-
公开(公告)号:US12192765B2
公开(公告)日:2025-01-07
申请号:US17430690
申请日:2020-01-29
Applicant: Nokia Technologies Oy
Inventor: Jennifer Liu
IPC: H04W12/106 , H04L9/40 , H04L67/303 , H04W12/03 , H04W12/37 , H04W36/00 , H04L69/28
Abstract: Techniques for security management in communication systems are provided. For example, a method includes receiving, from user equipment, a request indicating one or more security capabilities of the user equipment. The method also includes determining whether the indicated one or more security capabilities meet one or more designated criteria of a communication network, and rejecting the request by the user equipment responsive to determining that the indicated one or more security capabilities do not meet the one or more designated criteria of the communication network. For example, the request is rejected when it is determined that the user equipment does not support any encryption and/or integrity algorithms, or fails to support mandatory encryption and/or integrity algorithms. This serves to prevent malicious user equipment from gaining access to the communication network.
-
公开(公告)号:US10893434B2
公开(公告)日:2021-01-12
申请号:US16157800
申请日:2018-10-11
Applicant: Nokia Technologies Oy
Inventor: Jennifer Liu
Abstract: In some example embodiments, there may be provided a method that includes forming, by a user equipment, a session establishment message including an indication of at least one session management capability supported by the user equipment; sending, by the user equipment, the session establishment message including the indication towards a session management function; and receiving, by the user equipment and from the session management function, a response indicative of whether the session management function and/or a corresponding network supports the at least one session management capability to enable the user equipment to operate in accordance with the at least one session management capability. Related systems, methods, and articles of manufacture are also described.
-
3.发明授权公开(公告)号:US12231876B2
公开(公告)日:2025-02-18
申请号:US17266295
申请日:2019-08-02
Applicant: Nokia Technologies Oy
Inventor: Jennifer Liu
IPC: H04W12/06 , H04W8/02 , H04W12/037 , H04W12/086 , H04W12/60 , H04W60/00 , H04W76/11 , H04W88/06
Abstract: This application relates to session establishment by user equipment over a plurality of heterogenous access networks. In one aspect, the heterogenous access networks may include 3GPP and non-3GPP access networks (106). The non-3GPP access networks (106) may include one or more non-3GPP trusted access networks (108) or one or non-3GPP, non-trusted access networks (110).
-
公开(公告)号:US11689993B2
公开(公告)日:2023-06-27
申请号:US16372704
申请日:2019-04-02
Applicant: Nokia Technologies Oy
Inventor: Jennifer Liu
CPC classification number: H04W48/16 , H04L63/304 , H04M3/2281 , H04W8/02 , H04W12/80 , H04W48/14 , H04W48/20
Abstract: In some example embodiments, there may be provided an apparatus including at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to at least: obtain information to enable selection of an access node for a non-GPP access; query a server to determine whether the country at which the access node is located requires lawful interception of communications; and select, based at least on the obtained information and/or a response to the query, the access node for the non-3GPP access. Related systems, methods, and articles of manufacture are also described.
-
公开(公告)号:US11689920B2
公开(公告)日:2023-06-27
申请号:US17278487
申请日:2019-09-24
Applicant: NOKIA TECHNOLOGIES OY
Inventor: Jennifer Liu
IPC: H04L29/06 , H04W12/06 , H04W76/25 , H04W12/037 , H04W12/0431 , H04W84/04
CPC classification number: H04W12/06 , H04W12/037 , H04W12/0431 , H04W76/25 , H04W84/042
Abstract: Systems and methods that provide NAS security protection for mobile networks. In one embodiment, a network element of a mobile network performs a NAS procedure in multiple phases to establish a NAS communication session with User Equipment (UE) when no NAS security context exists. For a first phase, the network element receives an initial NAS message from the UE populated with a subset of NAS protocol Information Elements (IEs) designated for security-related handling, selects a NAS security algorithm for the NAS security context, and sends a response to the UE that indicates the NAS security algorithm. For a second phase, the network element receives a subsequent NAS message from the UE having a NAS message container that contains the initial NAS message populated with each of the NAS protocol IEs for the NAS procedure, and decrypts the NAS message container of the subsequent NAS message using the NAS security algorithm.
