Abstract: A method of restoring an image of a computer, including identifying, by a backup application executing on the computer, artifacts of the computer to back up, creating a mirror image of a hard drive of the computer, wherein the mirror image comprises the artifacts, establishing a local environment within the computer, communicating with a backup server, by the backup application, using the local environment in the computer, backing up the mirror image, by the backup application, to the backup server using the local environment, updating the mirror image, by the backup application, in the backup server in response to a change in the computer, constructing the local environment on the computer in response to an event, loading a program from the local environment, and restoring the computer, by the backup application, from the mirror image in the backup server based on the artifacts, the program, and the restore process.

Abstract: A method of boot-loading an electronic device. The method comprises boot-loading a trusted execution environment (TEE) in a trusted security zone of a processor of the electronic device, where the TEE boot-loads before a rich execution environment (REE) boot-loads, launching a boot-loader authentication application by the TEE in the trusted security zone, determining a signature value of an REE boot-loader by the boot-loader authentication application over the instructions of the REE boot-loader, comparing the signature value of the REE boot-loader to an authentication signature value stored in the TEE, and, in response to the signature value of the REE boot-loader not matching the authentication signature value, taking action by the boot-loader authentication application.

Abstract: A method for delivering a network slice to a user is disclosed. The method includes receiving communication from a network slice artifact comprising a multi-segment filename that includes a first segment comprising instructions for executing the network slice artifact, and a second segment comprising an identity of a network slice instantiable by the network slice artifact The method also includes retrieving a set of executable instructions associated with the network slice from a data store of the network in response to receiving the communication from the network slice artifact, and communicating the set of executable instructions to the network slice artifact whereby the network slice artifact instantiates the network slice transforming the computer system into an endpoint node of the network slice. The method further includes completing the instantiation of the network slice in response to receiving the communication from the network slice artifact.

Abstract: A method of validating the contents of an electronic file. The method comprises requesting an electronic file by an application executing on a computer system by providing a multi-segment filename, wherein the multi-segment filename comprises a unique delimiter between each of the segments of the multi-segment filename and one of the segments of the multi-segment filename is a hash of a content of the electronic file referenced by the multi-segment filename, receiving by the application the electronic file referenced by the multi-segment filename, determining a hash over the content of the electronic file by the application, comparing by the application the hash determined by the application to the hash of the content stored in the one of the segments of the multi-segment filename, and, based on the two hashes agreeing, opening by the application the contents of the electronic file for use.

Abstract: A method for delivering a network slice to a user is disclosed. The method includes receiving communication from a network slice artifact comprising a multi-segment filename that includes a first segment comprising instructions for executing the network slice artifact, and a second segment comprising an identity of a network slice instantiable by the network slice artifact The method also includes retrieving a set of executable instructions associated with the network slice from a data store of the network in response to receiving the communication from the network slice artifact, and communicating the set of executable instructions to the network slice artifact whereby the network slice artifact instantiates the network slice transforming the computer system into an endpoint node of the network slice. The method further includes completing the instantiation of the network slice in response to receiving the communication from the network slice artifact.

Abstract: Embodiments of the present disclosure are directed to systems and methods for artificial intelligence-based filtering of user devices on a wireless network. Upon a request from a user device to access a requested network service, a trustlet executed in a trusted execution environment of the user device is activated. The trustlet provides data associated with the user device. The data is used to distinguish normal from anomalous device behavior. Analysis of the data can be facilitated by an artificial intelligence module. Based on the analysis, the requested network service may be selectively authorized or prohibited. Additionally, the trustlet can be activated while a network service is being utilized by a user device to detect anomalous and potentially deceptive activity.

