Patent application number | Description | Published |
20080215758 | Method For Software Program Synchronization - A method, devices, and a computer program for synchronizing one or more software programs from a first device (D | 09-04-2008 |
20080294560 | Method of storing content - A method comprising receiving at a user equipment encrypted content. The content is stored in said user equipment in an encrypted form. At least one key for decryption of said stored encrypted content is stored in the user equipment. | 11-27-2008 |
20080307518 | Security in communication networks - Disclosed is a method including allowing an application server to request setup of a session on behalf of a user terminal, and using mechanisms of a generic peer authentication procedure for procedure for enabling authentication of the application server to an interrogating server, the interrogating server being a network element that is configured to process said request to setup a session on behalf of a user terminal. Also disclosed are related devices, systems and computer programs. | 12-11-2008 |
20090191857 | Universal subscriber identity module provisioning for machine-to-machine communications - The present invention relates to remotely provisioning subscriber identification parameters in a device on a wireless network. A secure connection is established with the device, and a token containing the new subscriber identification parameters is forwarded over the secure connection. The device may verify the received token. In one embodiment, the subscriber identification parameters are updated to change network operators. The secure connection can be with the old network operator or the new network operator. The device on the wireless network may be a machine-to-machine device. The provisioned subscriber identification may be part of a universal subscriber identification module. | 07-30-2009 |
20090232310 | Method, Apparatus and Computer Program Product for Providing Key Management for a Mobile Authentication Architecture - An apparatus for providing key management for a mobile authentication architecture may include a processor. The processor may be configured to provide a request for key revocation over an interface otherwise defined for sharing key acquisition information between a bootstrapping server function and a network application function, and cancel key information associated with the request for key revocation. | 09-17-2009 |
20100303242 | METHODS, APPARATUSES, SYSTEM AND COMPUTER PROGRAMS FOR KEY UPDATE - It is disclosed a method comprising monitoring validity of limited-validity key information, acquiring, from a net-work entity upon invalidity of the limited-validity key information, limited-validity transaction identification information based on unlimited-validity identification information identifying a terminal, generating new limited-validity key information based on the acquired limited-validity transaction identification information, and transmitting the acquired limited-validity transaction identification information to a network element. | 12-02-2010 |
20110173105 | Utilizing AAA/HLR infrastructure for Web-SSO service charging - An apparatus (such as a AAA node of a core/operator network) receives from a relying party an initial credit control request that bears first information comprising a relying party identifier, a service context identifier for a service to be provided by the relying party, and a token that authenticates a subscriber. The first information is extracted and forwarded to a core network accounting server that stores account information for the subscriber. The relying party is not within the core network. In reply to forwarding the extracted first information, the apparatus receives from the accounting server a credit control answer that bears second information comprising the relying party identifier, the service context identifier, and a grant indicating the subscriber may be charged a fee for the service to be provided by the relying party. The second information is extracted and forwarded to the relying party. | 07-14-2011 |
20110213959 | METHODS, APPARATUSES, SYSTEM AND RELATED COMPUTER PROGRAM PRODUCT FOR PRIVACY-ENHANCED IDENTITY MANAGEMENT - A method and related apparatus include the steps of registering, from a client at a service providing network entity, first client-related identity information and, from the client at an identity providing network entity, second client-related identity information being different from the first client-related identity information and being generated based on the first client-related identity information. Key information is a secret of the client and identity information is related to the service providing network entity. A second method and related apparatus include the step of determining, at a service providing network entity, the first client-related identity information based on the second client-related identity information being received from the identity providing entity. Finally, a third method and related apparatus include the step of authenticating, towards the service providing network entity, the second client-related identity information being received from the client. | 09-01-2011 |
20110289315 | Generic Bootstrapping Architecture Usage With WEB Applications And WEB Pages - A method includes receiving at a network application function a request related to a generic bootstrapping architecture key originated from a user equipment. The received request includes a network application function identifier that includes a uniform resource locator, where the network application function has a fully qualified domain name. The method further includes causing a generic bootstrapping architecture key to be generated for the user equipment based at least in part on the uniform resource locator that is part of the network application function identifier. Apparatus and computer programs for performing the method are also disclosed. | 11-24-2011 |
