A method and apparatus for supporting security in a radio resource control (RRC) inactive state in a wireless communication system is provided. A user equipment (UE) receives information on multiple security variables, of which each variable is mapped to each of multiple counter values, respectively. The UE calculates a security parameter and/or updating a UE identifier (ID) based on a security variable among the security variables which is mapped to a corresponding counter value among the multiple counter values, and transmits a radio resource control (RRC) resume request message including the calculated security parameter and/or the updated UE ID. The counter value may be increase whenever a timer expires or an RRC reject message is received as a response to the RRC resume request message.

A service management system communicates via wide area network with gateway devices located at respective user premises. The service management system remotely manages delivery of application services, which can be voice controlled, by a gateway, e.g. by selectively activating/deactivating service logic modules in the gateway. The service management system also may selectively provide secure communications and exchange of information among gateway devices and among associated endpoint devices. An exemplary service management system includes a router connected to the network and one or more computer platforms, for implementing management functions. Examples of the functions include a connection manager for controlling system communications with the gateway devices, an authentication manager for authenticating each gateway device and controlling the connection manager and a subscription manager for managing applications services and/or features offered by the gateway devices. A service manager, controlled by the subscription manager, distributes service specific configuration data to authenticated gateway devices.

An access control system includes a mobile library on a mobile device operable to communicate with the credential service, the mobile library operable to receive the credential from the credential service and a credential module for an access control, the credential module operable to receive virtual card data from the credential, the virtual card data usable to operate the access control.

A blockchain network management system implements an associated method comprising the steps of: a) providing a blockchain network configured for providing individual blockchain users with access to a blockchain; b) providing individual blockchain users with a smartphone having a GPS receiving unit associated with a communications network and with a biometric user identification technology coupled to the smartphone; c) identifying an individual blockchain user with the biometric user identification technology by obtaining biometric characteristics that are unique to each human via the communications network; d) authenticating the individual blockchain user's identity and geolocation in an authentication network coupled to the communications network; and e) providing access of authenticated individual blockchain users to the individual blockchain. The blockchain network management system further includes tokens issued to individual authenticated users for providing access to the individual blockchain.

A blockchain network management system implements an associated method comprising the steps of: a) providing a blockchain network configured for providing individual blockchain users with access to a blockchain; b) providing individual blockchain users with a smartphone having a GPS receiving unit associated with a communications network and with a biometric user identification technology coupled to the smartphone; c) identifying an individual blockchain user with the biometric user identification technology by obtaining biometric characteristics that are unique to each human via the communications network; d) authenticating the individual blockchain user's identity and geolocation in an authentication network coupled to the communications network; and e) providing access of authenticated individual blockchain users to the individual blockchain. The blockchain network management system further includes tokens issued to individual authenticated users for providing access to the individual blockchain.

A method for a multi-factor authentication, the method receives results of an initial authentication of a user. Responsive to confirming the initial authentication, an image of a secondary set of authentication options is presented. An option selection is received from the user, wherein the selection is determined by tracking eye movement of the user over the image that includes the set of second factor authentication options. User facial activity is tracked corresponding to the selection made from the secondary set of authentication options. The monitored facial activity is compared to a pre-established authentication condition to determine whether a match exists with the selected secondary set of authentication options, and responsive to facial activity monitored matching the authentication condition pre-established by the user and corresponding to the selection made from the secondary set of authentication options, authentication of the user is confirmed.

A method for a multi-factor authentication, the method receives results of an initial authentication of a user. Responsive to confirming the initial authentication, an image of a secondary set of authentication options is presented. An option selection is received from the user, wherein the selection is determined by tracking eye movement of the user over the image that includes the set of second factor authentication options. User facial activity is tracked corresponding to the selection made from the secondary set of authentication options. The monitored facial activity is compared to a pre-established authentication condition to determine whether a match exists with the selected secondary set of authentication options, and responsive to facial activity monitored matching the authentication condition pre-established by the user and corresponding to the selection made from the secondary set of authentication options, authentication of the user is confirmed.

Methods, systems, and storage media for delivering radio applications to reconfigurable radio equipment (RE) for installation and implementation are described. In embodiments, an RE may transmit a request for a radio application (RA) to a RadioApp Store. The RE may receive the requested RA from the RadioApp Store when the RA is verified as being compatible with the RE and when implementation of the RA by the RE is authorized by a Declaration of Conformity (DoC) associated with the RE and/or the RA. The RE may install the RA when the DoC authorizes installation of the RA based on one or more other RAs implemented by the RE. Other embodiments may be described and/or claimed.

Methods and devices for provisioning a secure application on an electronic device with first issuer data for a first issuer are described. In an embodiment, the provisioning system receives and stores first issuer records. The example provisioning system receives a provisioning request to provision the secure application with the first issuer data. The provisioning request includes identifying information. The example provisioning system evaluates the provisioning request based on at least one of the first issuer evaluation criteria, the first issuer records and the identifying information in the provisioning request. When the provisioning request satisfies the first issuer evaluation criteria, the example provisioning system generates a signal using the communication module to provide the first issuer data to the electronic device to provision the secure application on the electronic device.

A method performed by a system includes instantiating a vulnerability-risk-threat (VRT) service for a security edge protection proxy (SEPP) element of a 5G telecommunications network. The system intercepts and parameterizes network traffic of the SEPP element to identify network functions (NFs) or associated services that requires cybersecurity protection and selects security resources for protecting the identified NFs or associated services. The system prioritizes an NF or associated service that is most frequently used (MFU) or most recently used (MRU) and then allocates the security resources in accordance with the prioritization.