Provided are a wireless communication method, a network device and a terminal device. The method includes: after acquiring a PSI parameter of a terminal device, a first network device determines whether to update policy information of the terminal device, wherein the PSI parameter is used for identifying a part of policy information for the terminal device under a subscribed user. In an implementation of the present disclosure, after acquiring a Policy Section Identifier (PSI) parameter of a terminal device, a first network device directly determines whether to update policy information of the terminal device.

A method, apparatus and computer program product may be provided for signaling-based remote provisioning and updating of protection policy information in a SEPP of a visited network. A method may include obtaining, at a home network node (hSEPP), protection policy information from a local repository in a home network or via configuration. The hSEPP is a network node at a boundary of the home netowork, and the home network is a public land mobile network (hPLMN). The method includes distributing, via a signaling interface, the protection policy information to a visited network node (vSEPP) within a visited network (vPLMN). The vSEPP is a network node at a boundary of a second network. The protection policy information includes information regarding protection of signaling messages addressed for network functions (NFs) hosted in the hPLMN and is configured for enabling the vSEPP to selectively protect outgoing messages to hSEPP in the home network.

Techniques for providing network slice-based security in mobile networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for network slice-based security in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting network slice information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the network slice information.

A computer device may include a memory storing instructions and processor configured to execute the instructions to host a network function container that implements a microservice for a network function in a wireless communications network, wherein the network function container is deployed by a container orchestration platform; host a service proxy container associated with the network function container, wherein the service proxy container is deployed by the container orchestration platform; and configure the hosted service proxy container to apply a wireless network policy to the microservice for the network function. The processor may be further configured to intercept messages associated with the microservice for the network function using the configured service proxy container; and apply the wireless network policy to the intercepted messages using the configured service proxy container.

An occupant-dependent setting system for a vehicle includes a setting processor, a server apparatus including a server memory, and first and second authentication processors. On the condition that the occupant is authenticated by the first authentication processor, the second authentication processor acquires, from the vehicle, data regarding the occupant and data regarding the vehicle, and authenticates a combination of the occupant and the vehicle. On the condition that the combination of the occupant and the vehicle is unauthenticatable by the data regarding the occupant and the data regarding the vehicle, the second authentication processor authenticates the combination of the occupant and the vehicle, by a combination of account data regarding the occupant and the vehicle. The account data is held by an occupant terminal of the occupant on board the vehicle to make access to the server apparatus.

There may be provided a method that includes receiving or generating a first plurality (N) points within a first multi-dimensional space that has M dimensions; M being a positive integer that is smaller than N; wherein the N points represent one or more behaviors of the one or more IOT devices; wherein a clustering of the N points within the first multi-dimensional space results in at least some clusters that are inseparable from each other; generating a representation of the N points within a second multi-dimensional space that has at least N dimensions; wherein a clustering of the N points within the second multi-dimensional space results in clusters that are separable from each other; calculating projections of the N points on a sub-space that has a second plurality (Q) of dimensions; wherein Q is a function of a relationship between a number (K) of clusters and an allowed error (ε); computing a core-set that comprises a weighted subset of the projections; clustering the projections of the weighted subset to provide current clusters; and identifying the one or more IOT devices based on a relationship between the current clusters and identification information regarding IOT devices of known identity.

Systems and methods are disclosed with respect to using a blockchain for managing the subrogation claim process related to a vehicle collision, in particular, utilizing evidence oracles as part of the subrogation process. An exemplary embodiment includes receiving recorded data from one or more connected devices at a geographic location; analyzing the recorded data, wherein analyzing the recorded data includes determining that an collision has occurred involving one or more vehicles; generating a transaction including the data indicative of the collision based upon the analysis; and transmitting the transaction to at least one other participant in the distributed ledger network.

Examples relate to a method and a device for wireless access authentication. The method is applied to an intelligent gateway which is previously associated with account information of a user. The intelligent gateway may receive an access authentication packet comprising an authentication identification indicating a terminal device; the intelligent gateway may construct an identity verification packet comprising an authentication identification indicating the terminal device and an association account identification indicating an account registered on the intelligent gateway; the intelligent gateway may send the identity verification packet to a cloud server; the intelligent gateway may permit a terminal device corresponding to authentication identification carried in a verification success packet returned by the cloud server to pass the access authentication.

This disclosure provides methods, devices and systems for a vehicle user equipment (VUE) to obtain extrinsic information about an object or location. The VUE may transmit a request for information about the object or the location to a road side unit (RSU). The RSU may receive the request and determine a set of extrinsic information for the first UE regarding the object or the location based on a set of information from one or more other UEs. The extrinsic information includes information that is not provided by the VUE. The RSU may transmit the set of extrinsic information to the VUE. The VUE may determine whether to accept a feature of the object or the location in the extrinsic information based on the set of extrinsic information and a set of intrinsic information detected by the VUE, The VUE may select an autonomous driving action based on the accepted feature.

A system is disclosed for managing a communication network subscription identifier associated with a device. The system comprises a Core Network node configured to provide a subscription identifier for the device to a Device Management node with management responsibility for the device. The system further comprises a Verification node configured to receive from the Device Management node the subscription identifier and a characteristic of the device, and to bind the subscription identifier to the characteristic such that the subscription identifier is uniquely associated with the characteristic. The system further comprises a Network Access node configured to obtain the subscription identifier from the device. The Verification node, Network Access node and Core Network node are configured to cooperate to verify that the device from which the Network Access node obtained the subscription identifier is in possession of the characteristic that is bound to the subscription identifier.