WO2003058880A1 - Method at access right control within mobile communication - Google Patents
Method at access right control within mobile communication Download PDFInfo
- Publication number
- WO2003058880A1 WO2003058880A1 PCT/SE2002/002424 SE0202424W WO03058880A1 WO 2003058880 A1 WO2003058880 A1 WO 2003058880A1 SE 0202424 W SE0202424 W SE 0202424W WO 03058880 A1 WO03058880 A1 WO 03058880A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- policy
- mobile
- password
- communication system
- mobile unit
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
Definitions
- the present invention relates to the field access right control within mobile communication systems.
- the mobile unit consists of a mobile telephone with one or more so called smart cards.
- the mobile unit (or usually a smart card in the mobile unit) in its turn contains one or more private keys, which can be used for authentication and to create "non-rejection" only when a CA (Certificate Authority) has issued certificate which verifies that a specific user holds these private keys .
- CA Certificate Authority
- CA has in many cases points of view on which rules that shall apply for which passwords a user is allowed to select.
- CA then has what is generally called a password policy.
- the password policy can for instance apply to rules regarding length, allowed characters and updating intervals.
- Such a policy only has been possible to apply to the cases where it already at the issuing of the card has been made clear which CA that shall issue the certificate connected/associated to the keys on the card.
- the smart card often will be distributed to the user before anyone knows what CA that shall issue the certificate connected/associated to pair of keys on the card; so the method of entering/applying CA's password policy on the card before it is distributed to the user is not applicable.
- the aim of the invention is to provide a method to electronically distribute a password policy over a mobile communication system to a mobile unit so that said policy directly can start being applied in the mobile unit or an additional unit.
- the invention consequently includes a method within a mobile radio communication system with mobile units and connected service providers who provide services over said communication system, where the access from a mobile terminal of a service at a service provider requires a password. The method includes the steps to:
- a mobile unit electronically receive said policy and handle and draw up/configure passwords associated with/to said service provider according to rules specified in the from the service provider or by him/her appointed certificate authority, said issued/transmitted policy.
- the method also includes that the mobile unit or a specific gateway authenticates and authorizes the sender of the policy in order to prevent illegal utilization of the possibility to change a policy.
- Figure 1 shows an administration route/path according to one embodiment of the invention for PIN-policy.
- Figure 2 shows an administration route/path for PIN-policy according to another embodiment of the invention; and
- Figure 3 shows a flow chart for a method according to the invention .
- Figure 4A and 4B show schematically the location/placing of authentication and authorization units according to two embodiments of the invention.
- One embodiment of the invention relates to a method to distribute a password in form of a PIN-policy for cryptographic keys in mobile units "over the air", that is via the communication system in which the unit is intended to operate.
- the keys are in the typical case held/kept in a device/smart card in the mobile unit which cannot be juggled with, but it is not necessary.
- the cryptographic keys are in the typical case private keys in asymmetric pair of keys.
- the cryptographic keys, or the unit in which these are generated, have been distributed to the user already before it is known which party that will issue certificate which associates/connects the user to a certain pair of keys .
- CA When a CA shall issue a certificate, the user is linked/associated to a private key in usual way via an "over the air proof of possession"-procedure .
- CA distributes its PIN-policy via the cellular mobile communication system to the mobile unit which holds/contains the private key.
- An application in the mobile unit attends to that the PIN-policy comes into force, and forces the user to select a PIN-code according to the policy for utilization of the certified key.
- Figure 1 the flow is illustrated:
- CA 101 has decided to distribute its PIN-policy to a certain mobile unit.
- CA addresses the PIN-policy to a certain mobile unit and a certain private key in the mobile unit 115 and transmits/sends this to a gateway 105 for the purpose.
- This gateway 105 authenticates CA 101 and decides whether CA 101 is entitled to distribute a PIN-policy to the mobile unit 115 (authorization) .
- Said gateway 105 is preferably arranged at the operator of the mobile communication system.
- Gateway 105 sends/transmits the PIN-policy further over the mobile communication network 110.
- the mobile unit 115 receives the PIN-policy, secures that it is coming from the mobile operator' s gateway
- Step 1 is preferably preceded by an inquiry from the client/user to CA about issuing of a client certificate.
- a password policy preferably includes rules about, in the general case:
- a PIN-policy consists of a data structure which is interpreted by an application for the purpose which has been arranged in the mobile unit.
- a PIN-policy is realized as an executable application which is transmitted to the mobile unit. In the first case it is conceivable that a plurality of PIN-polices can be active at the same time, but some mechanism to solve conflicting policies, if any, then is needed.
- the mobile unit 115 then preferably includes one or more integrated or removable smart cards or any other form of device which is protected against manipulations.
- the invention of course is applicable also in the cases when the private key is not stored in a device which is protected against manipulation, but in any other way in the mobile unit.
- CA 201 transmits its policy via a general traffic gateway for the mobile communication network (GGSN for GPRS/UMTS) 210, without mechanisms for authentication and authorization of CA 201.
- GGSN for GPRS/UMTS
- mechanisms for authentication and authorization are instead implemented in the mobile unit 215
- CA creates 310 a policy specification, and addresses 320 a mobile unit and addresses 330 a private key within said mobile unit. Further, the specification is transmitted 340 over the mobile network, possibly via a specific gateway as has been mentioned above. The specification is received 350 and the transmitter/sender is authenticated 360, respective, whenever applicable, authorized 370. Depending on the number of units between CA and mobile unit which need own authentication and authorization, the steps to transmit 340, receive 350, authenticate 360 and authorize 370 are repeated 375. Finally, the policy is stored and activated in the mobile station.
- PIN-policy for other purposes than unlocking/use of private keys of course also can be distributed to the mobile unit according to the invention.
- Both A and B can load down its policy to the mobile unit. Both policy from CA A and a policy from CA B are put into practice each time PIN is changed. This requires a mechanism in the mobile unit to solve conflicting demands.
- Both A and B sends/transmits its policy to the operator of the mobile communication network.
- the operator creates a "summing up" of these rules and decides about which policy that finally is transmitted to the mobile unit.
- Both A and B can load down its policy to the mobile unit. Separate PINs are used for the same key depending on which of his/her certificates the user wants to refer to. Policy from CA A applies when the user refers to his/her certificate from CA A, and policy from CA B applies when the user refers to his/her certificate from CA B.
- FIG. 4A shows an authentication unit 402 and an authorization unit 404 arranged in gateway 105.
- Figure 4B shows an authentication unit 402 and an authorization unit 404 arranged in a mobile unit 115.
Abstract
The present invention related to a method in a mobile radio communication system with mobile units and connected service providers who provide services over said communication system, where the access from a mobile terminal of a service at a service provider requires a password. The method includes the steps to: - from a service provider, or by him/her appointed certificate authority, electronically transmit/send a password policy to a mobile unit, - in a mobile unit electronically receive said policy and handle and create/configure password connected/associated with said service provider according to rules specified in, the from the service provider or by him/her appointed certificate authority, said policy. The method also includes that the mobile unit or a specific gateway authenticates and authorizes the transmitter/sender of the policy in order to prevent illegal utilization of the possibility to change a policy.
Description
METHOD AT ACCESS RIGHT CONTROL WITHIN MOBILE COMMUNICATION
TECHNICAL FIELD The present invention relates to the field access right control within mobile communication systems.
