Abstract: A user device may receive a traffic category and/or slice usage policy, and may provide a request for an application. The user device may receive the application with a traffic category and/or slice usage requirement, and may install the application on the user device. The user device may subscribe to traffic categories and/or slices, and may receive approval to utilize the traffic categories and/or slices. The user device may provide, by the application and to an operating system, a connection request for a particular traffic category and/or slice, and may determine whether the application is approved for the particular traffic category and/or slice. The device may provide, to a modem, the connection request and traffic descriptors for the particular traffic category and/or slice based on the application being approved, and may establish a protocol data unit session, for the application, utilizing the particular traffic category and/or slice.

Abstract: A first device may dynamically switch a proximity detection point from a second device, conducting an on-going call via a device identifier, to the first device. The first device may receive a proximity detection signal or an indication of a loss of a proximity detection signal from the second device, wherein the first device and the second device are associated with the device identifier. The first device may receive, from a network, another indication of the on-going call being conducted by the second device and may provide, to the network, a call origination request to pull the on-going call based on the proximity detection signal or the indication and based on the other indication of the on-going call. The first device may connect with the on-going call based on the call origination request and may conduct the on-going call via the first device rather than the second device.

Abstract: In some implementations, an authentication system may receive a user authentication request identifying a primary device. The authentication system may generate a challenge associated with a user profile mapped to the primary device. The authentication system may transmit a challenge message including the challenge. The authentication system may receive a challenge response including a response to the challenge, wherein the response to the challenge includes identification information regarding the user profile. The authentication system may determine a set of primary services associated with the user profile mapped to the primary device and a set of secondary services associated with a set of secondary devices. The authentication system may generate a set of security keys mapped to the set of primary services and the set of secondary services. The authentication system may provision the primary device and the set of secondary devices with the set of security keys.

Abstract: A user device may receive a traffic category and/or slice usage policy, and may provide a request for an application. The user device may receive the application with a traffic category and/or slice usage requirement, and may install the application on the user device. The user device may subscribe to traffic categories and/or slices, and may receive approval to utilize the traffic categories and/or slices. The user device may provide, by the application and to an operating system, a connection request for a particular traffic category and/or slice, and may determine whether the application is approved for the particular traffic category and/or slice. The device may provide, to a modem, the connection request and traffic descriptors for the particular traffic category and/or slice based on the application being approved, and may establish a protocol data unit session, for the application, utilizing the particular traffic category and/or slice.

Abstract: Systems and methods described herein enable user-aware and application-aware dynamic slicing for mobile networks. A network device in a provider network receives a dynamic slice request from a client application. The dynamic slice request includes authorization credentials and a quality of service (QoS) indication for the client application. In response to the dynamic slice request, the network device generates a traffic descriptor value. The traffic descriptor value includes an access token that indicates the QoS authorized for the client application. The network device pushes updated UE Route Selection Policy (URSP) rules to a modem of the UE device, and also separately directs the traffic descriptor value to the client application. The network device receives, from the UE device, a protocol data unit (PDU) session establishment request that includes network slice selection information based on the traffic descriptor value.

Abstract: A device may receive, from a user equipment, a token request associated with an application, wherein the token request is associated with a device identifier. The device may generate a device token for the application and the user equipment. The device may provide, using the device identifier, the device token to the user equipment to enable a user to access the application via an application platform. The device may receive, from the application platform, a slice request for a network slice of a network that is to be used for an application session. The device may determine that the user equipment is associated with the application session based on the device token and the device identifier. The device may configure a network slice instance of the network slice. The device may determine a user equipment route selection policy for the application session according to the network slice instance.

Abstract: In some implementations, an authentication system may receive a user authentication request identifying a primary device. The authentication system may generate a challenge associated with a user profile mapped to the primary device. The authentication system may transmit a challenge message including the challenge. The authentication system may receive a challenge response including a response to the challenge, wherein the response to the challenge includes identification information regarding the user profile. The authentication system may determine a set of primary services associated with the user profile mapped to the primary device and a set of secondary services associated with a set of secondary devices. The authentication system may generate a set of security keys mapped to the set of primary services and the set of secondary services. The authentication system may provision the primary device and the set of secondary devices with the set of security keys.

Abstract: A system described herein provides for the secure maintaining and providing of information, such as public keys used in Public Key Infrastructure (“PKI”) techniques or other techniques, using a distributed ledger (e.g., “blockchain”) system. A first device may output a first request to a second device to establish a communication session between the first device and the second device, where the request includes a first value. The first device may receive a second request from the second device, including a second value, to establish the communication session between the first device and the second device. The first device may determine, based on a comparison of the first and second values, that the first device should initiate an establishment procedure of a blockchain associated with the communication session between the first device and the second device, and may accordingly output a blockchain establishment message to a set of devices.

Abstract: A system described herein provides for the secure maintaining and providing of information, such as public keys used in Public Key Infrastructure (“PKI”) techniques or other techniques, using a distributed ledger (e.g., “blockchain”) system with a fallback to a key escrow system. A first device may encrypt a communication using a first key, and output the encrypted communication to a second device. The first device may attempt to record a second key, that is associated with the first key, to the blockchain system, and may determine that the second key was not recorded to the blockchain system based on the attempt. The first device may output the second key to a third device based on determining that the second key was not recorded to the blockchain system. The second device may obtain the second key from the third device, and use the second key to decrypt the encrypted communication.

