-
1.发明公开公开(公告)号:US20240187980A1
公开(公告)日:2024-06-06
申请号:US18544985
申请日:2023-12-19
IPC分类号: H04W48/18 , H04W12/041 , H04W12/043 , H04W36/00
CPC分类号: H04W48/18 , H04W12/041 , H04W12/043 , H04W36/0038
摘要: There is provided a solution for managing security contexts at idle mode mobility of a wireless communication device between different wireless communication systems including a first wireless communication system and a second wireless communication system. The first wireless communication system is a 5G/NGS system and the second wireless communication system is a 4G/EPS system. The solution is based on obtaining (S1) a 5G/NGS security context, and mapping (S2) the 5G/NGS security context to a 4G/EPS security context.
-
公开(公告)号:US11997479B2
公开(公告)日:2024-05-28
申请号:US17434238
申请日:2020-02-13
IPC分类号: H04W12/03 , H04W12/037 , H04W12/041 , H04W12/06 , H04W76/10 , H04W60/00
CPC分类号: H04W12/041 , H04W12/037 , H04W12/06 , H04W76/10 , H04W60/00
摘要: A method for key derivation for non-3GPP access. The method includes determining a particular non-3GPP access type, wherein the particular non-3GPP access type is one of N different particular non-3GPP access types (N>1), and each one of the N particular non-3GPP access types is associated with a unique access type distinguisher value. The method also includes generating (s604) a first access network key using a key derivation function and the unique access type distinguisher value with which the determined particular non-3GPP access type is associated, thereby generating a first access network key for the particular non-3GPP access type.
-
公开(公告)号:US11963000B2
公开(公告)日:2024-04-16
申请号:US18108523
申请日:2023-02-10
IPC分类号: H04L9/00 , H04L9/08 , H04W12/041 , H04W12/0433 , H04W36/00 , H04W36/14 , H04W12/00
CPC分类号: H04W12/041 , H04L9/0861 , H04W12/0433 , H04W36/0055 , H04W36/14 , H04W12/009
摘要: A key management is provided that enables security activation before handing over a user equipment from a source 5G wireless communication system, i.e., a Next Generation System (NGS), to a target 4G wireless communication system, i.e., a Evolved Packet System (EPS)/Long Term Evolution (LTE). The key management achieves backward security, i.e., prevents the target 4G wireless communication system from getting knowledge of 5G security information used in the source 5G wireless communication system.
-
公开(公告)号:US11849389B2
公开(公告)日:2023-12-19
申请号:US18109516
申请日:2023-02-14
IPC分类号: H04L29/06 , H04W48/18 , H04W36/00 , H04W12/041 , H04W12/043
CPC分类号: H04W48/18 , H04W12/041 , H04W12/043 , H04W36/0038
摘要: There is provided a solution for managing security contexts at idle mode mobility of a wireless communication device between different wireless communication systems including a first wireless communication system and a second wireless communication system. The first wireless communication system is a 5G/NGS system and the second wireless communication system is a 4G/EPS system. The solution is based on obtaining (S1) a 5G/NGS security context, and mapping (S2) the 5G/NGS security context to a 4G/EPS security context.
-
公开(公告)号:US11432141B2
公开(公告)日:2022-08-30
申请号:US16713984
申请日:2019-12-13
IPC分类号: H04W12/04 , H04W12/041 , H04W60/02 , H04W36/00 , H04W48/20 , H04W12/0433 , H04L9/40 , H04W36/14 , H04W36/38
摘要: The present disclosure relates to methods and apparatus for flexible, security context management during AMF changes. One aspect of the disclosure is a mechanism for achieving backward security during AMF changes. Instead of passing the current NAS key to the target AMF, the source AMF derives a new NAS key, provides the new NAS key to the target AMF, and sends a key change indication to the UE, either directly or through some other network node. The UE can then derive the new NAS key from the old NAS key. In some embodiments, the AMF may provide a key generation parameter to the UE to use in deriving the new NAS key. In other embodiments, the target AMF may change one or more security algorithms.
