A method and system for managing shared use of an asset. An asset device and an owner device accomplish an initial setup procedure to register the owner with the asset. One or more secure policies are then sent from the owner device, or another device authorized to create policies, to one or more user devices. The policies express user conditions and limitations for using the asset. Subsequently, the user device transmits the secure policy to the asset device. Once the policy has been transferred from the user device to the asset device, user associated with the user device can request use of the asset and will be granted the requested use if the requested use is permitted by the policy.

The present disclosure relates to a 5th (5G) generation or pre-5G communication system for supporting a higher data transmission rate beyond a 4th (4G) generation communication system such as long term evolution (LTE). The present disclosure is to process policy and parameter information for providing a service in a wireless communication system, and an operating method of a base station may include obtaining mapping information of service quality related to direct communication between a first system and a second system, and switching between the quality of service of the first system and the quality of service of the second system using the mapping information.

The invention provides methods, systems and computer program products for implementing an electronic payment transaction between mobile communication device and a NFC enabled merchant device, both of which are configured to implement a defined communication protocol. The invention implements the required functionality by (i) receiving a request for a trust token from a merchant device, (ii) determining whether the merchant device is trustworthy, (iii) responsive to a determination that the merchant device is trustworthy, generating and transmitting a first displayable trust token to the merchant device, (iv) receiving a second displayable token from the mobile communication device, (v) comparing the received second displayable token against the first displayable token, and generating a merchant device validation message based on the comparison, and (vi) transmitting the merchant validation decision message to the mobile communication device.

Systems, computer program products, and methods are described herein for dynamic communication channel switching for secure message propagation. The present invention may be configured to receive wireless signals from a plurality of devices and identify, from the plurality of devices and based on the wireless signals, a trusted device. The present invention may be configured to receive, from another device, a secure message, where the secure message includes information identifying a vulnerability in a network to which the trusted device is connected. The present invention may be configured to establish, based on receiving the secure message and using a first wireless communication interface, a communication link with a second wireless communication interface of the trusted device to establish a wireless data channel with the trusted device and transmit, via the wireless data channel, the secure message to the trusted device.

An Authorization Verification Service (AVS) is disclosed that may be provided by an IoT/M2M service layer to registrants of the service layer for Dynamic Context Aware Authorization. The AVS may allow the IoT/M2M service layer entities to define dynamic limits for authorizing access to services or data. The limits may be set, for example, in terms of the number of allowed accesses. When an IoT/M2M registrant makes a request for data or services for which it has dynamic context aware authorization, the AVS may maintain records of the remaining accesses available.

An Authorization Verification Service (AVS) is disclosed that may be provided by an IoT/M2M service layer to registrants of the service layer for Dynamic Context Aware Authorization. The AVS may allow the IoT/M2M service layer entities to define dynamic limits for authorizing access to services or data. The limits may be set, for example, in terms of the number of allowed accesses. When an IoT/M2M registrant makes a request for data or services for which it has dynamic context aware authorization, the AVS may maintain records of the remaining accesses available.

Methods, systems, and computer readable media for rogue device detection are described. A method may include identifying a device type of a device transmitting data over a network and obtaining one or more uniform resource locators (URLs) from the data, where the one or more URLs form a portion of a request transmitted over the network by the device. The method can also include programmatically analyzing the data to determine a pattern of network data within a given time period. The method can further include determining that the device is a rogue device if the pattern of network data deviates from a baseline pattern of the device type, or at least one of the one or more URLs matches one or more rogue URL criteria. The method can also include taking an action in response to determining the device is a rogue device to improve security of the network.

Methods, systems, and computer readable media for rogue device detection are described. A method may include identifying a device type of a device transmitting data over a network and obtaining one or more uniform resource locators (URLs) from the data, where the one or more URLs form a portion of a request transmitted over the network by the device. The method can also include programmatically analyzing the data to determine a pattern of network data within a given time period. The method can further include determining that the device is a rogue device if the pattern of network data deviates from a baseline pattern of the device type, or at least one of the one or more URLs matches one or more rogue URL criteria. The method can also include taking an action in response to determining the device is a rogue device to improve security of the network.

A method for establishing and maintaining a security policy for a device can include establishing a secure channel between a secure execution environment (SEE) operating on the device and a security entity external to the device. The method can also include configuring, by a security manager executing on the SEE, access to sensitive operations of an environment interactor coupled to the device based on a security policy provided from the security entity. The method can further include resetting, by the security manager, a secure watchdog timer in response to a reset authorization token provided from the secure entity. If the secure watchdog timer expires a given predetermined number of times since a last reset authorization token is received, the security manager executes a given prescriptive operation dictated by the security policy.

A method and apparatus for resuming only signaling radio bearers (SRBs) in a wireless communication system is provided. A wireless device triggers a signaling while the wireless device is in a radio resource control (RRC) inactive state, and resumes only SRB and transmits a message 3 (MSG3) of a random access procedure to a network when an early data transmission (EDT) triggering condition for transmission via the MSG3 is fulfilled. The MSG3 includes the signaling.