Abstract: System, methods, and computer-readable media for a Neutral Host (NH) operation of a 5G radio, whereby a NH operator receives feedback from hosts and determines to partition Physical Resource Block (PRB) resources. Thus, a NH system is provided that enables a third-party to independently operate other channels, whereby individual physical random access channels (PRACH) are operated by independent hosts. The NH system is able to indicate partitioned resources to individual hosts, including PRACH definition and mutually exclusive set of PRBs partitioned between tenants. The hosts operating in the NH system may be operable to implement their own independent schedulers, incorporating host specific logic, that can be configured with the partitioned resources but which may further operate independently of each other.

Abstract: Differentiated service in a federation-based access network is provided by receiving, with a request for access to a wireless network offering at least a two different service levels based on user identities, a set of user credentials from a User Equipment (UE); forwarding, for authentication, the set of user credentials to an identity provider in an identity federation with the wireless network, wherein the identity provider is independent from the wireless network; in response to determining that the set of user credentials indicate a realm known to be associated with a given service level, providing network access to the UE according to the given service level; and in response to determining that the given service level is not a highest service level in the wireless network, transmitting a list of preferred realms to the UE that are associated with higher service levels than the given service level.

Abstract: Supporting Multipath Transmission Control Protocol (MPTCP) subflows using multipath links, and more specifically supporting MPTCP subflows using Wi-Fi Multi-Link Operation (MLO) or cellular multi-link support may be provided. A multipath link may be established between an Access Point (AP) and a station (STA). The STA may mark the multipath link as Multipath Transmission Control Protocol (MPTCP) capable. Next, a request for an addition of a MPTCP subflow may be received. In response to receiving the request, the MPTCP subflow may be bound to the multipath link, and data from the MPTCP subflow may be sent over the multipath link.

Abstract: A method is provided that includes obtaining an access request for a device to access a visited access network, the access request including an authentication identifier for the device including an identity for the device and a realm comprising a network identifying portion; determining a re-write rule for the realm by querying a database based on an identity type of the device and the network identifying portion of the realm, the database including a plurality of re-write rules for a plurality of networks and a plurality of identity types; re-writing the realm based on the re-write rule using the identity for the device to generate a re-written realm; obtaining, based on the re-written realm, an address for an authentication server of an identity provider associated with the device; and performing an authentication with the authentication server using the authentication identifier to authenticate the device for the visited access network.

Abstract: Presented herein are techniques to facilitate the configuration of hybrid cells to support shared cell and unique cell operating modes for user equipment. In one example, a method may include obtaining a registration request for a user equipment (UE) in which the mobile network includes a radio access network (RAN) comprising a plurality of radio units (RUs) in which each RU provides a shared cell that is shared with at least one other RU and each RU also provides a unique cell that is not shared with any other RU. The method may further include determining an operating mode for the UE in which the operating mode indicates whether the UE is to operate in a shared cell or a unique cell operating mode, and facilitating connection of the UE to one of the shared cell or the unique cell of an RU based on the operating mode.

Abstract: The presently claimed disclosure is directed to methods that may be implemented at a computer. Methods and systems consistent with the present disclosure may include extending protocols associated with authenticating client (i.e. supplicant) devices and with authorizing those supplicant devices to access a wireless network. These methods may include sending data relating to the failure of an authentication and/or an authorization process to a supplicant device attempting to access a wireless network. Methods discussed within may include securely sending failure codes or reasons to a supplicant device that identify why an authentication or authorization process failed. These methods may include sending messages between a supplicant device, an authenticator device, and an authentication and authorization server. After a first failure, the supplicant device may be able to access the wireless network after a reason or code of that failure has been reported to the supplicant device.

Abstract: Roaming validation for Access Network Providers (ANPs), and particularly to protecting communications between Stations (STAs) and ANPs while providing roaming validation for ANPs may be provided. An ANP may first register a roaming federation system. The ANP may determine a roaming message based on subscription features of the network, and the ANP may request signing of the roaming message by the roaming federation system. The ANP may receive the signed roaming message from the roaming federation system and send the signed roaming message to a STA. The ANP may then receive a request to connect to the network from the STA and initiate a connection for the STA.

Abstract: Presented herein are techniques associated with providing an alternative network indication to a client device in a wireless local area network (WLAN) roaming federation. In one example a method is provided that may include obtaining access network information for each of a plurality of access networks that neighbor a first access network through connection of a client device with the first access network involving a first identity provider profile; determining an alternative access network with which the client device is recommended to seek connection or an alternative identity provider profiles with which the client device is recommended to connect to the first access network; and enabling the client device to initiate a connection with the alternative access network or to re-initiate a connection with the first access network utilizing the alternative identity provider profile.

Abstract: Presented herein are techniques to facilitate dual-connectivity support for a user equipment (UE) in a hybrid cell virtualized Radio Access Network (vRAN) architecture. In one example, a method may include obtaining, by a node of a mobile network via a first cell of a RAN, a request for a UE to connect to the mobile network via the first cell in which the RAN includes at least one shared cell and at least one unique cell; determining that the UE is allowed for dual-connectivity operation; and providing a policy to the UE, wherein the policy identifies, for each of one or more applications, one of a shared cell operating mode or a unique cell operating mode that the UE is to utilize for each of the one or more applications.

Abstract: Techniques for network communications are disclosed. These techniques include receiving a cryptographically generated device identifier (CGDI) and a public key relating to a wireless station (STA). The techniques further include determining a first hash based on decrypting the CGDI using the public key, and validating the first hash for an access network. The techniques further include identifying the STA in the access network using the CGDI based on binding the CGDI to a session associated with the STA and the access network.

