Patents by Inventor Anja Jerichow

Anja Jerichow has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20190253395
    Abstract: In a communication system comprising a first network operatively coupled to a second network, wherein the first network comprises a first security edge protection proxy element operatively coupled to a second security edge protection proxy element of the second network; the method comprises constructing a message at a network function in the first network destined for the second network, wherein the message comprises at least one information element and an indicator, wherein the indicator is set to specify at least one security operation to be applied to the at least one information element before sending the message to the second security edge protection proxy element of the second network.
    Type: Application
    Filed: June 21, 2018
    Publication date: August 15, 2019
    Applicant: Nokia Technologies Oy
    Inventors: Nagendra S. Bykampadi, Suresh P. Nair, Anja Jerichow
  • Publication number: 20190253885
    Abstract: In a communication system comprising a first network operatively coupled to a second network, wherein the first network comprises a first security edge protection proxy element operatively coupled to a second security edge protection proxy element of the second network, a method comprises configuring at least a given one of the first and second security edge protection proxy elements to determine whether to apply at least one security operation at the transport level for incoming packets based at least in part on source and destination networks for the incoming packets.
    Type: Application
    Filed: June 21, 2018
    Publication date: August 15, 2019
    Applicant: Nokia Technologies Oy
    Inventors: Nagendra S. Bykampadi, Suresh P. Nair, Anja Jerichow
  • Publication number: 20190253888
    Abstract: Systems, methods, apparatuses, and computer program products directed to next generation (e.g., 5G systems) key set identifier(s) are provided. One method includes requesting, by a network node, authentication of a user equipment with an authentication server, receiving a master key and authentication parameters/vectors from the authentication server when authorization is successful, and verifying validity of the authentication request. When the verification is successful, the method may further include instantiating a security context for the user equipment and assigning a security context identifier for next generation system security context to the user equipment, and then sending a security mode command message to instruct the user equipment to instantiate security context using the security context identifier.
    Type: Application
    Filed: September 20, 2016
    Publication date: August 15, 2019
    Inventors: Anja JERICHOW, Suresh NAIR
  • Publication number: 20190253461
    Abstract: In a communication system comprising a first network operatively coupled to a second network, wherein the first network comprises a first security edge protection proxy element operatively coupled to a second security edge protection proxy element of the second network, a method comprises provisioning at least a given one of the first and second security edge protection proxy elements with configuration information that enables the given security edge protection proxy element to identify at least one security operation to be applied to at least one information element in a received message before sending the message to the other one of the first and second security edge protection proxy elements.
    Type: Application
    Filed: June 21, 2018
    Publication date: August 15, 2019
    Applicant: Nokia Technologies Oy
    Inventors: Nagendra S. Bykampadi, Suresh P. Nair, Anja Jerichow
  • Patent number: 10360798
    Abstract: An application server in a cellular network receives incident information and determines a trust value associated with the incident information using one or more trust parameters. The application server generates a warning message including the the trust value and the one or more trust parameters. The warning message is broadcast to user equipment in vehicles in an area of relevance. The user equipment in the vehicles in the area of relevance receives the warning message and may re-evaluate the trust value in the warning message based on additional trust parameters or information. The user equipment may determine to perform one or more actions based on the trust value, such as providing a warning to a driver or performing a braking operation.
    Type: Grant
    Filed: December 11, 2017
    Date of Patent: July 23, 2019
    Assignee: NOKIA TECHNOLOGIES OY
    Inventors: Anja Jerichow, Joachim Lueken, Wolfgang Scheidl
  • Publication number: 20190182654
    Abstract: Illustrative embodiments provide subscriber privacy management techniques that prevent a covert channel from being established between user equipment and a home network through a serving network in a communication system. In one example, a random value is computed in the serving network and added to the registration request procedure. The techniques also enable the home network to control UE behavior using an authorization token.
    Type: Application
    Filed: December 8, 2017
    Publication date: June 13, 2019
    Applicant: Nokia Technologies Oy
    Inventors: Anja Jerichow, Suresh Nair
  • Publication number: 20190149521
    Abstract: In a home network of a communication system, wherein one or more cryptographic key pairs are provisioned for utilization by subscribers of the home network to conceal subscriber identifiers provided to one or more access points in the communication system, the method comprises provisioning one or more privacy managing entity identifiers for utilization by the subscribers when providing their concealed subscriber identifiers to the communication system. Each of the one or more privacy managing entity identifiers identify a given privacy managing entity in the communication system configured to de-conceal a given subscriber identifier.
