A user equipment (UE) may be configured to transmit a registration message to a network to establish a secure connection for non-access stratum (NAS) messages between the network and a UE, the secure connection based at least in part on a UE identifier and security capabilities of the UE included in the registration message. The UE may then exchange NAS methods with the network over the secure connection. The UE may also establish, in response to the registration message, an authentication protocol with the network and encrypt subsequent NAS messages based in part on the authentication protocol.

An approach is provided for providing authentication session sharing between browsers and run time environments in network communication. An interface receives an authentication context associated with a first service. The interface causes, at least in part, storage of the authentication context in a first cache associated with the interface. The interface causes, at least in part, population of the authentication context to a second cache associated with a second service. The second cache is not directly linked to the interface. The authentication context in the second cache authenticates access to the second service.

In an embodiment, at least one non-transitory computer readable storage medium includes instructions that when executed enable a system to: request, by an authentication logic of the system during a multi-factor authentication of a user of the system to obtain access to a first service, a token to be sent from a second system associated with the first service to a third system associated with the user; receive, in the authentication logic, the token from the third system without user involvement via a secure channel; and send the token from the authentication logic to the second system to authenticate the user. Other embodiments are described and claimed.

Provided are a method and apparatus for processing data by a terminal. The method ma include: receiving higher layer signaling including indication information requesting for configuring a terminal tunnel protocol entity for processing data transmitted/received through a WLAN carrier, configuring the terminal tunnel protocol entity on the basis of the indication information; and receiving bearer-specific user data and transmitting the bear-specific user data to a terminal user plane entity corresponding thereto.

A computer system for creating pre-authenticated, functional URLs within SMS messages is disclosed. The computer system includes a computer having non-transitory memory for storing machine instructions that are to be executed by the computer. The machine instructions when executed by the computer implement the following functions: receiving a login ID and passcode of an alarm management system user; receiving a specific function to be utilized by the alarm management system user; generating a URL that embeds the login ID, passcode and specific function to create a pre-authenticated, functional URL; combining a text message string with the pre-authenticated, functional URL to create an SMS message; and transmitting the SMS message.

A communication management system (such as hardware and/or executed software) receives performance information indicating wireless connectivity performance between a communication device and a set of candidate wireless access points. The communication device is initially in communication with a first wireless access point over a wireless link. Based on the performance information, the communication management system selects a candidate wireless access point from the set in which to performance a handoff. The communication management hardware the notifies the communication device to handoff the wireless link from the first wireless access point to the selected candidate wireless access point.

A communication device with a virtual subscriber identify module (SIM) for operating over multiple wireless telephone and internet protocol (IP) networks includes a processor and a virtual subscriber identify module (SIM), which mimics the operation of a physical SIM card. The virtual SIM includes a plurality of mobile network operator (MNO) profiles each MNO profile including a unique telephone network identifier and a unique IP network identifier. The processor is configured to switch mobile network operators for the wireless telephone and internet protocol (IP) networks by changing the MNO profile from a first one of the plurality of MNO profiles to a second one of the plurality of MNO profiles simultaneously enabling communicating over a second one of the plurality of mobile telephone networks and a second one of the plurality of IP networks.

A communication device with a virtual subscriber identify module (SIM) for operating over multiple wireless telephone and internet protocol (IP) networks includes a processor and a virtual subscriber identify module (SIM), which mimics the operation of a physical SIM card. The virtual SIM includes a plurality of mobile network operator (MNO) profiles each MNO profile including a unique telephone network identifier and a unique IP network identifier. The processor is configured to switch mobile network operators for the wireless telephone and internet protocol (IP) networks by changing the MNO profile from a first one of the plurality of MNO profiles to a second one of the plurality of MNO profiles simultaneously enabling communicating over a second one of the plurality of mobile telephone networks and a second one of the plurality of IP networks.

A method and apparatus for performing an authentication procedure in a wireless communication system is provided. A mobile equipment, which runs a plurality of applications, detects that a universal integrated circuit card (UICC) of the mobile equipment is in a first status, in which the UICC is able to answer a request, or a second status, in which the UICC is not able to answer a request. If detected, the mobile equipment stores a first set of authentication credentials in the UICC and a second set of authentication credentials in the mobile equipment, and performs the authentication procedure by using one of the first set of authentication credentials for the first status or the second set of authentication credentials for the second status.

A communication method and a system for converging a 5.sup.th-Generation (5G) communication system for supporting higher data rates beyond a 4.sup.th-Generation (4G) system with a technology for internet of things (IoT) are provided. The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. A system and a method for validating authenticity of a base station and/or information received from the base station are provided. The method for determining authenticity of system information received from a base station and a cell operated by the base station includes receiving, from a base station, system information, receiving, from a base station, system information, receiving, from the base station, first authenticity information associated with the system information, determining whether the system information is authentic based on the first authenticity information, and determining that a cell operated by the base station is authentic if the system information is authentic.