-
公开(公告)号:US12075253B2
公开(公告)日:2024-08-27
申请号:US16465382
申请日:2017-01-26
发明人: Maria Esther Bas Sanchez , David Castellanos Zamora , Peter Hedman , Christine Jost , Monica Wifvesson
摘要: There is provided mechanisms for attachment of a wireless device to an MNO. A method is performed by the wireless device. The method comprises providing an authorization token to an AMF node of the MNO in conjunction with authenticating with the AMF node. The method comprises completing attachment to the MNO upon successful validation of the authorization token by the AMF node.
-
公开(公告)号:US20240259797A1
公开(公告)日:2024-08-01
申请号:US18019048
申请日:2022-08-23
发明人: Zhang Fu , Monica Wifvesson , Ivo Sedlacek
摘要: Systems and methods are disclosed for supporting remote User Equipment (UE) authentication via a relay UE. In one embodiment, a method performed by a relay UE comprises receiving a first message conveyed by a remote UE and sending a second message to a relay access and mobility function (AMF), wherein the second message comprises a UE-to-Network (U2N) connection mapping identification (ID) that identifies the remote UE. In this manner, the relay UE and relay AMF are able to identify that the second message (e.g., an authentication related message) is for the remote UE. Embodiments of a relay UE and embodiments of a relay AMF and methods of operation thereof are also disclosed.
-
公开(公告)号:US20240214801A1
公开(公告)日:2024-06-27
申请号:US18600871
申请日:2024-03-11
发明人: Noamen Ben Henda , Monica Wifvesson
IPC分类号: H04W12/041 , H04W8/08 , H04W12/037 , H04W12/06 , H04W36/00
CPC分类号: H04W12/041 , H04W8/08 , H04W12/037 , H04W12/06 , H04W36/0038
摘要: Network equipment (16A) is configured for use in a wireless communication network. The network equipment (16A) is configured to detect one or more conditions under which non-access stratum (NAS) keys (26A) that protect NAS communication between the network equipment (16A) and a wireless device (12) are to be refreshed. Responsive to detecting the one or more conditions, the network equipment (16A) is configured to derive, from a base key (24A) on which the NAS keys (26A) were derived, a new base key (24B) on which fresh NAS keys (26B) are to be derived. The network equipment (16A) is also configured to activate the new base key (24B).
-
公开(公告)号:US20240073683A1
公开(公告)日:2024-02-29
申请号:US18386807
申请日:2023-11-03
IPC分类号: H04W12/041 , H04L9/40 , H04W12/0433 , H04W36/00 , H04W36/14 , H04W36/38 , H04W48/20 , H04W60/02
CPC分类号: H04W12/041 , H04L63/062 , H04W12/0433 , H04W36/0038 , H04W36/14 , H04W36/385 , H04W48/20 , H04W60/02 , H04L2463/061
摘要: The present disclosure relates to methods and apparatus for flexible, security context management during AMF changes. One aspect of the disclosure is a mechanism for achieving backward security during AMF changes in idle mode. Instead of passing the current NAS key to the target AMF, the source AMF derives a new NAS key, provides the new NAS key to the target AMF, along with a key change indication indicating that the NAS key has changed. The target AMF sends the key change indication to the user equipment.
-
公开(公告)号:US11849319B2
公开(公告)日:2023-12-19
申请号:US16631560
申请日:2017-07-28
IPC分类号: H04W12/06 , H04L9/40 , H04W12/10 , H04W12/0471
CPC分类号: H04W12/06 , H04L63/12 , H04W12/0471 , H04W12/10
摘要: A method may be provided at a wireless terminal to support communications with a network node of a wireless communication network. An IKE SA may be initiated to establish a NAS connection between the wireless terminal and the network node through a non-3GPP access network and a non-3GPP interworking function network node. After initiating the IKE SA, an IKE authorization request may be transmitted through the non-3GPP access network to the N3IWF network node, with the IKE authorization request including an identifier of the wireless terminal. An access network key may be derived for the NAS connection through the non-3GPP access network at the wireless terminal, with the access network key being derived based on a NAS count for the wireless terminal and an anchor key. An IKE authorization response corresponding to the IKE authorization request may be received.
