公开(公告)号：US20250056219A1

公开(公告)日：2025-02-13

申请号：US18775692

申请日：2024-07-17

Applicant: Nokia Technologies Oy

Inventor： Suresh P NAIR ,  Ranganathan MAVUREDDI DHANASEKARAN

IPC: H04W12/041 ,  H04W12/03 ,  H04W12/0431

Abstract: Negotiating security mechanisms (300) between user equipment and a network. In an embodiment, an access and mobility management function (212) is operatively coupled to user equipment (106). The access and mobility management function comprises a means (1504) for identifying security capabilities of the user equipment in supporting one or more non-access stratum combined integrity and encryption algorithms (1050), a means (1504) for selecting a non-access stratum combined integrity and encryption algorithm from the one or more non-access stratum combined integrity and encryption algorithms to protect non-access stratum signaling, and a means (1502) for sending a non-access stratum security mode command message (2312) to the user equipment indicating the non-access stratum combined integrity and encryption algorithm.

公开(公告)号：US20250055884A1

公开(公告)日：2025-02-13

申请号：US18773669

申请日：2024-07-16

Applicant: Nokia Technologies Oy

Inventor： Divya G NAIR ,  Ranganathan MAVUREDDI DHANASEKARAN ,  Saurabh KHARE ,  Stawros ORKOPOULOS ,  German PEINADO GOMEZ

IPC: H04L9/40 ,  H04L9/08

Abstract: There are provided methods, apparatuses and computer program products for authentication between a movable network entity and a terminal entity. Such provided methods, apparatuses and computer program products may include authentication and/or identification based on sending and/or receiving at least one security parameter and/or at least one authentifier.

公开(公告)号：US20250055678A1

公开(公告)日：2025-02-13

申请号：US18766801

申请日：2024-07-09

Applicant: Nokia Technologies OY

Inventor： Suresh P NAIR ,  Ranganathan MAVUREDDI DHANASEKARAN

IPC: H04L9/08 ,  H04L9/40

Abstract: Security mechanisms (300) between user equipment and a network. In an embodiment, a network (101) is operatively coupled to user equipment (106). A network element (212/1600), when operating as a sender (810) of a sent message (1720) to the user equipment, comprises a means (1504/1606) for identifying a combined integrity and encryption algorithm (1000), a means (1504/1606) for deriving a combined integrity and encryption key (1010) for the combined integrity and encryption algorithm, and a means (1504/1606) for applying the combined integrity and encryption algorithm to the sent message using the combined integrity and encryption key as an input parameter (1002), to provide security protection to the sent message.

公开(公告)号：US20250048113A1

公开(公告)日：2025-02-06

申请号：US18791362

申请日：2024-07-31

Applicant: Nokia Technologies Oy

Inventor： Aritra BANERJEE ,  Ranganathan MAVUREDDI DHANASEKARAN ,  K TIRUMALESWAR REDDY ,  Saurabh KHARE

IPC: H04W12/72 ,  H04L9/30

Abstract: Embodiments of the present disclosure relate to subscription concealed identifier (SUCI) encryption. In an aspect, a terminal device generates a SUCI of the terminal device based on a subscription permanent identifier (SUPI) of the terminal device. The SUCI comprises a SUPI type indicating that both elliptic curve cryptography (ECC) and post quantum cryptography (PQC) are used in the generating of the SUCI. The terminal device further transmits the SUCI to a network device. As such, a SUCI can be defined to comprise a SUPI type indicating that both the ECC and PQC are used in the generating of the SUCI. With the SUCI generated based on both the ECC and PQC, different kinds of cryptanalytic attacks can be avoided.

公开(公告)号：US20250031036A1

公开(公告)日：2025-01-23

申请号：US18779046

申请日：2024-07-21

Applicant: Nokia Technologies Oy

Inventor： K. TIRUMALESWAR REDDY ,  Saurabh KHARE ,  Ranganathan MAVUREDDI DHANASEKARAN

IPC: H04W12/043 ,  H04W12/02 ,  H04W12/06 ,  H04W76/10

Abstract: Systems and methods of sending application metadata to on-path network elements. In an embodiment, a method comprises establishing an application session between an application client (1006) running on user equipment (106) and an application service (1010), identifying application metadata (1810) associated with the application session, formatting a transport protocol packet (1802) with the application metadata, deriving an encryption key (1816) based on keying material (1812), encrypting the application metadata in the transport protocol packet using the encryption key, and sending the transport protocol packet over a user plane network path (1024) comprising one or more on-path network elements (1104).

