-
公开(公告)号:US11678193B2
公开(公告)日:2023-06-13
申请号:US17813117
申请日:2022-07-18
IPC分类号: H04W12/30 , H04W12/037 , H04W12/40 , H04W12/06
CPC分类号: H04W12/35 , H04W12/037 , H04W12/06 , H04W12/40
摘要: A device may receive, from a network device, a user equipment (UE) parameter update request notification indicating an update to a UE parameter of a universal subscriber identity module (USIM), and may generate an encrypted UE parameter update request. The device may cause the encrypted UE parameter update request to be provided to the USIM to cause the USIM to update the UE parameter and to generate an encrypted UE parameter update response. The device may receive, from the network device, the encrypted UE parameter update response, and may verify an authenticity of content of the encrypted UE parameter update response based on whether the encrypted UE parameter update response is signed by the USIM. The device may provide, to the network device, a result indicating whether the UE parameter is updated and whether the authenticity of the content of the encrypted UE parameter update response is verified.
-
公开(公告)号:US11910480B2
公开(公告)日:2024-02-20
申请号:US17233030
申请日:2021-04-16
摘要: A method may include receiving, at a network device, a registration request that comprises a subscription concealed identifier (SUCI) associated with a particular user equipment (UE) device. The network device determines whether the SUCI indicates a request for null-scheme network access; and retrieves a scheme authorization parameter for the UE device when it is determined that the SUCI indicates a request for null-scheme network access. The scheme authorization parameter indicates whether the UE device is authorized for null-scheme access to a service provider network. The network device determines whether the UE device is authorized for null-scheme network access based on the retrieved scheme authorization parameter and performs processing associated with null-scheme network access when it is determined that the particular UE device is authorized for null-scheme network access.
-
公开(公告)号:US20220337994A1
公开(公告)日:2022-10-20
申请号:US17233030
申请日:2021-04-16
摘要: A method may include receiving, at a network device, a registration request that comprises a subscription concealed identifier (SUCI) associated with a particular user equipment (UE) device. The network device determines whether the SUCI indicates a request for null-scheme network access; and retrieves a scheme authorization parameter for the UE device when it is determined that the SUCI indicates a request for null-scheme network access. The scheme authorization parameter indicates whether the UE device is authorized for null-scheme access to a service provider network. The network device determines whether the UE device is authorized for null-scheme network access based on the retrieved scheme authorization parameter and performs processing associated with null-scheme network access when it is determined that the particular UE device is authorized for null-scheme network access.
-
公开(公告)号:US11418957B2
公开(公告)日:2022-08-16
申请号:US16683775
申请日:2019-11-14
IPC分类号: H04W12/30 , H04W12/40 , H04W12/06 , H04W12/037
摘要: A device may receive, from a network device, a user equipment (UE) parameter update request notification indicating an update to a UE parameter of a universal subscriber identity module (USIM), and may generate an encrypted UE parameter update request. The device may cause the encrypted UE parameter update request to be provided to the USIM to cause the USIM to update the UE parameter and to generate an encrypted UE parameter update response. The device may receive, from the network device, the encrypted UE parameter update response, and may verify an authenticity of content of the encrypted UE parameter update response based on whether the encrypted UE parameter update response is signed by the USIM. The device may provide, to the network device, a result indicating whether the UE parameter is updated and whether the authenticity of the content of the encrypted UE parameter update response is verified.
-
公开(公告)号:US20220217540A1
公开(公告)日:2022-07-07
申请号:US17143589
申请日:2021-01-07
摘要: Systems and methods enable the provisioning of security as a service for network slices. A network device stores definitions of multiple security assurance levels for network slices based on security parameters of assets used in the network slices. The network device stores multiple network slice templates, wherein the multiple network slice templates have different security assurance levels, of the multiple security assurance levels, for a Network Service Descriptor (NSD). The network device receives a request for a network slice with a requested security assurance level, of the multiple security assurance levels, for the NSD, and deploys the network slice using one of the network slice templates that has a security assurance level that corresponds to the requested security assurance level. The network device monitors the security parameters of the assets of the network slice for changes to the security assurance level of the deployed network slice.