Abstract: A method of validating the contents of an electronic file. The method comprises requesting an electronic file by an application executing on a computer system by providing a multi-segment filename, wherein the multi-segment filename comprises a unique delimiter between each of the segments of the multi-segment filename and one of the segments of the multi-segment filename is a hash of a content of the electronic file referenced by the multi-segment filename, receiving by the application the electronic file referenced by the multi-segment filename, determining a hash over the content of the electronic file by the application, comparing by the application the hash determined by the application to the hash of the content stored in the one of the segments of the multi-segment filename, and, based on the two hashes agreeing, opening by the application the contents of the electronic file for use.

Abstract: A data connection recovery system is disclosed that includes a data connection management platform configured to monitor a status of a data connection of a wireless communication device with a wireless network. In response to a determination that the data connection is nonfunctional, the data connection management platform is configured to initiate a command to the wireless communication device via a control plane of the wireless network commanding the wireless communication device to switch to a different network slice in a user plane of the wireless network. The system also includes a remote device manager on the wireless communication device configured to receive the command and to initiate establishment of a new data connection with the wireless network via the different network slice in response to the command. The wireless communication device transmits data via the new data connection.

Abstract: A method of boot-loading an electronic device. The method comprises boot-loading a trusted execution environment (TEE) in a trusted security zone of a processor of the electronic device, where the TEE boot-loads before a rich execution environment (REE) boot-loads, launching a boot-loader authentication application by the TEE in the trusted security zone, determining a signature value of an REE boot-loader by the boot-loader authentication application over the instructions of the REE boot-loader, comparing the signature value of the REE boot-loader to an authentication signature value stored in the TEE, and, in response to the signature value of the REE boot-loader not matching the authentication signature value, taking action by the boot-loader authentication application.

Abstract: A method of configuring a computing service on a virtual network with a multi-segment filename. The method comprises requesting an encrypted file by an application executing on a computer by providing a hash filename extracted from a multi-segment filename, wherein the multi-segment filename comprises a unique delimiter between each of the segments of the multi-segment filename, wherein each segment comprises one of a hash filename, a plain text instruction, or plain text content. The application organizes a network slice with one or more VNFs from coded instructions in a segment of the multi-segment filename. The application constructs the computing service within the VNF by transferring one or more executables, the data file, and one or more artifacts decrypted from hash filenames saved within the multi-segment filename to the network slice.

Abstract: A data connection recovery system is disclosed that includes a data connection management platform configured to monitor a status of a data connection of a wireless communication device with a wireless network. In response to a determination that the data connection is nonfunctional, the data connection management platform is configured to initiate a command to the wireless communication device via a control plane of the wireless network commanding the wireless communication device to switch to a different network slice in a user plane of the wireless network. The system also includes a remote device manager on the wireless communication device configured to receive the command and to initiate establishment of a new data connection with the wireless network via the different network slice in response to the command. The wireless communication device transmits data via the new data connection.

Abstract: A method of boot-loading an electronic device. The method comprises boot-loading a trusted execution environment (TEE) in a trusted security zone of a processor of the electronic device, where the TEE boot-loads before a rich execution environment (REE) boot-loads, launching a boot-loader authentication application by the TEE in the trusted security zone, determining a signature value of an REE boot-loader by the boot-loader authentication application over the instructions of the REE boot-loader, comparing the signature value of the REE boot-loader to an authentication signature value stored in the TEE, and, in response to the signature value of the REE boot-loader not matching the authentication signature value, taking action by the boot-loader authentication application.

Abstract: A method for delivering a network slice to a user is disclosed. The method includes receiving communication from a network slice artifact comprising a multi-segment filename that includes a first segment comprising instructions for executing the network slice artifact, and a second segment comprising an identity of a network slice instantiable by the network slice artifact The method also includes retrieving a set of executable instructions associated with the network slice from a data store of the network in response to receiving the communication from the network slice artifact, and communicating the set of executable instructions to the network slice artifact whereby the network slice artifact instantiates the network slice transforming the computer system into an endpoint node of the network slice. The method further includes completing the instantiation of the network slice in response to receiving the communication from the network slice artifact.

