公开(公告)号：US20230098093A1

公开(公告)日：2023-03-30

申请号：US17538757

申请日：2021-11-30

Applicant: QUALCOMM Incorporated

Inventor： Philip Michael HAWKES ,  Sai Yiu Duncan Ho ,  Jouni Kalevi Malinen ,  Soo Bum Lee ,  George Cherian ,  Anand Palanigounder

IPC: H04W48/16 ,  H04W48/14 ,  H04W12/73 ,  H04W12/02

Abstract: This disclosure provides methods, devices and systems for using a pseudonym service set identifier (pSSID) for access point (AP) and station (STA) privacy. For example, a pSSID is included by a STA or AP in place of a persistent SSID for over the air communications used for various functions (such as for the STA to determine the SSID of the AP before connecting to the AP). The pSSID is generated using a hash function that is defined at both the AP and the STA. An input to the hash function includes the SSID. Other inputs may include a temporary media access control (MAC) address of the device generating the pSSID, a time value associated with a time when the pSSID is generated, or a location value associated with a position measurement of the device generating the pSSID.

公开(公告)号：US11553381B2

公开(公告)日：2023-01-10

申请号：US16246349

申请日：2019-01-11

Applicant: QUALCOMM Incorporated

Inventor： Anand Palanigounder ,  Adrian Edward Escott ,  Soo Bum Lee

IPC: H04W12/06 ,  H04W36/00 ,  H04W60/00 ,  H04W12/041 ,  H04W12/0431 ,  H04W12/0471 ,  H04W84/12

Abstract: A user device having a security context with a first network based on a first key may establish a security context with a second network. In a method, the user device may generate a key identifier based on the first key and a network identifier of the second network. The user device may forward the key identifier to the second network for forwarding to the first network by the second network to enable the first network to identify the first key at the first network. The user device may receive a key count from the second network. The key count may be associated with a second key forwarded to the second network from the first network. The user device may generate the second key based on the first key and the received key count thereby establishing a security context between the second network and the user device.

公开(公告)号：US11528137B2

公开(公告)日：2022-12-13

申请号：US16669426

申请日：2019-10-30

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Adrian Edward Escott ,  Gavin Bernard Horn ,  Anand Palanigounder

IPC: H04L9/30 ,  H04L29/06 ,  H04W76/11 ,  H04W8/02 ,  H04W60/00 ,  H04W12/02 ,  H04W12/06 ,  H04L9/08 ,  H04W12/033 ,  H04W12/106

Abstract: Methods, systems, and devices for wireless communications are described. A user equipment (UE) may receive a system parameter identified by a network entity (e.g., a public key generator (PKG)), and receive a cell identifier during a connection procedure between the UE and a base station in wireless communication with the UE. The cell identifier may be associated with the base station. The UE may encrypt at least a portion of a message associated with the connection procedure using the cell identifier and the system parameter. In some examples, the portion of the message may include private information. The UE may transmit the message to the base station as part of the connection procedure.

公开(公告)号：US11463875B2

公开(公告)日：2022-10-04

申请号：US16856467

申请日：2020-04-23

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Adrian Edward Escott ,  Anand Palanigounder ,  Gavin Bernard Horn

IPC: H04W12/06 ,  H04W12/106 ,  H04W76/27

Abstract: A user equipment (UE) may receive system information from a base station and may calculate a hash value using the system information as input to a hashing function. Similarly, prior to transmitting the system information, a valid base station may calculate a hash value using the system information as input to a hashing function. The base station may transmit the calculated hash value (e.g., which represent or be included in a set of hash values) to the UE in an access stratum (AS) security mode command (SMC) message. The UE may determine whether the received system information was modified based on the hash value (e.g., by comparing the UE calculated hash value and the set of hash values received from the base station in the AS SMC). If the UE indicates a mismatch of hash information, the base station may re-transmit the system information (e.g., in an integrity protected message).

公开(公告)号：US11251968B2

公开(公告)日：2022-02-15

申请号：US16563275

申请日：2019-09-06

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Stefano Faccin ,  Anand Palanigounder ,  Miguel Griot ,  Adrian Edward Escott

IPC: H04L9/32 ,  H04W12/02 ,  H04L29/06 ,  H04W12/069 ,  H04W12/084

Abstract: The present disclosure provides techniques that may be applied, for example, in a multi-slice network for maintaining privacy when attempting to access the network. An exemplary method generally includes transmitting a registration request message to a serving network to register with the serving network; receiving a first confirmation message indicating a secure connection with the serving network has been established; transmitting, after receiving the first confirmation message, a secure message to the serving network comprising an indication of at least one configured network slice that the UE wants to communicate over, wherein the at least one configured network slice is associated with a privacy flag that is set; and receiving a second confirmation message from the serving network indicating that the UE is permitted to communicate over the at least one configured network slice.

