Abstract: A token-based security risk assessment service for multi-factor authentication (MFA) is described. An enterprise may utilize the security risk assessment service, and a telecommunication service provider may provide the security risk assessment service as a network-based service. The security risk assessment service may be configured to monitor identifiers (IDs) of elements associated with users associated with an enterprise to determine if any have changed. Any changes may be factored into an adjustment to the user's security profile. Furthermore, the enterprise can utilize the security risk assessment service to implement a token-based MFA scheme where Short Message Service (SMS) is used as an authentication factor.

Abstract: A wireless communication network serves random data integrity protection to a User Equipment (UE). A network controller selects the random data integrity protection for a UE session based on UE context. The network control signals the random integrity protection for the UE session to a wireless access node which signals the UE. A wireless access node generates data units for an interval. The wireless access node randomly selects ones of the data units to reach a downlink amount for the interval. The wireless access node converts the selected data units into integrity-protected units. The wireless access node wirelessly transfers the unprotected data units and the integrity-protected units to the UE. The UE determines the amount of the integrity-protected data units for the interval. The UE determines data integrity of the unprotected data units based on the amount of the integrity-protected units for the interval.

Abstract: Techniques, devices, and systems for implementing a Priority Data Transport Service (PDTS) are disclosed. The PDTS provides authorized devices and/or authorized users with on-demand, priority data transport (e.g., priority Internet access). For example, the PDTS allows authorized devices and/or authorized users to access the Internet, use mobile applications, and/or send and receive image data, video data, and text data in a prioritized manner, as compared to the regular (non-priority) Internet access that is provided to non-subscribers of the PDTS over commercial telecommunications networks. An authorized user may activate and deactivate the PDTS on demand. For instance, the PDTS may be activated during an emergency or crisis situation when networks may be congested, thereby providing the user with priority data transport (e.g., priority Internet access) in an emergency or crisis situation when a telecommunications network may be overloaded.

Abstract: In a wireless communication system, a source access node receives a security policy for a User Equipment (UE) from a wireless network core. The wireless network core and the UE establish security context over the source access node. The wireless network core and the UE exchange user data over the source access node based on the security context. The source access node handsover the wireless UE to a target access node and transfers the security policy for the wireless UE to the target access node. The target access node signals the wireless network core to establish new security context for the wireless UE responsive to the security policy. The wireless network core and the wireless UE establish new security context over the target access node. The wireless network core and the UE exchange additional user data over the target access node based on the new security context.

Abstract: A home network serves a wireless service to visiting User Equipment (UEs) affiliated with visited networks and authorizes the wireless service for home UEs that are visiting the visited networks. A gateway transfers home context to a distributed ledger and receives visited context from the distributed ledger. The gateway transfers the visited context to a controller. The controller exchanges authorization data with the visited networks based on the visited context and the home context. The controller authorizes the wireless data service for the home UEs and the visiting UEs responsive to the exchange of the authorization data. The controller transfers session signaling to wireless access nodes responsive to the authorization of the wireless data service for the visiting UEs. The controller transfers authorization signaling to the visited networks responsive to the authorization of the wireless service for the home UEs.

Abstract: Techniques, devices, and systems for implementing a Priority Data Transport Service (PDTS) are disclosed. The PDTS provides authorized devices and/or authorized users with on-demand, priority data transport (e.g., priority Internet access). For example, the PDTS allows authorized devices and/or authorized users to access the Internet, use mobile applications, and/or send and receive image data, video data, and text data in a prioritized manner, as compared to the regular (non-priority) Internet access that is provided to non-subscribers of the PDTS over commercial telecommunications networks. An authorized user may activate and deactivate the PDTS on demand. For instance, the PDTS may be activated during an emergency or crisis situation when networks may be congested, thereby providing the user with priority data transport (e.g., priority Internet access) in an emergency or crisis situation when a telecommunications network may be overloaded.

Abstract: A wireless User Equipment (UE) delivers a priority communication service. In the UE, circuitry correlates a network Identifier (ID) for a wireless communication network with an instruction for the priority communication service. The circuitry identifies a user request for the priority communication service when the wireless UE is wirelessly attached to the wireless communication network. In response, the circuitry responsively identifies the instruction based on the correlation with the network ID. The circuitry exchanges network signaling with a radio based on the instruction and exchanges user data with the radio responsive to the exchange of the network signaling. The radio exchanges the network signaling and the user data with the UE circuitry and wirelessly exchanges the network signaling and the user data with the wireless communication network. The instruction may direct the circuitry to use an encoded public Uniform Resource Identifier (URI) to identify the UE to the wireless communication network.

Abstract: A wireless communication network serves a Network Exposure Function (NEF) slice to User Equipment (UE). An Access and Mobility Management Function (AMF) selects a NEF slice for the UE. A Session Management Function (SMF) selects a NEF address for the NEF slice for the UE. A User Plane Function (UPF) exchanges Application Programming Interface (API) calls and responses between the UE and a NEF based on the NEF address. The NEF exchanges the API messages with the UE over the UPF. The NEF slice may comprise an edge NEF slice that is selected based on the geographic location of the UE and that features a local NEF element that is coupled to a core NEF element.

Abstract: A token-based security risk assessment service for multi-factor authentication (MFA) is described. An enterprise may utilize the security risk assessment service, and a telecommunication service provider may provide the security risk assessment service as a network-based service. The security risk assessment service may be configured to monitor identifiers (IDs) of elements associated with users associated with an enterprise to determine if any have changed. Any changes may be factored into an adjustment to the user's security profile. Furthermore, the enterprise can utilize the security risk assessment service to implement a token-based MFA scheme where Short Message Service (SMS) is used as an authentication factor.

Abstract: Systems, methods, and software for correlating media types of emergency communication requests in wireless communication networks are provided herein. In one example, a method of operating a wireless communication system which routes communications between user devices and emergency service providers is provided. The method includes monitoring communication requests for emergency communication sessions between the user devices and service nodes of the emergency service providers to determine which media types of the communication requests are supported by the service nodes receiving the communication requests, identifying geographic locations of the user devices for the communication requests, identifying the service nodes receiving the communication requests, and creating a data structure correlating the geographic locations of the user devices and identifiers of the service nodes to the media types supported by the service nodes.

Abstract: A method, system, and medium are provided for generating a profile for public safety answering platforms (PSAP). The profile identifies media formats supported by the PSAPs at various cell sector locations maintained by a network provider. A network server selects a cell sector and generates a first test emergency services call and subsequent test emergency services calls. The test emergency services call is transmitted to a PSAP. During the session with the PSAP, the subsequent test emergency services calls are processed to determine mid-call support for additional multimedia formats or codecs. The PSAP generates responses that indicate whether the PSAP supports a multimedia format or codec identified in the test emergency services call or the subsequent test emergency services call. The PSAP transmits the responses to the network server for storage in the profile.