-
1.发明申请公开(公告)号:US20250062903A1
公开(公告)日:2025-02-20
申请号:US18802902
申请日:2024-08-13
Applicant: Nokia Technologies Oy
Inventor: Saurabh KHARE , German PEINADO GOMEZ , Chaitanya AGGARWAL
Abstract: Various examples of embodiments described herein relate to methods and apparatuses for mitigation against access token theft attack in direct and indirect communications in SBA. One such example of an embodiment relates to a method that includes obtaining a first access token request from a network function service consumer, NFc, the first access token request comprising an authentication code of the NFc; authenticate the network function consumer, NFc, based on a check whether the authentication code is signed by the NFc; sending a second access token request to a network authorization entity or function, wherein the second access token request comprises the authentication code of the NFc and the second access token request further comprises a public key of the NFc or a hash of the public key of the NFc; based thereon, receiving an access token from the network authorization entity or function, wherein the access token comprises the public key of the NFc or a hash of the public key of the NFc; and sending a service request to a network function service provider, NFp, wherein the service request comprises the access token and the authentication code of the NFc.
-
公开(公告)号:US20240056434A1
公开(公告)日:2024-02-15
申请号:US18366321
申请日:2023-08-07
Applicant: NOKIA TECHNOLOGIES OY
Inventor: Chaitanya AGGARWAL , Saurabh KHARE , German PEINDADO GOMEZ
Abstract: Various embodiments relate to network repository function apparatus configured to implement an authorization mechanism for a federated learning (FL) training process, including: at least one processor; and at least one memory storing instructions, that when executed by the at least one processor, cause the apparatus at least to: receive from a network data analytics function (NWDAF) NWDAF FL profile data including a FL process role parameter; receive an access token from the FL server for the NWDAF that is the potential FL client; determine if the FL access token request is authorized for the NWDAF based upon the FL profile data; and send an access token for the NWDAF to the FL server when access token request for the NWDAF is authorized.
-
公开(公告)号:US20220321607A1
公开(公告)日:2022-10-06
申请号:US17702887
申请日:2022-03-24
Applicant: Nokia Technologies Oy
Inventor: German PEINADO GOMEZ , Anja JERICHOW , Chaitanya AGGARWAL
IPC: H04L9/40
Abstract: Techniques for dynamic security management in a communications network are disclosed. For example, a method comprises obtaining, at a network entity in a communication network, security information from one or more other network entities in the communication network. In response to at least a portion of the obtained security information, the method enables, by the network entity, dynamic enforcement within a user plane of the communication network of one or more security policies in accordance with one or more quality-of-service policies to manage one or more behaviors of user equipment.
-
公开(公告)号:US20220116400A1
公开(公告)日:2022-04-14
申请号:US17494930
申请日:2021-10-06
Applicant: Nokia Technologies Oy
Inventor: Saurabh KHARE , Colin KAHN , Georgios GKELLAS , Yannick LAIR , Anja JERICHOW , Chaitanya AGGARWAL
Abstract: According to an example aspect of the present invention, there is provided a method comprising, receiving, by an intermediary network function, a subscription request from a network function consumer requesting data of a network function producer, wherein the subscription request comprises a client credential assertion of the network function consumer and an access token, authorizing and authenticating, by the intermediary network function, the network function consumer upon successful validation of the access token and the client credential assertion validation and transmitting, by the intermediary network function, an access token request to an authorization server to get another access token, wherein said another access token is to be used to validate the network function consumer to access services of the network function producer, and the access token request comprises the client credential assertion of the network function consumer requesting data of the network function producer.
-
公开(公告)号:US20250063362A1
公开(公告)日:2025-02-20
申请号:US18788531
申请日:2024-07-30
Applicant: Nokia Technologies Oy
Inventor: Saurabh KHARE , Chaitanya AGGARWAL
IPC: H04W12/084
Abstract: An apparatus for performing: defining an authorization policy per UE, the authorization policy indicating which data are allowed to be accessed by which UE, configuring an authorization policy to one or more UE by providing a key material usable for validating an access token and information regarding the authorization policy indicating an allowance for connection between a requester UE and a producer element or a producer function with a valid access token or without an access token, receiving a request for authorization of a requester UE to access to specified data from a producer element or producer function, processing the request for authorization of the requester UE for deciding whether the request is allowed, and in case the request is allowed, obtain an access token for allowing access to the specified data from the producer element or producer function, and transmitting the access token to the requester UE.