PRIOR ART
There is a number of connections/situations within a mobile radio communication system with mobile units and connected units which provide services over said communication systems, where the access from a mobile terminal of a service at such a service provider requires a password for access right control/check in a mobile unit for access to different functions, data files or for use of encryption keys. These passwords frequently can be changed by the user. Usually there is a need for certain restrictions regarding among other things configuration and validity for these passwords.
In the patent document WO 01/35685 a system to deliver a PIN-code (PIN = Personal Identification Number) to a mobile terminal by means of an SMS-message (SMS = Short Message Service) is described. The system makes it possible that a SIM-card (SIM = Subscriber Identity Module) is equipped with a PIN-code after the card having been delivered to customer .
In the patent document US 6,202,157 a system to distribute and execute a policy for password in a network for data communication is described.
In the patent document US 4,924,514 a device for handling of encryption keys is described. Control vectors control the handling of the keys at which the cryptographic facility is given possibility to change its policy.
The invention is among other things based on the knowledge of the inventors about that there usually is a need to put a policy into practice about which codes that can be selected. In order to today apply a policy for password, which is connected to local functions in the mobile unit, is required that this policy in entered into the mobile unit or additional units, for instance a smart card at, or just before, distribution of these units.
Both mobile operators and banks are interested in, and are working on, solutions where a user shall be authenticated (be identified to have declared/stated identity) and by his/her mobile unit create digital signatures which cannot be rejected. Typically the mobile unit consists of a mobile telephone with one or more so called smart cards. The mobile unit (or usually a smart card in the mobile unit) in its turn contains one or more private keys, which can be used for authentication and to create "non-rejection" only when a CA (Certificate Authority) has issued certificate which verifies that a specific user holds these private keys .
The use of the private keys are all but always protected by a password, which users often have possibility to change or select themselves. CA has in many cases points of view on which rules that shall apply for which passwords a user is allowed to select. CA then has what is generally called a password policy. The password policy can for instance apply to rules regarding length, allowed characters and updating intervals. Such a policy only has been possible to apply to the cases where it already at the issuing of the card has been made clear which CA that shall issue the certificate connected/associated to the keys on the card. In the mobile case, the smart card often will be distributed to the user before anyone knows what CA that shall issue the certificate connected/associated to pair of keys on the
card; so the method of entering/applying CA's password policy on the card before it is distributed to the user is not applicable.
SUMMARY OF THE INVENTION
The aim of the invention is to provide a method to electronically distribute a password policy over a mobile communication system to a mobile unit so that said policy directly can start being applied in the mobile unit or an additional unit. The invention consequently includes a method within a mobile radio communication system with mobile units and connected service providers who provide services over said communication system, where the access from a mobile terminal of a service at a service provider requires a password. The method includes the steps to:
- from a service provider, or by him/her appointed certificate authority, electronically transmit a password policy to a mobile unit;
- in a mobile unit electronically receive said policy and handle and draw up/configure passwords associated with/to said service provider according to rules specified in the from the service provider or by him/her appointed certificate authority, said issued/transmitted policy. The method also includes that the mobile unit or a specific gateway authenticates and authorizes the sender of the policy in order to prevent illegal utilization of the possibility to change a policy.
BRIEF DESCRIPTION OF THE DRAWINGS The invention will be described more in detail in the following, with references to enclosed drawings, in which: Figure 1 shows an administration route/path according to one embodiment of the invention for PIN-policy. Figure 2 shows an administration route/path for PIN-policy according to another embodiment of the invention; and
Figure 3 shows a flow chart for a method according to the invention .
Figure 4A and 4B show schematically the location/placing of authentication and authorization units according to two embodiments of the invention.
DESCRIPTION OF PREFERRED EMBODIMENTS
One embodiment of the invention relates to a method to distribute a password in form of a PIN-policy for cryptographic keys in mobile units "over the air", that is via the communication system in which the unit is intended to operate. The keys are in the typical case held/kept in a device/smart card in the mobile unit which cannot be juggled with, but it is not necessary. The cryptographic keys are in the typical case private keys in asymmetric pair of keys. The cryptographic keys, or the unit in which these are generated, have been distributed to the user already before it is known which party that will issue certificate which associates/connects the user to a certain pair of keys .
When a CA shall issue a certificate, the user is linked/associated to a private key in usual way via an "over the air proof of possession"-procedure . Before, after or during this procedure CA distributes its PIN-policy via the cellular mobile communication system to the mobile unit which holds/contains the private key. An application in the mobile unit attends to that the PIN-policy comes into force, and forces the user to select a PIN-code according to the policy for utilization of the certified key. In Figure 1 the flow is illustrated:
1. CA 101 has decided to distribute its PIN-policy to a certain mobile unit. 2. CA addresses the PIN-policy to a certain mobile unit and a certain private key in the mobile unit 115 and
transmits/sends this to a gateway 105 for the purpose. This gateway 105 authenticates CA 101 and decides whether CA 101 is entitled to distribute a PIN-policy to the mobile unit 115 (authorization) . Said gateway 105 is preferably arranged at the operator of the mobile communication system.
3. Gateway 105 sends/transmits the PIN-policy further over the mobile communication network 110.
4. The mobile unit 115 receives the PIN-policy, secures that it is coming from the mobile operator' s gateway
105, and activates the policy for key in question. If the user since before has a PIN-code which does not fulfil the policy, he/she is requested to select a new PIN-code according to the policy. 5. Alternatively, when the user changes PIN-code next time, it has to fulfill the requirements in the PIN- policy.
Step 1 is preferably preceded by an inquiry from the client/user to CA about issuing of a client certificate. A password policy preferably includes rules about, in the general case:
- number of characters/symbols (min . , max.) prohibited characters/symbols - prohibited combination of characters/symbols intervals for how often change of password has to be done (for instance the number of times a password is allowed to be used) . The policy of course can be general for all users, but also "personalized", for instance include controls of that a certain user does not utilizes his/her personal code number as PIN etc.
In one embodiment a PIN-policy consists of a data structure which is interpreted by an application for the purpose which has been arranged in the mobile unit. In
another embodiment a PIN-policy is realized as an executable application which is transmitted to the mobile unit. In the first case it is conceivable that a plurality of PIN-polices can be active at the same time, but some mechanism to solve conflicting policies, if any, then is needed.
The mobile unit 115 then preferably includes one or more integrated or removable smart cards or any other form of device which is protected against manipulations. The invention of course is applicable also in the cases when the private key is not stored in a device which is protected against manipulation, but in any other way in the mobile unit.
In one embodiment the specific gateway which is mentioned in step 2 does not exist, compare Figure 2. Instead CA 201 transmits its policy via a general traffic gateway for the mobile communication network (GGSN for GPRS/UMTS) 210, without mechanisms for authentication and authorization of CA 201. In this embodiment mechanisms for authentication and authorization are instead implemented in the mobile unit 215
In Figure 3 the method steps corresponding to the distribution path in Figure 1 and Figure 2 are shown. CA creates 310 a policy specification, and addresses 320 a mobile unit and addresses 330 a private key within said mobile unit. Further, the specification is transmitted 340 over the mobile network, possibly via a specific gateway as has been mentioned above. The specification is received 350 and the transmitter/sender is authenticated 360, respective, whenever applicable, authorized 370. Depending on the number of units between CA and mobile unit which need own authentication and authorization, the steps to transmit 340, receive 350, authenticate 360 and
authorize 370 are repeated 375. Finally, the policy is stored and activated in the mobile station.