Abstract: A system described herein provide for the secure maintaining and providing of information, such as public keys used in Public Key Infrastructure (“PKI”) techniques or other techniques, using a secure distributed ledger (e.g., “blockchain”) system. A first entity may generate an asymmetric key pair that includes a public key and a private key, and may provide the public key, along with a key identifier, to a blockchain system for retrieval by multiple other entities. For example, the entities may be engaged in a secure group communication session, in which communications are encrypted and may be decrypted using one or more keys, including the public key. The other entities may identify the public key, as recorded to the blockchain system, based on the key identifier. Participants may be added to or removed from the secure group communication session.

Abstract: A first device may dynamically switch a proximity detection point from a second device, conducting an on-going call via a device identifier, to the first device. The first device may receive a proximity detection signal or an indication of a loss of a proximity detection signal from the second device, wherein the first device and the second device are associated with the device identifier. The first device may receive, from a network, another indication of the on-going call being conducted by the second device and may provide, to the network, a call origination request to pull the on-going call based on the proximity detection signal or the indication and based on the other indication of the on-going call. The first device may connect with the on-going call based on the call origination request and may conduct the on-going call via the first device rather than the second device.

Abstract: A system described herein may provide for secure group messaging between multiple participant devices, in which two or more of the participant devices support blockchain-based techniques for the secure sharing of keys used to secure the group messaging, and in which one or more of the participant devices (e.g., a third device) do not support such techniques. A key escrow system may maintain keys associated with the third device, and the other devices of the group messaging system may retrieve such keys from the key escrow system. Such other devices may attempt to obtain keys associated with the third device from a blockchain and may retrieve such keys from the key escrow system when the retrieval from the blockchain is unsuccessful. The other devices may additionally share their respective keys to the blockchain and the key escrow system, or the key escrow system may “pull” such keys from the blockchain.

Abstract: A device may receive, from a user equipment, a token request associated with an application, wherein the token request is associated with a device identifier. The device may generate a device token for the application and the user equipment. The device may provide, using the device identifier, the device token to the user equipment to enable a user to access the application via an application platform. The device may receive, from the application platform, a slice request for a network slice of a network that is to be used for an application session. The device may determine that the user equipment is associated with the application session based on the device token and the device identifier. The device may configure a network slice instance of the network slice. The device may determine a user equipment route selection policy for the application session according to the network slice instance.

Abstract: A device may receive, from a user equipment, a token request associated with an application, wherein the token request is associated with a device identifier. The device may generate a device token for the application and the user equipment. The device may provide, using the device identifier, the device token to the user equipment to enable a user to access the application via an application platform. The device may receive, from the application platform, a slice request for a network slice of a network that is to be used for an application session. The device may determine that the user equipment is associated with the application session based on the device token and the device identifier. The device may configure a network slice instance of the network slice. The device may determine a user equipment route selection policy for the application session according to the network slice instance.

Abstract: A device may receive, from a user equipment, a token request associated with an application, wherein the token request is associated with a device identifier. The device may generate a device token for the application and the user equipment. The device may provide, using the device identifier, the device token to the user equipment to enable a user to access the application via an application platform. The device may receive, from the application platform, a slice request for a network slice of a network that is to be used for an application session. The device may determine that the user equipment is associated with the application session based on the device token and the device identifier. The device may configure a network slice instance of the network slice. The device may determine a user equipment route selection policy for the application session according to the network slice instance.

Abstract: A network device receives an indication to establish a session for an internet protocol (IP) service between a first device and a second device, wherein the network device is part of a local network with the first device and another network device. The network device identifies a service tag to include in a service tag field of a session request. The other network device causes the session request that includes an updated service tag to be provided to the second device. The second device provides a session response with the service tag to the other network device, the other network device updates the session response to include the original service tag and provides an updated session response to the network device. The network device causes the session to be established.

Abstract: A network device receives an indication to establish a session for an internet protocol (IP) service between a first device and a second device, wherein the network device is part of a local network with the first device and another network device. The network device identifies a service tag to include in a service tag field of a session request. The other network device causes the session request that includes an updated service tag to be provided to the second device. The second device provides a session response with the service tag to the other network device, the other network device updates the session response to include the original service tag and provides an updated session response to the network device. The network device causes the session to be established.

Abstract: A user device registers with a proxy-call session control function device (P-CSCF) associated with an Internet protocol (IP) multimedia subsystem (IMS). The user device forwards a request to the P-CSCF requesting a session via the IMS for an IMS call. If a response to the request is not received from the P-CSCF during a time period after forwarding the request, the user device attempts to newly register with the P-CSCF. If the new registration is successful, the user device re-forwards the request to the P-CSCF. Otherwise, if the new registration with the P-CSCF is unsuccessful, the user device registers with a different P-CSCF and forwards the request to the second P-CSCF.

Abstract: A user device registers with a proxy-call session control function device (P-CSCF) associated with an Internet protocol (IP) multimedia subsystem (IMS). The user device forwards a request to the P-CSCF requesting a session via the IMS for an IMS call. If a response to the request is not received from the P-CSCF during a time period after forwarding the request, the user device attempts to newly register with the P-CSCF. If the new registration is successful, the user device re-forwards the request to the P-CSCF. Otherwise, if the new registration with the P-CSCF is unsuccessful, the user device registers with a different P-CSCF and forwards the request to the second P-CSCF.

Abstract: A user device registers with a proxy-call session control function device (P-CSCF) associated with an Internet protocol (IP) multimedia subsystem (IMS). The user device forwards a request to the P-CSCF requesting a session via the IMS for an IMS call. If a response to the request is not received from the P-CSCF during a time period after forwarding the request, the user device attempts to newly register with the P-CSCF. If the new registration is successful, the user device re-forwards the request to the P-CSCF. Otherwise, if the new registration with the P-CSCF is unsuccessful, the user device registers with a different P-CSCF and forwards the request to the second P-CSCF.