公开(公告)号：US20180227282A1

公开(公告)日：2018-08-09

申请号：US15705786

申请日：2017-09-15

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Gavin Bernard Horn ,  Anand Palanigounder

IPC: H04L29/06 ,  H04W12/04 ,  H04W12/06

Abstract: Techniques are described for wireless communication. A method of wireless communication at a transmitting wireless device includes generating a first Message Authentication Code (MAC) for a data packet based at least in part on a first security key used to communicate with a receiving wireless device; generating a second MAC for the data packet based at least in part on a second security key used to communicate with a relay user equipment (UE), in which the relay UE is included in a data routing path between the transmitting wireless device and the receiving wireless device; and transmitting the data packet to the relay UE with at least the first MAC and the second MAC.

公开(公告)号：US20180199193A1

公开(公告)日：2018-07-12

申请号：US15913823

申请日：2018-03-06

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Gavin Bernard Horn ,  Anand Palanigounder

IPC: H04W12/04 ,  H04W12/06

CPC classification number: H04W12/04 ,  H04L2463/061 ,  H04W12/06

Abstract: One feature pertains to a method operational at a device. The method includes performing key agreement with a core network device, and generating an authentication session key based in part on a secret key shared with a home subscriber server (HSS), where the authentication session key is known to the core network device. The method further includes generating a mobility session key based in part on the authentication session key, where the mobility session key is known to a mobility management entity (MME) served by the core network device and serving the device. The method also includes cryptographically securing data sent from the device to a wireless communication network using the mobility session key.

公开(公告)号：US09998917B2

公开(公告)日：2018-06-12

申请号：US14606736

申请日：2015-01-27

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Gavin Bernard Horn ,  Anand Palanigounder

IPC: H04W4/00 ,  H04W12/04 ,  H04W12/06 ,  H04W8/04 ,  H04W48/02 ,  H04W60/00 ,  H04W12/08 ,  H04W8/18 ,  H04L29/06 ,  H04W8/20

CPC classification number: H04W12/04 ,  H04L63/0853 ,  H04L63/18 ,  H04W4/005 ,  H04W4/70 ,  H04W8/04 ,  H04W8/18 ,  H04W8/205 ,  H04W12/06 ,  H04W12/08 ,  H04W48/02 ,  H04W60/00 ,  H04W76/023 ,  H04W76/14

Abstract: Methods, systems, and devices for wireless communication at a network entity are described. A user equipment (UE) may obtain identification information for a device and may assist in establishing credentials by which the device accesses a wireless network, e.g., a cellular network. The UE may establish a connection with the wireless network using its own credentials. A device subscription administration server, which may be an entity within the wireless network core, may authenticate the device based on the identification information, which may include registering the device to access the wireless network, e.g., using different credentials than those of the UE, by associating the device identification information with the credentials of the UE. Once registered, the device may communicate with the wireless network. The device subscription administration server may then establish access parameters and communicate them to the UE, which may transmit them to the device over communication link.

公开(公告)号：US20180084414A1

公开(公告)日：2018-03-22

申请号：US15489670

申请日：2017-04-17

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Anand Palanigounder ,  Adrian Edward Escott

IPC: H04W12/04 ,  H04L29/06

CPC classification number: H04W12/04 ,  H04L63/061 ,  H04L63/062 ,  H04L2463/061 ,  H04W12/06

Abstract: Techniques are described for wireless communication. A method for wireless communication at a user equipment (UE) includes performing an extensible authentication protocol (EAP) procedure with an authentication server via an authenticator. The EAP procedure is based at least in part on a set of authentication credentials exchanged between the UE and the authentication server. The method also includes deriving, as part of performing the EAP procedure, a master session key (MSK) and an extended master session key (EMSK) that are based at least in part on the authentication credentials and a first set of parameters; determining a network type associated with the authenticator; and performing, based at least in part on the determined network type, at least one authentication procedure with the authenticator. The at least one authentication procedure is based on an association of the MSK or the EMSK with the determined network type.

公开(公告)号：US09918225B2

公开(公告)日：2018-03-13

申请号：US14919397

申请日：2015-10-21

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Gavin Bernard Horn ,  Anand Palanigounder

IPC: H04M3/16 ,  H04W12/04 ,  H04W12/06

CPC classification number: H04W12/04 ,  H04L2463/061 ,  H04W12/06

Abstract: One feature pertains to a method operational at a device. The method includes performing authentication and key agreement with a session key management entity (SKME) device. The method also includes generating an authentication session key based in part on a secret key shared with a home subscriber server, the authentication session key being known to the SKME device. The method further includes generating a mobility session key based in part on the authentication session key, the mobility session key being known to a mobility management entity serving the device. Data sent from the device to a wireless communication network is cryptographically secured using the mobility session key.

公开(公告)号：US09883385B2

公开(公告)日：2018-01-30

申请号：US15089396

申请日：2016-04-01

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Adrian Edward Escott ,  Gavin Bernard Horn ,  Anand Palanigounder

IPC: H04M1/66 ,  H04W12/04 ,  H04W36/00

CPC classification number: H04W12/04 ,  H04W12/02 ,  H04W36/0038 ,  H04W36/0055

Abstract: A device that identifies entry into a new service area, transmits a service area update request to a network device associated with a network, receives a control plane message from the network indicating control plane device relocation or a key refresh due to a service area change in response to transmitting the service area update request, and derives a first key based in part on data included in the control plane message and a second key shared between the device and a key management device. Another device that receives a handover command from a network device associated with a network, the handover command indicating a new service area, derives a first key based on data included in the handover command and on a second key shared between the device and a key management device, and sends a handover confirmation message that is secured based on the first key.