Of course in alternative embodiments other parties than CA can load down a PIN-policy. Particularly in one embodiment the operator of the mobile communication service is capable of loading down his/her PIN-policy to the mobile units in his/her network.
PIN-policy for other purposes than unlocking/use of private keys of course also can be distributed to the mobile unit according to the invention. For instance PIN- codes and passwords for: use of symmetrical keys - write/read rights to/of data files
- GSM execution of applications etc.
In the case there are more than one CA (we call these A respective B) which certifies the same key, the following method is an embodiment of the invention:
Both A and B can load down its policy to the mobile unit. Both policy from CA A and a policy from CA B are put into practice each time PIN is changed. This requires a mechanism in the mobile unit to solve conflicting demands.
- Both A and B sends/transmits its policy to the operator of the mobile communication network. The operator creates a "summing up" of these rules and decides about which policy that finally is transmitted to the mobile unit.
Both A and B can load down its policy to the mobile unit. Separate PINs are used for the same key depending on which of his/her certificates the user wants to refer to. Policy from CA A applies when the
user refers to his/her certificate from CA A, and policy from CA B applies when the user refers to his/her certificate from CA B.
In Figure 4 A and B are shown how units for authentication and authorization have been arranged in preferred embodiments. Fig. 4A shows an authentication unit 402 and an authorization unit 404 arranged in gateway 105. Figure 4B shows an authentication unit 402 and an authorization unit 404 arranged in a mobile unit 115.
Of course there is in most cases a reliable transport mechanism required to transmit a PIN-policy from CA, or other provider/issuer of the policy, to the mobile unit. There are several methods to realize this, but this is out of the scope of the invention.
The scope of protection is only limited by the following patent claims.
Claims
1. A method in a mobile radio communication system with mobile units and connected service providers who provide services over said communication system, where the access via a specific mobile terminal of a specific service at a specific service provider requires a password, c h a r a c t e r i z e d in that said method includes the steps to - from a service provider, or by him/her appointed certificate authority electronically transmit a password policy to a mobile unit
- in a mobile unit, electronically receive said policy and handle and create/configure password in connection with said service provider according to rules specified in, from the service provider or by him/her appointed certificate authority, said transmitted/send policy.
2. A method as claimed in patent claim 1, c h a r a c t e r i z e d in the following steps :
- creation of a password policy specification at a service provider or by him/her appointed certificate authority
(CA) production/deriving of the address to a mobile unit, - production/deriving of the address to a private key in said mobile unit, transmission/sending of the specification, reception of the specification, authentication of CA, - authorization of CA, storing of a policy which corresponds to the specification, and activation of said policy.
3. A method as claimed in patent claim 1, c h a r a c t e r i z e d in that it includes the following steps . creation of a password policy specification at a CA, - production/deriving of the address to a mobile unit, production/deriving of the address to a private key in said mobile unit, distribution of the policy specification to a gateway for downloading of policy, - authentication of CA in said gateway, authorization of CA in said gateway, distribution of the specification from gateway to mobile unit over a mobile communication network, reception of the specification, - ensuring that the specification is emanating from approved gateway, storing of a policy which corresponds to the specification, and activation of said policy.
4. A method as claimed in patent claim 3, c h a r a c t e r i z e d in that it further includes the step: forcing the user to immediately change password to one which fulfils the new policy.
5. A method as claimed in patent claim 3, c h a r a c t e r i z e d in that it further includes the step: - awaiting to insert/apply the policy until the user changes password next time.
6. A method as claimed in any of the patent claims 1-5, c h a r a c t e r i z e d in that said password is a PIN- code.
7. A mobile radio communication system with mobile units and connected service providers who provide services over said communication system, where the access via a specific mobile terminal of a specific service at a specific service provider requires a password, c h a r a c t e r i z e d in that said system includes means to, from a service provider, transmit/send a policy specification for password to a mobile unit.
8. A mobile communication system as claimed in patent claim
7, c h a r a c t e r i z e d in that said system includes means to in a mobile unit receive a policy specification for password.
9. A mobile communication system as claimed in patent claim
8, c h a r a c t e r i z e d in that in said system means has been arranged for authentication of a policy sender/transmitter.
10. A mobile communication system as claimed in patent claim 8, c h a r a c t e r i z e d in that in said system means has been arranged for authorization of a policy sender/transmitter .
11. A mobile communication system as claimed in patent claim 7, c h a r a c t e r i z e d in that a gateway including means for authentication and authorization of a policy-sender/transmitter has been arranged to connect a CA to the mobile communication system, and to authorize and authenticate said CA.
12. A mobile communication system as claimed in patent claim 9 or 10, c h a r a c t e r i z e d in that means for authorization of a policy-transmitter/sender has been arranged in a mobile unit.
13. A mobile communication system as claimed in any of the patent claims 7-12, c h a r a c t e r i z e d in that said policy specification is arranged in form of a data structure .
14. A mobile communication system as claimed in any of the patent claims 7-12, c h a r a c t e r i z e d in that said policy specification is arranged in form of an executable application .
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP02793724A EP1466438A1 (en) | 2002-01-10 | 2002-12-20 | Method at access right control within mobile communication |
| AU2002359203A AU2002359203A1 (en) | 2002-01-10 | 2002-12-20 | Method at access right control within mobile communication |
| NO20042773A NO20042773L (en) | 2002-01-10 | 2004-07-01 | Procedure for controlling access rights in mobile communications |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| SE0200061A SE519072C2 (en) | 2002-01-10 | 2002-01-10 | Method of access control in mobile communications |
| SE0200061-0 | 2002-01-10 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO2003058880A1 true WO2003058880A1 (en) | 2003-07-17 |
Family
ID=20286626
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/SE2002/002424 WO2003058880A1 (en) | 2002-01-10 | 2002-12-20 | Method at access right control within mobile communication |
Country Status (5)
| Country | Link |
|---|---|
| EP (1) | EP1466438A1 (en) |
| AU (1) | AU2002359203A1 (en) |
| NO (1) | NO20042773L (en) |
