公开(公告)号：US20240348611A1

公开(公告)日：2024-10-17

申请号：US18506960

申请日：2023-11-10

Applicant: Nomadix, Inc.

Inventor： Vadim OLSHANSKY

IPC: H04L9/40

CPC classification number: H04L63/0892 ,  H04L63/0876 ,  H04L63/102 ,  H04L63/107

Abstract: Generally described, the presently disclosed technology utilizes durable and non-durable identifiers of a user device to authenticate the user device and cause the user device to be directed to a network intercept portal or captive portal to the user device based on whether additional user input is needed from the user device. A cloud network management server may identify a user device based on a previously stored association between a durable identifier associated with the user device and a non-durable identifier associated with the user device. In response to an indication from the cloud network management server that additional input is needed, a gateway or network management device can indicate to the access point that network access has been granted to the user device, but redirect the user device to network intercept portal or captive portal to obtain the additional user input requested by the cloud network management server.

公开(公告)号：US12107833B2

公开(公告)日：2024-10-01

申请号：US17841065

申请日：2022-06-15

Applicant: Charter Communications Operating, LLC

Inventor： Colin Holm ,  Jonathan Svede ,  Aathilingam Sivalingam ,  Andrew Lenoir ,  Hayley Armstrong ,  Kar Yen Dick

IPC: H04L9/40 ,  H04L67/133

CPC classification number: H04L63/0281 ,  H04L63/0892 ,  H04L67/133

Abstract: Methods and systems for a configurable proxying application program interface (API) façade service. A method for using a proxying API façade service includes, for each proxying API façade, selecting exposed endpoint(s) associated with proxy subject API(s), each selected exposed endpoint corresponding to a mapped proxy endpoint in a proxying API façade, selecting one or more components, setting one or more rights and policies, storing one or more mapped proxy endpoints, the one or more components, and the one or more rights and policies as proxying API façade configuration data in an externalized configuration store, generating each proxying API façade by loading a corresponding proxying API façade configuration data from the externalized configuration store, and integrating a proxy client of each proxying API façade with a credential management server, the credential management server configured to authenticate access to a proxy subject API by a proxy client responsive to a client request.

公开(公告)号：US12028341B2

公开(公告)日：2024-07-02

申请号：US18088236

申请日：2022-12-23

Applicant: Lenovo (Singapore) Pte. Ltd.

Inventor： Andreas Kunz ,  Genadi Velev

IPC: H04L9/40 ,  H04L69/329 ,  H04W4/50 ,  H04W12/06 ,  H04W60/00

CPC classification number: H04L63/0892 ,  H04L69/329 ,  H04W4/50 ,  H04W12/06 ,  H04W60/00

Abstract: Apparatuses, methods, and systems are disclosed for network slice authentication. One method includes receiving a registration request message associated with a UE and determining an authentication requirement for a network slice based at least in part on the received registration request. The method includes transmitting an authentication request to a network entity based at least in part on the determined authentication requirement for the network slice and receiving an authentication response from the network entity based at least in part on the transmitted authentication request. The method includes determining, based at least in part on the received authentication response, whether to include the network slice within a set of allowed NSSAI and transmitting a registration accept message comprising the allowed NSSAI.

公开(公告)号：US12022284B2

公开(公告)日：2024-06-25

申请号：US17947856

申请日：2022-09-19

Applicant: T-Mobile Innovations LLC

Inventor： Maksym Siryy

IPC: H04W12/06 ,  H04L9/40 ,  H04W4/50 ,  H04W12/08

CPC classification number: H04W12/06 ,  H04L63/0892 ,  H04W4/50 ,  H04W12/08 ,  H04L2209/80

Abstract: A user equipment and wireless provisioning method and system associated with a first wireless network are provided. The wireless provisioning system includes a processor, a network interface in communication with the first wireless network, and a non-transitory memory storing a first set and a second set of information of a profile related to operation of a UE on a second wireless network. The processor transmits the first set of information to the UE for provisioning to the UE files associated with authorization and authentication of the UE on the second wireless network. The processor validates that the first set of information was provisioned to the UE and transmits the second set of information to the UE for provisioning to the UE pointer updates for updating pointers on the UE to point to the first set of information. The processor transmits an instruction for the UE to reboot.

公开(公告)号：US12021854B2

公开(公告)日：2024-06-25

申请号：US18061948

申请日：2022-12-05

Applicant: Plaid Inc.

Inventor： William Hockey ,  Michael Kelly

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/40 ,  G06Q20/38 ,  H04W12/06 ,  H04W12/082

CPC classification number: H04L63/0807 ,  H04L9/3213 ,  H04L9/3228 ,  G06Q20/385 ,  H04L63/0892 ,  H04L2463/102 ,  H04W12/06 ,  H04W12/082

Abstract: A permissions management system is disclosed for enabling a user to securely authorize a third-party system to access user account data and initiate transactions related to a user account, without disclosing to the third-party system account credentials. The system enables the user to also securely de-authorize the third-party system. For example, records may be automatically generated that securely store account information, including one or more permissions related to the account and/or the third-party. A token associated with a record may be shared with the third-party system, but neither the record itself, nor the user account credentials, may be shared with the third-party. Accordingly, the third-party may request user account data and/or initiate transactions by providing the token, but does not itself know, e.g., the user account credentials. Further, the user may set various permissions related to the token, and may also revoke the token (e.g., de-authorize the third-party), thus providing increased security to the user's account.

