-
公开(公告)号:WO2021104630A1
公开(公告)日:2021-06-03
申请号:PCT/EP2019/082879
申请日:2019-11-28
发明人: SMEETS, Bernard , STÅHL, Per , LI, Qiang
摘要: A system (200) is disclosed for managing a communication network subscription identifier associated with a device. The system comprises a Core Network node (210) configured to provide a subscription identifier for the device to a Device Management node with management responsibility for the device. The system further comprises a Verification node (230) configured to receive from the Device Management node the subscription identifier and a characteristic of the device, and to bind the subscription identifier to the characteristic such that the subscription identifier is uniquely associated with the characteristic. The system further comprises a Network Access node configured to obtain the subscription identifier from the device. The Verification node (230), Network Access node (220) and Core Network node (210) are configured to cooperate to verify that the device from which the Network Access node obtained the subscription identifier is in possession of the characteristic that is bound to the subscription identifier.
-
公开(公告)号:WO2020035150A1
公开(公告)日:2020-02-20
申请号:PCT/EP2018/072354
申请日:2018-08-17
摘要: There is provided mechanisms for handling subscription profiles for a set of wireless devices. A method is performed by an MNO entity. The method comprises obtaining a single request for handling subscription profiles for the set of wireless devices. The method comprises performing, with a profile provisioning server, a preparation procedure for the set of wireless devices wherein a common batch profile handling parameter for the set of wireless devices is created, and whereby the set of wireless devices are associated with at least one matching identifier for tracking actions relating to the handling of the subscription profiles at the MNO entity and the profile provisioning server.
-
公开(公告)号:WO2019137630A1
公开(公告)日:2019-07-18
申请号:PCT/EP2018/052140
申请日:2018-01-29
CPC分类号: H04W12/02 , H04L67/303 , H04W4/50 , H04W4/60 , H04W4/70 , H04W8/18 , H04W12/0023
摘要: There is presented mechanisms for profile handling of a communications device (300). A method is performed by a local profile assistant (200a) of a proxy device (200). The method comprises obtaining an indication of handling a profile of the communications device (300). The method comprises establishing a first secure communications link with a local profile assistant of the communications device. The method comprises establishing a second secure communications link with a subscription management entity (430) of the communications device. The method comprises receiving information pertaining to handling of the profile by the local profile assistant of the communications device, the information being received from the subscription management entity over the second secure communications link. The method comprises providing the information to the local profile assistant of the communications device over the first secure communications link.
-
公开(公告)号:WO2019108100A1
公开(公告)日:2019-06-06
申请号:PCT/SE2017/051190
申请日:2017-11-29
发明人: SMEETS, Bernard , ENGLUND, Håkan , STÅHL, Per
摘要: A method of establishing a session key at a communication device is disclosed, wherein the session key is to be shared between the communication device and a network application function (NAF) and wherein a service bootstrap key and an associated transaction identifier, previously derived by application of a general bootstrapping architecture (GBA) procedure, are shared between the communication device and a bootstrapping server function (BSF). The method comprises acquiring a NAF identifier associated with the NAF, deriving a NAF specific key based on the NAF identifier and the service bootstrap key, deriving the session key based on the NAF specific key and one or more key defining parameters, wherein the key defining parameters are accessible by the communication device and by the NAF and are non- accessible by the BSF, and transmitting an attach request message and the transaction identifier towards the NAF for establishment of the session key at the NAF. Corresponding method at a network application function, arrangements, communication device and access network node are also disclosed.
-
公开(公告)号:WO2022128091A1
公开(公告)日:2022-06-23
申请号:PCT/EP2020/086645
申请日:2020-12-17
发明人: SALMELA, Patrik , STÅHL, Per
IPC分类号: H04W8/20
摘要: There is provided mechanisms for handling download of a subscription profile from a pool of subscription profiles. The subscription profiles of the pool of subscription profiles are served by an MNO entity. A method is performed by a subscription management entity. The subscription management entity manages the pool of subscription profiles. The pool of subscription profiles has its own pool identifier. The method comprises obtaining a request from a communication device for download of one of the subscription profiles from the pool of subscription profiles. The method comprises enabling download to the communication device of one of the subscription profiles from the pool of subscription profiles. The method comprises filling up the pool of subscription profiles so that total number of subscription profiles in the pool of subscription profiles remains unchanged.
-
公开(公告)号:WO2022073623A1
公开(公告)日:2022-04-14
申请号:PCT/EP2020/078503
申请日:2020-10-09
发明人: STÅHL, Per , SÄÄSKILAHTI, Juha , SUIHKO, Timo , UOTILA, Toni
IPC分类号: H04W12/0431 , H04W12/40 , H04W12/086 , H04W4/70 , H04W12/06 , H04W12/069
摘要: There is provided mechanisms for handling credentials of an IoT SAFE applet. A method is performed by a communication device. The communication device stores the IoT SAFE applet in a first security domain of a subscription module in the communication device. The first security domain is free from any subscription profile and is different from any security domain of the subscription module for storing subscription profiles. The IoT SAFE applet is independent from any MNO. The communication device is without credentials for the IoT SAFE applet for establishing secure communication for the communication device with a network node. The method comprises obtaining credentials for the IoT SAFE applet from the network node. The method comprises storing the credentials in the first security domain of the subscription module. The credentials are, after successful storage, accessible only from within the first security domain. The method comprises establishing, using the IoT SAFE applet and at least one of the credentials, secure communication for the communication device with the network node.
