Abstract: Systems and methods described herein direct an end device to a multi-access edge computing (MEC) service instance among MEC instances with different service levels for different geographic areas. A network device stores a map of a geographic area with unique identifiable regions (UIRs) that each include cells for different wireless stations of a transport network. The network device receives application parameters, for a designated coverage area, for an application to be serviced using MEC resources. The network device associates the designated coverage area with one or more target UIRs from the map and deploys, when the MEC resources are available to support the application parameters, an instance of the application at a MEC cluster. The deployed instance of the application meets the application parameters for the target UIRs. The network device updates a MEC-domain name service (DNS) for the deployed instance of the application at the MEC cluster.

Abstract: Systems and methods described herein direct an end device to a multi-access edge computing (MEC) service instance among MEC instances with different service levels for different geographic areas. A network device stores a map of a geographic area with unique identifiable regions (UIRs) that each include cells for different wireless stations of a transport network. The network device receives application parameters, for a designated coverage area, for an application to be serviced using MEC resources. The network device associates the designated coverage area with one or more target UIRs from the map and deploys, when the MEC resources are available to support the application parameters, an instance of the application at a MEC cluster. The deployed instance of the application meets the application parameters for the target UIRs. The network device updates a MEC-domain name service (DNS) for the deployed instance of the application at the MEC cluster.

Abstract: Systems and methods described herein direct an end device to a multi-access edge computing (MEC) service instance among MEC instances with different service levels for different geographic areas. A network device stores a map of a geographic area with unique identifiable regions (UIRs) that each include cells for different wireless stations of a transport network. The network device receives application parameters, for a designated coverage area, for an application to be serviced using MEC resources. The network device associates the designated coverage area with one or more target UIRs from the map and deploys, when the MEC resources are available to support the application parameters, an instance of the application at a MEC cluster. The deployed instance of the application meets the application parameters for the target UIRs. The network device updates a MEC-domain name service (DNS) for the deployed instance of the application at the MEC cluster.

Abstract: A device may determine whether a mobile device is associated with a first identifier that is associated with a first mobile network based on determining that a second identifier associated with the mobile device is associated with a second mobile network. The first identifier may provide authorization for the mobile device to a private network associated with the first mobile network. The device may transmit, based on determining that the mobile device is associated with the first identifier, a security challenge to the mobile device. The device may determine, based on receiving a response to the security challenge from the mobile device, whether the response to the security challenge satisfies the security challenge. The device may provide, based on determining that the response to the security challenge satisfies the security challenge, the mobile device with access to the private network.

Abstract: Systems and methods described herein direct an end device to a multi-access edge computing (MEC) service instance among MEC instances with different service levels for different geographic areas. A network device stores a map of a geographic area with unique identifiable regions (UIRs) that each include cells for different wireless stations of a transport network. The network device receives application parameters, for a designated coverage area, for an application to be serviced using MEC resources. The network device associates the designated coverage area with one or more target UIRs from the map and deploys, when the MEC resources are available to support the application parameters, an instance of the application at a MEC cluster. The deployed instance of the application meets the application parameters for the target UIRs. The network device updates a MEC-domain name service (DNS) for the deployed instance of the application at the MEC cluster.

Abstract: A device may determine whether a mobile device is associated with a first identifier that is associated with a first mobile network based on determining that a second identifier associated with the mobile device is associated with a second mobile network. The first identifier may provide authorization for the mobile device to a private network associated with the first mobile network. The device may transmit, based on determining that the mobile device is associated with the first identifier, a security challenge to the mobile device. The device may determine, based on receiving a response to the security challenge from the mobile device, whether the response to the security challenge satisfies the security challenge. The device may provide, based on determining that the response to the security challenge satisfies the security challenge, the mobile device with access to the private network.

Abstract: A mobile device sends a network attach request to a network node, and receives an authentication challenge from the network node, where the authentication challenge includes an authentication token, a random number, and a time variable associated with a current time at the network node. A microprocessor smart card of the mobile device retrieves the time variable from the authentication challenge, and starts a clock counter based on the retrieved time variable. The microprocessor smart card uses a current time represented by the clock counter to perform time expiration validation tests on certificates during Public Key Infrastructure (PKI) authentication or on authentication tokens during token-based authentication.

Abstract: An exemplary security key bootstrapping system determines an application layer session security keyset uniquely associated with a client device and based on a subscriber identity master security credential. The subscriber identity master security credential is permanently stored within a component of the client device and is also stored on a subscriber identity management server associated with a provider network by which the client device is communicatively coupled with an application server system. The security key bootstrapping system uses the application layer session security keyset as a credential to provide end-to-end security for an application layer session between the client device and the application server system over the provider network. Neither the component of the client device nor the subscriber identity management server obtains the subscriber identity master security credential from an exchange of the subscriber identity master security credential over the provider network.

Abstract: An exemplary security key bootstrapping system determines an application layer session security keyset uniquely associated with a client device and based on a subscriber identity master security credential. The subscriber identity master security credential is permanently stored within a component of the client device and is also stored on a subscriber identity management server associated with a provider network by which the client device is communicatively coupled with an application server system. The security key bootstrapping system uses the application layer session security keyset as a credential to provide end-to-end security for an application layer session between the client device and the application server system over the provider network. Neither the component of the client device nor the subscriber identity management server obtains the subscriber identity master security credential from an exchange of the subscriber identity master security credential over the provider network.

