Systems and methods for providing cybersecurity services by a network and for automating the provisioning of the cybersecurity services are disclosed. The system comprises a connection control function configured to receive a message in response to a request to establish a data connection from a user equipment (UE), the message including a requested CyberSecurity Control service identifier (CSC-ID) corresponding to a first security service of a plurality of security services. The CCF can interact with a cybersecurity control (CSC) function to determine, based on the requested CSC-ID, an allowed CSC-ID for the data connection, the allowed CSC-ID corresponding to a second security service of the plurality of security services; retrieve, based on the allowed CSC-ID, an operator security policy associated with the second security service. The CCF can then select and configure a network function in accordance with the retrieved operator security policy associated with the second security service.

In a wireless communication network, an Edge Enablement Client (EEC) in a UE Gateway (GW) exchanges EDGE-5 signaling with a user app and exchanges EDGE-1 signaling with a Gateway Enablement Server (GES) in the GW. The GES exchanges EDGE-9 signaling with an Edge Enablement Server (EES) in an Edge Data Network (EDN) and exchanges EDGE-3 signaling with a Gateway Application Server (GAS) in the GW. The GAS exchanges user data between the user app and an Edge Application Server (EAS) in the EDN responsive to the EDGE-3 signaling. The EES exchanges additional EDGE-3 signaling with the EAS. The EAS exchanges the user data between the GAS and a network core responsive to the additional EDGE-3 signaling. The core exchanges the user with the AS and transfers network information for the exchange to a Digital Ledger (DL) node. The DL node determines trust based on the network information.

A security platform of a data network is provided that includes security services for computing devices in communication with the data network. The security platform may apply a security policy to the computing devices when accessing the Internet via a home network (or other customer network) and when accessing the Internet via a public or third party network. To provide security services to computing devices via the home network, the security platform may communicate with a security agent application executed on the router (or other gateway device) of the home network. In addition, each of the devices identified by the security profile for the home network may be instructed or otherwise be provided a security agent application for execution on the computing devices. The security agent application may communicate with the security platform when the computing device connects to the Internet over a third party or public access point.

Secure, distributed radio access networks are enabled, e.g., to facilitate network resilience and security. For instance, a device can comprise a processor, and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising: in response an event being determined to have occurred that affects operation of a primary radio access network, activating an alternate radio access network via a group of mobile devices and re-routing communications from being communicated via a fixed location radio access network equipment of the primary radio access network to being communicated via the group of mobile devices of the alternate radio access network.

Some embodiments of the invention provide a novel method for managing layer four (L4) ports associated with a machine executing on a host computer. The method collects a set of contextual attributes relating to applications executing on the machine. It then analyzes the collected contextual attributes to identify at least one L4 port that has to have its status modified. Next, it modifies the status of the identified L4 port. In some embodiments, the status of an L4 port can be either open or closed, and the modification can open a closed port or close an open port. In some embodiments, the method is performed when the machine starts up on the host computer, performed each time a new application is installed on the machine, performed periodically to close unused L4 ports, and/or performed periodically to close L4 ports that should not be open based on a set of L4-port control policies.

In some embodiments, the present disclosure is directed to an exemplary process including: displaying, by a processor of a computing device, an access controller interface element and an access code on a screen of the computing device; where the access controller interface element is: communicatively coupled to a cellular network hosted access controlling schema and operationally linked to an access-restricted digital resource; transmitting, by the processor of the computing device, in response to the at least one activity, an access request having data that includes: the access code and an identity linked to the computing device; where at least one part of the data is configured to be accepted by the cellular network hosted access controlling schema; accessing, by the processor of the computing device, the access-restricted digital resource after the at least one part of the data has been accepted by the cellular network hosted access controlling schema.

Technologies are shown for trust delegation that involve receiving a first request from a subject client and responding by sending a first token having first permissions to the subject client. A second request from a first actor includes the first token and responding involves linking the first actor to the subject client in a trust stack and sending a second token to the first actor with second permissions, the second token being a first complex token that identifies the subject client and the first actor. A third request from a second actor includes the second token and responding to the third request involves linking the second actor to the first actor in the trust stack, and sending a third token to the second actor partner with third permissions, the third token being a second complex token that identifies the first actor and the second actor.

Provided is an apparatus for managing user authentication in a blockchain network and the apparatus comprises a processor configured to transmit, to a server, a request for a snapshot identifier (ID) with user data comprising at least one of one-time password, biometric data, context data, routine data, or device metadata, receive the snapshot ID generated based on the user data, initiate a transaction with the snapshot ID in the blockchain network comprising a blockchain server which authenticates the snapshot ID, and output blockchain transaction data associated with the transaction based on the authentication of the snapshot ID.

Described embodiments provide systems and methods for context aware frictionless authentication. A server may determine authentication method information, contextual scores and contextual weights of a device, in connection with a user request to access a resource via the device. The authentication method information may include a weight and a completion duration for each of a plurality of authentication methods available via the device. The server may determine an authentication score for each of the plurality of authentication methods using the authentication method information, the contextual scores and the contextual weights of the device. The server may identify a first authentication method from the plurality of authentication methods, according to the determined authentication score. The server may authenticate the user request via the first authentication method using a first device that supports the first authentication method.

A system controller for use in a videoconferencing system having multiple videoconferencing rooms each including a videoconferencing codec, includes a communication interface in communication with a videoconferencing codec located in the same videoconferencing room as the system controller, a memory configured to store information about the videoconferencing room in which the system controller is located, and a processor configured to execute computer-executable instructions stored in the memory to receive one or more commands transmitted by a mobile computing device in response to determining whether a videoconferencing room in which the system controller is located is within a defined proximity of the mobile computing device. The processor is configured to control, via the communication interface, the videoconferencing codec located in the same videoconferencing room as the system controller, according to the one or more commands to establish or control a videoconference in the same videoconferencing room.