-
公开(公告)号:WO2021155903A1
公开(公告)日:2021-08-12
申请号:PCT/EP2020/052612
申请日:2020-02-03
摘要: A method (100) for performing an authentication procedure between a verifying device and a responding device is disclosed, the verifying and responding devices being provisioned with security credentials. The method, performed by the verifying device, comprises generating an authentication challenge (110), delivering the authentication challenge to the responding device (120), receiving an authentication response from the responding device (130), and verifying the authentication response (140). According to the method, at least one of the authentication challenge or authentication response is encoded as a sequence of qubits and delivered over a quantum communication channel between the verifying device and the responding device (120A, 120B, 130A, 130B). Also disclosed are methods for delivering and receiving a message over a quantum communication channel, and devices for performing authentication and message exchange methods.
-
公开(公告)号:WO2018054463A1
公开(公告)日:2018-03-29
申请号:PCT/EP2016/072462
申请日:2016-09-21
发明人: KERÄNEN, Ari , STÅHL, Per
IPC分类号: H04L29/06
摘要: Methods for communication for a device and a transport node are disclosed, the transport node facilitating communication between the device and a server. The method (100) for the device comprises assembling a message for sending to the server via the transport node (120), the message comprising a message payload, an application layer header, and a signature, wherein at least one of the message payload or a part of the application layer header is encrypted. The method further comprises retrieving a compression context identifier corresponding to the application layer header (130), replacing the application layer header in the message with the retrieved compression context identifier (140) and forwarding the message to the transport node (150). The method (200) for the transport node comprises retrieving an application layer header corresponding to the compression context identifier (220), and replacing the compression context identifier in the message with the retrieved application layer header (230).
摘要翻译: 公开了用于设备和传输节点的通信的方法,传输节点促进设备和服务器之间的通信。 所述设备的方法(100)包括:经由所述传输节点(120)组装用于发送到所述服务器的消息,所述消息包括消息有效载荷,应用层头部和签名,其中所述消息有效载荷或 应用程序层标题的一部分被加密。 该方法进一步包括检索对应于应用层报头(130)的压缩上下文标识符,用检索到的压缩上下文标识符(140)替换消息中的应用层报头并将该消息转发给传输节点(150)。 传输节点的方法(200)包括检索对应于压缩上下文标识符(220)的应用层标头,并用检索到的应用层标头(230)替换消息中的压缩上下文标识符。
-
9.发明申请METHOD FOR OBTAINING INITIAL ACCESS TO A NETWORK, AND RELATED WIRELESS DEVICES AND NETWORK NODES 审中-公开获取初次访问网络的方法,以及相关的无线设备和网络节点
公开(公告)号:WO2017001022A1
公开(公告)日:2017-01-05
申请号:PCT/EP2015/065127
申请日:2015-07-02
发明人: STÅHL, Per
CPC分类号: H04W12/06 , H04L9/0643 , H04L9/0844 , H04L9/14 , H04L9/30 , H04L9/3242 , H04L9/3263 , H04L9/3271 , H04L63/0442 , H04L63/0823 , H04W12/04 , H04W12/08 , H04W12/12
摘要: This disclosure provides a method, performed in a wireless device 60, for obtaining initial access to a network 700, 800 in order to establish a connection to a server 80 connected to the network 700, 800. The wireless device 60 stores a device public key and a device private key. The server 80 stores the device public key. The method comprises transmitting S1 an initial access request to a network node 70 of the network 700, 800 and receiving S2 an authentication request from the network node 70, the authentication request comprising a challenge. The method comprises generating S4 a device authenticator based on the challenge and the device public key, and transmitting S5 an authentication response to the network node 70. The authentication response comprises the device authenticator. The method comprises receiving S6 an initial access response from the network node 70, the initial access response comprising an indicator of whether the initial access is granted or denied.
摘要翻译: 本公开提供了一种在无线设备60中执行的用于获得对网络700,800的初始访问以便建立到连接到网络700,800的服务器80的连接的方法。无线设备60存储设备公钥 和设备私钥。 服务器80存储设备公钥。 该方法包括向网络700,800的网络节点70发送S1初始接入请求,并从网络节点70接收认证请求,认证请求包括挑战。 该方法包括基于挑战和设备公钥产生S4设备认证器,并向网络节点70发送认证响应S5。认证响应包括设备认证器。 该方法包括从网络节点70接收初始接入响应S6,初始接入响应包括是否允许或拒绝初始接入的指示符。
-
公开(公告)号:WO2022167092A1
公开(公告)日:2022-08-11
申请号:PCT/EP2021/052860
申请日:2021-02-05
发明人: STÅHL, Per , SMEETS, Bernard
摘要: There is provided mechanisms for downloading an operational subscription profile to a communication device. A method is performed by the communication device. The communication device has an EID and is provided with a provisioning subscription profile. The method comprises obtaining a temporary PSI for the provisioning subscription profile, wherein the temporary PSI is based on the EID. The method comprises providing, whilst using the provisioning subscription profile, the temporary PSI to a first MNO as part of performing network attachment with the first MNO. The first MNO is selected based on the temporary PSI. The method comprises obtaining, whilst using the provisioning subscription profile and as part of performing network access authentication for the network attachment, an operational PSI from an eSIM server via the first MNO. The method comprises providing, whilst using the provisioning subscription profile, the operational PSI to a second MNO as part of establishing initial network connectivity with the second MNO. The second MNO is selected based on the operational PSI. The method comprises downloading, whilst using the initial network connectivity and the provisioning subscription profile, the operational subscription profile from the eSIM server via the second MNO to the communication device.
-
-
-
-
-
-
-
-
-
搜索结果
21 条记录 (耗时 0.018 秒)
