The disclosure relates to methods and apparatuses for controlling access relationships between entities in a computerized system. A chain of access relationships from a first entity via at least one intermediate entity to a second entity is determined. At least one direct access relationship is then created between the first entity and the second entity based on information of the determined chain of access relationships.

Example embodiments of systems and methods for data delegation and control through the use of tokenized data are provided. In an exemplary method of data delegation and control, a data device may store private information associated with a user and generate an access token, comprising tokenized data identifying the data device. The data device may transmit the access token to a user device through a front channel and receive an information request from a merchant device comprising the access token through a secure back channel. Upon authenticating the access token, the data device may transmit a portion of the private information to the merchant device through the secure back channel.

A system is disclosed for pre-registering authentication devices. A security key provider system may receive a request to pre-register a security key with identified applications from an enterprise. Responsive to receiving the request, the security key provider system instructs the security key to generate a unique authentication code for each of the applications. The security key provider system may generate pre-registration information based on the authentication codes and pre-register the authentication codes of the security key to the applications by providing the pre-registration information to the applications on behalf of the enterprise. The security key provider system may instead provide the pre-registration information to the enterprise to allow the enterprise to pre-register the authentication codes.

Apparatuses, methods, and systems are disclosed for user authentication using a connection information package provided by a blockchain network. One apparatus includes a processor and a memory coupled to the processor, the memory comprising instructions executable by the processor to cause the apparatus to receive, from a smart contract, a set of connection information packages and to receive, from a first function, a request to authenticate a roaming user. The instructions are further executable by the processor to cause the apparatus to determine whether the first function is associated with a valid connection information package and to accept the request to authenticate the roaming user in response to the first function being associated with the valid connection information package.

First transistor logic is arranged by a first logic provider in circuit form and provides a minimum of functionality of the semiconductor device employed to bring up the semiconductor device, wherein the minimum of functionality is encrypted using a first encryption key. Second transistor logic is arranged by a second logic provider, different than the first logic provider, in circuit form to include security keys capable to perform cryptographic capabilities using a second encryption key. The second transistor logic further includes functionality that completes the semiconductor device as a chip device and is ready to process secure communication signals.

Various mechanisms can be used for authorizing access between entities in a computing environment. Configuring such access may involve configuration data stored on one or more of the computing devices or stored externally to the computing devices. Various aspect are disclosed herein for collecting, analyzing, correlating, organizing, storing, using and/or displaying such information, for example in the form of pre-analyzed access relationships between entities in the computing environment. In accordance with an aspect access-related configuration information is collected from a plurality of entities and an access relationship between two or more entities is determined based on the configuration information. Information about the determined access relationship is stored in a non-volatile storage. The information identifies a source entity and a destination entity and the determined access relationship defines a user account associated with the source entity and authorized to log into a user account associated with the destination entity.

There is provided mechanisms for configuring use of keys for security protecting packets communicated between a wireless device and a network node. A method is performed by the wireless device. The method comprises exchanging key use information with the network node in conjunction with performing a key change procedure with the network node during which a first key is replaced with a second key. The key use information indicates which of the packets are security protected using which of the first key and the second key.

Systems and methods for authenticating requests to use an Application Programming Interface (“API”) are described. In some embodiments, a request to use an API is received. Based on a comparison of the request to use the API with a pattern of activity associated with the client, a determination is made whether the client deviates from an expected behavior. Once a determination that the client deviates from the expected behavior is made, an authentication challenge is generated and issued. In some embodiments, the comparison of the request to use the API with a pattern of activity involves comparing transactional attributes of the request to use the API with past client behavior.

Systems, methods, and computer-readable media are provided for generating a unique ID for a sensor in a network. Once the sensor is installed on a component of the network, the sensor can send attributes of the sensor to a control server of the network. The attributes of the sensor can include at least one unique identifier of the sensor or the host component of the sensor. The control server can determine a hash value using a one-way hash function and a secret key, send the hash value to the sensor, and designate the hash value as a sensor ID of the sensor. In response to receiving the sensor ID, the sensor can incorporate the sensor ID in subsequent communication messages. Other components of the network can verify the validity of the sensor using a hash of the at least one unique identifier of the sensor and the secret key.

Briefly, in accordance with one or more embodiments, an apparatus of a user equipment (UE), comprises one or more baseband processors to derive a dynamic scrambling key, and a memory to store the dynamic scrambling key and a temporary UE identifier (temporary UE ID) assigned to the UE. The one or more baseband processors monitor a paging request for a scrambled UE identifier (UE ID) to determine if the paging request is intended for the UE by unscrambling the scrambled UE ID with the dynamic scrambling key to produce the temporary UE ID. The paging request is intended for the UE if the temporary UE ID produced by unscrambling the scrambled UE ID matches the temporary UE ID stored in the memory. A new dynamic scrambling key may be derived each time the UE returns to a radio resource control idle (RRC_IDLE) state.