A method of performing a virtual network function. The method comprises forking a user plane process on a computer by a virtual network function process that executes on the computer, forking a control plane process on the computer by the virtual network function process, adding blocks to a user plane blockchain by the user plane process that record user plane events, adding blocks to a control plane blockchain by the control plane process that record control plane events, creating a first package of information by the user plane process based on the user plane blockchain, self-terminating by the user plane process while passing the first package of information to the virtual network function process, creating a second package of information by the control plane process based on the control plane blockchain, self-terminating by the control plane process while passing the second package of information to the virtual network function process.

An emergency reporting system for a vehicle includes a server memory, an acquisition control processor, and first and second authentication processors. The server memory holds personalized emergency data regarding an occupant to be on board the vehicle or access data to the personalized emergency data. The acquisition control processor makes acquirable the personalized emergency data or the access data held in the server memory regarding the occupant on board the vehicle in which an emergency situation is detected by a detector of the vehicle, in a case where a server apparatus receives an emergency report from the vehicle in which the emergency situation is detected, and at least a combination of the occupant and the vehicle is authenticated by the second authentication processor.

Techniques are disclosed for managing uplink data transmission associated with user equipment during authentication/authorization of the user equipment when establishing a data network connection through a communication network.

Techniques are disclosed for managing uplink data transmission associated with user equipment during authentication/authorization of the user equipment when establishing a data network connection through a communication network.

Techniques are disclosed for security management during an onboarding process for user equipment. For example, from a perspective of an onboarding network, a method comprises authenticating, via the onboarding network, user equipment based on an onboarding record previously configured for the user equipment or a set of user equipment and maintained by the onboarding network. Upon successful authentication, a communication session is established from the onboarding network to a provisioning server for remote provisioning of the user equipment. Advantageously, the onboarding process is performed without a default credential server.

Techniques are disclosed for security management during an onboarding process for user equipment. For example, from a perspective of an onboarding network, a method comprises authenticating, via the onboarding network, user equipment based on an onboarding record previously configured for the user equipment or a set of user equipment and maintained by the onboarding network. Upon successful authentication, a communication session is established from the onboarding network to a provisioning server for remote provisioning of the user equipment. Advantageously, the onboarding process is performed without a default credential server.

An occupant-dependent setting system for a vehicle includes a setting processor, a server apparatus including a server memory, and first and second authentication processors. On the condition that the occupant is authenticated by the first authentication processor, the second authentication processor acquires, from the vehicle, data regarding the occupant and data regarding the vehicle, and authenticates a combination of the occupant and the vehicle. On the condition that the combination of the occupant and the vehicle is unauthenticatable by the data regarding the occupant and the data regarding the vehicle, the second authentication processor authenticates the combination of the occupant and the vehicle, by a combination of account data regarding the occupant and the vehicle. The account data is held by an occupant terminal of the occupant on board the vehicle to make access to the server apparatus.

A vehicle setting system includes an occupant data acquisition processor, a server apparatus including a provisional generation processor, a provisional acquisition processor, and a setting processor. The occupant data acquisition processor acquires or estimates physical data regarding an occupant on board the vehicle, at least in a case with absence of a setting value for the occupant held in a vehicle memory of a vehicle. The provisional generation processor acquires the physical data regarding the occupant, and generates a provisional setting value for the relevant occupant. The provisional acquisition processor acquires the provisional setting value. The setting processor records, in a vehicle memory of the vehicle, the provisional setting value as the setting value for the occupant, and provides the vehicle with setting of the provisional setting value.

Embodiments may include a user equipment (UE) configured to obtain a Mobile Subscriber Identification Number (MSIN) from an International Mobile Subscriber Identity (IMSI) of the UE, encrypt the MSIN to generate a Subscription Concealed Identifier (SUCI) in a Network Access Identifier (NAI) format, and send the SUCI to the non-3GPP access network for authentication of the UE, and a network element of a home 3GPP network configured to receive, by a 5G Non-seamless WLAN Offload (NSWO) Function, an authentication request including the SUCI from the non-3GPP access network, determine, by the 5G NSWO Function, based on the SUCI, that the UE should be authenticated by an authentication function of the home 3GPP network, and provide the authentication request including the SUCI to the authentication function of the home 3GPP network for processing based on the determination that the UE should be authenticated by the authentication function.

Embodiments may include a user equipment (UE) configured to obtain a Mobile Subscriber Identification Number (MSIN) from an International Mobile Subscriber Identity (IMSI) of the UE, encrypt the MSIN to generate a Subscription Concealed Identifier (SUCI) in a Network Access Identifier (NAI) format, and send the SUCI to the non-3GPP access network for authentication of the UE, and a network element of a home 3GPP network configured to receive, by a 5G Non-seamless WLAN Offload (NSWO) Function, an authentication request including the SUCI from the non-3GPP access network, determine, by the 5G NSWO Function, based on the SUCI, that the UE should be authenticated by an authentication function of the home 3GPP network, and provide the authentication request including the SUCI to the authentication function of the home 3GPP network for processing based on the determination that the UE should be authenticated by the authentication function.