An electronic device is provided. The electronic device includes a near-field communication (NFC) communication circuit, an ultra-wideband (UWB) communication circuit connected with the NFC communication circuit, at least one secure element operatively connected with the NFC communication circuit and configured to store security information, and a processor disposed in the NFC communication circuit and operatively connected with the UWB communication circuit, wherein the processor is configured to receive a data request from an external electronic device via the UWB communication circuit, access at least part of the security information stored in the at least one secure element, based on a routing table matching the data request with the at least one secure element, and transmit the at least part of the security information to the external electronic device via the UWB communication circuit.

A system and method of registration with AMF re-allocation. The system and method includes receiving, by an initial AMF from a wireless communication device via a RAN, a registration request comprising a first device identifier associated with the wireless communication device. The system and method includes determining, by the initial AMF, an identifier type associated with the first device identifier. The system and method includes generating, by the initial AMF, a reroute message comprising a second device identifier. The system and method includes originating, by the initial AMF to the wireless communication device, a security mode command message comprising a redirection criteria or an integrity negotiation algorithm, the security mode command message causes the wireless communication device to set the redirection criteria allowing the wireless communication device to accept a request message that is not integrity protected and return a security mode complete message to the initial AMF.

A system and method of registration with AMF re-allocation. The system and method includes receiving, by an initial AMF from a wireless communication device via a RAN, a registration request comprising a first device identifier associated with the wireless communication device. The system and method includes determining, by the initial AMF, an identifier type associated with the first device identifier. The system and method includes generating, by the initial AMF, a reroute message comprising a second device identifier. The system and method includes originating, by the initial AMF to the wireless communication device, a security mode command message comprising a redirection criteria or an integrity negotiation algorithm, the security mode command message causes the wireless communication device to set the redirection criteria allowing the wireless communication device to accept a request message that is not integrity protected and return a security mode complete message to the initial AMF.

Disclosed are various examples for deploying applications on client devices through a management service. A client device can be enrolled with a management service. The management service can determine application settings that are associated with an application and generate an application profile for the application. The application profile can be used to deploy the application to client devices and provision the application with the appropriate application settings.

Methods and systems for securing remotely-operable devices are provided. A security device can receive a plurality of commands to control a remotely-operable device in a remote environment. At least one command in the plurality of commands can include command data that is related to the remotely-operable device. The security device can receive a plurality of responses to the plurality of commands. The security device can process the plurality of commands and the plurality of responses to determine a signature related to an operator that issued the plurality of commands for the remotely-operable device. The security device can determine an identity of the operator based on the signature. The security device can generate an identity report that includes the identity of the operator.

A verification system verifies a signal processor unit and a radio unit. The verification system includes a pseudo radio unit and a pseudo signal processor unit. The pseudo radio unit includes a first processor that executes a connection sequence with the signal processor unit, acquires a first sequence log indicating an execution result of a connection sequence between the pseudo signal processor unit and the radio unit, and executes a connection sequence with the signal processor unit based on the first sequence log. The pseudo signal processor unit includes a second processor that executes a connection sequence with the radio unit, acquires a second sequence log indicating an execution result of a connection sequence between the pseudo radio unit and the signal processor unit, and executes a connection sequence with the radio unit based on the second sequence log.

A verification system verifies a signal processor unit and a radio unit. The verification system includes a pseudo radio unit and a pseudo signal processor unit. The pseudo radio unit includes a first processor that executes a connection sequence with the signal processor unit, acquires a first sequence log indicating an execution result of a connection sequence between the pseudo signal processor unit and the radio unit, and executes a connection sequence with the signal processor unit based on the first sequence log. The pseudo signal processor unit includes a second processor that executes a connection sequence with the radio unit, acquires a second sequence log indicating an execution result of a connection sequence between the pseudo radio unit and the signal processor unit, and executes a connection sequence with the radio unit based on the second sequence log.

A method for communication in a network is disclosed, between a first and second terminal between which is established a first encrypted connection for transmitting data. The method comprises at the first terminal: storing, in association with the first connection, at least one second connection between the first terminal and the second terminal via an intermediate processing function intended to be applied between the first terminal and the second terminal to a part of the data referred to as eligible for the second connection, and a filter characterizing the data eligible for the second connection, the second connection being encrypted between the first terminal and the intermediate processing function, and sending, via the second connection, a message intended for the intermediate function and carrying data for the second terminal corresponding to the filter, the first message sent comprising information according to which the data are intended for the second terminal.

A method for communication in a network is disclosed, between a first and second terminal between which is established a first encrypted connection for transmitting data. The method comprises at the first terminal: storing, in association with the first connection, at least one second connection between the first terminal and the second terminal via an intermediate processing function intended to be applied between the first terminal and the second terminal to a part of the data referred to as eligible for the second connection, and a filter characterizing the data eligible for the second connection, the second connection being encrypted between the first terminal and the intermediate processing function, and sending, via the second connection, a message intended for the intermediate function and carrying data for the second terminal corresponding to the filter, the first message sent comprising information according to which the data are intended for the second terminal.

A system of delivering data content with hardware assisted provenance proof in named data networking (NDN). The system comprises a data content server with a trusted security zone enabled that is configured to receive the first request message from the first client, and transmit the desired data content based on the name comprised in the first request message and a determination that the first client is trusted and that the routing path from the first client to the data content server is trusted. The system further comprises a signature server with a trusted security zone enabled that is configured to receive the first request message from the first client, generate a digital signature based on the desired data content, and transmit the corresponding digital signature based on a determination that the first client is trusted and that the routing path from the first client to the signature server is trusted.