公开(公告)号：US20250008383A1

公开(公告)日：2025-01-02

申请号：US18804473

申请日：2024-08-14

Applicant: NEC Corporation

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04W36/00 ,  H04W88/06

Abstract: A UE (10) provides information on potential S′eNB(s). The information is forwarded from an MeNB (20_1) to an M′eNB (20_2) such that the M′eNB (20_2) can determine, before the handover happens, whether the M′eNB (20_2) will configure a new SeNB (S′eNB) and which S′eNB the M′eNB (20_2) will configure. In one of options, the MeNB (20_1) derives a key S′-KeNB for communication protection between the UE (10) and the S′eNB (30_1), and send the S′-KeNB to the M′eNB (20_2). In another option, the M′eNB (20_2) derives the S′-KeNB from a key KeNB* received from the MeNB (20_1). The M′eNB (20_2) sends the S′-KeNB to the S′eNB (30_1). Moreover, there are also provided several variations to perform SeNB Release, SeNB Addition, Bearer Modification and the like, in which the order and/or timing thereof can be different during the handover procedure.

公开(公告)号：US20240196205A1

公开(公告)日：2024-06-13

申请号：US18411225

申请日：2024-01-12

Applicant: NEC Corporation

Inventor： Sheeba Backia Mary BASKARAN ,  Sander DE KIEVIT ,  Sivabalan ARUMUGAM ,  Anand Raghawa PRASAD

IPC: H04W12/02 ,  H04W8/04 ,  H04W8/18 ,  H04W12/06 ,  H04W12/72 ,  H04W60/00

CPC classification number: H04W12/02 ,  H04W8/04 ,  H04W8/18 ,  H04W12/06 ,  H04W12/72 ,  H04W60/00

Abstract: The present disclosure provides a User Equipment (UE) comprising a transceiver circuit; and a controller configured to control the transceiver circuit to send, to an Access and mobility Management Function (AMF) of a communication node, an identifier, wherein upon successful authentication of a network access function of the UE in the communication node, the controller is configured to maintain a secure connection with the communication node.

公开(公告)号：US20230362744A1

公开(公告)日：2023-11-09

申请号：US18222192

申请日：2023-07-14

Applicant: NEC CORPORATION

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04W36/00 ,  H04W8/30 ,  H04W8/12 ,  H04W12/041 ,  H04W12/06 ,  H04W36/22

CPC classification number: H04W36/0038 ,  H04W8/30 ,  H04W8/12 ,  H04W12/041 ,  H04W12/068 ,  H04W36/22 ,  H04L63/083

Abstract: There is provided a network system including one or more first MMEs (30), and a second MME (40) separated from the first MMEs (30). In one of operation cases, the first MME (30) pushes, to the second MME (40), security context for a UE (10) that attaches to the first MME (30). The second MME (40) stores the security context. The first MME (30) further pushes the latest security context to the second MME (40), during a switch-off procedure for the first MME (30). The second MME (40) updates the stored security context with the latest security context. The first MME (30) pulls the security context from the second MME (40), when the UE (10) re-attaches to the first MME (30) or is handovered from different one of the first MMEs (30).

公开(公告)号：US20210204133A1

公开(公告)日：2021-07-01

申请号：US17201280

申请日：2021-03-15

Applicant: NEC Corporation

Inventor： Hironori ITO ,  Anand Raghawa PRASAD ,  Andreas KUNZ ,  Sivabalan ARUMUGAM ,  Sivakamy LAKSHMINARAYANAN ,  Sheeba Backia Mary BASKARAN

IPC: H04W12/106 ,  H04W12/037 ,  H04W12/041 ,  H04W12/08 ,  H04W36/14 ,  H04W48/18

Abstract: A communication terminal (10) according to the present disclosure includes: a control unit (12) configured to, in a case of a movement from a communication area formed by the 5GS to a communication area formed by the EPS or a movement from a communication area formed by the EPS to a communication area formed by the 5GS, determine whether or not a communication system forming a communication area at a movement destination can satisfy requirements of services; and a communication unit (11) configured to, when it is determined that the communication system forming the communication area at the movement destination can satisfy the requirements of the services, send a connection request message to the communication system forming the communication area at the movement destination.

公开(公告)号：US20210051468A1

公开(公告)日：2021-02-18

申请号：US16968624

申请日：2019-02-15

Applicant: NEC Corporation

Inventor： Sheeba Backia Mary BASKARAN ,  Anand Raghawa PRASAD ,  Sivakamy LAKSHMINARAYANAN ,  Sivabalan ARUMUGAM ,  Hironori ITO ,  Takihito YOSHIZAWA

IPC: H04W8/20 ,  H04W48/16 ,  H04W8/08 ,  H04W60/00 ,  H04L29/12

Abstract: Methods for (i) finding/discovering the right UDM instances and (ii) ensuring the UDM instance security are provided. The method for (i), includes the steps of: (i-1) pre-provisioning of UDM instance discovery information/parameters to the UE/USIM, (i-2) sending the UDM instance discovery related parameters to a core network element, and (i-3) discovering the right UDM instance at the core network element based on the discovery parameters and related routing information either at the UDM consumer/NRF. The method for (ii) includes the steps of: (ii-1) Secured choice of parameter for UDM instance discovery (e.g. UDM instance identifier) to the core network element and (ii-2) the secured UDM instance identifier generation and management at the UDM to prevent attack on UDM instances. Also a method to identify the cleartext IMSI/SUPI is provided for the re-authentication scenario along with the relevant procedures.

