The present invention provides a network access control method. The network access control method includes: configuring network access permission of a first application, where the network access permission includes allowing the first application to access a network resource by using a first type of network access point, and the first type of network access point includes at least one first network access point; accessing a second network access point, where the second network access point belongs to the first type of network access point; when the first application is running, allowing the first application to access the network resource by using the second network access point; and when a third network access point is accessed, if the third network access point does not belong to the first type of network access point, prohibiting the first application from accessing the network resource by using the third network access point.

Systems and methods are disclosed for a local evolved packet core (EPC) that interoperates with an eNodeB and a remote EPC. In one embodiment, a method for establishing an ad hoc local network may be disclosed, comprising: monitoring an availability of a connection to a remote core network; creating a first data connection between a first mobile device and a local core network module, thereby permitting a first mobile device to attach to a local network base station without connectivity to the remote core network; identifying, at a local core network module, reconnection to the remote core network; sending, from the local core network module to the remote core network, a service request message based on a prior message received from the first mobile device at the local core network module; creating a second data connection between the local network base station and the remote core network; and forwarding downlink data, received from the remote core network via at the second data connection, to the first mobile device via the first data connection.

A system and method for authenticating a candidate user accessing a host computing device as an authentic user is provided. The host computing device is in communication with an authenticating computing device. The method includes receiving, by the authenticating computing device, a request to authenticate the candidate user as an authentic user. The authentication request includes a user identifier. The method also includes retrieving, by the authenticating computing device, transaction data including payment transactions performed by the authentic user based on the user identifier. The method also includes generating, by the authenticating computing device, a challenge question and a correct answer based on the transaction data associated with the authentic user, and transmitting the challenge question for display on a candidate user computing device used by the candidate user.

Systems and methods for secure user authentication are described. In certain embodiments, a client device such as a smartphone may be provisioned with a secure key and/or other secret information. The client device may be used to generate unique secure tokens and/or other credentials used in connection with an authentication process. A user may provide the generated tokens and/or other credentials to a service provider in connection with a request to access a managed service. The validity of the generated tokens and/or other credentials may be verified by an authentication service in communication with the service provider.

Application-level acknowledgements may be used to verify that a data packet has not only been received, but has been successfully processed by the appropriate application operating on a device that received the data packet. For example, in one embodiment, two devices may be registered with an identity service that enables security and push messaging. A first device may communicate a data packet to another device that is associated with the same identity account through the identity service. The device receiving the data packet may send an acknowledgement verifying receipt of the data packet. After an application has processed the data packet, an acknowledgement that the data packet was processed may also be send from the second device to the first device.

The invention relates to a method for operating an entity of a WLAN network. The method comprises the following steps. First, an access request is received from a subscriber of a mobile communications network, wherein the access request is based on a mobile network identity used in the mobile communications network to authenticate the subscriber. Then, from an authentication entity configured to authenticate a subscriber in the mobile communications network, radio resource information is received for the subscriber which comprises subscriber specific information how radio resources of a radio network part of the mobile communications network should be used. Furthermore, a radio resource usage of the subscriber in the WLAN network is determined taking into account the received radio resource information.

A computer system that interfaces with a blockchain is provided. The computer system receives match data for a match between a first data transaction request that is associated with a first identifier and a second data transaction request that is associated with a second identifier. A first blockchain transaction is generated based on the match data and stored to a blockchain. At least one further blockchain transaction is generates that splits the match into two different transactions—one between the first identifier and an intermediary and the second between the intermediary. These are recorded to the blockchain via the further blockchain transactions.

Clients within a computing environment may establish a secure communication session. Sometimes, a client may trust another client to read, but not modify, a message. Clients may utilize a cryptography service to generate a message protected against improper modification. Clients may utilize a cryptography service to verify whether a protected message has been improperly modified.

This disclosure is directed to an apparatus for intelligent matching of disparate input data received from disparate input data systems in a complex computing network for establishing targeted communication to a computing device associated with the intelligently matched disparate input data.

An optical electromagnetic radiation (EM) emitter and receiver are located upon a printed circuit board (PCB) glass security layer. A predetermined reference flux or interference pattern, respectively, is an expected flux or reflection pattern of EM emitted from the EM emitter, transmitted by the glass security layer, and received by the EM receiver. When the PCB is subject to an unauthorized access thereof the optical EM transmitted by glass security layer is altered. An optical monitoring device that monitors the flux or interference pattern of the optical EM received by the EM receiver detects a change in flux or interference pattern, in relation to the reference flux or reference interference pattern, respectively, and passes a tamper signal to one or more computer system devices to respond to the unauthorized access. For example, one or more cryptographic adapter card or computer system functions or secured crypto components may be disabled.