20120057697 | SECURITY OF A MULTIMEDIA STREAM - A method including receiving encrypted multimedia information of a multimedia broadcast multicast service streaming session, wherein the multimedia information is encrypted using an encryption key. An indication allowing to switch the receiving of the encrypted multimedia information to a peer-to-peer streaming session is received and receiving of the encrypted multimedia information from the multimedia broadcast multicast service streaming session to the peer-to-peer streaming session is switched. Encrypted multimedia information of the peer-to-peer streaming session is received. | 03-08-2012 |
20120102315 | VERIFICATION OF PEER-TO-PEER MULTIMEDIA CONTENT - A method including receiving, at a first entity, from a second entity, the content and an identification of the second entity, over a peer-to-peer communication link. The received content is rendered and verification information containing the identification of the second entity and an identification of the received content is generated. The verification information is encrypted using an encryption key. | 04-26-2012 |
20120110637 | Systems, Methods, and Apparatuses for Facilitating Authorization of a Roaming Mobile Terminal - Systems, methods, and apparatuses are provided for facilitating authorization of a roaming mobile terminal. A method may include receiving a request for security key related policy information for a user equipment device. The request may be sent by a service providing node on a visited network. The method may further include causing a service authorization information request including a user security settings package to be sent to a policy decisioning server. The method may also include receiving, in response to the service authorization information request, a service authorization information answer including a modified user security settings package including the authorization policy information for the user equipment device. The method may additionally include causing the requested security key related policy information to be sent to the service providing node. Corresponding systems and apparatuses are also provided. | 05-03-2012 |
20120196569 | Subscriber Identity Module Provisioning - The exemplary embodiments of the invention include inputting, at a device, a voucher having a plurality of data fields, where the voucher provides provisional subscriber identification for the device, sending at least some of the voucher data fields to a network operator, based on the sent information, receiving a software based subscriber identity module, and using the software based subscriber identity module to authenticate the device. Further, the exemplary embodiments include receiving a voucher having a plurality of data fields from a device, where the voucher provides provisional subscriber identification for the device, in response to the voucher code, sending to the device a request for additional information, in response to the request, receiving an additional data field of the voucher and a security identifier of the device, and based on validating the additional information using the security identifier, sending a software based subscriber identity module to the device. | 08-02-2012 |
20120204231 | USER IDENTITY MANAGEMENT FOR PERMITTING INTERWORKING OF A BOOTSTRAPPING ARCHITECTURE AND A SHARED IDENTITY SERVICE - A method, apparatus and computer program product are provided to facilitate authentication of a request, such as by a mobile terminal, while also supplying information about the user to a service, website, application or the like A method, apparatus and computer program product may provide for interworking a bootstrapping architecture, such as Generic Bootstrapping Architecture, and a shared identity service, such as OpenID architecture In this regard, a method, apparatus and computer program product may provide for a secure session with a service provider through Generic Bootstrapping Architecture while being able to supply the service provider with the user information and/or accessing a user account using OpenID architecture. | 08-09-2012 |
20120239936 | CREDENTIAL TRANSFER - Methods and apparatus, including computer program products, are provided for credential transfer. In one aspect there is provided a method. The method may include receiving, at a first device, an authorization token; determining, at the first device, a delegation token, one or more credentials, and metadata; and providing, by the first device to a second device, the delegation token, the one or more credentials, and the metadata. Related apparatus, systems, methods, and articles are also described. | 09-20-2012 |
20120289197 | SIM Lock For Multi-SIM Environment - An apparatus with a memory and computer program code configured, with a processor, to start an application; to read a file from a first subscriber module and to determine if there is an active subscriber module lock of the first subscriber module; in response to determining that there is an active subscriber module lock of the first subscriber module executing the application; otherwise if it is determined that there is not an active subscriber module lock of the first subscriber module, to determine if there is an active subscriber module lock of a second subscriber module and continuing until an active subscriber module lock of another subscriber module is determined, and then executing the application using that subscriber module having the active subscriber module lock, otherwise terminating the method without executing the application if no active subscriber module lock of any other subscriber module is determined to be present. | 11-15-2012 |
