-
公开(公告)号:US20230148302A1
公开(公告)日:2023-05-11
申请号:US17799545
申请日:2020-02-14
发明人: Jing PING , Iris ADAM , Anatoly ANDRIANOV , Xiaoguang ZHAO
IPC分类号: H04W16/10
摘要: A method for network isolation management is described. The method includes assigning or creating one or more isolation groups for at least one service, wherein resources of services assigned in an isolation group are shared with or without isolation; wherein an isolation group is defined for at least one resource in each layer and each domain to gather the at least one resource of the at least one service; linking an isolation profile for each of the one or more isolation groups, wherein the isolation profile comprises at least one policy to protect the at least one resource of the one or more isolation groups, and wherein the isolation profile comprises at least an isolation level to define a type of isolation; and allocating or reallocating the at least one resource to the at least one service based on the isolation profile linked to the one or more isolation groups.
-
公开(公告)号:US20230275810A1
公开(公告)日:2023-08-31
申请号:US18040087
申请日:2020-08-05
发明人: Anja JERICHOW , Chaitanya AGGARWAL , Jing PING , Iris ADAM , Konstantinos SAMDANIS , Yannick LAIR
摘要: Example embodiments of the present disclosure relate to devices, methods and computer readable storage media for service provisioning to facilitate analysis of a service from a network function (NF). In example embodiments, one or more logs are received from at least one of a first NF, a network repository function (NRF) and a service communication proxy (SCP). The one or more logs are associated with a service from a second NF. Further, analysis of provision of the service from the second NF is facilitated based on the one or more logs.
-
公开(公告)号:US20230179638A1
公开(公告)日:2023-06-08
申请号:US17923722
申请日:2020-05-06
发明人: Zhiyuan HU , Jing PING , Iris ADAM , Zhigang LUO
IPC分类号: H04L9/40 , H04L41/5051 , H04L41/40
CPC分类号: H04L63/205 , H04L41/5051 , H04L41/40 , H04L63/0209
摘要: Methods and apparatus are disclosed for preventing network attacks in a network slice. A method may comprise: obtaining security requirements of a network slice instance; determining respective security policy to be applied to each of a plurality of constituent network slice subnet instances of the network slice instance based on the security requirements of the network slice instance; and causing each of the plurality of constituent network slice subnet instances to be provided with one ore more security function instances configured according to respective determined security policy. The method can be performed in a network slice layer.
-
公开(公告)号:US20240236733A1
公开(公告)日:2024-07-11
申请号:US18559668
申请日:2021-05-21
IPC分类号: H04W24/08
CPC分类号: H04W24/08
摘要: There is disclosed an apparatus comprising means for performing: obtaining data associated with network slice isolation performance: generating analytics information based on the data: and sending the analytics information.
-
公开(公告)号:US20230362199A1
公开(公告)日:2023-11-09
申请号:US18246707
申请日:2020-10-09
CPC分类号: H04L63/20 , H04W12/08 , H04L63/102
摘要: Example embodiments of the present disclosure relate to dynamic authorization. According to embodiments of the present disclosure, a solution for dynamic access control to data is proposed. On receiving data registration from a data source, a first device checks the data types to be produced by the data source and adds policies for the data or updates existing policies for the data according to its property. It also serves as access control decision point to determine consumers' access rights based on centrally managed policies. Authorization for data access is granted/denied according to local attributes/policies. In this way, it achieves a dynamic, context-aware and risk-intelligent access control to different kind of data from various data sources (i.e., service producers).
-
公开(公告)号:US20230413052A1
公开(公告)日:2023-12-21
申请号:US18337194
申请日:2023-06-19
发明人: Chaitanya AGGARWAL , Saurabh KHARE , Gerald KUNZMANN , Iris ADAM
IPC分类号: H04W12/082 , H04W12/084
CPC分类号: H04W12/082 , H04W12/084
摘要: Example embodiments of the present disclosure relate to access token revocation in security management. In an example method, in response to providing, to a second device, an access token for the second device to access a NF service from a third device, a first device stores a mapping indicating an association among the access token, the second device and the third device. In response to determining that the second device is abnormal, the first device sends, to at least one target device based on the mapping, an indication of revoking the access token. In this way, at least one target device associated with revoked access token can be informed and potential damage caused by the abnormal NF can be eliminated.
-
公开(公告)号:US20220263826A1
公开(公告)日:2022-08-18
申请号:US17621971
申请日:2019-06-24
发明人: Jing PING , Iris ADAM , Anatoly ANDRIANOV
IPC分类号: H04L9/40
摘要: A credential manager imports credentials for a network slice in response to deployment of the network slice. The credentials are not known to other network slices. A repository is configured to store the credentials and protect the credentials based on credential protection policies that are defined by a service profile of the network slice. The repository is implemented in the credential manager, an authentication, authorization, and accounting (AAA) server, or other location. Properties of the credentials are modified in response to a modification trigger and the credentials are withdrawn in response to a withdrawal trigger.
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.014 秒)