公开(公告)号：US11997091B2

公开(公告)日：2024-05-28

申请号：US17684701

申请日：2022-03-02

Applicant: Telefonaktiebolaget LM Ericsson (publ)

Inventor： Chunbo Wang ,  Daniel Nilsson ,  Stefan Rommer

IPC: H04L9/40 ,  H04W12/062 ,  H04W36/14 ,  H04W88/16 ,  H04W8/04 ,  H04W8/06

CPC classification number: H04L63/0892 ,  H04L63/0884 ,  H04W12/062 ,  H04W36/14 ,  H04W88/16 ,  H04W8/04 ,  H04W8/06

Abstract: A method performed by a PGW for handling a UEs access to an EPC service via a non-3GPP access network. During a request for connecting the UE to the non-3GPP access network, the PGW receives identity information which indicates an identity of an AAA node from a non-3GPP access gateway. The PGW selects the AAA node which was indicated in the received identity information. The PGW transmits, to the selected AAA node, a request message for the UE. The request message is a request for authorization of the UE to access the EPC service via the non-3GPP access network.

公开(公告)号：US20240163665A1

公开(公告)日：2024-05-16

申请号：US18282430

申请日：2022-03-17

Applicant: Samsung Electronics Co., Ltd.

Inventor： Ashok Kumar NAYAK ,  Rajavelsamy RAJADURAI ,  Varini GUPTA ,  Hoyeon LEE

IPC: H04W12/06 ,  H04L9/40 ,  H04W12/088

CPC classification number: H04W12/06 ,  H04L63/0892 ,  H04W12/088

Abstract: A method for performing a Network Slice Specific Authentication Authorization (NSSAA) procedure for a network slice is disclosed. The method includes performing, by a Network Slice Specific Authentication and Authorization Function (NSSAAF), an NSSAA procedure through a first Access and Mobility Management Function (AMF) selected amongst the first AMF and a second AMF. The method includes determining, by the NSSAAF whether the NS SAA procedure through the first AMF is successful or not. The method includes performing by the NSSAAF, one of skipping the NSSAA procedure for the second AMF in response to determining that the NSSAA procedure is successful for the first AMF transmitting a message to the second AMF for deleting Network Slice Selection Assistance Information (NSSAI) related to the network slice from an allowed list of network slices in response to determining that the NSSAA procedure is unsuccessful for the first AMF.

公开(公告)号：US20240137761A1

公开(公告)日：2024-04-25

申请号：US18501098

申请日：2023-11-02

Applicant: ZTE CORPORATION

Inventor： Menghan WANG ,  Shuang LIANG ,  Jinguo ZHU

IPC: H04W12/06 ,  H04L9/40 ,  H04W48/18

CPC classification number: H04W12/06 ,  H04L63/0892 ,  H04W48/18

Abstract: Method, device, and computer program product for wireless communication are provided. A method includes receiving, by an access and mobility management node, information of a network slice maximum bit rate for a wireless communication terminal authorized by an Authentication, Authorization, and Accounting-Server, AAA-S, from a network slice specific authentication and authorization node.

公开(公告)号：US20240129722A1

公开(公告)日：2024-04-18

申请号：US18393300

申请日：2023-12-21

Applicant: George Foti ,  Lila Madour

Inventor： George Foti ,  Lila Madour

IPC: H04W12/00 ,  H04L9/40 ,  H04L61/4511 ,  H04W36/14 ,  H04W88/16

CPC classification number: H04W12/009 ,  H04L61/4511 ,  H04L63/0892 ,  H04W36/14 ,  H04W88/16 ,  H04W84/042

Abstract: Method and apparatus relating to a wireless device supporting 3GPP 4G and 5G radio interfaces and also supporting non-3GPP access, i.e., WiFi, for selecting a security gateway of a first type e.g., ePDG or a security gateway of a second type, e.g., N3IWF for accessing to the core network of first type, e.g., EPC or of a second type e.g., 5GC. As the access methods via ePDG and N3IWF are not the same, the wireless device has to determine based on information obtained by a function in the network and its capabilities whether to use an ePDG or an N3IWF for untrusted non-3GPP access. The wireless device may take into account in the selection whether it is connected to the Core network over 3GPP 4G or 5G radio access network. A corresponding apparatus claim is provided.

公开(公告)号：US20240121233A1

公开(公告)日：2024-04-11

申请号：US18543902

申请日：2023-12-18

Applicant: Oracle International Corporation

Inventor： Chuang Wang ,  Girish Nagaraja ,  Ghazanfar Ahmed ,  Divya Jain ,  Weisong Lin ,  Zheng Guo ,  Roberto Anthony Franco ,  Philip Kevin Newman

IPC: H04L9/40 ,  H04L67/306

CPC classification number: H04L63/0815 ,  H04L63/0807 ,  H04L63/0892 ,  H04L67/306

Abstract: The present embodiments relate to systems and methods for automatic sign in upon account signup. Particularly, the present embodiments can utilize a federated login approach for automatic sign in upon account signup for a cloud infrastructure. Specifically, the signup and sign in service (also known as SOUP) and an identity provider portal can be configured such that the nodes are aware of each other as Security Assertion Markup Language (SAML) partners. After new account registration, the signup service can redirect the user browser to a cloud infrastructure console to start with a federated login flow, where a sign in service can issue a SAML authentication request, and redirects it to signup service. Responsive to validating the browser using a SAML authentication process, the browser can be automatically signed into the new account and allowed access the account relating to the cloud infrastructure service.