A system and method for provisioning multiple devices including a commissioning device, one or more endpoints, and a server. The system and method includes the following. The commissioning device accepts user-input network credentials of a wireless network from a user. The commissioning device searches for one or more endpoints unconnected to the wireless network. The commissioning device then verifies the ownership of the one or more endpoints. In response to a positive verification, the commissioning device securely the network credentials to the one or more endpoints. After receiving the network credentials, the one or more endpoints verify the integrity and authenticity of the communication from the commissioning device. After the one or more endpoints verifies the communication, the one or more endpoints access the wireless network based on the securely transferred wireless credentials.

The disclosure relates to a method (30) for a network node (6, 7, 8) of a wireless network (1) of providing a device (5, 9) access to the wireless network (1). The method (30) comprises receiving (31), from a device (5, 9), an access request comprising a preamble; establishing (32), in response to the access request, a computational puzzle based on the received preamble; and sending (33) the computational puzzle to the device (5, 9). A corresponding method in a device is also disclosed, as are a network node (6, 7, 8), device (5, 9), computer programs and computer program products.

A method and apparatus for configuring a Long Term Evolution (LTE)-controlled Wireless Local Area Network (WLAN) interface for a wireless transmit/receive unit (WTRU) are described. A method includes receiving LTE Radio Resource Configuration (RRC) signaling that provides parameters for the WTRU to configure the LTE-controlled WLAN interface. The LTE RRC signaling includes a set of WLAN access points (APs), an indication that the WTRU is permitted to autonomously initiate association with a WLAN within the set, a type of one or more bearers to use for the LTE-controlled WLAN interface, WLAN-related security information, and a configuration for the WTRU to report a status of an association with a WLAN AP. The WTRU selects a WLAN AP to associate to from the list and initiates association to the selected WLAN AP using at least the WLAN-related security information.

A computer-implemented method is described to monitor and control enterprise information stored on a cloud computing service (CCS). The method includes using a cross-application monitor to detect a cloud computing service (CCS) application programming interface (API) in use and a function or an activity being performed via the CCS API. The method also includes determining the function or the activity being performed via the CCS API by parsing a data stream based on the CCS API and identifying content being transmitted to the CCS. The method further includes applying a content inspection rule to find strings and interrelated strings in the content that are subject to content control and triggering a security action responsive to finding the strings and interrelated strings subject to content control in the parsed stream.

A client establishes a network session with a server. The network session is used to establish an encrypted communications session. The client establishes another network session with another server, such as after terminating the first network session. The client resumes the encrypted communications session over the network session with the other server. The other server is configured to receive encrypted communications from the client and forward them to the appropriate server.

A method of protecting WLAN Control Protocol (WLCP) message exchange between a Trusted WLAN Access Gateway (TWAG) (112) of a Trusted WLAN Access Network (TWAN) (110) and a User Equipment (UE) (101) are provided. The method comprises deriving, by an Authentication, Authorization, and Accounting, (AAA) Server (103) of an Evolved Packet Core (EPC) network which is interfaced with the TWAN, and by the UE, a Master Session Key (MSK) and an Extended MSK (EMSK), sending, from the AAA Server to a Trusted WLAN AAA Proxy (TWAP) (113) of the TWAN and an Access Point (AP) (111) of the TWAN, the MSK or a key derived from at least the MSK, and deriving, by the TWAN or by the AAA Server, and by the UE, from the MSK, the EMSK, or the key derived from at least the MSK or the EMSK, a key for protecting the WLCP message exchange.Corresponding devices, computer programs, and computer program products are further provided.

A system and method for securing communication across an in-vehicle bus, includes establishing a connection between a gateway in a vehicle and the in-vehicle bus; generating a session key at the gateway within the vehicle; transmitting a public key certificate and ephemeral key to the gateway and an electronic control unit of the vehicle; generating a shared secret at the gateway and the electronic control unit, respectively; encrypting the session key with the shared secret at the gateway; receiving the encrypted session key through the in-vehicle bus at the electronic control unit; and decrypting the encrypted session key based on the shared secret generated at the electronic control unit.

Techniques are described for wireless communication. A method for wireless communication at a user equipment (UE) includes performing an extensible authentication protocol (EAP) procedure with an authentication server via an authenticator. The EAP procedure is based at least in part on a set of authentication credentials exchanged between the UE and the authentication server. The method also includes deriving, as part of performing the EAP procedure, a master session key (MSK) and an extended master session key (EMSK) that are based at least in part on the authentication credentials and a first set of parameters; determining a network type associated with the authenticator; and performing, based at least in part on the determined network type, at least one authentication procedure with the authenticator. The at least one authentication procedure is based on an association of the MSK or the EMSK with the determined network type.

A method for execution by one or more processing modules of one or more computing devices of a dispersed storage network (DSN). The method begins by receiving, by a first processing module, an encoded data slice and an associated partial task. The method continues by identifying a data record associated with the encoded data slice. The method continues by generating a slice request for a data record that includes at least one additional encoded data slice not received by the first processing module and outputting the slice request to a second processing module. The method continues by receiving, by the first processing module, the at least one additional encoded data slice from the second processing module and performing the associated partial task on the encoded data slice and the at least one additional encoded data slice to produce at least partial results.

Provided are methods, corresponding apparatuses, and computer program products for a fast handover. A method comprises generating, at a source base station serving a user equipment, a first message and a second message including security information for security communication between a target base station and the user equipment after a fast handover. The method also comprises transmitting simultaneously, from the source base station, the first and second messages respectively to the target base station and the user equipment. With the claimed inventions, a fast X2 handover procedure is complemented and becomes more feasible with proposed security handlings, making it possible to decrease the service interruption during X2 handover for users and hence improve the user experiences.