Abstract: One or more lower-level attributes of a first network policy are translated to one or more higher-level attributes of the first network policy, and one or more lower-level attributes of a second network policy are translated to one or more higher-level attributes of the second network policy. The first network policy controls how first network traffic is handled, and the second network policy controls how second network traffic is handled. The one or more higher-level attributes of the first network policy are compared with the one or more higher-level attributes of the second network policy. Based on the comparing, it is determined whether the first network traffic and the second network traffic are handled in a functionally equivalent manner. If not, the first network policy is dynamically updated to generate an updated first network policy that causes the first network traffic to be handled in the functionally equivalent manner.

Abstract: A network security method is provided. The method includes obtaining, at a network security device, first network traffic from a network device destined for a potential attacker; determining if the first network traffic is suspicious; when the first network traffic is determined to be suspicious: generating second network traffic based on the context of the network device and the first network traffic; providing the second network traffic to the potential attacker; obtaining, from the potential attacker, third network traffic in response to the second network traffic; and designating the potential attacker as malicious based on the third network traffic is disclosed. An apparatus and one or more non-transitory computer readable storage media are also disclosed.

Abstract: One or more lower-level attributes of a first network policy are translated to one or more higher-level attributes of the first network policy, and one or more lower-level attributes of a second network policy are translated to one or more higher-level attributes of the second network policy. The first network policy controls how first network traffic is handled, and the second network policy controls how second network traffic is handled. The one or more higher-level attributes of the first network policy are compared with the one or more higher-level attributes of the second network policy. Based on the comparing, it is determined whether the first network traffic and the second network traffic are handled in a functionally equivalent manner. If not, the first network policy is dynamically updated to generate an updated first network policy that causes the first network traffic to be handled in the functionally equivalent manner.

Abstract: A network security method is provided. The method includes obtaining, at a network security device, first network traffic from a network device destined for a potential attacker; determining if the first network traffic is suspicious; when the first network traffic is determined to be suspicious: generating second network traffic based on the context of the network device and the first network traffic; providing the second network traffic to the potential attacker; obtaining, from the potential attacker, third network traffic in response to the second network traffic; and designating the potential attacker as malicious based on the third network traffic is disclosed. An apparatus and one or more non-transitory computer readable storage media are also disclosed.

Abstract: A method, a network base station, and a user device for pausing a communication connection initiation are disclosed. A processor 210 may begin a communication connection initiation between an origin user device and a target user device. The processor 210 may pause the communication connection initiation. A transceiver 240 may receive a connection action request to execute a connection action.

Abstract: While facilitating (101) a call session for a participating entity having at least one federation-based benefit, one then uses (102) that at least one federation-based benefit to facilitate communications mobility for the participating entity during the call session. Such a call session can comprise, for example and at least in part, a wireless call session. The federation-based benefit itself can be one provided by a content provider, a services provider, or the like.

Abstract: A virtual machine computing platform uses a security virtual machine (SVM) in operational communications with a risk engine which has access to a database including stored patterns corresponding to patterns of filtered operational data that are expected to be generated during operation of the monitored virtual machine when malware is executing. The stored patterns may have been generated during preceding design and training phases. The SVM is operated to (1) receive raw operational data from a virtual machine monitor, the raw operational data obtained from file system operations and network operations of the monitored virtual machine; (2) apply rule-based filtering to the raw operational data to generate filtered operational data; and (3) in conjunction with the risk engine, perform a mathematical (e.g., Bayesian) analysis based on the filtered operational data and the stored patterns in the database to calculate a likelihood that the malware is executing in the monitored virtual machine.

Abstract: A method and system for adding a caller (102) in a blocked list is provided. The blocked list is stored at a communication server (104). The method includes receiving (604) a call from the caller (102) at a communication device (108). Further, the method includes receiving (606) a set of inputs at the communication device (108) in response to the call. The set of inputs includes a set of instructions to add the caller (102) in the blocked list. Furthermore, the method includes transmitting (608) a call termination request to the communication server (104). The call termination request includes the set of instructions to add the caller (102) in the blocked list. Transmission of the call termination request initiates addition of the caller (102) in the blocked list at the communication server (104).