| SE (1) | SE519072C2 (en) |
| WO (1) | WO2003058880A1 (en) |
Cited By (53)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2107756A1 (en) | 2008-03-31 | 2009-10-07 | British Telecommunications Public Limited Company | Policy resolution |
| US8437271B2 (en) | 2009-01-28 | 2013-05-07 | Headwater Partners I Llc | Verifiable and accurate service usage monitoring for intermediate networking devices |
| US8626115B2 (en) | 2009-01-28 | 2014-01-07 | Headwater Partners I Llc | Wireless network service interfaces |
| US8745191B2 (en) | 2009-01-28 | 2014-06-03 | Headwater Partners I Llc | System and method for providing user notifications |
| US8832777B2 (en) | 2009-03-02 | 2014-09-09 | Headwater Partners I Llc | Adapting network policies based on device service processor configuration |
| US8868455B2 (en) | 2009-01-28 | 2014-10-21 | Headwater Partners I Llc | Adaptive ambient services |
| US8893009B2 (en) | 2009-01-28 | 2014-11-18 | Headwater Partners I Llc | End user device that secures an association of application to service policy with an application certificate check |
| US8898293B2 (en) | 2009-01-28 | 2014-11-25 | Headwater Partners I Llc | Service offer set publishing to device agent with on-device service selection |
| US8924543B2 (en) | 2009-01-28 | 2014-12-30 | Headwater Partners I Llc | Service design center for device assisted services |
| US8924469B2 (en) | 2008-06-05 | 2014-12-30 | Headwater Partners I Llc | Enterprise access control and accounting allocation for access networks |
| US9094311B2 (en) | 2009-01-28 | 2015-07-28 | Headwater Partners I, Llc | Techniques for attribution of mobile device data traffic to initiating end-user application |
| US9137701B2 (en) | 2009-01-28 | 2015-09-15 | Headwater Partners I Llc | Wireless end-user device with differentiated network access for background and foreground device applications |
| US9154826B2 (en) | 2011-04-06 | 2015-10-06 | Headwater Partners Ii Llc | Distributing content and service launch objects to mobile devices |
| US9198042B2 (en) | 2009-01-28 | 2015-11-24 | Headwater Partners I Llc | Security techniques for device assisted services |
| US9204282B2 (en) | 2009-01-28 | 2015-12-01 | Headwater Partners I Llc | Enhanced roaming services and converged carrier networks with device assisted services and a proxy |
| US9247450B2 (en) | 2009-01-28 | 2016-01-26 | Headwater Partners I Llc | Quality of service for device assisted services |
| US9253663B2 (en) | 2009-01-28 | 2016-02-02 | Headwater Partners I Llc | Controlling mobile device communications on a roaming network based on device state |
| US9351193B2 (en) | 2009-01-28 | 2016-05-24 | Headwater Partners I Llc | Intermediate networking devices |
| US9392462B2 (en) | 2009-01-28 | 2016-07-12 | Headwater Partners I Llc | Mobile end-user device with agent limiting wireless data communication for specified background applications based on a stored policy |
| US9491199B2 (en) | 2009-01-28 | 2016-11-08 | Headwater Partners I Llc | Security, fraud detection, and fraud mitigation in device-assisted services systems |
| US9532261B2 (en) | 2009-01-28 | 2016-12-27 | Headwater Partners I Llc | System and method for wireless network offloading |
| US9557889B2 (en) | 2009-01-28 | 2017-01-31 | Headwater Partners I Llc | Service plan design, user interfaces, application programming interfaces, and device management |
| US9565543B2 (en) | 2009-01-28 | 2017-02-07 | Headwater Partners I Llc | Device group partitions and settlement platform |
| US9565707B2 (en) | 2009-01-28 | 2017-02-07 | Headwater Partners I Llc | Wireless end-user device with wireless data attribution to multiple personas |
| US9571559B2 (en) | 2009-01-28 | 2017-02-14 | Headwater Partners I Llc | Enhanced curfew and protection associated with a device group |
| US9572019B2 (en) | 2009-01-28 | 2017-02-14 | Headwater Partners LLC | Service selection set published to device agent with on-device service selection |
| US9578182B2 (en) | 2009-01-28 | 2017-02-21 | Headwater Partners I Llc | Mobile device and service management |
| US9609510B2 (en) | 2009-01-28 | 2017-03-28 | Headwater Research Llc | Automated credential porting for mobile devices |
| US9647918B2 (en) | 2009-01-28 | 2017-05-09 | Headwater Research Llc | Mobile device and method attributing media services network usage to requesting application |
| US9706061B2 (en) | 2009-01-28 | 2017-07-11 | Headwater Partners I Llc | Service design center for device assisted services |
| US9755842B2 (en) | 2009-01-28 | 2017-09-05 | Headwater Research Llc | Managing service user discovery and service launch object placement on a device |
| US9819808B2 (en) | 2009-01-28 | 2017-11-14 | Headwater Research Llc | Hierarchical service policies for creating service usage data records for a wireless end-user device |
| US9858559B2 (en) | 2009-01-28 | 2018-01-02 | Headwater Research Llc | Network service plan design |
| US9955332B2 (en) | 2009-01-28 | 2018-04-24 | Headwater Research Llc | Method for child wireless device activation to subscriber account of a master wireless device |
| US9954975B2 (en) | 2009-01-28 | 2018-04-24 | Headwater Research Llc | Enhanced curfew and protection associated with a device group |
| US9980146B2 (en) | 2009-01-28 | 2018-05-22 | Headwater Research Llc | Communications device with secure data path processing agents |
| US10057775B2 (en) | 2009-01-28 | 2018-08-21 | Headwater Research Llc | Virtualized policy and charging system |
| US10064055B2 (en) | 2009-01-28 | 2018-08-28 | Headwater Research Llc | Security, fraud detection, and fraud mitigation in device-assisted services systems |
| US10070305B2 (en) | 2009-01-28 | 2018-09-04 | Headwater Research Llc | Device assisted services install |
| US10200541B2 (en) | 2009-01-28 | 2019-02-05 | Headwater Research Llc | Wireless end-user device with divided user space/kernel space traffic policy system |
| US10237757B2 (en) | 2009-01-28 | 2019-03-19 | Headwater Research Llc | System and method for wireless network offloading |
| US10248996B2 (en) | 2009-01-28 | 2019-04-02 | Headwater Research Llc | Method for operating a wireless end-user device mobile payment agent |
| US10264138B2 (en) | 2009-01-28 | 2019-04-16 | Headwater Research Llc | Mobile device and service management |
| US10326800B2 (en) | 2009-01-28 | 2019-06-18 | Headwater Research Llc | Wireless network service interfaces |
| US10492102B2 (en) | 2009-01-28 | 2019-11-26 | Headwater Research Llc | Intermediate networking devices |
| US10715342B2 (en) | 2009-01-28 | 2020-07-14 | Headwater Research Llc | Managing service user discovery and service launch object placement on a device |
| US10779177B2 (en) | 2009-01-28 | 2020-09-15 | Headwater Research Llc | Device group partitions and settlement platform |
| US10783581B2 (en) | 2009-01-28 | 2020-09-22 | Headwater Research Llc | Wireless end-user device providing ambient or sponsored services |
| US10798252B2 (en) | 2009-01-28 | 2020-10-06 | Headwater Research Llc | System and method for providing user notifications |
| US10841839B2 (en) | 2009-01-28 | 2020-11-17 | Headwater Research Llc | Security, fraud detection, and fraud mitigation in device-assisted services systems |
| US11218854B2 (en) | 2009-01-28 | 2022-01-04 | Headwater Research Llc | Service plan design, user interfaces, application programming interfaces, and device management |
| US11412366B2 (en) | 2009-01-28 | 2022-08-09 | Headwater Research Llc | Enhanced roaming services and converged carrier networks with device assisted services and a proxy |
