公开(公告)号：US20200236542A1

公开(公告)日：2020-07-23

申请号：US16842553

申请日：2020-04-07

Applicant: NEC Corporation

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04W12/04 ,  H04W12/08

Abstract: In order for supporting separate ciphering at an MeNB (20) and an SeNB (30), the MeNB (20) derives separate first and second keys (KUPenc-M, KUPenc-S) from a third key (KeNB). The first key (KUPenc-M) is used for confidentially protecting first traffic transmitted over U-Plane between the MeNB (20) and a UE (10). The first key (KUPenc-M) may be the same as current KUPenc or a new key. The second key (KUPenc-S) is used for confidentially protecting second traffic transmitted over the U-Plane between the UE (10) and the SeNB (30). The MeNB (20) sends the second key (KUPenc-S) to the SeNB (30). The UE (10) negotiates with the MeNB (20), and derives the second key (KUPenc-S) based on a result of the negotiation.

公开(公告)号：US20200228543A1

公开(公告)日：2020-07-16

申请号：US16830970

申请日：2020-03-26

Applicant: NEC Corporation

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04L29/06 ,  H04W12/08 ,  H04L29/08

Abstract: A method of forming a secure group in ProSe communication includes requesting a service request to a ProSe server from a requesting device (21), the service request indicating a request to communicate with a receiving device (22) from the requesting device (21), performing verification on the requesting and receiving devices (21) and (22) by the ProSe server 24, sending a ProSe Service Result to the requesting and receiving devices (21) and (22) to inform to be allowed a group member, and starting a group security establishment of the group including the requesting and receiving devices (21) and (22)

公开(公告)号：US20200153806A1

公开(公告)日：2020-05-14

申请号：US16744767

申请日：2020-01-16

Applicant: NEC Corporation

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04L29/06 ,  H04W12/10 ,  H04W12/02 ,  H04L9/08 ,  H04L9/32 ,  H04W76/14 ,  H04W12/04

Abstract: A method of performing authentication and authorization in Proximity based Service (ProSe) communication by a requesting device which sends a request of a communication and a receiving device which receives the request from the requesting device, the method including deriving session keys Kpc and Kpi from an unique key Kp at the requesting and receiving devices, using the session keys Kpc and Kpi for ProSe communication setup and direct communication between the requesting and receiving devices, starting the direct communication with the requesting and receiving devices. The key Kpc is confidentiality key and the key Kpi is integrity protection key.

公开(公告)号：US20200099697A1

公开(公告)日：2020-03-26

申请号：US16696091

申请日：2019-11-26

Applicant: NEC Corporation

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04L29/06 ,  H04L29/08 ,  H04W12/08

Abstract: A method of forming a secure group in ProSe communication includes requesting a service request to a ProSe server from a requesting device (21), the service request indicating a request to communicate with a receiving device (22) from the requesting device (21), performing verification on the requesting and receiving devices (21) and (22) by the ProSe server 24, sending a ProSe Service Result to the requesting and receiving devices (21) and (22) to inform to be allowed a group member, and starting a group security establishment of the group including the requesting and receiving devices (21) and (22)

公开(公告)号：US20200059782A1

公开(公告)日：2020-02-20

申请号：US16663253

申请日：2019-10-24

Applicant: NEC Corporation

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04W12/04 ,  H04W12/08

Abstract: In order for supporting separate ciphering at an MeNB (20) and an SeNB (30), the MeNB (20) derives separate first and second keys (KUPenc-M, KUPenc-S) from a third key (KeNB). The first key (KUPenc-M) is used for confidentially protecting first traffic transmitted over U-Plane between the MeNB (20) and a UE (10). The first key (KUPenc-M) may be the same as current KUPenc or a new key. The second key (KUPenc-S) is used for confidentially protecting second traffic transmitted over the U-Plane between the UE (10) and the SeNB (30). The MeNB (20) sends the second key (KUPenc-S) to the SeNB (30). The UE (10) negotiates with the MeNB (20), and derives the second key (KUPenc-S) based on a result of the negotiation.

公开(公告)号：US20200053066A1

公开(公告)日：2020-02-13

申请号：US16567776

申请日：2019-09-11

Applicant: NEC Corporation

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04L29/06 ,  H04W12/10 ,  H04W12/02 ,  H04L9/08 ,  H04L9/32 ,  H04W76/14 ,  H04W12/04

Abstract: A method of performing authentication and authorization in Proximity based Service (ProSe) communication by a requesting device (31) which sends a request of a communication and a receiving device (32) which receives the request from the requesting device (31) and (32), the method including deriving session keys Kpc and Kpi from an unique key Kp at the requesting and receiving devices (31) and (32), using the session keys Kpc and Kpi for ProSe communication setup and direct communication between the requesting and receiving devices (31) and (32), starting the direct communication with the requesting and receiving devices (31) and (32). The key Kpc is confidentiality key and the key Kpi is integrity protection key.

