A telecommunications network includes a serving network and a home network. In some examples the serving network receives, from the home network, identity data associated with a network terminal. The serving network determines a tied key using a tying key derivation function (TKDF) based on the identity data, then prepares an authentication request based on the tied key and sends the request to the terminal. In some examples, the home network receives the identity data from the access network and determines a tied key using a TKDF. The home network then determines a confirmation message based on the first tied key. In some examples, the serving network receives the identity data from the home network, and receives a network-slice selector associated with the network terminal. The serving network determines a tied key using a TKDF based on the identity data and the network-slice selector.

A network connection method, implemented using a first mobile terminal, includes: establishing a first wireless connection to a second mobile terminal; receiving subscriber identity information of a subscriber identity module SIM from the second mobile terminal via the first wireless connection; and establishing a second wireless connection to a network equipment using the subscriber identity information and the first wireless connection, the subscriber identity module SIM is provided in the second mobile terminal for sharing among devices.

A network connection method, implemented using a first mobile terminal, includes: establishing a first wireless connection to a second mobile terminal; receiving subscriber identity information of a subscriber identity module SIM from the second mobile terminal via the first wireless connection; and establishing a second wireless connection to a network equipment using the subscriber identity information and the first wireless connection, the subscriber identity module SIM is provided in the second mobile terminal for sharing among devices.

Aspects of the subject disclosure may include, for example, initializing a secure timer in a wireless device, determining whether a subscriber identification module (SIM) card installed in the wireless device comprises a carrier identity that matches a carrier identity stored in the machine-readable medium, establishing a network connection with a trusted server, starting the secure timer if the SIM card and network connection are satisfactory, periodically checking the network connection and SIM card until expiry of the secure timer, penalizing the secure timer responsive to a failure of the network connection or SIM card check, and responsive to expiry of the secure timer, unlocking a SIM lock. Other embodiments are disclosed.

Aspects of the subject disclosure may include, for example, initializing a secure timer in a wireless device, determining whether a subscriber identification module (SIM) card installed in the wireless device comprises a carrier identity that matches a carrier identity stored in the machine-readable medium, establishing a network connection with a trusted server, starting the secure timer if the SIM card and network connection are satisfactory, periodically checking the network connection and SIM card until expiry of the secure timer, penalizing the secure timer responsive to a failure of the network connection or SIM card check, and responsive to expiry of the secure timer, unlocking a SIM lock. Other embodiments are disclosed.

A method of verifying an identity of a wireless device. The method comprising receiving a calling station identity from a SIM of a wireless device, receiving a secure identifier derived by a secure element of the wireless device, comparing the received calling station identity to calling station identities of authorized wireless devices to identify obtain a corresponding wireless device identity, confirming whether the secure identifier is authentic and determining a second wireless device identity from the secure identifier, and comparing the first wireless device identity and the second wireless device identity to verify the identity of the wireless device.

Enabling the exchange of connection parameters where a user equipment (UE) lacks a secret shared with the network (e.g. a server), such as key materials, and lacks a valid certificate. In some embodiments, the connection parameters may be exchanged via EAP messages. In certain aspects, and particularly with respect to emergency attach, a simplified protocol is used with limited overhead because the UE does not attempt to authenticate the network, and the network does not attempt to authenticate the UE.

Enabling the exchange of connection parameters where a user equipment (UE) lacks a secret shared with the network (e.g. a server), such as key materials, and lacks a valid certificate. In some embodiments, the connection parameters may be exchanged via EAP messages. In certain aspects, and particularly with respect to emergency attach, a simplified protocol is used with limited overhead because the UE does not attempt to authenticate the network, and the network does not attempt to authenticate the UE.

A method of using subscriber identification information stored in mobile user equipment (UE) to connect to a communication service over a public wireless network in the UE, establishing a communication link between the UE and a device, generating network access information (NAI) associated with the communication service in the UE, and sending the NAI from the UE to the device via the communication link. The method further comprises connecting the communication service in the device using the NAI and terminating the connection of the communication service in the UE.

A location management device function is provided in an access network, and a base station identifies and authenticates a terminal device permitted to perform base station loopback communication on the basis of identification information on the terminal device received from the terminal device. With this configuration, provided is a communication control method and the like for the base station device that has lost connectivity to a core network, to permit only specific terminals to perform base station loopback communication.