Systems, methods, and software can be used to improve the security for machine to machine communications. In some aspects, a method is disclosed comprising: receiving, at a vehicle, a connection request from an electronic device; receiving, at the vehicle, security posture information from the electronic device, wherein the security posture information comprises at least one of operating system update information or antivirus status information; and determining, by the vehicle, whether to connect to the electronic device based on the security posture information of the electronic device.

Systems and methods are described for seamlessly connecting devices based on relationships between the users of the respective devices. A media guidance application may determine that a first user has entered an environment (e.g., his/her mother's home) and may determine a frequency with which the first user enters the environment (e.g., daily). In response to determining that the first user visits frequently, the media guidance application may identify a second device in the environment (e.g., a smart TV) that a second user (e.g., the first user's mother) is authorized to grant access rights for. The media guidance application may determine a likelihood that the second user will grant the access rights for the second device to the first user, based on interaction data between the first user and the second user. In response to determining a high likelihood, the media guidance application may transmit the access rights.

A mobile device collects received information and processes it. In some instances, the mobile device detects, based on the collected information, that a base station is likely not legitimate, i.e., it is likely a fake base station, and the mobile device bars communication with the base station for a time. In some embodiments, the mobile device determines, based on the received information, that the base station is a genuine base station. When the mobile device determines that the base station is a genuine base station or the mobile device does not determine that it is likely the base station is a fake base station, the mobile device allows or continues communication with the base station.

Systems, apparatus, methods, and techniques for an ego vehicle to respond to detecting misbehaving information from remote vehicles are provided. An ego vehicle, in addition to reporting misbehaving vehicles to a misbehavior authority via a vehicle-to-anything communication network, can, take additional actions based in part on how confident the ego vehicle is about the evidence of misbehavior. Where the confidence is high the ego vehicle can simply discard the misbehaving data and provide an alternative estimate for such data from alternative sources. Where the confidence is not high the ego vehicle can request assistance from neighboring vehicles and roadside units to provide independent estimates of the data to increase confidence in the evidence of misbehavior.

A method and a communication device for determining a score relating to a first agent module are described. The communication device receives information relating to at least one request, performed by another agent module separate from the first agent module, for consumption of a capability of the first agent module. The information relating to the at least one request includes information about the capability of the first agent module, information about an intention of the first agent module, and information about a policy for the capability. The communication device calculates the score in relation to the first agent module based on the information relating to the at least one request, wherein the score further is specified with respect to the capability.

Trusted client security factor-based authorizations at a server. The computer-implemented techniques allow the server to authorize client requested operations to access a protected resource or service based on trusted client security factors that are obtained at client machines and provided to the server. A level of trust by the server in the client security factors is established by requiring that the client machine be pre-registered in a trusted machine registry before the server allows requests from the client machine to access a protected service or a protected resource. The registration of the client machine in the machine registry may be made by way of a probabilistically difficult to predict machine registration digest that encompasses a digest of a client program installed on the client machine and a machine identifier of the client machine.

Embodiments of the present invention disclose a method, computer program product, and system for accessing a network by one or more client devices via a plurality of access devices of wireless type. An access device receives a hand-over request for performing a hand-over from one of the client devices accessing the network via the access device, the hand-over request comprising an indication of one or more candidate access devices of the other access devices for performing the hand-over. The hand-over between the access device and a target access device of the candidate access devices is negotiate in response to the hand-over request. A further hand-over is negotiate of a further client device accessing the network via a source one of the other access devices between the access device and the source access device. The access device enables the further client device to access the network.

A wireless network slice controller instructs a Network Function Virtualization (NFV) Management and Orchestration (MANO) system to implement a Network Service Descriptor (NSD) for a network slice. The NFV MANO system directs an NFV Infrastructure (NFVI) to execute NFV Virtual Network Functions (VNFs) for the network slice based on the NSD. The slice controller instructs a slice oracle to start a distributed ledger for the network slice. The slice oracle launches a distributed ledger for the network slice. The slice controller instructs access points to serve user devices for the network slice. The access points, NFVI, and VNFs serve the user devices. The slice oracle receives slice data from the access points, the NFVI, and the VNFs and transfers the slice data to the distributed ledger. The distributed ledger forms a consensus for the slice data and stores the slice data for the network slice.

A method, system, and computer readable program code are disclosed for authenticating a user having a mobile device with plural sensors. The method includes recognizing a situation of the mobile device or the user; determining if the situation of the mobile device or the user is a predetermined situation; when the situation is the predetermined situation: determining a first action as an authentication action; determining a single sensor or a first combination of sensors among the plural sensors; and executing a first authentication for the user by using the single sensor or the first combination of sensors; and when the situation is not the predetermined situation: determining a second action as the authentication action; determining a second combination of sensors among the plural sensors; and executing a second authentication for the user by using the second combination of sensors.

The disclosed computer-implemented method for identifying untrusted devices in peer-to-peer communication may include (i) collecting first communication protocol MAC addresses and second communication protocol MAC addresses, (ii) determining which of the first communication protocol MAC addresses corresponds to which of the second communication protocol MAC addresses, and (iii) storing correlations between the first communication protocol MAC addresses and the second communication protocol MAC addresses. A correlation between a first communication protocol MAC address and a second communication protocol MAC address may indicate a single device having both addresses. The method may also include (i) detecting a communication on the second communication protocol, (ii) determining whether the detected communication is from an untrusted device, and (iii) performing a security action when the detected communication is from the untrusted device. Various other methods, systems, and computer-readable media are also disclosed.