Abstract: According to one aspect of the present disclosure, an apparatus for correlating network data analytics, NDA, information for a device group comprising multiple terminal devices is provided, wherein each terminal device is associated with a group member identifier and the device group is associated with a group identifier. The apparatus is adapted to receive an NDA request comprising a group identifier and an NDA specification of NDA information to be collected, to send a group member identifier request comprising the group identifier, and to receive, in response to the group member identifier request, one or more group member identifiers associated with the group identifier.

Abstract: Embodiments described herein relate to methods and apparatus for configuring UPF analytics in a service based architecture. The method in an analytics controller comprises: obtaining an indication of an analytics policy rule, APR, wherein the APR indicates analytics to be carried out by a user plane function node; translating the APR into at least one rule setting a condition for reporting analytics to a network data analytics function, NWDAF, or for forwarding packets to an analytics engine, wherein the rule applies to one of: a particular user and particular traffic type; a particular user for all traffic types; and a particular user plane function node; and transmitting the at least one rule to the user plane function node.

Abstract: A method for operating a user plane entity configured to handle a user plane of data packet sessions exchanged in a cellular network, each data packet session comprising data packet flows of a plurality of applications, the data packet flows of each application being identified by an application identifier, the method includes: determining that a tracking of data packet flows identified by an application identifier should be stopped, determining one or more application detection filters configured to detect data packet flows identified by the application identifier, removing the one or more application detection filters and the application identifier from the user plane entity, and requesting a session control entity configured to control the data packet sessions to remove packet detection rules usable to detect the data packet flows identified by the application identifier, wherein the request includes the application identifier.

Abstract: Implementation of an application rule for an application to be accessed by a User Equipment, UE, in a user session in a Service Based Architecture, SBA, domain in a core network of a telecommunications system is disclosed. The SBA, among others, comprises a Policy Control Function, PCF (6), an Application Function, AF (5), and a Session Management Function, SMF (9). The method comprising the steps of receiving, by the PCF (6), an application rule comprising an AF Identifier, AF-ID, identifying the application rule, an Application Identifier, App-ID, identifying the application, and at least one service requirement for processing the application in the SBA domain. The PCF (6) instructing the SMF (9) to execute the at least one service requirement to all present and future user sessions pertaining to the respective application. Complementary methods of supporting the execution of the application rule and devices are also presented.

Abstract: The present invention faces the issue of supporting edge cloud in an NG network. There is thus provided an edge cloud broker (ECB) and a method carried out by the ECB for selecting edge cloud resources of a mobile edge computing (MEC) network, the edge cloud resources usable by a UE accessing the NG network. This method comprises: obtaining, from a first network node of the NG network, a UE's location; obtaining, from a second network node of the NG network, an identifier of an edge cloud application that the UE requests; obtaining, from a third network node of the MEC network, a location of each one or more edge cloud resources available to execute the edge cloud application; and selecting, based on at least the UE's location and the location of each one or more edge cloud resources, an applicable edge cloud resource to execute the edge cloud application for the UE.

Abstract: A method and a managing node for managing exchange of information relating to Packet Flow Descriptors, PFDs, between an application server and a network exposure node are disclosed. The managing node receives a message comprising a PFD with a PFD identifier, an external application identifier associated with the PFD, a server identifier of the application server, a transaction identifier, and a network exposure identifier identifying an operator network. The managing node stores received information. The managing node selects, based on the network exposure identifier, a network exposure node. When a PFD selection identifier is included in the message, the managing node selects, based on the PFD selection identifier, a further PFD amongst the set of stored PFDs. The managing node also determines an action for the further PFD. The managing node further transmits, towards the network exposure node, the PFD and an indication of the action.

Abstract: A method of detecting Quick User Datagram Protocol Internet Connections, QUIC, traffic in a telecommunication network between a User Equipment, UE, and a Content Provider, CP, wherein said UE has an established application session with said CP, for a particular application, using QUIC as transport protocol, wherein said method comprises the steps of receiving, by a User Plane Function, UPF, comprised by said telecommunication network, from said CP, a list of connection identifiers that identify said established application session between said UE and said CP, receiving, by said UPF, a QUIC packet comprising a connection identifier, detecting, by said UPF, said QUIC traffic by determining that said connection identifier of said received QUIC packet is comprised by said list of connection identifiers.

Abstract: A method of reporting traffic metrics by a User Plane Function, UPF, to a Session Management Function, SMF, in a telecommunication network, wherein said method comprises the steps of receiving, by said UPF, a session creation/modification message for creating/modifying a session between said UPF and said SMF, wherein said message comprises a Reporting Rule thereby defining which traffic metric is to be reported by said UPF to said SMF, measuring, by said UPF, said traffic metric based on said received Reporting Rule, transmitting, by said UPF, to said SMF, a reporting message, wherein said reporting message comprises said measured traffic metric.

Abstract: A method of enabling functionality at a User Plane Function, UPF, by a Session Management Function, SMF, in a telecommunication network. The method includes receiving, by the UPF, a session creation/modification message for creating/modifying a session between the UPF and the SMF, wherein the session creation/modification message includes a session functionality indication for indicating functionality to be enabled for said session, and enabling, by the UPF, the functionality during the session between said UPF and the SMF.

Abstract: A method may be provided to operate a first network node of a wireless communication network. The method may include receiving a request from a second network node to activate packet flow descriptor PFD extraction with respect to a session for a wireless device, and receiving application traffic for the wireless device, wherein an address is provided to route the application traffic. The method may also include determining an application identifier for the address responsive to the address for the application traffic being unknown to the first network node, and transmitting a PFD notification to the second network node, wherein the PFD notification includes the application identifier.