公开(公告)号：US20240422533A1

公开(公告)日：2024-12-19

申请号：US18671659

申请日：2024-05-22

Applicant: Nokia Technologies Oy

Inventor： German PEINADO GOMEZ ,  Topuri BRAHMAIAH ,  Mallikarjunudu MAKHAM ,  Sireesha BOMMISETTY ,  Saurabh KHARE ,  Ranganathan MAVUREDDI DHANASEKARAN ,  Chaitanya AGGARWAL

IPC: H04W12/03 ,  H04W12/041

Abstract: There is provided an apparatus, method, and computer program for causing an apparatus for a user equipment to perform: encrypting a digital asset using a first key to form an encrypted digital asset; providing the encrypted digital asset and an index for the encrypted digital asset to a first network function; and providing an identification of the encrypted digital asset to a first entity.

公开(公告)号：US20240056804A1

公开(公告)日：2024-02-15

申请号：US18447355

申请日：2023-08-10

Applicant: Nokia Technologies Oy

Inventor： Ranganathan MAVUREDDI DHANASEKARAN ,  Saurabh KHARE ,  Suresh P NAIR

IPC: H04W12/043 ,  H04L9/40

CPC classification number: H04W12/043 ,  H04L63/062

Abstract: There is provided an apparatus comprising means for determining a change of connection at a user equipment from a source access point to a target access point, and means for receiving, from the target access point, an indication that an associated gateway function is the same for the source access point and the target access point. The apparatus also comprising means for generating an access point key based on the received indication from the target access point, and means for securing communications with the target access point using the generated access point key.

公开(公告)号：US20220322487A1

公开(公告)日：2022-10-06

申请号：US17709717

申请日：2022-03-31

Applicant: Nokia Technologies Oy

Inventor： Faranaz SABOURI-SICHANI ,  Nuno Manuel Kiilerich Pratas ,  Liangai JI ,  Berthold fRAZNER ,  Ranganathan MAVUREDDI DHANASEKARAN ,  Panagiotis SPAPIS ,  Daniel Medina

IPC: H04W76/28 ,  H04W72/04

Abstract: Apparatus and method for communication are provided. One or more link identifiers used by a first terminal device are obtained. Information on communication of another terminal device with the first terminal device based on the obtained one or more link identifiers is obtained. Based on the obtained information, it is determined, that the first terminal device is active for communication and transmission to the first terminal device performed based on the determination.

公开(公告)号：US20250150294A1

公开(公告)日：2025-05-08

申请号：US18935244

申请日：2024-11-01

Applicant: Nokia Technologies Oy

Inventor： Rakshesh PRAVINCHANDRA BHATT ,  Ranganathan MAVUREDDI DHANASEKARAN ,  Ranjana Kumari NAVALDE ,  Divya G NAIR ,  Joao Antonio PEREIRA RODRIGUES

IPC: H04L12/14 ,  H04L41/16

Abstract: Techniques are disclosed for managing one or more network functions associated with user equipment data exchange functionalities. While not necessarily limited thereto, disclosed techniques are well suited for implementation for managing charging functions associated with work task offloading for user equipment engaging in split artificial intelligence/machine learning (AIML) model processing in a communication network environment.

公开(公告)号：US20250063354A1

公开(公告)日：2025-02-20

申请号：US18788851

申请日：2024-07-30

Applicant: Nokia Technologies Oy

Inventor： Saurabh KHARE ,  Ranganathan MAVUREDDI DHANASEKARAN

IPC: H04W12/06 ,  H04W8/20 ,  H04W84/04 ,  H04W84/12

Abstract: Various embodiments provide methods and related devices for non-3GPP access authentication. According to one embodiment, a method performed by a user equipment (UE) comprises transmitting, to a wireless access node in a wireless access network, a request message for access authentication comprising a concealed identity of the UE in a decorated network access identifier, NAI, format in which a username of the concealed identity of the UE in a NAI format is concatenated with a visited public land mobile network, VPLMN, identifier of a VPLMN serving the UE.