The invention relates to discovering and clustering Internet protocol addresses. For example, the invention can include discovering an IPv6 address of an Internet-facing device on a network, where the IPv6 address is associated with a wide area network (WAN) media access control (MAC) address and a WiFi basic service set identifier (BSSID), identifying an associated BSSID in WiFi geolocation databases based on the WAN and WiFi BSSID, and geolocating the Internet-facing device by retrieving a location record in the WiFi geolocation databases for the associated BSSID.

Correlating devices and clients across addresses may be provided. A first address associated with a client device may be received. When the client device is not connected to a network, first location data associated with the first address may be obtained using a passive technique. A second address and second location data associated with the second address may then be obtained using an active technique. It may then be determined that the first location data and the second location data correlate. In response to determining that the first location data and the second location data correlate, it may be determined that the client device has changed from the first address to the second address.

The invention concerns a method for transmitting a subscription profile from a MNO to a secure element cooperating with a terminal, the secure element being pre-provisioned with a temporary profile comprising a unique identifier, a first MCC and a first MNC, the method comprising: Transmitting from a POS of the MNO the unique identifier of the secure element to a SM-DP; Creating or reserving the subscription profile at the SM-DP; Provisioning in a D-HSS server having the first MCC/MNC the unique identifier and a temporary IMSI comprising a second MCC, a second MNC; Provisioning in the HSS of the MNO the temporary IMSI and an ephemeral Ki; At the first attempt of the secure element to connect to the D-HSS server with its temporary profile, exchanging data in signaling messages between the secure element and the D-HSS for provisioning the secure element with the temporary IMSI; At the next attempt of the secure element to connect to the MNO network with the temporary IMSI, open an APN and send from the SM-DP to the secure element the subscription profile.

The invention concerns a method for transmitting a subscription profile from a MNO to a secure element cooperating with a terminal, the secure element being pre-provisioned with a temporary profile comprising a unique identifier, a first MCC and a first MNC, the method comprising: Transmitting from a POS of the MNO the unique identifier of the secure element to a SM-DP; Creating or reserving the subscription profile at the SM-DP; Provisioning in a D-HSS server having the first MCC/MNC the unique identifier and a temporary IMSI comprising a second MCC, a second MNC; Provisioning in the HSS of the MNO the temporary IMSI and an ephemeral Ki; At the first attempt of the secure element to connect to the D-HSS server with its temporary profile, exchanging data in signaling messages between the secure element and the D-HSS for provisioning the secure element with the temporary IMSI; At the next attempt of the secure element to connect to the MNO network with the temporary IMSI, open an APN and send from the SM-DP to the secure element the subscription profile.

A CPE receives, over a first connection with a wireless network, a network-assigned prefix for the CPE. The CPE creates a prefix based on a subset of bits from the network assigned prefix. The CPE transmits, over a second connection with a LAN router device, the prefix created by the CPE as a WAN prefix for the LAN router device and the network assigned prefix as a LAN prefix for the LAN router device.

An example network device determines to assign a number of global Internet protocol (IP) addresses to respective network interfaces, determines a subnetwork for the network interfaces, determines a prefix corresponding to the subnetwork, determines a first global IP address having the prefix, determines a range value that is equal to or greater than the number of global IP addresses, generates a message according to Duplicate Address Detection Protocol (DAD) including data indicating that the message includes a range of addresses, the data further indicating the first global IP address and the range value, and sends the message according to DAD to one or more host network devices to determine whether any global IP address in a range starting with the first global IP address and through the range value is in use by the one or more host network devices.

Systems and methods for secure communication over a network using a linking address are disclosed. Systems for secure communication may include: a computer system in electronic communication over a network with a plurality of electronic devices; a database in electronic communication with the computer system, the database configured to electronically store at least a linking address and an associated payload of a data packet; and an engine stored on and executed by the computer system, the engine electronically receiving a data packet over the network from a first electronic device; processing the data packet to identify a linking address and a payload, the linking address being at least 32 bit; storing the linking address and payload in the database; electronically receiving a query from a second electronic device, the second electronic device identifying the linking address; and electronically transmitting the data packet over the network to the second electronic device.

Systems and methods for secure communication over a network using a linking address are disclosed. Systems for secure communication may include: a computer system in electronic communication over a network with a plurality of electronic devices; a database in electronic communication with the computer system, the database configured to electronically store at least a linking address and an associated payload of a data packet; and an engine stored on and executed by the computer system, the engine electronically receiving a data packet over the network from a first electronic device; processing the data packet to identify a linking address and a payload, the linking address being at least 32 bit; storing the linking address and payload in the database; electronically receiving a query from a second electronic device, the second electronic device identifying the linking address; and electronically transmitting the data packet over the network to the second electronic device.

An electronic device and method are disclosed. The electronic device includes memory storing identification of at least an external electronic device, to which an IPv6-based IP address is allocatable, a communication circuit, and a processor. The processor implements the method, including: receiving, from the external electronic device, a router solicitation including a link local address generated by the external electronic device, and identification information of the external electronic device, confirming whether the identification information of the external electronic device included in the router solicitation is stored in the memory, and if so, transmitting a router advertisement including information related to generation of the IP address to the external electronic device.

Implementations disclosed describe techniques to allow wireless devices to initially connect with randomized MAC addresses and send an encrypted permanent MAC for differentiated services. In one method, a first wireless device connects to an access point (AP) using a randomized MAC address. The first wireless device receives a request for a permanent MAC address from the AP. The first wireless device determines whether to send the permanent MAC address. Responsive to determining to send the permanent MAC address, the first wireless device encrypts the permanent MAC address to obtain an encrypted MAC address and sends a response to the request, including the encrypted MAC address, to the AP.