Abstract: A method of processing a Domain Name Server, DNS, query received from a User Equipment, UE, in a telecommunication network, wherein said method comprises the steps of receiving (102), by a User Plane Function, UPF, an encrypted message from said UE, determining (103), by said UPF, that said encrypted message is an encrypted DNS query by establishing that a destination address in said encrypted message corresponds to an address of a DNS server comprised by said telecommunication network, and forwarding (104), by said UPF, said encrypted DNS query to said DNS server.

Abstract: Methods, a policy node, an application node, a storage node and an operator network for enabling filtering of traffic from an application hosted by the application node are disclosed. The policy node receives, from the application node, application content information relating to the filtering of the traffic and an identifier of the application to which the application content information applies, wherein the application content information comprises an indication relating to application content category of the traffic, and wherein the application content information comprises one or more of an adaptability indicator specifying whether the application is able to adapt the traffic to a given user content category, and a notification indicator specifying whether the application is able to notify, to the policy node, an application content category before providing requested traffic. The policy node further transmits, by the policy node to the storage node, the application content information.

Abstract: The invention relates to a method for operating a gateway wherein the method comprises to detect a downlink data packet session transmitted to the first user entity, and to amend the lifetime indicator in at least some of the data packets of the detected downlink data packet session such that the data packets for which the lifetime indicator has been amended, have reached the end of the lifetime and cannot be transmitted further when arriving at the first user entity.

Abstract: A method and a managing node for managing exchange of information relating to Packet Flow Descriptors, PFDs, between an application server and a network exposure node are disclosed. The managing node receives a message comprising a PFD with a PFD identifier, an external application identifier associated with the PFD, a server identifier of the application server, a transaction identifier, and a network exposure identifier identifying an operator network. The managing node stores received information. The managing node selects, based on the network exposure identifier, a network exposure node. When a PFD selection identifier is included in the message, the managing node selects, based on the PFD selection identifier, a further PFD amongst the set of stored PFDs. The managing node also determines an action for the further PFD. The managing node further transmits, towards the network exposure node, the PFD and an indication of the action.

Abstract: Methods and apparatus for managing quality of service for video streaming, in which a Policy and Charging Rules Function (PCRF) in a Policy Charging Control (PCC) architecture of a telecommunications system receives from a Policy Control Enforcement Function (PCEF) a notification indicating that a video service has started for streaming video content to a user equipment (UE). A first Quality of Service (QoS) setting for streaming the video service to the UE is determined. First QoS setting data identifying the first QoS setting is transmitted to the PCEF. The PCEF transmits a further notification to the PCRF indicating that a particular stage has been reached. The PCRF receives the notification from the PCEF. In response to the further notification, a second QoS setting specifying a lower QoS than the first QoS setting for streaming the video service after the particular stage is determined. The PCRF identifies the second QoS setting to the PCEF.

Abstract: Methods, a user data node (120), a policy node (150), an application node (170) and an operator network (101) for enabling management of an attack towards an application (190) hosted by the application node (170) are disclosed. The policy node (150) receives (3) attack information and an identifier of the application (190) to which the attack information applies. The attack information relates to the management of the attack and the attack information comprises a type of attack, a set of detection conditions relating to detection of attacks of the type of attack, and a mitigation action to be invoked when at least one detection condition of the set of detection conditions is fulfilled. In this manner, degeneration of the application (190) caused by the attacks of the type of attack is mitigatable. The policy node (150) generates (13) at least one rule based on the attack information.

Abstract: Methods, a system for managing traffic transmitted by a User Equipment (UE), a UE for enabling differentiation of the traffic, a Packet Gate-Way User plane (PGW-U) for managing the traffic as well as a Mobility Management Entity (MME) for enabling differentiation of the traffic are disclosed. The PGW-U (120) receives (9) a marking type and a marking value, which originate from the SCS/AS (170) and which are associated with an application identifier for identifying application traffic to be handled according to the marking type and the marking value. The UE (110) receives (14), from the MME (130), the marking type and the marking value. The UE (110) transmits (17), towards the PGW-U (120), application traffic marked according to the marking type and marking value. The PGW-U (120) inspects (18) the traffic according to the marking type to obtain the marking value. The PGW-U (120) handles (18) the traffic based on the marking value.

Abstract: A method is disclosed for providing a Packet Flow Descriptor, PFD, to a session management function, SMF, in a telecommunication network that supports network slicing and that includes a Packet Flow Description Function, PFDF, for hiding a topology of the telecommunication network from Application Service Providers, ASP, where the PFDF is shared among slices of the telecommunication network. The method includes receiving a PFD from an ASP, and storing the PFD in a Unified Data Repository, UDR. The method further includes receiving, from the SMF, a request for PFDs that apply to a particular slice, retrieving, from the UDR, the PFD that applies to the particular slice, and providing the retrieved PFD to the SMF.

Abstract: The use of multipath enabled mobile entities accessing a service outside the network in a multipath connection. The invention relates to a method for operating an application server (100) providing a service to a multipath enabled mobile entity (10) connected to the application server with a first bearer of a first access network of a first mobile communications network, wherein the application server is external to the mobile communications network, whereas the method comprises the steps of receiving an indication that the mobile entity (10) has an option to use another bearer not belonging to the first mobile communications network for accessing the application server, and of transmitting a request message towards a policy control entity (50) of the first mobile communications network requesting the policy control entity to disconnect the first bearer.

Abstract: A method performed by a user plane, UP. The method includes determining whether a redirect message should be sent to a user equipment, UE, that has transmitted a first message intended for a first server, wherein the determining comprises: i) receiving a message transmitted by the first server and determining, based on the message, whether a redirect message should be sent to the UE or ii) detecting a timeout with respect to the first server; and, as a result of determining that redirect message should be sent to the UE, sending to the UE the redirect message, wherein the redirect message is configured to cause the UE to send a second message to a second server.