Patents by Inventor Sivabalan ARUMUGAM
Sivabalan ARUMUGAM has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11991165Abstract: The present disclosure relates to authentication methods supported by the User Equipment (UE) to the core network and authentication method (selected by the core network) to the UE. These can be used for negotiating any primary or secondary (or any) authentication method and are applicable when multiple authentication methods are supported at the UE and the network (authentication server). Further, the present disclosure also offers security solution to prevent modification or tampering of the parameters in the mechanisms in order to prevent attacks such as bidding-down, Denial of Service (DoS) and Man-In-The-Middle (MITM).Type: GrantFiled: April 2, 2019Date of Patent: May 21, 2024Assignee: NEC CORPORATIONInventors: Anand Raghawa Prasad, Sivakamy Lakshminarayanan, Sheeba Backia Mary Baskaran, Sivabalan Arumugam, Hironori Ito, Takahito Yoshizawa
-
Patent number: 11962999Abstract: A method for providing a key derivation function (KDF) negotiation in a 5G network is provided. The method which includes: selecting a specific KDF at a UE and at the network for at least one security related key derivation; and transmitting, said selected KDF to the UE and to other network functions to indicate said selected KDF for generating specific security key at a receiver side.Type: GrantFiled: October 30, 2019Date of Patent: April 16, 2024Assignee: NEC CORPORATIONInventors: Sheeba Backia Mary Baskaran, Sivabalan Arumugam, Anand Raghawa Prasad, Sander De Kievit, Takahito Yoshizawa, Hironori Ito
-
Patent number: 11956636Abstract: A communication terminal (10) according to the present disclosure includes: a control unit (12) configured to, in a case of a movement from a communication area formed by the 5GS to a communication area formed by the EPS or a movement from a communication area formed by the EPS to a communication area formed by the 5GS, determine whether or not a communication system forming a communication area at a movement destination can satisfy requirements of services; and a communication unit (11) configured to, when it is determined that the communication system forming the communication area at the movement destination can satisfy the requirements of the services, send a connection request message to the communication system forming the communication area at the movement destination.Type: GrantFiled: December 13, 2022Date of Patent: April 9, 2024Assignee: NEC CORPORATIONInventors: Hironori Ito, Anand Raghawa Prasad, Andreas Kunz, Sivabalan Arumugam, Sivakamy Lakshminarayanan, Sheeba Backia Mary Baskaran
-
Patent number: 11937079Abstract: A communication terminal capable of preventing a reduction in security level that is caused at the time of establishing multiple connections via 3GPP Access and Non-3GPP Access. A communication terminal according to the present disclosure includes: a communication unit configured to communicate with gateway devices disposed in a preceding stage of a core network device via an Untrusted Non-3GPP Access; and a key derivation unit configured to derive a second security key used for security processing of a message transmitted using a defined protocol with the gateway device, from a first security key used for security processing of a message transmitted using a defined protocol with the core network device.Type: GrantFiled: September 27, 2018Date of Patent: March 19, 2024Assignee: NEC CORPORATIONInventors: Hironori Ito, Sivakamy Lakshminarayanan, Anand Raghawa Prasad, Sivabalan Arumugam, Sheeba Backia Mary Baskaran
-
Patent number: 11910184Abstract: The present disclosure provides a User Equipment (UE) comprising a transceiver circuit; and a controller configured to control the transceiver circuit to send, to an Access and mobility Management Function (AMF) of a communication node, an identifier, wherein upon successful authentication of a network access function of the UE in the communication node, the controller is configured to maintain a secure connection with the communication node.Type: GrantFiled: January 10, 2020Date of Patent: February 20, 2024Assignee: NEC CORPORATIONInventors: Sheeba Backia Mary Baskaran, Sander De Kievit, Sivabalan Arumugam, Anand Raghawa Prasad
-