    Type: Application
    Filed: December 13, 2017
    Publication date: May 16, 2019
    Applicant: Nokia Technologies Oy
    Inventor: Anja Jerichow
  • Publication number: 20190069170
    Abstract: The present invention provides apparatuses, methods, computer programs, computer program products and computer-readable media regarding security in isolated LTE networks. The method comprises receiving, at a network element, a message from a management entity, determining, at the network element, a class of a radio network to which the management entity belongs, selecting a function for generating an authentication key based on the determined class, and generating the authentication key using the selected function.
    Type: Application
    Filed: February 11, 2016
    Publication date: February 28, 2019
    Inventors: Anja JERICHOW, Guenther HORN
  • Publication number: 20190036697
    Abstract: Privacy management techniques for communication systems are provided. In one or more methods, one or more cryptographic key pairs are provisioned in a home network of a communication system for utilization by subscribers of the home network to conceal subscriber identifiers provided to access points in the communication system. The cryptographic key pairs are managed utilizing an element or function in the home network of the communication system. In one or more other methods, one or more public keys associated with one or more cryptographic key pairs are stored in user equipment, the cryptographic key pairs being provisioned by a home network of a communication system for use by subscribers of the home network to conceal subscriber identifiers provided to access points in the communication network. An element or function of the home network of the communication system is interfaced for management of the public keys stored in the user equipment.
    Type: Application
    Filed: October 10, 2017
    Publication date: January 31, 2019
    Applicant: Nokia Technologies Oy
    Inventors: Anja Jerichow, Annett Seefeldt, Nagendra S. Bykampadi, Suresh P. Nair, Ulrich Wiehe
  • Publication number: 20190037407
    Abstract: A short message service (SMS) message is encrypted using an encryption key stored at a user equipment and an access and mobility management function (AMF) and the encrypted SMS message is added to a payload of a non-access stratum (NAS) message that includes an NAS header. Integrity protection is applied to the NAS message using an integrity key stored at the user equipment and the AMF and the integrity-protected NAS message is transmitted. The NAS message is received via an NAS link between the user equipment and the AMF. An integrity check is performed on the NAS message using the integrity key. An encrypted short message service (SMS) message is extracted from a payload of the NAS message in response to the integrity check being successful and the encrypted SMS message is decrypted using the encryption key.
    Type: Application
    Filed: May 8, 2018
    Publication date: January 31, 2019
    Inventors: Suresh NAIR, Anja JERICHOW, Nagendra S. BYKAMPADI
  • Patent number: 10171993
    Abstract: Techniques are provided for protecting the privacy of user equipment during identity request operations in a communication system. In one example, a method includes receiving a current identity request at given user equipment of a communication system. The method further includes making a determination at the given user equipment whether or not to respond to the current identity request in a manner requested based on a count of previous identity requests received by the given user equipment.
    Type: Grant
    Filed: May 5, 2017
    Date of Patent: January 1, 2019
    Assignees: NOKIA TECHNOLOGIES OY, NOKIA OF AMERICA CORPORATION
    Inventors: Suresh P. Nair, Anja Jerichow
  • Patent number: 10165546
    Abstract: Techniques are provided for protecting the privacy of user equipment during paging operations in a communication system. In one example, a method includes determining at a mobility management element of a communication system that a paging operation is to be initiated for given user equipment. The method further includes restricting the paging operation between the mobility management element and the given user equipment to use of a temporary identifier for the given user equipment. By not using a permanent identifier of the given user equipment during paging operations, the given user equipment is effectively non-trackable by malicious base stations and active/passive listeners.
    Type: Grant
    Filed: March 17, 2017
    Date of Patent: December 25, 2018
    Assignees: NOKIA TECHNOLOGIES OY, NOKIA OF AMERICA CORPORATION
    Inventors: Suresh P. Nair, Anja Jerichow
  • Publication number: 20180331830
    Abstract: Key identification techniques for determination of appropriate keys for processing messages in communication systems are provided. In one or more methods, an indicator is assigned to each key pair provisioned in a communication system. The indicator is then sent to one or more network elements or functions in the communication system with a message encrypted with a first part of the key pair corresponding to the indicator. A network element or function receiving the encrypted message determines, based on the indicator, a corresponding second part of the key pair to use to process the encrypted message.
