A secured device including a security hardware module and a method thereof are provided. The secured device generates first user authentication information based on a user input, generates encryption key generation information corresponding to the first user authentication information, receives second user authentication information from an electronic device, and transmits to the electronic device the encryption key generation information corresponding to the first user authentication information when the second user authentication information matches the first user authentication information. The first user authentication information and the encryption key generation information are secured by the security hardware module.

An apparatus comprises a memory unit, and a control unit connected to the memory unit. The apparatus can be configured to interface at least one access node; the control unit is configured to derive at least one local level security key within an established security context for a terminal, forward the derived local security key to at least one access node, and detect failures in a handover for a terminal being served by a first access node towards a second access node. The failures concern the interface between the apparatus and the second access node. In response to a verified trigger condition, the control unit can re-adjust local level security keys with keys maintained at the terminal within the established security context.

The invention relates to a method and devices for mutual communication between devices, and to computer programs enabling such communication. According to the invention, in a first device is controlled a transmitter module operable in a local radio communications network to transmit a sequence of radio signal pulses representing a predetermined code. In at least one second device a receiver module is scanning said local radio communications network to detect said predetermined code. A contact network of the user of said at least second device is accessed, and the predetermined code is checked in the second device against the user's contact network for a match stored in the network profiles for the contacts. Then a validation key is fetched, that relates to a matching contact found in said contact network, and a connection establishment request containing the validation key is sent over said local radio communications network from the second device to the first device. Thus the origin of the connection establishment request is validated in the first device.

Systems and methods are provided for securing a private key on a mobile device for use with public key cryptography. Specifically, a private key is reduced to two partial keys where the partial keys are stored on separate electronic devices. The partial keys combine to temporarily regenerate the private key for the purposes of notarizing (digitally signing) messages or documents, and decrypting a message or document that was encrypted using the corresponding public key. The partial keys in some embodiments may be a secret key, which can be derived from an account identifier and a password, and an exclusive key, which can be derived from the secret key and the private key. The private key can be regenerated from the secret key and the exclusive key. With the partial keys stored on separate devices, another layer of practical security is provided to public key cryptography.

Techniques for configuring a device with a security context using a security context distribution service are provided. One embodiment receives, from a first device operating on a first network, a request for a security context for the first device, where the request includes a public certificate for the first device. The request is decrypted, and the public certificate is validated. A set of device requirements are determined based on a unique identifier for the first device and device claim information associated with the first device. Embodiments generate a response message that contains at least one Transport Layer Security (TLS) certificate associated with the first network, based on the set of device requirements, where the response message is encrypted using a public key associated with the first device. The response is message is transmitted to the first device.

Example on-demand driver (ODD) systems and methods are described herein. An example method includes generating, with an ODD system, a softkey for a vehicle associated with an agreement between a driver-in-need (DIN) and an ODD, monitoring, with the ODD system, a location of an ODD device carried by the ODD, and transmitting, with the ODD system, the softkey to the ODD device when the ODD device is detected as being within a proximity of the vehicle. In the example method, the softkey is used to unlock the vehicle.

Example on-demand driver (ODD) systems and methods are described herein. An example method includes generating, with an ODD system, a softkey for a vehicle associated with an agreement between a driver-in-need (DIN) and an ODD, monitoring, with the ODD system, a location of an ODD device carried by the ODD, and transmitting, with the ODD system, the softkey to the ODD device when the ODD device is detected as being within a proximity of the vehicle. In the example method, the softkey is used to unlock the vehicle.

Apparatuses, methods, and systems are disclosed for providing enhanced QoS via a non-3GPP access network. One apparatus includes a transceiver communicates with a gateway function in a non-3GPP access network. The apparatus includes a processor that receives a create security association request for each of at least one security association. Here, each create security association request includes additional QoS information for the security association. The processor reserves, for each create security association request, at least one access resource in the access network based on the additional QoS information and sends a create security association response to the gateway function for each create security association request, each create security association response indicating whether the corresponding security association is accepted.

A message authentication and communication method for a communication network system comprises: the access control device receiving a communication establishment request sent by the first mobile apparatus; the access control device sending a communication mutual authentication request to the authentication server in response to the communication establishment request; the access control device receiving a mutual authentication response message sent by the authentication server in response to the communication mutual authentication request; the access control device authenticating the mutual authentication response message; when the mutual authentication response message is authenticated successfully, the access control device sending a mutual authentication message to the first mobile apparatus. And the hash chain mechanism and the access control device are used in conjunction with the authentication server to implement the distribution and decentralization of authentication functions, thereby reducing the load of the authentication server and improving the efficiency of authentication.

The disclosure relates to a communication method and system for converging a 5.sup.th-Generation (5G) communication system for supporting higher data rates beyond a 4.sup.th-Generation (4G) system with a technology for Internet of Things (IoT). The disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. The disclosure relates to a method and an apparatus for performing fallback when handover fails in a case where efficient handover without interruption of transmission or reception of data during handover is performed.