公开(公告)号：US11652851B2

公开(公告)日：2023-05-16

申请号：US17044347

申请日：2019-04-02

Applicant: Nokia Technologies Oy

Inventor： Nagendra S Bykampadi ,  Uwe Rauschenbach

IPC: H04L9/40 ,  H04W12/106 ,  H04W12/03 ,  H04W12/06 ,  H04W84/04

CPC classification number: H04L63/205 ,  H04L63/0428 ,  H04L63/123 ,  H04W12/03 ,  H04W12/06 ,  H04W12/106 ,  H04W84/042

Abstract: A sending security edge proxy SEPP receives a first message sent by a first network function to a second network function. The first message has a plurality of first message parts including: a request line or a response line; at least one header; and payload. Second message parts are formed from the features and optional sub-features of the first message parts. A security structure defines a required security measure individually for each second message part. The SEPP applies, according to the security structure definition, to each second message part by encrypting; integrity protecting; or modification tracking with integrity protecting; and forms a second message that contains the second message parts; and sends the second message towards the second network function. Corresponding methods, structures, computer programs and a system are disclosed for intermediate nodes and receiving SEPP.

公开(公告)号：US11323502B2

公开(公告)日：2022-05-03

申请号：US16635527

申请日：2017-08-04

Applicant: Nokia Technologies Oy

Inventor： Uwe Rauschenbach ,  Thomas Belling

IPC: G06F15/16 ,  H04L67/02 ,  G06F9/54 ,  H04L67/04 ,  H04L67/01

Abstract: Methods and apparatus, including computer program products, are provided for transport method selection of asynchronous notifications. In some example embodiments, there may be provided a method that includes sending, by a client, a hypertext transfer protocol request for at least one asynchronous notification to be sent by a server to the client, the hypertext transfer protocol request including at least one proposed transport method for carrying the at least one asynchronous notification; determining, by the client, whether a first transport method selected by the server from the at least one proposed transport method is successfully established; and when the determination is that the first transport method is not established successfully, sending, by the client, another hypertext transfer protocol request to the server, the other hypertext transfer protocol request including at least one other proposed transport method. Related systems, methods, and articles of manufacture are also described.

公开(公告)号：US11792163B2

公开(公告)日：2023-10-17

申请号：US17053127

申请日：2019-05-10

Applicant: Nokia Technologies Oy

Inventor： Nagendra S. Bykampadi ,  Uwe Rauschenbach

IPC: H04L9/40 ,  H04L61/45

CPC classification number: H04L63/0281 ,  H04L61/45 ,  H04L63/0428 ,  H04L63/12 ,  H04L63/20

Abstract: In a communication system wherein a first security edge protection proxy (SEPP) element of a first network is operatively coupled to a second SEPP element of a second network, a method includes receiving, at the first SEPP element, a first message from a first network function in the first network addressed to a second network function in the second network, the first message comprising one of a request and a response line comprising a uniform resource identifier (URI) having a plurality of elements. The method also includes forming, at the first SEPP, a second message comprising encrypted and integrity protected portions, the encrypted portion comprising an encryption of at least a subset of the plurality of elements of the URI, the integrity protected portion comprising a structured representation of the URI wherein instances of elements in the subset are replaced with references to the encrypted portion.

公开(公告)号：US20210029177A1

公开(公告)日：2021-01-28

申请号：US17044347

申请日：2019-04-02

Applicant: Nokia Technologies Oy

Inventor： Nagendra S Bykampadi ,  Uwe Rauschenbach

IPC: H04L29/06 ,  H04W12/10 ,  H04W12/06 ,  H04W12/00

Abstract: A sending security edge proxy SEPP receives a first message sent by a first network function to a second network function. The first message has a plurality of first message parts including: a request line or a response line; at least one header; and payload. Second message parts are formed from the features and optional sub-features of the first message parts. A security structure defines a required security measure individually for each second message part. The SEPP applies, according to the security structure definition, to each second message part by encrypting; integrity protecting; or modification tracking with integrity protecting; and forms a second message that contains the second message parts; and sends the second message towards the second network function. Corresponding methods, structures, computer programs and a system are disclosed for intermediate nodes and receiving SEPP.