In a LTE network user devices can access voice application service via Voice over LTE (VoLTE) and Voice over WiFi (VoWiFi). To detect faults in the data link associated with an evolved packet data gateway for providing access by the user device to the LTE network from a non-trusted network which will affect VoWiFi capability, a packet data gateway monitors the status of ePDG and if a fault is detected, the user device is notified that it should connect to voice services via VoLTE.

A Network Based Hyperlocal Authentication (NBHA) system and method for anonymous contact tracing is described. The NBHA system and method operates as a background process, which is passwordless and continuously authenticates and performs cryptographic operations to secure communications between a wireless client device and a remote network component. A gateway includes a short-range wireless transmitter that transmits authentication credentials to the wireless client device having a short-range wireless receiver. The wireless client device uses the authentication credentials to authenticate to the remote network component. The network component then generates an exclusive local key for the wireless client device that is transmitted by the gateway. The client device application then requests cryptographic material from the remote network component. The client device application encrypts and decrypts communications to the network component with the cryptographic material and the exclusive local key. The wireless client device encrypts contact tracing data with the shared secret.

A Network Based Hyperlocal Authentication (NBHA) system and method for anonymous contact tracing is described. The NBHA system and method operates as a background process, which is passwordless and continuously authenticates and performs cryptographic operations to secure communications between a wireless client device and a remote network component. A gateway includes a short-range wireless transmitter that transmits authentication credentials to the wireless client device having a short-range wireless receiver. The wireless client device uses the authentication credentials to authenticate to the remote network component. The network component then generates an exclusive local key for the wireless client device that is transmitted by the gateway. The client device application then requests cryptographic material from the remote network component. The client device application encrypts and decrypts communications to the network component with the cryptographic material and the exclusive local key. The wireless client device encrypts contact tracing data with the shared secret.

In a telecommunications network, a network node processes messages according to different sets of user-programmable message processing rules. The network node includes an input for receiving a series of input messages which are processed in a message manipulation function. Processed messages are also output from the network node according different communication protocols.

In a telecommunications network, a network node processes messages according to different sets of user-programmable message processing rules. The network node includes an input for receiving a series of input messages which are processed in a message manipulation function. Processed messages are also output from the network node according different communication protocols.

Apparatus and methods are disclosed for bridging communications between a private network and a public network. A mapping that associates a first set of IP addresses of endpoints in the private network with a second set of IP addresses of endpoints in the public network is provided which enables communications between the private network and public network for network-address-translation (NAT). In response to a data packet having a first IP address of the first set of IP addresses, the data packet is used to determine whether the local line should be accessed. In response to an indication that the local line should be accessed, the identifier among the second set of IP addresses may be used to activate bridging (e.g., ATB) circuit and redirect a call associated with the data packet by passing the data packet through the ATB circuit.

Apparatus and methods are disclosed for bridging communications between a private network and a public network. A mapping that associates a first set of IP addresses of endpoints in the private network with a second set of IP addresses of endpoints in the public network is provided which enables communications between the private network and public network for network-address-translation (NAT). In response to a data packet having a first IP address of the first set of IP addresses, the data packet is used to determine whether the local line should be accessed. In response to an indication that the local line should be accessed, the identifier among the second set of IP addresses may be used to activate bridging (e.g., ATB) circuit and redirect a call associated with the data packet by passing the data packet through the ATB circuit.

A service management system communicates via wide area network with gateway devices located at respective user premises. The service management system remotely manages delivery of application services, which can be voice controlled, by a gateway, e.g. by selectively activating/deactivating service logic modules in the gateway. The service management system also may selectively provide secure communications and exchange of information among gateway devices and among associated endpoint devices. An exemplary service management system includes a router connected to the network and one or more computer platforms, for implementing management functions. Examples of the functions include a connection manager for controlling system communications with the gateway devices, an authentication manager for authenticating each gateway device and controlling the connection manager and a subscription manager for managing applications services and/or features offered by the gateway devices. A service manager, controlled by the subscription manager, distributes service specific configuration data to authenticated gateway devices.

A service management system communicates via wide area network with gateway devices located at respective user premises. The service management system remotely manages delivery of application services, which can be voice controlled, by a gateway, e.g. by selectively activating/deactivating service logic modules in the gateway. The service management system also may selectively provide secure communications and exchange of information among gateway devices and among associated endpoint devices. An exemplary service management system includes a router connected to the network and one or more computer platforms, for implementing management functions. Examples of the functions include a connection manager for controlling system communications with the gateway devices, an authentication manager for authenticating each gateway device and controlling the connection manager and a subscription manager for managing applications services and/or features offered by the gateway devices. A service manager, controlled by the subscription manager, distributes service specific configuration data to authenticated gateway devices.

A variety of techniques for concealing the content of a communication between a client device, such as a cell phone or laptop, and a network or cloud of media nodes are disclosed. Among the techniques are routing data packets in the communication to different gateway nodes in the cloud, sending the packets over different physical media, such as an Ethernet cable or WiFi channel, and disguising the packets by giving them different source addressees. Also disclosed are a technique for muting certain participants in a conference call and a highly secure method of storing data files.