A mobile device can detect an idle state and, in response, initiate an access monitoring function to covertly monitor activity involving a human interaction with the mobile device. The covert monitoring is undetectable by a user of the mobile device. The mobile device can then detect a human interaction with the mobile device and, in response, cause the mobile device to covertly capture and log one or more human interactions with the mobile device. An authorized user of the mobile device is enabled to review the log of human interactions with the mobile device.

A method and a User Equipment, UE (120) for detecting that the UE has received a fraudulent missed call, e.g. from a non-legitimate device (150). When receiving a missed call which is ended before a user of the UE has answered the incoming call, the UE determines the duration of the missed call, and indicates, e.g. to a user of the UE, the 5 duration of the missed call. The missed call may be determined as potentially fraudulent if the duration of the missed call is below or equal to a predetermined threshold.

Technical problems and their solution are disclosed regarding the location of mobile devices requesting services near a site from a server. Embodiments adapt and/or configure the transmitting device near the site, the mobile device communicating with the transmitting device using a short haul wireless communications protocol to deliver a token based upon a key shared with the server but invisible to the mobile device. The server can determine the proximity of the mobile device to the site to control actuation of the requested service or disable the service request, and possibly flushing the service request from the server. Solutions are disclosed for traffic intersections involving one or more traffic lights, elevators in buildings, fire alarms in buildings and valet parking facilities.

Apparatuses, methods, and systems are disclosed for using a pseudonym for access authentication over non-3GPP access. One apparatus includes a processor and a transceiver that communicates with a mobile communication network using a 3GPP access network and a non-3GPP access network. The processor sends a registration message to a first network function in the mobile communication network via the 3GPP access network, the first authentication message comprising a first indicator and a SUCI for the apparatus, wherein the first indicator comprises an indication that the apparatus has the capability for access authentication for non-3GPP access in an EPS. The processor receives a first identity pseudonym for the apparatus in response to the registration message comprising the first indicator and performs access authentication via a non-3GPP access network using the first identify pseudonym.

Methods, system, and non-transitory processor-readable storage medium for distributed and multi-level server authentication are provided herein. An example method includes receiving, by a plurality of second servers, a plurality of authentication secret slices, where a first server transmits each of the plurality of authentication secret slices to a respective second server of the plurality of second servers, receiving, by the first server, an authentication confirmation from each of the plurality of second servers and confirming, by the first server to a client, that an authentication request has succeeded.

System and methods for communication in a disconnected, intermittent, and limited (DIL) environment are disclosed and include receiving first data generated in the DIL environment at a cloud-in-a-box (CIB) appliance, processing the first data at the CIB appliance, determining that additional processing of the first data is required based on processing the first data at the CIB appliance, assigning a first priority level to the first data in response to determining that additional processing is required, wherein the first priority level is based on at least one of a user input, a predetermined criteria, or a prioritization machine learning model output, establishing a connection with a local area cloud component within the DIL environment, and transmitting a request for additional processing of the first data based on the first priority level.

An in-vehicle communication network of a vehicle is monitored. An illicit signal is detected on the in-vehicle communication network. Whether the illicit signal satisfies a threshold severity condition is determined. A denial of service (DoS) operation with respect to at least part of the in-vehicle communication network is performed responsive to determining that the illicit signal satisfies the threshold severity condition.

Provided is a method for erasing security-relevant information in a device, having the method steps of: ascertaining at least one movement parameter of the device over time, monitoring the ascertained movement parameters over time on the basis of at least one prescribed movement pattern, and triggering an erase process for the security-relevant information if the ascertained movement parameter over time is consistent with the at least one prescribed movement pattern. An apparatus and a computer program product for carrying out the method to ensure that security-relevant data of the device are erased reliably and completely even in the event of an accident or another unforeseen event is also provided.

Provided is a method for erasing security-relevant information in a device, having the method steps of: ascertaining at least one movement parameter of the device over time, monitoring the ascertained movement parameters over time on the basis of at least one prescribed movement pattern, and triggering an erase process for the security-relevant information if the ascertained movement parameter over time is consistent with the at least one prescribed movement pattern. An apparatus and a computer program product for carrying out the method to ensure that security-relevant data of the device are erased reliably and completely even in the event of an accident or another unforeseen event is also provided.

This application discloses a data analysis method and an apparatus. The method includes: A data analysis network element sends a first request message to a security network element, where the first request message is used to request to perform security detection on first data, and the first data is data for which the data analysis network element performs data analysis on a specified data analysis type. The data analysis network element generates or updates, based on a security detection result, a data analysis result corresponding to the data analysis type. According to the method in this application, the security network element may perform security detection on the first data, and separate abnormal data from the first data, so that the data analysis network element can establish a model based on data other than the abnormal data, to improve accuracy of the model and improve accuracy of the data analysis result.