Provided is a method to operate a secure chip card for connecting to a user equipment operating in a cellular network comprising a plurality of network slices, wherein for at least one network slice a slice authentication server is operational, the secure chip card comprising a secured memory with at least one slice authentication application

Remote subscription management of an eUICC comprising a private key and a public certificate, the public certificate comprising information allowing a subscription manager server to decide if it can agree to manage the eUICC. The method includes: establishing a secure channel between the terminal and the subscription manager server by using the public certificate and dedicated cryptographic services of the eUICC; sending to the subscription manager server a subscription management request; verifying, based on the information in the public certificate in the subscription manager server, whether the eUICC is entitled to be managed by the subscription manager server and, if yes: performing a key establishment procedure between the subscription manager server and the eUICC by using the eUICC public certificate; establishing between the subscription manager server and the eUICC a secure channel with the established keys; and, executing by the subscription manager server the subscription management request on the eUICC.

A system for the inspection, evaluation and diagnosis of the level of cybersecurity of a vehicle, in particular for electronically managed devices and/or systems, comprising a control server provided with software and data communication means configured for data exchange between the software and the electronic devices present in the vehicle, such that the control server determines the existence or absence of situations of data manipulation based on the data coming from the electronic devices.

A system for the inspection, evaluation and diagnosis of the level of cybersecurity of a vehicle, in particular for electronically managed devices and/or systems, comprising a control server provided with software and data communication means configured for data exchange between the software and the electronic devices present in the vehicle, such that the control server determines the existence or absence of situations of data manipulation based on the data coming from the electronic devices.

Techniques for auto-starting a VPN in a MAM environment are disclosed. A MAM-controlled application is launched on a computer system. Policy is queried and a determination is made as to whether to auto-start a VPN application based on the policy. Based on the policy, the VPN application is auto-started, and the VPN application initiates a VPN tunnel that is usable by at least the MAM-controlled application. Network communications transmitted to or from the MAM-controlled application then pass through the VPN tunnel.

A method and apparatus provide for attachment for restricted local operator services for an apparatus, such as a user equipment. An attach procedure for the restricted local operator services for the apparatus can be performed. A proxy call session control function address for the restricted local operator services can be received during the attach procedure. A session initiation protocol register request message can be generated. The session initiation protocol register request message can include an indication for the restricted local operator services and can include an internet protocol multimedia public user identification based on an identification of the apparatus. The session initiation protocol register request message to the proxy call session control function address can be sent, the session initiation protocol register request message can include the indication for the restricted local operator services.

Mobile device cases are provided which, in a first embodiment, selectively limit a user's ability to control the user's own mobile electronic device. The case includes front and rear portions joined together and defining therein an opening for receiving a mobile electronic device, such as a mobile phone. A locking mechanism is provided for selectively securing the opening in a first locked position to prevent operational access to the mobile electronic device by the user until a predetermined condition is met. The case includes an indicia of time visible to the user during the period of time of prevented operational access. In a further embodiment, a case is provided with first and second polymeric shells each having an interior and an exterior surface thereon and connected together by at least one hinge portion. The first and second shell portions form a cavity of sufficient size to cover a mobile electronic device sufficiently to prevent access by its user. Tamper resistant and ultrasonic sensor defeating mobile device case embodiments are also contemplated by this invention.

Solutions for validating a customized user equipment (UE), prior to permitting the UE to register on a cellular network, include: receiving a set of requirement queries into a validation tool, the set of requirement queries including at least one software application identification, at least one user interface (UI) configuration, and at least one network connectivity configuration; receiving a set of requirements into the validation tool, the set of requirements corresponding with the set of requirement queries; receiving, from a customization tool on the UE, UE configuration information corresponding with the set of requirement queries; determining whether the UE configuration information meets the set of requirements; based on at least the UE configuration information meeting the set of requirements, generating a validation report for the UE; and transmitting the validation report over a network. This may require installing and configuring the customization tool on the UE to collect the configuration information.

A mobile network operator (MNO) uses a provisioning server to update or install profile content in a profile or electronic subscriber identity module (eSIM). In an exemplary embodiment, the profile is present on a secure element such as an embedded universal integrated circuit card (eUICC) in a wireless device. One or more MNOs use the provisioning server to perform profile content management on profiles in the eUICC. In some embodiments, an MNO has a trust relationship with the provisioning server. In some other embodiments, the MNO does not have a trust relationship with the provisioning server and protects payload targeted for an MNO-associated profile using an over the air (OTA) key.

Systems, devices, and methods for access control via a mobile device are described herein. One method includes receiving location information associated with a mobile device in a facility, determining that the mobile device is within a particular distance of an area of the facility based on the location information, determining whether a user of the mobile device is allowed access to the area, and allowing access to the area via a relay associated with the area responsive to a determination that the user is allowed access.