公开(公告)号：US20220070664A1

公开(公告)日：2022-03-03

申请号：US17275980

申请日：2019-09-13

Applicant: Apple Inc.

Inventor： Alexandre Saso STOJANOVSKI ,  Robert ZAUS ,  Farid ADRANGI ,  Raimund WLOKA ,  Abhijeet Ashok KOLEKAR ,  Ahmed SOLIMAN

IPC: H04W12/037 ,  H04L9/30 ,  H04W12/06 ,  H04W12/106 ,  H04W12/121 ,  H04W60/00 ,  H04W48/18

Abstract: Systems and methods of protecting an initial NAS message are described. Depending on whether a security context for a serving PLMN is stored, the UE uses either a public key from the serving PLMN or a key from the security context to encrypt parts of the initial NAS message. An initial NAS message containing the encrypted parts is then sent to an AMF of the serving PLMN. The serving PLMN public key is transmitted via a SIB. Prior to transmission of the initial NAS message or in parallel with it, an RRC message is sent to the base station. The RRC message contains the UE identifier and/or a NSSAI encrypted using the serving PLMN public key.

公开(公告)号：US20220132315A1

公开(公告)日：2022-04-28

申请号：US17423362

申请日：2020-01-18

Applicant: Apple Inc.

Inventor： Abhijeet KOLEKAR ,  Farid ADRANGI

IPC: H04W12/106 ,  H04W12/069 ,  H04W12/041 ,  H04W12/40 ,  H04W12/03 ,  H04W8/02

Abstract: Embodiments disclosed herein relate to allowing unauthenticated UEs to gain restricted access to an operator network to access network access subscription service. Once the unauthenticated UE successfully downloads a subscription profile for accessing the operator network, the unauthenticated UE can disconnect and can, thereafter, authenticate to the operator network using the subscription profile. Embodiments disclosed herein can perform one-way authentication to the operator network for obtaining a limited connectivity to reduce DoS attacks on the operator network. More specifically, these embodiments can support unauthenticated UEs to allow unauthenticated UEs to access the operator network for RLOS while minimizing DoS attack.

公开(公告)号：US20210168610A1

公开(公告)日：2021-06-03

申请号：US17268152

申请日：2019-08-13

Applicant: APPLE INC.

Inventor： Farid ADRANGI ,  Abhijeet KOLEKAR

IPC: H04W12/069 ,  H04W8/20 ,  H04W48/18 ,  H04W48/02 ,  H04W60/00 ,  H04W12/08

Abstract: Embodiments of the present disclosure describe methods, apparatuses, storage media, and systems for performing a restricted local operator services (RLOS) authorization procedure. Various embodiments enable a network to authorize a user equipment (UE) with an RLOS access or subscription properly while aiding in minimizing or preventing potential denial-of-service (DoS) attacks. Other embodiments may be described and claimed.

公开(公告)号：US20240056816A1

公开(公告)日：2024-02-15

申请号：US18492513

申请日：2023-10-23

Applicant: Apple Inc.

Inventor： Abhijeet KOLEKAR ,  Farid ADRANGI

IPC: H04W12/106 ,  H04W12/069 ,  H04W12/03 ,  H04W12/041 ,  H04W12/40 ,  H04W8/02

CPC classification number: H04W12/106 ,  H04W12/069 ,  H04W12/03 ,  H04W12/041 ,  H04W12/40 ,  H04W8/02

Abstract: Embodiments disclosed herein relate to allowing unauthenticated UEs to gain restricted access to an operator network to access network access subscription service. Once the unauthenticated UE successfully downloads a subscription profile for accessing the operator network, the unauthenticated UE can disconnect and can, thereafter, authenticate to the operator network using the subscription profile. Embodiments disclosed herein can perform one-way authentication to the operator network for obtaining a limited connectivity to reduce DoS attacks on the operator network. More specifically, these embodiments can support unauthenticated UEs to allow unauthenticated UEs to access the operator network for RLOS while minimizing DoS attack.

公开(公告)号：US20230413041A1

公开(公告)日：2023-12-21

申请号：US18239435

申请日：2023-08-29

Applicant: Apple Inc.

Inventor： Alexandre Saso STOJANOVSKI ,  Robert ZAUS ,  Farid ADRANGI ,  Raimund WLOKA ,  Abhijeet Ashok KOLEKAR ,  Ahmed SOLIMAN

IPC: H04W12/037 ,  H04W12/121 ,  H04W12/106 ,  H04L9/30 ,  H04W12/06 ,  H04W48/18 ,  H04W60/00

CPC classification number: H04W12/037 ,  H04W12/121 ,  H04W12/106 ,  H04L9/30 ,  H04W12/06 ,  H04W48/18 ,  H04W60/00 ,  H04L2209/34 ,  H04L2209/80 ,  H04W84/042

Abstract: Systems and methods of protecting an initial NAS message are described. Depending on whether a security contex.1: for a serving PLMN is stored, the UE uses either a public key from the serving PLMN or a key from the security context to encrypt parts of the initial NAS message. An initial NAS message containing the encrypted parts is then sent to an AMF of the serving PLMN. The serving PLMN public key is transmitted via a SIB. Prior to transmission of the initial NAS message or in parallel with it, an RRC message is sent to the base station. The RRC message contains the UE identifier and/or a NSSAI encrypted using the serving PLMN public key.

公开(公告)号：US20220007182A1

公开(公告)日：2022-01-06

申请号：US17290757

申请日：2019-10-30

Applicant: Apple Inc.

Inventor： Alexandre Saso STOJANOVSKI ,  Robert ZAUS ,  Farid ADRANGI ,  Raimund WLOKA ,  Abhijeet Ashok KOLEKAR ,  Ahmed SOLIMAN ,  Sudeep K. PALAT

IPC: H04W12/037 ,  H04W48/10 ,  H04W12/041 ,  H04W12/0431 ,  H04L9/30

Abstract: Systems and methods of protecting an initial NAS message are described. The NAS message is encrypted using the home PLMN public key during initial registration with the network using a registration request message. An AMF of the serving PLMN sends a serving PLMN public key which is then used to encrypt information including an S-NSSAI of later initial NAS messages after initial registration is completed. The S-NSSAI may not be sent in the later initial NAS message if the S-NSSAI is provided at an access stratum level. The RRC message may contain an indication that the S-NSSAI is encrypted using the serving PLMN public key.