Abstract: According to embodiments, a user equipment (UE) receives an access credential message, The access credential message indicates an access credential for an on-demand network for the UE to access. The access credential message further indicates a limited lifespan of the access credential. The UE transmits, to the on-demand network, an authentication and authorization request. The authentication and authorization request includes information about the access credential. The UE receives, from the on-demand network, an authentication and authorization response. The UE establishes a session with the on-demand network based on the authentication and authorization response.

Abstract: This disclosure provides techniques for securely communicating user equipment (UE) specific information from a UE to a network-side device. In particular, the UE may either encrypt the UE specific information using an encryption key to form an encrypted portion, where the UE specific information includes subscriber identity information and the encryption key is calculated in accordance with a public key of a home network of the UE. The UE generates a message authentication code (MAC) signature based on the encrypted portion and a first integrity key, where the first integrity key is calculated in accordance with the public key of the home network. The UE sends, to a network-side device, a request message including the encrypted portion, the MAC signature and a network identifier of the home network.

Abstract: A network device of a network may generate a network information container including information to be sent to a communication device. The network is a home network of the communication device that is served by a visited network. The network information container may be integrity protected and/or cipher protected. The network device may send, to the communication device via the visited network, a message including the network information container and a credential indicator indicating a type of credential used to protect the network information container. The type of credential may be a 3GPP or non-3GPP credential. The communication device may verify the network information container using one or more security parameters based on the type of credential, and obtain the information in the network information container when the verification succeeds, or discard the network information container when the verification fails.

Abstract: Embodiments of this disclosure provide techniques for securely communicating an IMSI over the air from a UE to an SeAN, as well as for securely validating an unencrypted IMSI that the SeAN receives from the home network, during authentication protocols. In particular, the UE may either encrypt the IMSI assigned to the UE using an IMSI encryption key (KIMSIenc) or compute a hash of the IMSI assigned to the UE using an IMSI integrity key (KIMSIint), and then send the encrypted IMSI or the hash of the IMSI to the serving network. The encrypted IMSI or hash of the encrypted IMSI may then be used by the SeAN to validate an unencrypted IMSI that was previously received from an HSS in the home network of the UE.

Abstract: Serving network authentication and validation by a UE includes encrypting an identifier associated with the UE using a first instance of a public key associated with a serving network to which the UE is attempting to gain access; transmitting the identifier to the serving network; receiving from the serving network an authentication vector containing a second instance of the public key, the second instance of the public key having been encrypted using a key shared by the UE and a home network associated with the UE; decrypting the second instance of the public key using the key shared by the UE and the home network; comparing the first instance of the public key to the second instance of the public key; and when the first instance and the second instance are the same, determining that the home network has authenticated the serving network.

Abstract: Embodiments of this disclosure provide techniques for securely communicating an IMSI over the air from a UE to an SeAN, as well as for securely validating an unencrypted IMSI that the SeAN receives from the home network, during authentication protocols. In particular, the UE may either encrypt the IMSI assigned to the UE using an IMSI encryption key (KIMSIenc) or compute a hash of the IMSI assigned to the UE using an IMSI integrity key (KIMSIint), and then send the encrypted IMSI or the hash of the IMSI to the serving network. The encrypted IMSI or hash of the encrypted IMSI may then be used by the SeAN to validate an unencrypted IMSI that was previously received from an HSS in the home network of the UE.

Abstract: Embodiment mutual authentication and security agreement (MASA) protocols may use independently generated integrity and/or encryption keys to securely communicate private information exchanged between UEs and various network-side devices (e.g., base stations, MMEs, HSSs, etc.). In particular, embodiment MASA protocols may use an initial authentication request (IAR) encryption key (KIARENC) to encrypt UE specific information (e.g., an IMSI, etc.) in an IAR message and/or an initial authentication response (IAS) encryption key (KIASENC) to encrypt private information in an IAS message. Additionally, embodiment MASA protocols may use an IAR integrity protection key (KIARINT) to verify the integrity of information in an IAR message and/or an IAS integrity protection key (KIASINT) to verify the integrity of information in an IAS message. The KIARENC, KIARINT, KIASENC, and/or KIASINT may be independently computed by the UE and a home subscriber server (HSS).

