This application provides a network slice access control method, including: determining, by an access and mobility management function network element, first allowed network slice selection assistance information of a terminal device in a registration process to register the terminal device to a network; learning, by the access and mobility management function network element, of an authentication failure of a first network slice corresponding to first single network slice selection assistance information from the first allowed network slice selection assistance information.

A method includes determining a number of drops of a plurality of messages sent to a first node of a plurality of nodes within a mesh network. Based at least in part on the number of drops of the plurality of messages exceeding a threshold number of drops for a time period, decrementing a first rating assigned to the first node to a second rating assigned to the first node. Based at least in part on the second rating being below a rating threshold, determining that the first node is a potentially malicious node. Based at least in part on a first distance to the first node being larger than a distance threshold, identifying that the first node is a malicious node. The method may further include ending communications with the first node.

Techniques for messaging based on trust levels and resource limitations in a mesh network include receiving, by a first node of a mesh network, a message; determining, by the first node, a security key type based on a resource parameter associated with a neighbor node included in the mesh network; securing, by the first node, the message using a security key of the security key type; and transmitting, by the first node, the secured message to the neighbor node. The resource parameter associated with the neighbor node comprises at least one of an amount of memory used to decrypt the secured message at the neighbor node, an amount of power used to decrypt the secured message at the neighbor node, or an indication of an amount of power remaining at the neighbor node.

A security platform of a data network is provided that includes security services for computing devices in communication with the data network. The security platform may apply a security policy to the computing devices when accessing the Internet via a home network (or other customer network) and when accessing the Internet via a public or third party network. To provide security services to computing devices via the home network, the security platform may communicate with a security agent application executed on the router (or other gateway device) of the home network. In addition, each of the devices identified by the security profile for the home network may be instructed or otherwise be provided a security agent application for execution on the computing devices. The security agent application may communicate with the security platform when the computing device connects to the Internet over a third party or public access point.

Systems, apparatuses, and methods are described for establishing, or re-establishing, trust for a network device. A user device may send, via a network device, a service request to establish trust for the network device in a network. The service request may comprise, or may allow look up of, identifying information for the network device, such as a network address. Trust of the network device may be established, at least in part, by confirming the network address (or other identifying information) associated with the network device, and/or by confirming certain devices that are in communication with the network device. An authentication token may be sent to the network device for reconnecting to the network.

An intelligent trust enabler system for a 5G IoT (fifth-generation Internet of Things) environment includes: an IoT trust enabler mounted on an edge and gateway on a fifth-generation (5G) IoT infrastructure, for providing trust information based on data collected from IoT devices and performing operation and management of connected IoT resources; and an IoT trust agent for providing a legacy environment for the IoT trust enabler.

Various systems and methods for user-authorized onboarding of a device using a public authorization service are described herein. In an example, a 3-way authorization protocol is used to coordinate device onboarding among several Internet of Things (IoT) Fog users (e.g., devices in a common network topology or domain) with principles of least privilege. For instance, respective onboarding steps may be assigned for performance by different Fog ‘owners’ such as respective users and clients. Each owner may rely on a separate authorization protocol or user interaction to be notified of and to give approval for the specific onboarding actions(s) assigned. Further techniques for implementation and tracking such onboarding actions as part of an IoT network service are also disclosed.

The present application describes providing an attestation level to a received communication. The attestation level may be used to communicate a level of security to a network or a called party that receives the communication. The attestation level associated with the communication may indicate to a destination network and/or recipient that the phone number associated with the communication is secure and/or the telephone number has not been spoofed.

A wireless communication system generates Artificial Intelligence (AI) responses to network data. Computer circuitry hosts network functions, distributed ledgers, ledger clients, and AI engines. The network functions serve User Equipment (UEs) over Radio Access Networks (RANs), and in response, transfer the network data to the distributed ledgers. The distributed ledgers receive and store the network data. The ledger clients select some of the network data from the distributed ledgers and transfer the selected network data to the AI engines. The AI engines receive the selected network data, and in response, generate the AI responses. The ledger clients and the AI engines may comprise wireless network slices.

A method for authenticating a network entity to access restricted information. The method includes receiving a request to generate a visual voicemail message based on an analysis of network entity profile data and contextual information relating to the network entity. The method includes generating the visual voicemail message based on the network entity profile data and the contextual information, sending the visual voicemail message to the network entity and requesting authentication information included with the visual voicemail message. In response to receiving the requested authentication information, the network entity is authenticated to access to the restricted information.