公开(公告)号：US12284719B2

公开(公告)日：2025-04-22

申请号：US17439224

申请日：2021-05-10

Applicant: Apple Inc.

Inventor： Shu Guo ,  Dawei Zhang ,  Huarui Liang ,  Haijing Hu

IPC: H04W8/18

Abstract: Apparatuses, systems, and methods for revocation and/or modification of user consent in Edge Computing (MEC). A user equipment device (UE) may determine that user consent needs to be updated. The user consent may be associated with MEC. Additionally, the UE may transmit, via an application layer of the UE, a user consent modification request to an edge application server of a network, e.g., of an edge data network. The user consent modification request may be carried in application data traffic. The user consent modification request may be indicated via an Nnef_ParameterProvision_Update service operation. The user consent modification request is indicated via an Nnef_ParameterProvision_Update service operation.

公开(公告)号：US12245308B2

公开(公告)日：2025-03-04

申请号：US17776449

申请日：2020-01-31

Applicant: Apple Inc.

Inventor： Shu Guo ,  Xiangying Yang ,  Fangli Xu ,  Yuqin Chen ,  Huarui Liang ,  Haijing Hu ,  Dawei Zhang

IPC: H04W76/00 ,  H04W12/106 ,  H04W36/00 ,  H04W72/231 ,  H04W72/30 ,  H04W76/19 ,  H04W76/30

Abstract: Embodiments are presented herein of apparatuses, systems, and methods for a user equipment device (UE) and/or cellular network to resume a connection. To resume the connection, the UE may transmit a fully protected connection resume message, e.g., which may include protection for a resume cause field.

公开(公告)号：US12143814B2

公开(公告)日：2024-11-12

申请号：US17593296

申请日：2021-05-10

Applicant: APPLE INC.

Inventor： Shu Guo ,  Dawei Zhang ,  Haijing Hu ,  Huarui Liang

IPC: H04M1/66 ,  H04W12/041 ,  H04W12/0433 ,  H04W12/06 ,  H04W60/04

Abstract: Disclosed are embodiments of a user equipment (UE) configured to communicate in a 5G network and to perform authentication between an edge enabler client (EEC) of the UE and an edge configuration server (ECS) or an edge enabler server (EES) based on an architecture for authentication and key management for applications (AKMA). The techniques include performing primary authentication with the 5G network to obtain a KAUSF; generating a KAKMA and an A-KID; providing to the EEC the KAKMA and an EEC identifier (ID) for the EEC to generate a Kedge, the KAKMA and the EEC ID being used by the EEC to compute a MACEEC; and sending to the ECS or the EES an application registration request, the application registration request including the EEC ID, the MACEEC, and the A-KID.

公开(公告)号：US12132830B2

公开(公告)日：2024-10-29

申请号：US17437798

申请日：2020-04-03

Applicant: Apple Inc.

Inventor： Shu Guo ,  Dawei Zhang ,  Fangli Xu ,  Haijing Hu ,  Huarui Liang ,  Xiangying Yang ,  Yuqin Chen

IPC: H04L29/06 ,  H04L9/08 ,  H04W12/041

CPC classification number: H04L9/0861 ,  H04L9/0891 ,  H04W12/041 ,  H04L2209/80

Abstract: Apparatuses, systems, and methods for application function (AF) key generation and AF key renewal. A user equipment device (UE) may communicate with an application function (AF) via a radio access network (RAN) using a first AF key and determine that the first AF key has expired. The UE may derive a second AF key based on at least an Architecture for Authentication and Key Management for Applications (AKMA) anchor key (KAKMA) and a counter parameter and communicate with the AF via the RAN using the second AF key. At least one of the UE, the AF, and/or an AKMA Anchor Function (AAnF) may be configured to monitor expiration of the first AF key based on an associated lifetime of the first AF key. The first and second AF keys may be derived using a key derivation function that includes at least one variable parameter.

公开(公告)号：US12101630B2

公开(公告)日：2024-09-24

申请号：US17634950

申请日：2019-08-18

Applicant: Apple Inc.

Inventor： Xiangying Yang ,  Jean-Marc Padova ,  Li Li ,  Shu Guo

IPC: G06F7/04 ,  H04L9/32 ,  H04W8/20 ,  H04W12/041 ,  H04W12/0431 ,  H04W12/069 ,  H04L9/40

CPC classification number: H04W12/069 ,  H04L9/3247 ,  H04L9/3263 ,  H04W8/205 ,  H04W12/041 ,  H04W12/0431 ,  H04L63/166 ,  H04L2209/80

Abstract: This application sets forth techniques for authenticating a mobile device with a cellular wireless network without electronic Subscriber Identity Module (eSIM) credentials by using an Extensible Authentication Protocol Transport Layer Security (EAP-TLS) procedure. The mobile device authenticates with an Authentication Server Function (AUSF) of the cellular wireless network using an embedded Universal Integrated Circuit Card (eUICC) certificate. Processing circuitry of the mobile wireless device external to the eUICC implements the EAP-TLS procedure and authenticates validity of the AUSF. In some embodiments, the eUICC provides key generation and storage for a session key for communication between the mobile device and the cellular wireless network. In some embodiments, a third-party managed Unified Data Management (UDM) broker authenticates the mobile device based on knowledge of the eUICC certificate and provides a session key to the cellular wireless network for subsequent communication with the mobile device, upon successful authentication of the mobile device.