Abstract: Serving network authentication and validation by a UE includes encrypting an identifier associated with the UE using a first instance of a public key associated with a serving network to which the UE is attempting to gain access; transmitting the identifier to the serving network; receiving from the serving network an authentication vector containing a second instance of the public key, the second instance of the public key having been encrypted using a key shared by the UE and a home network associated with the UE; decrypting the second instance of the public key using the key shared by the UE and the home network; comparing the first instance of the public key to the second instance of the public key; and when the first instance and the second instance are the same, determining that the home network has authenticated the serving network.

Abstract: Embodiments of this disclosure provide techniques for securely communicating an IMSI over the air from a UE to an SeAN, as well as for securely validating an unencrypted IMSI that the SeAN receives from the home network, during authentication protocols. In particular, the UE may either encrypt the IMSI assigned to the UE using an IMSI encryption key (KIMSIenc) or compute a hash of the IMSI assigned to the UE using an IMSI integrity key (KIMSIint), and then send the encrypted IMSI or the hash of the IMSI to the serving network. The encrypted IMSI or hash of the encrypted IMSI may then be used by the SeAN to validate an unencrypted IMSI that was previously received from an HSS in the home network of the UE.

Abstract: The present specification relates to adenine conjugate compounds represented by the formula (1), wherein A, L1, L2, X1, R1, R2, R3, and m are as defined herein, or their pharmaceutically acceptable salts. Compounds of formula (1) have immunostimulating properties and may therefore be useful in therapy, for example as vaccine adjuvants. The present specification also relates to a process for preparing adenine conjugate compounds and pharmaceutically acceptable salts thereof, and to pharmaceutical compositions comprising adenine conjugate compounds and their pharmaceutically acceptable salts.

Abstract: Embodiment mutual authentication and security agreement (MASA) protocols may use independently generated integrity and/or encryption keys to securely communicate private information exchanged between UEs and various network-side devices (e.g., base stations, MMEs, HSSs, etc.). In particular, embodiment MASA protocols may use an initial authentication request (IAR) encryption key (KIARENC) to encrypt UE specific information (e.g., an IMSI, etc.) in an IAR message and/or an initial authentication response (IAS) encryption key (KIASENC) to encrypt private information in an IAS message. Additionally, embodiment MASA protocols may use an IAR integrity protection key (KIARINT) to verify the integrity of information in an IAR message and/or an IAS integrity protection key (KIASINT) to verify the integrity of information in an IAS message. The KIARENC, KIARINT, KIASENC, and/or KIASINT may be independently computed by the UE and a home subscriber server (HSS).

Abstract: Embodiment mutual authentication and security agreement (MASA) protocols may use independently generated integrity and/or encryption keys to securely communicate private information exchanged between UEs and various network-side devices (e.g., base stations, MMEs, HSSs, etc.). In particular, embodiment MASA protocols may use an initial authentication request (IAR) encryption key (KIARENC) to encrypt UE specific information (e.g., an IMSI, etc.) in an IAR message and/or an initial authentication response (IAS) encryption key (KIASENC) to encrypt private information in an IAS message. Additionally, embodiment MASA protocols may use an IAR integrity protection key (KIARINT) to verify the integrity of information in an IAR message and/or an IAS integrity protection key (KIASINT) to verify the integrity of information in an IAS message. The KIARENC, KIARINT, KIASENC, and/or KIASINT may be independently computed by the UE and a home subscriber server (HSS).

