公开(公告)号：US11902792B2

公开(公告)日：2024-02-13

申请号：US17045370

申请日：2019-04-04

Applicant: NOKIA TECHNOLOGIES OY

Inventor： Suresh Nair ,  Anja Jerichow ,  Nagendra S Bykampadi ,  Dimitrios Schoinianakis

IPC: H04L29/00 ,  H04W12/72 ,  H04W12/041 ,  H04L9/30 ,  H04W12/06

CPC classification number: H04W12/72 ,  H04L9/3073 ,  H04W12/041 ,  H04W12/06

Abstract: At given user equipment in a communication system, a unified subscription identifier data structure is constructed. The unified subscription identifier data structure includes a plurality of fields that specify information for a selected one of two or more subscription identifier types and selectable parameters associated with the selected subscription identifier type, and wherein the information in the unified subscription identifier data structure is useable by the given user equipment to access one or more networks associated with the communication system based on an authentication scenario corresponding to the selected subscription identifier type. For example, during different authentication scenarios, the given user equipment utilizes the unified subscription identifier data structure to provide the appropriate subscription identifier (e.g., SUPI, SUCI or IMSI) and associated parameters for the given authentication scenario.

公开(公告)号：US11792172B2

公开(公告)日：2023-10-17

申请号：US15794856

申请日：2017-10-26

Applicant: Nokia Technologies Oy

Inventor： Suresh P. Nair ,  Anja Jerichow ,  Annett Seefeldt

IPC: H04L9/40 ,  H04W12/02 ,  H04W12/033 ,  H04W12/041 ,  H04W12/069

CPC classification number: H04L63/0442 ,  H04L63/06 ,  H04L63/083 ,  H04L63/0876 ,  H04W12/02 ,  H04W12/033 ,  H04W12/041 ,  H04W12/069

Abstract: Techniques for providing privacy features in communication systems are provided. For example, a message may be provided from user equipment to an element or function in a communication network that comprises one or more privacy indicators, where privacy features for processing the message are determined based on the privacy indicators. The message may comprise an attach request comprising a subscription identifier for a subscriber associated with the user equipment, with the privacy indicators comprising a flag indicating whether the subscription identifier in the attach request is privacy-protected. As another example, the element of function in the communication network may determine privacy features supported by the communication network and generate and send a message to user equipment comprising one or more privacy indicators selected based on the determined privacy features. The privacy indicators may comprise an indication of whether the communication network is configured for handling privacy-protected subscription identifiers.

公开(公告)号：US20230099468A1

公开(公告)日：2023-03-30

申请号：US17479867

申请日：2021-09-20

Applicant: Nokia Technologies Oy

Inventor： Saurabh Khare ,  Bruno Landais ,  Anja Jerichow ,  Laurent Thiebaut ,  Georgios Gkellas

IPC: H04W8/02 ,  H04W48/16 ,  H04W8/18

Abstract: There is provided an apparatus comprising at least one processor and at least one memory including a computer program code, the at least one memory and computer program code configured to, with the at least one processor, cause the apparatus at least to: receive, at a first network repository function in a first network from a security edge protection proxy in a second network, a request for discovering one or more roaming hubs and/or security edge protection proxies in the first network; and send, from the first network repository function to the security edge protection proxy in the second network, a response comprising information identifying the one or more roaming hubs and/or security edge protection proxies in the first network and information identifying one or more further networks which can be reached via a respective roaming hub and/or security edge protection proxy in the first network.

公开(公告)号：US11564193B2

公开(公告)日：2023-01-24

申请号：US17055119

申请日：2018-05-18

Applicant: Nokia Technologies Oy

Inventor： Cinzia Sartori ,  Anja Jerichow ,  Peter Schneider

IPC: H04W60/00 ,  H04W12/06

Abstract: Authentication in a public land mobile network, PLMN, having tenant slices is performed by a network element that has: a memory comprising program code; a communication circuitry for communication with entities in the PLMN; and a processing circuitry configured to execute the program code and according to the program code to cause: detecting a registration request from a mobile communication device, MCDt; detecting whether the registration request requests access to a network slice with one-tier authentication with the network slice, and: if yes, causing beginning of authenticating the MCDt with the network slice independently of any authentication between the MCDt and the PLMN.

公开(公告)号：US11533358B1

公开(公告)日：2022-12-20

申请号：US17477735

申请日：2021-09-17

Applicant: Nokia Technologies Oy

Inventor： Saurabh Khare ,  Bruno Landais ,  Anja Jerichow ,  Laurent Thiebaut ,  Georgios Gkellas

IPC: H04L67/02 ,  H04L69/22 ,  H04L69/329

Abstract: Systems, methods, and software for inter-PLMN communications. In one embodiment, a roaming hub receives a message from a sending entity across an N32 interface, and determines whether the message includes an HTTP custom header that indicates a PLMN that is validated. When the message as received does not include the HTTP custom header, the roaming hub adds the HTTP custom header to the message that indicates the PLMN of the sending entity, integrity protects the HTTP custom header, and forwards the message toward a receiving entity.

