The disclosure provides methods, apparatus, and products for evaluating trustworthiness of GNSS-based location estimates. In one aspect, a method comprises obtaining observation information corresponding to one or more access points observed by a computing device during a time period; obtaining a GNSS-based location estimate indicating an estimated location of the computing device during at least a portion of the time period; determining an access points count corresponding to a number of the one or more observed access points that satisfy a distance criteria relative to the GNSS-based location estimate; comparing the determined access point count to a pre-defined threshold access points count; and based on results of the comparison, providing, by the processor, an indication of whether or not the GNSS-based location estimate is trustworthy. The method may be performed by one or more processors in a cloud-based computing system in response to an API call from the computing device.

The present disclosure relates to the security of user devices connected to local networks, such as devices comprised in the Internet of Things' (IoT). An aspect relates to a computer-implemented method of securing functionality of a user device connected to a local network provided at a premises, the method comprising: determining a premises trust score indicative of a likelihood that an authorised user of the user device is present at the premises, the determining being in dependence on: (i) data received from one or more biometric-capable devices, distinct from the user device, connected to the local network, that data being indicative of continuous biometric authentication of a current user of the respective biometric-capable device; or (ii) a lack thereof; then causing the user device to respond to a request for functionality made through a local user interface it comprises in a manner which depends on the premises trust score.

A security platform architecture is described herein. A user identity platform architecture which uses a multitude of biometric analytics to create an identity token unique to an individual human. This token is derived on biometric factors like human behaviors, motion analytics, human physical characteristics like facial patterns, voice recognition prints, usage of device patterns, user location actions and other human behaviors which can derive a token or be used as a dynamic password identifying the unique individual with high calculated confidence. Because of the dynamic nature and the many different factors, this method is extremely difficult to spoof or hack by malicious actors or malware software.

Embodiments of the invention are directed assessing reliability between two computing devices. A distributed database may maintain reliability associations between pairs of computing devices. Each reliability association may indicate a particular device has determined (e.g., locally) that another device is reliable. In order to determine an amount of reliability between a first computing device and a second computing device, an ordered combination of the reliability associations may be determined utilizing the distributed database. The ordered combination of reliability associations may identify a reliability path between the first computing device and the second computing device. An amount of reliability may be determined based on the reliability path. An interaction between the devices may be allowed or restricted based at least in part on the amount of reliability between the computing devices.

According to some embodiments, there is provided a Collective Perception Message, CPM, characterizing a plurality of Vulnerable Road Users based on a plurality of received VAMs, thereby allowing an ITS station to efficiently aggregate VAM messages from VRUs and retransmit information about the VRUs to other ITS stations. Consequently, the security is improved as some ITS stations may not be able to detect or identify VRU stations by themselves but thanks to the CPM, these stations can still be informed of the VRUs. According to other aspects, congestion is avoided while maintaining safety vis-à-vis VRUs thanks to the use of a different transmission scheme when the VRU is already characterized in a CPM sent to the ITS stations. Also, a receiving station can evaluate whether the content of a CPM can be trusted or not. Safety is thus improved. This is achieved thanks to the CPM that references a certificate.

Systems and methods detect a potential hacking attack by monitoring the number and timing of DELBA (Delete Block Acknowledgement) action frames. When the number and timing of the DELBA action frames correspond to an unauthorized access pattern, an unauthorized access is detected. The potential unauthorized access may be detected by an access point (AP) or by the AP and a backend system. When a potential unauthorized access is detected, the AP may remain in silent mode for a longer period of time and limit access to the network to only trusted devices. In addition, an alarm or other notification of the potential unauthorized access may be provided to a user or other designated contact.

Apparatuses, methods, and systems are disclosed for selecting a non-3GPP access network. One apparatus includes a memory coupled to a processor configured to cause the apparatus to generate a list indicating a set of PLMNs and a respective trusted connectivity type associated with each PLMN of the set of PLMNs, select a PLMN from the set of PLMNs, select a trusted connectivity type associated with the selected PLMN, and select a non-3GPP access network from a set of non-3GPP access networks based on the non-3GPP access network supporting the selected trusted connectivity type associated with the selected PLMN and a priority of the non-3GPP access network. Additionally, the processor causes the apparatus to perform a connection procedure with the selected PLMN using the selected trusted connectivity type and via the selected non-3GPP access network.

A security platform architecture is described herein. The security platform architecture includes multiple layers and utilizes a combination of encryption and other security features to generate a secure environment.

Systems and methods enable the provisioning of security as a service for network slices. A network device stores definitions of multiple security assurance levels for network slices based on security parameters of assets used in the network slices. The network device stores multiple network slice templates, wherein the multiple network slice templates have different security assurance levels, of the multiple security assurance levels, for a Network Service Descriptor (NSD). The network device receives a request for a network slice with a requested security assurance level, of the multiple security assurance levels, for the NSD, and deploys the network slice using one of the network slice templates that has a security assurance level that corresponds to the requested security assurance level. The network device monitors the security parameters of the assets of the network slice for changes to the security assurance level of the deployed network slice.

Systems and methods are described for seamlessly connecting devices based on relationships between the users of the respective devices. A media guidance application may determine that a first user has entered an environment (e.g., his/her mother's home) and may determine a frequency with which the first user enters the environment (e.g., daily). In response to determining that the first user visits frequently, the media guidance application may identify a second device in the environment (e.g., a smart TV) that a second user (e.g., the first user's mother) is authorized to grant access rights for. The media guidance application may determine a likelihood that the second user will grant the access rights for the second device to the first user, based on interaction data between the first user and the second user. In response to determining a high likelihood, the media guidance application may transmit the access rights.