公开(公告)号：US10893026B2

公开(公告)日：2021-01-12

申请号：US15840554

申请日：2017-12-13

Applicant: Nokia Technologies Oy

Inventor： Anja Jerichow

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  H04W12/02 ,  H04W12/00 ,  H04W12/04

Abstract: In a home network of a communication system, wherein one or more cryptographic key pairs are provisioned for utilization by subscribers of the home network to conceal subscriber identifiers provided to one or more access points in the communication system, the method comprises provisioning one or more privacy managing entity identifiers for utilization by the subscribers when providing their concealed subscriber identifiers to the communication system. Each of the one or more privacy managing entity identifiers identify a given privacy managing entity in the communication system configured to de-conceal a given subscriber identifier.

公开(公告)号：US10893025B2

公开(公告)日：2021-01-12

申请号：US16014294

申请日：2018-06-21

Applicant: Nokia Technologies Oy

Inventor： Nagendra S. Bykampadi ,  Suresh P. Nair ,  Anja Jerichow

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/08 ,  H04W88/16 ,  H04W12/00 ,  H04L29/08 ,  H04W84/04 ,  H04W12/10

Abstract: In a communication system comprising a first network operatively coupled to a second network, wherein the first network comprises a first security edge protection proxy element operatively coupled to a second security edge protection proxy element of the second network; the method comprises constructing a message at a network function in the first network destined for the second network, wherein the message comprises at least one information element and an indicator, wherein the indicator is set to specify at least one security operation to be applied to the at least one information element before sending the message to the second security edge protection proxy element of the second network.

公开(公告)号：US20180322785A1

公开(公告)日：2018-11-08

申请号：US15838306

申请日：2017-12-11

Applicant: Nokia Technologies Oy

Inventor： Anja Jerichow ,  Joachim Lueken ,  Wolfgang Scheidl

IPC: G08G1/16 ,  G08G1/0965 ,  H04L29/08

CPC classification number: G08G1/162 ,  G08G1/0112 ,  G08G1/012 ,  G08G1/0129 ,  G08G1/0141 ,  G08G1/0965 ,  G08G1/096716 ,  G08G1/09675 ,  G08G1/096775 ,  G08G1/096791 ,  G08G1/164 ,  H04L67/12 ,  H04L67/20 ,  H04W4/44 ,  H04W4/90 ,  H04W12/06

Abstract: An application server in a cellular network receives incident information and determines a trust value associated with the incident information using one or more trust parameters. The application server generates a warning message including the the trust value and the one or more trust parameters. The warning message is broadcast to user equipment in vehicles in an area of relevance. The user equipment in the vehicles in the area of relevance receives the warning message and may re-evaluate the trust value in the warning message based on additional trust parameters or information. The user equipment may determine to perform one or more actions based on the trust value, such as providing a warning to a driver or performing a braking operation.

公开(公告)号：US12192359B2

公开(公告)日：2025-01-07

申请号：US17550549

申请日：2021-12-14

Applicant: Nokia Technologies Oy

Inventor： Chaitanya Aggarwal ,  Anja Jerichow ,  Saurabh Khare

IPC: H04L9/32

Abstract: According to an example aspect of the present invention, there is provided an apparatus configured at least to: receive, from a service communication proxy, a request for an access token which authorizes access to a service at a network function provider, transmit an authorization token to the service communication proxy, the authorization token being specific to the request, and provide the access token to the service communication proxy responsive to determining that a cryptographic signature of a network function consumer on a signed version of the authorization token, received in the apparatus from the service communication proxy, is correct. The apparatus may work in a network serving user equipments, for example.

公开(公告)号：US12034733B2

公开(公告)日：2024-07-09

申请号：US17494930

申请日：2021-10-06

Applicant: Nokia Technologies Oy

Inventor： Saurabh Khare ,  Colin Kahn ,  Georgios Gkellas ,  Yannick Lair ,  Anja Jerichow ,  Chaitanya Aggarwal

IPC: H04L9/40 ,  H04W12/06 ,  H04W12/08

CPC classification number: H04L63/102 ,  H04L63/083 ,  H04W12/06 ,  H04W12/08

Abstract: According to an example aspect of the present invention, there is provided a method comprising, receiving, by an intermediary network function, a subscription request from a network function consumer requesting data of a network function producer, wherein the subscription request comprises a client credential assertion of the network function consumer and an access token, authorizing and authenticating, by the intermediary network function, the network function consumer upon successful validation of the access token and the client credential assertion validation and transmitting, by the intermediary network function, an access token request to an authorization server to get another access token, wherein said another access token is to be used to validate the network function consumer to access services of the network function producer, and the access token request comprises the client credential assertion of the network function consumer requesting data of the network function producer.

