A method and apparatus for enhanced voice mail envelope information using enhanced calling name (eCNAM) and caller identity analytic functions in a wireless communication system is provided. A network determines to use a voice mail associated with a call based on a determination that the call is missed or rejected by a user equipment (UE) or a paging is unsuccessful, and stores enhanced calling name (eCNAM) related envelope information for the voice mail. The eCNAM related envelope information includes (i) a caller identity analytic data for the call, (ii) a caller identifier (ID) for the call, (iii) a trust level of the caller ID, and (iv) a time stamp for the voice mail. The network transmits, to the UE, the voice mail and the eCNAM related envelope information.

A method for provisioning a network device can include, on a network device in a factory-default state and having a factory-installed Secure Zero Touch Provisioning (SZTP) agent, enabling a wireless communication capability of the network device. Upon detecting the wireless communication capability being enabled, the SZTP agent attempts to establish a connection with an SZTP application on a computing device in close proximity to the network device. Once connected, the SZTP agent requests SZTP bootstrap information from the SZTP Application, receives SZTP artifacts, and determines whether the SZTP artifacts contain redirect information to an SZTP bootstrap server. If so, the SZTP agent validates the redirect information and attempts to connect to the SZTP bootstrap server. Once connected, the SZTP agent attempts to retrieve network device provisioning artifacts from the SZTP bootstrap server and provisions the network device using the network device provisioning artifacts retrieved from the SZTP bootstrap server.

The invention provides methods, systems and computer program products for implementing an electronic payment transaction between mobile communication device and a NFC enabled merchant device, both of which are configured to implement a defined communication protocol. The invention implements the required functionality by (i) receiving a request for a trust token from a merchant device, (ii) determining whether the merchant device is trustworthy, (iii) responsive to a determination that the merchant device is trustworthy, generating and transmitting a first displayable trust token to the merchant device, (iv) receiving a second displayable token from the mobile communication device, (v) comparing the received second displayable token against the first displayable token, and generating a merchant device validation message based on the comparison, and (vi) transmitting the merchant validation decision message to the mobile communication device.

Techniques and devices for circumventing wireless data monitoring in communications between a communication device and a proxy server, as well as systems and techniques for detecting and resolving vulnerabilities in wireless data monitoring systems are described herein. The techniques for circumventing wireless data monitoring may include manipulating a routing table of a communication device, encapsulating data in an unmonitored protocol, and transmitting the encapsulated data in a bearer, or communications channel, to a proxy server that fulfills requests included in the encapsulated data. Furthermore, the techniques for detecting and resolving network vulnerabilities may include restricting protocols by bearers in an Access Control List, limiting a bandwidth of a bearer, or protecting a routing table in a secure location of the communication device.

The present disclosure is related to methods, UEs, and network nodes for trust validation of location information. A method at a UE for verifying location information from another UE comprises: receiving, from the other UE, reference location information and updated location information; determining whether the reference location information is valid or not; determining whether the updated location information is valid or not at least based on the reference location information in response to determining that the reference location information is valid.

Presented are systems and methods for user equipment location verification. A first network node may perform location verification of a wireless communication device. Whether to release a connection with the wireless communication device can be determined by a second network node.

The present disclosure describes providing an attestation level to a received communication. The attestation level may be used to communicate a level of security to a network or a called party that receives the communication. The attestation level associated with the communication may indicate to a destination network and/or recipient that the phone number associated with the communication is secure and/or the telephone number has not been spoofed. Determining the attestation level comprises comparing information associated with the communication with stored information and assigning a code based on the comparison. The code may be translated to a tag value that is used to direct the communication to a signing server for attesting the communication at the determined attestation level.

A customer-premises equipment, CPE receives from a connected device via a first encrypted wireless connection an active media access control, MAC, address and a true MAC address of the connected device. The CPE receives from the connected device via a second wireless connection a data communication that contains the active MAC address of the connected device and omits the true MAC address of the connected device. In response to the CPE detecting that the data communication is addressed to an internal service within the CPE, the CPE associates the true MAC address of the connected device with the data communication, and transmits to the internal service the data communication that contains the active MAC address of the connected device and is associated with the true MAC address of the connected device.

This application pertains to the field of communication technologies, and provides a communication method and apparatus, to avoid a security risk during cross-domain access. In the method, when a second network element in a second trust domain requests, in a cross-domain manner, a first network element in a first trust domain to provide a corresponding service, the first network element may perform end-to-end verification, that is, trigger verification on whether the second network element is trusted, so that the first network element provides the service for the second network element only when it is determined that the second network element is trusted. In this way, a security risk during cross-domain access can be avoided.

Methods and systems for managing trust in distributed are disclosed. To manage trust, a behavior and characteristic based trust model may be used. The trust model may utilize similarity between devices and public activity of devices over time to ascertain levels of trust that should be afforded devices of the distributed system. The levels of trust may be used to ascertain whether requests from devices of the distributed systems should be honored, or rejected. The trust models may facilitate establishment of trust in environments where physical intrusion based threats are present.