-
Patent Agency Ranking
公开(公告)号:US20220272537A1
公开(公告)日:2022-08-25
申请号:US17675436
申请日:2022-02-18
Applicant: Nokia Technologies Oy
Inventor: Chaitanya AGGARWAL , Saurabh KHARE , Anja JERICHOW , Gerald KUNZMANN , Yannick LAIR
IPC: H04W12/069 , H04L9/40 , H04W12/08
Abstract: According to an example aspect of the present invention, there is provided an apparatus comprising means for receiving from a requesting network function, by a network repository function, an access token request, wherein the access token request is related to a network function consumer requesting access to a service provided by a network function producer and comprises an identity of a vendor of the network function consumer requesting access to the service, means for verifying by the network repository function, based at least on the identity of the vendor of the network function consumer, that the network function consumer is allowed to access the service and means for transmitting to the requesting network function, by the network repository function, an access token upon successful verification, wherein the access token generated and signed by the network repository function comprises the identity of the vendor of the network function consumer and an identity of the vendor of the network function producer.
-
公开(公告)号:US20220104162A1
公开(公告)日:2022-03-31
申请号:US17487576
申请日:2021-09-28
Applicant: Nokia Technologies Oy
Inventor: Chaitanya AGGARWAL , Anja JERICHOW , Georgios GKELLAS , Saurabh KHARE , Bruno LANDAIS
Abstract: According to an example aspect of the present invention, there is provided a method comprising receiving, by a network repository function, a registration request from an application function, wherein the registration request comprises at least one parameter that needs to be used for generating an access token for the application function, the at least one parameter being associated with the application function, registering the application function by the network repository function and transmitting, by the network repository function, a response to the registration request, wherein the response comprises the at least one parameter associated with the application function.
-
公开(公告)号:US20220086734A1
公开(公告)日:2022-03-17
申请号:US17410626
申请日:2021-08-24
Applicant: Nokia Technologies Oy
Inventor: Chaitanya AGGARWAL , Saurabh KHARE , Anja JERICHOW , Bruno LANDAIS
IPC: H04W48/08
Abstract: According to an example aspect of the present invention, there is provided a method comprising, transmitting to a Network Function, NF, service producer, by a Service Communication Proxy, SCP, a service request on behalf of an NF service consumer, wherein the service request comprises an access token, receiving, by the SCP, a service response from the NF service producer and upon receiving the service response, transmitting to the NF service consumer, by the SCP, information related to the access token.
-
公开(公告)号:US20240422533A1
公开(公告)日:2024-12-19
申请号:US18671659
申请日:2024-05-22
Applicant: Nokia Technologies Oy
Inventor: German PEINADO GOMEZ , Topuri BRAHMAIAH , Mallikarjunudu MAKHAM , Sireesha BOMMISETTY , Saurabh KHARE , Ranganathan MAVUREDDI DHANASEKARAN , Chaitanya AGGARWAL
IPC: H04W12/03 , H04W12/041
Abstract: There is provided an apparatus, method, and computer program for causing an apparatus for a user equipment to perform: encrypting a digital asset using a first key to form an encrypted digital asset; providing the encrypted digital asset and an index for the encrypted digital asset to a first network function; and providing an identification of the encrypted digital asset to a first entity.
-
公开(公告)号:US20240236733A1
公开(公告)日:2024-07-11
申请号:US18559668
申请日:2021-05-21
Applicant: Nokia Technologies Oy
Inventor: Jing PING , Iris ADAM , Chaitanya AGGARWAL , Konstantinos SAMDANIS
IPC: H04W24/08
CPC classification number: H04W24/08
Abstract: There is disclosed an apparatus comprising means for performing: obtaining data associated with network slice isolation performance: generating analytics information based on the data: and sending the analytics information.
-
-
-
-
-
-
-
-
-
Search Results
33
records
(took 0.017 seconds)