Abstract: The present specification relates to adenine conjugate compounds represented by the formula (1), wherein A, L1, L2, X1, R1, R2, R3, and m are as defined herein, or their pharmaceutically acceptable salts. Compounds of formula (1) have immunostimulating properties and may therefore be useful in therapy, for example as vaccine adjuvants. The present specification also relates to a process for preparing adenine conjugate compounds and pharmaceutically acceptable salts thereof, and to pharmaceutical compositions comprising adenine conjugate compounds and their pharmaceutically acceptable salts.

Abstract: The disclosure relates to technology for provisioning out-of-network user equipment with a network relay in a communications network. The network relay device receives an authentication key request message from user equipment including a user equipment identity and an authentication server identity, and communicates the authentication key request message to an authentication server having the authentication server identity. The network relay device communicates a relay authentication key response received from the authentication server to the user equipment such that a secure communication is established between the user equipment and the network. A relay authentication key is generated during establishment of the secure communication between the user equipment and authentication server, and a session with the user equipment is authenticated using a session key generated by the user equipment based on the relay authentication key.

Abstract: A device for communicating with a plurality of user equipment in a cellular network comprises a non-transitory memory having instructions and one or more processors in communication with the memory. The one or more processors execute the instructions to receive information regarding a faked base station including an operating frequency, location area code and cell identification of the faked base station, prepare a first message to alert of the faked base station, select the plurality of user equipment that may receive a signal from the faked base station, transmit the first message to alert of the faked base station to the plurality of user equipment and transmit a second message to bar the plurality of user equipment from connecting to the faked base station.

Abstract: A device for communicating with a plurality of user equipment in a cellular network comprises a non-transitory memory having instructions and one or more processors in communication with the memory. The one or more processors execute the instructions to receive information regarding a faked base station including an operating frequency, location area code and cell identification of the faked base station, prepare a first message to alert of the faked base station, select the plurality of user equipment that may receive a signal from the faked base station, transmit the first message to alert of the faked base station to the plurality of user equipment and transmit a second message to bar the plurality of user equipment from connecting to the faked base station.

Abstract: Embodiments of this disclosure provide techniques for securely communicating an IMSI over the air from a UE to an SeAN, as well as for securely validating an unencrypted IMSI that the SeAN receives from the home network, during authentication protocols. In particular, the UE may either encrypt the IMSI assigned to the UE using an IMSI encryption key (KIMSIenc) or compute a hash of the IMSI assigned to the UE using an IMSI integrity key (KIMSIint), and then send the encrypted IMSI or the hash of the IMSI to the serving network. The encrypted IMSI or hash of the encrypted IMSI may then be used by the SeAN to validate an unencrypted IMSI that was previously received from an HSS in the home network of the UE.

Abstract: Embodiment mutual authentication and security agreement (MASA) protocols may use independently generated integrity and/or encryption keys to securely communicate private information exchanged between UEs and various network-side devices (e.g., base stations, MMEs, HSSs, etc.). In particular, embodiment MASA protocols may use an initial authentication request (IAR) encryption key (KIARENC) to encrypt UE specific information (e.g., an IMSI, etc.) in an IAR message and/or an initial authentication response (IAS) encryption key (KIASENC) to encrypt private information in an IAS message. Additionally, embodiment MASA protocols may use an IAR integrity protection key (KIARINT) to verify the integrity of information in an IAR message and/or an IAS integrity protection key (KIASINT) to verify the integrity of information in an IAS message. The KIARENC, KIARINT, KIASENC, and/or KIASINT may be independently computed by the UE and a home subscriber server (HSS).

Abstract: The disclosure relates to technology for provisioning out-of-network user equipment with a network relay in a communications network. The network relay device receives an authentication key request message from user equipment including a user equipment identity and an authentication server identity, and communicates the authentication key request message to an authentication server having the authentication server identity. The network relay device communicates a relay authentication key response received from the authentication server to the user equipment such that a secure communication is established between the user equipment and the network. A relay authentication key is generated during establishment of the secure communication between the user equipment and authentication server, and a session with the user equipment is authenticated using a session key generated by the user equipment based on the relay authentication key.