A wireless User Equipment (UE) and an Access and Mobility Management Function (AMF) establish first and second active registrations and corresponding N1s. The UE and AMF deactivate the second active registration and establish a third active registration and corresponding N1. The UE and AMF exchange active N1 signaling for the first active registration and the third active registration. The UE and AMF exchange inactive N1 signaling for the second inactive registration.

Generally described, the presently disclosed technology utilizes managed Wi-Fi networks pre-installed throughout an MDU property to provide user-specific passphrases that can be used to access the single-SSID wireless network at the property and to provide a cloud portal that can enable convenient access to the functionalities (both by the resident and the manager) provided by the Wi-Fi controller and the Wi-Fi access points. By doing so, the Wi-Fi network management solutions described herein allow the users to experience the benefits of a shared Wi-Fi infrastructure, such as not having to set up and maintain their own Wi-Fi routers, while also allowing them to easily change their Wi-Fi settings from their connected devices.

A permissions management system is disclosed for enabling a user to securely authorize a third-party system to access user account data and initiate transactions related to a user account, without disclosing to the third-party system account credentials. The system enables the user to also securely de-authorize the third-party system. For example, records may be automatically generated that securely store account information, including one or more permissions related to the account and/or the third-party. A token associated with a record may be shared with the third-party system, but neither the record itself, nor the user account credentials, may be shared with the third-party. Accordingly, the third-party may request user account data and/or initiate transactions by providing the token, but does not itself know, e.g., the user account credentials. Further, the user may set various permissions related to the token, and may also revoke the token (e.g., de-authorize the third-party), thus providing increased security to the user's account.

Examples disclosed herein allow rules to he applied to a device from a service detected by the device. In one example, upon entering a service area, a device detects a service associated with the service area, wherein the service comprises rules to enable or disable parameters on devices, and the device then extracts a set of the rules from the service. As an example, the extracted set of rules corresponds to a group the device is associated with. The device determines whether conditions set for the extracted set of rules are met by the device and, if the conditions are met, the device applies the extracted set of rules to the device until the device exits the service area.

In general, in one aspect, a method includes receiving software code with an invalid characteristic, repeatedly attempting to execute the software code with the invalid characteristic on a device, and in response to successful execution of the software code with the invalid characteristic, taking an action. The action may include an action to remediate the device.

Systems and methods for detecting and interfering with compromised devices and unauthorized device relocation in a communication network are disclosed. The described embodiments may be deployed in a content delivery network where receivers have been compromised in a manner that renders the conditional access system (CAS) inoperative at controlling the receivers' ability to receive content. In some embodiments, alternate commands not protected by the CAS system may be used to detect hacked devices and interdict same. In some embodiments, service devices in the content delivery network may allow for detection of unauthorized device relocation.

The present disclosure provides a method for supporting UE access control. A base station is informed by a ProSe Function via a MME or informed by the MIME of information indicating whether a UE is authorized for a D2D service. The base station performs an access control to the UE according to the information indicating whether the UE is authorized for the D2D service. The present disclosure further provides a method in which a source base station informs a target base station of the information indicating whether the UE is authorized for a D2D service. The target base station performs an access control according to the information.

Disclosed is a mobile device to provide enhanced security based upon contextual sensor inputs. The mobile device may include: a biometric sensor; a contextual sensor; and a processor. The processor may be configured to: determine an authentication score based upon a biometric input received from the biometric sensor; modulate the authentication score based upon a contextual sensor input from the contextual sensor related to an event; and determine if the modulated authentication score falls below a predetermined threshold. If the authentication score falls below the predetermined threshold, the processor may command that a secondary authentication be performed.

A provider system is connected to readers disposed at distances from the provider system. A secure local connection is established between the client device and the provider system via one of the readers. Before the client reaches an access touchpoint, the provider system receives from the client device a request for client access, the provider system sends to the client device a request for identification information of the client, and the client device sends client information associated with a first mobile identification credential (MIC) which the client device received from an authorizing party system (APS), the client having consented to release the client information to the provider system, and the client information having been verified. The provider system uses the verified client information associated with the first MIC to verify or not verify the identity of the client before granting or denying the request to the client.

Disclosed herein is a method for updating authentication of a user equipment (UE) in a wireless communication system, including: receiving, by a relay UE, a first authentication request message for authenticating a first remote UE from a network, wherein the first authentication request message includes an ID of the first remote UE and authentication request information; acquiring authentication response information by performing an authentication-related procedure with the first remote UE; and transmitting a first authentication response message including the authentication response information and the ID of the first remote UE to the network, and authentication for the first remote UE may be performed based on the authentication response information.