    Type: Application
    Filed: October 6, 2017
    Publication date: November 15, 2018
    Applicants: Alcatel-Lucent USA Inc., Nokia Technologies Oy
    Inventors: Anja Jerichow, Annett Seefeldt, Suresh P. Nair
  • Publication number: 20180322785
    Abstract: An application server in a cellular network receives incident information and determines a trust value associated with the incident information using one or more trust parameters. The application server generates a warning message including the the trust value and the one or more trust parameters. The warning message is broadcast to user equipment in vehicles in an area of relevance. The user equipment in the vehicles in the area of relevance receives the warning message and may re-evaluate the trust value in the warning message based on additional trust parameters or information. The user equipment may determine to perform one or more actions based on the trust value, such as providing a warning to a driver or performing a braking operation.
    Type: Application
    Filed: December 11, 2017
    Publication date: November 8, 2018
    Inventors: Anja Jerichow, Joachim Lueken, Wolfgang Scheidl
  • Publication number: 20180324583
    Abstract: Techniques are provided for protecting the privacy of user equipment during identity request operations in a communication system. In one example, a method includes receiving a current identity request at given user equipment of a communication system. The method further includes making a determination at the given user equipment whether or not to respond to the current identity request in a manner requested based on a count of previous identity requests received by the given user equipment.
    Type: Application
    Filed: May 5, 2017
    Publication date: November 8, 2018
    Applicants: Alcatel-Lucent USA Inc., Nokia Technologies Oy
    Inventors: Suresh P. Nair, Anja Jerichow
  • Publication number: 20180324585
    Abstract: Techniques for providing privacy features in communication systems are provided. For example, a message may be provided from user equipment to an element or function in a communication network that comprises one or more privacy indicators, where privacy features for processing the message are determined based on the privacy indicators. The message may comprise an attach request comprising a subscription identifier for a subscriber associated with the user equipment, with the privacy indicators comprising a flag indicating whether the subscription identifier in the attach request is privacy-protected. As another example, the element of function in the communication network may determine privacy features supported by the communication network and generate and send a message to user equipment comprising one or more privacy indicators selected based on the determined privacy features.
    Type: Application
    Filed: October 26, 2017
    Publication date: November 8, 2018
    Applicants: Alcatel-Lucent USA Inc., Nokia Technologies Oy
    Inventors: Suresh P. Nair, Anja Jerichow, Annett Seefeldt
  • Publication number: 20180270786
    Abstract: Techniques are provided for protecting the privacy of user equipment during paging operations in a communication system. In one example, a method includes determining at a mobility management element of a communication system that a paging operation is to be initiated for given user equipment. The method further includes restricting the paging operation between the mobility management element and the given user equipment to use of a temporary identifier for the given user equipment. By not using a permanent identifier of the given user equipment during paging operations, the given user equipment is effectively non-trackable by malicious base stations and active/passive listeners.
    Type: Application
    Filed: March 17, 2017
    Publication date: September 20, 2018
    Applicants: Alcatel-Lucent USA Inc., Nokia Technologies Oy
    Inventors: Suresh P. Nair, Anja Jerichow
  • Publication number: 20170264647
    Abstract: Systems, methods, apparatuses, and computer program products for securing user plane (e.g., MB2-U) interface between a group communication service application server (GCS AS) and Broadcast Multicast Service Center (BM-SC) are provided. One method may include transmitting a message via a control plane, to an application server, indicating whether to establish a security association on a user plane in an interface between the GCS AS and the BM-SC. The method may also include providing, to the GCS AS, a target internet protocol (IP) address and possible port as a target for the security association.
    Type: Application
    Filed: August 17, 2015
    Publication date: September 14, 2017
    Inventors: Anja JERICHOW, Thomas BELLING, Guenther HORN
  • Publication number: 20170118635
    Abstract: Various communication systems may benefit from appropriate security mechanisms. For example, isolated operation of evolved universal terrestrial radio networks may benefit from key separation for a local evolved packet core. A method can include deriving a subscriber key corresponding to an isolated operation network. The subscriber key can be derived from an identifier of the isolated operation network and a master subscriber key. The method can also include provisioning the subscriber key to the isolated operation network.
    Type: Application
    Filed: October 26, 2015
    Publication date: April 27, 2017
    Inventors: Anja JERICHOW, Guenther HORN
  • Patent number: 9191410
    Abstract: A method and apparatus can be configured to transmit indicators to a network entity. The indicators indicate whether security will be applied to a media data, whether security will be applied by an application layer, and whether security will be applied by an evolved-packet-system layer. The method can also include transmitting the media data to the network entity.
    Type: Grant
    Filed: January 13, 2014
    Date of Patent: November 17, 2015
    Assignee: NOKIA SOLUTIONS AND NETWORKS OY
    Inventor: Anja Jerichow