公开(公告)号：US20230052658A1

公开(公告)日：2023-02-16

申请号：US17817489

申请日：2022-08-04

Applicant: Nokia Technologies Oy

Inventor： Saurabh KHARE ,  Bruno LANDAIS ,  Anja JERICHOW

IPC: H04W48/16

Abstract: The disclosure relates to a first apparatus comprising at least one processor and at least one memory including computer code for one or more programs, the at least one memory and the computer code configured, with the at least one processor, to cause the apparatus at least to: send (500), to a second apparatus, a request comprising information indicating a list of public land mobile network identifiers identifying a first public land mobile network supported by the first apparatus, and information to derive a second public land mobile network supported by the second apparatus; and receive (502), from the second apparatus, a response comprising information indicating a list of public land mobile network identifiers identifying the second public land mobile network supported by the second apparatus.

公开(公告)号：US20220321607A1

公开(公告)日：2022-10-06

申请号：US17702887

申请日：2022-03-24

Applicant: Nokia Technologies Oy

Inventor： German PEINADO GOMEZ ,  Anja JERICHOW ,  Chaitanya AGGARWAL

IPC: H04L9/40

Abstract: Techniques for dynamic security management in a communications network are disclosed. For example, a method comprises obtaining, at a network entity in a communication network, security information from one or more other network entities in the communication network. In response to at least a portion of the obtained security information, the method enables, by the network entity, dynamic enforcement within a user plane of the communication network of one or more security policies in accordance with one or more quality-of-service policies to manage one or more behaviors of user equipment.

公开(公告)号：US20220116400A1

公开(公告)日：2022-04-14

申请号：US17494930

申请日：2021-10-06

Applicant: Nokia Technologies Oy

Inventor： Saurabh KHARE ,  Colin KAHN ,  Georgios GKELLAS ,  Yannick LAIR ,  Anja JERICHOW ,  Chaitanya AGGARWAL

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/08

Abstract: According to an example aspect of the present invention, there is provided a method comprising, receiving, by an intermediary network function, a subscription request from a network function consumer requesting data of a network function producer, wherein the subscription request comprises a client credential assertion of the network function consumer and an access token, authorizing and authenticating, by the intermediary network function, the network function consumer upon successful validation of the access token and the client credential assertion validation and transmitting, by the intermediary network function, an access token request to an authorization server to get another access token, wherein said another access token is to be used to validate the network function consumer to access services of the network function producer, and the access token request comprises the client credential assertion of the network function consumer requesting data of the network function producer.

公开(公告)号：US20250126466A1

公开(公告)日：2025-04-17

申请号：US18816720

申请日：2024-08-27

Applicant: Nokia Technologies Oy

Inventor： Anja JERICHOW ,  Horst Thomas Belling ,  Bruno Landais

IPC: H04W12/037 ,  H04W24/08

Abstract: There are provided measures for error message generation and processing. Such measures exemplarily comprise, at a first network entity associated with a first network roaming interconnected with a second network, receiving a message indicative of a roaming service related error, wherein said message includes first error cause information related to said roaming service related error and addressed to said first network entity, and deciding on further handling of said message based on said first error cause information.

公开(公告)号：US20240147244A1

公开(公告)日：2024-05-02

申请号：US18405341

申请日：2024-01-05

Applicant: NOKIA TECHNOLOGIES OY

Inventor： Suresh NAIR ,  Anja JERICHOW ,  Nagendra S BYKAMPADI ,  Dimitrios SCHOINIANAKIS

IPC: H04W12/72 ,  H04L9/30 ,  H04W12/041 ,  H04W12/06

CPC classification number: H04W12/72 ,  H04L9/3073 ,  H04W12/041 ,  H04W12/06

Abstract: A user equipment in a communication system, a unified subscription identifier data structure is constructed. The unified subscription identifier data structure includes a plurality of fields that specify information for a selected one of two or more subscription identifier types and selectable parameters associated with the selected subscription identifier type, and wherein the information in the unified subscription identifier data structure is useable by the user equipment to access one or more networks associated with the communication system based on an authentication scenario corresponding to the selected subscription identifier type. For example, during different authentication scenarios, the user equipment utilizes the unified subscription identifier data structure to provide the appropriate subscription identifier (e.g., SUPI, SUCI or IMSI) and associated parameters for a given authentication scenario.