公开(公告)号：US12034704B2

公开(公告)日：2024-07-09

申请号：US17394828

申请日：2021-08-05

Applicant: Nokia Technologies Oy

Inventor： Saurabh Khare ,  Bruno Landais ,  Thomas Belling ,  Anja Jerichow

IPC: H04L41/084 ,  H04L9/40 ,  H04L67/141 ,  H04L67/30

CPC classification number: H04L63/0281 ,  H04L41/0843 ,  H04L63/102 ,  H04L67/141 ,  H04L67/30

Abstract: There are provided measures for optimization of network function profile administration and registration. Such measures exemplarily comprise, at a network repository function entity, receiving, from a control entity, network entity profile template information, storing said network entity profile template information, wherein said network entity profile template information comprises a network entity profile template including an identifier of said network entity profile template and a profile content of said network entity profile template, said profile content including at least one profile attribute, receiving, from a network entity, a network entity registration request comprising said identifier of said network entity profile template, and generating a network entity profile for said network entity based on said at least one profile attribute.

公开(公告)号：US11956626B2

公开(公告)日：2024-04-09

申请号：US17603833

申请日：2019-04-17

Applicant: Nokia Technologies Oy

Inventor： Bo Holm Bjerrum ,  Anja Jerichow

IPC: H04W12/041 ,  H04L9/08 ,  H04W12/0431 ,  H04W12/06

CPC classification number: H04W12/041 ,  H04L9/0866 ,  H04W12/0431 ,  H04W12/068 ,  H04L2209/80

Abstract: According to an example aspect of the present invention, there is provided method, comprising: generating a first key based on a first input specific to a mobile device, wherein the first input comprises measurement of mutable code of the mobile device and a unique device secret, generating a symmetric second key on the basis of the first key and a second input specific to the mobile device, and generating authentication credentials on the basis of the second key for authenticating the mobile device to a mobile communications network.

公开(公告)号：US11818102B2

公开(公告)日：2023-11-14

申请号：US17232579

申请日：2021-04-16

Applicant: Nokia Technologies Oy

Inventor： Saurabh Khare ,  Chaitanya Aggarwal ,  Anja Jerichow

IPC: H04L9/40

CPC classification number: H04L63/0281 ,  H04L63/08

Abstract: Embodiments of the present disclosure relate to methods, apparatuses and computer readable storage media for inter-network communication. A first edge protection proxy in a first network receives a request for an access token from a network repository function in the first network. The access token is to be used by a first network function in the first network to request a service from a second network function in a second network. The first edge protection proxy validates the request based on configurations allowed to access services provided by networks different from the first network. If the validation of the request is successful, the first edge protection proxy transmits the request to a second edge protection proxy in the second network. The transmitted request comprises verified information concerning the first network function.

公开(公告)号：US11689579B2

公开(公告)日：2023-06-27

申请号：US17264768

申请日：2019-08-02

Applicant: Nokia Technologies Oy

Inventor： Peter Schneider ,  Anja Jerichow

IPC: H04L9/40 ,  H04W12/033 ,  H04W12/06 ,  H04W12/08 ,  H04W12/10

CPC classification number: H04L63/205 ,  H04L63/0428 ,  H04L63/0892 ,  H04W12/033 ,  H04W12/06 ,  H04W12/08 ,  H04W12/10

Abstract: A session management function of a 5G system receives information that a secondary authentication is to be done for a given user equipment for authorising user equipment to use a data network; and responsively to the received information, communicates with the data network and receives from the data network an indication; and allows a 5G access to the user equipment so that the user equipment can communicate with the data network according to the indication either without cryptographic protection or with cryptographic protection depending on the indication.

公开(公告)号：US20210297457A1

公开(公告)日：2021-09-23

申请号：US17264768

申请日：2019-08-02

Applicant: Nokia Technologies Oy

Inventor： Peter Schneider ,  Anja Jerichow

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/033 ,  H04W12/10 ,  H04W12/08

Abstract: A session management function of a 5G system receives information that a secondary authentication is to be done for a given user equipment for authorising user equipment to use a data network; and responsively to the received information, communicates with the data network and receives from the data network an indication; and allows a 5G access to the user equipment so that the user equipment can communicate with the data network according to the indication either without cryptographic protection or with cryptographic protection depending on the indication.