Aspects of the disclosure provide various methods relating to enclaves. For instance, a method of authentication for an enclave entity with a second entity may include receiving, by one or more processors of a host computing device of the enclave entity, a request and an assertion of identity for the second entity, the assertion including identity information for the second identity; using an assertion verifier of the enclave entity to determine whether the assertion is valid; when the assertion is valid, extracting the identity information; authenticating the second entity using an access control list for the enclave entity to determine whether the identity information meets expectations of the access control list; when the identity information meets the expectations of the access control list, completing the request.

Methods to support User Plane Separation (UPS) and User Plane Local offloading (UPL) for Fifth Generation (5G) non-Third Generation Partnership Project (3GPP) access are provided, including solutions for untrusted non-3GPP, trusted non-3GPP, and fixed/wireline communications via a Non-3GPP interworking Function (N3IWF) node. Three UPS solutions methods are provided, as well as UPL solution methods for 5G non-3GPP access involving N3IWFs with or without separated Control Plane (CP) and User Plane (UP) that are combined with a User Plane Function (UPF). Solutions to allow multiple CP entities to control the same single UP entity are also provided.

Methods to support User Plane Separation (UPS) and User Plane Local offloading (UPL) for Fifth Generation (5G) non-Third Generation Partnership Project (3GPP) access are provided, including solutions for untrusted non-3GPP, trusted non-3GPP, and fixed/wireline communications via a Non-3GPP interworking Function (N3IWF) node. Three UPS solutions methods are provided, as well as UPL solution methods for 5G non-3GPP access involving N3IWFs with or without separated Control Plane (CP) and User Plane (UP) that are combined with a User Plane Function (UPF). Solutions to allow multiple CP entities to control the same single UP entity are also provided.

A method, system and computer-usable medium are disclosed for migrating data from a legacy computer system to a new computer system. Certain aspects include instantiating a wireless portal at a new computer system using a passcode and a randomly generated key, wherein the passcode is generated using the randomly generated key and a private key; displaying the randomly generated key at the new computer system; setting up a wireless peer-to-peer connection between a legacy computer system and the wireless portal by entering the randomly generated key in a second application executed at the legacy computer system; and migrating data from the legacy computer system to the new computer system using the peer-to-peer wireless connection.

A method, system and computer-usable medium are disclosed for migrating data from a legacy computer system to a new computer system. Certain aspects include instantiating a wireless portal at a new computer system using a passcode and a randomly generated key, wherein the passcode is generated using the randomly generated key and a private key; displaying the randomly generated key at the new computer system; setting up a wireless peer-to-peer connection between a legacy computer system and the wireless portal by entering the randomly generated key in a second application executed at the legacy computer system; and migrating data from the legacy computer system to the new computer system using the peer-to-peer wireless connection.

Secure communication for autonomous vehicles can be increased by performing authentication operations before nodes, such as vehicles, roadside equipment (RSE), or base stations, are within communications range. A digital certificate management system for mobile nodes, including for moving vehicles, can facilitate ultra fast communications between vehicles and other nodes. The RSE can propagate vehicle node data, comprising direction, speed, or estimated time of arrival, to other vehicles and/or other RSEs. Consequently, this propagation of data prior to the communication between nodes can facilitate an efficient authentication system.

A method for leveraging a universal credential in an access control system according to one embodiment includes generating, by a cloud system, a CBOR web token for user access to at least one electronic lock, wherein the CBOR web token includes a group tag associated with a set of access rights for a group of users and a cryptographic signature, transmitting the CBOR web token to a user mobile device, receiving, by a first electronic lock, the CBOR web token from the user mobile device for access to a passageway secured by the first electronic lock, verifying an authenticity of the cryptographic signature of the CBOR web token and that the group tag of the CBOR web token is associated with a group authorized to access the passageway secured by the first electronic lock, and unlocking a lock mechanism in response to the verifications.

A method for leveraging a universal credential in an access control system according to one embodiment includes generating, by a cloud system, a CBOR web token for user access to at least one electronic lock, wherein the CBOR web token includes a group tag associated with a set of access rights for a group of users and a cryptographic signature, transmitting the CBOR web token to a user mobile device, receiving, by a first electronic lock, the CBOR web token from the user mobile device for access to a passageway secured by the first electronic lock, verifying an authenticity of the cryptographic signature of the CBOR web token and that the group tag of the CBOR web token is associated with a group authorized to access the passageway secured by the first electronic lock, and unlocking a lock mechanism in response to the verifications.

A display system includes: a transmission device that transmits image data; a reception device that is connected to the transmission device and receives the image data; and a display device that displays an image indicated by the image data received by the reception device. The reception device creates a connection code, creates a security key, which is used for connection with the transmission device, from the connection code, and transmits the connection code to the display device to cause the display device to display it. The display device displays the connection code. The transmission device creates the security key from the connection code having been inputted, and is connected to the reception device by using the security key.

A method for recovering a network key of an access point to a network, implemented by a terminal. The network key allows the terminal to be associated with the access point upon a first connection of the terminal to the access point. The network key recovery method includes: receiving, by the terminal, a network key provided by the access point on a server following a request, by the terminal to the server, for the network key of the access point, the request including an identifier of the access point and having been relayed by the server to the access point associated with the identifier of the access point in the request. Thus, as the access point does not transmit the network key directly to the terminal, but to a server on which the terminal will recover it, this limits intrusions into the network linked to the vulnerability of the Wi-Fi network.