A method performed by a server node for handling access control of a request to access information from a first user is provided. Based on a group identity, the server node establishes that a first UE uses a DA that is shared. The server node decides whether the first user of the first UE is enforced to access control to get access to the requested information, based on the type of information requested, the voice profile identity and that the DA for providing the voice message is shared.

A method performed by a server node for handling access control of a request to access information from a first user is provided. Based on a group identity, the server node establishes that a first UE uses a DA that is shared. The server node decides whether the first user of the first UE is enforced to access control to get access to the requested information, based on the type of information requested, the voice profile identity and that the DA for providing the voice message is shared.

A same wireless access profile is installed on each of multiple mobile communication devices. The wireless access profile includes outer identity information and anonymous inner identity information for each service. The anonymous inner identity information includes a credential used by each of the multiple mobile communication devices to use the service. To use the service such as access a remote network, a respective mobile communication device communicates an anonymous username and password assigned to the service to a policy server during first level authentication. The policy server stores a network address of the authenticated mobile communication device. During second level authentication, the policy server receives an identity of the mobile communication device from a network gateway. The policy server provides access control information (assigned to the service) to the network gateway. The network gateway then provides access to the mobile communication device in accordance with the access control information.

To protect and ensure security and/or privacy, an access point and a wireless network device can exchange capabilities information. The capabilities information can indicate that each of the access point and the wireless network device support generation of an association identifier association media access control (A-AMAC) identifier. The A-AMAC identifier is based on an association identifier (AID) (that is assigned by the access point and associated with the wireless network device) and any other information exchanged between the access point and the wireless network device. The A-AMAC identifier once generated can be stored by the access point. The A-AMAC identifier is then used for post association communications between the access point and the wireless network device. As the A-AMAC identifier is a unique identifier for the association of the access point and the wireless network device, tracking of the wireless network device is thwarted or inhibited.

To protect and ensure security and/or privacy, an access point and a wireless network device can exchange capabilities information. The capabilities information can indicate that each of the access point and the wireless network device support generation of an association identifier association media access control (A-AMAC) identifier. The A-AMAC identifier is based on an association identifier (AID) (that is assigned by the access point and associated with the wireless network device) and any other information exchanged between the access point and the wireless network device. The A-AMAC identifier once generated can be stored by the access point. The A-AMAC identifier is then used for post association communications between the access point and the wireless network device. As the A-AMAC identifier is a unique identifier for the association of the access point and the wireless network device, tracking of the wireless network device is thwarted or inhibited.

A client computing device may obtain access to protected resources with a proof-of-possession (Pop) token. The client computing device may request an access token from an authorization server via an application server. The request may include key material (e.g., token binding type, key, and key parameters) that the client computing device possesses or has access to, such as a public key of an asymmetric public/private key pair. In some embodiments, the public key may be a confirmation (CNF) key, which may be added to the access token and JWT signed by the authorization server. The private key may be retained by the client, who may then use the PoP token to prove possession of the private key.

A system and method are provided for a network device for use with a client device having a hostname and a MAC address. The network device contains a memory that has a second hostname and a second MAC address stored within the memory. The second MAC address corresponds to the second hostname. The memory also contains a processor configured to execute instructions stored on the memory to cause the network device to: receive, from the client device, the hostname and the MAC address; determine whether the MAC address is randomized; provide an instruction to the client device to inform a user of the client device that the client device hostname is registered when the hostname matches the second hostname and the MAC address is randomized.

A communication node relays data between equipment communicating with each other via a multi-hop network based on a multi-hop manner, records a predetermined kind(s) of data among the relayed data, checks validity of the equipment by matching the predetermined kind(s) of data against past data recorded by the recording part, and outputs a check result of the validity of the equipment to a predetermined output destination(s).

A communication node relays data between equipment communicating with each other via a multi-hop network based on a multi-hop manner, records a predetermined kind(s) of data among the relayed data, checks validity of the equipment by matching the predetermined kind(s) of data against past data recorded by the recording part, and outputs a check result of the validity of the equipment to a predetermined output destination(s).

A system and method for managing access to entity identity data are described. The system comprises a communications module; a processor coupled with the communications module; and a memory coupled to the processor and storing processor-executable instructions which, when executed by the processor, configure the processor to authenticate a remote device as being associated with an entity; receive, via the communications module and from the remote device, pre-consent data identifying one or more third parties permitted to access entity identity data for the entity; store, in the memory, the pre-consent data in association with the entity; receive, via the communications module and from a digital identity network, a signal representing a request to release the entity identity data to the third party; determine, based on the pre-consent data, that the entity identity data is to be released to the third party; and initiate release of the entity identity data to a computing device associated with the third party.