Novel tools and techniques are provided for implementing customer resource telemetry and use as a service. In various embodiments, a computing system might receive, from a user, a request to access at least one network-accessible resource associated with a customer of a service provider, the user being unassociated and unrelated with the customer; might identify at least one of a user identification, a company, or a class of user associated with the user; might determine whether at least one resource record associated with the customer indicates that the user has permission to access the at least one network-accessible resource, based on the identification. If so, the computing system might provide the user with access to the at least one network-accessible resource associated with the customer. If not, the computing system might deny, to the user, access to the at least one network-accessible resource associated with the customer.

A dual-mode mobile device and a method for coordinating calls for the dual-mode mobile device over a first and second connection within a controlled environment is disclosed. The method includes communications between a monitoring server and the dual-mode mobile device over the first connection while the dual-mode mobile device conducts the call over the second connection. The monitoring server transmits control messages to the dual-mode mobile device to control operations of the dual-mode mobile device and establishment of the call and also monitors operations of the dual-mode mobile device as well as the communications transmitted and received by the dual-mode mobile device during the call.

A dual-mode mobile device and a method for coordinating calls for the dual-mode mobile device over a first and second connection within a controlled environment is disclosed. The method includes communications between a monitoring server and the dual-mode mobile device over the first connection while the dual-mode mobile device conducts the call over the second connection. The monitoring server transmits control messages to the dual-mode mobile device to control operations of the dual-mode mobile device and establishment of the call and also monitors operations of the dual-mode mobile device as well as the communications transmitted and received by the dual-mode mobile device during the call.

Techniques for cross-domain routing using a fractionated cross-domain solution (F-CDS) are disclosed. A first intermediate node operating in a first physical device in an assured pipeline of the F-CDS receives a data item originating at a source node in a first security domain. The first intermediate node applies a first data filter to determine that the data item complies with a data security requirement of the F-CDS. The first intermediate node transmits the data item to a second intermediate node operating in a second physical device in the assured pipeline of the F-CDS. The second intermediate node applies a second data filter to redundantly determine that first data item complies with the data security requirement of the F-CDS. The second intermediate node transmits the data item to a recipient node in a second security domain via the assured pipeline.

A method and device for applying a different security policy, per service traffic, to a protocol data unit (PDU) session in a wireless communication system. The method comprises receiving, by a session management function (SMF) managing a session for a user equipment (UE), first configuration information about a first user plane security policy of the UE from a unified data management (UDM) managing subscription information about the UE, receiving, by the SMF, second configuration information about a second user plane security policy to be applied to a specific service data flow from a policy and control function (PCF) managing a policy and charging control (PCC) rule, and determining a user plane security policy to be applied to the UE based on one selected from the first user plane security policy and the second user plane security policy according to priority.

A method and device for applying a different security policy, per service traffic, to a protocol data unit (PDU) session in a wireless communication system. The method comprises receiving, by a session management function (SMF) managing a session for a user equipment (UE), first configuration information about a first user plane security policy of the UE from a unified data management (UDM) managing subscription information about the UE, receiving, by the SMF, second configuration information about a second user plane security policy to be applied to a specific service data flow from a policy and control function (PCF) managing a policy and charging control (PCC) rule, and determining a user plane security policy to be applied to the UE based on one selected from the first user plane security policy and the second user plane security policy according to priority.

Provided is a method for distributing a user interface (UI) for heterogeneous multi-device interaction, and more particularly, a method of distributing a UI between heterogeneous platforms, the method supporting distribution of UI units so that a flexible multi-device use environment, such as a live streaming application, is possible even between heterogeneous platforms. A provided mobile operating system security technology allows a flexible multi-device use environment, such as a live streaming application, between heterogeneous platforms by supporting the distribution of UI units and ensures secure multi-surface sharing by considering and preventing security risk elements in a multi-device environment.

A radio access network (RAN) for a wireless communication network transmits, to user equipment (UE), information about NPN services provided by a non-public network (NPN) supported by the wireless network, where the UE is not subscribed to the NPN. In some embodiments, the NPN service information is periodically broadcasted to the UE; in other embodiments, the information is transmitted in response to receiving a request from the UE. In response to receiving the NPN service information, the UE transmits and the RAN receives an on-boarding request from the UE to on-board the UE to the NPN, which the RAN forwards to an on-boarding network (OBN) of the wireless network. In response, the RAN receives NPN credentials for the UE from the OBN, which the RAN forwards to the UE, which uses the NPN credentials to register to the NPN, thereby enabling the non-subscribing UE to subscribe to the NPN.

Systems and methods include, responsive to a Wi-Fi client device providing a password for a zone of a Wi-Fi network, determining a status of the Wi-Fi client device; when the status is unknown, placing the client device in a holding area associated with the zone, wherein the client device is connected to the Wi-Fi network while in the holding area and has restricted access that is less than full access to the zone in an allowed zone; responsive to placing the client device in the holding area, causing a notification to an administrator that the client device is in the holding area; and with the client device in the holding area, one of moving the Wi-Fi client device to the allowed area, moving the client device to a rejected area for the zone, and leaving the client device in the holding zone, based on any input or lack thereof.

Systems and methods include, responsive to a Wi-Fi client device providing a password for a zone of a Wi-Fi network, determining a status of the Wi-Fi client device; when the status is unknown, placing the client device in a holding area associated with the zone, wherein the client device is connected to the Wi-Fi network while in the holding area and has restricted access that is less than full access to the zone in an allowed zone; responsive to placing the client device in the holding area, causing a notification to an administrator that the client device is in the holding area; and with the client device in the holding area, one of moving the Wi-Fi client device to the allowed area, moving the client device to a rejected area for the zone, and leaving the client device in the holding zone, based on any input or lack thereof.