20130023309 | Application Selection For Multi-SIM Environment - A method includes downloading at the request of a user an application for storage in a secure module of a terminal; requesting the user to assign a descriptive name for the downloaded application; storing the descriptive name together with an application identity of the downloaded application; in response to a request to activate a stored application, presenting the user with a list having elements of one or more stored applications, where each list element comprises at least the user assigned descriptive name; and activating an application associated with a selection of a list element by the user. Various embodiments of apparatus for implementing the method are also disclosed. | 01-24-2013 |
20130080779 | INDENTIFIERS IN A COMMUNICATION SYSTEM - A method and apparatus including units configured to send a request from a first network entity to a user equipment for an identifier and receive a message indicating that a public key is required from the user equipment by the first network entity. The method and apparatus also includes units configured to send, by the first network entity, the public key to the user equipment and receive an encrypted identifier by the first network entity, wherein upon authenticating the public key, the user equipment encrypts at least part of the identifier using the public key, thereby enabling further processing between the network entity and the user equipment. | 03-28-2013 |
20130152159 | ENHANCED LIFECYCLE MANAGEMENT OF SECURITY MODULE - A method, computer program, apparatus and a secure module are described. By example, in the method there are steps of receiving a request from a first entity for a secure module to enter an unlock lifecycle state; requesting confirmation to enter the unlock lifecycle state; and if the request is confirmed, transitioning the secure module from a current lifecycle state to the unlock lifecycle state. | 06-13-2013 |
20130205134 | METHODS AND APPARATUSES FOR ACCESS CREDENTIAL PROVISIONING - Methods and apparatuses are provided for access credential provisioning. A method may include causing a trusted device identity for a mobile apparatus to be provided to an intermediary apparatus. The intermediary apparatus may serve as an intermediary between the mobile apparatus and a provisioning apparatus for a network. The method may further include receiving, from the intermediary apparatus, network access credential information for the network. The network access credential information may be provisioned to the mobile apparatus by the provisioning apparatus based at least in part on the trusted device identity. Corresponding apparatuses are also provided. | 08-08-2013 |
20130227656 | METHOD AND APPARATUS FOR ACCESS CREDENTIAL PROVISIONING - A method and apparatus are provided for access credential provisioning. A method may include receiving, at a first mobile apparatus, information about a second mobile apparatus. The first mobile apparatus may be provisioned with network access credential information to be transferred from the first mobile apparatus to the second mobile apparatus. The method may further include causing the information about the second mobile apparatus to be provided to a provisioning apparatus for the network. The method may additionally include receiving authorization form the provisioning apparatus to transfer the network access credential information from the first mobile apparatus to the second mobile apparatus. The method may also include, in response to receipt of the authorization, causing the network access credential information to be provided to the second mobile apparatus. A corresponding apparatus is also provided. | 08-29-2013 |
20130337743 | Communication Apparatus and Associated Methods - A first apparatus having a first identity associated therewith the first apparatus, the first apparatus comprising: at least one processor; and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the first apparatus to perform at least the following: enable transmission of a proxy initiation command to a second apparatus, wherein the proxy initiation command is configured to enable the second apparatus to initiate a first-identity-second-apparatus connection, the first-identity-second-apparatus connection enabling the second apparatus to transmit data denoted as being from the first identity and/or receive data denoted as being to the first identity via the data network. | 12-19-2013 |
20140047034 | METHOD AND APPARATUS FOR PROVIDING A PUBLIC WARNING - Various methods for providing a secure public warning related to a disaster are provided. One example method may comprise providing for transmission of a registration message. The registration message may comprise an indication of an identity and an indication of a location. The method of this example embodiment may further comprise receiving a warning message. The method of this example embodiment may further comprise authenticating the warning message. Additionally, the method of this example may further comprise providing an alert after authenticating the warning message. Similar and related example methods, example apparatuses, and example computer program products are also provided. | 02-13-2014 |
20140075023 | METHODS AND APPARATUSES FOR LAWFUL INTERCEPTION THROUGH A SUBSCRIPTION MANAGER - Methods, apparatuses, and computer program products are herein provided for lawful interception through a subscription manager. In some embodiments, methods, apparatuses, and computer program products provide user subscription data to an agency, operator, or service provider in response to receiving a lawful interception request. A method may include receiving an interception request comprising a user's name from at least one operator. The method may further include determining, by a processor, an operator specific access code associated with the user's name. The method may also include providing the operator specific access code to the operator. Corresponding apparatuses and computer program products are also provided. | 03-13-2014 |