Abstract: A method for delivering a network slice to a user is disclosed. The method includes receiving communication from a network slice artifact comprising a multi-segment filename that includes a first segment comprising instructions for executing the network slice artifact, and a second segment comprising an identity of a network slice instantiable by the network slice artifact The method also includes retrieving a set of executable instructions associated with the network slice from a data store of the network in response to receiving the communication from the network slice artifact, and communicating the set of executable instructions to the network slice artifact whereby the network slice artifact instantiates the network slice transforming the computer system into an endpoint node of the network slice. The method further includes completing the instantiation of the network slice in response to receiving the communication from the network slice artifact.

Abstract: A method for delivering a network slice to a user is disclosed. The method includes receiving communication from a network slice artifact comprising a multi-segment filename that includes a first segment comprising instructions for executing the network slice artifact, and a second segment comprising an identity of a network slice instantiable by the network slice artifact The method also includes retrieving a set of executable instructions associated with the network slice from a data store of the network in response to receiving the communication from the network slice artifact, and communicating the set of executable instructions to the network slice artifact whereby the network slice artifact instantiates the network slice transforming the computer system into an endpoint node of the network slice. The method further includes completing the instantiation of the network slice in response to receiving the communication from the network slice artifact.

Abstract: A network interface controller (NIC). The NIC includes a first physical port, a second physical port, a non-transitory memory, a processor coupled to the first and second physical ports, and a data packet grooming application stored in the non-transitory memory. When executed by the processor, the application is configured to parse datagrams encapsulated within data link layer packets received by the first physical port, analyze the encapsulated datagrams based on a processing policy stored in the non-transitory memory, transmit some of the received data link layer packets via the second physical port to a server computer associated with the NIC, and transmit the remainder of the received data link layer packets via the first physical port to a second server computer.

Abstract: A Network Function Virtualization Infrastructure (NFVI) executes Virtual Network Functions (VNFs) to transfer the VNF boot data to a distributed ledger. The distributed ledger performs a distributed ledger transaction with the VNF boot data to commit the VNF boot data to distributed ledger memory in a blockchain format. The NFVI executes the network VNF to deliver a network communication service. The NFVI loses VNF boot functionality and transfers a VNF boot request to the distributed ledger. The distributed ledger performs a distributed ledger transaction with the VNF boot request and the VNF boot data to transfer VNF recovery data to the NFVI and to commit the VNF boot request and the VNF recovery data to the distributed ledger memory in the blockchain format. The NFVI processes the VNF recovery data to recover the VNF boot functionality. The NFVI executes the recovered VNF to deliver the network communication service.

Abstract: An electronic device. The electronic device comprises a memory comprising a confidential information region and a non-confidential information region, a processor, and an application stored in the memory. When executed by the processor, the application determines if a reboot has occurred after a most recent power-off boot, where a reboot takes place without removing power from the processor and memory and, in response to determining that the reboot occurred after the most recent power-off boot, prevents access of applications to the confidential information region in the memory.

Abstract: A method of storing device information, provisioning data, and event information using distributed ledger technology (DLT). a manufacturer creates a first block of a first category comprising wireless communication device information, the block stored in a non-transitory memory of the device, a wireless communication service provider provisions device on a network, a server maintained by the wireless communication service provider creates a second block of a second category comprising information associated with the provisioning of the device, an application executing on the device stores the second block by in the non-transitory memory, creating a chain of blocks, the application uses at least part of the chain of blocks to provide authentication of the device to the network, and the block foundry server creates at least one block of a third category.

Abstract: A method of storing device information, provisioning data, and event information using distributed ledger technology (DLT). a manufacturer creates a first block of a first category comprising wireless communication device information, the block stored in a non-transitory memory of the device, a wireless communication service provider provisions device on a network, a server maintained by the wireless communication service provider creates a second block of a second category comprising information associated with the provisioning of the device, an application executing on the device stores the second block by in the non-transitory memory, creating a chain of blocks, the application uses at least part of the chain of blocks to provide authentication of the device to the network, and the block foundry server creates at least one block of a third category.