Abstract: Systems and methods described herein provide binding support function (BSF) service registration and discovery for environments using oversubscribed network addresses. A network device in a core network receives a registration request from a binding support device. The registration request includes a binding group identifier associated with the binding support device. The network device stores, based on the registration request, a profile for the binding support device that includes the binding group identifier and receives, from a policy control device, a discovery request for a that includes a unique identifier of user equipment (UE) device. The network device provides, to the policy control device, a response to the discovery request that identifies the binding support device.

Abstract: A device may include a processor configured to establish a data traffic flow for a user equipment (UE) device and determine per flow descriptor attributes associated with the data traffic flow, wherein the per flow descriptor attributes identify at least a source, a destination, and a protocol associated with the data traffic flow. The processor may be further configured to determine at least one additional per flow descriptor attribute for the data traffic flow and send the per flow descriptor attributes and the at least one additional per flow descriptor attribute to a network exposure device of a core network, wherein the network exposure device is configured to communicate with servers outside the core network.

Abstract: A primary application cloud instance may receive historical usage of an application, may allocate, based on the historical usage, a quantity of cloud resources for enabling the application to be accessed, and may enable the application to be accessed. The primary application cloud instance may provide, to a backup application cloud instance that allocates a minimum quantity of cloud resources for providing a skeletal version of the application, heartbeat and session state information associated with the primary application cloud instance, and the quantity of cloud resources for enabling the application to be accessed. The primary application cloud instance may provide, to the backup application cloud instance, an indication of a failure of the primary application cloud instance, via the heartbeat and session state information, to cause the backup application cloud instance to allocate the quantity of cloud resources and to enable access to the application.

Abstract: A first network device may receive, from an application server, a first request for a dedicated bearer session for an application with a quality of service (QoS) and for a notification of an idle session for the application. The first network device may generate, based on the first request, a second request to be notified regarding expiration of an idle session timer for the application, and may provide the second request to a second network device. The first network device may receive, from the second network device and based on the second request, a notification of expiration of the idle session timer for the application, and may provide, to the application server, the notification of expiration of the idle session timer for the application.

Abstract: A method, a network device, and a non-transitory computer-readable storage medium are described in relation to an integrated network slice encryption service. The integrated network slice encryption service may manage and provision encryption and/or decryption services associated with a third party and relative to a network slice and end device application associated with a service provider and application provider. The integrated network slice encryption service may provision end devices, core network devices, and application layer devices of an external network.

Abstract: A method, a device, and a non-transitory storage medium are described in which an uplink classifier and branching point service is provided. The service may include the management of user plane function devices or uplink classifier devices according to various architectures and connectivity among the user plane function devices or uplink classifier devices. The service may allow end devices situated in different locations to connect to different application service host devices and application service layer networks based on such management.

Abstract: A device may include a processor configured to maintain a plurality of session management entities (SMEs) for a core network associated with a radio access network (RAN). The processor may be further configured to establish a communication session using a first SME, of the plurality of SMEs; store session data for the communication session in a communication session database accessible by each of the plurality of SMEs; receive, using a second SME of the plurality of SMEs, a message associated with the communication session; retrieve, using the second SME, session data for the communication session from the communication session database, based on receiving the message; and process, using the second SME, the message using the retrieved session data.

Abstract: A method, a device, and a non-transitory storage medium are described in which a containerized network function (CNF) management service is provided. The service may provide for allocating discrete sets of CNF resources deployed as pods to provide application services to end devices; identifying at least one threshold resource value associated with a first number of the deployed pods which are activated to provide the application services; determining an anticipated nonsatisfaction of the at least one threshold resource value associated with the first number of the deployed pods; and invoking, for a period of time, horizontal pod autoscaling (HPA) via an application programming interface to activate a second number of the deployed pods to provide the application services, wherein the HPA is performed non-incrementally until at least one of the period of time has elapsed or each of the deployed pods has been activated to provide the application services.

Abstract: Systems and methods described herein enable premium session retainability for differentiation of services with respect to network function failures. A first network function of a core network obtains a session retention indicator during establishment of a protocol data unit (PDU) session. The first network function calculates a compute footprint for the first network function to support the PDU session and any other premium sessions currently serviced by the first network function. An orchestration device receives the compute footprint and provisions a second network function based on the compute footprint. The first network function and the second network function perform data replication of state information for the PDU session to allow premium sessions to continue with no or minimal interruption in the event of a failover scenario.

Abstract: A network device may receive Network Slice Selection Assistance Information (NSSAI) and network information from network components and from a set of Integrated Access and Backhaul (IAB) nodes; generate descriptions of, or updates to the descriptions of, routing paths based on the NSSAI and the network information; and send the descriptions or the updates to the IAB nodes. The routing paths may include one or more backhaul links between the IAB nodes, and the descriptions and the updates associate each of the routing paths with one or more Single-NSSAIs (S-NSSAIs).