-
公开(公告)号:US12075253B2
公开(公告)日:2024-08-27
申请号:US16465382
申请日:2017-01-26
发明人: Maria Esther Bas Sanchez , David Castellanos Zamora , Peter Hedman , Christine Jost , Monica Wifvesson
摘要: There is provided mechanisms for attachment of a wireless device to an MNO. A method is performed by the wireless device. The method comprises providing an authorization token to an AMF node of the MNO in conjunction with authenticating with the AMF node. The method comprises completing attachment to the MNO upon successful validation of the authorization token by the AMF node.
-
公开(公告)号:US20240244434A1
公开(公告)日:2024-07-18
申请号:US18290248
申请日:2022-03-15
发明人: Pinar Comak , Christine Jost , Ferhat Karakoc , Stefan Håkansson , Ulf Mattsson , Zhang Fu
IPC分类号: H04W12/106 , H04W12/033 , H04W12/0431 , H04W12/084 , H04W12/108
CPC分类号: H04W12/106 , H04W12/033 , H04W12/0431 , H04W12/084 , H04W12/108
摘要: A data collection coordination function, DCCF, network node receives (1a) a request for data from a data consumer, determines (2) a data source for the requested data, verifies (3a, 3b) with a network node that the data consumer and the DCCF are authorized by the data source, receives (3b) a message container for the data consumer from the network node, the message container for the data consumer including a data encryption key KE and a data integrity key Ki, and receives (3b) a message container for the data source from the network node, the message container for the data source including the data encryption key KE and the data integrity key Ki. The DCCF network node transmits (4a) the message container for the data consumer to the data consumer and transmits (5) the message container for the data source to the data source.
-
8.发明公开公开(公告)号:US20240163672A1
公开(公告)日:2024-05-16
申请号:US18259926
申请日:2021-12-21
发明人: Pinar Comak , Christine Jost , Ferhat Karakoc , Ulf Mattsson , Zhang Fu
IPC分类号: H04W12/084
CPC分类号: H04W12/084
摘要: The invention relates to a method for a data consumer network function, NF, of a communication network to collect data from a data producer NF, the method comprising: o sending (810), to a network repository function, NRF, in the communication network, a request for an access token for a service provided by a data collection coordination function, DCCF, in the communication network; o receiving (820), from the NRF, at least one access token for the service provided by the DCCF; and o using (830) the at least one access token, collecting data from the data producer NF in the communication network via the DCCF service.
-
公开(公告)号:US20240073683A1
公开(公告)日:2024-02-29
申请号:US18386807
申请日:2023-11-03
IPC分类号: H04W12/041 , H04L9/40 , H04W12/0433 , H04W36/00 , H04W36/14 , H04W36/38 , H04W48/20 , H04W60/02
CPC分类号: H04W12/041 , H04L63/062 , H04W12/0433 , H04W36/0038 , H04W36/14 , H04W36/385 , H04W48/20 , H04W60/02 , H04L2463/061
摘要: The present disclosure relates to methods and apparatus for flexible, security context management during AMF changes. One aspect of the disclosure is a mechanism for achieving backward security during AMF changes in idle mode. Instead of passing the current NAS key to the target AMF, the source AMF derives a new NAS key, provides the new NAS key to the target AMF, along with a key change indication indicating that the NAS key has changed. The target AMF sends the key change indication to the user equipment.
-
公开(公告)号:US11729609B2
公开(公告)日:2023-08-15
申请号:US16969589
申请日:2019-02-15
IPC分类号: H04L9/40 , H04L29/06 , H04W12/02 , H04W12/106 , H04W12/086 , H04W12/03 , H04L67/02 , H04W84/04
CPC分类号: H04W12/02 , H04L63/0281 , H04L67/02 , H04W12/03 , H04W12/086 , H04W12/106 , H04W84/042
摘要: Network equipment (300, 400) is configured for use in one of multiple different core network domains of a wireless communication system (10). The network equipment (300, 400) is configured to receive a message (60) that has been, or is to be, transmitted between the different core network domains. The network equipment (300, 400) is also configured to apply inter-domain security protection to, or remove inter-domain security protection from, one or more portions of the content of a field in the message according to a protection policy (80). The protection policy (80) includes information indicating to which one or more portions of the content inter-domain security protection is to be applied or removed. The network equipment (300, 400) is also configured to forward the message (60), with inter-domain security protection applied or removed to the one or more portions, towards a destination of the message (60).
-
-
-
-
-
-
-
-
-
搜索结果
57 条记录 (耗时 0.021 秒)
