公开(公告)号：US20250062903A1

公开(公告)日：2025-02-20

申请号：US18802902

申请日：2024-08-13

Applicant: Nokia Technologies Oy

Inventor： Saurabh KHARE ,  German PEINADO GOMEZ ,  Chaitanya AGGARWAL

IPC: H04L9/32 ,  H04L9/30

Abstract: Various examples of embodiments described herein relate to methods and apparatuses for mitigation against access token theft attack in direct and indirect communications in SBA. One such example of an embodiment relates to a method that includes obtaining a first access token request from a network function service consumer, NFc, the first access token request comprising an authentication code of the NFc; authenticate the network function consumer, NFc, based on a check whether the authentication code is signed by the NFc; sending a second access token request to a network authorization entity or function, wherein the second access token request comprises the authentication code of the NFc and the second access token request further comprises a public key of the NFc or a hash of the public key of the NFc; based thereon, receiving an access token from the network authorization entity or function, wherein the access token comprises the public key of the NFc or a hash of the public key of the NFc; and sending a service request to a network function service provider, NFp, wherein the service request comprises the access token and the authentication code of the NFc.

公开(公告)号：US20220321607A1

公开(公告)日：2022-10-06

申请号：US17702887

申请日：2022-03-24

Applicant: Nokia Technologies Oy

Inventor： German PEINADO GOMEZ ,  Anja JERICHOW ,  Chaitanya AGGARWAL

IPC: H04L9/40

Abstract: Techniques for dynamic security management in a communications network are disclosed. For example, a method comprises obtaining, at a network entity in a communication network, security information from one or more other network entities in the communication network. In response to at least a portion of the obtained security information, the method enables, by the network entity, dynamic enforcement within a user plane of the communication network of one or more security policies in accordance with one or more quality-of-service policies to manage one or more behaviors of user equipment.

公开(公告)号：US20230413029A1

公开(公告)日：2023-12-21

申请号：US18337279

申请日：2023-06-19

Applicant: Nokia Technologies Oy

Inventor： Borislava GAJIC ,  German PEINADO GOMEZ ,  Saurabh KHARE ,  Tejas SUBRAMANYA

IPC: H04W8/08 ,  H04W12/121 ,  H04W12/084

CPC classification number: H04W8/08 ,  H04W12/121 ,  H04W12/084

Abstract: Methods and apparatus are disclosed for. A method comprises, collecting information on messages exchanged between a first mobile network and a second mobile network during a time period; and determining a trust indication of the first mobile network at least based on the collected information. The trust indication of the first mobile network indicates a level of trustworthiness of the first mobile network.

公开(公告)号：US20230361989A1

公开(公告)日：2023-11-09

申请号：US18312627

申请日：2023-05-05

Applicant: Nokia Technologies Oy

Inventor： Chaitanya AGGARWAL ,  Saurabh KHARE ,  German PEINADO GOMEZ

IPC: H04L9/08 ,  H04L9/32 ,  G06F21/62

CPC classification number: H04L9/0822 ,  H04L9/3213 ,  G06F21/6209

Abstract: There is provided a method, computer program, and an apparatus for a network function service consumer, that causes the apparatus to perform: retrieving, from a first repository function, protected sensitive data; retrieving, from a second network function, at least one encrypted key; decrypting the retrieved at least one encrypted key using a private key associated with the network function service consumer to obtain a respective at least one key; and performing at least one of: decryption of the protected sensitive data using the at least one key to obtain sensitive data or integrity protected sensitive data; or verification of the integrity of the protected sensitive data using the at least one key.

公开(公告)号：US20230345251A1

公开(公告)日：2023-10-26

申请号：US18179084

申请日：2023-03-06

Applicant: Nokia Technologies Oy

Inventor： Saurabh KHARE ,  German PEINADO GOMEZ ,  Bruno LANDAIS ,  Prashanti DAS

IPC: H04W12/50 ,  H04W76/14

CPC classification number: H04W12/50 ,  H04W76/14

Abstract: Embodiments of the present disclosure relate to method, device and computer readable media for communications. A first device receives, from a second device, a request for establishment of a connection between the first device and the second device. If a first set of security parameters associated with the connection is identical to a second set of security parameters associated with a previous connection which was completed between the first device and the second device, the first device performs the establishment of the connection.

公开(公告)号：US20250055884A1

公开(公告)日：2025-02-13

申请号：US18773669

申请日：2024-07-16

Applicant: Nokia Technologies Oy

Inventor： Divya G NAIR ,  Ranganathan MAVUREDDI DHANASEKARAN ,  Saurabh KHARE ,  Stawros ORKOPOULOS ,  German PEINADO GOMEZ

IPC: H04L9/40 ,  H04L9/08

Abstract: There are provided methods, apparatuses and computer program products for authentication between a movable network entity and a terminal entity. Such provided methods, apparatuses and computer program products may include authentication and/or identification based on sending and/or receiving at least one security parameter and/or at least one authentifier.

公开(公告)号：US20240422533A1

公开(公告)日：2024-12-19

申请号：US18671659

申请日：2024-05-22

Applicant: Nokia Technologies Oy

Inventor： German PEINADO GOMEZ ,  Topuri BRAHMAIAH ,  Mallikarjunudu MAKHAM ,  Sireesha BOMMISETTY ,  Saurabh KHARE ,  Ranganathan MAVUREDDI DHANASEKARAN ,  Chaitanya AGGARWAL

IPC: H04W12/03 ,  H04W12/041

Abstract: There is provided an apparatus, method, and computer program for causing an apparatus for a user equipment to perform: encrypting a digital asset using a first key to form an encrypted digital asset; providing the encrypted digital asset and an index for the encrypted digital asset to a first network function; and providing an identification of the encrypted digital asset to a first entity.

公开(公告)号：US20240292214A1

公开(公告)日：2024-08-29

申请号：US18588870

申请日：2024-02-27

Applicant: Nokia Technologies Oy

Inventor： Suresh P NAIR ,  German PEINADO GOMEZ ,  Bo Holm BJERRUM

IPC: H04W12/06 ,  H04W12/71

CPC classification number: H04W12/06 ,  H04W12/71

Abstract: Techniques are disclosed for verifying user equipment compliance. For example, a method comprises computing, via user equipment, a secure identifier for the user equipment comprising an equipment identifier of the user equipment, and sending the secure identifier comprising the equipment identifier in a request message from the user equipment to a communication network to which the user equipment is attempting to connect. The communication network performs compliance verification for the user equipment based at least in part on the equipment identifier securely received from the user equipment.

公开(公告)号：US20220337597A1

公开(公告)日：2022-10-20

申请号：US17716028

申请日：2022-04-08

Applicant: Nokia Technologies Oy

Inventor： Anja JERICHOW ,  German PEINADO GOMEZ

IPC: H04L9/40

Abstract: An apparatus comprises means for: causing information indicating a first security protocol profile of a first security protocol from a first security node of a first network to be sent from a first security node of a first network to a second security node of a second network, wherein the first security profile has one or more of: a modification policy; a data type policy; and a cipher suite; and causing the first security node to communicate with the second security node in accordance with the first security profile.