A method of determining a quantitative measure of the danger (a Trust/Risk) that a select network entity poses to the security and integrity of a communications network, the method includes setting a plurality of parameters. The parameters define the degree to which various behaviors within the communications network are considered usual or anomalous. Actual behavior of the select network entity is observed by watching network traffic using network packet-collection, recording packet properties, and using the packet properties to associate a select packet with the select network entity. Self-report messages broadcast by the select network entity are also observed. The Trust/Risk of the select network entity is then determined based on a comparison of the actual behavior to the self-report message and a comparison of the actual behavior to the plurality of parameters.

Methods and systems for token transfer are described herein. A remote computing device may receive, from a mobile computing device, a public key of a public-private key pair. The public key may be associated with a first application of the mobile computing device. The first application may be configured to send credentials to a second application of the mobile computing device. The second application may be isolated from other applications executable on the mobile computing device. The remote computing device may receive, from the first application, a token. The token may have been previously issued to the first application and may have been encrypted, using the public key, by the first application. The remote computing device may send, to the second application, the token to enable the second application to authenticate with a plurality of services that interact with the second application.

Method and system consist of a mobile application installed on a mobile device with internet connection and a geographical positioning device; a remote hosting server configured with software and database; an onsite wireless communication hosting apparatus. The mobile application communicates with the remote hosting server and the onsite wireless communication apparatus. The remote hosting server and onsite wireless communication apparatus communicate and transfer data to one another, the remote hosting server communicates with third party databases via secured access and retrieves location related information requested by onsite users of the mobile device. Web users at anywhere may select a location displayed on a digital map over interface of a web application configured to the remote hosting server; access the same information and multimedia programs as onsite users; including data entered by location owners, received from third-party databases via secured connection, and uploaded from onsite wireless communication apparatus.

A non-SI device (120) is arranged for wireless communication (130) and cooperates with an SI device (110) having access to a subscriber identity. The non-SI device has a transceiver (121) to communicate in a local network and a processor (122) to establish an association with the SI. A non-SI public key is provided to the SI device via a first communication channel. A verification code is shared with the SI device via a second communication channel. The channels are different and include an out-of-band channel (140). Proof of possession of a non-SI private key is provided to the SI device via the first or the second communication channel. From the SI device, security data is received that is related to the SI and is computed using the non-SI public key. The security data reliably enables the non-SI device to access the core network via the local network and a gateway between the local network and the core network.

A non-SI device (120) is arranged for wireless communication (130) and cooperates with an SI device (110) having access to a subscriber identity. The non-SI device has a transceiver (121) to communicate in a local network and a processor (122) to establish an association with the SI. A non-SI public key is provided to the SI device via a first communication channel. A verification code is shared with the SI device via a second communication channel. The channels are different and include an out-of-band channel (140). Proof of possession of a non-SI private key is provided to the SI device via the first or the second communication channel. From the SI device, security data is received that is related to the SI and is computed using the non-SI public key. The security data reliably enables the non-SI device to access the core network via the local network and a gateway between the local network and the core network.

A wireless communication system transmits information to a communication terminal moving through a spot wireless area. In an integrated base station, an external information communication section controls communication with a server. A contents memory section stores contents received from the server. A wireless LAN communication section communicates with the communication terminal. A control section establishes connection with the communication terminal using a first connection not requiring an authentication procedure for connection with the communication terminal or using a second connection requiring the authentication procedure for connection with the communication terminal. An access control (restriction) section permits access from the communication terminal to the contents memory section and prohibits access to the server when a type of connection with the communication terminal is the first connection and permits access from the communication terminal to the contents memory section and to the server in the case of the second connection.

A wireless communication system transmits information to a communication terminal moving through a spot wireless area. In an integrated base station, an external information communication section controls communication with a server. A contents memory section stores contents received from the server. A wireless LAN communication section communicates with the communication terminal. A control section establishes connection with the communication terminal using a first connection not requiring an authentication procedure for connection with the communication terminal or using a second connection requiring the authentication procedure for connection with the communication terminal. An access control (restriction) section permits access from the communication terminal to the contents memory section and prohibits access to the server when a type of connection with the communication terminal is the first connection and permits access from the communication terminal to the contents memory section and to the server in the case of the second connection.

Example mobile devices disclosed herein include a camera, memory including computer-executable instructions, and a processor to execute the instructions to at least associate a location of the mobile device with picture data obtained with the camera. The processor is also to assign a first data tag to the picture data when the location of the mobile device corresponds to a first area, the first data tag to identify a first security level for the picture data, or assign a second data tag to the picture data when the location of the mobile device does not correspond to the first area, the second data tag to identify a second security level for the picture data. The processor is further to determine whether to permit an application to access the picture data based on whether the first data tag or the second data tag is assigned to the picture data.

Example mobile devices disclosed herein include a camera, memory including computer-executable instructions, and a processor to execute the instructions to at least associate a location of the mobile device with picture data obtained with the camera. The processor is also to assign a first data tag to the picture data when the location of the mobile device corresponds to a first area, the first data tag to identify a first security level for the picture data, or assign a second data tag to the picture data when the location of the mobile device does not correspond to the first area, the second data tag to identify a second security level for the picture data. The processor is further to determine whether to permit an application to access the picture data based on whether the first data tag or the second data tag is assigned to the picture data.

An access control system for electric vehicle charging is provided that includes an access device, a secure reservation interface, a reservation server and a smartphone application installed on the smartphone. The access device includes a short-range wireless communication module connected to a processor having control of an electric vehicle charger. The secure reservation interface receives a reservation request for a reservation at a given destination. The reservation server receives the reservation request for the destination, issues a reservation certificate, and transmits the reservation certificate from the reservation server to a smartphone. The smartphone application has access to a short range wireless communication setting corresponding to the access device. The access device receives the reservation certificate from the smartphone application based on use by the smartphone application of the short-range wireless communication setting. The processor activates the electric vehicle charger based on at least the receipt of the reservation certificate.