Apparatus and associated methods relate to a system including a portable hardware device having a radio antenna, the device being operably coupled to a network, where the device includes electronics for scanning ambient radio messages using the antenna, evaluating a message for sentiment (e.g., intent-to-harm) using at least one artificial intelligence technique, and upon determining the presence of intent-to-harm, transmitting an alert signal over the network to a target entity as determined by a set of alert transmission rules based at least in part on the content/context/metadata of the message. In an illustrative example, a portable pack may be preconfigured with automatic language translation and speech detection capabilities. The pack may scan ambient radio signals for specific words/phrases of interest (W/POI). Upon detecting dangerous/aggressive sentiment, an alert may be relayed to a higher command, advantageously providing decision-makers with invaluable, real-time intelligence to adapt to fast-changing developments on the battlefield.

Systems and methods are provided to control traffic accessing a public land mobile network service (PLMN) at a nonpublic network to perform local breakout for selected traffic.

Described herein are systems and methods to provide lawful interception (LI) of infrastructure state in a manner known only to law enforcement. A bare-metal cloud (BMC) control module is provided to an end user to allow user configuration and management for a set of one or more physical resources that form a BMC instantiation for the end user. An LI policy and control module may be used for data traffic tracking or hardware monitoring inside the BMC instantiation upon one or more conditions are met. Upon activation, customizable hardware monitoring may be implemented unbeknownst to the end-user. Such a technique of offering customizable bare-metal level LI service unbeknownst to end-users may enable new kinds of infrastructure interception methods.

A method of operating a network device in a serving network for providing regulation compliant privacy in a communications network is provided. Operations of such methods include obtaining a concealed subscription identifier from a user equipment, UE, that is associated with a home network, HN, obtaining a permanent subscription identifier that is associated with the concealed subscription identifier from the HN, determining whether the concealed subscription identifier from the UE corresponds to the permanent subscription identifier from the HN, and responsive to determining that the concealed subscription identifier from the UE corresponds to the permanent subscription identifier from the HN, performing further operations to provide service to the UE.

A subscriber device may perform a key exchange with a network operation center (NOC) computing device to receive a secret key. A list of group identifiers of personal devices for which the subscriber device is to handle events may be received at the subscriber device. The subscriber device may receive an encrypted event packet from a personal device via a direct communication connection. The subscriber device may decrypt the encrypted event packet at the subscriber device using the secret key to generate a decrypted event packet and extract a group identifier from the decrypted event packet. In response to determining that the group identifier is included in the list of group identifiers received from the NOC computing device, an event handler of a plurality of handlers stored in the subscriber device that corresponds to an event included in the decrypted event packet may be identified to handle the event.

There is provided a method for handling a request to initiate a call. The method is performed by a server entity. In response to receiving a first request for a first client entity to initiate a call to a second client entity without the second client entity rendering a notification of the call, transmission of a first message is initiated towards one or more third client entities to inform the one or more third client entities of the first request. The first client entity is authorised to initiate the call only if a second message, acknowledging the first request, is received from at least one of the one or more third client entities.

There is provided a method for handling a request to initiate a call. The method is performed by a server entity. In response to receiving a first request for a first client entity to initiate a call to a second client entity without the second client entity rendering a notification of the call, transmission of a first message is initiated towards one or more third client entities to inform the one or more third client entities of the first request. The first client entity is authorised to initiate the call only if a second message, acknowledging the first request, is received from at least one of the one or more third client entities.

A mechanism is provided that enables hiding identities of a target subscriber that is to be subject of lawful interception, LI, when the intercept access point, IAP, is outside the network operator part of the LI domain. Monitoring of data traffic such as over-the-top, OTT, services is enabled while at the same time hiding LI target identities to a network element, NE, containing the IAP. A secure memory area in the NE is dedicated to the LI functionality necessary to intercept and report interception data to the operator part of the LI domain. The interface between the NE and the operator part of the LI domain is the use of a secure injection channel via which the necessary LI software and target information are conveyed between the NE and the operator part of the LI domain.

A method for historical 5G user equipment (UE) mobility tracking and security screening includes receiving, at a network data aggregation node including at least one processor, UE registration data from 5G network functions (NFs) as UEs connect to different network locations. The method further includes aggregating, at the network node, registration data for individual UEs from the 5G NFs to produce mobility patterns for the UEs. The method further includes receiving, at the network node and from a 5G NF located in a home network of a UE, a request for a mobility pattern of the UE in response to receiving a message for effecting a new registration for the UE. The method further includes responding to the request by transmitting the mobility pattern to the 5G NF located in the home network of the UE.

Apparatuses, methods, and systems are disclosed for enabling roaming with authentication and key management for applications. An apparatus includes a processor that determines a serving network of a user equipment (“UE”) device, the serving network comprising a visited public land mobile network (“VPLMN”) that is different from a home PLMN (“HPLMN”) associated with the UE. The processor selects a network function within the serving network for provisioning an authentication and key management for applications (“AKMA”) security context for an application function (“AF”) based on a name for the serving network. The apparatus includes a transceiver that sends the security context to the network function.