Abstract: A method performed by one or more network node(s) of a wireless telecommunications network to dynamically manage encryption keys for multiple narrowband Internet of Things (NB-IoT) devices of the network. The network node(s) can maintain a database that stores a device profile for each of the NB-IoT devices and obtain multiple encryption keys for the multiple NB-IoT devices. The encryption keys are associated with different encryption strengths ranging from high to ultra-low encryption strengths. The network node(s) can allocate the encryption keys to the NB-IoT devices, detect a change in the condition of the network, capability or communications service of NB-IoT devices, and refresh the encryption keys accordingly to ensure that the network nodes properly balance encryption while providing efficient network performance.

Abstract: A system that incorporates teachings of the subject disclosure may include, for example, dividing a media content item into a plurality of media content segments, at each media content segment of the plurality of media content segments, applying motion estimation between at least two video frames of the media content segment to determine a content weight for the media content segment, determining a bit rate for the media content segment according to the determined content weight for the media content segment, and encoding the media content segment at the determined bit rates to generate a data stream for the media content segment, whereby a plurality of data streams for the plurality of media content segments of the media content are generated, and transmitting the plurality of data streams for the plurality of media content segments of the media content to the one or more media devices. Other embodiments are disclosed.

Abstract: The disclosed technology includes a method and system for preventing or reducing cyber-attacks in telecommunications networks, such as 5G networks. For example, a first node in a 5G network can detect that a first connected device is at risk of a cyber-attack based on one or more conditions and can broadcast to a plurality of nodes in the RAN that the first connected device is at risk of the cyber-attack. The first node can receive a first message from a second node of the plurality of nodes confirming or acknowledging that the first connected device is at risk of the cyber-attack. In response to receiving the first message from the second node confirming or acknowledging that the first connected device is at risk of the cyber-attack, the system can deauthorize the first connected device.

Abstract: Systems and processes that incorporate teachings of the subject disclosure may include, for example, receiving a request for a streaming video application service from a mobile device and, responsive to determining a relationship between a service provider of a wireless access point and a service provider of a cellular network providing the streaming video application service via the cellular services. Responsive to determining that the wireless access point is in a communication range of the mobile device based on a proximity of the wireless access point to the mobile device, a communication session is initiated between the mobile device and the wireless access point. Delivery of the streaming video application service to the mobile device is switched from over the cellular network to over the wireless access point. Other embodiments are disclosed.

Abstract: A method includes receiving a request for a communication session from a user device, identifying a first resource from a plurality of resources, wherein the first resource is associated with a first service control layer for a radio access network and wherein the plurality of resources includes at least one virtual network function (VNF), identifying a second resource from the plurality of resources, wherein the second resource is associated with a second service control layer for LTE core functions, identifying a third resource from the plurality of resources, wherein the third resource is associated with a third service control layer for content delivery, allocating a virtual machine to be used to instantiate the at least one VNF, instantiating the at least one VNF and establishing the communication session by facilitating communications between the first service control layer, the second service control layer and the third service control layer.

Abstract: Resource-sensitive token-based access point selection is disclosed. A user equipment (UE) can generate a request for resources that can be shared with an selection component remote from the UE. The request for resources can be generated independent of the UE receiving information about an access point (AP) in range of the UE. The selection component can pair the UE with an AP resource based on AP data and UE data. The selection component can generate a token comprising information related to the pairing. The UE can receive the token via a device other than the AP or via the AP. The token can be employed by the UE to initiate a link to the AP to enable use of the AP resource by the UE. The link can be resource sensitive in view of the request for resources and available AP resources.

Abstract: Remote provision of a drone resource is disclosed. A user equipment (UE) can generate a request for drone resources that can be employed to find an appropriate drone from a set of drones. The drone can be automatically provisioned to allow access to the drone resource in accord with the request. The set of drones can comprise different tiers of drones. A response can be generated indicating the state of provisioning a drone in accord with the request. The user equipment can make the request available to a drone allocation component via a communication framework that can comprise a wireless interface. Provisioning of the drone can similarly be accomplished via the communication framework. As such, the set of drones can be distributed and can be provisioned from a UE located remotely from the drone allocation component and/or the drones comprising the set of drones.

Abstract: An outbound roaming system detects that a wireless device has left a home wireless network and, in response, identifies a visited wireless network on which the wireless device is likely to roam or is currently roaming. The outbound roaming system queries the visited wireless network to offer security information for the wireless device. The security information can include a security parameter for the visited wireless network to mitigate a potential cyberattack enabled by the wireless device. In response to receiving an acceptance of the offer and satisfying a condition, the outbound roaming system provides the security information to the visited wireless network. As such, the visited wireless network can dynamically defend against cyberattacks enabled by roaming devices.

Abstract: Concepts and technologies disclosed herein are directed to intelligent drone traffic management via a radio access network (“RAN”). As disclosed herein, a RAN node, such as an eNodeB, can receive, from a drone, a flight configuration. The flight configuration can include a drone ID and a drone route. The RAN node can determine whether capacity is available in an airspace associated with the RAN node. In response to determining that capacity is available in the airspace associated with the RAN node, the RAN node can add the drone ID to a queue of drones awaiting use of the airspace associated with the RAN node. When the drone ID is next in the queue of drones awaiting use of the airspace associated with the RAN node, the RAN node can instruct the drone to fly through at least a portion of the airspace in accordance with the drone route.

Abstract: A method performed by a security system that can analyze a vulnerability or a risk applicable to a network entity to identify a cybersecurity threat and associated risk level. The security system can store indications of cybersecurity threats and risk levels in a database of a Domain Name System (DNS). The security system can monitor and resolve network traffic to determine IP addresses or URLs associated with the cybersecurity threats. The security system stores a map of the cybersecurity threats and IP addresses or URLs such that the security system can protect a network entity by processing network traffic to sources or destinations of network traffic that can harm particular network entities, and execute personalized security procedures to protect the network entities.

