Abstract: According to a first aspect, it is presented a method, executed in a gateway, the gateway being arranged to facilitate communication between a client device and an application server. The method comprises the steps of: receiving a client request from the client device, the client request comprising at least a portion being bound for the application server; sending an application server request to the application server; receiving an application server response from the application server, the application server response indicating a need to provide authentication; establishing at least one authentication credential using an authentication server for a connection between the client device and the application server; and sending a client response to the client device, the client response being based on the application server response and comprising the at least one authentication credential. An associated gateway, client device, vehicle, computer program and computer program product are also presented.

Abstract: A method performed by a communications system, for authenticating a station, STA, to access a network is provided. The STA is capable of communicating with a light source. The method includes sending, by a management server to a controller of the light source, network access information, sending, by the light source to the STA, the received network access information, which network access information is sent to the STA via a Visual Light Communication (VLC) channel. The VLC channel is emitted from the light source and received by a light detector in the STA The STA is authenticated to the network by sending the received network access information to an Access Point (AP) operating in the network in which the STA communicates with the AP via a communication channel.

Abstract: According to one aspect is provided a method for establishing a secure connection between a client device and a network gateway. The method is performed by an access point. The method comprises establishing a first secure connection between the access point and the network gateway. The method comprises establishing a second secure connection serving as a virtual private network tunnel between the client device and the network gateway. There is also provided corresponding methods as performed by the client device and the network gateway.

Abstract: Systems and methods for increasing the value of trash. By increasing the value of trash, persons have an incentive to collect litter and deposit the collected litter at an appropriate trash collection site (e.g., garbage can, reverse vending machine, recycling center, etc.). In one aspect, a financial instrument (e.g., a Bitcoin, Bitcoin-like value, account identifier, or any other financial instrument) or a pointer to a financial instrument is attached to the object itself or placed inside of the object in a way that is not easily extracted before appropriate time.

Abstract: A network slice selection involves authenticating, by an identity manager (1) of a network operator (4), a user device (8) and/or user based on a network attachment request originating from the user device (8) to correlate the user device (8) and/or user to a network slice of multiple network slices (3) provided by the network operator (4). The identity manager (1) authorizes access to a network slice (3) of the network slice type based on credentials of the user device (8) and/or user. The identity manager (1) provides information of an entry point to an application provided by the network slice (3) for transmission to the user device (8).

Abstract: The disclosure relates to methods and nodes for mapping a subscription in a network (10) to a service user identity, wherein a communication device (12) accesses the network (10) using the subscription, and wherein the service user identity is used for accessing a service provided by the first network node (16). The method (30) comprises receiving (31), from the communication device (12) a request for a service, the request comprising an authenticated service user identity, providing (32), in response to the request, the communication device (12) access to the service, receiving (33), from the communication device (12), a message comprising a token identifying a mapping of the service user identity to the subscription, and verifying (34) that a service user identity obtained from the token corresponds to the service user identity used when providing access to the communication device (12).

Abstract: It is disclosed a method of establishing a secure connection between a device and a network-based entity, NAF, via an access gateway, where the device and a network-based bootstrapping server, BSF, have a pre-established trust relationship. The method comprises the access gateway acting as a proxy between the device and the BSF. A reference to a NAF received from the BSF is used to securely authenticate the device to the NAF. An identity of the access gateway is sent to the NAF and the identity is sued to authorise the device to use the access gateway. The access gateway identity is authenticated at the BSF and/or the NAF. The access gateway may relay messages to the device over a non-HTTP link.

Abstract: The disclosure relates to methods and nodes for mapping a subscription in a network (10) to a service user identity, wherein a communication device (12) accesses the network (10) using the subscription, and wherein the service user identity is used for accessing a service provided by the first network node (16). The method (30) comprises receiving (31), from the communication device (12) a request for a service, the request comprising an authenticated service user identity, providing (32), in response to the request, the communication device (12) access to the service, receiving (33), from the communication device (12), a message comprising a token identifying a mapping of the service user identity to the subscription, and verifying (34) that a service user identity obtained from the token corresponds to the service user identity used when providing access to the communication device (12).

Abstract: A method (200) of establishing a secure connection (213) between a master device (101) and a slave device (102), sharing at least a first communication channel, is provided. The method comprises transmitting (201) an identifier IDM of the master device over the first communication channel, generating (202) a proof-of-possession XS of a key KS, using KS IDM, and a first identifier I DSi of the slave device, generating (202) a key MKS using IDM, I DSi, and KS storing (204) MKS, and transmitting (203) I DSi and XS to the master device. The method further comprises transmitting (205) IDSi, XS and IDM, to a bootstrapping server, acquiring (206) KS using IDSi, and generating (207) a proof-of-possession XB of KS using KS, IDM, and IDSi. The method further comprises, if XB and XS are identical (208), generating (210) a key MKB using IDM, I DSi, and KS, and transmitting (211) MKB to the master device where it is stored (212).

Abstract: It is presented a method, executed in a gateway, the gateway being arranged to facilitate communication between a client device and an application server. The method comprises the steps of: sending a request for an electronically transferable subscriber identity module, the request comprising an identifier based on an identity of the client device; receiving a response indicating that an electronically transferable subscriber identity module, generated based on the identifier, is available; downloading the electronically transferable subscriber identity; and storing the electronically transferable subscriber identity module with an association to the client device, along with any previously stored electronically transferable subscriber identity modules. A corresponding gateway, computer program and computer program product are also presented.

Abstract: According to a first aspect, it is presented a method, executed in a gateway, the gateway being arranged to facilitate communication between a client device and an application server. The method comprises the steps of: receiving a client request from the client device, the client request comprising at least a portion being bound for the application server; sending an application server request to the application server; receiving an application server response from the application server, the application server response indicating a need to provide authentication; establishing at least one authentication credential using an authentication server for a connection between the client device and the application server; and sending a client response to the client device, the client response being based on the application server response and comprising the at least one authentication credential. An associated gateway, client device, vehicle, computer program and computer program product are also presented.