Abstract: The disclosed technology includes a method and system for preventing or reducing cyber-attacks in telecommunications networks, such as 5G networks. For example, a first node in a 5G network can detect that a first connected device is at risk of a cyber-attack based on one or more conditions and can broadcast to a plurality of nodes in the RAN that the first connected device is at risk of the cyber-attack. The first node can receive a first message from a second node of the plurality of nodes confirming or acknowledging that the first connected device is at risk of the cyber-attack. In response to receiving the first message from the second node confirming or acknowledging that the first connected device is at risk of the cyber-attack, the system can deauthorize the first connected device.

Abstract: The disclosed embodiments include a method performed by a network access node to thwart unauthorized activity on a network such as a 5G wireless network. For example, the method can include employing contextual information to determine risk to the 5G wireless network. A network access node can detect that a wireless device seeks to perform unauthorized activity, and then implements security measures such that the unauthorized activity is thwarted at the network access node.

Abstract: The technology described herein allocates resources in a cloud computing environment using a 5G network. The system can connect a device to the 5G network and collect data related to the device such as a location of the device and characteristics of use of the device with the 5G network. The system can create a device service profile of the device based at least in part on the data related to the device. The system can then dynamically partition computing resources within the cloud computing environment for the device based on the device service profile and a time-of-day in the location of the device to thereby provide on-demand access to content or services in the cloud computing environment to the device over the 5G network.

Abstract: The technology described herein documents and verifies interactions in a cloud computing environment. The system creates a first partition within the cloud computing environment for a first entity and a second partition within the cloud computing environment for a second entity. A blockchain ledger can be created for a set of interactions between the first entity and the second entity, where the blockchain ledger is disengaged when the first entity and the second entity are not interacting. The system can receive a request from the first entity for an interaction with the second entity and can activate the blockchain ledger. In response to receiving consensus from a blockchain community within the cloud computing environment, the system can allow the interaction, where the interaction is appended to the blockchain ledger.

Abstract: In one example, the present disclosure describes a device, computer-readable medium, and method for dynamically modifying parameters for the delivery of data services over a network. For instance, in one example, a plurality of network slices is provided in a communications network. Each network slice of the plurality of network slices is configured to carry data over the communications network subject to a different combination of network service metrics. When a triggering event is detected in data carried over the communications network using a default slice of the plurality of network slices, the data is dynamically reassigned from the default network slice to a new network slice of the plurality of network slices in response to the detecting.

Abstract: The disclosed embodiments include a method performed by a wireless network to mitigate a security risk arising from an application-layer transaction and contextual scenario of a wireless device (WD). A security resource can be maintained inactive by default and configured for on-demand activation in response to a security risk associated with the WD. The method can include monitoring the WD for application-layer transactions and contextual scenarios, and detecting a security risk relative to a particular type of a application-layer transaction and a contextual scenario of the WD. In response to detecting the security risk, the security resource is activated to support the application-layer transaction while safeguarding the entire wireless network. In response to detecting a change to the application-layer transaction or the particular contextual scenario, the security resource for the WD can be deactivated.

Abstract: The disclosed embodiments include a method performed by a wireless network to dynamically provision security resources during runtime execution of a service environment. The security resources are distributed across cell sites that provide coverage areas for multiple wireless devices (WDs) in multiple service environments. The cell sites are monitored during runtime execution of the multiple service environments to detect risk levels that indicate a vulnerability to the wireless network. When an elevated risk level is detected for a particular cell site, security resources of the security layer are dynamically provisioned for the particular cell site to safeguard the entire wireless network. Hence, the provisioned security resources can include a security resource from a different cell site.

Abstract: The disclosed embodiments include a software-defined security (SDS) service that can monitor runtime behavior of a network of nodes of a wireless network and detect anomalous activity indicating contamination of the network of nodes, where the contamination includes unauthorized instructions designed to damage or interrupt a function of the network of nodes. The SDS service can dynamically coordinate a blacklist and a whitelist, where the blacklist includes an indication of contaminated assets and the whitelist includes an indication of non-contaminated assets. The contaminated assets are isolated with a cleanroom environment, where the security resources sanitize the contaminated assets. Then, indications of the decontaminated assets are moved from the blacklist to the whitelist, and the use of the security resources are dynamically adjusted according to a load ratio between the whitelist and the blacklist.

Abstract: Aspects of the subject disclosure may include, for example, identifying a packet data protocol session that supports a first data exchange between a mobile application of a first mobile device and a first recipient device, wherein the first exchange of data comprises a directing of the first exchange of data through a network device. A second recipient device is determined, and a second data exchange is facilitated between the mobile application and the second recipient device by way of the packet data protocol session, wherein the second exchange of data also comprises a directing of the second exchange of data through the network device without modifying the first data exchange. Other embodiments are disclosed.

Abstract: Aspects of the subject disclosure may include, for example, a method including receiving from a first network slice comprising a first set of virtual network functions instantiated in a network, a first request to chain the first network slice to a second network slice comprising a second set of virtual network functions instantiated in the network to cooperatively facilitate providing a service to a first communication device, transmitting a second request to the first network slice to route a portion of user plane communication traffic associated with the first communication device to the second network slice, and transmitting a third request to the second network slice to receive the portion of the user plane communication traffic associated with the first communication device from the first network slice and to cooperatively facilitate providing a service to the first communication device via the first network slice and the second network slice. Other embodiments are disclosed.

