Abstract: The embodiments of the disclosure provide a method for managing tracking devices, a device manager, and a computer readable storage medium. The method includes: receiving a local map corresponding to each of a plurality of tracking devices and accordingly generating a shared map; obtaining a pose ambiguity status corresponding to each of the tracking devices; determining at least one first specific device among the tracking devices based on the pose ambiguity status corresponding to each of the tracking devices; and disabling at least one function of the at least one first specific device.

Abstract: An automated method is provided for validating an action based on beacon source proximity to a user device. A user data processing device receives from a remote action validation server an action validation request. The request includes identification of an authentication device that may include a beacon transmitter and identification of a proposed action associated with the authentication device. The user data processing device determines whether the authentication device is within beacon signal reception range of the user data processing device and transmits an action validation response to the remote action validation processing system.

Abstract: Systems and techniques for permitting, establishing, monitoring and controlling calls based on messages from outside parties, outside party availability information, institution's call restriction information, and/or account holder preferences. In one example, a message from an outside party app on an outside party computing device is receive by an inmate app on an inmate device. The inmate device displays the message at the inmate calling app including a request for the inmate to call the outside party device during a time period. When the inmate initiates a call to the outside party the call is permitted or not permitted based on determining whether the call is within the specified time period.

Abstract: Methods and systems are presented for remotely commanding a mobile device. In one aspect, a method includes receiving input identifying a mobile device, presenting to a user one or more remote commands corresponding to the mobile device, receiving user input selecting a remote command from the one or more presented remote commands, generating a remote command message instructing the mobile device to execute the selected remote command, and transmitting the remote command message to a server for publication in a message topic. Further, a selectable list of mobile devices associated with a remote management account can be presented to the user, the selectable list including information uniquely identifying each mobile device. Additionally, the selectable list of mobile devices can include an indication of whether an included mobile device is online.

Abstract: Methods, media, and systems are provided for enhanced selective attestation of wireless communications. The methods, media, and systems are configured to receive, from a wireless communication network, a request to establish a communication session with a computing device. The request is associated with destination identification data. Additionally, a determination is made as to whether the destination identification data corresponds to a geographic area other than the geographic area associated with the wireless communication network. Based on the determination: the destination identification data is verified using a set of permissible destination identification data or a set of permissible Service Provider IDs. Attestation is then performed in response to verifying the destination identification data using the set of permissible destination identification data or the set of permissible Service Provider IDs.

Abstract: Systems and methods are disclosed herein for resuming a connection of a wireless communication device suspension to a dormant state while the wireless communication device was operating in dual connectivity with a Master Cell Group (MCG) with a first network node and a Secondary Cell Group (SCG) with a second network node. In one embodiment, a method performed by the wireless communication device comprises receiving a connection resume message with an indication to restore the SCG of the wireless communication device, where the connection resume message comprises information that is mandatory when the connection resume message comprises an indication to restore the SCG. The information that is mandatory comprises information that triggers synchronization and random access towards a Primary SCG Cell (PSCell) (e.g., reconfigurationWithSync or mobilityControlInfoSCG). The method further comprises restoring the SCG in accordance with the connection resume message.

Abstract: A method at an asset tracking device, the method including activating a receiver at the asset tracking device; obtaining an intelligent transportation system message using the receiver; determining a position from the intelligent transportation system message; and reporting the determined position to a remote server.

Abstract: Systems, methods, and instrumentalities are disclosed for enforcing limited mobility in a mobile network. For example, a wireless transmit/receive unit (WTRU) may receive (e.g., receive from a network) a mapping of physical cell identifications (PCIs) to area identifications (AIDs). The WTRU may determine a first PCI associated with a first neighbor cell. The WTRU may determine, based on the first PCI and the PCIs to AIDs mapping, whether the WTRU is allowed to access the first neighbor cell. The WTRU may perform cell selection or reselection with the first neighbor cell as a cell selection or reselection candidate. The WTRU may perform cell selection or reselection based on the WTRU determining that the WTRU is allowed to access the first neighbor cell. The WTRU may determine that the WTRU is allowed to access the first neighbor cell based on the first PCI and the PCIs to AIDs mapping.

