公开(公告)号：US12010752B2

公开(公告)日：2024-06-11

申请号：US17602326

申请日：2019-04-18

Applicant: Nokia Technologies Oy

Inventor： Suresh Nair

IPC: H04W4/00 ,  H04W12/03 ,  H04W12/041 ,  H04W76/25

CPC classification number: H04W76/25 ,  H04W12/03 ,  H04W12/041

Abstract: Improved techniques for control plane message management in a communication system are provided. For example, a method comprises transmitting control data over a control plane associated with a communication system using a first access identifier value, and transmitting user data over the control plane using a second access identifier value. The first access identifier value is distinct from the second access identifier value.

公开(公告)号：US20220272530A1

公开(公告)日：2022-08-25

申请号：US17180151

申请日：2021-02-19

Applicant: Nokia Technologies Oy

Inventor： Suresh Nair ,  Laurent Thiebaut ,  Omar Elloumi

IPC: H04W12/06 ,  H04W12/03 ,  H04L9/32 ,  H04L9/08

Abstract: Techniques for securing an identifier of user equipment for a request external to a communication network are disclosed. For example, a method comprises receiving, at a network entity, a request for identification information for user equipment from an entity external to a communication network to which the network entity belongs. The network entity generates a secure identifier for the user equipment, wherein the secure identifier comprises an encrypted form of a public subscription identifier associated with the user equipment. The network entity sends the secure identifier to the external entity. The network entity receives the secure identifier in a subsequent request from the external entity. The network entity utilizes the received secure identifier to confirm the received secure identifier corresponds to the user equipment.

公开(公告)号：US20210258797A1

公开(公告)日：2021-08-19

申请号：US16973695

申请日：2019-06-25

Applicant: Nokia Technologies Oy

Inventor： Devaki Chandramouli ,  Suresh Nair ,  Laurent Thiebaut

IPC: H04W12/73 ,  H04W12/102 ,  H04W12/0431 ,  H04W12/06

Abstract: Systems, methods, apparatuses, and computer program products for dynamically updating routing identifiers (IDs) are provided. One method may include deciding, at a network node, to update a routing identifier for at least one user equipment. The method may then include obtaining or generating a new routing identifier to be assigned to the at least one user equipment along with authentication vectors, and transmitting the new routing identifier to an authentication entity.

公开(公告)号：US10805792B2

公开(公告)日：2020-10-13

申请号：US16124631

申请日：2018-09-07

Applicant: Nokia Technologies Oy

Inventor： Suresh Nair

IPC: H04W4/00 ,  H04W12/00 ,  H04W12/04 ,  H04W60/06 ,  H04W12/08 ,  H04W12/10

Abstract: A method, apparatus and computer program product may be provided for securing multiple NAS connections over a plurality of access types. An exemplary method may comprise receiving, at an access mobility function (AMF), a first registration request from user equipment (UE) over a first access type, establishing a main NAS context comprising at least a key set identifier for identifying a key for the AMF (KAMF), NAS integrity and encryption keys and a selected algorithm for all NAS links, wherein establishing the main NAS context comprises establishing the KAMF, and subsequently deriving, from the KAMF, the NAS integrity and NAS encryption keys and establishing a first NAS sub-context corresponding to a first access type, the first NAS sub-context comprising at least a first NAS link identification number, a first uplink packet count, a first downlink packet count.

公开(公告)号：US20190182654A1

公开(公告)日：2019-06-13

申请号：US15836153

申请日：2017-12-08

Applicant: Nokia Technologies Oy

Inventor： Anja Jerichow ,  Suresh Nair

IPC: H04W8/04 ,  H04W8/18 ,  H04L9/32 ,  H04L9/06 ,  H04L29/06

Abstract: Illustrative embodiments provide subscriber privacy management techniques that prevent a covert channel from being established between user equipment and a home network through a serving network in a communication system. In one example, a random value is computed in the serving network and added to the registration request procedure. The techniques also enable the home network to control UE behavior using an authorization token.

