A method is disclosed for implementing trust Internet of Things (IoT) services in an IoT device and a user device. The IoT device receives from the user device an authentication request comprising a hash value, first encrypted information and second encrypted information, where the IoT device determines whether the user device is successfully authenticated based on determining the user device public key and confirming that the user device public key exists in a list of access permitted user devices of the IoT device.

In accordance with some embodiments, an apparatus for privacy protection is provided. The apparatus includes a housing arranged to hold a personal communication device and a peripheral interface supported by the housing, where the peripheral interface is connectable to a supplemental functional device. The apparatus further includes a local communication device coupled to the peripheral interface and supported by the housing, where the local communication device includes a personal communication device interface modem operable to provide a communication channel between the peripheral interface and the personal communication device. The apparatus further includes a controller coupled to the peripheral interface and the local communication device, where the controller is operable to manage the communication channel between the supplemental functional device and the personal communication device.

Systems, methods, and software described herein manage traffic rules in association with fully qualified domain names (FQDNs). In one implementation, a domain name system (DNS) security service obtains notifications associated with an FQDN included in DNS requests. In response to the notifications, the DNS security service generates scores for the FQDN based on trust factors associated with the FQDN and determines traffic rules based on the scores.

A method and apparatus for enhanced voice mail envelope information using enhanced calling name (eCNAM) and caller identity analytic functions in a wireless communication system is provided. A network determines to use a voice mail associated with a call based on a determination that the call is missed or rejected by a user equipment (UE) or a paging is unsuccessful, and stores enhanced calling name (eCNAM) related envelope information for the voice mail. The eCNAM related envelope information includes (i) a caller identity analytic data for the call, (ii) a caller identifier (ID) for the call, (iii) a trust level of the caller ID, and (iv) a time stamp for the voice mail. The network transmits, to the UE, the voice mail and the eCNAM related envelope information.

A method performed by a network equipment of a communication network to dynamically provide trust information to a communication device registered or being registered to the communication network is provided. The method includes determining a trust information for each of one or more access networks. The trust information indicates whether each of the one or more access networks is trusted. The method further includes indicating to the communication device whether the one or more access networks is trusted for a current session or a later session. A method performed by a communication device registered or being registered with a communication network to dynamically receive trust information is also provided. The method includes receiving a message including a protected trust information list from a network equipment. The method further includes verifying the protection of the message. The method further includes storing the protected trust information list.

Apparatus and method for device and data authentication in a computer network, such as but not limited to an IoT (Internet of Things) network. In some embodiments, a trust hub device is coupled to an interconnectivity device. The trust hub device includes a controller and non-volatile memory (NVM), and may be a network capable data storage device. The interconnectivity device is configured as an Internet of Things (IoT) or Operational Technology (OT) device, and includes a controller and a sensor. Data from the sensor are transferred from the interconnectivity device to the trust hub device. The trust hub device proceeds to attest a provenance of the data from the sensor to a remote entity associated with the interconnectivity device. The trust hub device includes a firewall to the external network, establishes a root of trust for the local interconnectivity device, and performs enrollment and signing services for the interconnectivity device.

A device can establish operational credentials for enabling the device to provide an attestation of the device's identity to another party, by performing a method comprising: obtaining bootstrap credentials from a hardware secure element or a trusted execution environment (TEE) of the device; using the bootstrap credentials to establish a secure session with an enrolment server; and via the secure session, establishing the operational credentials with the enrolment server.

Technologies are shown for secure management of evaluation data that involves receiving an evaluation value signal from a source, the evaluation value signal relating to an evaluation entity having an evaluation score secured on an evaluation data blockchain and verifying whether the source is identified in trusted source data. If the source is trusted, then the technology involves obtaining a weight associated with the source, obtaining the evaluation score for the evaluation entity from a first evaluation data block in the evaluation data blockchain, where the first evaluation data block is a most recent evaluation data block in the evaluation data blockchain, calculating a new evaluation score based on the evaluation score obtained from the first evaluation data block and the received valuation signal weighted according to the weight associated with the source, and securely committing the new evaluation score to the evaluation data blockchain in another evaluation data block.

Systems, methods, and computer-readable media are provided for managing mutual and transitive trust relationships between resources, such as Fog/Edge nodes, autonomous devices (e.g., IoT devices), and/or analog/biological resources to provide collaborative, trusted communication over a network for service delivery. Disclosed embodiments include a subject resource configured to assign an observed resource to a trust zone based on situational and contextual information. The situational information may indicate a vector of the observed resource with respect to the subject resource. The contextual information may be based in part on whether a relationship exists between the subject resource and the observed resource. The subject resource is configured to determine a trust level of the observed resource based on the determined trust zone. Other embodiments are disclosed and/or claimed.

It is recognized herein that current messaging protocols for internet of things (IoT) architectures are often weak from a security perspective, and are often poorly suited for resource-constrained devices. An example IoT system described herein combines device authentication and application-layer key establishment using facilities of IoT messaging protocols. The IoT system may include a Trust Broker, which acts as a registration point for devices, and an edge gateway, which manages communication between a given device and the trust broker (and IoT servers). The edge gateway may acquire a trusted role, such that it may be a secure intermediary for device-server messaging, and such that it can facilitate authentication of devices to services.