Abstract: Systems and methods for presence ground truth approximation and utilization are disclosed. For example, a system detects the presence of a predefined subject, such as a person associated with a given user profile, and/or determines that authentication criteria for performing an action in association with the user profile has been satisfied. A period of time to associate data is determined, and data of one or more data types is labeled as being associated with the speaker identification event. That data may be formatted and input into one or more models to train those models to more accurately detect presence and/or determine whether authentication of a user profile should succeed.

Abstract: Provided are methods, systems, and devices for generating semantic objects and an output based on the detection or recognition of the state of an environment that includes objects. State data, based in part on sensor output, can be received from one or more sensors that detect a state of an environment including objects. Based in part on the state data, semantic objects are generated. The semantic objects can correspond to the objects and include a set of attributes. Based in part on the set of attributes of the semantic objects, one or more operating modes, associated with the semantic objects can be determined. Based in part on the one or more operating modes, object outputs associated with the semantic objects can be generated. The object outputs can include one or more visual indications or one or more audio indications.

Abstract: The present disclosure relates to a method and apparatus for establishing radio bearer. The method includes: receiving radio bearer configuration information of a second user equipment sent by the second user equipment; applying the radio bearer configuration information of the second user equipment; establishing a first radio bearer for sending data to the second user equipment based on the radio bearer configuration information of the second user equipment; and sending first data to the second user equipment through the first radio bearer, wherein the first data includes at least one of a data packet sent by a first user equipment to the second user equipment or a status report generated by the first user equipment in response to a data packet sent by the second user equipment.

Abstract: A mobile device presents representations of payment accepting unit events on a display, by identifying a payment accepting unit that is available to accept payment, displaying a visual indication of the payment accepting unit, and accepting user input to receive selection of the payment accepting unit and trigger payment, establishing a wireless communication path including the mobile device and the payment accepting unit, enabling user interaction with the user interface to complete the transaction, exchanging information with the available payment accepting unit via the one or more radio transceivers in conjunction with the transaction, and displaying an updated user interface of the mobile payment application.

Abstract: An intelligent system for resource exchange event verification/authentication based on a comparison between the known Subscriber Identity Module (SIM) card features and the real-time extracted SIM card features. SIM card features are initially extracted from the SIM card of a user's mobile communication device and stored in a SIM card feature file that is associated with the user's mobile communication device. Subsequently, when the mobile communication device initiates a resource exchange event, the current SIM card features are extracted from the SIM card currently residing in the mobile communication device and compared to those SIM card features in the SIM card feature file. The comparison is an intelligent comparison that takes into account, normal changes that may have occurred between the generation of the SIM card feature file and time of the resource exchange event.

Abstract: A method, a non-transitory computer readable medium, and a multifunction peripheral that includes a method for accessing the multifunction peripheral. The method includes receiving, by a processor, a Fast Identity Online-based (FIDO-based) authentication from a client device via a wireless communication, the FIDO-based authentication configured to provide a user of the client device access to the multifunction peripheral; determining, by the processor, a validity of the FIDO-based authentication from the client device of the user; and granting, by the processor, the user access to the multifunction peripheral when the validity of the FIDO-based authentication from the client device of the user has been validated.

Abstract: A network device, of a fifth generation (5G) radio access network, may establish a connection or a session with a user equipment connected to a Wi-Fi network. The network device may determine an indicator indicating whether a 5G network preference is in effect based on a subscription of the user equipment and may provide the indicator to the user equipment. The network device may maintain the connection or the session with the user equipment when the indicator indicates that the Wi-Fi network is not preferred for Wi-Fi offload and may receive traffic from the user equipment when the indicator indicates that the Wi-Fi network is not preferred for Wi-Fi offload.

Abstract: This application relates to session establishment by user equipment over a plurality of heterogenous access networks. In one aspect, the heterogenous access networks may include 3GPP and non-3GPP access networks (106). The non-3GPP access networks (106) may include one or more non-3GPP trusted access networks (108) or one or non-3GPP, non-trusted access networks (110).

Abstract: One disclosure of the present specification provides an operating method for an authentication server function (AUSF) apparatus. The operating method comprises the steps of: requesting a unified data management (UDM) apparatus for information about a serving access and mobility management function (AMF) apparatus for user equipment (UE); receiving, from the UDM apparatus, information indicating that the serving AMF apparatus for the UE is not present and an indication indicating or instructing maintenance of information about authentication and authorization for each network slice; receiving, from the UDM apparatus, information about a new serving AMF apparatus for the UE; and transmitting, to the new serving AMF apparatus, the information about authentication or authorization.

