公开(公告)号：US20230413046A1

公开(公告)日：2023-12-21

申请号：US18334794

申请日：2023-06-14

Applicant: Nokia Technologies Oy

Inventor： Peter SCHNEIDER ,  Markus STAUFER ,  Ranganathan MAVUREDDI DHANASEKARAN

IPC: H04W12/06 ,  H04W40/22 ,  H04W12/08 ,  H04W12/033

CPC classification number: H04W12/06 ,  H04W12/033 ,  H04W12/08 ,  H04W40/22

Abstract: According to an example aspect of the present invention, there is provided an apparatus, such as a user equipment, configured to transmit to a cellular core network a request to open a protocol session to an external network which is external to the cellular core network, the request being configured to cause the cellular core network to transmit to the external network, or to receive from the external network, a code associated with a subscription of the apparatus, forward at least one authentication request originating in the external network to a node connected with the apparatus, via a local connection, and forward at least one authentication response from the node to the external network via the cellular core network, and relay packets comprised in the protocol session between the node and the external network without participating in the protocol session as an endpoint.

公开(公告)号：US20240056805A1

公开(公告)日：2024-02-15

申请号：US18447341

申请日：2023-08-10

Applicant: Nokia Technologies Oy

Inventor： Markus STAUFER ,  Peter SCHNEIDER ,  Ranganathan MAVUREDDI DHANASEKARAN ,  Saurabh KHARE

IPC: H04W12/0431 ,  H04W12/069 ,  H04W12/03

CPC classification number: H04W12/0431 ,  H04W12/069 ,  H04W12/03

Abstract: A method is disclosed comprising: establishing an encrypted session with an application function based on a certificate; receiving a request for an application key from the application function using the encrypted session, wherein the request comprises a key identifier relating to a user device and an application function identifier; determining at least one response to the request for the application key from a set of possible responses, the set comprising at least a rejection and a message comprising the application key and a user device identifier; and transmitting the at least one response to the request for the application key to the application function. Furthermore, related methods, apparatuses, computer programs and systems are disclosed.

公开(公告)号：US20240056302A1

公开(公告)日：2024-02-15

申请号：US18447098

申请日：2023-08-09

Applicant: Nokia Technologies Oy

Inventor： Markus STAUFER ,  Peter SCHNEIDER ,  Ranganathan MAVUREDDI DHANASEKARAN

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/321 ,  H04L9/0819

Abstract: There is provided an apparatus, method and computer program for causing a first apparatus to: obtain an identifier of a cryptographic key according to a first security communication protocol; signal, to a second apparatus, a first authentication request according to a second security communication protocol, the first authentication request comprising the identifier of the cryptographic key and a first verifying information according to a second security communication protocol, wherein the first verifying information comprises a first value calculated using the cryptographic key; receive, from the second apparatus, an authentication response according to the second security communication protocol, the authentication response comprising a second verifying information according to the second security communication protocol, wherein the second verifying information comprises a second value; and verify the second apparatus for the second security communication protocol using the second value and the cryptographic key.

公开(公告)号：US20220264296A1

公开(公告)日：2022-08-18

申请号：US17674640

申请日：2022-02-17

Applicant: Nokia Technologies Oy

Inventor： Markus STAUFER ,  Bo Holm BJERRUM

IPC: H04W12/06 ,  H04W12/041 ,  H04W12/72

Abstract: According to an example aspect of the present invention, there is provided an apparatus comprising at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to transmit, by a user equipment, a concealed identifier of the user equipment to an onboarding network, wherein the concealed identifier of the user equipment indicates that the user equipment is requesting unauthenticated access to the onboarding network and execute, by the user equipment, a key generating authentication protocol to access the onboarding network without performing authentication of the user equipment.