公开(公告)号：US20220086642A1

公开(公告)日：2022-03-17

申请号：US17455000

申请日：2021-11-15

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Shu GUO ,  Lijia ZHANG ,  Qian SUN ,  Huarui LIANG ,  Fangli XU ,  Yuqin CHEN ,  Haijing HU ,  Dawei ZHANG ,  Hao DUO ,  Lanpeng CHEN

IPC: H04W12/106 ,  H04W72/04 ,  H04L9/32 ,  H04W74/00 ,  H04W12/069 ,  H04W12/0433

Abstract: Techniques for identity-based message integrity protection and verification between a user equipment (UE) and a wireless network entity, include use of signatures derived from identity-based keys. To protect against attacks from rogue network entities before activation of a security context with a network entity, the UE verifies integrity of messages by checking a signature using an identity-based public key PKID derived by the UE based on (i) an identity value (ID) of the network entity and (ii) a separate public key PKPKG of a private key generator (PKG) server. The network entity generates signatures for messages using an identity-based private key SKID obtained from the PKG server, which generates the identity-based private key SKID using (i) the ID value of the network entity and (ii) a private key SKPKG that is known only by the PKG server and corresponds to the public key PKPKG.

公开(公告)号：US20240251238A1

公开(公告)日：2024-07-25

申请号：US17759877

申请日：2021-08-06

Applicant: Apple Inc.

Inventor： Shu GUO ,  Dawei ZHANG ,  Haijing HU ,  Haitong SUN ,  Huarui LIANG ,  Lanpeng CHEN ,  Mona AGNEL ,  Robert ZAUS ,  Wei ZENG ,  Weidong YANG ,  Xiaoyu QIAO

IPC: H04W12/06 ,  H04W60/00 ,  H04W84/18

CPC classification number: H04W12/06 ,  H04W60/00 ,  H04W84/18

Abstract: An edge enabler server of an edge data network is configured to receive a verification request comprising an edge enabler client identification (EEC ID), wherein the EEC ID uniquely identifies an edge enabler client (EEC), determine whether the EEC ID is an authorized BEC ID and provide a verification response based on whether the EEC ID is authorized.

公开(公告)号：US20240137764A1

公开(公告)日：2024-04-25

申请号：US18546809

申请日：2021-02-19

Applicant: Apple Inc.

Inventor： Shu GUO ,  Dawei ZHANG ,  Haijing HU ,  Hao DUO ,  Huarui LIANG ,  Lanpeng CHEN ,  Mona AGNEL ,  Ralf ROSSBACH ,  Sudeep MANITHARA VAMANAN ,  Xiaoyu QIAO

IPC: H04W12/069 ,  H04L9/32 ,  H04W12/106 ,  H04W12/71 ,  H04W12/72

CPC classification number: H04W12/069 ,  H04L9/3242 ,  H04W12/106 ,  H04W12/71 ,  H04W12/72

Abstract: A user equipment (UE) may attempt to access an edge data network. The UE generates a first credential based on a second credential that was generated for a procedure between the UE and a network. The UE then generates an identifier corresponding to the first credential and generates a message authentication code based on the first credential and a count, wherein the count is associated with an identifier of an edge network client running on the UE. The UE then transmits an application registration request, message to a server associated with an edge data network, the application registration request message including the count, the message authentication code, the identifier corresponding to the first credential, and a public land mobile network identifier (PLMN ID) of the network. The UE then receives an authentication accept message or an authentication reject message from the server associated with the edge data network.

公开(公告)号：US20240187849A1

公开(公告)日：2024-06-06

申请号：US17755493

申请日：2021-05-07

Applicant: Apple Inc.

Inventor： Shu GUO ,  Dawei ZHANG ,  Fangli XU ,  Haijing HU ,  Huarui LIANG ,  Lanpeng CHEN ,  Xiaoyu QIAO ,  Yuqin CHEN

IPC: H04W12/041 ,  H04W4/06 ,  H04W12/0431

CPC classification number: H04W12/041 ,  H04W4/06 ,  H04W12/0431

Abstract: A user equipment (UE) is configured to join a multicast broadcast service (MBS) session. The UE sends, to a network function, a protocol data unit (PDU) modification request comprising a request to join a multicast broadcast service (MBS) session, generates a first key (KMBS-UE), receives a PDU session modification complete message comprising an encrypted second key (KMBS) and a key identification (KID) corresponding to the KMBS and decrypts the Kiss using the KMBS-UE.

公开(公告)号：US20200021993A1

公开(公告)日：2020-01-16

申请号：US16293521

申请日：2019-03-05

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Shu GUO ,  Lijia ZHANG ,  Qian SUN ,  Huarui LIANG ,  Fangli XU ,  Yuqin CHEN ,  Haijing HU ,  Dawei ZHANG ,  Hao DUO ,  Lanpeng CHEN

IPC: H04W12/10 ,  H04W72/04 ,  H04W74/00 ,  H04W12/04 ,  H04W12/06 ,  H04L9/32

Abstract: Techniques for identity-based message integrity protection and verification between a user equipment (UE) and a wireless network entity, include use of signatures derived from identity-based keys. To protect against attacks from rogue network entities before activation of a security context with a network entity, the UE verifies integrity of messages by checking a signature using an identity-based public key PKID derived by the UE based on (i) an identity value (ID) of the network entity and (ii) a separate public key PKPKG of a private key generator (PKG) server. The network entity generates signatures for messages using an identity-based private key SKID obtained from the PKG server, which generates the identity-based private key SKID using (i) the ID value of the network entity and (ii) a private key SKPKG that is known only by the PKG server and corresponds to the public key PKPKG.

公开(公告)号：US20240236675A9

公开(公告)日：2024-07-11

申请号：US18546809

申请日：2021-02-19

Applicant: Apple Inc.

Inventor： Shu GUO ,  Dawei ZHANG ,  Haijing HU ,  Hao DUO ,  Huarui LIANG ,  Lanpeng CHEN ,  Mona AGNEL ,  Ralf ROSSBACH ,  Sudeep MANITHARA VAMANAN ,  Xiaoyu QIAO

IPC: H04W12/069 ,  H04L9/32 ,  H04W12/106 ,  H04W12/71 ,  H04W12/72

CPC classification number: H04W12/069 ,  H04L9/3242 ,  H04W12/106 ,  H04W12/71 ,  H04W12/72

Abstract: A user equipment (UE) may attempt to access an edge data network. The UE generates a first credential based on a second credential that was generated for a procedure between the UE and a network. The UE then generates an identifier corresponding to the first credential and generates a message authentication code based on the first credential and a count, wherein the count is associated with an identifier of an edge network client running on the UE. The UE then transmits an application registration request, message to a server associated with an edge data network, the application registration request message including the count, the message authentication code, the identifier corresponding to the first credential, and a public land mobile network identifier (PLMN ID) of the network. The UE then receives an authentication accept message or an authentication reject message from the server associated with the edge data network.

公开(公告)号：US20230088512A1

公开(公告)日：2023-03-23

申请号：US17440079

申请日：2021-02-19

Applicant: Apple Inc.

Inventor： Shu GUO ,  Dawei ZHANG ,  Haijing HU ,  Hao DUO ,  Huarui LIANG ,  Lanpeng CHEN ,  Sudeep MANITHARA VAMANAN ,  Yuqin CHEN ,  Zhibin WU

IPC: H04W36/00

Abstract: The present application relates to devices and components including apparatus, systems, and methods for security enhancement with respect to reselection of relay user equipment.