Abstract: Aspects of the subject disclosure may include, for example, obtaining first, second, and third data respectively from first, second, and third physical robots operating in a smart community, obtaining a request message from the third physical robot, the request message comprising a request by the third physical robot to be stored at a location; and responsive to obtaining the request message: determining whether the first physical robot incudes a first storage space sufficiently large to contain the third physical robot; determining whether the second physical robot incudes a second storage space sufficiently large to contain the third physical robot; in a first case that the first physical robot does include a first storage space sufficiently large to contain the third physical robot and that the second physical robot does not include a second storage space sufficiently large to contain the third physical robot, selecting as a selected physical robot the first physical robot; in a second case that the first

Abstract: Aspects of the subject disclosure may include, for example, obtaining first, second, and third data associated with respective first, second, and third physical robots operating in a smart community (wherein the first data comprises a first historical listing of first tasks that had been performed by the first physical robot, wherein the second data comprises a second historical listing of second tasks that had been performed by the second physical robot, wherein the first tasks and the second tasks include a common task, wherein the third data comprises an indication of a current task being performed by the third physical robot, and wherein the current task is the common task); predicting, based upon the first, second, and third data, a future task that will be performed by the third physical robot (wherein the future task that is predicted is a task selected from the first tasks and the second tasks); selecting, based upon the future task that is predicted, a downloadable service that can be used by the thi

Abstract: The technologies described herein are generally directed to using unmanned vehicles to improve signal propagation by placing temporary access point equipment in advanced networks, e.g., at least a fifth generation (5G) network. For example, a method described herein can include identifying, by network equipment comprising a processor, analysis of signal propagation in a geographic area. The method can further include, based on the analysis, identifying, by the network equipment, a location in the geographic area for placement of supplemental signaling equipment to supplement signaling equipment in the geographic area. Further, the method can include, facilitating, by the network equipment, placing, by an unmanned vehicle, the supplemental signaling equipment at the location.

Abstract: Aspects of the subject disclosure may include, for example, obtaining first data indicative of a first location of a first physical robot operating in a smart community, obtaining second data indicative of a second location of a second physical robot operating in the smart community, obtaining third data indicative of a third location of a third physical robot operating in the smart community, obtaining a request for assistance from the first physical robot; and responsive to obtaining the request for assistance: determining a first time interval that would be required for the second physical robot to reach the first physical robot at the first location; determining a second time interval that would be required for the third physical robot to reach the first physical robot at the first location; determining which of the first time interval and the second time interval is smaller; in a first case that the first time interval is smaller, selecting as a selected physical robot the second physical robot; in a sec

Abstract: Aspects of the subject disclosure may include, for example, determining characteristics of autonomous devices, identifying a portion of the autonomous devices having relatable characteristics, and assigning a network to the portion of autonomous devices for enabling communications with the portion of autonomous devices. Other embodiments are disclosed.

Abstract: Aspects of the subject disclosure may include, for example, a method in which a processing system determines that performance of a service is required at a first location in a smart community; identifies a robot to be transported, and determines whether physical transport or virtual transport is to be performed for the robot. If physical transport is to be performed, the system initiates communication with a robot transport controller to schedule the physical transport to the first location from a different second location. If virtual transport is to be performed, the processing system initiates communication with a radio access network (RAN) to schedule the virtual transport; the virtual transport includes configuring the robot at the first location. Other embodiments are disclosed.

Abstract: Aspects of the subject disclosure may include, for example, a method in which a processing system configures one or more robots to perform tasks in an establishment, and assigns to the robots privileges and/or priorities in accordance with a policy. The method also includes detecting a situation in the establishment requiring performance of a task; facilitating the performance of the task by at least one of the robots; and dynamically reprogramming at least one of the robots in response to the situation to perform a specialized task to address the situation. Other embodiments are disclosed.

Abstract: The disclosed embodiments include a software-defined security (SDS) service that can monitor runtime behavior of a network of nodes of a wireless network and detect anomalous activity indicating contamination of the network of nodes, where the contamination includes unauthorized instructions designed to damage or interrupt a function of the network of nodes. The SDS service can dynamically coordinate a blacklist and a whitelist, where the blacklist includes an indication of contaminated assets and the whitelist includes an indication of non-contaminated assets. The contaminated assets are isolated with a cleanroom environment, where the security resources sanitize the contaminated assets. Then, indications of the decontaminated assets are moved from the blacklist to the whitelist, and the use of the security resources are dynamically adjusted according to a load ratio between the whitelist and the blacklist.

Abstract: A method performed by a system includes instantiating a vulnerability-risk-threat (VRT) service for a security edge protection proxy (SEPP) element of a 5G telecommunications network. The system intercepts and parameterizes network traffic of the SEPP element to identify network functions (NFs) or associated services that requires cybersecurity protection and selects security resources for protecting the identified NFs or associated services. The system prioritizes an NF or associated service that is most frequently used (MFU) or most recently used (MRU) and then allocates the security resources in accordance with the prioritization.

Abstract: The disclosed embodiments include a method performed by a wireless network to dynamically provision security resources during runtime execution of a service environment. The security resources are distributed across cell sites that provide coverage areas for multiple wireless devices (WDs) in multiple service environments. The cell sites are monitored during runtime execution of the multiple service environments to detect risk levels that indicate a vulnerability to the wireless network. When an elevated risk level is detected for a particular cell site, security resources of the security layer are dynamically provisioned for the particular cell site to safeguard the entire wireless network. Hence, the provisioned security resources can include a security resource from a different cell site.

