Providing an objective measure of trust in data provided by an Industrial Internet of Things (IIoT) device and/or a plurality of IIoT devices at a particular location so as to provide an aggregated objective measure of trust in data provided by the particular location.

To determine whether an IoT system connected with a network environment (e.g., the internet) is compromised, a networked Trust as a Service (TaaS) server receives system data indicative of various characteristics of the IoT system, wherein the system data is harvested by a software agent installed on the IoT system. The TaaS server initially establishes a baseline characteristics profile for the IoT system, such that subsequently received system data from the software agent may be compared against the baseline characteristics profile to quickly identify discrepancies between the originally established baseline characteristics profile and current operating characteristics of the system. Such discrepancies may be caused by desirable software updates, in which case the discrepancies may be integrated into the baseline characteristics profile, or the discrepancies may result from the IoT system being undesirably compromised.

Providing an objective measure of trust in data provided by an Industrial Internet of Things (IIoT) device utilizes an objective trust indicator generated based at least in part on baseline device characteristics and corresponding monitored/observed device characteristics. These device characteristics may comprise device hardware characteristics, device software characteristics, application software characteristics (of software installed on the device), and/or device behavior characteristics. The trust indicator is determined by comparing a match vector indicative of weighted scores for the baseline device characteristics relative to a generated monitored characteristics vector indicative of differences between baseline and monitored device characteristics, and determining a directional difference between the match vector and the monitored characteristics vector.

A system for sending a relay notification comprises a transceiver and a processor. The processor is configured to use the transceiver to receive a request for allowing a mobile device to be used by a further mobile device as a relay to a mobile communication network. The processor is further configured to determine whether the mobile device is to act as a relay for the further mobile device based on the unique identifier of the further mobile device, and to use the transceiver to notify the mobile device that it is to act as a relay for the further mobile device in dependence on the determination. The mobile device is configured to receive the notification from the system. The processor is further configured to start relaying data received from the further mobile device to the mobile communication network upon receiving the notification.

A method, system, and computer readable program code are disclosed for authenticating a user having a mobile device with plural sensors. The method includes recognizing a situation of the mobile device or the user; determining if the situation of the mobile device or the user is a predetermined situation; when the situation is the predetermined situation: determining a first action as an authentication action; determining a single sensor or a first combination of sensors among the plural sensors; and executing a first authentication for the user by using the single sensor or the first combination of sensors; and when the situation is not the predetermined situation: determining a second action as the authentication action; determining a second combination of sensors among the plural sensors; and executing a second authentication for the user by using the second combination of sensors.

A system and method for operating an edge compute advisory system comprising a network adapter to receive a compute work request from a client device seeking edge computing resources of a mobile edge computing system, wherein the compute work request includes processing resource requirements to meet the compute work request. A processor to determine a plurality of mobile edge computing systems within a neighborhood range of an estimated client device location, and the network adapter to receive advertisement messages indicating availability of the plurality of mobile edge computing systems and including an address location for secured historical compute trust references for each advertising mobile edge computing system. The processor executing machine readable executable code instructions of the edge compute advisory system to access and receive the historical trust references for a plurality of candidate mobile edge computing resources accessible to the client device location, and determine an optimal candidate mobile edge computing resources partner from among the plurality of candidate mobile edge computing systems based on a minimal level of trust category or rating for the mobile edge computing system.

Trusted client security factor-based authorizations at a server. The techniques allow the server to authorize client requested operations to access a protected resource or service based on trusted client security factors that are obtained at client machines and provided to the server.

The present invention discloses methods and systems of connecting a wide area network (WAN) to a portable gateway through at least one gateway. The portable gateway generates a web page where the web page comprises input fields that allow configuration of one or more WAN interfaces. The portable gateway stores the web page. The portable gateway receives one or more Internet Protocol (IP) data packets from at least one device. The IP data packets are not capable of being forwarded. The portable gateway sends the web page to the at least one device. The portable gateway receives information through the web page from the at least one device. The information is to configure at least one WAN interface and to connect to at least one gateway.

A security platform of a data network is provided that includes security services for computing devices in communication with the data network. The security platform may apply a security policy to the computing devices when accessing the Internet via a home network (or other customer network) and when accessing the Internet via a public or third party network. To provide security services to computing devices via the home network, the security platform may communicate with a security agent application executed on the router (or other gateway device) of the home network. In addition, each of the devices identified by the security profile for the home network may be instructed or otherwise be provided a security agent application for execution on the computing devices. The security agent application may communicate with the security platform when the computing device connects to the Internet over a third party or public access point.

A device arranged for wireless communication according to a communication protocol has a processor to execute a connection sequence according to a discovery protocol. The connection sequence comprises determining a current cluster identity and a current discovery window timing used by the device. Next, at least one other device within wireless range is detected, while further determining a detected cluster identity and a detected discovery window timing of the detected other device. Then it is detected whether the detected device is operating in a different cluster than the device by comparing the current cluster identity with the detected cluster identity or comparing the current discovery window timing with the detected discovery window timing. Finally, upon detecting said different cluster, a security process is executed, which may warn the user or abort the connection sequence. Thereby, a malicious device trying to manipulate the connection sequence is detected.