公开(公告)号：US20230353561A1

公开(公告)日：2023-11-02

申请号：US18306434

申请日：2023-04-25

Applicant: Nokia Technologies Oy

Inventor： Chaitanya AGGARWAL ,  Saurabh Khare ,  German Peinado Gomez ,  Gerald Kunzmann

IPC: H04L9/40 ,  G06N20/00

CPC classification number: H04L63/0853 ,  G06N20/00

Abstract: Methods, systems, apparatuses, and computer program products are provided for authorized machine learning model retrieval for a communications network. In this regard, an access token request for one or more machine learning models related to a communications network is received from a network function service consumer (NFc). The access token request includes information to identify the one or more machine learning models. The NFc is then authorized with respect to the one or more machine learning models based on the information included in the access token request. Additionally, enhanced an access token for retrieving the one or more machine learning models is provided to the NFc based on valid authorization of the NFc with respect to the one or more machine learning models.

公开(公告)号：US20230068651A1

公开(公告)日：2023-03-02

申请号：US17462319

申请日：2021-08-31

Applicant: Nokia Technologies Oy

Inventor： Dario Bega ,  Gerald Kunzmann ,  Chaitanya Aggarwal

IPC: H04W24/08 ,  H04L12/24 ,  H04W24/02

Abstract: Techniques for detection of abnormal network function service usage in a communication network are disclosed. For example, a method comprises obtaining, at a first network entity, one or more service requests previously received by a second network entity for a service which the second network entity is configured to provide in a communication network. The method further comprises obtaining, at the first network entity, an analysis of the one or more service requests previously received by the second network entity for the service. The method further comprises obtaining, at the first network entity, an expected service usage for the service from the analysis of the one or more service requests. The method may then compare incoming service requests to the expected service usage to detect a given condition, e.g., an abnormal condition, so that at least one action can be taken.

公开(公告)号：US12219376B2

公开(公告)日：2025-02-04

申请号：US17462319

申请日：2021-08-31

Applicant: Nokia Technologies Oy

Inventor： Dario Bega ,  Gerald Kunzmann ,  Chaitanya Aggarwal

IPC: H04W24/08 ,  H04L41/147 ,  H04L41/16 ,  H04W24/02

Abstract: Techniques for detection of abnormal network function service usage in a communication network are disclosed. For example, a method comprises obtaining, at a first network entity, one or more service requests previously received by a second network entity for a service which the second network entity is configured to provide in a communication network. The method further comprises obtaining, at the first network entity, an analysis of the one or more service requests previously received by the second network entity for the service. The method further comprises obtaining, at the first network entity, an expected service usage for the service from the analysis of the one or more service requests. The method may then compare incoming service requests to the expected service usage to detect a given condition, e.g., an abnormal condition, so that at least one action can be taken.

公开(公告)号：US12167241B2

公开(公告)日：2024-12-10

申请号：US17675436

申请日：2022-02-18

Applicant: Nokia Technologies Oy

Inventor： Chaitanya Aggarwal ,  Saurabh Khare ,  Anja Jerichow ,  Gerald Kunzmann ,  Yannick Lair

IPC: H04W12/069 ,  H04L9/40 ,  H04W12/08

Abstract: According to an example aspect of the present invention, there is provided an apparatus comprising means for receiving from a requesting network function, by a network repository function, an access token request, wherein the access token request is related to a network function consumer requesting access to a service provided by a network function producer and comprises an identity of a vendor of the network function consumer requesting access to the service, means for verifying by the network repository function, based at least on the identity of the vendor of the network function consumer, that the network function consumer is allowed to access the service and means for transmitting to the requesting network function, by the network repository function, an access token upon successful verification, wherein the access token generated and signed by the network repository function comprises the identity of the vendor of the network function consumer and an identity of the vendor of the network function producer.