| US11966464B2 (en) | 2022-07-18 | 2024-04-23 | Headwater Research Llc | Security techniques for device assisted services |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0354771A2 (en) * | 1988-08-11 | 1990-02-14 | International Business Machines Corporation | Personal identification number processing using control vectors |
| US4924514A (en) * | 1988-08-26 | 1990-05-08 | International Business Machines Corporation | Personal identification number processing using control vectors |
| US5944824A (en) * | 1997-04-30 | 1999-08-31 | Mci Communications Corporation | System and method for single sign-on to a plurality of network elements |
| US6202157B1 (en) * | 1997-12-08 | 2001-03-13 | Entrust Technologies Limited | Computer network security system and method having unilateral enforceable security policy provision |
| WO2001035685A1 (en) * | 1999-11-09 | 2001-05-17 | Orange A/S | System for electronic delivery of a personal identification code |
-
2002
- 2002-01-10 SE SE0200061A patent/SE519072C2/en not_active IP Right Cessation
- 2002-12-20 EP EP02793724A patent/EP1466438A1/en not_active Withdrawn
- 2002-12-20 WO PCT/SE2002/002424 patent/WO2003058880A1/en not_active Application Discontinuation
- 2002-12-20 AU AU2002359203A patent/AU2002359203A1/en not_active Abandoned
-
2004
- 2004-07-01 NO NO20042773A patent/NO20042773L/en not_active Application Discontinuation
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0354771A2 (en) * | 1988-08-11 | 1990-02-14 | International Business Machines Corporation | Personal identification number processing using control vectors |
| US4924514A (en) * | 1988-08-26 | 1990-05-08 | International Business Machines Corporation | Personal identification number processing using control vectors |
| US5944824A (en) * | 1997-04-30 | 1999-08-31 | Mci Communications Corporation | System and method for single sign-on to a plurality of network elements |
| US6202157B1 (en) * | 1997-12-08 | 2001-03-13 | Entrust Technologies Limited | Computer network security system and method having unilateral enforceable security policy provision |
| WO2001035685A1 (en) * | 1999-11-09 | 2001-05-17 | Orange A/S | System for electronic delivery of a personal identification code |
Cited By (173)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2107756A1 (en) | 2008-03-31 | 2009-10-07 | British Telecommunications Public Limited Company | Policy resolution |
| US8924469B2 (en) | 2008-06-05 | 2014-12-30 | Headwater Partners I Llc | Enterprise access control and accounting allocation for access networks |
| US9866642B2 (en) | 2009-01-28 | 2018-01-09 | Headwater Research Llc | Wireless end-user device with wireless modem power state control policy for background applications |
| US9386165B2 (en) | 2009-01-28 | 2016-07-05 | Headwater Partners I Llc | System and method for providing user notifications |
| US8531986B2 (en) | 2009-01-28 | 2013-09-10 | Headwater Partners I Llc | Network tools for analysis, design, testing, and production of services |
| US8626115B2 (en) | 2009-01-28 | 2014-01-07 | Headwater Partners I Llc | Wireless network service interfaces |
| US8695073B2 (en) | 2009-01-28 | 2014-04-08 | Headwater Partners I Llc | Automated device provisioning and activation |
| US8745191B2 (en) | 2009-01-28 | 2014-06-03 | Headwater Partners I Llc | System and method for providing user notifications |
| US8839388B2 (en) | 2009-01-28 | 2014-09-16 | Headwater Partners I Llc | Automated device provisioning and activation |
| US8839387B2 (en) | 2009-01-28 | 2014-09-16 | Headwater Partners I Llc | Roaming services network and overlay networks |
| US8868455B2 (en) | 2009-01-28 | 2014-10-21 | Headwater Partners I Llc | Adaptive ambient services |
| US8886162B2 (en) | 2009-01-28 | 2014-11-11 | Headwater Partners I Llc | Restricting end-user device communications over a wireless access network associated with a cost |
| US8893009B2 (en) | 2009-01-28 | 2014-11-18 | Headwater Partners I Llc | End user device that secures an association of application to service policy with an application certificate check |
| US8898293B2 (en) | 2009-01-28 | 2014-11-25 | Headwater Partners I Llc | Service offer set publishing to device agent with on-device service selection |
| US8897744B2 (en) | 2009-01-28 | 2014-11-25 | Headwater Partners I Llc | Device assisted ambient services |
| US8898079B2 (en) | 2009-01-28 | 2014-11-25 | Headwater Partners I Llc | Network based ambient services |
| US8897743B2 (en) | 2009-01-28 | 2014-11-25 | Headwater Partners I Llc | Verifiable device assisted service usage billing with integrated accounting, mediation accounting, and multi-account |
| US8903452B2 (en) | 2009-01-28 | 2014-12-02 | Headwater Partners I Llc | Device assisted ambient services |
| US8924543B2 (en) | 2009-01-28 | 2014-12-30 | Headwater Partners I Llc | Service design center for device assisted services |
| US8924549B2 (en) | 2009-01-28 | 2014-12-30 | Headwater Partners I Llc | Network based ambient services |
| US8948025B2 (en) | 2009-01-28 | 2015-02-03 | Headwater Partners I Llc | Remotely configurable device agent for packet routing |
| US9014026B2 (en) | 2009-01-28 | 2015-04-21 | Headwater Partners I Llc | Network based service profile management with user preference, adaptive policy, network neutrality, and user privacy |
| US9026079B2 (en) | 2009-01-28 | 2015-05-05 | Headwater Partners I Llc | Wireless network service interfaces |
| US9955332B2 (en) | 2009-01-28 | 2018-04-24 | Headwater Research Llc | Method for child wireless device activation to subscriber account of a master wireless device |
| US9094311B2 (en) | 2009-01-28 | 2015-07-28 | Headwater Partners I, Llc | Techniques for attribution of mobile device data traffic to initiating end-user application |
| US9137701B2 (en) | 2009-01-28 | 2015-09-15 | Headwater Partners I Llc | Wireless end-user device with differentiated network access for background and foreground device applications |
| US9137739B2 (en) | 2009-01-28 | 2015-09-15 | Headwater Partners I Llc | Network based service policy implementation with network neutrality and user privacy |
| US9143976B2 (en) | 2009-01-28 | 2015-09-22 | Headwater Partners I Llc | Wireless end-user device with differentiated network access and access status for background and foreground device applications |
| US9154428B2 (en) | 2009-01-28 | 2015-10-06 | Headwater Partners I Llc | Wireless end-user device with differentiated network access selectively applied to different applications |
| US9173104B2 (en) | 2009-01-28 | 2015-10-27 | Headwater Partners I Llc | Mobile device with device agents to detect a disallowed access to a requested mobile data service and guide a multi-carrier selection and activation sequence |
| US9179315B2 (en) | 2009-01-28 | 2015-11-03 | Headwater Partners I Llc | Mobile device with data service monitoring, categorization, and display for different applications and networks |
| US9179316B2 (en) | 2009-01-28 | 2015-11-03 | Headwater Partners I Llc | Mobile device with user controls and policy agent to control application access to device location data |
| US9179308B2 (en) | 2009-01-28 | 2015-11-03 | Headwater Partners I Llc | Network tools for analysis, design, testing, and production of services |
| US9179359B2 (en) | 2009-01-28 | 2015-11-03 | Headwater Partners I Llc | Wireless end-user device with differentiated network access status for different device applications |
| US9198074B2 (en) | 2009-01-28 | 2015-11-24 | Headwater Partners I Llc | Wireless end-user device with differential traffic control policy list and applying foreground classification to roaming wireless data service |
