利索-全球专利检索

  1. Login
  2. Sign Up

Search Results

18 records (took 0.02 seconds)

    Dynamic Secure Network Slice Admission
    1.
    发明申请
    Dynamic Secure Network Slice Admission 有权

    公开(公告)号:US20250048094A1

    公开(公告)日:2025-02-06

    申请号:US18718120

    申请日:2021-12-16

    Applicant: Telefonaktiebolaget LM Ericsson (publ)

    Inventor: Makan Pourzandi Yosr Jarraya Harri Hakala Bernard Smeets Tommy Arngren

    IPC: H04W12/06 H04W12/041 H04W12/08

    Abstract: A method for authenticating a wireless communications device to a network slice of a communications network is provided. The wireless communications device has one or more attributes associated with it, at least one of the one or more attributes fulfilling an attribute-based access policy of the network slice. The method is performed by a slice manager of the communications network and comprises sending a secret key to the wireless communications device, sending an encrypted access key to the wireless communications device, the encrypted access key being encrypted using the access policy, such that a secret key generated based at least one attribute that fulfill the attribute-based access policy can decrypt the encrypted access key.

    Automatic provisioning of streaming policies for video streaming control in CDN
    2.
    发明授权
    Automatic provisioning of streaming policies for video streaming control in CDN 有权

    公开(公告)号:US11818100B2

    公开(公告)日:2023-11-14

    申请号:US16769672

    申请日:2017-12-04

    Applicant: Telefonaktiebolaget LM Ericsson (publ)

    Inventor: Stere Preda Daniel Migault Makan Pourzandi

    IPC: H04L9/40

    CPC classification number: H04L63/0263

    Abstract: Methods and systems for automatic provisioning of security policies for content streaming control within a Content Delivery Network (CDN) are provided. According to one aspect, a method for automatic provisioning of security policies for content streaming control by a network node within a CDN that supports at least one streaming media protocol comprises: obtaining a manifest, the manifest being generated in response to a user requesting a streaming content from the CDN; determining a first security policy associated with the user and/or the requested streaming content in accordance with the manifest; updating a set of firewall rules for implementing security policies in accordance with the determined first security policy; and applying the updated set of firewall rules to validate requests from the user for the streaming content. The policies are dynamically configured and may be sparsely provisioned, e.g., downloaded only to the pertinent nodes and activated only when necessary.

    Cyber-physical context-dependent cryptography
    3.
    发明授权
    Cyber-physical context-dependent cryptography 有权

    公开(公告)号:US11658810B2

    公开(公告)日:2023-05-23

    申请号:US16081272

    申请日:2016-03-23

    Applicant: Telefonaktiebolaget LM Ericsson (publ)

    Inventor: Makan Pourzandi Mats Näslund

    IPC: H04L9/08

    CPC classification number: H04L9/0822 H04L9/085 H04L9/0872

    Abstract: A method for cryptographic key management for managing access control is provided. A key is divided into a plurality of portions of the key. Pre-encryption contextual data is received for each of a plurality of devices. The pre-encryption contextual data indicates at least one attribute of a respective device of the plurality of devices before an encryption of the plurality of portions of the key is performed. The plurality of portions of the key are encrypted based at least on the pre-encryption contextual data of the plurality of devices to make the plurality of the portions of the key dependent at least on contextual data corresponding pre-encryption contextual data. Each of the plurality of encrypted portions of the key is distributed to a respective device of the plurality of devices for storage and retrieval.

    Partition-based prefix preserving anonymization approach for network traces containing IP addresses
    4.
    发明授权
    Partition-based prefix preserving anonymization approach for network traces containing IP addresses 有权

    公开(公告)号:US11316831B2

    公开(公告)日:2022-04-26

    申请号:US16477428

    申请日:2018-02-28

    Applicant: Telefonaktiebolaget LM Ericsson (publ)

    Inventor: Meisam Mohammady Yosr Jarraya Lingyu Wang Mourad Debbabi Makan Pourzandi

    IPC: H04L29/06 H04L9/08 H04W12/02 H04W12/04

    Abstract: A node including processing circuitry configured to: generate anonymized data based at least in part on a first cryptographic key and network data, calculate a coordination vector, generate initialized data based at least in part on the anonymized data, a second cryptographic key and the coordination vector, transmit the initialized data, the random vector, a security policy and instructions to analyze n iterations of the initialized data and the security policy using the random vector and the second cryptographic key, and receive results of the analysis of the n iterations of the initialized data and the security policy using the random vector and the second cryptographic key. The analysis of an m iteration of the n iterations correspond to an analysis of the initialized data with prefix preservation where the analysis of the remaining iterations of the n iterations fail to be prefixed preserved.

    SYSTEMS AND METHODS FOR DETECTION OF ABNORMAL UE BEHAVIOR
    5.
    发明申请
    SYSTEMS AND METHODS FOR DETECTION OF ABNORMAL UE BEHAVIOR 有权

    公开(公告)号:US20210321259A1

    公开(公告)日:2021-10-14

    申请号:US17274272

    申请日:2018-09-07

    Applicant: Telefonaktiebolaget LM Ericsson (publ)

    Inventor: Habib Louafi Makan Pourzandi

    IPC: H04W12/121 H04W24/08 G06K9/62 H04W24/06 H04L29/06 G06N20/00

    Abstract: Systems and methods for detecting abnormal User Equipment (UE) behavior in a cellular communications system are disclosed. In some embodiments, a method of operation of a first Network Anomaly Detection (NAD) function associated with a first Radio Access Network (RAN) in a cellular communications system comprises, during a period of time, obtaining information regarding UEs served by the first RAN, detecting that a particular UE has moved from the first RAN to a second RAN, and sending at least some of the information regarding the particular UE to a second NAD function associated with the second RAN. The method further comprises producing a trained partial model of UE behavior for the first RAN, sending corresponding information to the second NAD function, receiving information regarding a trained partial model of UE behavior for the second RAN, generating a trained global model, and performing a prediction of abnormal UE behavior based thereon.

    Privacy-preserving data verification
    10.
    发明授权
    Privacy-preserving data verification 有权

    公开(公告)号:US11314884B2

    公开(公告)日:2022-04-26

    申请号:US16769662

    申请日:2018-02-28

    Applicant: Telefonaktiebolaget LM Ericsson (publ)

    Inventor: Momen Oqaily Yosr Jarraya Lingyu Wang Makan Pourzandi Mourad Debbabi

    IPC: G06F21/62 G06F21/60 H04L9/14

    Abstract: A node includes processing circuitry configured to encrypt first network data including a first tenant identifier using a first cryptographic key to generate first encrypted data and anonymize the first encrypted data to generate anonymized data where the anonymizing of the first encrypted data includes segmenting the first encrypted data and the anonymizing of the first encrypted data preserving relationships among the first network data associated with the first tenant identifier, encrypt the anonymized data using a second cryptographic key to generate encrypted anonymized data, transmit the encrypted anonymized data, at least one analysis parameter, at least one security policy and instructions to analyze the encrypted anonymized data using the at least one analysis parameter, the at least one security policy and the second cryptographic key, receive analysis data resulting from the analysis of the encrypted anonymized data, and determine verification results from the received analysis data.

Patent Agency Ranking