Abstract: A mobile device presents representations of payment accepting unit events on a display, by identifying a payment accepting unit that is available to accept payment, displaying a visual indication of the payment accepting unit, and accepting user input to receive selection of the payment accepting unit and trigger payment, establishing a wireless communication path including the mobile device and the payment accepting unit, enabling user interaction with the user interface to complete the transaction, exchanging information with the available payment accepting unit via the one or more radio transceivers in conjunction with the transaction, and displaying an updated user interface of the mobile payment application.

Abstract: There is provided mechanisms for remote provisioning of a SIM profile to a subscriber entity. A method is performed by a remote SIM provisioning server. The method includes obtaining a request from an MNO entity for generation of the SIM profile. The method includes generating the SIM profile. The method includes providing, to a storage entity, a key-value pair of the SIM profile. The key-value pair includes a unique identifier including at least one profile specific element of the SIM profile as key and binding information of the at least one profile specific element as value. The unique identifier including at least one profile specific element of the SIM profile is represented by an ICCID of the SIM profile. The binding information of the at least one profile specific element is represented by an EID and profile/subscription unique data elements for the SIM profile.

Abstract: A method performed by a subscription manager discovery service (SM-DS) server in a wireless communication system is provided. The method includes performing a mutual authentication procedure with a terminal, generating an event checking identifier (ECID) associated with an embedded universal integrated circuit card (eUICC) identifier (EID), and transmitting, to the terminal, a message including the ECID, wherein the ECID is stored in the terminal and associated with an address of the SM-DS server.

Abstract: A terminal for performing an onboarding procedure for remote provisioning through steps of: receiving an onboarding enabled indication from at least one onboarding network; selecting an onboarding network based on the onboarding enabled indication and onboarding network selection information; and attempting registration for the selected onboarding network is provided.

Abstract: A method of handling authentication reject upon accessing an SNPN using credentials from a credential holder is proposed. A UE is configured with a “list of subscriber data”. The UE selects an SNPN using the configured list of subscriber data, e.g., based on the SNPN selection parameters contained in a selected entry of the list of subscriber data. Based on the selected entry, the UE selects an SNPN, and then tries to access the selected SNPN using credentials supplied by a subscribed SNPN. When UE receives an authentication reject message from the network, UE considers that the selected entry of the list of subscriber data is invalid. However, other entries related to the current selected SNPN are still valid. UE is still able to access the current selected SNPN, using credentials supplied in another entry of the list of subscriber data.

Abstract: One or more shared data channels, e.g., PDSCH, PUSCH, PSSCH, are configured to be DMRS-free, thus allowing the resources which would be used for DMRS to be used to convey additional traffic data signals. Channel estimation based on control channel DMRS, e.g., PDCCH DMRS, PUCCH DMRS, or PSSCH/PSCCH DMRS, is used to demodulate and/or decode the traffic channel signals communicated on the DMRS-free shared traffic channel resources. Antenna port hopping is implemented as part of the PDCCH configuration to support a DMRS-free PDSCH. The antenna port hopping of the PDCCH is used to obtain a set of channel estimates based on PDDCH DMRS corresponding to different antenna ports which will match the antenna ports used for the PDSCH.

Abstract: Resistance to vulnerabilities from timing-based side-channel attacks on 5G network slices that share underlying physical infrastructure and resources may be enhanced by selectively imposing time-based constraints on service provisioning and data handling to obscure data-driven time variations that occur during workload execution in a slice that can leak secret information. By preventing timing leakage from the 5G network slices, an attacker cannot observe execution latencies to thereby infer the constituency of workload characteristics. In addition, the attacker cannot create contention for shared resources on its own slice to observe an extent to which the shared resources are utilized by a targeted slice.

Abstract: A method may include establishing, by a first service provider and via an application programming interface (API), an agreement with a second entity. The agreement may identify services that can be modified without submission of a new order. The method may also include receiving a first message requesting a change associated with a service and determining, by the first service provider, whether the requested change corresponds to a change that is permitted based on the agreement and whether resources are available in the first network to implement the requested change. The method may further include determining whether the requested change is accepted, sending a second message to the second entity that indicates whether the change is accepted and in response to determining that the change is accepted, automatically implementing the change to the service in the first network.