| US9198042B2 (en) | 2009-01-28 | 2015-11-24 | Headwater Partners I Llc | Security techniques for device assisted services |
| US9198076B2 (en) | 2009-01-28 | 2015-11-24 | Headwater Partners I Llc | Wireless end-user device with power-control-state-based wireless network access policy for background applications |
| US9198117B2 (en) | 2009-01-28 | 2015-11-24 | Headwater Partners I Llc | Network system with common secure wireless message service serving multiple applications on multiple wireless devices |
| US9198075B2 (en) | 2009-01-28 | 2015-11-24 | Headwater Partners I Llc | Wireless end-user device with differential traffic control policy list applicable to one of several wireless modems |
| US9204282B2 (en) | 2009-01-28 | 2015-12-01 | Headwater Partners I Llc | Enhanced roaming services and converged carrier networks with device assisted services and a proxy |
| US9204374B2 (en) | 2009-01-28 | 2015-12-01 | Headwater Partners I Llc | Multicarrier over-the-air cellular network activation server |
| US9215613B2 (en) | 2009-01-28 | 2015-12-15 | Headwater Partners I Llc | Wireless end-user device with differential traffic control policy list having limited user control |
| US9215159B2 (en) | 2009-01-28 | 2015-12-15 | Headwater Partners I Llc | Data usage monitoring for media data services used by applications |
| US9220027B1 (en) | 2009-01-28 | 2015-12-22 | Headwater Partners I Llc | Wireless end-user device with policy-based controls for WWAN network usage and modem state changes requested by specific applications |
| US9225797B2 (en) | 2009-01-28 | 2015-12-29 | Headwater Partners I Llc | System for providing an adaptive wireless ambient service to a mobile device |
| US9232403B2 (en) | 2009-01-28 | 2016-01-05 | Headwater Partners I Llc | Mobile device with common secure wireless message service serving multiple applications |
| US9247450B2 (en) | 2009-01-28 | 2016-01-26 | Headwater Partners I Llc | Quality of service for device assisted services |
| US9253663B2 (en) | 2009-01-28 | 2016-02-02 | Headwater Partners I Llc | Controlling mobile device communications on a roaming network based on device state |
| US9258735B2 (en) | 2009-01-28 | 2016-02-09 | Headwater Partners I Llc | Device-assisted services for protecting network capacity |
| US9270559B2 (en) | 2009-01-28 | 2016-02-23 | Headwater Partners I Llc | Service policy implementation for an end-user device having a control application or a proxy agent for routing an application traffic flow |
| US9271184B2 (en) | 2009-01-28 | 2016-02-23 | Headwater Partners I Llc | Wireless end-user device with per-application data limit and traffic control policy list limiting background application traffic |
| US9277433B2 (en) | 2009-01-28 | 2016-03-01 | Headwater Partners I Llc | Wireless end-user device with policy-based aggregation of network activity requested by applications |
| US9277445B2 (en) | 2009-01-28 | 2016-03-01 | Headwater Partners I Llc | Wireless end-user device with differential traffic control policy list and applying foreground classification to wireless data service |
| US9319913B2 (en) | 2009-01-28 | 2016-04-19 | Headwater Partners I Llc | Wireless end-user device with secure network-provided differential traffic control policy list |
| US9351193B2 (en) | 2009-01-28 | 2016-05-24 | Headwater Partners I Llc | Intermediate networking devices |
| US9942796B2 (en) | 2009-01-28 | 2018-04-10 | Headwater Research Llc | Quality of service for device assisted services |
| US9386121B2 (en) | 2009-01-28 | 2016-07-05 | Headwater Partners I Llc | Method for providing an adaptive wireless ambient service to a mobile device |
| US9392462B2 (en) | 2009-01-28 | 2016-07-12 | Headwater Partners I Llc | Mobile end-user device with agent limiting wireless data communication for specified background applications based on a stored policy |
| US9491564B1 (en) | 2009-01-28 | 2016-11-08 | Headwater Partners I Llc | Mobile device and method with secure network messaging for authorized components |
| US9491199B2 (en) | 2009-01-28 | 2016-11-08 | Headwater Partners I Llc | Security, fraud detection, and fraud mitigation in device-assisted services systems |
| US9521578B2 (en) | 2009-01-28 | 2016-12-13 | Headwater Partners I Llc | Wireless end-user device with application program interface to allow applications to access application-specific aspects of a wireless network access policy |
| US9532261B2 (en) | 2009-01-28 | 2016-12-27 | Headwater Partners I Llc | System and method for wireless network offloading |
| US9532161B2 (en) | 2009-01-28 | 2016-12-27 | Headwater Partners I Llc | Wireless device with application data flow tagging and network stack-implemented network access policy |
| US9544397B2 (en) | 2009-01-28 | 2017-01-10 | Headwater Partners I Llc | Proxy server for providing an adaptive wireless ambient service to a mobile device |
| US9557889B2 (en) | 2009-01-28 | 2017-01-31 | Headwater Partners I Llc | Service plan design, user interfaces, application programming interfaces, and device management |
| US9565543B2 (en) | 2009-01-28 | 2017-02-07 | Headwater Partners I Llc | Device group partitions and settlement platform |
| US9565707B2 (en) | 2009-01-28 | 2017-02-07 | Headwater Partners I Llc | Wireless end-user device with wireless data attribution to multiple personas |
| US9571559B2 (en) | 2009-01-28 | 2017-02-14 | Headwater Partners I Llc | Enhanced curfew and protection associated with a device group |
| US9572019B2 (en) | 2009-01-28 | 2017-02-14 | Headwater Partners LLC | Service selection set published to device agent with on-device service selection |
| US9578182B2 (en) | 2009-01-28 | 2017-02-21 | Headwater Partners I Llc | Mobile device and service management |
| US9591474B2 (en) | 2009-01-28 | 2017-03-07 | Headwater Partners I Llc | Adapting network policies based on device service processor configuration |
| US9609510B2 (en) | 2009-01-28 | 2017-03-28 | Headwater Research Llc | Automated credential porting for mobile devices |
| US9609544B2 (en) | 2009-01-28 | 2017-03-28 | Headwater Research Llc | Device-assisted services for protecting network capacity |
| US9609459B2 (en) | 2009-01-28 | 2017-03-28 | Headwater Research Llc | Network tools for analysis, design, testing, and production of services |
| US9615192B2 (en) | 2009-01-28 | 2017-04-04 | Headwater Research Llc | Message link server with plural message delivery triggers |
| US9641957B2 (en) | 2009-01-28 | 2017-05-02 | Headwater Research Llc | Automated device provisioning and activation |
| US9647918B2 (en) | 2009-01-28 | 2017-05-09 | Headwater Research Llc | Mobile device and method attributing media services network usage to requesting application |
| US9674731B2 (en) | 2009-01-28 | 2017-06-06 | Headwater Research Llc | Wireless device applying different background data traffic policies to different device applications |
| US9705771B2 (en) | 2009-01-28 | 2017-07-11 | Headwater Partners I Llc | Attribution of mobile device data traffic to end-user application based on socket flows |
| US9706061B2 (en) | 2009-01-28 | 2017-07-11 | Headwater Partners I Llc | Service design center for device assisted services |
| US9749899B2 (en) | 2009-01-28 | 2017-08-29 | Headwater Research Llc | Wireless end-user device with network traffic API to indicate unavailability of roaming wireless connection to background applications |
| US9749898B2 (en) | 2009-01-28 | 2017-08-29 | Headwater Research Llc | Wireless end-user device with differential traffic control policy list applicable to one of several wireless modems |
| US9755842B2 (en) | 2009-01-28 | 2017-09-05 | Headwater Research Llc | Managing service user discovery and service launch object placement on a device |
