Systems and methods of the present disclosure enable operation authorization using a dynamic code. Embodiments includes a computing system for receiving, from an access control server, an operation authorization request to authorize an operation by an initiator, where the operation authorization request includes a user identifier associated with the operation authorization request, and a dynamic code. The computing system accesses a dynamic key embedded in a user credential associated with the user identifier and generates a recalculated dynamic code using a cryptographic algorithm and the dynamic key. The computing system authenticates the operation authorization request based on the dynamic code being equivalent to the recalculated dynamic code and returns the authentication to the access control server to authorize the operation.

Systems and methods for providing cybersecurity services by a network and for automating the provisioning of the cybersecurity services are disclosed. The system comprises a connection control function configured to receive a message in response to a request to establish a data connection from a user equipment (UE), the message including a requested CyberSecurity Control service identifier (CSC-ID) corresponding to a first security service of a plurality of security services. The CCF can interact with a cybersecurity control (CSC) function to determine, based on the requested CSC-ID, an allowed CSC-ID for the data connection, the allowed CSC-ID corresponding to a second security service of the plurality of security services; retrieve, based on the allowed CSC-ID, an operator security policy associated with the second security service. The CCF can then select and configure a network function in accordance with the retrieved operator security policy associated with the second security service.

An attack control device according to an embodiment is provided with a storage unit and one or more hardware processors configured to function as a selection unit, a determination unit, and a calculation unit. The storage unit associates and stores a normal communication data model representing a model of communication data of a normal system, with each network segment. The selection unit specifies the network segment based on the communication prediction data predicted upon execution of the attack scenario and selects the normal communication data model associated with the network segment. The determination unit determines the similarity degree between the normal communication data represented by the normal communication data model, and the communication prediction data. The calculation unit calculates an effectiveness degree of the attack scenario to be higher as the similarity degree is higher.

In one embodiment, a device inserts a watcher module between a first module and a second module in a low-code workflow. The device intercepts, via the watcher module, output data being passed by the first module to the second module. The device determines whether the output data represents a policy violation. The device blocks, via the watcher module, the output data from being input to the second module, when the output data represents a policy violation.

An information processing apparatus stores a plurality of setting values prepared for making a setting of the information processing apparatus, receives selection of one item from a user from among a plurality of items associated with a plurality of use environments, as a use environment corresponding to a first communication interface, receives selection of one item from a user from among a plurality of items associated with the plurality of use environments, as a use environment corresponding to a second communication interface, and makes a setting based on a first setting value group that is included in the plurality of setting values and corresponds to an environment selected as a use environment corresponding to the first communication interface, and a second setting value group that is included in the plurality of setting values and corresponds to an environment selected as a use environment corresponding to the second communication interface.

Provided is a method for changing, by a user equipment (UE), packet data convergence protocol (PDCP) version. The method may include: receiving a security mode command message, which includes a first security algorithm configuration for a PDCP of a first system and a second security algorithm configuration for a PDCP of a second system, from a base station (BS); deriving a first security key for the PDCP of the first system, based on the first security algorithm configuration; when the security mode command message passes an integrity protection check based on the first security key, changing the PDCP version from the PDCP of the first system to the PDCP of the second system; deriving a second security key for the PDCP of the second system, based on the second security algorithm configuration; and transmitting a security mode complete message, based on the second security key, to the BS.

This application provides an RRC connection resume method and apparatus. In the method, when a terminal moves to a target base station, the target base station may reselect, based on a capability and a requirement of the target base station, a first encryption algorithm and a first integrity protection algorithm that are used when the target base station communicates with the terminal, and send the first encryption algorithm and the first integrity protection algorithm to the terminal. On one hand, a security algorithm used for communication between the terminal and the target base station is flexibly selected. On the other hand, because the base station connected to the terminal changes, communication security can be improved by using a new encryption algorithm and integrity protection algorithm.

System and computer-implemented method for managing remote access to managed components in a cloud-based virtual computer network uses a virtual jumpbox infrastructure to establish a cryptographic network protocol connection between the virtual jumpbox infrastructure and the cloud-based virtual computer network on behalf of an user interface making a request for remote access to the cloud-based virtual computer network. After the cryptographic network protocol connection has been established, communication data between the user interface and a target managed component in the cloud-based virtual computer network is automatically moderated at the virtual jumpbox infrastructure at a data path that is not within the cryptographic network protocol connection. The automatic moderation includes at least one of inserting new information into the communication data and removing existing information from the communication data.

Methods, apparatus, and processor-readable storage media for detecting physical anomalies of a computing environment using machine learning techniques are provided herein. An example computer-implemented method includes monitoring a physical environment corresponding to at least one component of a distributed computing system using at least one sensor that is one or more of: at least partially within the at least one component and attached to the at least one component; performing, by the at least one component, a machine learning process comprising: analyzing data generated by the at least one sensor to detect one or more physical anomalies associated with the physical environment, and in response to detecting a physical anomaly, selecting at least one automated action, involving at least one additional component of the distributed computing system, to at least partially mitigate the physical anomaly; and initiating a performance of the at least one automated action.

According to one configuration, a wireless access service provider selects and assigns a particular authentication option amongst multiple different authentication options to an entity such as a wireless access point or a sub-network supported by the wireless access point. When a communication device attempts to use the corresponding wireless access point provided by the wireless access service provider, a wireless access gateway receives information from the wireless access point indicating the particular authentication option assigned to authenticate the communication device. The wireless access gateway communicates the notification of the particular authentication option to an authentication manager, which provides the wireless access gateway with network address information indicating a captive portal in which to authenticate the communication device. The wireless access gateway then uses the network address information to redirect the communication device to the captive portal, which is then used to authenticate the communication device. to access the Internet.