireless device. The at least one processor may be further configured to automatically and without user input, delete the link key when the timer reaches a timeout value without having reconnected to the wireless device using the link key. 1. A device comprising:a memory; and receive a request to temporarily pair with a wireless device;', 'pair with the wireless device, wherein the pairing comprises generating a link key for connecting to the wireless device;', 'connect to the wireless device using the link key;', 'initiate a timer upon disconnecting from the wireless device; and', 'automatically and without user input, delete the link key when the timer reaches a timeout value without having reconnected to the wireless device using the link key., 'at least one processor configured to2. The device of claim 1 , wherein the at least one processor is further configured to:reconnect to the wireless device using the link key when a request to reconnect to the wireless device is received prior to the timer reaching a timeout value.3. The device of claim 1 , wherein the device is paired with claim 1 , and connected to claim 1 , another wireless device using another link key when the request to temporarily pair with the wireless device is received.4. The device of claim 3 , wherein the device and the other wireless device are associated with a first user account and the wireless device is associated with a second ...

Eye and head tracking authentication

A system includes at least one data processor and memory storing instructions which, when executed by the at least one data processor, configures the at least one data processor to: provide, via a display, a visual stimulus including an animation containing at least a first object and a second object, the visual stimulus prompting for user input for authentication to a virtual domain; monitor movement of a user while providing the visual stimulus; identify, based on the monitoring, a sequence of dwell times of a characteristic of the user's movement with respect to the first object and the second object; compare the identified sequence of dwell times to a stored sequence of dwell times; and provide the comparison to enable authentication of the user in the virtual domain. Related apparatus, systems, techniques and articles are also described.

Location-based identification of potential security threat

In one example, a firewall obtains a first network packet that indicates a first mobile country code of a mobile subscriber at a first time and a first mobile network code of the mobile subscriber at the first time. The firewall obtains a second network packet that indicates a second mobile country code of the mobile subscriber at a second time and a second mobile network code of the mobile subscriber at the second time. The firewall determines whether the first mobile country code is different from the second mobile country code or the first mobile network code is different from the second mobile network code. If so, the firewall determines whether a difference between the second time and the first time is less than a threshold difference. If so, the firewall associates the second network packet with a potential security threat.

Timestamp based Onboarding process for Wireless devices

A method, apparatus, and system for provisioning a device onto a network using a non-secure communication channel between the device and a provisioner is described. The provisioner receives a timestamp-based on-time password (TOTP), and a universal resource identifier (URI) from the device and provides the TOTP and an out-of-band (OOB) UUID to a remote server over a secure communication channel identified by the URI. The device is then provisioned onto a network based on comparisons of the UUID and the TOTP.

Method for handling case of detecting unauthorized frame transmitted over onboard network

An anomaly handling method using a roadside device is disclosed. The method includes receiving, from a vehicle, an anomaly detection notification, which includes level information indicating a level affecting safety, and a location of the vehicle. The method also includes obtaining a location of the roadside device and determining whether a distance between the location of the vehicle and the location of the roadside device is within a predetermined range. When the distance is within the predetermined range and shorter than a first predetermined distance, transmitting the received anomaly detection notification externally from the roadside device. When the distance is within the predetermined range and is longer than or equal to the first predetermined distance, changing to decrement a level indicated by the level information, and transmitting changed anomaly detection notification. When the distance is not within the predetermined range, not transmitting the received anomaly detection notification.

Multi-slicing orchestration system and method for service and/or content delivery

Aspects of the subject disclosure may include, for example, detecting a first communication device including an application based on contemporaneous access of a first service and second service functions, wherein the application communicates via first and second user data traffic flows associated with the first and second service functions. An association is facilitated of the first user data traffic flow with a first logical network slice, wherein the first user data traffic flow is conveyed by the first logical network slice. An association is facilitated of the second user data traffic flow with a second logical network slice, wherein the first and second user data traffic flows are conveyed contemporaneously by the first and second logical network slices. Other embodiments are disclosed.

Apparatus and method for authentication based on cognitive information

An authentication apparatus and method based on cognitive information. The authentication apparatus based on cognitive information includes an authentication request reception unit for receiving a request to authenticate an authentication target, a behavioral and contextual information collection unit for collecting behavioral and contextual information corresponding to the authentication target, a cognitive information extraction unit for extracting cognitive information corresponding to the request from previously stored big data, and an authentication processing unit for authenticating the authentication target in consideration of the behavioral and contextual information based on the extracted cognitive information.

System and method for managing and authenticating communications connections

A communications system includes a first communications part configured to perform communications with a terminal apparatus, a second communications part configured to perform communications via a network, a connection controller configured to start establishing a connection or release a connection between the first communications part and the second communications part, a display part configured to display authentication information transmitted from the terminal apparatus, an input part configured to receive an input from a user, and a connection manager configured to manage a time to allow the user to have a connection to the network in accordance with an instruction input by the user when the authentication information displayed by the display part matches authentication information reported in advance to the user who has been allowed to have the connection to the network.