| US9769207B2 (en) | 2009-01-28 | 2017-09-19 | Headwater Research Llc | Wireless network service interfaces |
| US9819808B2 (en) | 2009-01-28 | 2017-11-14 | Headwater Research Llc | Hierarchical service policies for creating service usage data records for a wireless end-user device |
| US9858559B2 (en) | 2009-01-28 | 2018-01-02 | Headwater Research Llc | Network service plan design |
| US11589216B2 (en) | 2009-01-28 | 2023-02-21 | Headwater Research Llc | Service selection set publishing to device agent with on-device service selection |
| US8516552B2 (en) | 2009-01-28 | 2013-08-20 | Headwater Partners I Llc | Verifiable service policy implementation for intermediate networking devices |
| US9037127B2 (en) | 2009-01-28 | 2015-05-19 | Headwater Partners I Llc | Device agent for remote user configuration of wireless network access |
| US9954975B2 (en) | 2009-01-28 | 2018-04-24 | Headwater Research Llc | Enhanced curfew and protection associated with a device group |
| US9973930B2 (en) | 2009-01-28 | 2018-05-15 | Headwater Research Llc | End user device that secures an association of application to service policy with an application certificate check |
| US9980146B2 (en) | 2009-01-28 | 2018-05-22 | Headwater Research Llc | Communications device with secure data path processing agents |
| US10028144B2 (en) | 2009-01-28 | 2018-07-17 | Headwater Research Llc | Security techniques for device assisted services |
| US10057775B2 (en) | 2009-01-28 | 2018-08-21 | Headwater Research Llc | Virtualized policy and charging system |
| US10057141B2 (en) | 2009-01-28 | 2018-08-21 | Headwater Research Llc | Proxy system and method for adaptive ambient services |
| US10064055B2 (en) | 2009-01-28 | 2018-08-28 | Headwater Research Llc | Security, fraud detection, and fraud mitigation in device-assisted services systems |
| US10064033B2 (en) | 2009-01-28 | 2018-08-28 | Headwater Research Llc | Device group partitions and settlement platform |
| US10070305B2 (en) | 2009-01-28 | 2018-09-04 | Headwater Research Llc | Device assisted services install |
| US10080250B2 (en) | 2009-01-28 | 2018-09-18 | Headwater Research Llc | Enterprise access control and accounting allocation for access networks |
| US10165447B2 (en) | 2009-01-28 | 2018-12-25 | Headwater Research Llc | Network service plan design |
| US10171990B2 (en) | 2009-01-28 | 2019-01-01 | Headwater Research Llc | Service selection set publishing to device agent with on-device service selection |
| US10171988B2 (en) | 2009-01-28 | 2019-01-01 | Headwater Research Llc | Adapting network policies based on device service processor configuration |
| US10171681B2 (en) | 2009-01-28 | 2019-01-01 | Headwater Research Llc | Service design center for device assisted services |
| US11923995B2 (en) | 2009-01-28 | 2024-03-05 | Headwater Research Llc | Device-assisted services for protecting network capacity |
| US11757943B2 (en) | 2009-01-28 | 2023-09-12 | Headwater Research Llc | Automated device provisioning and activation |
| US10200541B2 (en) | 2009-01-28 | 2019-02-05 | Headwater Research Llc | Wireless end-user device with divided user space/kernel space traffic policy system |
| US10237146B2 (en) | 2009-01-28 | 2019-03-19 | Headwater Research Llc | Adaptive ambient services |
| US10237757B2 (en) | 2009-01-28 | 2019-03-19 | Headwater Research Llc | System and method for wireless network offloading |
| US10237773B2 (en) | 2009-01-28 | 2019-03-19 | Headwater Research Llc | Device-assisted services for protecting network capacity |
| US10248996B2 (en) | 2009-01-28 | 2019-04-02 | Headwater Research Llc | Method for operating a wireless end-user device mobile payment agent |
| US10264138B2 (en) | 2009-01-28 | 2019-04-16 | Headwater Research Llc | Mobile device and service management |
| US10320990B2 (en) | 2009-01-28 | 2019-06-11 | Headwater Research Llc | Device assisted CDR creation, aggregation, mediation and billing |
| US10321320B2 (en) | 2009-01-28 | 2019-06-11 | Headwater Research Llc | Wireless network buffered message system |
| US10326800B2 (en) | 2009-01-28 | 2019-06-18 | Headwater Research Llc | Wireless network service interfaces |
| US10326675B2 (en) | 2009-01-28 | 2019-06-18 | Headwater Research Llc | Flow tagging for service policy implementation |
| US10462627B2 (en) | 2009-01-28 | 2019-10-29 | Headwater Research Llc | Service plan design, user interfaces, application programming interfaces, and device management |
| US10492102B2 (en) | 2009-01-28 | 2019-11-26 | Headwater Research Llc | Intermediate networking devices |
| US10536983B2 (en) | 2009-01-28 | 2020-01-14 | Headwater Research Llc | Enterprise access control and accounting allocation for access networks |
| US10582375B2 (en) | 2009-01-28 | 2020-03-03 | Headwater Research Llc | Device assisted services install |
| US10681179B2 (en) | 2009-01-28 | 2020-06-09 | Headwater Research Llc | Enhanced curfew and protection associated with a device group |
| US10694385B2 (en) | 2009-01-28 | 2020-06-23 | Headwater Research Llc | Security techniques for device assisted services |
| US10715342B2 (en) | 2009-01-28 | 2020-07-14 | Headwater Research Llc | Managing service user discovery and service launch object placement on a device |
| US10716006B2 (en) | 2009-01-28 | 2020-07-14 | Headwater Research Llc | End user device that secures an association of application to service policy with an application certificate check |
| US10749700B2 (en) | 2009-01-28 | 2020-08-18 | Headwater Research Llc | Device-assisted services for protecting network capacity |
| US10771980B2 (en) | 2009-01-28 | 2020-09-08 | Headwater Research Llc | Communications device with secure data path processing agents |
| US10779177B2 (en) | 2009-01-28 | 2020-09-15 | Headwater Research Llc | Device group partitions and settlement platform |
| US10783581B2 (en) | 2009-01-28 | 2020-09-22 | Headwater Research Llc | Wireless end-user device providing ambient or sponsored services |
| US10791471B2 (en) | 2009-01-28 | 2020-09-29 | Headwater Research Llc | System and method for wireless network offloading |
| US10798254B2 (en) | 2009-01-28 | 2020-10-06 | Headwater Research Llc | Service design center for device assisted services |
| US10798252B2 (en) | 2009-01-28 | 2020-10-06 | Headwater Research Llc | System and method for providing user notifications |
| US10798558B2 (en) | 2009-01-28 | 2020-10-06 | Headwater Research Llc | Adapting network policies based on device service processor configuration |
| US10803518B2 (en) | 2009-01-28 | 2020-10-13 | Headwater Research Llc | Virtualized policy and charging system |
| US11750477B2 (en) | 2009-01-28 | 2023-09-05 | Headwater Research Llc | Adaptive ambient services |
| US11665186B2 (en) | 2009-01-28 | 2023-05-30 | Headwater Research Llc | Communications device with secure data path processing agents |
| US10834577B2 (en) | 2009-01-28 | 2020-11-10 | Headwater Research Llc | Service offer set publishing to device agent with on-device service selection |
| US10841839B2 (en) | 2009-01-28 | 2020-11-17 | Headwater Research Llc | Security, fraud detection, and fraud mitigation in device-assisted services systems |
| US10848330B2 (en) | 2009-01-28 | 2020-11-24 | Headwater Research Llc | Device-assisted services for protecting network capacity |
| US10855559B2 (en) | 2009-01-28 | 2020-12-01 | Headwater Research Llc | Adaptive ambient services |
| US10869199B2 (en) | 2009-01-28 | 2020-12-15 | Headwater Research Llc | Network service plan design |
| US10985977B2 (en) | 2009-01-28 | 2021-04-20 | Headwater Research Llc | Quality of service for device assisted services |