公开(公告)号：US20230275810A1

公开(公告)日：2023-08-31

申请号：US18040087

申请日：2020-08-05

Applicant: Nokia Technologies Oy

Inventor： Anja JERICHOW ,  Chaitanya AGGARWAL ,  Jing PING ,  Iris ADAM ,  Konstantinos SAMDANIS ,  Yannick LAIR

IPC: H04L41/14 ,  H04L43/04

CPC classification number: H04L41/14 ,  H04L43/04

Abstract: Example embodiments of the present disclosure relate to devices, methods and computer readable storage media for service provisioning to facilitate analysis of a service from a network function (NF). In example embodiments, one or more logs are received from at least one of a first NF, a network repository function (NRF) and a service communication proxy (SCP). The one or more logs are associated with a service from a second NF. Further, analysis of provision of the service from the second NF is facilitated based on the one or more logs.

公开(公告)号：US20220360586A1

公开(公告)日：2022-11-10

申请号：US17736622

申请日：2022-05-04

Applicant: Nokia Technologies Oy

Inventor： Chaitanya AGGARWAL ,  Suresh NAIR ,  Saurabh KHARE ,  Anja JERICHOW ,  Laurent THIEBAUT

IPC: H04L9/40 ,  H04W48/16

Abstract: There is provided a method, apparatus and computer program product for causing a network repository function to perform: receiving, from a network function service consumer, an access request for an access authorization token, the request comprising a first identification of the network function service consumer and a first identification of at least one network slice on which access is requested; generating an access token in response to the request, the access token comprising at least one network slice identifier for the at least one network slice identified by the first identification; and providing the generated access token to the network function in response to the request for an access authorization token.

公开(公告)号：US20220217539A1

公开(公告)日：2022-07-07

申请号：US17568144

申请日：2022-01-04

Applicant: Nokia Technologies Oy

Inventor： Saurabh KHARE ,  Chaitanya AGGARWAL ,  Anja JERICHOW ,  Gerald KUNZMANN

IPC: H04W12/084 ,  H04W12/02 ,  H04W12/082 ,  H04W12/60 ,  H04W8/18

Abstract: According to an example aspect of the present invention, there is provided an apparatus comprising means for receiving, by a network function configured to provide centralized user consent authorization in a cellular communication system, a user consent authorization request from a logical network entity, wherein the user consent authorization request comprises an identity of at least one user equipment whose user consent is requested by the logical network entity, the logical network entity being a network function service consumer or an application function, means for retrieving user consent information concerning the at least one user equipment whose user consent is requested by the logical network entity, wherein said user consent information indicates individually whether the logical network entity is authorized to access data related to each of the at least one user equipment, means for determining, based on said user consent information, whether the logical network entity is authorized to access data related to each of the at least one user equipment and means for transmitting, based on said determination, a response signed by the network function to the logical network entity.

公开(公告)号：US20220191028A1

公开(公告)日：2022-06-16

申请号：US17550549

申请日：2021-12-14

Applicant: Nokia Technologies Oy

Inventor： Chaitanya AGGARWAL ,  Anja JERICHOW ,  Saurabh KHARE

IPC: H04L9/32

Abstract: According to an example aspect of the present invention, there is provided an apparatus configured at least to: receive, from a service communication proxy, a request for an access token which authorizes access to a service at a network function provider, transmit an authorization token to the service communication proxy, the authorization token being specific to the request, and provide the access token to the service communication proxy responsive to determining that a cryptographic signature of a network function consumer on a signed version of the authorization token, received in the apparatus from the service communication proxy, is correct. The apparatus may work in a network serving user equipments, for example.

公开(公告)号：US20210360393A1

公开(公告)日：2021-11-18

申请号：US17045965

申请日：2019-04-08

Applicant: Nokia Technologies Oy

Inventor： Suresh NAIR ,  Anja JERICHOW ,  Nagendra S BYKAMPADI

IPC: H04W12/00 ,  H04W12/106 ,  H04W8/12

Abstract: A method, apparatus and computer program product may be provided for signaling-based remote provisioning and updating of protection policy information in a SEPP of a visited network. A method may include obtaining, at a home network node (hSEPP), protection policy information from a local repository in a home network or via configuration. The hSEPP is a network node at a boundary of the home netowork, and the home network is a public land mobile network (hPLMN). The method includes distributing, via a signaling interface, the protection policy information to a visited network node (vSEPP) within a visited network (vPLMN). The vSEPP is a network node at a boundary of a second network. The protection policy information includes information regarding protection of signaling messages addressed for network functions (NFs) hosted in the hPLMN and is configured for enabling the vSEPP to selectively protect outgoing messages to hSEPP in the home network.