Abstract: The technology includes a method performed by a security system of a 5G network. The security system is instantiated to sort incoming or outgoing network traffic at a perimeter of the 5G network into one of multiple groups that are each uniquely associated with one of multiple functions or applications and one of multiple security levels. The system can inspect portions of incoming network traffic that contain addressing information required for the network traffic to reach an intended application or function, sorting the incoming network traffic into the groups based in part on the inspection of the portions of the network traffic, and dynamically directing the network traffic for the 5G network based on a particular security level associated with a particular application or a particular function of each of the groups.

Abstract: The disclosed technology includes a method and system for preventing or reducing cyber-attacks in telecommunications networks, such as 5G networks. For example, a first node in a 5G network can detect that a first connected device is at risk of a cyber-attack based on one or more conditions and can broadcast to a plurality of nodes in the RAN that the first connected device is at risk of the cyber-attack. The first node can receive a first message from a second node of the plurality of nodes confirming or acknowledging that the first connected device is at risk of the cyber-attack. In response to receiving the first message from the second node confirming or acknowledging that the first connected device is at risk of the cyber-attack, the system can deauthorize the first connected device.

Abstract: A method performed by a system includes instantiating a vulnerability-risk-threat (VRT) service for a security edge protection proxy (SEPP) element of a 5G telecommunications network. The system intercepts and parameterizes network traffic of the SEPP element to identify network functions (NFs) or associated services that requires cybersecurity protection and selects security resources for protecting the identified NFs or associated services. The system prioritizes an NF or associated service that is most frequently used (MFU) or most recently used (MRU) and then allocates the security resources in accordance with the prioritization.

Abstract: The technology described herein allocates resources in a cloud computing environment using a 5G network. The system can connect a device to the 5G network and collect data related to the device such as a location of the device and characteristics of use of the device with the 5G network. The system can create a device service profile of the device based at least in part on the data related to the device. The system can then dynamically partition computing resources within the cloud computing environment for the device based on the device service profile and a time-of-day in the location of the device to thereby provide on-demand access to content or services in the cloud computing environment to the device over the 5G network.

Abstract: Aspects of the subject disclosure may include, for example, a method comprising providing services over a network to a device, and constructing device capability and usage profiles. A level of service quality for the device is adjusted by adjusting a latency criterion regarding connection of the device to the network; adjusting a speed of transmissions to or from the device; and altering a routing of transmissions to or from the device. The network can be partitioned so that the adjusted service quality level is provided by a network portion having a predetermined level of resources. The adjusted service quality level can comprise a first level while the device is active and a second level while the device is inactive; the first level is higher than the second level. The first and second levels are lower than a service quality level provided by another network portion. Other embodiments are disclosed.

Abstract: The technology includes a method performed by a security system of a 5G network to protect against a cyberattack. The system can instantiate a function to monitor and control incoming network traffic at a perimeter of the 5G network in accordance with a security model that is based on a vulnerability parameter, a risk parameter, and a threat parameter. The system can process the incoming network traffic with the security model to output a vulnerability-risk-threat (VRT) score that characterizes the incoming network traffic in relation to the vulnerability parameter, the risk parameter, and the threat parameter, and causes one or more actions based on the VRT score to mitigate the cyberattack. The action(s) can include blocking the incoming network traffic at the perimeter of the 5G network.

Abstract: A method for authenticating a network entity to access restricted information. The method includes receiving a request to generate a visual voicemail message based on an analysis of network entity profile data and contextual information relating to the network entity. The method includes generating the visual voicemail message based on the network entity profile data and the contextual information, sending the visual voicemail message to the network entity and requesting authentication information included with the visual voicemail message. In response to receiving the requested authentication information, the network entity is authenticated to access to the restricted information.

Abstract: A biometrics hub may establish a first schedule for processing first biometric data of a user, establishing a second schedule for processing second biometric data of the user, storing the first biometric data that is received from a first biometric device via a first persistent session, and store the second biometric data that is received from a second biometric device via a second persistent session. The biometrics hub may further transmit at least one of the first biometric data or the second biometric data to an authorized remote device in accordance with the first schedule or the second schedule. In one example, the transmitting includes establishing a session with the authorized remote device, sending the at least one of the first biometric data or the second biometric data to the authorized remote device via the session with the authorized remote device, and closing the session with the authorized remote device.

Abstract: Methods, computer-readable media and apparatuses for sharing an experience via a social network on demand are disclosed. A processor establishes a first video session with a mobile endpoint device of a user, the first video session is established after the mobile endpoint device is authenticated as being allowed to capture a video of a live event at a commercial venue, the first video session containing the video of the live event at the commercial venue that the user is attending, receives at least one social media connection of the user for receiving the video, sends a notification to each social media connection of the at least one social media connection that the video is available, receives a request from the at least one social media connection to access the video, and establishes a second video session with an endpoint device of the at least social media connection.

Abstract: A method performed by a security system of a 5G network to protect against cyberattacks on a personalized basis. The security system can identify a cybersecurity threat to a wireless device based on contextual information relating to the wireless device, a user preference, or a call detail record. The security system can determine a one-time fee to charge the user in exchange for protecting the wireless device against the cybersecurity threat, generate an coupon to protect the wireless device against the cybersecurity threat, and send the coupon to the wireless device based at least in part on the contextual information relating to the wireless device and the user preference. When the security system receives an indication that the coupon was redeemed, responds by deploying a network asset to protect the wireless device against the cybersecurity threat.