The disclosure relates to a 5G or 6G communication system for supporting a higher data transmission rate. An operation method of an access and mobility management function (AMF) in a wireless communication network according to the disclosure includes: receiving, from a base station, a registration request message including a parameter indicating that a terminal supports control plane-based remote provisioning; determining the control plane-based remote provisioning, based on the parameter; and determining an authentication server function (AUSF) for onboarding of the terminal, based on the control plane-based remote provisioning.

Certain aspects of the present disclosure relate to methods and apparatus for optimizing delivery of a data to and/or from a UE in a connected but inactive state.

An authentication server according to an embodiment disclosed includes a number receiver that receives a number of a user terminal from a callee who has received a call originated from the user terminal, an device authenticator that determines whether to generate an authentication key based on the number of the user terminal received from the callee and a caller number received from the user terminal, and generates the authentication key when it is determined to generate the authentication key, and an authentication key transmitter that transmits the authentication key to the user terminal.

A method for a seamless transfer of a secure multimedia conference session from one endpoint device to another without a need to rekey the session is provided. In this method, a first endpoint device connects a participant to a multimedia conference session to which at least one other participant is connected and based on detecting one or more second endpoint devices within a predetermined location proximity of the first endpoint device, determines whether to transfer the multimedia conference session to a target endpoint device. Based on determining that the session is to be transferred, the first endpoint device establishes a secure pairing connection directly with the target endpoint device and provides, via the secure pairing connection, information about the multimedia conference session based on which the multimedia conference session is transferred to the target endpoint device without rekeying the multimedia conference session.

Access credentials for a user of each of the plurality of stations connecting to the Wi-Fi network are forwarded to a RADIUS server. In response to the forwarded access credentials, priority-token values derived from the access credentials of the connecting users for storage in association with a MAC address of each of the plurality of stations, are received from the RADIUS and stored. Priority-token values responsive to detecting multiple users of at least two different priorities needing to access the Wi-Fi network. Available subcarriers are allocated based on the priority-token values for data transmissions.

There is provided a solution for managing security contexts at idle mode mobility of a wireless communication device between different wireless communication systems including a first wireless communication system and a second wireless communication system. The first wireless communication system is a 5G/NGS system and the second wireless communication system is a 4G/EPS system. The solution is based on obtaining (S1) a 5G/NGS security context, and mapping (S2) the 5G/NGS security context to a 4G/EPS security context.

There is provided a solution for managing security contexts at idle mode mobility of a wireless communication device between different wireless communication systems including a first wireless communication system and a second wireless communication system. The first wireless communication system is a 5G/NGS system and the second wireless communication system is a 4G/EPS system. The solution is based on obtaining (S1) a 5G/NGS security context, and mapping (S2) the 5G/NGS security context to a 4G/EPS security context.

A method at a network node of a radio access network (RAN) for managing a context of a user equipment (UE) operating in an inactive mode, the method comprising: receiving, from a second network node, a context retrieval request comprising a UE identifier and a first message, the first message being protected with a first cryptographic key; validating the first message using a stored cryptographic key associated with a UE context indicated by the UE identifier; and sending a context retrieval response message to the second network node containing a relocation indication of whether the UE context is to be relocated to the second network node.

A system for provisioning a device is provided. The system includes a computer device. The computer device is programmed to receive, from a user equipment, a connection request via a layer two connection. The computer device is also programmed to accept the connection request. The computer device is further programmed to receive, from the user equipment, a certificate request via the layer two connection. Additionally, the computer device is programmed to determine a destination for the certificate request, and to route the certificate request to the destination.

A system for provisioning a device is provided. The system includes a computer device. The computer device is programmed to receive, from a user equipment, a connection request via a layer two connection. The computer device is also programmed to accept the connection request. The computer device is further programmed to receive, from the user equipment, a certificate request via the layer two connection. Additionally, the computer device is programmed to determine a destination for the certificate request, and to route the certificate request to the destination.