公开(公告)号：US12177937B2

公开(公告)日：2024-12-24

申请号：US17797631

申请日：2021-02-04

Applicant: NOKIA TECHNOLOGIES OY

Inventor： Devaki Chandramouli ,  Srinivasan Selvaganapathy ,  Hannu Petri Hietalahti ,  Suresh Nair ,  Philippe Godin

IPC: H04W12/06 ,  H04L67/303 ,  H04L101/654 ,  H04W8/12 ,  H04W8/18 ,  H04W8/26 ,  H04W12/72 ,  H04W60/00 ,  H04W68/00 ,  H04W72/04 ,  H04W84/12

Abstract: An apparatus and a method for reallocation of global unique temporary identifier (GUTI) in 5G networks are disclosed. The method includes receiving, at a user equipment, a first message from a network, the first message including a first global unique temporary identifier and additional information, at least the first global unique temporary identifier being as-signed to the user equipment; receiving a first data transmission including the first global unique temporary identifier from the network; in response to receiving the first data transmission, deriving, at the user equipment, a second global unique temporary identifier based on the first global unique temporary identifier and the additional information; and receiving a second data transmission including the second global unique temporary identifier from the network.

公开(公告)号：US11789803B2

公开(公告)日：2023-10-17

申请号：US17054949

申请日：2019-05-07

Applicant: Nokia Technologies Oy

Inventor： Suresh Nair ,  Anja Jerichow ,  Nagendra S Bykampadi

IPC: G06F11/07 ,  H04L45/00 ,  H04L9/40

CPC classification number: G06F11/079 ,  G06F11/0709 ,  G06F11/0751 ,  G06F11/0772 ,  G06F11/0793 ,  H04L45/22 ,  H04L63/0281 ,  H04L63/123 ,  H04L63/166

Abstract: In a communication system comprising a first network operatively coupled to a second network, wherein the first network comprises a first security edge protection proxy element operatively coupled to a second security edge protection proxy element of the second network, and wherein one of the first and second security edge protection proxy elements is a sending security edge protection proxy element and the other of the first and second security edge protection proxy elements is a receiving security edge protection proxy element, the receiving security edge protection proxy element receives a message from the sending security edge protection proxy element. The receiving security edge protection proxy element detects one or more error conditions associated with the received message. The receiving security edge protection proxy element determines one or more error handling actions to be taken in response to the one or more detected error conditions.

公开(公告)号：US11582599B2

公开(公告)日：2023-02-14

申请号：US17045965

申请日：2019-04-08

Applicant: Nokia Technologies Oy

Inventor： Suresh Nair ,  Anja Jerichow ,  Nagendra S Bykampadi

IPC: H04W12/00 ,  H04W8/12 ,  H04W12/106 ,  H04W84/04

Abstract: A method, apparatus and computer program product may be provided for signaling-based remote provisioning and updating of protection policy information in a SEPP of a visited network. A method may include obtaining, at a home network node (hSEPP), protection policy information from a local repository in a home network or via configuration. The hSEPP is a network node at a boundary of the home netowork, and the home network is a public land mobile network (hPLMN). The method includes distributing, via a signaling interface, the protection policy information to a visited network node (vSEPP) within a visited network (vPLMN). The vSEPP is a network node at a boundary of a second network. The protection policy information includes information regarding protection of signaling messages addressed for network functions (NFs) hosted in the hPLMN and is configured for enabling the vSEPP to selectively protect outgoing messages to hSEPP in the home network.

公开(公告)号：US11570626B2

公开(公告)日：2023-01-31

申请号：US16973695

申请日：2019-06-25

Applicant: Nokia Technologies Oy

Inventor： Devaki Chandramouli ,  Suresh Nair ,  Laurent Thiebaut

IPC: G06F21/00 ,  H04W12/73 ,  H04W12/0431 ,  H04W12/102 ,  H04W12/06 ,  H04W84/04

Abstract: Systems, methods, apparatuses, and computer program products for dynamically updating routing identifiers (IDs) are provided. One method may include deciding, at a network node, to update a routing identifier for at least one user equipment. The method may then include obtaining or generating a new routing identifier to be assigned to the at least one user equipment along with authentication vectors, and transmitting the new routing identifier to an authentication entity.

公开(公告)号：US20220264290A1

公开(公告)日：2022-08-18

申请号：US17176762

申请日：2021-02-16

Applicant: Nokia Technologies Oy

Inventor： Suresh Nair ,  Ranganathan Mavureddi Dhanasekaran

IPC: H04W12/033 ,  H04W12/02 ,  H04W12/50 ,  H04W68/00 ,  H04W12/45

Abstract: Techniques for securing mobile-terminated messages are disclosed. In one example, a method comprises receiving, at user equipment, a concealed message from a communication network with which the user equipment is in an idle state. The method de-conceals the concealed message, at the user equipment, to obtain at least one indicator value using at least a security value previously agreed upon with the communication network. The method generates a decision, at the user equipment, with respect to the idle state based on the obtained at least one indicator value. In one example, the at least one indicator value comprises a paging cause value.