Patent number: 11902776Abstract: Provided is an authentication device capable of generating a master key suited to a UE in a 5GS. The authentication device (10) includes a communication unit (11) configured to, in registration processing of user equipment (UE), acquire UE key derivation function (KDF) capabilities indicating a pseudo random function supported by the UE, a selection unit (12) configured to select a pseudo random function used for generation of a master key related to the UE by use of the UE KDF capabilities, and a key generation unit (13) configured to generate a master key related to the UE by use of the selected pseudo random function.Type: GrantFiled: December 9, 2022Date of Patent: February 13, 2024Assignee: NEC CORPORATIONInventors: Sheeba Backia Mary Baskaran, Anand Raghawa Prasad, Sivabalan Arumugam, Sivakamy Lakshminarayanan, Hironori Ito, Andreas Kunz
-
Patent number: 11877148Abstract: A communication terminal (10) includes control means for generating a subscription concealed identifier (SUCI) including a subscription permanent identifier (SUPI) concealed using a predetermined protection scheme, and a protection scheme identifier identifying the protection scheme, and transmission means for sending the SUCI to a first network apparatus during a registration procedure, the SUCI being sent for a second network apparatus to de-conceal the SUPI from the SUCI based on the protection scheme used to generate the SUCI.Type: GrantFiled: November 11, 2022Date of Patent: January 16, 2024Assignee: NEC CORPORATIONInventors: Sheeba Backia Mary Baskaran, Sivakamy Lakshminarayanan, Anand Raghawa Prasad, Sivabalan Arumugam, Hironori Ito, Takahito Yoshizawa
-
Publication number: 20230328527Abstract: A method for integrity protection scheme by a mobile communication device or a core network entity according to a first exemplary aspect of the present disclosure includes configuring settings and parameters for integrity protection for user data with another party; receiving user plane data from the other party, calculating Message Authentication Code for Integrity (MAC-I) for a part of the data and checking integrity of the part of the data.Type: ApplicationFiled: June 12, 2023Publication date: October 12, 2023Applicant: NEC CorporationInventors: Hironori ITO, Anand Raghawa PRASAD, Sivabalan ARUMUGAM, Takahito YOSHIZAWA, Sivakamy LAKSHMINARAYANAN, Sheeba Backia Mary BASKARAN
-
Patent number: 11722897Abstract: A method for integrity protection scheme by a mobile communication device or a core network entity according to a first exemplary aspect of the present disclosure includes configuring settings and parameters for integrity protection for user data with another party; receiving user plane data from the other party, calculating Message Authentication Code for Integrity (MAC-I) for a part of the data and checking integrity of the part of the data.Type: GrantFiled: December 2, 2021Date of Patent: August 8, 2023Assignee: NEC CORPORATIONInventors: Hironori Ito, Anand Raghawa Prasad, Sivabalan Arumugam, Takahito Yoshizawa, Sivakamy Lakshminarayanan, Sheeba Backia Mary Baskaran
-
Publication number: 20230104549Abstract: A communication terminal (10) according to the present disclosure includes: a control unit (12) configured to, in a case of a movement from a communication area formed by the 5GS to a communication area formed by the EPS or a movement from a communication area formed by the EPS to a communication area formed by the 5GS, determine whether or not a communication system forming a communication area at a movement destination can satisfy requirements of services; and a communication unit (11) configured to, when it is determined that the communication system forming the communication area at the movement destination can satisfy the requirements of the services, send a connection request message to the communication system forming the communication area at the movement destination.Type: ApplicationFiled: December 13, 2022Publication date: April 6, 2023Applicant: NEC CorporationInventors: Hironori ITO, Anand Raghawa PRASAD, Andreas KUNZ, Sivabalan ARUMUGAM, Sivakamy LAKSHMINARAYANAN, Sheeba Backia Mary BASKARAN
-
