Abstract:
Systems and methods for threat detection and mitigation for remote wireless communication network control systems. One example method includes receiving a threat detection message identifying a threat to at least one of a plurality of remote wireless network controllers, each associated with one of a plurality of wireless communication networks. The method includes determining a threat rating based on the threat detection message and determining, based on the rating, a threat mitigation action identifying at least a first remote wireless network controller of the plurality of remote wireless network controllers. The method includes executing the threat mitigation action by commanding a shift in an operational function of the first remote wireless network controller to a first on-premise wireless network controller associated with the same wireless communication network as the first remote wireless network controller.
Abstract:
Method and management server for revoking group server identifiers of compromised group servers. One method includes determining, with a management server, an identity-based cryptographic signing key based on a group server identifier. The method also includes distributing, via the management server, the identity-based cryptographic signing key to a group server. The method further includes receiving, at the management server, a security status indicating that the security of the group server is compromised. The method also includes, responsive to receiving the security status, distributing, via the management server, a revocation of the group server identifier to a plurality of communication devices.
Abstract:
Method and system for authenticating a session on a communication device. One method includes determining a use context of the communication device and an authentication status of the communication device. The method further includes determining a predetermined period of time based on at least one of the use context and the authentication status. The method further includes generating biometric templates based on at least one of the use context and the authentication status. The method further includes selecting a matching threshold for the biometric templates based on at least one of the use context and the authentication status. The method further includes comparing a match score of each of the biometric templates to the matching threshold to determine a passing amount of biometric templates with match scores that meet or exceed the matching threshold. The method further includes authenticating the session on the communication device.
Abstract:
A method between a controlling server and a participating server, a network, and a server include enhanced signaling via a Multicast-Broadcast Single Frequency Network (MBSFN) report allowing User Equipment (UE) to communicate MBSFN areas to a controlling server. Thus, the enhanced controlling server's Multimedia Broadcast Multicast Services (MBMS) decisions can count all visiting devices in addition to its own in its MBSFN areas. The method, network, and server include new signaling and additional info to provide a participating server with MBSFN areas that will have MBMS activated for a group session. This enhances the participating server's determination of which its visiting devices need unicast bearers. The participating server can add information related to the current MBSFN area of its UE to a message to the controlling server indicating joining the UE to a group.
Abstract:
Method and management server for revoking group server identifiers of compromised group servers. One method includes determining, with a management server, an identity-based cryptographic signing key based on a group server identifier. The method also includes distributing, via the management server, the identity-based cryptographic signing key to a group server. The method further includes receiving, at the management server, a security status indicating that the security of the group server is compromised. The method also includes, responsive to receiving the security status, distributing, via the management server, a revocation of the group server identifier to a plurality of communication devices.
Abstract:
A method and eMBMS-enabled infrastructure device are disclosed that provide an updated mechanism for a client, or user equipment (UE), to report its location such that an eMBMS-enabled application desiring eMBMS location information can uniquely identify the MBSFN in which the UE is located. The method and eMBMS-enabled infrastructure device identify an eMBMS area associated with a user equipment UE by receiving, from the UE, a Multicast Broadcast Single Frequency Network (MBSFN) Area update message from a user equipment, wherein the MBSFN Area update message uniquely identifies an MBSFN Area and includes an extension identifier derived from one or more of a cell identifier, an eNodeB identifier, an identifier of a group of cells, a service identifier, a tracking area identifier, and a paging area identifier, and optionally further may include an MBSFN AreaID, and determining an MBSFN Area serving the user equipment based on the received eMBMS area identifier.
Abstract:
Method, server, and communication device for updating identity-based cryptographic private keys of compromised communication devices. One method includes receiving, at a server, a security status indicating that the security of a first communication device has been compromised. The first communication device is associated with a user and includes a first identity-based cryptographic private key and a first user identifier. The method also includes, responsive to receiving the security status, determining, with the server, a second user identifier based on the first user identifier. The method further includes determining, with the server, a second identity-based cryptographic private key based on the second user identifier. The method also includes distributing, via the server, the second identity-based cryptographic private key to a second communication device. The second communication device is associated with the user.
Abstract:
Method and system for authenticating a session on a communication device. One method includes determining a use context of the communication device and an authentication status of the communication device. The method further includes determining a predetermined period of time based on at least one of the use context and the authentication status. The method further includes generating biometric templates based on at least one of the use context and the authentication status. The method further includes selecting a matching threshold for the biometric templates based on at least one of the use context and the authentication status. The method further includes comparing a match score of each of the biometric templates to the matching threshold to determine a passing amount of biometric templates with match scores that meet or exceed the matching threshold. The method further includes authenticating the session on the communication device.
Abstract:
Method, server, and communication device for updating identity-based cryptographic private keys of compromised communication devices. One method includes receiving, at a server, a security status indicating that the security of a first communication device has been compromised. The first communication device is associated with a user and includes a first identity-based cryptographic private key and a first user identifier. The method also includes, responsive to receiving the security status, determining, with the server, a second user identifier based on the first user identifier. The method further includes determining, with the server, a second identity-based cryptographic private key based on the second user identifier. The method also includes distributing, via the server, the second identity-based cryptographic private key to a second communication device. The second communication device is associated with the user.
Abstract:
A method of assigning Multimedia Broadcast Multicast Service (E-MBMS) bearers in a Multimedia Broadcast Single Frequency Network (MBSFN) area in a 3GPP compliant wireless communication system is provided. An infrastructure device is operably coupled to a radio access network comprising one or more MBSFN areas, wherein each MBSFN area supports a plurality of E-MBMS bearers for transporting media streams to user equipments (UE). The infrastructure device receives, from a UE, an identifier of a preferred MBSFN area and a request for a boost to the quality of the transmissions. The infrastructure device assigns first and second E-MBMS bearers in an MBSFN area to support a call to the UE, the first and second E-MBMS bearers providing the same information to the UE in their media content streams. The UE may employ application layer time-diversity reception of the media content.