Apparatuses, methods, and systems are disclosed for selecting a non-3GPP access network. One apparatus includes a processor and a transceiver for communicating with one or more non-3GPP access networks. The processor creates a first list of available PLMNs connectable via non-3GPP access networks. Here, the first list indicates one or more trusted connectivity types supported for each PLMN. The processor selects a first PLMN and a first connectivity type supported by the first PLMN. The processor creates a second list of available non-3GPP access networks. The processor selects a highest priority available non-3GPP network that supports the first connectivity type to the first PLMN. The processor begins a connectivity procedure with the first PLMN using the first connectivity type over the selected non-3GPP access network.

A mobile device collects received information and processes it. In some instances, the mobile device detects, based on the collected information, that a base station is likely not legitimate, i.e., it is likely a fake base station, and the mobile device bars communication with the base station for a time. In some embodiments, the mobile device determines, based on the received information, that the base station is a genuine base station. When the mobile device determines that the base station is a genuine base station or the mobile device does not determine that it is likely the base station is a fake base station, the mobile device allows or continues communication with the base station.

A method at a network element for monitoring user plane traffic for a user equipment, the method including configuring a set of characteristics and a range of values for each of the set of characteristics for user plane traffic between the user equipment and the network element; monitoring user plane traffic for the user equipment at the network element, the monitoring determining whether at least one characteristic of the user plane traffic falls outside of the configured range of a values, resulting in a characteristic violation; and if the at least one characteristic of the user plane traffic falls outside the configured range of a values, performing an action resulting from the characteristic violation.

A method at a network element for monitoring user plane traffic for a user equipment, the method including configuring a set of characteristics and a range of values for each of the set of characteristics for user plane traffic between the user equipment and the network element; monitoring user plane traffic for the user equipment at the network element, the monitoring determining whether at least one characteristic of the user plane traffic falls outside of the configured range of a values, resulting in a characteristic violation; and if the at least one characteristic of the user plane traffic falls outside the configured range of a values, performing an action resulting from the characteristic violation.

Technologies are shown for trust delegation that involve receiving a first request from a subject client and responding by sending a first token having first permissions to the subject client. A second request from a first actor includes the first token and responding involves linking the first actor to the subject client in a trust stack and sending a second token to the first actor with second permissions, the second token being a first complex token that identifies the subject client and the first actor. A third request from a second actor includes the second token and responding to the third request involves linking the second actor to the first actor in the trust stack, and sending a third token to the second actor partner with third permissions, the third token being a second complex token that identifies the first actor and the second actor.

A method at a network element for monitoring user plane traffic for a user equipment, the method including configuring a set of characteristics and a range of values for each of the set of characteristics for user plane traffic between the user equipment and the network element; monitoring user plane traffic for the user equipment at the network element, the monitoring determining whether at least one characteristic of the user plane traffic falls outside of the configured range of a values, resulting in a characteristic violation; and if the at least one characteristic of the user plane traffic falls outside the configured range of a values, performing an action resulting from the characteristic violation.

A method at a network element for monitoring user plane traffic for a user equipment, the method including configuring a set of characteristics and a range of values for each of the set of characteristics for user plane traffic between the user equipment and the network element; monitoring user plane traffic for the user equipment at the network element, the monitoring determining whether at least one characteristic of the user plane traffic falls outside of the configured range of a values, resulting in a characteristic violation; and if the at least one characteristic of the user plane traffic falls outside the configured range of a values, performing an action resulting from the characteristic violation.

A method performed by a security system of a 5G network to protect against cyberattacks on a personalized basis. The security system can identify a cybersecurity threat to a wireless device based on contextual information relating to the wireless device, a user preference, or a call detail record. The security system can determine a one-time fee to charge the user in exchange for protecting the wireless device against the cybersecurity threat, generate an coupon to protect the wireless device against the cybersecurity threat, and send the coupon to the wireless device based at least in part on the contextual information relating to the wireless device and the user preference. When the security system receives an indication that the coupon was redeemed, responds by deploying a network asset to protect the wireless device against the cybersecurity threat.

A method performed by a security system of a 5G network to protect against cyberattacks on a personalized basis. The security system can identify a cybersecurity threat to a wireless device based on contextual information relating to the wireless device, a user preference, or a call detail record. The security system can determine a one-time fee to charge the user in exchange for protecting the wireless device against the cybersecurity threat, generate an coupon to protect the wireless device against the cybersecurity threat, and send the coupon to the wireless device based at least in part on the contextual information relating to the wireless device and the user preference. When the security system receives an indication that the coupon was redeemed, responds by deploying a network asset to protect the wireless device against the cybersecurity threat.

A method, apparatus, and computer program product for establishing an authenticated online session are provided. An example method includes receiving a request for an authenticated online session and causing, by display circuitry, presentation of an input pattern to a user. The method further includes receiving, by gaze detection circuitry, one or more images of the user's eye captured during presentation of the input pattern, and determining, by the gaze detection circuitry, an identification code represented by the one or more images. The method also includes receiving, by contextual evaluation circuitry, contextual device data of a user device associated with the user during presentation of the input pattern. The method further includes establishing, by authentication circuitry, the authenticated online session based upon the identification code and the contextual device data.