公开(公告)号：US20200015067A1

公开(公告)日：2020-01-09

申请号：US16468378

申请日：2017-12-18

Applicant: NEC Corporation

Inventor： Andreas KUNZ ,  Naoaki SUZUKI ,  Anand Raghawa PRASAD

IPC: H04W8/18 ,  H04W48/18 ,  H04L29/06 ,  H04W4/50

Abstract: Embodiments of this disclosure enable the I-CSCF and S-CSCF to detect inbound roaming UEs to network supporting Service Domain Centralization in IMS, so that the S-CSCF is able to select the appropriate database entity and can understand the CS authentication vector.

公开(公告)号：US20190335329A1

公开(公告)日：2019-10-31

申请号：US16505060

申请日：2019-07-08

Applicant: NEC Corporation

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04W12/04 ,  H04W4/70

Abstract: A root key (K_iwf) is derived at a network and sent to MTC UE (10). The K_iwf is used for deriving subkeys for protecting communication between MTC UE (10) and MTC-IWF (20). In a case where HSS (30) derives the K_iwf, HSS (30) send to MTC-IWF (20) the K_iwf in a new message (Update Subscriber Information). In a case where MME (40) derives the K_iwf, MME (40) sends the K_iwf through HSS (30) or directly to MTC-IWF (20). MTC-IWF (20) can derive the K_iwf itself. The K_iwf is sent through MME (40) to MTC UE (10) by use of a NAS SMC or Attach Accept message, or sent from MTC-IWF (20) directly to MTC UE (10). In a case where the K_iwf is sent from MME (40), MME (40) receives the K_iwf from HSS (30) in an Authentication Data Response message, or from MTC-IWF (20) directly.

公开(公告)号：US20190253939A1

公开(公告)日：2019-08-15

申请号：US16388084

申请日：2019-04-18

Applicant: NEC CORPORATION

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04W36/00

CPC classification number: H04W36/0055 ,  H04W36/0038 ,  H04W36/0069 ,  H04W88/06

Abstract: A UE (10) provides information on potential S′eNB(s). The information is forwarded from an MeNB (20_1) to an M′eNB (20_2) such that the M′eNB (20_2) can determine, before the handover happens, whether the M′eNB (20_2) will configure a new SeNB (S′eNB) and which S′eNB the M′eNB (20_2) will configure. In one of options, the MeNB (20_1) derives a key S′-KeNB for communication protection between the UE (10) and the S′eNB (30_1), and send the S′-KeNB to the M′eNB (20_2). In another option, the M′eNB (20_2) derives the S′-KeNB from a key KeNB* received from the MeNB (20_1). The M′eNB (20_2) sends the S′-KeNB to the S′eNB (30_1). Moreover, there are also provided several variations to perform SeNB Release, SeNB Addition, Bearer Modification and the like, in which the order and/or timing thereof can be different during the handover procedure.

公开(公告)号：US20190246270A1

公开(公告)日：2019-08-08

申请号：US16311463

申请日：2017-07-14

Applicant: NEC Corporation

Inventor： Hironori ITO ,  Anand Raghawa PRASAD ,  Andreas KUNZ ,  Naoaki SUZUKI ,  Toshiyuki TAMURA

IPC: H04W12/06 ,  H04W8/24 ,  H04L29/06

CPC classification number: H04W12/06 ,  H04L63/20 ,  H04W8/18 ,  H04W8/24 ,  H04W12/04 ,  H04W88/12 ,  H04W88/14 ,  H04W92/24

Abstract: A purpose of the present disclosure is to provide a communication system that are capable of maintaining a high security level in each divided network in the case of applying network slicing to a core network. A communication system according to the present disclosure includes a subscriber-information management apparatus (10) configured to manage subscriber information of a communication terminal; and a security apparatus (20) configured to manage identification information of the communication terminal in association with security information used in at least one network slice system usable by the communication terminal. The subscriber-information management apparatus (10) acquires, using the identification information of the communication terminal and identification information of a network slice system used by the communication terminal, security information used in the network slice system used by the communication terminal from the security apparatus (20).

公开(公告)号：US20190215748A1

公开(公告)日：2019-07-11

申请号：US16354273

申请日：2019-03-15

Applicant: NEC CORPORATION

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04W36/28 ,  H04W28/08 ,  H04W36/00 ,  H04W12/04 ,  H04W76/27

CPC classification number: H04W36/28 ,  H04W12/04 ,  H04W28/08 ,  H04W36/0055 ,  H04W36/0069 ,  H04W76/27 ,  H04W88/08 ,  H04W92/20

Abstract: An SeNB (30) informs an MeNB (20) that it can configure bearers for the given UE (10). At this time, the MeNB (20) manages the DRB status, and then sends a key S-KeNB to the SeNB (30). The MeNB (20) also sends a KSI for the S-KeNB to both of the UE (10) and the SeNB (30). After this procedure, the MeNB (20) informs an EPC (MME (40) and S-GW (50)) about the new bearer configured at the SeNB (30), such that the S-GW 50 can start offloading the bearer(s) to the SeNB 30. Prior to the offloading, the EPC network entity (MME (40) or S-GW (50)) performs verification that: 1) whether the request is coming from authenticated source (MeNB); and 2) whether the SeNB (30) is a valid eNB to which the traffic can be offload.