Publication number: 20230108376Abstract: Provided is an authentication device capable of generating a master key suited to a UE in a 5GS. The authentication device (10) includes a communication unit (11) configured to, in registration processing of user equipment (UE), acquire UE key derivation function (KDF) capabilities indicating a pseudo random function supported by the UE, a selection unit (12) configured to select a pseudo random function used for generation of a master key related to the UE by use of the UE KDF capabilities, and a key generation unit (13) configured to generate a master key related to the UE by use of the selected pseudo random function.Type: ApplicationFiled: December 9, 2022Publication date: April 6, 2023Applicant: NEC CorporationInventors: Sheeba Backia Mary BASKARAN, Anand Raghawa Prasao, Sivabalan Arumugam, Sivakamy Lakshminarayanan, Hironori Ito, Andreas Kunz
-
Publication number: 20230076879Abstract: A communication terminal (10) includes control means for generating a subscription concealed identifier (SUCI) including a subscription permanent identifier (SUPI) concealed using a predetermined protection scheme, and a protection scheme identifier identifying the protection scheme, and transmission means for sending the SUCI to a first network apparatus during a registration procedure, the SUCI being sent for a second network apparatus to de-conceal the SUPI from the SUCI based on the protection scheme used to generate the SUCI.Type: ApplicationFiled: November 11, 2022Publication date: March 9, 2023Applicant: NEC CORPORATIONInventors: Sheeba Backia Mary BASKARAN, Sivakamy LAKSHMINARAYANAN, Anand Raghawa PRASAD, Sivabalan ARUMUGAM, Hironori ITO, Takahito YOSHIZAWA
-
Patent number: 11553345Abstract: A communication terminal (10) according to the present disclosure includes: a control unit (12) configured to, in a case of a movement from a communication area formed by the 5GS to a communication area formed by the EPS or a movement from a communication area formed by the EPS to a communication area formed by the 5GS, determine whether or not a communication system forming a communication area at a movement destination can satisfy requirements of services; and a communication unit (11) configured to, when it is determined that the communication system forming the communication area at the movement destination can satisfy the requirements of the services, send a connection request message to the communication system forming the communication area at the movement destination.Type: GrantFiled: March 15, 2021Date of Patent: January 10, 2023Assignee: NEC CORPORATIONInventors: Hironori Ito, Anand Raghawa Prasad, Andreas Kunz, Sivabalan Arumugam, Sivakamy Lakshminarayanan, Sheeba Backia Mary Baskaran
-
Patent number: 11540125Abstract: Provided is an authentication device capable of generating a master key suited to a UE in a 5GS. The authentication device (10) includes a communication unit (11) configured to, in registration processing of user equipment (UE), acquire UE key derivation function (KDF) capabilities indicating a pseudo random function supported by the UE, a selection unit (12) configured to select a pseudo random function used for generation of a master key related to the UE by use of the UE KDF capabilities, and a key generation unit (13) configured to generate a master key related to the UE by use of the selected pseudo random function.Type: GrantFiled: March 16, 2018Date of Patent: December 27, 2022Assignee: NEC CORPORATIONInventors: Sheeba Backia Mary Baskaran, Anand Raghawa Prasad, Sivabalan Arumugam, Sivakamy Lakshminarayanan, Hironori Ito, Andreas Kunz
-
Patent number: 11528599Abstract: A communication terminal (10) includes control means for generating a subscription concealed identifier (SUCI) including a subscription permanent identifier (SUPI) concealed using a predetermined protection scheme, and a protection scheme identifier identifying the protection scheme, and transmission means for sending the SUCI to a first network apparatus during a registration procedure, the SUCI being sent for a second network apparatus to de-conceal the SUPI from the SUCI based on the protection scheme used to generate the SUCI.Type: GrantFiled: February 15, 2022Date of Patent: December 13, 2022Assignee: NEC CORPORATIONInventors: Sheeba Backia Mary Baskaran, Sivakamy Lakshminarayanan, Anand Raghawa Prasad, Sivabalan Arumugam, Hironori Ito, Takahito Yoshizawa
-
