公开(公告)号：US10893069B2

公开(公告)日：2021-01-12

申请号：US15441363

申请日：2017-02-24

Applicant: Nokia Technologies Oy

Inventor： Martin K. Peylo ,  Silke Holtmanns

IPC: H04L29/06 ,  H04W12/12

Abstract: In accordance with the example embodiments of the Invention there is at least a method and apparatus to detect that at least one message received from another network device of a communication network is in response to a prior message using a spoofed source address; based on the detecting, mirror the at least one message; and send to the another network device the mirrored at least one message to cause the another network device to filter out the at least one message in response to the prior message using the spoofed address. Further, there is at least a method and apparatus to receive from a network node signaling associated with at least one message; based on the signaling, detect that the at least one message is in response to a prior message using a spoofed source address; and based on the detecting, filter out the at least one message in response to the prior message using the spoofed source address.

公开(公告)号：US10887170B2

公开(公告)日：2021-01-05

申请号：US14772349

申请日：2013-03-05

Applicant: Nokia Technologies Oy

Inventor： Silke Holtmanns ,  Rune Lindholm

IPC: H04W4/60 ,  H04L12/24 ,  H04W8/18 ,  H04L29/08 ,  H04W4/50 ,  H04W12/06 ,  H04M1/725

Abstract: In accordance with an example embodiment of the present invention, there is provided an apparatus, comprising a transceiver arranged to insertably interface with an integrated module, at least one processing core configured to enable the integrated module to be connected, via the apparatus, to a network, the transceiver being configured to receive from the integrated module information enabling the apparatus to become an endpoint of a connection to a network node, and the at least one processing core being configured to receive, using the connection, a computer program for operating the apparatus. In some embodiments, the integrated module comprises a universal integrated circuit card and a secure execution environment.

公开(公告)号：US20200186999A1

公开(公告)日：2020-06-11

申请号：US16613207

申请日：2018-05-14

Applicant: Nokia Technologies Oy

Inventor： Anja Jerichow ,  Silke Holtmanns

IPC: H04W12/02 ,  H04W12/00 ,  H04W12/04 ,  H04L29/06 ,  H04W8/18

Abstract: It is provided a method, comprising instructing a subscription device to indicate an applied privacy protection to a visited network; instructing the subscription device to provide a protected subscription identifier to the visited network, wherein the protected subscription identifier is based on a permanent subscription identifier protected according to the applied privacy protection.

公开(公告)号：US10341312B2

公开(公告)日：2019-07-02

申请号：US15124434

申请日：2014-03-24

Applicant: Nokia Technologies Oy

Inventor： Silke Holtmanns ,  Jari Vainikka

IPC: H04L29/06 ,  H04L9/32 ,  H04N21/00 ,  H04N21/2347 ,  H04N21/266 ,  H04N21/4405 ,  G06F21/10 ,  H04N21/254 ,  H04N21/4627 ,  H04N21/426 ,  H04N21/436 ,  G06F21/72

Abstract: According to an example embodiment of the present invention, there is provided an apparatus comprising at least one secure element configured to store at least two credentials, and at least one processing core configured to cause a first one of the at least two credentials to be employed to decrypt a first encrypted content to produce a first decrypted content, to cause a second one of the at least two credentials to be employed to decrypt a second encrypted content to produce a second decrypted content, and to cause the first decrypted content be provided to a first rendering device over a first secured tunnel connection, wherein an endpoint of the first secured tunnel connection resides in the apparatus.

公开(公告)号：US20170142162A1

公开(公告)日：2017-05-18

申请号：US15309555

申请日：2014-05-20

Applicant: NOKIA TECHNOLOGIES OY

Inventor： Dajiang Zhang ,  Silke Holtmanns

IPC: H04L29/06 ,  H04W12/02

CPC classification number: H04L63/205 ,  H04L63/0428 ,  H04W12/0017 ,  H04W12/02

Abstract: Method, network element, mobile terminal, system and computer program product are disclosed for negotiating cryptographic algorithm. The method comprises: receiving a first candidate list from the mobile terminal by the network element, wherein the first candidate list includes at least one candidate cryptographic algorithm supported by the mobile terminal and excludes at least one undesirable cryptographic algorithm even though it is supported by the mobile terminal; and selecting, from the first candidate list, a cryptographic algorithm supported by both the network element and the mobile terminal. As the undesirable cryptographic algorithm(s) is excluded from the first candidate list, the network element will be forced to choose more secure algorithms for communications with the mobile terminal.

