A method includes determining a number of drops of a plurality of messages sent to a first node of a plurality of nodes within a mesh network. Based at least in part on the number of drops of the plurality of messages exceeding a threshold number of drops for a time period, decrementing a first rating assigned to the first node to a second rating assigned to the first node. Based at least in part on the second rating being below a rating threshold, determining that the first node is a potentially malicious node. Based at least in part on a first distance to the first node being larger than a distance threshold, identifying that the first node is a malicious node. The method may further include ending communications with the first node.

A data communication network connects a user application in a wireless User Equipment (UE) to a user application server. An edge application server exchanges user data between the user application in a wireless UE and a wireless network slice. The wireless network slice exchanges the user data between the edge application server and the user application server. The data communication network determines a trust level for the exchange of the user data between the user application in the wireless UE and the user application server. In some examples, a distributed ledger in the data communication network determines the trust level for the exchange of the user data between the user application in the wireless UE and the user application server.

Systems and methods enable the provisioning of security as a service for network slices. A network device stores definitions of multiple security assurance levels for network slices based on security parameters of assets used in the network slices. The network device stores multiple network slice templates, wherein the multiple network slice templates have different security assurance levels, of the multiple security assurance levels, for a Network Service Descriptor (NSD). The network device receives a request for a network slice with a requested security assurance level, of the multiple security assurance levels, for the NSD, and deploys the network slice using one of the network slice templates that has a security assurance level that corresponds to the requested security assurance level. The network device monitors the security parameters of the assets of the network slice for changes to the security assurance level of the deployed network slice.

Techniques for establishing a data connection are described. In an example, a computer system receives, from a second device of a computer network, first data associated with a first device and second data associated with the second device. The first device is not connected to the computer network. The computer system determines third data generated by one or more devices other than the first device and the second device and associated with at least one of: the first device, the second device, a user account, or the computer network. The computer system generates, based on the first data, the second data, and the third data, a confidence score indicating a likelihood of a user authorization to connect the first device to the computer network. The computer system sends, to the second device based on the confidence score, instructions associated with connecting the first device to the computer network.

The present application describes providing an attestation level to a received communication. The attestation level may be used to communicate a level of security to a network or a called party that receives the communication. The attestation level associated with the communication may indicate to a destination network and/or recipient that the phone number associated with the communication is secure and/or the telephone number has not been spoofed.

The present disclosure relates to the security of user devices connected to local networks, such as devices comprised in the Internet of Things' (IoT). An aspect relates to a computer-implemented method of securing functionality of a user device connected to a local network provided at a premises, the method comprising: determining a premises trust score indicative of a likelihood that an authorised user of the user device is present at the premises, the determining being in dependence on: (i) data received from one or more biometric-capable devices, distinct from the user device, connected to the local network, that data being indicative of continuous biometric authentication of a current user of the respective biometric-capable device; or (ii) a lack thereof; then causing the user device to respond to a request for functionality made through a local user interface it comprises in a manner which depends on the premises trust score.

A security platform of a data network is provided that includes security services for computing devices in communication with the data network. The security platform may apply a security policy to the computing devices when accessing the Internet via a home network (or other customer network) and when accessing the Internet via a public or third party network. To provide security services to computing devices via the home network, the security platform may communicate with a security agent application executed on the router (or other gateway device) of the home network. In addition, each of the devices identified by the security profile for the home network may be instructed or otherwise be provided a security agent application for execution on the computing devices. The security agent application may communicate with the security platform when the computing device connects to the Internet over a third party or public access point.

The present application relates to devices and components including apparatus, systems, and methods for security enhancement with respect to reselection of relay user equipment.

A method for authenticating a user seeking access to first and second resources that have different authentication levels. The method includes receiving a primary token that is associated with a first authentication event of the user and authenticates the user to access the first resource, and receiving a first request to access the second resource. The method further includes receiving first credentials of the user. The method further includes, responsive to validating the first credentials, generating a second authentication event, associating the second authentication event with the primary token, and issuing a first secondary token that authenticates the user to access the second resource.

Systems, devices, and methods are described herein for calculating a trust score. The trust score may be calculated between entities including, but not limited to, human users, groups of users, organizations, businesses/corporations, and locations. A system trust score may be calculated for an entity by combining a variety of factors, including verification data, a network connectivity score, publicly available information, and/or ratings data. A peer trust score targeted from a first entity to a second entity may also be calculated based on the above factors. In some embodiments, the peer trust score may be derived from the system trust score for the target entity and may take into account additional factors, including social network connections, group/demographic info, and location data. Finally, a contextual trust score may be calculated between the first and second entities based on a type of transaction or activity to be performed between the two entities.