Patent number: 11496882Abstract: Methods for (i) finding/discovering the right UDM instances and (ii) ensuring the UDM instance security are provided. The method for (i), includes the steps of: (i-1) pre-provisioning of UDM instance discovery information/parameters to the UE/USIM, (i-2) sending the UDM instance discovery related parameters to a core network element, and (i-3) discovering the right UDM instance at the core network element based on the discovery parameters and related routing information either at the UDM consumer/NRF. The method for (ii) includes the steps of: (ii-1) Secured choice of parameter for UDM instance discovery (e.g. UDM instance identifier) to the core network element and (ii-2) the secured UDM instance identifier generation and management at the UDM to prevent attack on UDM instances. Also a method to identify the cleartext IMSI/SUPI is provided for the re-authentication scenario along with the relevant procedures.Type: GrantFiled: February 15, 2019Date of Patent: November 8, 2022Assignee: NEC CORPORATIONInventors: Sheeba Backia Mary Baskaran, Anand Raghawa Prasad, Sivakamy Lakshminarayanan, Sivabalan Arumugam, Hironori Ito, Takihito Yoshizawa
-
Patent number: 11463267Abstract: A network function virtualization system, comprises a request receiving unit that receives a request to a certificate of at least one of data exchanging parties; a private key generator that generates a first private key information using a second private key information stored in a hardware-based isolated secure execution environment, in response to the request; a public key extractor that extracts a public key information of the first private key information; a public key information storage unit that stores the public key information; and a verifying unit that is accessible from the request receiving unit and verifies the certificate using the public key information corresponding to the certificate.Type: GrantFiled: April 18, 2017Date of Patent: October 4, 2022Assignee: NEC CORPORATIONInventors: Pradheepkumar Singaravelu, Sivabalan Arumugam, Anand Prasad, Hironori Ito
-
Publication number: 20220174480Abstract: A communication terminal (10) includes control means for generating a subscription concealed identifier (SUCI) including a subscription permanent identifier (SUPI) concealed using a predetermined protection scheme, and a protection scheme identifier identifying the protection scheme, and transmission means for sending the SUCI to a first network apparatus during a registration procedure, the SUCI being sent for a second network apparatus to de-conceal the SUPI from the SUCI based on the protection scheme used to generate the SUCI.Type: ApplicationFiled: February 15, 2022Publication date: June 2, 2022Applicant: NEC CorporationInventors: Sheeba Backia Mary BASKARAN, Sivakamy LAKS HMI NARAYANAN, Anand Raghawa PRASAD, Sivabalan ARUMUGAM, Hironori ITO, Takahito YOSHIZAWA
-
Publication number: 20220103540Abstract: The present disclosure relates to authentication methods supported by the User Equipment (UE) to the core network and authentication method (selected by the core network) to the UE. These can be used for negotiating any primary or secondary (or any) authentication method and are applicable when multiple authentication methods are supported at the UE and the network (authentication server). Further, the present disclosure also offers security solution to prevent modification or tampering of the parameters in the mechanisms in order to prevent attacks such as bidding-down, Denial of Service (DoS) and Man-In-The-Middle (MITM).Type: ApplicationFiled: December 13, 2021Publication date: March 31, 2022Applicant: NEC CorporationInventors: Anand Raghawa Prasad, Sivakamy Lakshminarayanan, Sheeba Backia Mary Baskaran, Sivabalan Arumugam, Hironori Ito, Takahito Yoshizawa
-
Patent number: 11290874Abstract: A communication terminal (10) includes control means for generating a subscription concealed identifier (SUCI) including a subscription permanent identifier (SUPI) concealed using a predetermined protection scheme, and a protection scheme identifier identifying the protection scheme, and transmission means for sending the SUCI to a first network apparatus during a registration procedure, the SUCI being sent for a second network apparatus to de-conceal the SUPI from the SUCI based on the protection scheme used to generate the SUCI.Type: GrantFiled: January 9, 2019Date of Patent: March 29, 2022Assignee: NEC CORPORATIONInventors: Sheeba Backia Mary Baskaran, Sivakamy Lakshminarayanan, Anand Raghawa Prasad, Sivabalan Arumugam, Hironori Ito, Takahito Yoshizawa