Abstract: A computer implemented method of converting a serialized virtual machine (VM) for a source virtualized computing environment, the serialized VM being stored in a data file having also metadata for instantiating the serialized VM in the source environment, the method including supplementing the data file with a software adapter including a plurality of executable disk image converters, each disk image converter being suitable for converting the serialized VM between disparate virtualized computing environments; a plurality of metadata mappings, each metadata mapping defining how the metadata is converted between disparate virtual computing environments; and executable code for effecting a conversion by executing an appropriate disk image converter and performing an appropriate metadata conversion to convert the data file for a target virtualized computing environment, such that the supplemented data file is operable to self-convert between the source virtualized computing environment and the target virtualized

Abstract: A method of managing data bearers between a cellular network subscriber device and a packet data gateway in a cellular network core, the cellular network subscriber device and the packet data gateway being connected by a default bearer, the method including receiving at least one dedicated bearer request for a communication session between the cellular network subscriber device and an external network resource; comparing at least one parameter of the received dedicated bearer against a set of predetermined rules; and if at least one parameter of the received dedicated bearer request matches at least one of the set of predetermined rules: storing the at least one parameter of the received dedicated bearer request; and sending a message to the subscriber device to cause the cellular network subscriber device and packet data gateway to use the default bearer for the communication session.

Abstract: A method of operating a mobile communications network including a plurality of base stations and a base station for a mobile communications network, wherein the base station includes a plurality of transmitters, a plurality of receivers and a processor, is disclosed. Each transmitter is configured to transmit radio signals to a plurality of mobile terminals. Each receiver is configured to receive radio signals from a plurality of mobile terminals. The processor is configured to serve a mobile terminal via the transmitter over multicast/broadcast across a radio link; receive information from the mobile terminal being served by the transmitter, in which the information derives from signal quality of a multicast/broadcast serving signal received at the mobile terminal from the transmitter; and provide to the mobile terminal first instructions based on a first comparison of the quality of the multicast/broadcast serving signal received at the mobile terminal.

Abstract: A method of computer security for a host computer system in communication with remote computer systems includes generating an attack map modelling individual events leading to an exploitation of the host computer system by collecting a log of each of a plurality of attack events occurring at the host, using stacked autoencoders to extract features from the log event in each attack, and generating a directed graph representation based on each of the extracted features. The method further includes determining a subset of nodes in the attack map corresponding to events in one or more attacks, determining a component of the host computer system involved in each attack event represented by each of the nodes in the subset, and deploying one or more security facilities at each of the determined components of the host computer system so as to mitigate attacks according to each of the attack patterns.

Abstract: A computer implemented method of a receiving secure computing component to provide access to a cryptographic key for a key requester, the key being associated with an owning secure computing component by a digitally signed record in a blockchain wherein the blockchain is accessible via a network and includes a plurality of records validated by miner computing components, wherein the key requester has associated a quantity of cryptocurrency by a digitally signed record in the blockchain, the method including: receiving a request from the key requester to access the key; generating a first new record for storage in the blockchain to transfer a predetermined quantity of cryptocurrency associated with the requester to be associated with the receiving component, the first new record being validated by the miner components; responsive to the validation of the first new record, communicating a request to the owning component to transfer the key to the receiving component; responsive to securely receiving the key at

Abstract: This disclosure provides a method in a cellular telecommunications network having a first base station and a second base station, wherein the first base station is moving relative to a reference object and serves a User Equipment (UE) the method including identifying the UE's relative speed with respect to the reference object; preparing a message to transfer the UE to the second base station, the message including one or more information elements to indicate the UE's relative speed to the reference object, wherein a mobility state for the UE may be estimated from the one or more information elements indicating the UE's relative speed with respect to the reference object; and initiating a transfer of the UE from the first base station to the second base station by sending the message to the second base station, wherein the message includes the one or more information elements to indicate the UE's relative speed with respect to the reference object.

Abstract: A computer implemented method of protecting a portion of a computer network from malware attack, the computer network including a network connected devices organized into hierarchical subnets modelled by a tree data structure in which each subnet is represented as a node in the tree, each node having a connection to parent node save for a root node, the method including performing protective actions on devices in subnets associated with a first subset of nodes to provide protection against the malware, prioritizing devices in the subnets associated with a second subset of nodes so as to provide a barrier of subnets protected against the malware to impede the propagation of the malware to devices in subnets associated with each of the first subset of nodes.

Abstract: A computer implemented method of a first network access point to provide network access for a mobile device, the mobile device associated with a second network access point by a digitally signed record in a blockchain wherein the blockchain is accessible via a network and includes a plurality of records validated by miner computing components, wherein the mobile device has associated a quantity of cryptocurrency by a digitally signed record in the blockchain, the method including receiving a request from the mobile device to access the network; generating a first new record for storage in the blockchain to transfer a predetermined quantity of cryptocurrency associated with the requester to be associated with the first access point, the first new record being validated by the miner components; responsive to the validation of the first new record, notifying the second access point of the request of the mobile device to access the network; responsive to a validation of a second new record in the blockchain, the

Abstract: This disclosure provides a base station, and a method of operating a base station, in a cellular telecommunications network, the method including the first base station operating in energy saving mode; the first base station receiving a first message, the first message instructing the first base station to exit energy saving mode and to compensate for a second base station; and the first base station exiting energy saving mode and compensating for the second base station.