Abstract: Remote provision of a drone resource is disclosed. A user equipment (UE) can generate a request for drone resources that can be employed to find an appropriate drone from a set of drones. The drone can be automatically provisioned to allow access to the drone resource in accord with the request. The set of drones can comprise different tiers of drones. A response can be generated indicating the state of provisioning a drone in accord with the request. The user equipment can make the request available to a drone allocation component via a communication framework that can comprise a wireless interface. Provisioning of the drone can similarly be accomplished via the communication framework. As such, the set of drones can be distributed and can be provisioned from a UE located remotely from the drone allocation component and/or the drones comprising the set of drones.

Abstract: A processing system of a cellular network having a processor may receive, from an endpoint device via one of a first radio access infrastructure or a second radio access infrastructure of the cellular network, a request to establish a connection to a packet data network via the cellular network. The processing system may establish, in response to the request, a first session for the endpoint device via the first radio access infrastructure, and a second session for the endpoint device via the second radio access infrastructure of the cellular network, where the connection to the packet data network includes the first session and the second session. The processing system may further configure the first session or the second session for control plane signaling for the connection, and configure the first session, the second session, or both the first session and the second session for user plane communications for the connection.

Abstract: Robots, users, or a central controller may leverage Geo analytics and/or augmented reality to search for, discover, access and use robots. The robots may perform tasks to provide selective services on-demand within medicine, agriculture, military, entertainment, manufacturing, personal, or public safety, among other things.

Abstract: Concepts and technologies disclosed herein are directed to master service orchestration of virtual network functions (“VNFs”). According to one aspect of the concepts and technologies disclosed herein, a network functions virtualization (“NFV”) platform includes a hardware resources layer including a plurality of hardware resources, a plurality of VNF resource pools, a plurality of service controllers corresponding to the plurality of VNF resource pools, and a master service orchestrator. The master service orchestrator can, when executed by at least a portion of the plurality of hardware resources, causes the master service orchestrator to perform operations. In particular, the master service orchestrator can receive, from a user equipment (“UE”), a service request.

Abstract: Aspects of the subject disclosure may include, for example, a method including enabling, by a system comprising a processor, a first modification of a first user profile at a secondary data repository of a communication network; the first modification is directed by a first application operating at a first communication device of the communication network. A usage event is identified that is associated with the first communication device according to the first modification to the first user profile. A second modification to a second user profile is replicated at a primary data repository according to a change in operation of a second application associated with the usage event that is identified to the first communication device; the replication is performed according to an update policy for the primary data repository. Other embodiments are disclosed.

Abstract: Aspects of the subject disclosure may include, for example, detecting a request for a network service between two network nodes and identifying a network path between the two network nodes, wherein the network path is realized by equipment performing a number of network functions. A first network function of the number of network functions is associated with a first number of redundant virtualized network resources performing at least a similar network function as the first network function. Usage metrics are determined corresponding to the first number of redundant virtualized network resources and a first virtualized network resource of the first number of redundant virtualized network resources is assigned to the network path based on the usage metrics to obtain a first assigned virtualized network resource. The network service is provided between the two network nodes using the first assigned virtualized network resource. Other embodiments are disclosed.

Abstract: Aspects of the subject disclosure may include, for example, detecting a request for access to a wireless network via an access point. Responsive to a first determination that the identifier corresponds to an entry in the list, access is facilitated to the wireless network via the access point without the equipment of the requesting user providing credentials to the wireless network. The list includes a first set of entries corresponding to a first set of users having unrestricted access and a second set of entries corresponding to a second set of users having restricted access. Responsive to a second determination that the identifier does not correspond to any of the entries, a message is transmitted to equipment of the host regarding the request, and responsive to receiving approval, the list is updated to include the identifier. Other embodiments are disclosed.

Abstract: In 5G Non-Standalone (NSA), to balance the load on 5G users and 4G users effectively, the disclosed technology selects the proper secondary cell group (SCG), when the master cell group (MCG) is provided by 4G infrastructure. E-UTRAN New Radio-Dual Connectivity (ENDC) allows users to connect to a 4G MCG and a 5G SCG (SCG). The technology selects the SCG based on each user's application's attributes such as UL/DL data volume, speed or bandwidth.

Abstract: The disclosed technology includes a method and system for preventing or reducing cyber-attacks in a 5G network. The system can register a connected device with the 5G network, monitor the connected device by the computing device associated with the 5G network, and detect or determine that the connected device is at risk of a cyber-attack based on one or more conditions. The conditions can include detecting that the connected device is obsolete or unmaintained, the connected device fails to respond to status checks, or a service provider associated with the connected device is not supporting the connected device or is out of business. In response to detecting or determining that the connected device is at risk of the cyber-attack, the system can deauthorize the connected device.

Abstract: Aspects of the subject disclosure may include, for example, determining a first group of virtual network functions of a first network slice instantiated within a software defined network and adapted to perform a first activity that facilitates delivery of a service to wireless equipment of a first user. Access is facilitated to a second group of virtual network functions of a second network slice responsive to a determination of an occurrence of a condition. The second group of virtual network functions, when instantiated within the software defined, network are configured to deliver the service to the wireless equipment of the first user. The second network slice is further adapted to perform another activity that facilitates delivery of another service. Other embodiments are disclosed.