Provided are techniques for authenticating an unknown device. For a first device in an internet of things network that includes a second device and forms a list of trusted devices, a distance between the first device and the second device is determined. A level of trust for the second device is identified based on the distance, wherein the level of trust specifies a level of data sharing. Reputation ranking is performed for the second device based on the level of trust. The reputation ranking is used to assign a trust score to the second device. Based on determining that the trust score exceeds a trust threshold, access is provided to the second device.

Aspects of the technology described herein identify a trusted group of devices that collaborate to minimize device limitations (e.g., data use, bandwidth, battery life, and the like). Personal assistant services or cloud-based services utilize user data (e.g., web browsing, calendar entries, communication data, social networks, and the like) and device data (e.g., location data, Bluetooth beacons, Wi-Fi, and the like) provided by user devices to identify devices in the trusted group of devices. A handshake between the devices establishes a means of communication and a selected topology. A hub device is selected from the trusted group of devices to upload or download relevant data based on the selected topology. The hub device shares the relevant data with the member devices via the established means of communication.

Aspects of the subject disclosure may include, for example, initializing a secure timer in a wireless device, determining whether a subscriber identification module (SIM) card installed in the wireless device comprises a carrier identity that matches a carrier identity stored in the machine-readable medium, establishing a network connection with a trusted server, starting the secure timer if the SIM card and network connection are satisfactory, periodically checking the network connection and SIM card until expiry of the secure timer, penalizing the secure timer responsive to a failure of the network connection or SIM card check, and responsive to expiry of the secure timer, unlocking a SIM lock. Other embodiments are disclosed.

A method at a network element for processing a first message destined for an intelligent transportation system station, the method including receiving from a sending entity, or generating, the first message at the network element; based on a source or contents of the first message, performing one of: discarding the first message; or modifying the first message to provide an indication to the intelligent transportation system station of checks the intelligent transportation system does not need to perform, thereby creating a second message; and forwarding the second message to the intelligent transportation system station.

Systems, computer program products, and methods are described herein for dynamic communication channel switching for secure message propagation. The present invention may be configured to receive wireless signals from a plurality of devices and identify, from the plurality of devices and based on the wireless signals, a trusted device. The present invention may be configured to receive, from another device, a secure message, where the secure message includes information identifying a vulnerability in a network to which the trusted device is connected. The present invention may be configured to establish, based on receiving the secure message and using a first wireless communication interface, a communication link with a second wireless communication interface of the trusted device to establish a wireless data channel with the trusted device and transmit, via the wireless data channel, the secure message to the trusted device.

The invention relates to a method and system for establishing a connection between a vehicle network service and an external application. The method comprises: in a vehicle (102), defining (S1) a trusted hotspot device (104) external to a vehicle gateway (106), the trusted hotspot device being connected to the vehicle gateway; in the trusted hotspot device, receiving (S2) a request from an application external to the vehicle requesting access to a service (108) on the vehicle network (110) via the vehicle gateway; in the vehicle gateway, determining (S3) if the requested vehicle network service is available on the vehicle network (110); and if the requested vehicle network service is available on the vehicle network, configuring (S4) the vehicle gateway to allow the requesting application to communicate with the requested vehicle network service.

Aspects described herein may allow for determining network membership to facilitate detecting fraudulent messages. A computing device may receive, from one or more terminals at a first location, a plurality of interactive messages during a pre-determined time period. Each interactive message may comprise personally identifiable information of a user. The computing device may store a first record and a second record that indicate interactive messages were received from a group of users in temporal proximity to each other at the first location and the second location respectively. The computing device may send a request to confirm users in the subset are members of a network and update a membership list based on a reply received from the user. If further messages are received from devices outside the membership list, an alert may be sent to alert the possibility of a fraudulent message.

Apparatuses, methods, and systems are disclosed for selecting a non-3GPP access network. One apparatus includes a memory coupled to a processor configured to cause the apparatus to generate a list indicating a set of PLMNs and a respective trusted connectivity type associated with each PLMN of the set of PLMNs, select a PLMN from the set of PLMNs, select a trusted connectivity type associated with the selected PLMN, and select a non-3GPP access network from a set of non-3GPP access networks based on the non-3GPP access network supporting the selected trusted connectivity type associated with the selected PLMN and a priority of the non-3GPP access network. Additionally, the processor causes the apparatus to perform a connection procedure with the selected PLMN using the selected trusted connectivity type and via the selected non-3GPP access network.

Information is received from a first networked device for a first user and from a second networked device for a second user. The first user and the second user are verified and registered. A first set of data for the first user and a second set of data for the second user that each specify one or more network parameters per network address that communicates with each user are received from a networked collector device. Addresses are selected from each of the first set and the second set where each of the one or more network parameters are above a first activity threshold level for that parameter. A first set and a second set of first level activity addresses are produced. A whitelist is generated for the first user from an intersection of the first set of first level activity addresses and the second set of first level activity addresses.

Technologies are shown for trust delegation that involve receiving a first request from a subject client and responding by sending a first token having first permissions to the subject client. A second request from a first partner actor is received that includes the first token, and in response, the first partner actor is linked to the subject client in a trust stack and a second token is sent to the first actor with second permissions, the second token identifying the subject client and the first partner actor. A third request from a second partner actor is received that includes the second token, and in response, the second partner actor is linked to the first partner actor in the trust stack and a third token is sent to the second partner actor with third permissions, the third token identifying the first partner actor and the second partner actor.