Abstract: Various aspects of the present disclosure include methods, network servers or components and user equipment devices configured to authorize network slices that are associated with services provided by external providers. Various aspects enable access and use of network slices by user equipment devices connected to a network (e.g., 5G or New Radio network) via network components associated with a service provider by generating an allowed network slice selection assistance information (Allowed NSSAI) and an Unauthorized NSSAI, and sending the Allowed NSSAI and Unauthorized NSSAI to a user equipment device.

Abstract: Embodiments of the present invention provide methods and devices for discovering a multi-link device (MLD) on a wireless network. One exemplary approach includes transmitting a beacon frame including a MAC address of an AP MLD on the wireless network. The AP MLD includes a plurality of STAs operating on a plurality of wireless links and associated with a plurality of wireless MAC addresses. A password element is generated using a preconfigured password and the MAC address of the AP MLD, and authentication is performed using the password element.

Abstract: Authenticating a mobile user device with a mobile network operator in advance of an MNO authentication request from the mobile user device can be done by a satellite network sending an authentication request to the MNO system, obtaining a set of authentication vectors related to the mobile user device, storing them into a proxy home location register, receiving the MNO authentication request from the mobile user device, generating an authentication request response based on the authentication vectors, sending the authentication request response to the mobile user device, receiving an authentication response including a received signed response, comparing the received signed response with the stored signed response, and if the received signed response and stored signed response match, deem that to be a successful authentication, add an MNO location update message to a request queue and forward the MNO location update message to the MNO system over the channel when available.

Abstract: One feature pertains to a method for secure wireless communication at an apparatus of a network. The method includes receiving a user equipment identifier identifying a user equipment and a cryptographic key from a wireless wide area network node, and using the cryptographic key as a pairwise master key (PMK). A PMK identifier (PKMID) is generated based on the PMK and the two are stored at the network. A PMK security association is initialized by associating the PMK with at least the PMKID and an access point identifier identifying an access point of the apparatus. An association request is received that includes a PMKID from the user equipment, and it's determined that the PMKID received from the user equipment matches the PMKID stored. A key exchange is initiated with the user equipment based on the PMK to establish a wireless local area network security association with the user equipment.

Abstract: A Blockchain Rules Engine is provided as a pluggable service that depicts a real-world implementation of a Rules Engine that stores rules, transactions, and results on a blockchain for use by blockchain and non-blockchain applications. The Blockchain Rules Engine manages rules implemented by a client application that interacts with a blockchain platform that manages the blockchain. The Blockchain Rules Engine includes a language specific software developer's kit (SDK) that provides an interface to the client application and that exposes rule execution functionality to the client application, a rules engine application programming interface (API) layer that provides a rules engine API to the language specific SDK and that receives and processes commands from the language specific SDK, and a blockchain platform specific service layer that interacts with the blockchain platform and accepts input from the rules engine API layer to execute business logic implemented in the rules.

Abstract: A system and method for providing assistance to a customer of a computing device. In one aspect, an incoming call is received from a device of a customer; a check for identification of the customer is done; an event history of the device is obtained; and a solution is provided to the customer using the event history. In another aspect, a method includes: receiving a code from a mobile computing device; and in response to receiving the code, calculating at least one set of data for use in guiding a request of a customer for service to a resource that can provide a suggested remedy. In another aspect, a method includes: identifying a user associated with a mobile computing device; determining an event history of the mobile computing device; and providing guidance to resolve an issue based on the event history.

Abstract: A configuration to enable a base station to configure a UE with a sequence of predetermined configuration parameters for DRX operation based on predetermined state changes for the UE, wherein the DRX operation comprises a plurality of DRX cycles. The apparatus may transmit communication to the UE based on the sequence of predetermined configuration parameters for the DRX operation. The UE may receive the configuration from the base station and monitor for communication from the base station based on the sequence of predetermined configuration parameters for the DRX operation.

Abstract: In order to provide a control apparatus that enhances security of a radio communication system run by a user, the control apparatus including an acquisition section and a registration section, the acquisition section being configured to acquire subscriber information in which at least authentication information is encrypted, and the registration section being configured to register the acquired subscriber information in a database included in a core network. The control apparatus may further include an authentication section configured to decrypt the encrypted authentication information, and use the decrypted authentication information and authentication information included in a connection request from a terminal apparatus to the core network to authenticate the terminal apparatus.

