A method provisions keys in a network of connected objects, including a plurality of such objects as well as a programming station. The nodes of the network could communicate over a main channel and over a secure auxiliary channel, distinct from the main channel. After a first phase of authentication and mutual identification with the nodes of the network, a terminal including a secure hardware element, broadcasts, in a second phase, a set of secret keys to each node, via the auxiliary channel, the set of secret keys including a first secret key intended to authenticate the nodes belonging to the network and a second secret key, intended to encrypt the exchanges over the main channel. In a third phase, the programming station performs a discovery of the nodes of the network.

The present disclosure relates to wireless communications, and more particularly to providing connectivity of a PC5 remote user equipment (UE) with UE-to-network (NW) relay access to the 5G core (5GC) via an IWF (e.g., N3IWF). In one aspect, a remote UE may be provided support for a network access stratum (NAS) connection with 5GC via an IWF. In another aspect, Access Traffic Steering, Switching and Splitting (ATSSS) support may be provided for a remote UE.

A communication network encrypts a first portion of a transaction associated with point-to-point communications using a point-to-point encryption key. A second portion of the transaction associated with end-to-end communications is encrypted using an end-to-end encryption key.

Methods for operating a device and for managing bootstrapping of devices are disclosed. The method (100) for operating a device comprises computing (102) a derivative of a secret shared between the device and a server entity of a network, generating (104) a temporary bootstrap URI by combining at least a part of the computed derivative with a static bootstrap URI for the network, and sending (106) a bootstrap request to the temporary bootstrap URI. The method for managing bootstrapping of devices comprises generating temporary bootstrap URIs corresponding to devices operable to connect to a network, and updating a network DNS registry to map the generated temporary bootstrap URIs to the IP address of at least one of a bootstrap server instance reachable via the network and/or a bootstrap load balancer. Also disclosed are a device, a bootstrap load balancer, a bootstrap server, and a computer program.

Methods for operating a device and for managing bootstrapping of devices are disclosed. The method (100) for operating a device comprises computing (102) a derivative of a secret shared between the device and a server entity of a network, generating (104) a temporary bootstrap URI by combining at least a part of the computed derivative with a static bootstrap URI for the network, and sending (106) a bootstrap request to the temporary bootstrap URI. The method for managing bootstrapping of devices comprises generating temporary bootstrap URIs corresponding to devices operable to connect to a network, and updating a network DNS registry to map the generated temporary bootstrap URIs to the IP address of at least one of a bootstrap server instance reachable via the network and/or a bootstrap load balancer. Also disclosed are a device, a bootstrap load balancer, a bootstrap server, and a computer program.

In some examples, a system includes a plurality of network controllers, a WI-FI wireless local area network (WLAN) over which at least a first network controller and a second network controller of the plurality of network controllers are to communicate, wherein a link between the first network controller and the second network controller through the WI-FI WLAN is a synchronized link.

In some examples, a system includes a plurality of network controllers, a WI-FI wireless local area network (WLAN) over which at least a first network controller and a second network controller of the plurality of network controllers are to communicate, wherein a link between the first network controller and the second network controller through the WI-FI WLAN is a synchronized link.

A subscriber identity module (eUICC), comprises profiles for the utilization of a mobile terminal that include at least a first profile and at least a second profile, of which the second profile (Pr1, Pr2) is devised as an active profile. The first profile is designed as a root profile (PrR) which in a normal state of the subscriber identity module is in an inactive state, and which is devised to be activated in response to an authentication command (AUTHENTICATE) received at the subscriber identity module. The authentication command is specially parameterized for the root profile (PrR) with a specific root value of the network parameter (P2) to be activated during a change-over period. The initially active second profile (Pr1, Pr2) is deactivated during the change-over period. After the end of the change-over period, the first profile (PrR) is again deactivated and the second profile (Pr1, Pr2) is again activated.

A subscriber identity module (eUICC), comprises profiles for the utilization of a mobile terminal that include at least a first profile and at least a second profile, of which the second profile (Pr1, Pr2) is devised as an active profile. The first profile is designed as a root profile (PrR) which in a normal state of the subscriber identity module is in an inactive state, and which is devised to be activated in response to an authentication command (AUTHENTICATE) received at the subscriber identity module. The authentication command is specially parameterized for the root profile (PrR) with a specific root value of the network parameter (P2) to be activated during a change-over period. The initially active second profile (Pr1, Pr2) is deactivated during the change-over period. After the end of the change-over period, the first profile (PrR) is again deactivated and the second profile (Pr1, Pr2) is again activated.

Embodiments herein provide a method for handling a user plane by a UE configured for dual connectivity operation. The method includes receiving a RRC reconfiguration message including one or more Layer 2 indications and a Layer 2 configuration corresponding to one or more radio bearers from one of a MN and a SN involved in a dual connectivity operation of the UE. Further, the method includes performing, by the UE, one of: reestablishing of a RLC entity and a data recovery procedure for a PDCP entity corresponding to the radio bearer based on the one or more Layer 2 indications and the Layer 2 configuration received in the RRC reconfiguration message, and reestablishing of a RLC entity and reestablishing of a PDCP entity corresponding to the radio bearer based on the one or more Layer 2 indications and the Layer 2 configuration received in the RRC reconfiguration message.