-
1.发明公开公开(公告)号:US20240031814A1
公开(公告)日:2024-01-25
申请号:US18376241
申请日:2023-10-03
发明人: Noamen BEN HENDA , Monica WIFVESSON
IPC分类号: H04W12/60 , H04W12/106 , H04W8/02 , H04W36/00 , H04W60/04
CPC分类号: H04W12/60 , H04W12/106 , H04W8/02 , H04W36/0038 , H04W60/04
摘要: There is provided a method performed by a network unit, and a corresponding network unit as well as a corresponding wireless communication device, for supporting interworking and/or idle mode mobility between different wireless communication systems, including a higher generation wireless system and a lower generation wireless system, to enable secure communication with the wireless communication device. The method comprises selecting, in connection with a registration procedure and/or a security context activation procedure of the wireless communication device with the higher generation wireless system, at least one security algorithm of the lower generation wireless system, also referred to as lower generation security algorithm(s). The method also comprises sending a control message including information on the selected lower generation security algorithm(s) to the wireless communication device. The method further comprises storing information on the selected lower generation security algorithm(s) in the network unit.
-
2.发明公开公开(公告)号:US20230189134A1
公开(公告)日:2023-06-15
申请号:US18109516
申请日:2023-02-14
IPC分类号: H04W48/18 , H04W36/00 , H04W12/041 , H04W12/043
CPC分类号: H04W48/18 , H04W36/0038 , H04W12/041 , H04W12/043
摘要: There is provided a solution for managing security contexts at idle mode mobility of a wireless communication device between different wireless communication systems including a first wireless communication system and a second wireless communication system. The first wireless communication system is a 5G/NGS system and the second wireless communication system is a 4G/EPS system. The solution is based on obtaining (S1) a 5G/NGS security context, and mapping (S2) the 5G/NGS security context to a 4G/EPS security context.
-
公开(公告)号:US20220377557A1
公开(公告)日:2022-11-24
申请号:US17837918
申请日:2022-06-10
IPC分类号: H04W12/106
摘要: Integrity protection is activated for user plane data transferred between a network node and a terminal device of the cellular communications network. The activation can be initiated by the terminal device sending a request message to a second network node. Thus, a UE, such as a Cellular IoT UE, and a network node such as a SGSN are able to use LLC layer integrity protection for both control plane and user plane data.
-
公开(公告)号:US20220095104A1
公开(公告)日:2022-03-24
申请号:US17422246
申请日:2020-01-20
IPC分类号: H04W12/0433 , H04W12/06
摘要: A method performed by an Authentication and Key Management for Applications security anchor function (AAnF) includes determining that an anchor key associated with a user equipment (UE) is no longer valid and sending, to at least one Authentication and Key Management for Applications application function (AKMA AF) a message that revokes the anchor key.
-
公开(公告)号:US20220070157A1
公开(公告)日:2022-03-03
申请号:US17422767
申请日:2019-01-21
发明人: Noamen BEN HENDA , Monica WIFVESSON
IPC分类号: H04L29/06
摘要: Arrangements for network slice isolation. A method is performed by a terminal device. The method includes determining to shift from accessing a first service using a current network slice to accessing a second service using a target network slice. Network access to the current network slice is handled by a source Access Management Function. Network access to the target network slice is handled by a target Access Management Function. The method includes performing a slice authentication procedure in response thereto. During the authentication procedure a mutual secret is shared between the terminal device and the target Access Management Function. The method includes creating a security context for the target network slice based on the mutual secret. The method includes activating the security context, thereby security isolating the target network slice from the source Access Management Function.
-
6.发明申请公开(公告)号:US20200178076A1
公开(公告)日:2020-06-04
申请号:US16631560
申请日:2017-07-28
摘要: A method may be provided at a wireless terminal to support communications with a network node of a wireless communication network. An IKE SA may be initiated to establish a NAS connection between the wireless terminal and the network node through a non-3GPP access network and a non-3GPP interworking function network node. After initiating the IKE SA, an IKE authorization request may be transmitted through the non-3GPP access network to the N3IWF network node, with the IKE authorization request including an identifier of the wireless terminal. An access network key may be derived for the NAS connection through the non-3GPP access network at the wireless terminal, with the access network key being derived based on a NAS count for the wireless terminal and an anchor key. An IKE authorization response corresponding to the IKE authorization request may be received.
