Abstract: A method of establishing an application layer connection between a user equipment (UE) and an application executing on an edge computing node via a communication network. The method comprises receiving an application service availability message by the UE that identifies a plurality of networks that provide access to an identified application executing on an edge computing node within the network; for each network identified in the application service availability message, receiving by the UE an application service figure-of-merit determined by that network associated with a prospective application layer connection between the UE and an edge computing node executing the identified application that is located in that network; based on evaluating the figure-of-merit associated with each network establishing an application layer connection by the UE via the selected network to the application executing on the edge computing node in the selected network.

Abstract: A method for implementing a slice security zone (SSZ) in a 5G network. The method comprises storing by an SSZ function executing on a first network server an SSZ security profile of the SSZ in a secure storage function, receiving by the SSZ function from a slice management function a slice registration request comprising information relating to a slice security profile of a slice managed by the slice management function, if the slice security profile complies with the SSZ security profile, storing by the SSZ function a slice registration association between the slice and the SSZ in the secure storage function, and sending by the SSZ function to the slice management function a slice registration response comprising information relating to whether the slice was registered in the SSZ.

Abstract: A wireless communication network serves a Network Exposure Function (NEF) slice to User Equipment (UE). An Access and Mobility Management Function (AMF) selects a NEF slice for the UE. A Session Management Function (SMF) selects a NEF address for the NEF slice for the UE. A User Plane Function (UPF) exchanges Application Programming Interface (API) calls and responses between the UE and a NEF based on the NEF address. The NEF exchanges the API messages with the UE over the UPF. The NEF slice may comprise an edge NEF slice that is selected based on the geographic location of the UE and that features a local NEF element that is coupled to a core NEF element.

Abstract: A method of directing encrypted data transmitted wirelessly on a communication network comprising receiving encrypted data, by a managing application executing on a virtual network, from a user equipment (UE) operating on a mobile network. The managing application on the virtual network is coupled with an access node and deciphers a portion of the data encrypted with homomorphic encryption to determine a data characteristic. The managing application routes the encrypted data to a network location in response to the data characteristic of the encrypted data.

Abstract: A method for edge network authentication and access, implemented by an edge server, including receiving user equipment (UE) information from an application client executed on a UE to establish a connection between the edge server and the UE, verifying whether the UE has authorization to the local access point name (APN) based on the UE information, generating a session key when the UE has authorization to the local APN, sending the session key to the UE, receiving a request to access content of an application on a content server from the UE, decrypting the information to obtain a key, comparing the key with the application key to validate the UE, verifying identifiers of the UE when the UE is valid, identifying the application on the content server to obtain the content based on the request, encrypting and sending a session identifier to the UE based on a new application key.

Abstract: System and method for creating a secure enclave for User Equipment Route Selection Policy (URSP) rules in User Equipment (UE) in 5G to prevent malicious tampering and modification of the URSP rules. When the URSP rules are changed, a request is sent to receive a new set of URSP rules or receive an update of the URSP rules.

Abstract: A method of establishing an application layer connection between a user equipment (UE) and an application executing on an edge computing node via a communication network. The method comprises receiving an application service availability message by the UE that identifies a plurality of networks that provide access to an identified application executing on an edge computing node within the network; for each network identified in the application service availability message, receiving by the UE an application service figure-of-merit determined by that network associated with a prospective application layer connection between the UE and an edge computing node executing the identified application that is located in that network; based on evaluating the figure-of-merit associated with each network establishing an application layer connection by the UE via the selected network to the application executing on the edge computing node in the selected network.

Abstract: A wireless communication network serves sensor data from a wireless sensor to a data system. The wireless communication network receives a sensor request transferred by the data system. The wireless communication network transfers the sensor request to a Network Exposure Function (NEF). The wireless communication network receives sensor data transferred by the wireless sensor. The wireless communication network transfers the sensor data to the NEF. The NEF receives the sensor data and the sensor request, and in response, transfers the sensor data for delivery to the data system.

Abstract: A wireless communication network to serve a User Equipment (UE) over Network Exposure Functions (NEFs) that have Application Programming Interfaces (APIs). In the wireless communication network, a NEF Interface Function (NIF) receives a NEF request from a network function. The NIF correlates the NEF request with one of the APIs. The NIF selects one of the NEFs based on the one of the APIs. The NIF translates the NEF request into an API call based on the one of the APIs. The NIF transfers the API call to the one of the NEFs. The one of the NEFs receive the API call and responsively performs a network task for the UE based on the API call.

Abstract: A method of performing a virtual network function. The method comprises forking a user plane process on a computer by a virtual network function process that executes on the computer, forking a control plane process on the computer by the virtual network function process, adding blocks to a user plane blockchain by the user plane process that record user plane events, adding blocks to a control plane blockchain by the control plane process that record control plane events, creating a first package of information by the user plane process based on the user plane blockchain, self-terminating by the user plane process while passing the first package of information to the virtual network function process, creating a second package of information by the control plane process based on the control plane blockchain, self-terminating by the control plane process while passing the second package of information to the virtual network function process.

Abstract: A method of authorizing computing services at the edge of a communication network.

Abstract: A method for providing a translating virtual network function by a network element. The method comprises receiving by the network element a first Packet Forwarding Control Protocol (PFCP) message of a plurality of PFCP messages at a first Internet Protocol (IP) address of a plurality of IP addresses of the network element, the first IP address corresponding to a first Session Management Function (SMF) of one or more SMFs, selecting by the network element a translation method based on the first IP address on which the first PFCP message was received, translating by the network element the first PFCP message using the selected translation method into a function-based model representation of the first PFCP message, and configuring by the network element a network interface controller to implement, based on the representation of the first PFCP message, a protocol data unit (PDU) session.

