A method comprising providing a plurality of links to a plurality of end-user devices communicatively coupled to a network system, a particular link of the plurality of links supporting control-plane communications between the network system and a particular end-user device of the plurality of end-user devices over one or more wireless access networks; receiving a message from a server communicatively coupled to the network system, the message comprising payload for delivery to the particular end-user device; generating an encrypted message comprising the payload and an identifier identifying a particular device agent of a plurality of device agents on the particular end-user device, the identifier configured to assist in delivering at least a portion of the payload to the particular device agent on the particular end-user device; and sending the encrypted message to the particular end-user device over the particular link.

Automated Device Provisioning and Activation

Head-worn adaptive display

An eyepiece includes a mechanical frame adapted to secure a lens and an image source facility above the lens. The image source facility includes an LED, a planar illumination facility and a reflective display. The planar illumination facility converts a light beam from the LED received on a side of the planar illumination facility into a top emitting planar light source, uniformly illuminates the reflective display, and is substantially transmissive to allow reflected light to pass through towards a beam splitter. The beam splitter is positioned to receive the image light and to reflect a portion onto a mirrored surface. The mirrored surface is positioned and shaped to reflect the image light into an eye of a user of the eyepiece thereby providing an image within a field of view, the mirrored surface further adapted to be partially transmissive within an area of image reflectance.

Eyepiece with uniformly illuminated reflective display

Disclosed herein are methods, systems, and apparatuses to enable subscribers of mobile wireless communication devices to view, research, select and customize service plans; to create and manage device groups, share and set permission controls for service plans among devices in device groups; to manage communication services through graphical user interfaces; to sponsor and promote service plans; and to design, manage, and control communication services through application programming interfaces.

Service Plan Design, User Interfaces, Application Programming Interfaces, and Device Management

Device Assisted Services (DAS) for protecting network capacity is provided. In some embodiments, DAS for protecting network capacity includes monitoring a network service usage activity of the communications device in network communication; classifying the network service usage activity for differential network access control for protecting network capacity; and associating the network service usage activity with a network service usage control policy based on a classification of the network service usage activity to facilitate differential network access control for protecting network capacity.

Device-Assisted Services for Protecting Network Capacity

A method and system for providing secure access to a device initiating communications using a peer-to-peer signaling protocol, such as a SIP or H.323. In a device registration phase, the device contacts a secure access server, and authenticates to the secure access server by providing an identification, such as its factory ID. The secure access server then issues a device ID and private key to the authenticated device. A client can then initiate a further communication session and be authenticated by the secure access server. The secure access server returns the device identification and the device's public key to the client. The client and device can then perform a symmetrical key exchange for their current communication session, and can communicate with appropriate encryption. The device's private key can be set to expire after one or more uses.

Device authentication and secure channel management for peer-to-peer initiated communications

A method for execution by a device, which comprises: generating a first signature by encrypting an identifier of the device together with first additional data; generating a second signature by encrypting the identifier of the device together with second additional data that is different from the first additional data; releasing the first signature to identify the device on a first occasion; and releasing the second signature to identify the device on a second occasion. Also, a device, which comprises: a memory storing an identifier of the device; a processing entity configured to generate a plurality of different signatures encoding the identifier and to store the signatures in the memory; and a transmit/receive entity configured to identify the device on respective occasions by releasing individual ones of the signatures.

Dynamic identifier for use in identification of a device

The present invention provides a method and system for secure access to computer equipment. An embodiment includes a secure access controller connected to a link between a transceiver (such as a modem) and the computer equipment. Public and private keys are used by the secure access controller and a remote user. The keys are provided to the secure access controller by an authentication server. Once the transceiver establishes a communication link with the user, the access controller uses these keys to authenticate packets issued by the user to the computer equipment. If the packet is authenticated, the access controller passes the packet to the computer equipment. Otherwise, the packet is discarded.

System and method for secure access

.A security system and method is provided. An embodiment includes a security access device that includes a first transmitter for transmitting authentication to a computer and a second transmitter for transmitting verification information to a computer. The first transmitter is typically active and consumes power from the access device, while the second transmitter is typically passive, and consumes less or nil power from the access device. When the security access device is initially brought proximal to the computer and activated, the authentication information is sent to the computer and the user is logged in. Periodically, the computer will query the passive transmitter for verification information, to ensure that the security access device is still proximal to the computer.

Security access device and method

A method involving a communication device, which comprises sending a request to a communication device; receiving a response from the communication device over a local communication path; deriving a received data set from said response; determining at least one data set that had been previously transmitted to the communication device over a wireless portion of a second communication path different from the local communication path; and validating the response based on the received data set and the at least one previously transmitted data set.

William G. O'brien

Papers

Device authentication and secure channel management for peer-to-peer initiated communications

Dynamic identifier for use in identification of a device

System and method for secure access

Security access device and method

Validation method and system for use in securing nomadic electronic transactions