-
公开(公告)号:US20190037395A1
公开(公告)日:2019-01-31
申请号:US16072483
申请日:2016-11-25
发明人: Vesa LEHTOVIRTA , Noamen BEN HENDA , Lars-Bertil OLSSON , Paul SCHLIWA-BERTLING , Magnus STATTIN , Vesa TORVINEN , Monica WIFVESSON
摘要: A basestation in a cellular communications network is operable to send a message to a Mobility Management Entity, relating to a suspension or resumption of a connection of a UE, wherein the message contains key renewal information. The Mobility Management Entity receives the message, and determines whether a key renewal condition is met. If the key renewal condition is met, the MME forwards a new NH, NCC pair to the base station. If a message received from the MME includes a NH, NCC pair, the basestation derives keying information using the NH, NCC pair for future use in deriving keys.
-
8.发明公开公开(公告)号:US20240259792A1
公开(公告)日:2024-08-01
申请号:US18632571
申请日:2024-04-11
IPC分类号: H04W12/00 , H04L9/40 , H04W12/03 , H04W12/033 , H04W12/10 , H04W12/106 , H04W76/10
CPC分类号: H04W12/009 , H04L63/205 , H04W12/03 , H04W12/033 , H04W12/10 , H04W12/106 , H04W76/10
摘要: A UE configured to perform a process that includes transmitting, via a RAN node, a Protocol Data Unit (PDU) Session Establishment Request message toward a Session Management Function (SMF). The process also includes, after transmitting the PDU Session Establishment Request message, the UE receiving from the RAN node a Radio Resource Control (RRC) Connection Reconfiguration message comprising: i) a PDU session identifier (ID) identifying a PDU session, ii) a PDU Session Establishment Accept message generated by the SMF, and iii) indications for the activation of user plane (UP) integrity protection and ciphering for each data radio bearer (DRB) belonging to the PDU session according to a security policy received by the RAN node.
-
9.发明公开公开(公告)号:US20240073686A1
公开(公告)日:2024-02-29
申请号:US18503551
申请日:2023-11-07
IPC分类号: H04W12/06 , H04L9/40 , H04W12/0471 , H04W12/10
CPC分类号: H04W12/06 , H04L63/12 , H04W12/0471 , H04W12/10
摘要: A method may be provided at a wireless terminal to support communications with a network node of a wireless communication network. An IKE SA may be initiated to establish a NAS connection between the wireless terminal and the network node through a non-3GPP access network and a non-3GPP interworking function network node. After initiating the IKE SA, an IKE authorization request may be transmitted through the non-3GPP access network to the N3IWF network node, with the IKE authorization request including an identifier of the wireless terminal. An access network key may be derived for the NAS connection through the non-3GPP access network at the wireless terminal, with the access network key being derived based on a NAS count for the wireless terminal and an anchor key. An IKE authorization response corresponding to the IKE authorization request may be received.
-
10.发明公开公开(公告)号:US20230224700A1
公开(公告)日:2023-07-13
申请号:US18122814
申请日:2023-03-17
摘要: A network node configured to perform a process that includes receiving a PDU Session Establishment Request message for establishing a PDU session, wherein the PDU Session Establishment Request message was transmitted by a UE and includes a PDU session ID. The process also includes communicating a Session Management (SM) Request comprising the PDU Session Establishment Request to an SMF. The process also includes receiving from the SMF a message that includes: i) the PDU Session ID identifying the PDU session, ii) a PDU Session Establishment Accept message, and iii) a user plane (UP) security policy for the PDU session, wherein the UP security policy for the PDU session indicates: i) whether UP confidentiality protection shall be activated or not for all data radio bearers (DRBs) belonging to the PDU session, and/or ii) whether UP integrity protection shall be activated or not for all data radio bearers (DRBs) belonging to the PDU session.
-
-
-
-
-
-
-
-
-
搜索结果
46 条记录 (耗时 0.023 秒)