Abstract: Provided is a personal authentication device capable of simply securing security with little psychological and physical burden of a user to be authenticated.

Abstract: A method of operating a core network node in a communication system includes receiving, at a first network function, a registration message from a radio access network node to register a user equipment, UE, and, responsive to the registration message, transmitting a request for information on whether network slices associated with the UE are subject to Network Slice-Specific Authentication and Authorization, NSSAA. Responsive to the request, the method receives a response message including Single-Network Slice Selection Assistance Information, S-NSSAI, information associated with the UE, the S-NSSAI information including NSSAA status information relating to the S-NSSAI information, and determines whether to initiate an NSSAA procedure with the UE based on the S-NSSAI information. Related network nodes are disclosed.

Abstract: A method of recommending workstations includes determining a location of a mobile device; determining a zone of interest for the mobile device in response to the location; determining a list of available workstations within the zone of interest; and displaying the list of available workstations within the zone of interests on the mobile device.

Abstract: Method, systems and devices for wireless communication. The method includes protecting privacy of a transmitted network slice selection assistance information (NSSAI) between a user equipment and a base station. The method includes receiving a temporary NSSAI (T-NSSAI) from an access and mobility management function (AMF) to the base station, the T-NSSAI comprising at least one temporary single NSSAI (T-S-NSSAI) and storing the T-NSSAI in the base station. The method also includes receiving a radio resource control (RRC) signaling message from the user equipment to the base station, the RRC signaling message comprising a T-S-NSSAI corresponding to an allowed single NSSAI (S-NSSAI); and selecting the AMF based on the T-S-NSSAI.

Abstract: In a context of virtualized access points deployment, an access point of a first wireless network is split in a radio equipment deployed at the user premises and a radio equipment controller deployed in a data centre located a few kilometres from the user premises, the radio equipment and the radio equipment controller being interconnected via a wired network connection. In order to establish a secure wireless connection of a device to the virtualized access point in a user-friendly manner, a salient idea is to receive at the radio equipment controller in the data centre a first and a second information items respectively emulating a first action of a user on the first device and a second action of the user on the virtualized access point.

Abstract: Systems and methods provide packet data convergence protocol (PDCP) user plane (UP) integrity protection (IP) for a user equipments (UE) and radio access network (RAN) nodes operating in Evolved Universal Terrestrial Radio Access-New Radio dual connectivity (EN-DC). In an attach procedure, a UE may indicate a UE security capability for support of relay node (RN) PDCP UP IP used in LTE. Based on the LIE security capability, a master e Node B (MeNB) security capability, and a secondary g Node B (SgNB) security capability, the MeNB may determine whether to use UP IP between the UE and the MeNB, the UE and the SgNB, and/or in a split bearer between the MeNB and the SgNB.

Abstract: Methods, apparatuses, and computer program products are disclosed for generating and/or using a mobile legal identification data object. An example method includes receiving a request for a mobile legal identification data object and generating the mobile legal identification data object based at least in part on the request for the mobile legal identification data object. The method further includes associating the mobile legal identification data object with a user profile. The method further includes providing the mobile legal identification data object to a user device associated with the user profile.

Abstract: A first edge device includes a processor that communicates position information of the first edge device and a time-of-day. Based on the time-of-day and a specific initial access information, the processors sets: a first beam index for an uplink communication and a second beam index for a downlink communication, a specific physical cell identity indicating a first base station to which the first edge device is to be connected, a first wireless carrier network (WCN) from amongst a plurality of different WCNs at the edge device, and a beam configuration to service one or more user equipment in a surrounding area of the first edge device. The processor obtains control signals from the central cloud server and configures parameters of amplifier gains and phase responses associated with a first antenna array or a second antenna array of the first edge device, based on the obtained control signals.

Abstract: A communication directed to a recipient is stored in a message box of the recipient. A forwardee is identified based on an analysis of the communication. A request is received to transmit the communication to the forwardee. The communication is forwarded to a message box of the forwardee.

Abstract: Access category management objects may be configured for use in support of access category configurations of a user equipment (UE). Various methods for a UE configuration with access categories are disclosed. Signaling methods by a radio access network of access barring parameters such as a signaling method for a partial list of access barring parameters with explicit signaling of access category indexes and a signaling method for a full list of access barring parameters where access categories are signaled using a bitmap are disclosed. Access control parameters and an access control architecture in terms of access control function distribution within the UE protocol sublayers, solutions that address the impact of access control in a connected mode on a buffer status report, logical channel prioritization and flow control between the UE AS and UE NAS, and details regarding access barring checks are also disclosed.