-
公开(公告)号:US20230397007A1
公开(公告)日:2023-12-07
申请号:US18030060
申请日:2021-08-18
IPC分类号: H04W12/069 , H04W12/0433 , H04W12/08
CPC分类号: H04W12/069 , H04W12/0433 , H04W12/08
摘要: A communication device establishes a secure connection in a wireless communication network. The communication device communicates a request to use a communication service provided by the wireless communication network, the request including an indication that the communication device can support the requested communication service and an Authentication and Key Management for Applications (AKMA) service provided by the wireless communication network. Responsive to communicating the request, the communication device receives a communication comprising information that indicates whether the requested communication service and the AKMA service can be provided to the communication device to establish the secure connection in the wireless communication network.
-
公开(公告)号:US20230284020A1
公开(公告)日:2023-09-07
申请号:US18019744
申请日:2021-07-08
发明人: Monica Wifvesson , Mikael Wass
IPC分类号: H04W12/08 , H04W12/106
CPC分类号: H04W12/08 , H04W12/106
摘要: A network node in a wireless communication system configures an operator policy to indicate whether to accept legacy user equipments, UEs, that do not support user plane integrity protection, UP IP, and it sets UP IP to be either “preferred” or “not required” of a UP security policy based on the operator policy indicating acceptance of legacy UEs and in response to a communication related to a legacy UE.
-
公开(公告)号:US11690001B2
公开(公告)日:2023-06-27
申请号:US16481242
申请日:2017-12-18
IPC分类号: H04L29/06 , H04W48/18 , H04W36/00 , H04W12/041 , H04W12/043
CPC分类号: H04W48/18 , H04W12/041 , H04W12/043 , H04W36/0038
摘要: There is provided a solution for managing security contexts at idle mode mobility of a wireless communication device between different wireless communication systems including a first wireless communication system and a second wireless communication system. The first wireless communication system is a 5G/NGS system and the second wireless communication system is a 4G/EPS system. The solution is based on obtaining (S1) a 5G/NGS security context, and mapping (S2) the 5G/NGS security context to a 4G/EPS security context.
-
9.发明授权公开(公告)号:US11617082B2
公开(公告)日:2023-03-28
申请号:US17830253
申请日:2022-06-01
发明人: Noamen Ben Henda , Mikael Wass , Monica Wifvesson
IPC分类号: H04L12/26 , H04W12/106 , H04W76/11 , H04L9/40 , H04W12/02 , H04W12/04 , H04W60/02 , H04W12/037
摘要: A method at a UE may include providing a first NAS connection with a network node through a first access node, wherein a first NAS CID is associated with the first NAS connection. While providing the first NAS connection, a second NAS CID may be allocated for a second NAS connection with the network node through a second access node. A registration request message may be transmitted to the network node to request the second NAS connection, wherein transmitting the registration request message includes performing integrity protection for the registration request message using the second NAS CID. A security mode command message may be received from the network node, wherein the security mode command message corresponds to the registration request message. Responsive to receiving the security mode command message, a security mode complete message may be transmitted to the network node through the second access node.
-
公开(公告)号:US11606682B2
公开(公告)日:2023-03-14
申请号:US17041710
申请日:2019-04-05
摘要: A method of operating an Access and Mobility Management Function (AMF) of a communications system that includes an access node (AN) configured to communicate through a wireless air interface with user equipments (UEs) and that has a Session Management Function (SMF), is provided. The method includes receiving an indication of a Max Data Radio Bearer Integrity Protection, DRB-IP, rate indicating a maximum computational capacity of the UE to process DRBs that have integrity protection during Packet Data Unit (PDU) sessions. A PDU session establishment request NAS message is received from the UE for establishing a PDU session. A PDU session create message is communicated toward the SMF. A SMF message is received that contains an indication of an allocated DRB-IP rate for DRBs that are to be integrity protected for a PDU session being established.
-
-
-
-
-
-
-
-
-
搜索结果
135 条记录 (耗时 0.034 秒)