公开(公告)号：US11483741B2

公开(公告)日：2022-10-25

申请号：US17273781

申请日：2019-08-09

Applicant: Nokia Technologies Oy

Inventor： Suresh Nair ,  Anja Jerichow ,  Nagendra S Bykampadi

IPC: H04W28/24 ,  H04W12/03 ,  H04L9/40 ,  H04W8/12 ,  H04W84/04

Abstract: Techniques for automated management of a service level agreement between a first communication network and a second communication network are provided. For example, one of the communication networks is a visited network while the other is a home network whereby the service level agreement is a roaming agreement. In one example, a message is received at a first communication network from a second communication network, wherein at least a portion of the message relates to the service level agreement between the first communication network and the second communication network. An automated verification of information in the message is performed at the first communication network to determine compliance with the service level agreement. The message receiving step is performed by a security edge protection proxy function of the first communication network and the automated verification performing step is performed by a service level agreement management function of the first communication network.

公开(公告)号：US10574462B2

公开(公告)日：2020-02-25

申请号：US15729205

申请日：2017-10-10

Applicant: Nokia Technologies Oy

Inventor： Anja Jerichow ,  Annett Seefeldt ,  Nagendra S. Bykampadi ,  Suresh P. Nair ,  Ulrich Wiehe

IPC: H04L9/32 ,  H04L9/14 ,  H04L9/30 ,  H04L9/08 ,  H04L29/06 ,  H04W12/04 ,  H04W12/02 ,  H04L9/00 ,  H04W88/02 ,  H04W12/00

Abstract: Privacy management techniques for communication systems are provided. In one or more methods, one or more cryptographic key pairs are provisioned in a home network of a communication system for utilization by subscribers of the home network to conceal subscriber identifiers provided to access points in the communication system. The cryptographic key pairs are managed utilizing an element or function in the home network of the communication system. In one or more other methods, one or more public keys associated with one or more cryptographic key pairs are stored in user equipment, the cryptographic key pairs being provisioned by a home network of a communication system for use by subscribers of the home network to conceal subscriber identifiers provided to access points in the communication network. An element or function of the home network of the communication system is interfaced for management of the public keys stored in the user equipment.

公开(公告)号：US20190260803A1

公开(公告)日：2019-08-22

申请号：US16014262

申请日：2018-06-21

Applicant: Nokia Technologies Oy

Inventor： Nagendra S. Bykampadi ,  Suresh P. Nair ,  Anja Jerichow

IPC: H04L29/06 ,  H04W12/10 ,  H04W12/02 ,  H04L9/08 ,  H04L12/24 ,  H04L29/08

Abstract: In a communication system comprising a first network operatively coupled to a second network, wherein the first network comprises a first security edge protection proxy element operatively coupled to a second security edge protection proxy element of the second network; the method comprises configuring at least a given one of the first and second security edge protection proxy elements to apply application layer security to one or more information elements in a received message from a network function before sending the message to the other one of the first and second security edge protection proxy elements.

公开(公告)号：US20190253461A1

公开(公告)日：2019-08-15

申请号：US16014358

申请日：2018-06-21

Applicant: Nokia Technologies Oy

Inventor： Nagendra S. Bykampadi ,  Suresh P. Nair ,  Anja Jerichow

IPC: H04L29/06

Abstract: In a communication system comprising a first network operatively coupled to a second network, wherein the first network comprises a first security edge protection proxy element operatively coupled to a second security edge protection proxy element of the second network, a method comprises provisioning at least a given one of the first and second security edge protection proxy elements with configuration information that enables the given security edge protection proxy element to identify at least one security operation to be applied to at least one information element in a received message before sending the message to the other one of the first and second security edge protection proxy elements.

公开(公告)号：US20190036697A1

公开(公告)日：2019-01-31

申请号：US15729205

申请日：2017-10-10

Applicant: Nokia Technologies Oy

Inventor： Anja Jerichow ,  Annett Seefeldt ,  Nagendra S. Bykampadi ,  Suresh P. Nair ,  Ulrich Wiehe

IPC: H04L9/32 ,  H04L9/14 ,  H04L9/08 ,  H04L9/30

Abstract: Privacy management techniques for communication systems are provided. In one or more methods, one or more cryptographic key pairs are provisioned in a home network of a communication system for utilization by subscribers of the home network to conceal subscriber identifiers provided to access points in the communication system. The cryptographic key pairs are managed utilizing an element or function in the home network of the communication system. In one or more other methods, one or more public keys associated with one or more cryptographic key pairs are stored in user equipment, the cryptographic key pairs being provisioned by a home network of a communication system for use by subscribers of the home network to conceal subscriber identifiers provided to access points in the communication network. An element or function of the home network of the communication system is interfaced for management of the public keys stored in the user equipment.