Abstract: A method, apparatus, and electronic device for hierarchical communications are disclosed. A connection interface 1260 may receive a query. A processor 1210 may select an initial expert from the hierarchical expert tree based upon the query and direct the query towards the initial expert. A session initiation protocol server 418 may generate a hierarchical expert tree from an expert pool.

Abstract: While facilitating (101) a call session for a participating entity having at least one federation-based benefit, one then uses (102) that at least one federation-based benefit to facilitate communications mobility for the participating entity during the call session. Such a call session can comprise, for example and at least in part, a wireless call session. The federation-based benefit itself can be one provided by a content provider, a services provider, or the like.

Abstract: A method and system for adding a caller (102) in a blocked list is provided. The blocked list is stored at a communication server (104). The method includes receiving (604) a call from the caller (102) at a communication device (108). Further, the method includes receiving (606) a set of inputs at the communication device (108) in response to the call. The set of inputs includes a set of instructions to add the caller (102) in the blocked list. Furthermore, the method includes transmitting (608) a call termination request to the communication server (104). The call termination request includes the set of instructions to add the caller (102) in the blocked list. Transmission of the call termination request initiates addition of the caller (102) in the blocked list at the communication server (104).

Abstract: A method, a network base station, and a user device for pausing a communication connection initiation are disclosed. A processor 210 may begin a communication connection initiation between an origin user device and a target user device. The processor 210 may pause the communication connection initiation. A transceiver 240 may receive a connection action request to execute a connection action.

Abstract: A method, apparatus, and electronic device for hierarchical communications are disclosed. A connection interface 1260 may receive a query. A processor 1210 may select an initial expert from the hierarchical expert tree based upon the query and direct the query towards the initial expert. A session initiation protocol server 418 may generate a hierarchical expert tree from an expert pool.

Abstract: A method for managing communication-sessions at a Communication Diversion Notification Server (CDNS) (108) in a network (100) is disclosed. The method includes receiving (404) a message. The method further includes sending (406) a communication-diversion-notification to the diverting user equipment (UE) (104) based on filter-criteria. The communication-diversion-notification is sent in response to the message. The communication-diversion-notification notifies the diverting UE about the diversion of the communication-session to a target UE (108).

Abstract: A communication system is provided that comprises a Radio Frequency Identification (RFID) network coupled to a service provider network. An RFID reader of the RFID network detects an RFID tag associated with a mobile station when the mobile station is present in, or proximate to, a controlled area. The RFID network routes information associated with the RFID tag to the service provider network and, based on the information received from the RFID network, the service provider network alters a behavior of the mobile station when the mobile station is entering, exiting, or present in the controlled area.

Abstract: Generally speaking, pursuant to these various embodiments, one provides (101) a push-to-ask protocol layer that comprises, at least in part, a question receiving function, an answer receiving function, a trust management function, and a propagation function. By one approach this propagation function is configured and arranged to determine the propagation of content as a function, at least in part, of trust information as is provided by the trust management function. This content can comprise, for example, at least one of a question as is provided by the question receiving function and/or an answer as is provided by the answer receiving function. This push-to-ask protocol layer may then be used (102) to facilitate the automated dissemination of a question as may be provided via a push-to-ask application to, for example, a social network as corresponds to a user of that push-to-ask application and to facilitate a return of at least one corresponding answer to that push-to-ask application.

Abstract: Generally speaking, pursuant to these various embodiments, a network entity maintains (301) a record of at least one other network entity wherein that record comprises, at least in part, a trust metric that correlates the at least one other network entity with a particular amount of trust. A question can then be provided (302) and a query formed (303) by associating that question with a corresponding quantitative trust factor requirement. The record can then be employed to forward (304) that query to the at least one other network entity. By one approach, a network entity that receives (401) such a message comprising a question and a quantitative trust factor requirement as corresponds thereto can determine (402) whether to provide an answer responsive to that question. This can comprise forwarding (403) an answer in appropriate cases.