公开(公告)号：US20230068651A1

公开(公告)日：2023-03-02

申请号：US17462319

申请日：2021-08-31

Applicant: Nokia Technologies Oy

Inventor： Dario Bega ,  Gerald Kunzmann ,  Chaitanya Aggarwal

IPC: H04W24/08 ,  H04L12/24 ,  H04W24/02

Abstract: Techniques for detection of abnormal network function service usage in a communication network are disclosed. For example, a method comprises obtaining, at a first network entity, one or more service requests previously received by a second network entity for a service which the second network entity is configured to provide in a communication network. The method further comprises obtaining, at the first network entity, an analysis of the one or more service requests previously received by the second network entity for the service. The method further comprises obtaining, at the first network entity, an expected service usage for the service from the analysis of the one or more service requests. The method may then compare incoming service requests to the expected service usage to detect a given condition, e.g., an abnormal condition, so that at least one action can be taken.

公开(公告)号：US12206671B2

公开(公告)日：2025-01-21

申请号：US17737576

申请日：2022-05-05

Applicant: Nokia Technologies Oy

Inventor： Gerald Kunzmann ,  Saurabh Khare ,  Chaitanya Aggarwal

IPC: H04L9/40

Abstract: Techniques for data management in a network entity to authorize data consumers in a communication network are disclosed. For example, a method comprises receiving, at a network entity of a communication network, data generated by a data producer in the communication network, and storing, at the network entity, the data generated by the data producer. The stored data has metadata, associated with the data producer, appended thereto.

公开(公告)号：US12126658B2

公开(公告)日：2024-10-22

申请号：US17702887

申请日：2022-03-24

Applicant: Nokia Technologies Oy

Inventor： German Peinado Gomez ,  Anja Jerichow ,  Chaitanya Aggarwal

IPC: H04L9/40

CPC classification number: H04L63/205

Abstract: Techniques for dynamic security management in a communications network are disclosed. For example, a method comprises obtaining, at a network entity in a communication network, security information from one or more other network entities in the communication network. In response to at least a portion of the obtained security information, the method enables, by the network entity, dynamic enforcement within a user plane of the communication network of one or more security policies in accordance with one or more quality-of-service policies to manage one or more behaviors of user equipment.

公开(公告)号：US12052143B2

公开(公告)日：2024-07-30

申请号：US18040087

申请日：2020-08-05

Applicant: Nokia Technologies Oy

Inventor： Anja Jerichow ,  Chaitanya Aggarwal ,  Jing Ping ,  Iris Adam ,  Konstantinos Samdanis ,  Yannick Lair

IPC: H04L41/14 ,  H04L43/04

CPC classification number: H04L41/14 ,  H04L43/04

Abstract: Example embodiments of the present disclosure relate to devices, methods and computer readable storage media for service provisioning to facilitate analysis of a service from a network function (NF). In example embodiments, one or more logs are received from at least one of a first NF, a network repository function (NRF) and a service communication proxy (SCP). The one or more logs are associated with a service from a second NF. Further, analysis of provision of the service from the second NF is facilitated based on the one or more logs.

公开(公告)号：US12041455B2

公开(公告)日：2024-07-16

申请号：US17514120

申请日：2021-10-29

Applicant: Nokia Technologies Oy

Inventor： Shubhranshu Singh ,  Chaitanya Aggarwal ,  Saurabh Khare ,  Konstantinos Samdanis ,  Gerald Kunzmann

IPC: H04W12/12 ,  H04W12/122 ,  H04W12/128

CPC classification number: H04W12/122 ,  H04W12/128

Abstract: According to an example aspect of the present invention, there is provided a method comprising, determining, by an apparatus configured to operate as a network function a cellular communication system, at least two disjoint network paths, wherein the at least two disjoint network paths are different paths, and comprise different physical resources, transmitting, by the apparatus, a subscription request to an analytics function of the cellular communication system, to request notifications about attacks or risks of attacks on at least one network function on at least one of the at least two disjoint network paths, receiving from the analytics function, by the apparatus, information about at least one compromised network entity and/or at least one network entity having a risk of being compromised on said at least one of the at least two disjoint network paths and performing, by the apparatus, attack mitigation based on said information.

公开(公告)号：US20230136287A1

公开(公告)日：2023-05-04

申请号：US17514120

申请日：2021-10-29

Applicant: Nokia Technologies Oy

Inventor： Shubhranshu Singh ,  Chaitanya Aggarwal ,  Saurabh Khare ,  Konstantinos Samdanis ,  Gerald Kunzmann

IPC: H04W12/122 ,  H04W12/128

Abstract: According to an example aspect of the present invention, there is provided a method comprising, determining, by an apparatus configured to operate as a network function a cellular communication system, at least two disjoint network paths, wherein the at least two disjoint network paths are different paths, and comprise different physical resources, transmitting, by the apparatus, a subscription request to an analytics function of the cellular communication system, to request notifications about attacks or risks of attacks on at least one network function on at least one of the at least two disjoint network paths, receiving from the analytics function, by the apparatus, information about at least one compromised network entity and/or at least one network entity having a risk of being compromised on said at least one of the at least two disjoint network paths and performing, by the apparatus, attack mitigation based on said information.

公开(公告)号：US20230030315A1

公开(公告)日：2023-02-02

申请号：US17875438

申请日：2022-07-28

Applicant: Nokia Technologies Oy

Inventor： Saurabh KHARE ,  Chaitanya Aggarwal ,  Anja Jerichow ,  Georgios Gkellas

IPC: H04L9/32 ,  H04L61/4511

Abstract: According to an example aspect of the present invention, there is provided an apparatus configured to function as a network function repository, and transmit to a network function consumer an access token authorizing access to a service provided by a network function producer, the access token comprising an at least one of: indication of a fully qualified domain name of the network function consumer, an indication of a domain from which access to the network function producer is allowed and an indication of a stand-alone non-public network from which access to the network function producer is allowed.