Abstract: A computer implemented method of securing an application executing in a software container deployed in a computer system includes providing access to the application selectively in accordance with access control rules by sharing an encryption key with authorized accessors.

Abstract: Embodiments of the present disclosure provide a method and apparatus for configuring multi-level cells or cell clusters and a communications system. The method includes: exchanging by a base station with one or more other base stations or cell cluster heads in the same level to obtain first information; receiving, by the base station, second information reported by one or more base stations or cell cluster heads in the lower level; configuring one or more cells in the lower level into a cell cluster by the base station according to the first information and the second information, and determining a cluster head of the cell cluster; and performing information transmission with the cluster head of the cell cluster.

Abstract: A computer implemented method for decrypting an encrypted data store at a target computer system, the data store being encrypted by a ransomware algorithm using a searchable encryption algorithm, the method including determining an encryption algorithm used by the ransomware algorithm; determining seed parameters used by the encryption algorithm to generate an encryption key; generating the encryption key using the seed parameters; and decrypting the encrypted data store.

Abstract: A wireless network including a wireless access gateway (WAG) and methods are provided for routing traffic between non-cellular and cellular networks. The WAG interconnects at least one non-cellular network and at least one cellular network in an at least one-to-many relationship. The WAG receives a first IP address for the UE in the cellular domain and the WAG allocates a second IP address for the UE in the non-cellular domain. The WAG creates a routing rule including the first and second IP addresses for the UE and an additional data path identifier.

Abstract: A computer implemented method of validating use of a computing resource by a an executing requester software module from a plurality of discrete software modules, the method including validating a characteristic of the requester software module; generating a first transaction defining criteria for consumption of the computing resource by the requester software module, the first transaction being encrypted with a private key from a public key/private key pair and being added as part of a block of transactions to a blockchain data structure; generating a subsequent encrypted transaction corresponding to a request of the requester software module to consume the computing resource, the subsequent transaction referring to the first transaction, wherein the subsequent transaction is validated by a transaction miner computing component from a plurality of miners by authenticating the transaction using the public key and verifying compliance with the criteria defined in each transaction.

Abstract: A computer implemented method of generating cryptographic keys for a plurality of hardware security modules (HSMs), the method including generating a plurality of cryptographic keys for use by the HSMs in providing cryptography functions, wherein the cryptographic keys are generated based on numerical data generated by a hardware random number generator; and storing the generated cryptographic keys in a secure key store, such that a key in the key store utilized by an HSM is flagged as utilized to prevent other HSMs utilizing the same key, so as to provide a rate of generation and storage of the cryptographic keys unconstrained by the resources of any HSM.

Abstract: A method of improving performance of network communication for an application communicating via a wide area network (WAN) including executing a classifier including a machine learning algorithm to classify a data set corresponding to a profile of network communication via the WAN for the application, the classification identifying the network communication as a candidate for WAN optimization, wherein the classifier is trained based on a plurality of training data sets each having associated an indication of suitability for WAN optimization; and responsive to the identification of the network communication as a candidate for WAN optimization implementing WAN optimization for the application.

Abstract: A method of computer security for a host computer system in communication with remote computer systems, including generating an attack map as a directed graph data structure modelling individual events leading to an exploitation of the host computer system and collecting a log of each of a plurality of attack events occurring at the host including network packets involved in each attack event, the attack map being generated in a training phase of the host computer system in which the host is subjected to attacks by one or more attacking remote computer systems, using stacked autoencoders to extract features from the log event in each attack; generating a directed graph representation based on each of the extracted features, using the attack map to identify a sequence of events indicative of an attack, and responsive to the identification, deploying one or more security facilities to mitigate the attack.

Abstract: Presented are methods for converting a multicast media stream to unicast segments, for delivery over generic IP networks such the Internet. The unicast segments can be converted back again to a multicast stream that is identical to the original multicast stream closer to the consuming client device. Information required to regenerate a multicast stream from the generated unicast segments that is identical to the original multicast stream is also encoded into the file name of the generated unicast segments. Additionally, RTP header information from the multicast stream that is not required when the unicast segments are generated are stored in files linked to the generated unicast segments, enabling the multicast stream that is regenerated to be identical to the original multicast stream even at the RTP level.

Abstract: A method of performing channel estimation in a multiple-input-multiple-output (MIMO) communication system comprising a downlink device and an uplink device arranged to communicate over a communication channel, the method including at the uplink device: analyzing a first channel vector representing channel gains between the downlink device and a first antenna of the uplink device in the angular domain to identify a set of angular domain support points; generating from the set of angular domain support points a value vector; and feeding back from the uplink device to the downlink device an indication of the value vector; and at the downlink device: analyzing a second channel vector representing channel gains between the downlink device and a second antenna of the uplink device; generating a transmit steering matrix; and generating an estimate of the first channel vector.

Abstract: A method of computer security for a host computer system in communication with remote computer systems, including generating an attack map as a directed graph data structure modelling individual events leading to an exploitation of the host computer system and collecting a log of each of a plurality of attack events occurring at the host including network packets involved in each attack event, the attack map being generated in a training phase of the host computer system in which the host is subjected to attacks by one or more attacking remote computer systems; using stacked autoencoders to extract features from the log event in each attack; generating a directed graph representation based on each of the extracted features; and responsive to an occurrence of a new attack in the host computer system, triggering the regeneration of the attack map including additional events generated in respect of the new attack.