公开(公告)号：US20160269889A1

公开(公告)日：2016-09-15

申请号：US15030121

申请日：2013-10-22

Applicant: NOKIA TECHNOLOGIES OY

Inventor： Silke Holtmanns ,  Chaitra Shanthappa

IPC: H04W8/18 ,  H04W8/20

Abstract: A method, apparatus and computer program product are provided to selectively accept requests for communication that may be supported by different identification profiles with the selective acceptance being based upon a predefined criteria, such as the cost of the communications. In the context of a method, a request for communications is received from a network operator. The communications with the network operator are supported by a first of a plurality of identification profiles. The method also includes determining, relative to a predefined criteria, whether the communications should be supported by the first identification profile or by another identification profile configured to support communications with another network operator. In an instance in which the communications should be supported by another identification profile, the method causes the request for communications to be denied.

Abstract translation: 提供了一种方法，装置和计算机程序产品，用于选择性地接受可由不同识别简档支持的通信请求，其中选择性接受基于诸如通信成本的预定准则。 在方法的上下文中，从网络运营商接收到通信请求。 与网络运营商的通信由多个识别简档中的第一个来支持。 该方法还包括相对于预定义的标准确定通信是否应该由第一标识简档支持，或者通过被配置为支持与另一网络运营商的通信的另一识别简档来确定。 在通信应由另一识别简档支持的情况下，该方法导致通信请求被拒绝。

公开(公告)号：US20150373778A1

公开(公告)日：2015-12-24

申请号：US14765749

申请日：2013-03-08

Applicant: Nokia Technologies Oy

Inventor： Silke Holtmanns ,  Alireza Sohi

IPC: H04W88/06 ,  H04B1/3816

CPC classification number: H04W88/06 ,  H04B1/3816 ,  H04W8/205

Abstract: A method, corresponding apparatuses, and a computer program product for multiSIM devices with embedded SIM functionality are provided. The method comprises downloading at least one subscription from a secure application manager to a secure element with remote provisioning functionality within a user equipment. The method also comprises determining whether or not to assign an identity related to the at least one subscription. The method further comprises informing the user equipment of the at least one subscription being present upon assignment of the identity. With the claimed inventions, subscriptions and a pool of identities can be efficiently and flexibly managed and maintained remotely.

Abstract translation: 提供了一种具有嵌入式SIM功能的多SIMM设备的方法，对应设备和计算机程序产品。 该方法包括从安全应用管理器下载至少一个订阅到具有用户设备内的远程供应功能的安全元件。 所述方法还包括确定是否分配与所述至少一个订阅相关的身份。 所述方法还包括在所述身份的分配时向所述用户设备通知所述至少一个订阅。 通过所要求的发明，可以远程地高效且灵活地管理和维护订阅和身份池。

公开(公告)号：US11032699B2

公开(公告)日：2021-06-08

申请号：US16613207

申请日：2018-05-14

Applicant: Nokia Technologies Oy

Inventor： Anja Jerichow ,  Silke Holtmanns

IPC: H04W12/02 ,  H04L29/06 ,  H04W8/18 ,  H04W12/04 ,  H04W12/72

Abstract: It is provided a method, comprising instructing a subscription device to indicate an applied privacy protection to a visited network; instructing the subscription device to provide a protected subscription identifier to the visited network, wherein the protected subscription identifier is based on a permanent subscription identifier protected according to the applied privacy protection.

公开(公告)号：US10791456B2

公开(公告)日：2020-09-29

申请号：US15030121

申请日：2013-10-22

Applicant: Nokia Technologies Oy

Inventor： Silke Holtmanns ,  Chaitra Shanthappa

IPC: H04B1/38 ,  H04W8/18 ,  H04W8/20

Abstract: A method, apparatus and computer program product are provided to selectively accept requests for communication that may be supported by different identification profiles with the selective acceptance being based upon a predefined criteria, such as the cost of the communications. In the context of a method, a request for communications is received from a network operator. The communications with the network operator are supported by a first of a plurality of identification profiles. The method also includes determining, relative to a predefined criteria, whether the communications should be supported by the first identification profile or by another identification profile configured to support communications with another network operator. In an instance in which the communications should be supported by another identification profile, the method causes the request for communications to be denied.

公开(公告)号：US10484187B2

公开(公告)日：2019-11-19

申请号：US15310328

申请日：2014-05-20

Applicant: Nokia Technologies Oy

Inventor： Hannu Bergius ,  Silke Holtmanns

IPC: H04L29/06 ,  H04L9/32 ,  H04W12/06 ,  H04W12/04

Abstract: A method, apparatus and computer program in which a cellular terminal: transmits a request that requires authentication procedure triggering to a cellular network and responsively receiving from the cellular network an authentication request message with an indication of a selected cryptographic algorithm from a group of a plurality of cryptographic algorithms; decodes the authentication request message to a decoded authentication request according to the selected cryptographic algorithm and based on a shared secret known by the cellular terminal and a network operator of the cellular terminal; based on the decoded authentication request, the shared secret and the selected cryptographic algorithm, produces and encrypts an authentication response message; and transmits the authentication response message to the cellular network.