Abstract: The technology includes a method performed by a system of a telecommunications network to manage network traffic of a 5G network. The system can instantiate a security system to sort incoming or outgoing network traffic at a perimeter of the 5G network into multiple groups that are each uniquely associated with multiple traffic types and multiple security levels. The system can inspect segments of data included in the incoming network traffic and sort multiple portions of the network traffic into the groups based in part on the inspection of the segments of the data. The system can dynamically adjust an available bandwidth of the 5G network based on each load of each of the groups and dispatch the portions of the network traffic in accordance with a traffic type and a security level of each of the groups.

Abstract: The technology includes a method performed by a security system of a 5G network to thwart a cyberattack. The security system is instantiated to monitor and control network traffic at a perimeter of the 5G network in accordance with a security model based on a vulnerability parameter, a risk parameter, and a threat parameter. The security system can process the network traffic with the security model to output a vulnerability-risk-threat (VRT) score that characterizes the network traffic in relation to the parameters. Based on the VRT score, the system redirects the network traffic to a containment area that mimics an intended destination or related process of the network traffic to induce malicious VRT traffic. When malicious VRT traffic is detected, the security system can, for example, prevent the network traffic from being communicated the 5G network.

Abstract: The disclosed embodiments include a software-defined security (SDS) service that can monitor runtime behavior of a network of nodes of a wireless network and detect anomalous activity indicating contamination of the network of nodes, where the contamination includes unauthorized instructions designed to damage or interrupt a function of the network of nodes. The SDS service can dynamically coordinate a blacklist and a whitelist, where the blacklist includes an indication of contaminated assets and the whitelist includes an indication of non-contaminated assets. The contaminated assets are isolated with a cleanroom environment, where the security resources sanitize the contaminated assets. Then, indications of the decontaminated assets are moved from the blacklist to the whitelist, and the use of the security resources are dynamically adjusted according to a load ratio between the whitelist and the blacklist.

Abstract: A method performed by a cybersecurity system includes monitoring multiple network functions (NFs) of a service-based architecture (SBA) of a 5G network. The NFs are communicatively interconnected over an HTTP/2 interface. The cybersecurity system detects potentially malicious network traffic communicated over the HTTP/2 interface, identifies a NFs or associated services that are susceptible to a cyberattack based on the potentially malicious network traffic and deploys resources to secure the NFs or associated services. In one example, the resources are prioritized for a most frequently used (MFU) or most recently used (MRU) NF or associated service.

Abstract: The technology includes a method performed by a security system of a 5G network. The system can instantiate an agent that monitors and control incoming network traffic at a perimeter of the 5G network in accordance with a security model. The agent can process the incoming network traffic with the security model to output a vulnerability-risk-threat (VRT) score that characterizes the incoming network traffic in relation to a vulnerability parameter, a risk parameter, and a threat parameter. The agent compares the VRT score with a threshold value to determine a likelihood that the incoming network traffic includes VRT traffic. The agent communicates at least an indication of the VRT score and incoming network traffic to a central component, which collects VRT information from multiple agents to generate an update for the security model.

Abstract: A method performed by a network node that generates a schedule of communication exchanges between the network node and a small cell of a telecommunications network. The schedule is unique for the small cell among multiple small cells and sets times for sending status signals to the small cell and receiving counterpart response signals from the small cell. When the network node detects non-compliance with the schedule, the network node can begin to monitor the small cell for anomalous activity. Upon detecting that the anomalous activity includes malicious activity, the network node can communicate with the small cell wirelessly to deauthorize the small cell.

Abstract: The technology described herein documents interactions in a cloud computing environment. The system creates a first partition within the cloud computing environment for a first entity and a second partition within the cloud computing environment for a second entity. A blockchain ledger can be created for a set of interactions between the first entity and the second entity, where the blockchain ledger is disengaged when the first entity and the second entity are not interacting.

Abstract: A method performed by one or more network node(s) of a wireless telecommunications network to dynamically manage encryption keys for multiple narrowband Internet of Things (NB-IoT) devices of the network. The network node(s) can maintain a database that stores a device profile for each of the NB-IoT devices and obtain multiple encryption keys for the multiple NB-IoT devices. The encryption keys are associated with different encryption strengths ranging from high to ultra-low encryption strengths. The network node(s) can allocate the encryption keys to the NB-IoT devices, detect a change in the condition of the network, capability or communications service of NB-IoT devices, and refresh the encryption keys accordingly to ensure that the network nodes properly balance encryption while providing efficient network performance.

Abstract: A security system generates a digital signature for a small cell of a wireless network and assigns the digital signature to the small cell for connecting to the wireless network. The digital signature can be generated based on a connectivity schedule for the small cell. When the security system obtains a connection request from the small cell to connect to the wireless network, the security system compares an instance of the digital signature included in the connection request with an expected digital signature and compares the point in time when the connection request was communicated with an expected time indicated in the connectivity schedule. The security system detects an anomaly when the instance of the digital signature deviates from the expected digital signature or the point in time deviates from the expected time, and causes performance of an action based on a type or degree of the anomaly.

Abstract: A system obtains security data of interconnected networks. The visibility of the security data is asymmetric for each interconnected network relative to the other. The security data is continuously stored and used in real-time or near real-time to identify services of the interconnected networks that require safeguards against a potential cyberattack. The interworking system determines a security parameter that relates the security data to the potential cyberattack and communicates the security parameter to the interconnected networks. The interconnected networks can safeguard against the potential cyberattack based on the security parameter.