-
Patent Agency Ranking
6.发明申请公开(公告)号:US20210160691A1
公开(公告)日:2021-05-27
申请号:US17252721
申请日:2019-10-04
Applicant: Nokia Technologies Oy
Inventor: Jennifer Liu
IPC: H04W12/037 , H04W12/106 , H04W12/40 , H04W8/24 , H04W8/18
Abstract: Systems and methods that update configuration parameters on a UE using control plane functionalities. In one embodiment, an AMF element of a mobile network receives a control plane message from a UDM element that includes a UE configuration parameter update for the UE. The UE configuration parameter update is security protected via a secured packet, integrity protection, etc. The AMF element is configured to transparently send the UE configuration parameter update to the UE. Thus, AMF element inserts the UE configuration parameter update (that is security protected) in a container of a Non-Access Stratum (NAS) message, and sends the NAS message to the UE. The UE may then update its configuration parameters based on the update when security checks are complete.
-
公开(公告)号:US12232215B2
公开(公告)日:2025-02-18
申请号:US17773904
申请日:2020-11-05
Applicant: NOKIA TECHNOLOGIES OY
Inventor: Jennifer Liu , Ulrich Wiehe
Abstract: Methods, computer program products, and apparatuses are provided for enabling efficient update of steering of roaming information. An apparatus may include a processor and a memory storing computer program code configured to cause the apparatus to generate a registration request message associated with a user equipment, said registration request comprising a steering of roaming (SoR) information update request, and cause transmission of said registration request message to a network entity of a mobile network. Alternatively, the memory, computer program code, and processor may be configured to cause the apparatus to receive a registration request message comprising an indication of whether a user equipment expects to receive SoR information, and, in an instance in which it is determined that said user equipment expects to receive SoR information, triggering retrieval of said SoR information from a home network of said user equipment.
-
8.发明授权公开(公告)号:US11937077B2
公开(公告)日:2024-03-19
申请号:US17252721
申请日:2019-10-04
Applicant: NOKIA TECHNOLOGIES OY
Inventor: Jennifer Liu
IPC: H04L29/00 , H04W8/18 , H04W8/24 , H04W12/037 , H04W12/106 , H04W12/40
CPC classification number: H04W12/037 , H04W8/183 , H04W8/245 , H04W12/106 , H04W12/40
Abstract: Systems and methods that update configuration parameters on a UE using control plane functionalities. In one embodiment, an AMF element of a mobile network receives a control plane message from a UDM element that includes a UE configuration parameter update for the UE. The UE configuration parameter update is security protected via a secured packet, integrity protection, etc. The AMF element is configured to transparently send the UE configuration parameter update to the UE. Thus, AMF element inserts the UE configuration parameter update (that is security protected) in a container of a Non-Access Stratum (NAS) message, and sends the NAS message to the UE. The UE may then update its configuration parameters based on the update when security checks are complete.
-
公开(公告)号:US20190313234A1
公开(公告)日:2019-10-10
申请号:US16372704
申请日:2019-04-02
Applicant: Nokia Technologies Oy
Inventor: Jennifer Liu
Abstract: In some example embodiments, there may be provided an apparatus including at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to at least: obtain information to enable selection of an access node for a non-GPP access; query a server to determine whether the country at which the access node is located requires lawful interception of communications; and select, based at least on the obtained information and/or a response to the query, the access node for the non-3GPP access. Related systems, methods, and articles of manufacture are also described.
-
公开(公告)号:US12081978B2
公开(公告)日:2024-09-03
申请号:US18197049
申请日:2023-05-13
Applicant: NOKIA TECHNOLOGIES OY
Inventor: Jennifer Liu
IPC: H04L29/06 , H04W12/037 , H04W12/0431 , H04W12/06 , H04W76/25 , H04W84/04
CPC classification number: H04W12/06 , H04W12/037 , H04W12/0431 , H04W76/25 , H04W84/042
Abstract: Systems and methods that provide NAS security protection for mobile networks. In one embodiment, a network element of a mobile network performs a NAS procedure in multiple phases to establish a NAS communication session with User Equipment (UE) when no NAS security context exists. For a first phase, the network element receives an initial NAS message from the UE populated with a subset of NAS protocol Information Elements (IEs) designated for security-related handling, selects a NAS security algorithm for the NAS security context, and sends a response to the UE that indicates the NAS security algorithm. For a second phase, the network element receives a subsequent NAS message from the UE having a NAS message container that contains the initial NAS message populated with each of the NAS protocol IEs for the NAS procedure, and decrypts the NAS message container of the subsequent NAS message using the NAS security algorithm.
-
-
-
-
-
-
-
-
-
Search Results
10
records
(took 0.015 seconds)