| US11039020B2 (en) | 2009-01-28 | 2021-06-15 | Headwater Research Llc | Mobile device and service management |
| US11096055B2 (en) | 2009-01-28 | 2021-08-17 | Headwater Research Llc | Automated device provisioning and activation |
| US11134102B2 (en) | 2009-01-28 | 2021-09-28 | Headwater Research Llc | Verifiable device assisted service usage monitoring with reporting, synchronization, and notification |
| US11190645B2 (en) | 2009-01-28 | 2021-11-30 | Headwater Research Llc | Device assisted CDR creation, aggregation, mediation and billing |
| US11190427B2 (en) | 2009-01-28 | 2021-11-30 | Headwater Research Llc | Flow tagging for service policy implementation |
| US11190545B2 (en) | 2009-01-28 | 2021-11-30 | Headwater Research Llc | Wireless network service interfaces |
| US11218854B2 (en) | 2009-01-28 | 2022-01-04 | Headwater Research Llc | Service plan design, user interfaces, application programming interfaces, and device management |
| US11219074B2 (en) | 2009-01-28 | 2022-01-04 | Headwater Research Llc | Enterprise access control and accounting allocation for access networks |
| US11228617B2 (en) | 2009-01-28 | 2022-01-18 | Headwater Research Llc | Automated device provisioning and activation |
| US11337059B2 (en) | 2009-01-28 | 2022-05-17 | Headwater Research Llc | Device assisted services install |
| US11363496B2 (en) | 2009-01-28 | 2022-06-14 | Headwater Research Llc | Intermediate networking devices |
| US11405224B2 (en) | 2009-01-28 | 2022-08-02 | Headwater Research Llc | Device-assisted services for protecting network capacity |
| US11405429B2 (en) | 2009-01-28 | 2022-08-02 | Headwater Research Llc | Security techniques for device assisted services |
| US11412366B2 (en) | 2009-01-28 | 2022-08-09 | Headwater Research Llc | Enhanced roaming services and converged carrier networks with device assisted services and a proxy |
| US11425580B2 (en) | 2009-01-28 | 2022-08-23 | Headwater Research Llc | System and method for wireless network offloading |
| US11477246B2 (en) | 2009-01-28 | 2022-10-18 | Headwater Research Llc | Network service plan design |
| US11494837B2 (en) | 2009-01-28 | 2022-11-08 | Headwater Research Llc | Virtualized policy and charging system |
| US11516301B2 (en) | 2009-01-28 | 2022-11-29 | Headwater Research Llc | Enhanced curfew and protection associated with a device group |
| US11533642B2 (en) | 2009-01-28 | 2022-12-20 | Headwater Research Llc | Device group partitions and settlement platform |
| US11538106B2 (en) | 2009-01-28 | 2022-12-27 | Headwater Research Llc | Wireless end-user device providing ambient or sponsored services |
| US11563592B2 (en) | 2009-01-28 | 2023-01-24 | Headwater Research Llc | Managing service user discovery and service launch object placement on a device |
| US11570309B2 (en) | 2009-01-28 | 2023-01-31 | Headwater Research Llc | Service design center for device assisted services |
| US11582593B2 (en) | 2009-01-28 | 2023-02-14 | Head Water Research Llc | Adapting network policies based on device service processor configuration |
| US8437271B2 (en) | 2009-01-28 | 2013-05-07 | Headwater Partners I Llc | Verifiable and accurate service usage monitoring for intermediate networking devices |
| US11665592B2 (en) | 2009-01-28 | 2023-05-30 | Headwater Research Llc | Security, fraud detection, and fraud mitigation in device-assisted services systems |
| US8832777B2 (en) | 2009-03-02 | 2014-09-09 | Headwater Partners I Llc | Adapting network policies based on device service processor configuration |
| US9154826B2 (en) | 2011-04-06 | 2015-10-06 | Headwater Partners Ii Llc | Distributing content and service launch objects to mobile devices |
| US10834583B2 (en) | 2013-03-14 | 2020-11-10 | Headwater Research Llc | Automated credential porting for mobile devices |
| US11743717B2 (en) | 2013-03-14 | 2023-08-29 | Headwater Research Llc | Automated credential porting for mobile devices |
| US10171995B2 (en) | 2013-03-14 | 2019-01-01 | Headwater Research Llc | Automated credential porting for mobile devices |
| US11968234B2 (en) | 2021-11-29 | 2024-04-23 | Headwater Research Llc | Wireless network service interfaces |
| US11966464B2 (en) | 2022-07-18 | 2024-04-23 | Headwater Research Llc | Security techniques for device assisted services |
| US11973804B2 (en) | 2022-07-20 | 2024-04-30 | Headwater Research Llc | Network service plan design |
Also Published As
| Publication number | Publication date |
|---|---|
| SE0200061L (en) | 2003-01-07 |
| SE0200061D0 (en) | 2002-01-10 |
| EP1466438A1 (en) | 2004-10-13 |
| AU2002359203A1 (en) | 2003-07-24 |
| SE519072C2 (en) | 2003-01-07 |
| NO20042773L (en) | 2004-09-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP1466438A1 (en) | Method at access right control within mobile communication | |
| US8001615B2 (en) | Method for managing the security of applications with a security module | |
| KR101047641B1 (en) | Enhance security and privacy for security devices | |
| CN101167388B (en) | Limited supply access to mobile terminal features | |
| EP2368339B1 (en) | Secure transaction authentication | |
| EP1476980B1 (en) | Requesting digital certificates | |
| RU2404520C2 (en) | Method for provision of signature key for digital signature, verification or coding of data, and also mobile terminal | |
| EP2106191B1 (en) | A method for updating a smartcard and a smartcard having update capability | |
| US20060262929A1 (en) | Method and system for identifying the identity of a user | |
| US20070209081A1 (en) | Methods, systems, and computer program products for providing a client device with temporary access to a service during authentication of the client device | |
| US20040266395A1 (en) | Process for securing a mobile terminal and applications of the process for executing applications requiring a high degree of security | |
| US20020187808A1 (en) | Method and arrangement for encrypting data transfer at an interface in mobile equipment in radio network, and mobile equipment in radio network | |
| KR20060116822A (en) | Method for the authentication of applications | |
| US7865719B2 (en) | Method for establishing the authenticity of the identity of a service user and device for carrying out the method | |
| US7734279B2 (en) | Method and system for controlling resources via a mobile terminal, related network and computer program product therefor | |
| KR20140098872A (en) | security system and method using trusted service manager and biometric for web service of mobile nfc device | |
| CN103368735B (en) | Using authentication method, the device and system of access smart card | |
| US7072646B1 (en) | Method of distributing keys to subscribers of communications networks | |
| US9648495B2 (en) | Method and device for transmitting a verification request to an identification module | |
| US8296575B2 (en) | Method for protecting electronic device, and electronic device | |
| US7394901B2 (en) | Method for exchanging authentication information between a communication entity and an operator server | |
| Khu-Smith et al. | Enhancing e-commerce security using GSM authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
| DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| WWE | Wipo information: entry into national phase |
Ref document number: 2002793724 Country of ref document: EP |
|
| WWP | Wipo information: published in national office |
Ref document number: 2002793724 Country of ref document: EP |
|
| NENP | Non-entry into the national phase |
Ref country code: JP |
|
| WWW | Wipo information: withdrawn in national office |
Country of ref document: JP |