Abstract: A User Equipment (UE) receives wireless network services from a first wireless network slice and a second wireless network slice over a non-Third Generation Partnership Project (non-3GPP) link. A Third Generation Partnership Project (3GPP) client authenticates with a 3GPP network over the non-3GPP link and establishes a first N1 signaling link for the first wireless network slice over the non-3GPP link. The 3GPP client authenticates with the 3GPP network over the non-3GPP link and establishes a second N1 signaling link for the second wireless network slice over the non-3GPP link. The first user application exchanges data with the first wireless network slice over the non-3GPP link. The second user application exchanges data with the second wireless network slice over the non-3GPP link. The 3GPP client maintains both N1 signaling links when both user applications are exchanging their data with the wireless network slices over the non-3GPP link.

Abstract: A wireless communication network performs quantum authentication for a wireless User Equipment (UE). In the wireless communication network, quantum circuitry selects polarization states for qubits, generates and transfers the qubits, exchanges cryptography information with edge quantum circuitry, generates cryptography keys based on polarization states and cryptography information, and transfers the cryptography keys to network authentication circuitry. The edge quantum circuitry receives and process the qubits, determines the polarization states for the qubits, exchanges the cryptography information with the network quantum circuitry, generates the cryptography keys based on the polarization states and cryptography information, and transfers the cryptography keys to the wireless UE. The wireless UE generates authentication data based on the cryptography keys and wirelessly transfers the authentication data for delivery to the network authentication circuitry.

Abstract: A wireless User Equipment (UE) performs quantum authentication with a wireless communication network. The wireless UE receives qubits that were generated by the wireless communication network and determines polarization states for the qubits. The wireless UE exchanges cryptography information with the wireless communication network. The wireless UE and the wireless communication network both generate cryptography keys based on the polarization states and the cryptography information. The wireless UE generates authentication data based the cryptography keys. The wireless UE wirelessly transfers the authentication data to the wireless communication network. The wireless communication network authenticates the wireless UE based on the authentication data and the cryptography keys.

Abstract: A wireless communication network serves User Equipment (UEs) over wireless network slices that comprise Network Exposure Functions (NEFs). The egress AF receives a slice request from an external data system and transfers the slice request to the NEF in the wireless network slice. An Access and Mobility Management Function (AMF) selects the wireless network slice for the UE. The UPF in the wireless network slice receives user data from the UE and transfers the user data to the ingress AF in the wireless network slice. The ingress AF transfers the user data to the NEF in the wireless network slice. The NEF transfers the user data to the egress AF in response to the slice request. The egress AF transfers the user data to the external data system in response to the slice request.

Abstract: A method of performing a virtual network function (VNF) is disclosed. The method comprises forking a user plane process on a computer by a VNF process that executes on the computer, forking a control plane process on the computer by VNF process, adding blocks to a user plane blockchain by the user plane process that record user plane events, and adding blocks to a control plane blockchain by the control plane process that record control plane events. The method also comprises creating a first information package by the user plane process based on the user plane blockchain, self-terminating by the user plane process while passing the first package of information to the VNF process, creating a second information package by the control plane process based on the control plane blockchain, and self-terminating by the control plane process while passing the second package of information to the VNF process.

Abstract: In a wireless communication network, Network Function (NF) circuitry determines an initial NF status and indicates the initial NF status to Network Exposure Function (NEF) circuitry. The NEF circuitry processes the initial NF status, and in response, determines an initial NF privilege based on the initial NF status and indicates the initial NF privilege to the NF circuitry. The NF circuitry delivers a wireless data service to a wireless User Equipment (UE) based on the initial NF privilege. The NF determines a current NF status and indicate the current NF status to the NEF circuitry. The NEF circuitry processes the current NF status, and in response, determines a current NF privilege based on the current NF status and indicates the current NF privilege to the NF circuitry. The NF circuitry delivers the wireless data service to the UE based the current NF privilege.

Abstract: A wireless communication network serves User Equipment (UEs) over a Third Generation Partnership Project (3GPP) Network Exposure Function (NEF). The wireless communication network comprises a non-3GPP Interworking Function (IWF) and the 3GPP NEF. The non-3GPP IWF receives NEF Application Programming Interface (API) calls that have UE data from the UEs over non-3GPP access nodes. The non-3GPP IWF transfers the NEF API calls that have the UE data to the 3GPP NEF. The 3GPP NEF receives the NEF API calls that have the UE data from the non-3GPP IWF. The 3GPP NEF exposes the UE data to an Application Functions (AF) in response to the NEF API calls.

Abstract: A communication device. The communication device comprises a central processing unit (CPU), a graphics processing unit (GPU), and a non-transitory memory comprising executable instructions for a sharing application that when executed by at least one of the CPU or the GPU, causes the sharing application to transmit an executable of a trusted application to an endpoint communication device, begin execution of the sharing application in a trusted security execution zone (TSZ) execution mode for sharing media content, instantiate a trustlet application that begins execution by the CPU or the GPU in the TSZ execution mode, display a unit of media content on the communication device, determine whether the unit of media content comprises confidential information, and in response to a determination the unit of media content comprises confidential information, transmit commands to the trusted application to control one or more functions at the endpoint communication device.