Systems, methods, and instrumentalities are disclosed that provide for a gateway outside of a network domain to provide services to a plurality of devices. For example, the gateway may act as a management entity or as a proxy for the network domain. As a management entity, the gateway may perform a security function relating to each of the plurality of devices. The gateway may perform the security function without the network domain participating or having knowledge of the particular devices. As a proxy for the network, the gateway may receive a command from the network domain to perform a security function relating to each of a plurality of devices. The network may know the identity of each of the plurality of devices. The gateway may perform the security function for each of the plurality of devices and aggregate related information before sending the information to the network domain.

A method of managing a file of a subscriber authenticating module embedded in a terminal device and a module for authenticating a subscriber by using the method. The method of managing the file includes configuring a file structure for one or more profiles and managing one or more files included in the file structure in response to a request. Thus, the method is efficient for a multiple-profile environment.

A method of managing a file of a subscriber authenticating module embedded in a terminal device and a module for authenticating a subscriber by using the method. The method of managing the file includes configuring a file structure for one or more profiles and managing one or more files included in the file structure in response to a request. Thus, the method is efficient for a multiple-profile environment.

A program acquisition method performed by an information processing terminal, includes calculating a degree of matching a first condition that authorizes access to a predetermined program with respect to a condition detected in relation to the information processing terminal, acquiring the predetermined program and storing the acquired predetermined program in a storage in response to the degree of matching being within a predetermined range from a first value indicating that the degree of matching satisfies the first condition, and restricting the access to the predetermined program stored in the storage until the degree of matching indicates the first value.

A method for performing initial registration is provided. The method includes receiving a server timeout message, the server timeout message including at least a field set to a value equal to a value received during a first registration. The method further includes initiating restoration procedures by performing an initial registration.

A method for performing initial registration is provided. The method includes receiving a server timeout message, the server timeout message including at least a field set to a value equal to a value received during a first registration. The method further includes initiating restoration procedures by performing an initial registration.

A method for secure pairing between a sensor and a concentrator using a mobile terminal includes generating and emitting a confirmation code by the concentrator; converting by the sensor of the confirmation code into a sequence of light signals executed by at least one light-emitting diode; converting by the mobile terminal of the sequence of light signals into a sequence code; sending the sequence code to the concentrator; comparing, by the concentrator, the sequence code and the generated confirmation code: if the sequence code does not match the generated confirmation code, generating a warning; if the sequence code matches the generated confirmation code, pairing and exchanging information between the sensor and the concentrator.

A communication method and a communications apparatus, where the method includes: after receiving an RRC resume request message from a UE, determining, by a target access network device, a first user plane security protection method between the target access network device and the UE based on a context information obtaining response from a source access network device; determining a first user plane security key between the target access network device and the UE; when receiving first uplink user plane data from the UE, performing user plane security deprotection on the first uplink user plane data based on the first user plane security key and the first user plane security protection method, to obtain uplink user plane data; and sending the uplink user plane data.

A communication method and a communications apparatus, where the method includes: after receiving an RRC resume request message from a UE, determining, by a target access network device, a first user plane security protection method between the target access network device and the UE based on a context information obtaining response from a source access network device; determining a first user plane security key between the target access network device and the UE; when receiving first uplink user plane data from the UE, performing user plane security deprotection on the first uplink user plane data based on the first user plane security key and the first user plane security protection method, to obtain uplink user plane data; and sending the uplink user plane data.

A method for preventing fraud in incentive transactions is provided that includes receiving metadata from a brand manufacturer for an incentive associated with a selected product, the metadata including a product identifier and a redemption rule. The method includes requesting a host to create a record in a distributed ledger for the incentive using the metadata, providing the incentive to a consumer via a mobile device, assigning a public address to the incentive, receiving from the host a first private key associated with the public address in the record, providing the first private key to the consumer, and receiving a second private key indicative of a redemption of the incentive at a retailer. The method includes validating redemption of the incentive and recording the redemption of the incentive at a retailer in the distributed ledger record when the redemption of the incentive is validated. A system to perform the above method is also provided.