A communication system may include a first radio frequency (RF) device configured to generate a Bluetooth Low Energy (BLE) advertisement responsive to an input event, transmit the BLE advertisement in a BLE advertisement burst comprising a number of transmissions in at least one BLE advertising channel, and discontinue transmission of the BLE advertisement after transmission of the BLE advertisement burst. The system may further include a second RF device configured to scan for the BLE advertisement in the at least one BLE advertising channel, and communicate with the first RF device over a BLE data channel responsive to receiving the BLE advertisement.

A hollow core fiber (HCF) link is characterized by structural properties selected to support and sustain light propagation in a fundamental mode and in at least one higher-order mode. Connected to a proximal end of the HCF link, there is a mode coupler configured to couple a data signal into the fundamental mode and to couple an obfuscating signal into the at least one higher-order mode for simultaneous propagation of the data signal and the obfuscating signal on the HCF link, where the obfuscating signal substantially overlaps the data signal in spectral content. At a distal end of the HCF link, there is a mode splitter configured to split a first optical signal detected in the fundamental mode from a second optical signal detected in the at least one higher-order mode.

A method for link layer authentication includes receiving, at an edge network access node, a link layer authentication packet from a client, seeking network access, using a remote NAS agent running on the edge network access node. The method transmits, using a tunneling connection, the link layer authentication packet to a remote NAS in a link layer authentication process. The link layer authentication process exchanges the link layer authentication packet with an authentication server to authenticate the client. The method includes receiving a link layer authentication packet from the remote NAS over the tunneling connection. The received link layer authentication packet includes a response from the authentication server regarding the transmitted link layer authentication packet. The method includes transmitting the received link layer authentication packet to the client and, in response to link layer authentication packets resulting authorization, authorizing the client for network access through the edge network access node.

A control system of an electric power distribution system includes processing circuitry and a memory having instructions that, when executed by the processing circuitry, cause the processing circuitry to perform operations that include receiving an indication of a profile, generating a connectivity association key (CAK) based on the profile, distributing a copy of the CAK to a device of the electric power distribution system, and establishing a connectivity association with the device in accordance with the profile based on a verification that the device possesses the copy of the CAK.

An intelligent electronic device (IED) includes memory and a processor operatively coupled to the memory. The processor is configured to establish, over a communication network of a power system, a communication link according to a media access control security (MACsec) Key Agreement (MKA). The TED receives a plurality of access control secure association keys (SAKs) via the communication link. The TED receives one or more checked-out SAKs indicating a request to access the TED The TED allows access based on the one or more checked-out access control SAKs matching at least one of the plurality of access control SAKs.

Methods for operating a UE, a network node, a Session Management Function (SMF) and a Unified Data Management (UDM) are disclosed. The methods include transmitting, by a UE, a Protocol Data Unit (PDU) Session Establishment Request message toward an SMF in the communication network (902A), and receiving at the UE a policy decision on security protection of User Plane (UP) data terminating in a RAN for the PDU Session (904A). The policy decision received at the UE may be in accordance with a UP security policy provided by the SMF to the RAN during PDU Session Establishment. Also disclosed are a UE, network node, SMF and UDM.

The present disclosure relates to a 5th generation (5G) or pre-5G communication system for supporting a higher data transmission rate after a 4th generation (4G) communication system such as long-term evolution (LTE). According to various embodiments of the present disclosure, according to various embodiments of the present disclosure, an operating method of a network exposure function (NEF) in a wireless communication system is provided. The method includes receiving a Nnef_EventExposure_subscribe request message including a first non-subscription registration identifier (ID) from an application function (AF), transmitting a Namf_EventExposure_subscribe request message including the first non-subscription registration ID to a default unified data management (UDM), receiving a Namf_EventExposure_subscribe response message including a subscription correlation ID from the default UDM, transmitting a Nnef_EventExposure_subscribe response message including the subscription correlation ID to the AF, receiving a Namf_EventExposure_Notify message including a second non-subscription registration ID from the default UDM, and transmitting a Nnef_EventExposure_Notify message including the second non-subscription registration ID to the AF.

In some examples, a system includes a router device and a first adapter device in communication with the router device. The first adapter device includes processing circuitry configured to: communicate with the router device, wherein the router device is incapable of communicating in accordance with the MACsec protocol. The processing circuitry is further configured to establish an encrypted connection in accordance with the MACsec protocol between the first adapter device and a remote device, determine that the encrypted connection is offline, and output a message to the router device that the encrypted connection is offline. The router device is configured to communicate with the remote device via a second adapter device configured to communicate in accordance with the MACsec protocol and bypass the first adapter device.

Techniques for increasing security for pre-authenticated links are disclosed herein. Computing systems that generate pre-authenticated links are configured to assign an entity identifier to pre-authenticated links to specify an entity permitted to access respective data through the pre-authenticated link. When activating a respective pre-authenticated link, an entity attaches an entity token to the request to prove an identity of the requesting entity. If the identity from the entity token matches the entity identifier, the computing system may grant access to the respective data.

A method includes establishing a multi-link security association between a transmitter upper Media Access Control (MAC) logic entity of a transmitter and a receiver upper MAC logic entity of a receiver. The transmitter includes one or more transmitter links. The receiver includes one or more receiver links.