A method or system for dynamic network security control. The system discovers multiple external network addresses (ENAs) associated with multiple services in a trusted public cloud environment (TPCE), and records the discovered ENAs in a first storage. The system also accesses multiple network security policies stored in the TPCE. The system then maps the ENAs to the network security policies based on contextual relationships therebetween, and stores mappings between the ENAs and the network security policies in the TPCE. The system causes a network access control list to be update based in part on the mappings. The network access control list contains rules that specify which entities are granted or denied access to the ENAs associated with the services.

Presented herein are systems and methods for an access control system deployable in an IT Infrastructure System (enterprise) to automatically discover an unmanaged IT asset or resource based on registration metadata stored in a CMDB; in response to discovery of the unmanaged IT resource, generating based on the registration metadata, in an LDAP server of the enterprise, an entitlement for one or more groups of enterprise users, wherein, for each of the one or more users or groups, the entitlement is embodied in an LDAP group name, wherein the LDAP group name is determined based on IT resource application metadata and/or on a pre-defined LDAP group naming convention; and mapping, based on the LDAP group name, the entitlement for each of the one or more users or groups to one or more specified target IT assets of the enterprise already registered, including software applications, or hardware including databases or servers.

The application provides a method for providing an internet protocol (IP) address to a terminal device by a network node. The network node receives, from the terminal device, a request for acquiring an IP address in a packet data network (PDN) connection. The request includes a requested IP address version. The network node allocates an IP address for the terminal device in response to the request, and sends the address allocated by the network node and a PDN address capability to the terminal device. The PDN address capability is determined by the network node according to the request, and the PDN address capability indicates that only an assigned version of the allocated IP address is allowed by the network node in the PDN connection.

Methods and systems for processing Domain Name Service (DNS) request in a gateway with a plurality of WAN network interfaces. After receiving a first DNS request via one of network interfaces of the gateway, the gateway selects at least one DNS server and at least one access network and then transmits a plurality of new DNS requests to the selected at least one DNS server through the selected at least one access network and via one of network interfaces of the gateway.

A method and system for communicating between a first item of equipment and one or more other items of destination equipment implemented through a communication network, each item of equipment being identified on the communication network via an identifier based on its geographical coordinates. The method includes dispatching a message via the first item of equipment to each destination item of equipment, the message being in accordance with a determined communication protocol and including a first item of information defining a zone of influence corresponding to a determined geographical zone with respect to which each item of destination equipment determines whether the message is relevant to it.

The application provides a method for providing an internet protocol (IP) address to a terminal device by a network node. The network node receives, from the terminal device, a request for acquiring an IP address in a packet data network (PDN) connection. The request includes a requested IP address version. The network node allocates an IP address for the terminal device in response to the request, and sends the address allocated by the network node and a PDN address capability to the terminal device. The PDN address capability is determined by the network node according to the request, and the PDN address capability indicates that only an assigned version of the allocated IP address is allowed by the network node in the PDN connection.

A location-based information service method for improving utilization of location-based information services and a mobile terminal for implementing the location-based information service method are provided. A method for providing an information service using a mobile terminal includes acquiring, at a mobile terminal, location information, determining an Internet Protocol (IP) address based on the location information, and receiving service information from a cyber space associated with a service provider that corresponds to the IP address.