Systems and methods of Exact Data Matching (EDM) for identifying related tokens in data content using structured signature data implemented in a cloud-based system receiving data sets and customer configuration from a customer, wherein the data sets include customer specific sensitive data from a structured data source with each token represented by a hash value and the customer configuration includes one or more primary keys for a plurality of records in the data sets; distributing the data sets and the customer configuration to a plurality of nodes in the cloud-based system; performing monitoring of content between a client of the customer and an external network; detecting a presence of a plurality of tokens associated with a record in the customer specific sensitive data based on the monitoring; and performing a policy-based action in the cloud-based system based on the detecting.

In one embodiment, a method includes: transmitting a message to a first end point that includes an instruction to initiate a communication type, wherein the communication type includes sharing a randomization token between the first and second end points; obtaining a first communication report from the first end point and a second communication report from the second end point in response to initialization of a communication based on the communication type between the first end point and the second end point across the network, wherein the first and second communication reports respectively include a first and second hash that corresponds to a function of the randomization token and identity information; determining whether the first hash matches the second hash; generating a value that correlates the first and second end points with the communication across the network in response to determining that the first hash matches the second hash.

A method for securing an identifier of a user equipment used when connecting to a network connection in a wireless communication system, according to an embodiment of the present invention, may comprise the steps of: receiving, from the user equipment, a message requesting a first ticket for authenticating a right to access the identifier in a serving network of the user equipment, wherein the message includes information on a second ticket for authenticating a right to access the identifier in a home network of the user equipment; transmitting the information on the second ticket to a mobility management entity (MME) of the home network; receiving, from the MME of the home network, identification information of the user equipment that is determined on the basis of the information on the second ticket; and transmitting, to the terminal, information on the first ticket and a temporary key used to encrypt the identifier in the serving network, on the basis of the identification information.

Systems and methods for providing information describing mobile network interference experienced by a mobile network.

Various example embodiments relate to authentication in case of roaming. An apparatus may be configured to receive, by an application function of a first visitor public land mobile area network (PLMN) or a second visitor PLMN of a device, a registered serving network identifier of the device indicative of the first visitor PLMN; and transmit, based on the registered serving network identifier, an encryption key to an application security function of the first visitor PLMN for encryption of an application session of the device.

A relay device assists in enabling lawful intercept (LI) by reporting, to a LI entity associated with the cellular network, authenticated identities of remote UEs (such as remote UEs connected via proximity services) and identification information that may allow the LI entity to monitor traffic (and/or control statistics related to the traffic) associated with the remote UEs. The authentication of the remote UEs may be performed using a technique that does not require involvement of the cellular network.

The present disclosure provides a method and a device for data interception based on Local Break Out (LBO). The method includes: receiving, by a local gateway, an interception request to intercept data of an interception target; intercepting, by the local gateway, LBO data of the interception target based on the interception request, to obtain intercepted data; and transmitting, by the local gateway, the intercepted data. The present disclosure can solve the solving the problem in the related art that an interception target cannot be intercepted in an LBO scenario.

The present disclosure relates to a communication technique for converging, with an IoT technology, a 5G communication system for supporting a higher data transmission rate than a 4G system, and a system therefor. The present disclosure may be applied to intelligent services, such as smart homes, smart buildings, smart cities, smart cars or connected cars, health care, digital education, retail businesses, and security and safety related services, on the basis of 5G communications technologies and IoT-related technologies. More specifically, a method for operating relay user equipment (UE) in a mobile communication system of the present invention comprises the steps of: transmitting, to a mobility management entity (MME) connected to relay UE, a remote UE report message comprising remote UE information on remote UE accessing a network via the relay UE; and receiving, from the MME, a response message corresponding to the remote UE report message.

In a service provider network of a given communication system configured to support lawful interception functionality, one or more service-based interfaces are provisioned to enable interaction between one or more lawful interception-specific elements and one or more intercepting control elements. In one or more further implementations, methods provide for provisioning an interworking function specific for lawful interception functionality. The interworking function can be configured to support both service-based interfaces and point-to- point interfaces across a control plane and/or a user plane of the service provider network, as needed.

A law enforcement (LE) data processing system (DPS) includes a processor that executes a LE security event notification and dispatch (SEND) utility. The LE DPS receives, from a tracking system communicatively coupled to the LE DPS, an enhanced security event notification (ESEN) that includes information identifying a security event, a location at which the security event occurred, and additional distinguishing details corresponding to entities involved in and affected by the security event. The LE DPS selectively transmits information from the updated ESEN to at least one LE dispatch server supporting LE personnel within one of (i) a geographic vicinity of the location of the security event and (ii) a calculated zone of recapture, the additional distinguishing details enabling the LE personnel to receive a more complete set of relevant details at a LE field device that enables more accurate identification, tracking, and resolution by LE personnel of the security event.