公开(公告)号：US20190373529A1

公开(公告)日：2019-12-05

申请号：US16540636

申请日：2019-08-14

Applicant: NEC CORPORATION

Inventor： Xiaowei ZHANG ,  Anand Raghawa Prasad

IPC: H04W36/28 ,  H04W36/00 ,  H04W12/04 ,  H04W76/27 ,  H04W28/08

Abstract: An SeNB informs an MeNB that it can configure bearers for the given UE. At this time, the MeNB manages the DRB status, and then sends a key S-KeNB to the SeNB. The MeNB also sends a KSI for the S-KeNB to both of the UE and the SeNB. After this procedure, the MeNB informs an EPC (MME and S-GW) about the new bearer configured at the SeNB, such that the S-GW 50 can start offloading the bearer(s) to the SeNB 30. Prior to the offloading, the EPC network entity (MME or S-GW) performs verification that: 1) whether the request is coming from authenticated source (MeNB); and 2) whether the SeNB is a valid eNB to which the traffic can be offload.

公开(公告)号：US20190200231A1

公开(公告)日：2019-06-27

申请号：US16287806

申请日：2019-02-27

Applicant: NEC Corporation

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD ,  Andreas KUNZ ,  Genadi VELEV ,  Toshiyuki TAMURA

IPC: H04W12/12 ,  H04W12/10 ,  H04W8/12 ,  H04W4/70 ,  H04W12/04 ,  H04W76/14

Abstract: In order for making MTC more efficient and/or secure, a base station forming a communication system connects a UE to a core network. A node serves as an entering point to the core network for a service provider, and transmits traffic between the service provider and the UE. The node establishes, as a connection to the base station, a first connection for directly transceiving messages between the node and the base station. Alternatively, the node establishes a second connection for transparently transceiving the messages through a different node that is placed within the core network and has established a different secure connection to the base station.

公开(公告)号：US20180077578A1

公开(公告)日：2018-03-15

申请号：US15808515

申请日：2017-11-09

Applicant: NEC Corporation

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD ,  Andreas KUNZ ,  Genadi VALEV ,  Toshiyuki TAMURA

IPC: H04W12/12 ,  H04W76/02 ,  H04W12/10 ,  H04W12/04 ,  H04W8/12 ,  H04W4/00 ,  H04L29/06

CPC classification number: H04W12/12 ,  H04L63/1466 ,  H04W4/70 ,  H04W8/12 ,  H04W12/04 ,  H04W12/10 ,  H04W76/14

Abstract: In order for making MTC more efficient and/or secure, a base station forming a communication system connects a UE to a core network. A node serves as an entering point to the core network for a service provider, and transmits traffic between the service provider and the UE. The node establishes, as a connection to the base station, a first connection for directly transceiving messages between the node and the base station. Alternatively, the node establishes a second connection for transparently transceiving the messages through a different node that is placed within the core network and has established a different secure connection to the base station.

公开(公告)号：US20170078832A1

公开(公告)日：2017-03-16

申请号：US15360138

申请日：2016-11-23

Applicant: NEC Corporation

Inventor： Xiaowei ZHANG ,  Anand Raghawa PRASAD

IPC: H04W4/00 ,  H04W40/02 ,  H04W28/02 ,  H04W52/02

Abstract: A network node (21), which is placed within a core network, stores a list of network elements (24) capable of forwarding a trigger message to a MTC device (10). The network node (21) receives the trigger message from a transmission source (30, 40) placed outside the core network, and then selects, based on the list, one of the network elements to forward the trigger message to the MTC device (10). The MTC device (10) validates the received trigger message, and then transmits, when the trigger message is not validated, to the network node (21) a reject message indicating that the trigger message is not accepted by the MTC device (10). Upon receiving the reject message, the network node (21) forwards the trigger message through a different one of the network elements, or forwards the reject message to transmission source (30, 40) to send the trigger message through user plane.

Abstract translation: 放置在核心网络内的网络节点（21）存储能够将触发消息转发到MTC设备（10）的网元（24）的列表。 网络节点（21）从放置在核心网络外的发送源（30,40）接收触发消息，然后基于该列表选择一个网元，将触发消息转发到MTC设备（10 ）。 MTC设备（10）验证接收到的触发消息，然后当触发消息未被验证时向网络节点（21）发送指示触发消息未被MTC设备（10）接受的拒绝消息。 在接收到拒绝消息时，网络节点（21）通过不同的网络单元转发触发消息，或者将拒绝消息转发到发送源（30,40），以通过用户平面发送触发消息。