Secure element as a digital pocket

The disclosure includes a system and method in which one or more virtual resources are presented to a secure element; and the one or more virtual resources are mapped to available resources based on a model architecture for the secure element in order to provide hardware abstraction, the available physical resources varying based on the model architecture and an associated host device, the virtual resources allowing consistent interaction with the virtual resources regardless of variation in the physical resources available and their location. The hardware abstraction increases the versatility of the secure element and may contribute to the secure element's functionality. The secure element providing functionality to replace most items carried in an individual's pockets, e.g., logical and physical keys, a thumb drive, identification, credit and debit cards, etc.

System of living

A system and method used for monitoring conditions in a space through characterizing detected occupants with properties in accordance with time, location and tracked traversal path. The intruder as a detected occupant is distinguished from the tenant, property management staff, and visitor. The system triggers an alert indicative of a condition by sending signals and messages to selected devices or systems as receiving nodes. A condition, such as collected sensor data incompliant to a threshold, is detected and an alert is triggered. A user carried mobile device such as the cellular phone, elevator control system operative in a building are possible receiving nodes of a triggered alert for a detected condition.

Door lock control with wireless user authentication

Methods, systems, and computer programs are presented for a self-encrypting device (SED) incorporated into a host system. In one example, the host system includes a memory, a processor, a data channel in communication with the memory and the processor, and the SED. The SED comprises an authentication subsystem, a storage subsystem that stores encrypted data that is encrypted with an encryption key provided by the authentication subsystem, a radio frequency (RF) transceiver, and a data interface in electrical contact with the data channel. The data interface is locked from sending and receiving data until the SED is unlocked by the authentication subsystem with user-authentication information received via the RF transceiver.

A system, apparatus and method for privacy preserving contextual authentication

Methods and systems for authenticating users based on contextual data in a privacy preserving way are disclosed.

Building or enclosure closing and / or opening device and method of operating a building or enclosure

Die Erfindung betrifft eine Gebäude- oder Einfriedungsabschlussöffnungs- und/oder -schließvorrichtung (10) mit einer mittels eines Schlüssels signierten bzw. verschlüsselten Kommunikation, sowie ein Verfahren zum Betreiben eines solchen. Zur einfachen, komfortablen und sicheren Bedienung durch ausschließlich autorisierte Benutzer umfasst die Vorrichtung: ein erstes und ein zweites Benutzerendgerät (14, 30), wobei eine gesicherte Weitergabe eines zeitbegrenzten Schlüssels von dem ersten auf das zweite Benutzerendgerät ermöglicht ist. Gemäß einer Alternative werden individuelle Schlüssel durch eine Benutzeridentifikation (42) und einen geheimen Geräteschlüssel (40) erzeugt. The invention relates to a building or enclosure closure opening and / or closing device (10) with a key-signed or encrypted communication, and to a method of operating such. For easy, comfortable and secure operation by authorized users only, the device comprises: first and second user terminals (14, 30), whereby secure forwarding of a time-limited key from the first to the second user terminal is enabled. According to an alternative, individual keys are generated by a user identification (42) and a secret device key (40).

Method and system for network security

One embodiment provides a method for facilitating network security, the method comprising: receiving, by a server from an application associated with a user, a first data packet which includes a first set of verification information and a first command; and in response to determining that the first set of verification information does not satisfy a first predetermined condition: generating a verification code destined for a first computing device associated with the user; in response to not successfully authenticating the verification code, discarding the first data packet; and in response to successfully authenticating the verification code, transmitting the first command to an end device, which causes the end device to execute the first command.

Method and system for securely authenticating an electronic user device to a vehicle

A vehicle processing device authenticates that an authorized user has requested an action by the vehicle and generates an authentication acknowledgement message. At least two security devices being present within the cabin of, or close to, the vehicle during a predetermined period following an authentication trigger event that occurs while the user performs a predetermined sequence of authentication activities (i.e., button presses, operating the vehicle or a part of it, etc.) provides a basis for the authentication acknowledgement message. Typically, information unique to each security device has been associated with the vehicle at a service provider's server. The authentication acknowledgement may include an activation code that results from processing the information, unique to each security device, received from the security devices and other random information, such as date. A service provider's server, or a user device, provides services to, or can access, respectively, the vehicle upon receiving the authentication acknowledgement.

Secure fine timing measurements

This disclosure provides systems, devices, apparatus and methods, including computer programs encoded on storage media, for initiating a secure FTM session between at least first and second STAs. A first STA initiates, with a second STA, a secure FTM session. The first STA receives a plurality of FTM packets from the second STA, each of the plurality of FTM packets including at least one preamble subject to a respective first CSD. The first STA transmits, to the second STA, an ACK for each of plurality of FTM packets. The first STA receives a measurement report including a ToD offset by the respective first CSD for each of the plurality of FTM packets, and a ToA at the second STA of each of a plurality of ACKs. The first STA determines a RTT between the first and second STAs based on the offset ToD and the ToA.