Systems and methods are provided to utilize information from a directory service to determine, at a layer-one network policy server, the appropriate layer-two network policy server to which an authentication request should be routed. For example, a first directory service group may be created that includes all users using a first authentication type, a second directory service group may be created that includes all users using a second authentication type, etc. The layer-one network policy server may periodically synchronize with the directory service to download information about users in the different directory service groups, update a markup language document with that information, and use the markup language document to help route incoming authentication requests to the correct layer-two network policy server for a particular authentication type. In addition, a priority may be set (and changed) by an administrator favoring one or more authentication types in a network.

An authority transfer system comprising a client, a resource server, a server that receives, from the client, an authorization request requesting permission to access to a resource managed by the resource server, and a user terminal possessed by an owner of the resource is provided. The server registers a first user terminal in accordance with a registration request of the first user terminal being received from the first user terminal, and determines whether or not a registered second user terminal can be deregistered in accordance with a registration cancellation request being received from the first user terminal, and if it is determined that the second user terminal can be deregistered, authenticates the first user terminal or the second user terminal, and deregisters the second user terminal in accordance with the authentication.

A communication device is provided that makes a single or a plurality of functions desired by a service user act on a packet desired by the service user in a service for transferring a packet in a network. A communication device is provided that includes a communication unit that communicates with another node and a control unit that controls the communication by the communication unit, in which the control unit generates path information with a target node, and in the path information with the target node, at least information regarding communication with at least a single relay node that exists between the communication device and the target node, information regarding a function to be performed by the relay node, and content of processing according to the function execution result by the relay node are written.

Apparatuses, systems, methods, and computer program products are presented for aggregation platform permissions. A hardware computing device is configured to aggregate a user's data from a first plurality of third-party service providers over a data network for the user to access through a second plurality of third-party service providers, the hardware computing device comprising a trusted intermediary between the first plurality of third-party service providers and the second plurality of third-party service providers. A permissions module is configured to monitor which of a second plurality of third-party service providers have access to which portions of data from which of a first plurality of third-party service providers. A graphical user interface is configured to display one or more user interface elements allowing a user to grant and/or revoke access to portions of data from a first plurality of third-party service providers individually to a second plurality of third-party service providers.

Aspects of the disclosure relate to an automated monitoring of proximate devices. A computing platform may cause a reporting device to detect a target device in a local network, retrieve network data associated with the target device, and send, to an intermediate server, the network data. The computing platform may send, to the intermediate server, a query. The intermediate server may send the network data in response to the query. Based on the network data, the computing platform may determine an amount of time that has elapsed since network activity was previously detected for the target device, and based on a determination that the amount of time exceeds a predetermined time threshold, the computing platform may generate an alert notification indicating that the target device may need to be traced. Subsequently, the alert notification may be sent to the reporting device.

A computer-implemented method of authenticating the identity of a user is provided, where the user is associated with a computer signature and is in possession of a cell phone. The method involves obtaining a current geographical location of the cell phone, determining if the computer signature is associated in a database with a stored geographical location of the phone, and, if the computer signature is associated in the database with a stored geographical location, comparing the stored geographical location to the current geographical location of the phone.

A wireless network association and authentication system includes an access point that is coupled to an authentication server via a first wireless network. The access point receives, from a first user device that associates with the access point, a first request for access to a second wireless network provided by the access point that is coupled to a wide area network through the first wireless network. The first request includes first authentication information. The access point provides the first request that includes the first authentication information to the authentication server via the first wireless network and receives a first authentication response from the authentication server via the first wireless network. In response to the first authentication response indicating that the first user device is authenticated, the access point provides the first user device access to the second wireless network.

Some implementations of the disclosure are directed to receiving, at an authentication server system, a distributed ledger address transmitted by a client device to identify itself during an authentication process for accessing a network, where the distributed ledger address corresponds to a distributed ledger network; transmitting an authentication challenge message from the authentication server to the client device; in response to transmitting the authentication challenge message from the authentication server to the client device, receiving at the authentication server, a response to the challenge message including a signature; and using at least the distributed ledger network to determine if the signature used to sign the response to the challenge message is associated with the distributed ledger address transmitted by the client device.

The disclosure is directed to providing content access control in information centric networking (ICN) networks. Methods and systems include hardware and/or software that perform operations for sending to a content provider of an ICN network an access request for content in response to receiving a first content request from a client. The operations also include receiving from the content provider access control information for the content. The operations further include sending to the client a challenge. Additionally, the operations include receiving from the client an authorization of the content provider that includes information obtained by the client from the content provider based on the challenge. Furthermore, the operations include verifying the authorization received from the client using the access control information received from the content provider. Moreover, the operations include sending to the client the content.

An endpoint computing device multi-network slice remediation/productivity system includes a core network system coupled to a RAN system and configured to allocate network slices and make them available for use in wireless communications via the RAN system. While operating in a pre-boot environment, an endpoint computing device determines that it is unable to transition to operating in a runtime environment and, in response, establishes a remediation network connection with a first network slice, and establishes a productivity network connection with a second network slice. While operating in a pre-boot environment and performing the remediation operations, the endpoint computing device then performs remediation operations via remediation wireless communications over the remediation network connection with the first network slice, and provides access to productivity application(s) that are configured to allow a user to perform productivity operations via productivity wireless communications over the productivity network connection with the second network slice.