-
公开(公告)号:US11825309B2
公开(公告)日:2023-11-21
申请号:US17511938
申请日:2021-10-27
发明人: David Robert Lenrow , Kalyani Bogineni , Vinod Kumar Choyi , Jeffrey Melrose , Yousif Targali , Deepa Jagannatha
IPC分类号: H04W12/088 , H04L12/801 , H04W12/06 , H04W12/37 , H04L47/12 , H04W8/04
CPC分类号: H04W12/088 , H04L47/12 , H04W8/04 , H04W12/06 , H04W12/37
摘要: Systems and methods described herein enforce access controls for network slices via proxy in a secure enclave of a user equipment (UE) device. A UE device executes, in a rich execution environment (REE), a function or application designated for using one or more secure network slices of a telecommunications network. The UE device executes, in a trusted execution environment (TEE), a slice admission control proxy (SACP) to perform admission control for the one or more secure network slices, and forces network traffic for the function or application through the SACP.
-
公开(公告)号:US20230284028A1
公开(公告)日:2023-09-07
申请号:US18314219
申请日:2023-05-09
CPC分类号: H04W12/12 , H04W12/66 , H04L63/20 , H04W28/0835 , H04W28/0831
摘要: Systems and methods enable the provisioning of security as a service for network slices. A network device stores definitions of multiple security assurance levels for network slices based on security parameters of assets used in the network slices. The network device stores multiple network slice templates, wherein the multiple network slice templates have different security assurance levels, of the multiple security assurance levels, for a Network Service Descriptor (NSD). The network device receives a request for a network slice with a requested security assurance level, of the multiple security assurance levels, for the NSD, and deploys the network slice using one of the network slice templates that has a security assurance level that corresponds to the requested security assurance level. The network device monitors the security parameters of the assets of the network slice for changes to the security assurance level of the deployed network slice.
-
公开(公告)号:US11683691B2
公开(公告)日:2023-06-20
申请号:US17143589
申请日:2021-01-07
CPC分类号: H04W12/12 , H04L63/20 , H04W12/66 , H04W28/0831 , H04W28/0835
摘要: Systems and methods enable the provisioning of security as a service for network slices. A network device stores definitions of multiple security assurance levels for network slices based on security parameters of assets used in the network slices. The network device stores multiple network slice templates, wherein the multiple network slice templates have different security assurance levels, of the multiple security assurance levels, for a Network Service Descriptor (NSD). The network device receives a request for a network slice with a requested security assurance level, of the multiple security assurance levels, for the NSD, and deploys the network slice using one of the network slice templates that has a security assurance level that corresponds to the requested security assurance level. The network device monitors the security parameters of the assets of the network slice for changes to the security assurance level of the deployed network slice.
-
公开(公告)号:US20230128578A1
公开(公告)日:2023-04-27
申请号:US17511938
申请日:2021-10-27
发明人: David Robert Lenrow , Kalyani Bogineni , Vinod Kumar Choyi , Jeffrey Melrose , Yousif Targali , Deepa Jagannatha
IPC分类号: H04W12/088 , H04L12/801 , H04W12/06 , H04W12/37
摘要: Systems and methods described herein enforce access controls for network slices via proxy in a secure enclave of a user equipment (UE) device. A UE device executes, in a rich execution environment (REE), a function or application designated for using one or more secure network slices of a telecommunications network. The UE device executes, in a trusted execution environment (TEE), a slice admission control proxy (SACP) to perform admission control for the one or more secure network slices, and forces network traffic for the function or application through the SACP.
-
-
-
-
-
-
-
-
搜索结果
9 条记录 (耗时 0.018 秒)
