An apparatus and a method of communication are provided. The method includes receiving a failure indication from a system if the system determines that a request of a mobile device to obtain an unmanned aerial system (UAS) service has failed at an authentication, an authorization, and/or a registration. This can provide a failure indication from a system when an authentication, an authorization, and/or a registration from a mobile device to the system fails. The system includes a UAS service supplier (USS) and/or a UAS traffic management (UTM). The mobile device comprises a user equipment and/or an unmanned aerial vehicle (UAV). The network comprises a 3GPP network.

According to one aspect of the present invention for accomplishing the aforementioned purpose, a mobile authentication method performed by a portable user device comprises the steps of extracting a telephone number of the portable user device, transmitting member information including the telephone number to an authentication server, receiving a user authentication number using the member information from the authentication server, extracting unique user identifiers (UUID) of an application (app) installed in the portable user device, and transmitting the extracted UUID of the app and the received user authentication number to a service server.

According to one aspect of the present invention for accomplishing the aforementioned purpose, a mobile authentication method performed by a portable user device comprises the steps of extracting a telephone number of the portable user device, transmitting member information including the telephone number to an authentication server, receiving a user authentication number using the member information from the authentication server, extracting unique user identifiers (UUID) of an application (app) installed in the portable user device, and transmitting the extracted UUID of the app and the received user authentication number to a service server.

A method and apparatus of a device that authorizes a device for a service is described. In an exemplary embodiment, the device intercepts a request for a web page from a web browser executing on the device, wherein the request includes an indication associated with an authorization request for the service and the web page provides the service. In addition, the device presents an authorization user interface on the device. The device further performs a local authorization using a set of user credentials entered via the authorization user interface. The device additionally performs a server authorization with a server. Furthermore, the device redirects the web browser to the requested web page, wherein the web browser is authorized for the service provided by the web page.

Aspects of the subject disclosure may include, for example, authenticating, by a federated blockchain controller, a user equipment located within a cell coverage area of a network that includes heterogeneous cells. The federated blockchain controller can provide encryption data to the user equipment and corresponding authentication information to one or more multi-access edge computing (MEC) devices associated with the heterogeneous cells to enable secure and efficient handovers for the user equipment amongst the heterogeneous cells, without a need for additional handover reauthentication procedures. Other embodiments are disclosed.

Embodiments described include systems and methods for management and pre-establishment of network application and secure communication sessions. Session logs may be analyzed to identify an application or secure communication sessions likely to be accessed, and prior to receiving a request to establish the session, an intermediary (e.g. another device such as an intermediary appliance or other device, or an intermediary agent on a client such as a client application) may pre-establish the session, performing any necessary handshaking or credential or key exchange processes. When the session is subsequently requested (e.g. in response to a user request), the system may immediately begin using the pre-established session. This pre-establishment may be coordinated within the enterprise providing load balancing and scheduling of session establishment to prevent large processing loads at any one point in time.

A network node operates a Session Management Function (SMF) in a control plane of a core network of a wireless network. The network node authenticates a User Equipment (UE) with an Extensible Authentication Protocol (EAP) server in a secondary authentication process that uses the SMF as an EAP authenticator. The EAP server is outside of the core network and the UE is separately authenticated with a further network node in the control plane of the core network via a primary authentication process. Authenticating the UE in the secondary authentication process comprises exchanging EAP messages between the SMF and the UE and between the SMF and the EAP server. The SMF authorizes a data session between the UE and the external network through a user plane of the core network based on the UE having successfully authenticated via both the primary authentication process and the secondary authentication process.

A network node operates a Session Management Function (SMF) in a control plane of a core network of a wireless network. The network node authenticates a User Equipment (UE) with an Extensible Authentication Protocol (EAP) server in a secondary authentication process that uses the SMF as an EAP authenticator. The EAP server is outside of the core network and the UE is separately authenticated with a further network node in the control plane of the core network via a primary authentication process. Authenticating the UE in the secondary authentication process comprises exchanging EAP messages between the SMF and the UE and between the SMF and the EAP server. The SMF authorizes a data session between the UE and the external network through a user plane of the core network based on the UE having successfully authenticated via both the primary authentication process and the secondary authentication process.

A system and method for provisionally authenticating a host moving from a source port of a switch device to a destination port of the switch device is disclosed. The host is initially authenticated at the source port and blocked from forwarding network traffic at the destination port. During a provisional authentication session, an authentication agent executing on the switch intercepts one or more authentication packets sourced by the host and headed for the destination port of the switch device and redirects the authentication packets to an authentication server for validating the host at the destination port of the switch device. The switch device removes the block at the destination port in response to receiving an acknowledgment of successful authentication at the destination port from the authentication server.

A method performed by a network node of a serving public land mobile network, PLMN, associated with a user equipment, UE, comprising: obtaining a secret identifier that uniquely identifies the UE, wherein the secret identifier is a secret that is shared between the UE and at least a home PLMN of the UE and that is shared by the home PLMN with the network node; and performing an operation related to the UE using the secret identifier. Other methods, computer programs, computer program products, network nodes and a serving PLMN are also disclosed.