An embodiment of this application provides a communications method. The method includes: generating, by an first base station, a radio resource control release message on which encryption and integrity protection are performed by using a new key; and sending, by the first base station, the radio resource control release message to a second base station, thereby improving security of communication between the serving device and the terminal and reducing signaling overheads for performing key negotiation over an air interface.

A network controller configured to provide network access to client devices, receives a network access request from a client device. The network access request includes a media access control (MAC) address of the client device and information about a first private key. The network controller sends to a server an authentication request, which includes the MAC address of the client device. The network controller receives an authentication response from the server, which includes a second private key. The network controller determines whether the first private key is the same as the second private key. In response to determining that the first private key is different from the second private key, network access is denied to the client device, and in response to determining that the first private key is the same as the second private key, network access is granted to the client device.

Described herein are systems and methods for securely obtaining payment information from a recipient on a payer's mobile device within an application on the payer's mobile device. The securely obtained information can be decrypted in the application, and the recipient information can be extracted. The extracted recipient information can be validated and used by the application to initiate a fund transfer to the recipient's account from the payer's account. The application can include a user interface that can allow the payer to anonymize the payment, securing the privacy of the payer.

Techniques to protect a subscriber identity, by encrypting a subscription permanent identifier (SUPI) to form one-time use subscription concealed identifiers (SUCIs) using a set of one-time ephemeral asymmetric keys, generated by a user equipment (UE), and network provided keys are disclosed. Encryption of the SUPI to form the SUCIs can mitigate snooping by rogue network entities, such as fake base stations. The UE is restricted from providing the unencrypted SUPI over an unauthenticated connection to a network entity. In some instances, the UE uses a trusted symmetric fallback encryption key K.sub.FB or trusted asymmetric fallback public key PK.sub.FB to verify messages from an unauthenticated network entity and/or to encrypt the SUPI to form a fallback SUCI.sub.FB for communication of messages with the unauthenticated network entity.

A system described herein may provide for secure group messaging between multiple participant devices, in which two or more of the participant devices support blockchain-based techniques for the secure sharing of keys used to secure the group messaging, and in which one or more of the participant devices (e.g., a third device) do not support such techniques. A key escrow system may maintain keys associated with the third device, and the other devices of the group messaging system may retrieve such keys from the key escrow system. Such other devices may attempt to obtain keys associated with the third device from a blockchain and may retrieve such keys from the key escrow system when the retrieval from the blockchain is unsuccessful. The other devices may additionally share their respective keys to the blockchain and the key escrow system, or the key escrow system may “pull” such keys from the blockchain.

The disclosure is directed to use of digital keys in providing access to secured locations, goods and resources as well as other assets. The access may be fee based with the disclosure further directed to including fee payment authorization into the access process. Electronic locks may be employed within modules to faciltiate the access. The digital keys may be accompanied with commands for the electronic locks and/or modules accomodating them to execute in the course of providing the access. The digital keys may be shared, limited to single or multiple use and may be lock agnostic. The commands may be sent from a smart mobile device and be digitally signed for subsequent attestation by the lock for authenticity verification. The digital keys may be generated and otherwise handled under one of a series of escalating security encryption methods typically used and reserved for financial transactions.

A system white box device utilized in conjunction with an intelligent terminal is provided. The system white box device includes a controller, a memory, and an SIM unit. The controller provides support for management of the memory and call of the SIM unit. The memory provides a physical medium for storing data and an application of the intelligent terminal. The SIM unit provides security support for operation of the application and the system of the intelligent terminal.

Described embodiments provide systems and methods for validating a request to perform an action to access at least one file. A computing device can receive a request from the client, the request being to perform an action to access at least one file and including a first computed value indicative of one or more previous actions on files. The computing device may compare the first computed value to a second computed value maintained by the computing device independently from the first computed value. The second computed value may be indicative of the one or more previous actions on the files. The computing device may perform secondary authentication in addition to primary authentication for the client, responsive to an indication of trustworthiness of the client or the file according to the comparison of the first computed value to the second computed value.

In one example, a home network associated with a user equipment obtains an authentication request to authenticate the user equipment to a serving network. The home network generates an authentication vector of a mobile security protocol. The authentication vector includes an indication that the user equipment is to be authenticated using a multi-factor authentication process. The home network provides the authentication vector to the serving network to prompt a response from the user equipment that is in accordance with the multi-factor authentication process. The home network authenticates the user equipment to the serving network based on the response.

Embodiments of the present application disclose a method and an apparatus for sharing and acquiring information. A specific implementation of the method for sharing information includes: receiving access information of a wireless access point shared by a first terminal device, where the access information of the wireless access point is included in a connection record generated by the first terminal device; and storing the access information of the wireless access point, and synchronizing the access information of the wireless access point with other nodes of the blockchain. In this implementation, the blockchain stores the access information of the wireless access point, and all nodes of the blockchain store the access information of the wireless access point, thereby improving stability of the stored access information of the wireless access point, and better providing a wireless access service for users.