公开(公告)号：US12063505B2

公开(公告)日：2024-08-13

申请号：US17442778

申请日：2020-04-01

Applicant: Apple Inc.

Inventor： Shu Guo ,  Xiangying Yang ,  Yuqin Chen ,  Fangli Xu ,  Zhibin Wu ,  Dawei Zhang ,  Huarui Liang ,  Haijing Hu

IPC: H04W12/08 ,  H04W12/67

CPC classification number: H04W12/08 ,  H04W12/67

Abstract: Techniques discussed herein can facilitate improved security establishment procedures for Vehicle to Everything (V2X) direct connections. Various embodiments are employable at or comprise User Equipment, and can initiate and/or receive V2X security establishment connections wherein a receiving UE can reject the connection based on the initiating UE's capabilities/policy and/or the initiating UE can make the final decision regarding the connection based at least on receiving security policy and capability information from the receiving UE.

公开(公告)号：US20240214910A1

公开(公告)日：2024-06-27

申请号：US17919998

申请日：2021-10-21

Applicant: Apple Inc.

Inventor： Zhibin Wu ,  Shu Guo ,  Chunxuan Ye ,  Haijing Hu ,  Haitong Sun ,  Seyed Ali Akbar Fakoorian ,  Sudeep Manithara Vamanan ,  Yuqin Chen

IPC: H04W48/14 ,  H04W76/14 ,  H04W88/04 ,  H04W92/18

CPC classification number: H04W48/14 ,  H04W76/14 ,  H04W88/04 ,  H04W92/18

Abstract: The present application relates to devices and components including apparatus, systems, and methods for managing relay identifiers for sidelink relays in wireless networks.

公开(公告)号：US11968530B2

公开(公告)日：2024-04-23

申请号：US17593499

申请日：2020-08-06

Applicant: Apple Inc.

Inventor： Shu Guo ,  Dawei Zhang ,  Fangli Xu ,  Haijing Hu ,  Huarui Liang ,  Mona Agnel ,  Ralf Rossbach ,  Sudeep Manithara Vamanan ,  Xiangying Yang ,  Yuqin Chen

IPC: H04L29/06 ,  H04W12/06 ,  H04W60/00

CPC classification number: H04W12/068 ,  H04W60/00

Abstract: A network may authenticate a user equipment (UE) to access an edge data network. The network generates a first credential based on a second credential, the second credential generated for a procedure between the UE and a cellular network corresponding to the network component, receives an identifier associated with the first credential from a further network component in response to the UE transmitting an application registration request to a server associated with an edge data network and retrieves the first credential based on the identifier. The network also receives a multi-access edge computing (MEC) authorization parameter, verifies the MEC authorization parameter and transmits an authentication verification response to a second network component.

公开(公告)号：US11924184B2

公开(公告)日：2024-03-05

申请号：US17598224

申请日：2021-06-15

Applicant: Apple Inc.

Inventor： Shu Guo ,  Fangli Xu ,  Yuqin Chen ,  Xiangying Yang ,  Huarui Liang ,  Haijing Hu ,  Chunhai Yao ,  Dawei Zhang ,  Yushu Zhang ,  Zhibin Wu

IPC: H04L9/40 ,  H04L9/14

CPC classification number: H04L63/061 ,  H04L9/14

Abstract: The present application relates to devices and components including apparatus, systems, and methods for secured user equipment communications over a user equipment relay. In some embodiments, symmetric or asymmetric encryption may be used for the secured user equipment communications.

公开(公告)号：US11856402B2

公开(公告)日：2023-12-26

申请号：US17455000

申请日：2021-11-15

Applicant: Apple Inc.

Inventor： Xiangying Yang ,  Shu Guo ,  Lijia Zhang ,  Qian Sun ,  Huarui Liang ,  Fangli Xu ,  Yuqin Chen ,  Haijing Hu ,  Dawei Zhang ,  Hao Duo ,  Lanpeng Chen

IPC: H04L29/06 ,  H04L29/08 ,  H04W12/106 ,  H04L9/32 ,  H04W74/00 ,  H04W12/069 ,  H04W12/0433 ,  H04W72/23

CPC classification number: H04W12/106 ,  H04L9/3268 ,  H04W12/0433 ,  H04W12/069 ,  H04W72/23 ,  H04W74/006

Abstract: Techniques for identity-based message integrity protection and verification between a user equipment (UE) and a wireless network entity, include use of signatures derived from identity-based keys. To protect against attacks from rogue network entities before activation of a security context with a network entity, the UE verifies integrity of messages by checking a signature using an identity-based public key PKID derived by the UE based on (i) an identity value (ID) of the network entity and (ii) a separate public key PKPKG of a private key generator (PKG) server. The network entity generates signatures for messages using an identity-based private key SKID obtained from the PKG server, which generates the identity-based private key SKID using (i) the ID value of the network entity and (ii) a private key SKPKG that is known only by the PKG server and corresponds to the public key PKPKG.