公开(公告)号：US12047780B2

公开(公告)日：2024-07-23

申请号：US17568144

申请日：2022-01-04

Applicant: Nokia Technologies Oy

Inventor： Saurabh Khare ,  Chaitanya Aggarwal ,  Anja Jerichow ,  Gerald Kunzmann

IPC: H04W12/084 ,  H04W8/18 ,  H04W12/02 ,  H04W12/082 ,  H04W12/60

CPC classification number: H04W12/084 ,  H04W8/18 ,  H04W12/02 ,  H04W12/082 ,  H04W12/60

Abstract: According to an example aspect of the present invention, there is provided an apparatus comprising means for receiving, by a network function configured to provide centralized user consent authorization in a cellular communication system, a user consent authorization request from a logical network entity, wherein the user consent authorization request comprises an identity of at least one user equipment whose user consent is requested by the logical network entity, the logical network entity being a network function service consumer or an application function, means for retrieving user consent information concerning the at least one user equipment whose user consent is requested by the logical network entity, wherein said user consent information indicates individually whether the logical network entity is authorized to access data related to each of the at least one user equipment, means for determining, based on said user consent information, whether the logical network entity is authorized to access data related to each of the at least one user equipment and means for transmitting, based on said determination, a response signed by the network function to the logical network entity.

公开(公告)号：US12206671B2

公开(公告)日：2025-01-21

申请号：US17737576

申请日：2022-05-05

Applicant: Nokia Technologies Oy

Inventor： Gerald Kunzmann ,  Saurabh Khare ,  Chaitanya Aggarwal

IPC: H04L9/40

Abstract: Techniques for data management in a network entity to authorize data consumers in a communication network are disclosed. For example, a method comprises receiving, at a network entity of a communication network, data generated by a data producer in the communication network, and storing, at the network entity, the data generated by the data producer. The stored data has metadata, associated with the data producer, appended thereto.

公开(公告)号：US12041455B2

公开(公告)日：2024-07-16

申请号：US17514120

申请日：2021-10-29

Applicant: Nokia Technologies Oy

Inventor： Shubhranshu Singh ,  Chaitanya Aggarwal ,  Saurabh Khare ,  Konstantinos Samdanis ,  Gerald Kunzmann

IPC: H04W12/12 ,  H04W12/122 ,  H04W12/128

CPC classification number: H04W12/122 ,  H04W12/128

Abstract: According to an example aspect of the present invention, there is provided a method comprising, determining, by an apparatus configured to operate as a network function a cellular communication system, at least two disjoint network paths, wherein the at least two disjoint network paths are different paths, and comprise different physical resources, transmitting, by the apparatus, a subscription request to an analytics function of the cellular communication system, to request notifications about attacks or risks of attacks on at least one network function on at least one of the at least two disjoint network paths, receiving from the analytics function, by the apparatus, information about at least one compromised network entity and/or at least one network entity having a risk of being compromised on said at least one of the at least two disjoint network paths and performing, by the apparatus, attack mitigation based on said information.

公开(公告)号：US20230136287A1

公开(公告)日：2023-05-04

申请号：US17514120

申请日：2021-10-29

Applicant: Nokia Technologies Oy

Inventor： Shubhranshu Singh ,  Chaitanya Aggarwal ,  Saurabh Khare ,  Konstantinos Samdanis ,  Gerald Kunzmann

IPC: H04W12/122 ,  H04W12/128

Abstract: According to an example aspect of the present invention, there is provided a method comprising, determining, by an apparatus configured to operate as a network function a cellular communication system, at least two disjoint network paths, wherein the at least two disjoint network paths are different paths, and comprise different physical resources, transmitting, by the apparatus, a subscription request to an analytics function of the cellular communication system, to request notifications about attacks or risks of attacks on at least one network function on at least one of the at least two disjoint network paths, receiving from the analytics function, by the apparatus, information about at least one compromised network entity and/or at least one network entity having a risk of being compromised on said at least one of the at least two disjoint network paths and performing, by the apparatus, attack mitigation based on said information.