This application provides a user authentication method and an apparatus. Before establishing, for a terminal device, a session used to transmit service data, an SMF entity receives a session establishment request message; determines, based on the session establishment request message, to perform user authentication on a user using the terminal device; and sends a session establishment message to a UPF entity, where the session establishment message is used to establish a first session for the terminal device, and a session attribute of the first session is: a session used to transmit only a user authentication message. Subsequently, the terminal device and an AAA server transmit the user authentication message through the first session, to complete user authentication.

This application provides a user authentication method and an apparatus. Before establishing, for a terminal device, a session used to transmit service data, an SMF entity receives a session establishment request message; determines, based on the session establishment request message, to perform user authentication on a user using the terminal device; and sends a session establishment message to a UPF entity, where the session establishment message is used to establish a first session for the terminal device, and a session attribute of the first session is: a session used to transmit only a user authentication message. Subsequently, the terminal device and an AAA server transmit the user authentication message through the first session, to complete user authentication.

Communications over short-range connections are used to facilitate whether access to resources is to be granted. For example, upon device discovery of one of an electronic user device and an electronic client device by the other device over a Bluetooth Low Energy connection, an access-enabling code associated with a user device or account can be evaluated for validity and applicability with respect to one or more particular resource specifications. User identity can be verified by comparing the user against previously obtained biometric information.

Communications over short-range connections are used to facilitate whether access to resources is to be granted. For example, upon device discovery of one of an electronic user device and an electronic client device by the other device over a Bluetooth Low Energy connection, an access-enabling code associated with a user device or account can be evaluated for validity and applicability with respect to one or more particular resource specifications. User identity can be verified by comparing the user against previously obtained biometric information.

The present invention is directed to methods and systems for determining a location of a vehicle within a geofence. The location of the vehicle is determined by a fencing agent on a vehicle. The geofence is defined by a plurality of geographic designators, with the plurality of geographic designators each being associated with an Internet Protocol (IP) address, preferably an IPv6 address.

The present invention is directed to methods and systems for determining a location of a vehicle within a geofence. The location of the vehicle is determined by a fencing agent on a vehicle. The geofence is defined by a plurality of geographic designators, with the plurality of geographic designators each being associated with an Internet Protocol (IP) address, preferably an IPv6 address.

A method for obtaining and using a single-use OAuth 2.0 access token for securing specific service-based architecture (SBA) interfaces includes generating, by a consumer network function (NF) an access token request. The method further includes inserting, in the access token request, a hash of at least a portion of a service-based interface (SBI) request message. The method further includes sending the access token request to an NF repository function (NRF). The method further includes receiving, from the NRF, an access token response, the access token response having an OAuth 2.0 access token including the hash of the at least a portion of the SBI request message. The method further includes using the OAuth 2.0 access token including the hash of the at least a portion of the SBI request message to access an SBI service.

A method for obtaining and using a single-use OAuth 2.0 access token for securing specific service-based architecture (SBA) interfaces includes generating, by a consumer network function (NF) an access token request. The method further includes inserting, in the access token request, a hash of at least a portion of a service-based interface (SBI) request message. The method further includes sending the access token request to an NF repository function (NRF). The method further includes receiving, from the NRF, an access token response, the access token response having an OAuth 2.0 access token including the hash of the at least a portion of the SBI request message. The method further includes using the OAuth 2.0 access token including the hash of the at least a portion of the SBI request message to access an SBI service.

Insurance Verification-as-a-Service (IVaaS) systems and methods include receiving coverage compliance criteria for one or more third-parties, wherein third-parties are placed in unique groups and are evaluated based on coverage criteria established for the unique groups; evaluating compliance for the one or more third-parties based on the received coverage compliance criteria; and performing one of a plurality of actions based on the compliance of the one or more third-parties, wherein the plurality of actions include communicating directly with a third-party and the third-parties insurance provider by creating various requests based on the compliance and issues of coverage of the third-parties.

Device Assisted Services (DAS) for protecting network capacity is provided. In some embodiments, DAS for protecting network capacity includes monitoring a network service usage activity of the communications device in network communication; classifying the network service usage activity for differential network access control for protecting network capacity; and associating the network service usage activity with a network service usage control policy based on a classification of the network service usage activity to facilitate differential network access control for protecting network capacity.