20140075509 | PERFORMING A GROUP AUTHENTICATION AND KEY AGREEMENT PROCEDURE - Provided are a method, a corresponding apparatus and a computer program product for performing a group authentication and key agreement procedure. A method comprises initiating, by a master device in a group of devices, a group authentication and key agreement procedure towards an authentication entity, wherein a shared group key is defined for use in the group authentication and key agreement procedure; performing mutual authentication between the master device and the authentication entity based upon the shared group key; and performing mutual authentication between the authenticated master device and other devices in the group based upon the shared group key for completion of the group authentication and key agreement procedure. With the claimed invention, the impact of the signaling overhead on a network can be significantly decreased without substantive modification to the existing architecture of the network. | 03-13-2014 |
20140082360 | Security For Mobility Between MBMS Servers - In accordance with the exemplary embodiments of the invention there is at least a method and apparatus to perform operations including triggering by user terminal device a new streaming server to generate new user-specific security keys; receiving at the user terminal device from the new streaming server a new security key specific for the new streaming server; generating at the user terminal device for the streaming server user-specific security keys; and using the new user-specific security keys generated at the user terminal device with the new streaming server for a previously established streaming service. | 03-20-2014 |
20140101743 | Method for authenticating a user to a service of a service provider - Methods, devices, and computer programs for an authentication of a user to a service of a service provider are disclosed. Access for the user to the service of the service provider is requested. One or more authentication security profiles are selected by the service provider for specifying an authentication security requirement of the service provider for the authentication of the user to the service. An indication of the one or more selected authentication security profiles and a user identity identifying the user to an identity provider are sent from the service provider to the identity provider for requesting the authentication of the user by the identity provider. The user is authenticated based on the user identity and one of the one or more selected authentication security profiles. An assertion indicating the authentication of the user to the service provider is sent to the service provider. | 04-10-2014 |
20140171029 | METHOD AND APPARATUS FOR AUTHENTICATING SUBSCRIBERS TO LONG TERM EVOLUTION TELECOMMUNICATION NETWORKS OR UNIVERSAL MOBILE TELECOMMUNICATIONS SYSTEM - A method, apparatus and software for accessing a database having, for each of a plurality of subscribers of a mobile communication network, a long-term secret key shared between the subscriber and the apparatus, for network authentication of a mobile communication device to the mobile communication network; wherein the mobile communication network is a universal mobile telecommunications system or a long term evolution telecommunication network; and producing for the mobile communication device, the authentication of which is being verified, one or more authentication vectors compliant with the global system for mobile communications; each authentication vector comprising a challenge, a signed response and a session key; and containing in the authentication vector an integrity key and an authentication token. | 06-19-2014 |
20140220952 | Multi-SIM Enabling Application and Use of EUICC in Legacy Terminals - A methods enabling use of multiple SIM applications in UICCs is described. One method includes determining whether a physical component of a device is a secure module which supports subscription provisioning. If the physical component is a secure module which supports subscription provisioning, the physical component is instructed to operate as a legacy UICC. The physical component is operated as a legacy UICC via a virtual UICC. Another method includes downloading a first subscription related data which provides information for operating in a wireless network. The first subscription related data is stored on a memory component of a device. The device includes a UICC storing a second subscription. The method also includes operating the device as a multiple profile device using the first subscription and the second subscription. Apparatus and computer readable media are also described. | 08-07-2014 |
20140323117 | METHOD AND APPARATUS FOR SELECTIVELY ACTIVATING MULTIPLE SUBSCRIBER IDENTITY MODULES - A method, apparatus and computer program product are provided to selectively establish communications with one or more of a plurality of mobile terminals in accordance with a predefined criteria, such as a predefined schedule. In the context of a method, a mobile terminal maintains at least a first subscriber identity module (SIM) and a second SIM is mapped to different subscriber identification numbers. In this regard, the second SIM is mapped to the same subscriber identification number as the SIM of at least one other mobile terminal. The method may also activate the second SIM in accordance with a predefined criteria and may then subsequently deactivate the second SIM. For example, the second SIM may be activated and subsequently deactivated in accordance with a predefined schedule, such as a shift schedule, that identifies one or more time periods in which the second SIM is to be activated. | 10-30-2014 |