公开(公告)号：US20190268769A1

公开(公告)日：2019-08-29

申请号：US16405707

申请日：2019-05-07

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Anand Palanigounder ,  Adrian Edward Escott

IPC: H04W12/06 ,  H04W36/00 ,  H04L29/06 ,  H04L9/08 ,  H04W12/10 ,  H04W60/00 ,  H04W48/02 ,  H04W12/04

Abstract: A user equipment (UE) may be configured to transmit a registration message to a network to establish a secure connection for non-access stratum (NAS) messages between the network and a UE, the secure connection based at least in part on a UE identifier and security capabilities of the UE included in the registration message. The UE may then exchange NAS methods with the network over the secure connection. The UE may also establish, in response to the registration message, an authentication protocol with the network and encrypt subsequent NAS messages based in part on the authentication protocol.

公开(公告)号：US10237738B2

公开(公告)日：2019-03-19

申请号：US14934563

申请日：2015-11-06

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Jouni Kalevi Malinen ,  George Cherian ,  Santosh Paul Abraham ,  Anand Palanigounder

IPC: H04W12/08 ,  H04L29/12 ,  H04W72/04 ,  G06F21/62 ,  H04L29/06 ,  H04W12/02

Abstract: Methods, systems, apparatuses, and devices are described for access point privacy using media access control (MAC) address randomization. The access point may identify a MAC address for use with over-the-air (OTA) transmissions and a persistent MAC address for backend communications. The access point may communicate the OTA MAC address and the persistent MAC address to a wireless station. The access point and the wireless station may exchange data frames and perform MAC replacement techniques to map the OTA MAC address to the persistent MAC address. The persistent MAC address may provide for data routing, mobility management, etc., whereas the OTA MAC address may provide for privacy for the wireless transmissions.

公开(公告)号：US10237729B2

公开(公告)日：2019-03-19

申请号：US14808862

申请日：2015-07-24

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Anand Palanigounder ,  Adrian Edward Escott ,  Gavin Bernard Horn

IPC: H04W8/04 ,  H04W8/18 ,  H04L29/12 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06

Abstract: Systems and techniques are disclosed to protect a user equipment's international mobile subscriber identity by providing a privacy mobile subscriber identity instead. In an attach attempt to a serving network, the UE provides the PMSI instead of IMSI, protecting the IMSI from exposure. The PMSI is determined between a home network server and the UE so that intermediate node elements in the serving network do not have knowledge of the relationship between the PMSI and the IMSI. Upon receipt of the PMSI in the attach request, the server generates a next PMSI to be used in a subsequent attach request and sends the next PMSI to the UE for confirmation. The UE confirms the next PMSI to synchronize between the UE and server and sends an acknowledgment token to the server. The UE and the server then each update local copies of the current and next PMSI values.

公开(公告)号：US20190075078A1

公开(公告)日：2019-03-07

申请号：US16183466

申请日：2018-11-07

Applicant: QUALCOMM Incorporated

Inventor： Peerapol Tinnakornsrisuphap ,  Anand Palanigounder ,  Ranjith Jayaram ,  Lakshminath Reddy Dondeti ,  Jun Wang

IPC: H04L29/06 ,  H04L29/12 ,  H04W92/02 ,  H04W76/12 ,  H04L12/46 ,  H04L12/66 ,  H04L29/08 ,  H04L12/28 ,  G06F3/14 ,  G06F1/32 ,  H04W84/04 ,  H04W84/10 ,  H04W88/08 ,  H04W88/16

Abstract: Multiple protocol tunnels (e.g., IPsec tunnels) are deployed to enable an access terminal that is connected to a network to access a local network associated with a femto access point. A first protocol tunnel is established between a security gateway and the femto access point. A second protocol tunnel is then established in either of two ways. In some implementations the second protocol tunnel is established between the access terminal and the security gateway. In other implementations the second protocol tunnel is established between the access terminal and the femto access point, whereby a portion of the tunnel is routed through the first tunnel.

公开(公告)号：US20180278534A1

公开(公告)日：2018-09-27

申请号：US15993452

申请日：2018-05-30

Applicant: QUALCOMM Incorporated

Inventor： Gerardo Giaretta ,  Sivaramakrishna Veerepalli ,  Kalle llmari Ahmavaara ,  Roozbeh Atarius ,  John Wallace Nasielski ,  Anand Palanigounder

IPC: H04L12/851 ,  H04L29/08 ,  H04L12/24 ,  H04L12/26 ,  G06F11/34

CPC classification number: H04L47/2441 ,  G06F11/34 ,  H04L41/0893 ,  H04L43/062 ,  H04L67/22

Abstract: Systems, devices, and methods for reporting information in real time about traffic generated by each application for a device are described. In one aspect, the network can configure a list of applications user equipment (UE) devices need to report traffic information for and then when one of these applications starts a communication, the UE may send traffic descriptor(s) describing the traffic generated by the application. In this way the network can accurately identify the traffic and take actions based on UE report and local policy or subscription.