Embodiments of the present application provide methods for checking UE capability match, an AMF, a base station, and a storage medium. The method includes: determining to send a UE capability match request to a base station during a registration procedure initiated by the UE; sending a request for setting up a UE's access stratum (AS) security context to the base station, and sending the UE capability match request to the base station after it is determined that the base station completes setup of the AS security context; receiving a UE capability match acknowledgement returned from the base station. By the method according to the embodiment of the application, the problem that the base station does not respond to the UE capability match process requested by the AMF, which results in that the AMF cannot issue an indication of IMS voice over PS session to the UE during the registration process, can be avoided, and thus the UE can normally obtain IMS voice service.

Systems and methods for configuring industrial devices through a secured wireless side channel may include a compute device. The compute device may have primary communication circuitry configured to communicate through a network and side channel communication circuitry configured to communicate through a wireless side channel that is different from the network. The compute device may additionally include circuitry configured to obtain, via the wireless side channel, configuration data indicative of a configuration for one or more operations of an industrial device of an industrial process plant. Additionally the circuitry may be configured to configure, in response to obtaining the configuration data, the one or more operations of the industrial device.

Systems and methods are disclosed herein for real-time digital authentication. According to some embodiments, a certification authentication method includes receiving a list of third party root certificates from a remote server, the list of third party root certificates including at least one association between a program configured to run on the computing apparatus and a public key for authenticating communication between the program and an associated server of the program. The method may also include authenticating the list of third party root certificates. The method may also include initiating a communication between the computing apparatus and the associated server and authenticating the communication with the associated server using the public key. Furthermore, the method may also include loading the program onto the one or more memories during a bootstrapping process in response to determining that the communication with the associated server is authentic.

Apparatus and methods for enhancing security of an authentication process of a caller that initiated a call in an Interactive Voice Response (“IVR”) system are provided. The methods may include routing the call through the IVR system to a headset. After the routing, the methods may include retrieving data associated with the caller. In response to the retrieved data meeting one or more predetermined conditions, a graphical user interface of an agent computer paired to the headset may display a plurality of validation information for validating the caller. Selection by the agent of validation information may trigger methods for transmitting a request to the caller, via a caller mobile phone, to input the validation information selected by the agent. The methods may additionally include authenticating the caller based at least in part on the information input into the mobile phone.

Aspects of the disclosure relate to a relay-switch device that includes at least one sandbox to detect, isolate, and remove any discovered malware or cyber threat. In an embodiment, data is received, saved, and inspected in the at least one sandbox of the relay-switch device. A control layer manages network connectivity so that only home organization network connections or external party network connections are connected at given moment in time.

Aspects of the disclosure relate to a relay-switch device that includes at least one sandbox to detect, isolate, and remove any discovered malware or cyber threat. In an embodiment, data is received, saved, and inspected in the at least one sandbox of the relay-switch device. A control layer manages network connectivity so that only home organization network connections or external party network connections are connected at given moment in time.

A computer device may include a memory storing instructions and processor configured to execute the instructions to host a network function container that implements a microservice for a network function in a wireless communications network, wherein the network function container is deployed by a container orchestration platform; host a service proxy container associated with the network function container, wherein the service proxy container is deployed by the container orchestration platform; and configure the hosted service proxy container to apply a wireless network policy to the microservice for the network function. The processor may be further configured to intercept messages associated with the microservice for the network function using the configured service proxy container; and apply the wireless network policy to the intercepted messages using the configured service proxy container.

A computer device may include a memory storing instructions and processor configured to execute the instructions to host a network function container that implements a microservice for a network function in a wireless communications network, wherein the network function container is deployed by a container orchestration platform; host a service proxy container associated with the network function container, wherein the service proxy container is deployed by the container orchestration platform; and configure the hosted service proxy container to apply a wireless network policy to the microservice for the network function. The processor may be further configured to intercept messages associated with the microservice for the network function using the configured service proxy container; and apply the wireless network policy to the intercepted messages using the configured service proxy container.

A network controller (102) for granting a device and/or an application (120) access rights to at least one device of a set of devices (112, 130) is disclosed. The set of devices (112, 130) comprises a controllable device (130) and a control device (110), wherein the control device (110) comprises a user input element (112) configured to receive a user input, and wherein the control device (110) is configured to generate an input signal (114) based on the received user input. The network controller (102) comprises a communication unit (104) configured to receive an access request signal (124) from the device and/or the application (120), and to receive the input signal (114) from the control device (110), and a processor (106) configured to switch, upon receipt of the access request signal (124), the network controller (102) from a control mode to a configuration mode, wherein the processor (106) is configured to control, if the network controller (102) is in the control mode, the controllable device (130) based on the input signal (114), wherein the processor (106) is configured to grant, if the network controller (102) is in the configuration mode, the access rights to the device and/or the application (120) upon receipt of the input signal (114).

A method for processing a security policy of a device may include a step for receiving, from another device, a first message including first information about a security policy of the other device. The first message may include a direct communication request message or a link modification request message. The method may further include the steps of: determining whether to accept or reject the first message on the basis of both the first information about the security policy of the other device and second information about the security policy of the device; and sending a second message on the basis of the determination.