Abstract: A device includes a memory and a processor. The processor is to execute the instruction to: receive, from a user device, a username of a user and a string; retrieve a first Message Authentication Code (MAC) and a salt from a database in response to receiving the username and the string; send the first MAC, the salt, and one or more parameters to a Hardware Security Module (HSM); receive, from the HSM, a message indicating whether the first MAC matches a second MAC that the HSM generates based on the one or more parameters and the salt. In addition, the processor to perform one of: authenticate the user when the message indicates that the first MAC matches the second MAC; or not authenticate the user when the message indicates that the first MAC does not match the second MAC.

Abstract: A method, a device, and a non-transitory storage medium are described in which an pre-authentication service is provided. The service may support a transport layer security handshake and determine authentication based on the initial message. The service may provide for the generation of a message that initiates a handshake between devices in which the message includes an authentication string used for authentication. The service may provide for the generation of another authentication string for comparison. The service may also support authorization of a device. The service may minimize potential malicious attacks and activities between the devices.

Abstract: A device includes a memory and a processor. The processor is to execute the instruction to: receive, from a user device, a username of a user and a string; retrieve a first Message Authentication Code (MAC) and a salt from a database in response to receiving the username and the string; send the first MAC, the salt, and one or more parameters to a Hardware Security Module (HSM); receive, from the HSM, a message indicating whether the first MAC matches a second MAC that the HSM generates based on the one or more parameters and the salt. In addition, the processor to perform one of: authenticate the user when the message indicates that the first MAC matches the second MAC; or not authenticate the user when the message indicates that the first MAC does not match the second MAC.

Abstract: A device includes a memory and a processor. The processor is to execute the instruction to: receive, from a user device, a username of a user and a string; retrieve a first Message Authentication Code (MAC) and a salt from a database in response to receiving the username and the string; send the first MAC, the salt, and one or more parameters to a Hardware Security Module (HSM); receive, from the HSM, a message indicating whether the first MAC matches a second MAC that the HSM generates based on the one or more parameters and the salt. In addition, the processor to perform one of: authenticate the user when the message indicates that the first MAC matches the second MAC; or not authenticate the user when the message indicates that the first MAC does not match the second MAC.

Abstract: A device includes a memory and a processor. The processor is to execute the instruction to: receive, from a user device, a username of a user and a string; retrieve a first Message Authentication Code (MAC) and a salt from a database in response to receiving the username and the string; send the first MAC, the salt, and one or more parameters to a Hardware Security Module (HSM); receive, from the HSM, a message indicating whether the first MAC matches a second MAC that the HSM generates based on the one or more parameters and the salt. In addition, the processor to perform one of: authenticate the user when the message indicates that the first MAC matches the second MAC; or not authenticate the user when the message indicates that the first MAC does not match the second MAC.

Abstract: Systems and methods validate that subscriber identity module (SIM) number of an end device connected to a network is the same number that was activated for that device. A network device in a network obtains a SIM number and a universal identifier (UID) for the end device during an activation procedure. The network device generates a unique SIM authentication code based on the SIM number, the UID, and a master key. The network device sends the unique SIM authentication code to the end device as part of the activation procedure. After activation, the network device receives, from the end device, an authentication message that includes a first one-time password (OTP), the UID, a time value, the SIM number, and the SIM authentication code. The network device generates a second OTP based on the UID, the time value, the SIM number, and the master key and validates a pairing of the end device and the SIM number when the two OTPs match.

Abstract: Systems and methods validate that a subscriber identity module (SIM) number of an end device connected to a network is the same number that was activated for that device. A network device obtains a SIM number and a device universal identifier (UID) during an activation procedure. The network device generates a unique SIM authentication code based on the SIM number, the UID, and a master key. The network device sends the SIM authentication code to the end device during activation. After activation, the network device receives, from the end device, an authentication message that includes a first one-time password (OTP), the UID, a time value, the SIM number, and the SIM authentication code. The network device generates a second OTP based on the UID, the time value, the SIM number, and the master key and validates pairing of the end device and the SIM number when the two OTPs match.