Various examples of device and system implementations and methods for performing end-to-end attestation operations for multi-layer hardware devices are disclosed. In an example, attestation operations are performed by a verifier, including: obtaining layered attestation evidence regarding a state of a compute device, with the layered attestation evidence including attesting evidence provided from a second hardware layer of the compute device, such that the attesting evidence provided from the second hardware layer is generated from attesting evidence provided from a first hardware layer of the compute device to the second hardware layer of the compute device; obtaining endorsement information relating to the layered attestation evidence for the state of the compute device; determining an appraisal policy for performing attestation of the compute device from the layered attestation evidence; and applying the appraisal policy and the endorsement information to the layered attestation evidence, to perform attestation of the compute device.

Embodiments disclosed herein may relate to systems and methods for secure authentication that enable a user to set up an account or log in an existing account upon an existing user vouching for the user. Embodiments disclosed herein relate to verifying one or more attributes of the user by transmitting multiple decentralized verification notifications to multiple existing users. Upon receiving a verification quorum, a request may be authenticated.

Embodiments of the present disclosure are directed to systems and methods for improving wireless network services by carrying out various procedures to identify and filter suspect user devices. A network function may monitor a plurality of network service requests from a particular user device and determine, based on the plurality of network services requests, that the requesting user device is engaged in suspicious activity. Upon such a determination, the network function may initiate one or more enforcement actions by communicating an instruction to an equipment identity register to add the requesting user device to a suspect device list stored on a unified data repository.

An access control device for controlling an access by a communication terminal to an application includes an authentication method management means configured to manage each of the application in association with authentication information, which indicates an effective authentication method effective for authenticating an access request source of an access request to access the application, an authenticating means configured to authenticate the access request source using a usable authentication method, which can be used in the communication terminal, based on the access request, an access request receiving means configured to receive the access request to access an intended application from the communication terminal, and an access control means configured to control the communication terminal so that the communication terminal does not access the intended application in a case where the authentication method management means does not manage the authentication information, which indicates the authentication method used for the authentication.

Techniques and devices for circumventing wireless data monitoring in communications between a communication device and a proxy server, as well as systems and techniques for detecting and resolving vulnerabilities in wireless data monitoring systems are described herein. The techniques for circumventing wireless data monitoring may include manipulating a routing table of a communication device, encapsulating data in an unmonitored protocol, and transmitting the encapsulated data in a bearer, or communications channel, to a proxy server that fulfills requests included in the encapsulated data. Furthermore, the techniques for detecting and resolving network vulnerabilities may include restricting protocols by bearers in an Access Control List, limiting a bandwidth of a bearer, or protecting a routing table in a secure location of the communication device.

Embodiments of the invention are directed assessing reliability between two computing devices. A distributed database may maintain reliability associations between pairs of computing devices. Each reliability association may indicate a particular device has determined (e.g., locally) that another device is reliable. In order to determine an amount of reliability between a first computing device and a second computing device, an ordered combination of the reliability associations may be determined utilizing the distributed database. The ordered combination of reliability associations may identify a reliability path between the first computing device and the second computing device. An amount of reliability may be determined based on the reliability path. An interaction between the devices may be allowed or restricted based at least in part on the amount of reliability between the computing devices.

A service coordinating entity device includes communications circuitry to communicate with a first access network, processing circuitry, and a memory device. The processing circuitry is to perform operations to, in response to a request for establishing a connection with a user equipment (UE) in a second access network, retrieve a first Trusted Level Agreement (TLA) including trust attributes associated with the first access network. One or more exchanges of the trust attributes of the first TLA and trust attributes of a second TLA associated with the second access network are performed using a computing service executing on the service coordinating entity. A common TLA with trust attributes associated with communications between the first and second access networks is generated based on the exchanges. Data traffic is routed from the first access network to the UE in the second access network based on the trust attributes of the common TLA.

A user equipment with a primary identifier and a secondary identifier. The user equipment comprises a witness application stored in the memory, that when executed by the processor in a trusted security zone, wherein the trusted security zone provides hardware assisted trust, transmits a message comprising the logs of the communication service consumption to a server in a network of a service provider associated with the user equipment using a trusted end-to-end communication channel, wherein the logs are translated by the server to a format compatible with a billing data store supported by a billing server, wherein the translated logs are transmitted to the billing data store, whereby a bill is created for each of the primary identifier and the secondary identifier by the billing server accessing the billing data store.

Embodiments of the invention are directed to systems, methods, and computer program products for electroencephalogram patterning recognition for user authentication into one or more physical or digital locations. In this way, the system may generate a spectral analysis baseline electroencephalogram reading for a user that can be segmented and analyzed based on a specific time span associated with a known stimulus or event, and diagnostic applications generally focus on either event-related potentials or the like. Upon initiating a request to enter a location requiring authentication, an electroencephalogram reading may be generated and patterned after the baseline electroencephalogram reading for the user. The system may perform patterned recognition of the readings and provide an authentication confidence of the user for authentication into the location.

An apparatus for verifying a vehicle in an inter-vehicular communication environment includes: a communication unit configured to receive a basic safety message and a verification message from a remote vehicle that is allowed to engage in inter-vehicular communication; and a controller configured to determine that the remote vehicle is reliable when the communication unit receives the verification message from the remote vehicle at least a predefined number of times over a predefined period of time, and to generate permission to utilize the basic safety message received from the remote vehicle when the controller determines that the remote vehicle is reliable.