Abstract: A mobile device sends a network attach request to a network node, and receives an authentication challenge from the network node, where the authentication challenge includes an authentication token, a random number, and a time variable associated with a current time at the network node. A microprocessor smart card of the mobile device retrieves the time variable from the authentication challenge, and starts a clock counter based on the retrieved time variable. The microprocessor smart card uses a current time represented by the clock counter to perform time expiration validation tests on certificates during Public Key Infrastructure (PKI) authentication or on authentication tokens during token-based authentication.

Abstract: A method for generating a 3D object for visualizing multivariate data includes gathering subscriber information about subscribers of a network, receiving a user request to generate the 3D object, and generating object-data specifying a three-dimensional contour that models a relationship between at least two variables of the subscriber information and a measure. The three-dimensional contour is based on the received request and on the subscriber information, and the object data is generated in a format that is printable by a 3D printer. The object data is transmitted to the user.

Abstract: The described examples provide a system and methods for identifying a location of a mobile device within an indoor venue using cellular communication signals obtained while the mobile device is within the indoor venue. An array of antennas arranged within the indoor venue detects cellular communication signals transmitted by the mobile device. The detected cellular communication signals have detectable and measurable signal parameters that allow the location of the mobile device within the indoor venue and an identifier of the mobile device to be determined. The determined identifier of the mobile device may also be used to identify the mobile device subscriber. The mobile device indoor location information may be used to update an anonymized subscriber profile associated with the mobile device subscriber.

Abstract: Systems and methods for managing information about content transmission are disclosed. In some implementations, a first mobile device communicates with a second mobile device, via a short-range radio of the first mobile device, to either send or receive a content item. The first mobile device tags the content item with a tag. The tag identifies the second mobile device. The first mobile device transmits to a server, via an additional radio of the first mobile device, data identifying the content and the second mobile device. The additional radio is different from the short-range radio. The data is transmitted to the server for analyzing short-range radio transmissions between mobile devices.

Abstract: A first device may have a processor and a power management system configured to receive a request from a second device. The first device may receive attribute data from the second device and compare the attribute data of the second device to attribute data of the first device. The first device may then determine whether the second device is a qualifying device based on the comparison and it may also determine a power transfer mode of the first device based on whether the device is a qualifying device and on the attribute data of the first and second device.

Abstract: An input device may be in communication with an application processor, wherein the input device may be configured to receive an input and the application processor may be configured to translate the input to a received template. A secure element may be in communication with the application processor and configured to receive the received template from the application processor. The secure element may include a matcher and an enrolled template database. The matcher may be configured to compare the received template from the application processor with an enrolled template within the enrolled template database and return a match status based on the comparison.

Abstract: A method for generating a 3D object for visualizing multivariate data includes gathering subscriber information about subscribers of a network, receiving a user request to generate the 3D object, and generating object-data specifying a three-dimensional contour that models a relationship between at least two variables of the subscriber information and a measure. The three-dimensional contour is based on the received request and on the subscriber information, and the object data is generated in a format that is printable by a 3D printer. The object data is transmitted to the user.

Abstract: A server is configured to establish connections for secure element communication sessions. The server receives a request from a device to establish a first secure connection, and establishes the first secure connection with the device in response to the received request. The server sends a request to a Trusted Service Manager (TSM). The sent request instructs the TSM to establish a second secure connection between the TSM and a secure memory. The server receives an authentication request from the TSM to establish the second secure connection, and forwards the authentication request to the device over the first secure connection.

Abstract: A server is configured to establish connections for secure element communication sessions. The server receives a request from a device to establish a first secure connection, and establishes the first secure connection with the device in response to the received request. The server sends a request to a Trusted Service Manager (TSM). The sent request instructs the TSM to establish a second secure connection between the TSM and a secure memory. The server receives an authentication request from the TSM to establish the second secure connection, and forwards the authentication request to the device over the first secure connection.

Abstract: The described examples provide a system and methods for identifying a location of a mobile device within an indoor venue using cellular communication signals obtained while the mobile device is within the indoor venue. An array of antennas arranged within the indoor venue detects cellular communication signals transmitted by the mobile device. The detected cellular communication signals have detectable and measurable signal parameters that allow the location of the mobile device within the indoor venue and an identifier of the mobile device to be determined. The determined identifier of the mobile device may also be used to identify the mobile device subscriber. The mobile device indoor location information may be used to update an anonymized subscriber profile associated with the mobile device subscriber.

Abstract: A method and article of manufacture to reactivate a user identity card for a mobile station that communicates with a network is described. The user identity card is initially activated with the network. The user identity card has a unique identifier. Activation includes communicating with the mobile station from the network and programming the user identity card with network parameters. The network parameters programmed on the user identity card are then cleared after a preset period of time. The user identity card is reset to an unactivated state and then the user identity card can be reactivated with the network.