Abstract: Presented herein are techniques to facilitate dynamic switching for user equipment between unique cell and shared cell operating modes based on application traffic. In one example, a method may include determining, a quality of service (QoS) to be provided for a traffic flow of a user equipment (UE) in which the mobile network includes a radio access network (RAN) including a plurality of radio units (RUs) in which at least two RUs provides a shared cell and each RU provides a unique cell; identifying an operating mode for the UE based on the QoS in which the operating mode indicates whether the traffic flow is to be communicated using a shared cell or a unique cell operating mode; and causing the UE to communicate the traffic flow using the shared cell the unique cell operating mode.

Abstract: Techniques are described to provide for authentication and subscription management that are decoupled from a Home Subscriber Server (HSS).

Abstract: Supporting Multipath Transmission Control Protocol (MPTCP) subflows using multipath links, and more specifically supporting MPTCP subflows using Wi-Fi Multi-Link Operation (MLO) or cellular multi-link support may be provided. A multipath link may be established between an Access Point (AP) and a station (STA). The STA may mark the multipath link as Multipath Transmission Control Protocol (MPTCP) capable. Next, a request for an addition of a MPTCP subflow may be received. In response to receiving the request, the MPTCP subflow may be bound to the multipath link, and data from the MPTCP subflow may be sent over the multipath link.

Abstract: Presented herein are techniques to facilitate wireless authorization based on in-line assurance and tariffing information. In one example, a method may include obtaining, by a home network, a request to authorize access of a roaming subscriber for a visited network; determining whether the request includes visited network charging information and visited network metric information; based on determining that the request includes the visited network charging information and the visited network metric information, determining whether one or more visited network metrics satisfy one or more threshold metrics for the roaming subscriber; and based on determining that the one or more visited network metrics satisfy the one or more threshold metrics for the roaming subscriber, authorizing access of the roaming subscriber for the visited network.

Abstract: The disclosed technology relates to a process of evaluating any number of different identity providers (IDPs) and their respective set of credentials that are used to authenticate corresponding users to assist with the onboarding of the different IDPs in connection with Wi-Fi identity federations. In particular, the process allows a person's electronic identity and attributes (stored across one or more IDPs) to be determined once using a standard. Once trust has been established for the user, that trust can then be utilized across a number of different systems (e.g., Single-sign on). The same trust determination can be used without the need for the authenticity of the user identity to be re-evaluated with each new access request.

Abstract: A method of controlling performance of a wireless device is performed by a node that is in electronic communication with a cellular network. The node includes a processor, a non-transitory memory, and a network interface. The method includes receiving a performance value characterizing a performance of a communication channel between a wireless device and a wireless access point. In some implementations, the wireless device and the cellular network are associated with different radio access technologies (RATs). The method includes determining whether the performance value breaches a performance criterion for the wireless device. The method includes adjusting a first amount of data transmitted to the wireless device from a base station of the cellular network and a second amount of data transmitted to the wireless device from the wireless access point. In some implementations, the combined first and second amounts of data satisfy the performance criterion for the wireless device.

Abstract: Presented herein are techniques to facilitate wireless authorization based on in-line assurance and tariffing information. In one example, a method may include determining, by a roaming subscriber, that a visited network is a chargeable network; querying, by the roaming subscriber, the visited network for charging policies for at least two identity realms; obtaining, by the roaming subscriber, charging policy metadata associated with the charging policies for the at least two identity realms; selecting, by the roaming subscriber, an identity realm through which to connect to the visited network based on the charging policy metadata for the at least two identity realms; and connecting to the visited network using the selected identity realm.

Abstract: The present disclosure relates to simultaneous operation of Wi-Fi access points in a super cell mode and a standalone mode and controlling connectivity of end terminals thereto. In one aspect, a method includes receiving a configuration for a group of access points operating within a network, the configuration allowing each access point of the group to operate in a super cell mode over a shared frequency channel and a standalone mode over a non-shared frequency channel. The method further includes determining, for an end terminal, whether the end terminal is to connect to the network over the shared frequency channel or the non-shared frequency channel based on a network policy to yield a determination; and controlling connectivity of the end terminal to at least one access point of the group of access points over the shared frequency channel or the non-shared frequency channel based on the determination.

Abstract: Presented herein are techniques to facilitate dual-connectivity support for a user equipment (UE) in a hybrid cell virtualized Radio Access Network (vRAN) architecture. In one example, a method may include obtaining, by a node of a mobile network via a first cell of a RAN, a request for a UE to connect to the mobile network via the first cell in which the RAN includes at least one shared cell and at least one unique cell; determining that the UE is allowed for dual-connectivity operation; and providing a policy to the UE, wherein the policy identifies, for each of one or more applications, one of a shared cell operating mode or a unique cell operating mode that the UE is to utilize for each of the one or more applications.

Abstract: Presented herein are techniques to facilitate wireless wide area (WWA) virtualized Radio Access Network (vRAN) (e.g., 5G) to wireless local area (WLA) RAN (e.g., Wi-Fi) steering or WLA RAN to WWA vRAN steering for one or more UE. In one example, a method may include obtaining first performance metrics associated with links of a WWA vRAN (e.g., fronthaul, midhaul, and backhaul links); obtaining second performance metrics associated with links WLA RAN (e.g., backhaul links); and in response to determining that one of the WWA vRAN is experiencing degraded performance based on the first performance metrics or the WLA RAN the second performance metrics, activating a steering event that causes, at least in part, an indication to be communicated to a UE to cause the UE to connect to the WWA vRAN or the WLA RAN that is not experiencing degraded performance.