Abstract: A computer implemented methods, computer systems and computer programs are provided for deploying a service to edge compute nodes located at the edge of a radio access network that are dispersed throughout a geographical area and for accessing the service from the same. The method for deploying the service receives a travel plan for a mobile entity, the travel plan indicating a route for an intended journey by the mobile entity through the geographical area. The method further selects at least one edge compute node in the network for providing the service to the mobile entity during the intended journey. The at least one edge compute node is selected based, at least in part on a geographical proximity of the at least one edge compute node to the route. The method further deploys a respective instance of the service to each of the at least one edge compute nodes so that it is accessible by the mobile entity while undertaking the intended journey.

Abstract: A computer-implemented method of analysing anomalous network traffic in a telecommunications network, said telecommunications network comprising a plurality of network entities (120, 110) and a security analyser (130-3), wherein the method comprises the steps of: receiving at the security analyser a network communication from a first network entity; identifying the first network entity; by means of the security analyser: analysing the network communication and/or a performance of the first network entity thereby to identify the network communication as an anomalous communication (310); in response to identifying the network communication as an anomalous communication, communicating an instruction to the identified first network entity to respond with origin information regarding the anomalous communication, wherein the origin information identifies a preceding network entity from which the anomalous communication was directly received by the first network entity (320, 330); and commencing with the preceding n

Abstract: Method of Operating a Telecommunications Network A computer-implemented method (200) of operating a telecommunications network (100), the telecommunications network comprising a client device (110) and a server (140), wherein the server and the client device are connected via an access point (120), the method comprising the steps of: receiving a service request from the client device, said service request requesting a service from the server (310); identifying client device characteristic information associated with the client device (340); identifying service requirement information associated with the requested service (330); comparing the identified client device characteristic information with the identified service requirement information so as to determine if the client device information complies with the service requirement information (350); and in response to said comparison: permitting the server to provide the requested service in accordance with the service request if the client device informatio

Abstract: A containerisation orchestrator (26) is controlled by an analysis system (20, 21, 22) which assesses an application and a device for compatibility to have a candidate application installed on the device using the orchestrator. The analysis includes an assessment of the vulnerability of the installed application to failure or malicious attack, and a risk assessment of the consequences of such an event. The candidate containerised configuration (20) for the application is also assessed for compatibilities and vulnerabilities.

Abstract: A computer-implemented method of analysing anomalous network traffic in a telecommunications network, said telecommunications network comprising a plurality of network entities (120, 110) and a security analyser (130-3), wherein the method comprises the steps of: receiving at the security analyser a network communication from a first network entity; identifying the first network entity; by means of the security analyser: analysing the network communication and/or a performance of the first network entity thereby to identify the network communication as an anomalous communication (310); in response to identifying the network communication as an anomalous communication, communicating an instruction to the identified first network entity to respond with origin information regarding the anomalous communication, wherein the origin information identifies a preceding network entity from which the anomalous communication was directly received by the first network entity (320, 330); and commencing with the preceding n

Abstract: Containerised computing processes are generated by an orchestration processor interpreting user commands and user profile data to build a deployment specification specifying functions to be run by a containerised process, using a shell script run on a host virtualisation container. External events such as security threats and computing resource overloads can be used to generate the virtualised process, allowing vulnerability detection, and apply countermeasures such as deployment or migration of containers during attacks to lesser prone infrastructure, and allows the orchestration of non-container tools to provide security and resilience.

Abstract: A web server operating in a container has resource and network limits applied to add an extra layer of security to the web server. If a monitor detects that the container's resource usage is approaching one or more of these limits, which may be indicative of a DDoS attack, (step 210) or identifies traffic sources exhibiting suspicious behaviour, such as frequently repeated requests from the same address, or from a related set of addresses, a restrictor function caps the resources allowed by the original Webserver container to allow it to recover from buffer overflow and protect servers running in other containers from overwhelming any shared resources. A duplicator function starts up replica containers with the same resource limits to take overflow traffic, and a load balancing function then directs incoming traffic to these overflow containers etc.

Abstract: Actuators and sensors in an intelligent system are controlled by setting encryption types and key lengths to individual applications based on the type of device and application being run. A server system (1) running in a communications gateway, selects an encryption policy for one or more devices under its control. This selection is controlled by an analysis function (11) using data relating to the type of device (13), and the applications to be run on the device (14), to generate an appropriate encryption policy (12) which can be deployed to the device (37). Controlling the analysis and deployment in a gateway device allows co-ordination between devices, and reduces processor time in the devices. An agent is sent to the device alongside the encryption policy data, to control the device according to the encryption policy.

Abstract: Actuators and sensors in an intelligent system are controlled by setting encryption types and key lengths to individual applications based on the type of device and application being run. A server system 1 running in a communications gateway, selects an encryption policy for one or more devices under its control. This selection is controlled by an analysis function 11 using data relating to the type of device 13, and the applications to be run on the device 14, to generate an appropriate encryption policy 12 which can be deployed to the device (37). Controlling the analysis and deployment in a gateway device allows co-ordination between devices, and reduces processor time in the devices. An agent is sent to the device alongside the encryption policy data, to control the device according to the encryption policy.

Abstract: Network-based applications and virtualized components are deployed according to a security analysis of the infrastructure to be used and applications to be run on it. A specification of requirements (201) is analysed (211), together with potential devices (212) and network nodes (213), to determine an appropriate level of security to be applied, and a deployment specification of applications, services, security countermeasures, and networks is prepared that will satisfy the customer requirement and with known characteristics and vulnerabilities of the services. This analysis is used to generate a deployment specification (22), and finally the actual control of an orchestrator (23) to deliver the service. The deployed system can be continually monitored to ensure that the service continues to operate within requirements. Should an incident such as a network attack or failure occur the system is re-analysed against the original requirements and re-configured or repaired.

Abstract: A containerisation orchestrator (26) is controlled by an analysis system (20, 21, 22) which assesses an application and a device for compatibility to have a candidate application installed on the device using the orchestrator. The analysis includes an assessment of the vulnerability of the installed application to failure or malicious attack, and a risk assessment of the consequences of such an event. The candidate containerised configuration (20) for the application is also assessed for compatibilities and vulnerabilities.

Abstract: A web server operating in a container has resource and network limits applied to add an extra layer of security to the web server. If a monitor detects that the container's resource usage is approaching one or more of these limits, which may be indicative of a DDoS attack, (step 210) or identifies traffic sources exhibiting suspicious behaviour, such as frequently repeated requests from the same address, or from a related set of addresses, a restrictor function caps the resources allowed by the original Webserver container to allow it to recover from buffer overflow and protect servers running in other containers from overwhelming any shared resources. A duplicator function starts up replica containers with the same resource limits to take overflow traffic, and a load balancing function then directs incoming traffic to these overflow containers etc.

Abstract: Containerised computing processes are generated by an orchestration processor interpreting user commands and user profile data to build a deployment specification specifying functions to be run by a containerised process, using a shell script run on a host virtualisation container. External events such as security threats and computing resource overloads can be used to generate the virtualised process, allowing vulnerability detection, and apply countermeasures such as deployment or migration of containers during attacks to lesser prone infrastructure, and allows the orchestration of non-container tools to provide security and resilience.

Abstract: The invention provides several molybdenum (II) complexes (see classes I and II, FIG. 1) as well as pharmaceutical compositions comprising these compounds, that are useful for treating cancer and describes synthetic methods and intermediates useful for preparing the compounds.