An embodiment may involve receiving, by a computing system, a message from a wireless service provider system. The computing system may include one or more computing devices located, e.g., in the trusted cloud. The message may contain a service-provider-based identity of a client device, an indication that the service-provider-based identity has been authenticated by the wireless service provider, and a code that the client device obtained from a remote machine proximate to the client device. The computing system may generate an anonymized identity of the client device based on the service-provider-based identity. The computing system may verify that a task associated with the code is within the authorized capabilities of the anonymized identity. Possibly based on the code (and perhaps other information as well), the computing system may transmit an instruction to the remote machine. The instruction may direct the remote machine to perform the task.

A system for sending a relay notification comprises a transceiver and a processor. The processor is configured to use the transceiver to receive a request for allowing a mobile device to be used by a further mobile device as a relay to a mobile communication network. The processor is further configured to determine whether the mobile device is to act as a relay for the further mobile device based on the unique identifier of the further mobile device, and to use the transceiver to notify the mobile device that it is to act as a relay for the further mobile device in dependence on the determination. The mobile device is configured to receive the notification from the system. The processor is further configured to start relaying data received from the further mobile device to the mobile communication network upon receiving the notification.

A system for sending a relay notification comprises a transceiver and a processor. The processor is configured to use the transceiver to receive a request for allowing a mobile device to be used by a further mobile device as a relay to a mobile communication network. The processor is further configured to determine whether the mobile device is to act as a relay for the further mobile device based on the unique identifier of the further mobile device, and to use the transceiver to notify the mobile device that it is to act as a relay for the further mobile device in dependence on the determination. The mobile device is configured to receive the notification from the system. The processor is further configured to start relaying data received from the further mobile device to the mobile communication network upon receiving the notification.

A method of processing data of communications through a communication network. The method includes: receiving first data relating to a first communication between a first and a second electronic device respectively associated with a first and a second connection identifier, the first data including a generic connection identifier associated with the first connection identifier and used for the first communication; storing at least the first connection identifier associated with the generic connection identifier and the second connection identifier used for the first communication; receiving second data relating to a second communication; searching through the second data for the first or the second stored connection identifier; and according to the result of the search, associating the second communication with the first and second connection identifiers.

A method and apparatus for performing secure Machine-to-Machine (M2M) provisioning and communication is disclosed. In particular a temporary private identifier, or provisional connectivity identification (PCID), for uniquely identifying machine-to-machine equipment (M2ME) is also disclosed. Additionally, methods and apparatus for use in validating, authenticating and provisioning a M2ME is also disclosed. The validation procedures disclosed include an autonomous, semi-autonomous, and remote validation are disclosed. The provisioning procedures include methods for re-provisioning the M2ME. Procedures for updating software, and detecting tampering with the M2ME are also disclosed.

Systems, methods, and/or techniques for providing access network independent device provisioning of machine-to-machine (M2M) devices belonging to different M2M application domains may be disclosed. For example, a unique reference to a preliminary M2M ID module (PMI) associated with a M2M device. The M2M device with the PMI may be registered at a M2M ID provider (MIP). A M2M ID (MI) to replace the PMI may be generated using the MIP Additionally, a secure mutually authenticated communication channel may be set up with the M2M device within an application domain and/or may be provided for secure authorization of requests to the M2M device using the MI.

A method connecting a user's mobile terminal with a server of a service provider. The method includes: the server stores an identifier of a card assigned to the user by the service provider, corresponding to alias data associated with a user identifier by which the mobile terminal is authenticated with the mobile network; storing, in association with the identifier, first data of a first transaction performed between the user and the service provider by using the card; establishing, via the mobile network and using a service platform capable of obtaining the alias data, a communication link between the mobile terminal and the server, in which the alias data authenticate the user with the server; sending to the mobile terminal information regarding a service provided to the user by the service provider in accordance with the first data stored in association with the card identifier corresponding to the alias data.

Methods and apparatus to support secure Wi-Fi AP protocols are disclosed. An example method includes in response to receiving a request from a computing device to connect to a network, limiting, with a processor of a Wi-Fi access point, access of the computing device to the network to connect to a server; authenticating, with the processor of the Wi-Fi access point, the computing device based on data received from the server; and expanding, with the processor of the Wi-Fi access point, the access of the computing device to connect to the network.

Methods, systems, and computer readable media can be operable to facilitate an exchange of messages between an access point and a station, wherein the access point requests a unique identifier from the station. The request can include a network requirements field that indicates that a unique identifier is required for access to the network. The station initiates a secure connection with the access point prior to associating with the access point. The station may either respond with a message declining to provide a unique identifier or respond with a message including a unique identifier to be used by the access point for the station via the secure connection. The response from the station may include additional limitations on the use of the unique identifier by the access point. The access point may enforce different policies against the station depending upon how the station responds to the unique identifier request.

The disclosure includes embodiments that provide out-of-band authentication for vehicular communications using Joint Automotive Radar Communications (“JARC” if singular, “JARCs” if plural). A method includes receiving, by a directional radio of a connected vehicle, a directional communication having a payload that includes the first temporary identifier and sensor data for a purported transmitter of the directional communication. The method includes initiating, by the directional radio and a radar of the connected vehicle, a set of JARCs with the purported transmitter to determine an authenticity status of the first temporary identifier. The method includes executing a vehicular action for the payload of the directional communication responsive to the authenticity status.