Abstract: The present invention relates to a method and apparatus for efficiently controlling access for system load adjustment in mobile communication systems. A method for transmitting and receiving data by a terminal including a user equipment (UE) non access stratum (NAS) and a UE access stratum (AS) includes the steps of: receiving by the UE AE, information including emergency call-related information which includes barring information by type for the emergency call, from a base station; transmitting, by the UE NAS, a service request for the emergency call to the UE AS; and determining, by the UE AS, whether to bar the service request on the basis of emergency call-related information. During an emergency call transmission, network congestion can be easily controlled by enabling various types of emergency calls to be transmitted, and enabling access to be barred information according to the situation of a communication network and types of emergency calls.

Abstract: A communication system includes a central cloud server that decreases a gain of a currently active path, which corresponds to a primary communication path between a radio access network (RAN) node and one or more user equipment (UEs) via a first set of edge devices, until the currently active path becomes dormant. A gain of a dormant path, corresponding to a secondary communication path is increased until the dormant path becomes a new active path. Further, at least one edge device of the second set of edge devices is caused to transmit one or more beams of radio frequency (RF) signals in one or more specific directions towards one or more new neighboring nodes to establish the secondary communication path that is used as a backup communication path between the RAN node and the one or more UEs via a second set of edge devices different from the first set of edge devices.

Abstract: A method of copying data from a first device to a second device, each device including a wireless communication interfaces having a maximum range, is disclosed. The first device and the second device are separated by a distance greater than the maximum range. The method includes: transmitting, by the first device, the data to a third device positioned within the maximum range of the first device; receiving the data at the third device and storing the data in a memory of the third device; moving the third device to a physical location within the maximum range of the second device; and transmitting, by the third device, the data to the second device.

Abstract: The disclosure provides a method and a device for wireless communication. The method includes: determining a target identifier, and receiving a first signal, the first signal carrying first information; wherein the first information comprises information of an access stratum, the first information is used for indicating a first identifier set, and the first identifier set comprises a positive integer number of identifiers; the first identifier set is associated to second information; a second signal carries the second information, and the second information comprises information of a non-access stratum; whether the first identifier set comprises the target identifier is used for determining whether the second information is valid. The disclosure determines the validity of the second information through reasonably determining the target identifier and the first identifier set, thus increasing the reliability of the system and saving system resources.

Abstract: The disclosure provides a device for generating a unique response to a challenge, the device comprising: a plurality of structures, each structure being able to change from a first distinct state, to a second distinct state, in response to an appropriate input challenge; the device being arranged to facilitate a challenge of the plurality of structures in combination, by changing an input to the plurality of structures in combination, to cause each structure of the plurality of structures to change from the first distinct state, to the second distinct state; as part of the challenge, the device being arranged to facilitate a measurement of an output of the plurality of structures in combination, in response to the input; wherein the unique response is at least indicative of a sequence in which the change in state takes place for each of the plurality of structures, in response to the input.

Abstract: This Application describes mechanisms for enterprise remote management of cellular services provided via access credentials, e.g., subscriber identity modules (SIMs) and/or electronic SIMs (eSIMs), for wireless devices. To minimize requirements for user interaction, installation and management of business-supplied cellular service profiles on the wireless device can intercept alert notifications to reduce interruptions and allow for background management of the business-supplied cellular service profiles. Additionally, a business enterprise can use multiple, distinct services to initiate installation of an eSIM to a wireless device. When two different services attempt to install eSIMs on the wireless device in parallel, management software on the wireless device can control an order of installation and disallow duplicate installations of an identical eSIM to the wireless device.

Abstract: An embodiment of the invention is a User Equipment UE, configured to: get ePDG selection information configured by the UE's HPLMN, said ePDG selection information including a list of PLMNs with an indication of whether the selection of an ePDG in a PLMN is preferred or mandatory or non-preferred, perform selection of an ePDG operated by a PLMN of a country the UE is located in, referred to as local PLMN, which has roaming agreement with the UE's HPLMN for untrusted WLAN access to EPC, based on said list of PLMNs configured in said ePDG selection information, and on a list of MCCs of said country and/or a list of local PLMNs.