A method, apparatus and computer program product may be provided for signaling-based remote provisioning and updating of protection policy information in a SEPP of a visited network. A method may include obtaining, at a home network node (hSEPP), protection policy information from a local repository in a home network or via configuration. The hSEPP is a network node at a boundary of the home netowork, and the home network is a public land mobile network (hPLMN). The method includes distributing, via a signaling interface, the protection policy information to a visited network node (vSEPP) within a visited network (vPLMN). The vSEPP is a network node at a boundary of a second network. The protection policy information includes information regarding protection of signaling messages addressed for network functions (NFs) hosted in the hPLMN and is configured for enabling the vSEPP to selectively protect outgoing messages to hSEPP in the home network.

Methods, systems, and devices relate to digital wireless communication, and more specifically, to techniques relating to dynamic change MAC address of the station for subsequent transmissions. In one exemplary aspect, a method of dynamic change MAC address includes specifying a MAC address change mode and a new MAC address to be used by the station. In another exemplary aspect, a method of dual MAC address change mode in the dynamic change MAC address mechanism includes separating the unchanged MAC address of the station from the changeable MAC address of the station, and keep the mapping between them. In another exemplary aspect, a method includes transmitting a MAC address change request message from the station (or the access point) to initiate the MAC address change procedure. In another exemplary aspect, a method includes receiving a MAC address change response message from the access point (or the station).

According to an example aspect of the present invention, there is provided a method comprising, transmitting by a wireless device, during a first phase, a first probe signal associated with a user and receiving a reflected version of the first probe signal, transmitting by the wireless device, during the first phase, the reflected version of the first probe signal to a ground truth classifier, transmitting by the wireless device, during a second phase, a second probe signal associated with the user and receiving a reflected version of the second probe signal and transmitting by the wireless device, during the second phase, the reflected version of the second probe signal to a trusted apparatus.

According to an example aspect of the present invention, there is provided a method comprising, transmitting by a wireless device, during a first phase, a first probe signal associated with a user and receiving a reflected version of the first probe signal, transmitting by the wireless device, during the first phase, the reflected version of the first probe signal to a ground truth classifier, transmitting by the wireless device, during a second phase, a second probe signal associated with the user and receiving a reflected version of the second probe signal and transmitting by the wireless device, during the second phase, the reflected version of the second probe signal to a trusted apparatus.

This disclosure relates to a data storage device. A data port transmits data between a host computer system and the data storage device over a data channel. The device repeatedly broadcasts advertising packets over a wireless communication channel different from the data channel. Each advertising packet comprises a random value and a message authentication code calculated based on the random value and an identity key. The identity key is readable by a device to be connected and in proximity of the data storage device out of band of the data channel and the communication channel. The identity key enables the device to be connected to verify the message authentication code based on the random value and the identity key to thereby authenticate the data storage device.

This disclosure relates to a data storage device. A data port transmits data between a host computer system and the data storage device over a data channel. The device repeatedly broadcasts advertising packets over a wireless communication channel different from the data channel. Each advertising packet comprises a random value and a message authentication code calculated based on the random value and an identity key. The identity key is readable by a device to be connected and in proximity of the data storage device out of band of the data channel and the communication channel. The identity key enables the device to be connected to verify the message authentication code based on the random value and the identity key to thereby authenticate the data storage device.

Disclosed are systems, methods, and non-transitory computer readable media for making virtual colored markings on objects. Instructions may include receiving an indication of an object; receiving from an image sensor an image of a hand of an individual holding a physical marking implement; detecting in the image a color associated with the marking implement; receiving from the image sensor image data indicative of movement of a tip of the marking implement and locations of the tip; determining from the image data when the locations of the tip correspond to locations on the object; and generating, in the detected color, virtual markings on the object at the corresponding locations.

A method for DoS attacks at an NF includes maintaining, at a first NF, an NF subscription database containing rules that specify maximum numbers of allowed subscriptions and corresponding rule criteria. The method further includes receiving, at the first NF and from a second NF, a subscription request for establishing a subscription. The method further includes determining, by the first NF, that the subscription request matches criteria for at least one rule in the NF subscription database and incrementing, by the first NF, at least one count of a number of subscriptions for the at least one rule. The method further includes determining, by the first NF, that the at least one count of the number of subscriptions exceeds a maximum number of allowed subscriptions for the at least one rule. The method further includes, in response to determining that the at least one count of the number of subscriptions exceeds the maximum number of allowed subscriptions for the at least one rule, preventing establishment of the subscription.

Network circuitry authorizes User Equipment (UEs) for wireless services from wireless networks. The network circuitry stores lists of network identifiers that are associated with UE types. The network circuitry receives an authorization request that indicates a network identifier and a UE type. The UE type comprises model, operating system, user application, and/or radio frequency. The network circuitry retrieves a networks list for the UE type and compares the network identifier from the authorization request to the network identifiers on the network list. The authorization circuitry authorizes the UE responsive to a match between the network identifier from the authorization request and a network identifier on the network list.

Network circuitry authorizes User Equipment (UEs) for wireless services from wireless networks. The network circuitry stores lists of network identifiers that are associated with UE types. The network circuitry receives an authorization request that indicates a network identifier and a UE type. The UE type comprises model, operating system, user application, and/or radio frequency. The network circuitry retrieves a networks list for the UE type and compares the network identifier from the authorization request to the network identifiers on the network list. The authorization circuitry authorizes the UE responsive to a match between the network identifier from the authorization request and a network identifier on the network list.