公开(公告)号：US09769661B2

公开(公告)日：2017-09-19

申请号：US14680023

申请日：2015-04-06

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Jouni Kalevi Malinen ,  Anand Palanigounder

IPC: H04W88/02 ,  H04W12/06 ,  H04W12/04 ,  H04L29/06 ,  H04W88/08 ,  H04W84/12

CPC classification number: H04W12/06 ,  H04L63/0428 ,  H04W12/04 ,  H04W84/12 ,  H04W88/08

Abstract: A method, an apparatus, and a computer program product for wireless communication are provided. The apparatus may be a STA. The STA sends, in a re-association procedure, a re-association object to a first AP to establish a first security association with the first AP. The re-association object is encrypted by using a first key unknown to the STA. The re-association object includes a second key derived from a second security association in a previous association procedure between the STA and a second AP. The STA receives a response from the first AP indicating that the first security association has been successfully established. The STA authenticates the response.

公开(公告)号：US20170230829A1

公开(公告)日：2017-08-10

申请号：US15496502

申请日：2017-04-25

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Anand Palanigounder ,  Gavin Bernard Horn

IPC: H04W12/06 ,  H04L9/06 ,  H04L9/08 ,  H04L29/06 ,  H04W12/08

CPC classification number: H04W12/06 ,  H04L9/0643 ,  H04L9/085 ,  H04L63/0807 ,  H04L63/083 ,  H04L63/0892 ,  H04L63/18 ,  H04W12/08

Abstract: Systems and techniques are disclosed to facilitate the sponsored connectivity of a user equipment on a serving network so that the UE may access a service whose connectivity is sponsored by an application service provider. The application service provider provisions the serving network so that it is aware of the sponsored connectivity. In an attach attempt to the serving network, the UE provides a client token based on a pre-existing credential (established between the UE and the application service provider) instead of a subscriber identifier with the attach request. The application service provider's server validates the access credential to authenticate the UE and provides information that the serving network uses to mutually authenticate with the UE. The UE may then use the serving network to access the service via the sponsored connection, even where the UE does not have a subscriber identity and subscription with a cellular network.

公开(公告)号：US20170013454A1

公开(公告)日：2017-01-12

申请号：US15160245

申请日：2016-05-20

Applicant: QUALCOMM Incorporated

Inventor： Soo Bum Lee ,  Gavin Bernard Horn ,  Anand Palanigounder ,  Stefano Faccin

IPC: H04W12/06 ,  H04W12/04 ,  H04W40/02 ,  H04L29/06 ,  H04W68/00 ,  H04W76/06

CPC classification number: H04W12/06 ,  H04L63/06 ,  H04L63/0892 ,  H04L2463/062 ,  H04W4/70 ,  H04W12/02 ,  H04W12/04 ,  H04W40/02 ,  H04W68/005 ,  H04W76/34 ,  H04W76/38

Abstract: In an aspect, a network supporting a number of client devices may include a network device that establishes a security context and generates a client device context. The client device context includes network state information that enables the network to communicate with the client device. The network device generates one or more encrypted network reachability contexts based on the client device context, and transmits the one or more encrypted network reachability contexts to a network entity. The one or more encrypted network reachability contexts enable the network device to reconstruct the context for the client device when the network device receives a message to be transmitted to the client device from the network entity. As a result, the network device can reduce an amount of the context for the client device maintained at the network device in order to support a greater number of client devices.

Abstract translation: 在一方面，支持多个客户端设备的网络可以包括建立安全上下文并生成客户端设备上下文的网络设备。 客户端设备上下文包括使网络能够与客户端设备进行通信的网络状态信息。 网络设备基于客户端设备上下文生成一个或多个加密的网络可达性上下文，并将一个或多个加密的网络可达性上下文发送到网络实体。 当网络设备从网络实体接收要发送到客户端设备的消息时，一个或多个加密的网络可达性上下文使得网络设备能够重建客户端设备的上下文。 结果，网络设备可以减少维护在网络设备处的客户端设备的上下文量，以便支持更多数量的客户端设备。

公开(公告)号：US09521642B2

公开(公告)日：2016-12-13

申请号：US15139797

申请日：2016-04-27

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap ,  Etan Gur Cohen ,  Anand Palanigounder

IPC: H04W12/06 ,  H04L12/28 ,  H04L12/24 ,  H04L29/06 ,  H04W84/18 ,  H04W60/00 ,  G06K19/06

CPC classification number: H04W60/00 ,  G06K19/06037 ,  H04L12/2809 ,  H04L29/06551 ,  H04L29/06782 ,  H04L41/0806 ,  H04L41/0809 ,  H04L41/28 ,  H04L63/08 ,  H04L63/083 ,  H04L63/10 ,  H04W12/06 ,  H04W84/18

Abstract: A new enrollee device is configured for a communication network using an electronic device and a network registrar. The new enrollee device is a headless device that lacks a first user interface for configuring the new enrollee device for the communication network. The electronic device obtains, at a sensor, sensor information that is indicative of a device key associated with the new enrollee device. The electronic device determines the device key based on the sensor information. The device key is provided to the network registrar to cause the network registrar to configure the new enrollee device for the communication network.

Abstract translation: 新的登记器设备被配置为使用电子设备和网络注册器的通信网络。 新的注册设备是无头设备，其缺少用于为通信网络配置新的登记器设备的第一用户界面。 电子设备在传感器处获取指示与新的登记者设备相关联的设备密钥的传感器信息。 电子设备基于传感器信息确定设备密钥。 设备密钥被提供给网络注册器以使网络注册器配置用于通信网络的新的登记者设备。