Abstract: A method, a device, and a non-transitory storage medium are described in which a user plane congestion control service is provided. The service may analyze congestion information of user plane traffic in data sessions associated with a plurality of end devices. The service may include selecting, based on the analyzing, configuration parameters for uplink/downlink traffic mapped to one or more user class values of the end devices. The service may include generating a data session update indicating a modification to the configuration parameters for a user class value.

Abstract: In the various embodiments, systems and methods are disclosed for determining the location of User Equipment (UE) in a network and for authorizing access to content based on said location. An aspect of the present disclosure is a method including receiving, by a Content Authorization Function (CAF), a request to provide a UE type of a UE and a physical location associated with the UE, the request including a UE Internet Protocol (IP) address associated with the UE; querying, by the CAF, a Network Function (NF), to provide the UE type and associated physical location, the query including the UE IP address; receiving, by the CAF from the NF, the UE type and associated physical location; and transmitting the UE type and associated physical location.

Abstract: A system described herein may identify a requested communication session between a UE and a network, such as a core of a wireless network. The system may identify Quality of Service (“QoS”) information associated with the UE and/or the requested communication session. The QoS information may include or may be based on a network slice identifier, a QoS value, a Service Level Agreement (“SLA”), one or more models associated with UE attributes, or other suitable information. The system may determine a maximum transmission unit (“MTU”) configuration for the UE based on the identified QoS information and/or models that associate UE attributes to MTU configurations. The system may implement the determined MTU configuration, including providing the MTU configuration to one or more gateways or endpoints of the network and/or to the UE. The UE and the network may accordingly use the MTU configuration when communicating via the requested communication session.

Abstract: Disclosure are techniques for allocating aggregation devices in a lawful intercept system. In an embodiment, a method includes maintaining a list of point of interception aggregation (PAG) functions in a network function repository function (NRF) of a cellular network upon instantiation of the PAG functions; receiving a lawful intercept (LI) request; querying the NRF to determine a respective PAG function; and associating a point of interception (POI) function with the respective PAG function.

Abstract: In some implementations, a first network device may be associated with a serving gateway control plane function of a core network. The first network device may send, via a first interface, an association message to a second network device that is associated with a session management function and a packet data gateway control plane function of the core network. The first network device may receive selection information from the second network device via the first interface. The first network device may select, based on the selection information, a third network device that is associated with a serving gateway user plane function of the core network. The first network device may cause the third network device to route traffic for a packet data network session associated with a user device.

Abstract: A computer device may include a memory storing instructions and processor configured to execute the instructions to host a network function container that implements a microservice for a network function in a wireless communications network, wherein the network function container is deployed by a container orchestration platform; host a service proxy container associated with the network function container, wherein the service proxy container is deployed by the container orchestration platform; and configure the hosted service proxy container to apply a wireless network policy to the microservice for the network function. The processor may be further configured to intercept messages associated with the microservice for the network function using the configured service proxy container; and apply the wireless network policy to the intercepted messages using the configured service proxy container.

Abstract: A device, method, and system for forwarding, to a pod, a utility container associated with each of at least one network service for enabling a pre-registration of a network function (NF) with an NF registration function (NRF); sending, from the utility container, an authorization code to an NF authorization platform, wherein the authorization code is associated with the at least one network service; suspending a registration procedure for the NF with the NRF until the authorization code is forwarded from the NF authorization platform to the NRF; and resuming, responsive to a service registration request, the registration procedure based on a validation of the authorization code identified in the service registration request.

Abstract: Systems and methods described herein provide for User Equipment (UE)-initiated authentication and authorization updates to Network Slice-Specific Authentication and Authorization (NSSAA). A network device in a core network receives a message from a user device outside of the core network, wherein the message includes a request to initiate a NSSAA procedure. The network device initiates the NSSAA procedure in response to the request. The systems and methods also provide for UE-initiated authorization revocation of NSSAA.

Abstract: A system described herein may provide a technique for providing updated address mapping information associated with a service mesh via which one or more containerized instances communicate. The system may include and/or implement an application programming interface (“API”) via which the service mesh may provide address mapping information, that includes public and private addresses associated with containerized instances that communicate via the service mesh. The updated information may be received on an ongoing basis, and may be provided to another system that has subscribed to receiving updated mapping information associated with one or more containerized instances.

Abstract: Systems and methods described herein enable distribution of a Charging Function group identifier (“CHF-Group-ID”) and other CHF selection data to CHF consumers during Protocol Data Unit (PDU) session establishment in a 5G network. A Unified Data Repository (UDR) is provisioned with CHF-Group-ID details for each subscriber of the network. In one aspect, during PDU session establishment, CHF consumers obtain CHF-Group-ID information as part of a subscriber profile that is provided to all CHF consumers. No additional step or hop is needed for the CHF consumers to obtain the CHF-Group-ID. Thus, regionally segmented CHFs can be implemented without replication of data between CHFs in different regional segments and without additional signaling between network functions.