Abstract: There are provided measures for handling of paging messages in communication endpoint to network relaying scenarios.

Abstract: An apparatus for a network node acting as a gateway entity of a second communication network providing access to a first communication network being different to the second communication network, the apparatus comprising at least one processor, and at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus at least to receive a registration request of a user equipment for a registration to the first communication network via the second communication network, wherein the registration request comprises an anonymized subscriber identification element, to obtain a temporary identification for the user equipment, and to forward the temporary identification for the user equipment to the user equipment.

Abstract: There is disclosed methods, apparatuses and computer program products for an authentication procedure in a unicast device to device communication. In accordance with an embodiment the method comprises receiving from an initiating device a request to establish a unicast device to device communication between the initiating device and a target device; sending from the target device an authentication request to the initiating device for authenticating the initiating device; receiving from the initiating device an authentication response to the authentication request including one or more parameters related to the authentication; providing information of the one or more parameters to the application; examining by an application in the target device whether the one or more parameters can be accepted; and if the examining reveals that at least one of the one or more parameters cannot be accepted, sending an authentication failure message to the initiating device.

Abstract: According to an example aspect of the present invention, there is provided method, comprising: generating a first key based on a first input specific to a mobile device, wherein the first input comprises measurement of mutable code of the mobile device and a unique device secret, generating a symmetric second key on the basis of the first key and a second input specific to the mobile device, and generating authentication credentials on the basis of the second key for authenticating the mobile device to a mobile communications network.

Abstract: Techniques for securely identifying applications in a communication network are disclosed. For example, a method comprises receiving, at user equipment, a data item associated with an application program that is installed or being installed on the user equipment. The method further comprises storing, by the user equipment, the data item with an identifier of the application program. The method still further comprises utilizing, by the user equipment, the stored data item when deciding to apply a route selection rule for data traffic associated with the application program.

Abstract: Systems, methods, and software of directly connecting a SIM-less device with a cellular network. In one embodiment, User Equipment (UE) includes a Subscriber Identity Module 5 (SIM) provisioned with a plurality of subscription profiles for subscriptions to the cellular network. The UE establishes a direct communication with a SIM-less device that does not have a subscription with the cellular network. The UE selects one of the subscriptions provisioned in the SIM as a temporary subscription assigned to the SIM-less device to allow the SIM-less device to establish a direct connection with the cellular network using the 10 temporary subscription, and transmits a message to the SIM-less device via the direct communication containing subscription credentials for the temporary subscription. The SIM-less device may therefore register with the cellular network using the subscription credentials provided by the UE, and establish a direct connection with the cellular network using the temporary subscription.

Abstract: An apparatus, a method and a computer program is described comprising: receiving a plurality of synchronisation symbol blocks; classifying the received synchronisation symbol blocks based on delay relative to an expected reception time; and identifying one or more candidate line of sight paths on the basis of the delay relative to the expected reception time.

Abstract: Systems, methods, and software of directly connecting a SIM-less device with a cellular network. In one embodiment, User Equipment (UE) includes a Subscriber Identity Module (SIM) provisioned with a plurality of subscription profiles for subscriptions to the cellular network. The UE establishes a direct communication with a SIM-less device that does not have a subscription with the cellular network. The UE selects one of the subscriptions provisioned in the SIM as a temporary subscription assigned to the SIM-less device to allow the SIM-less device to establish a direct connection with the cellular network using the temporary subscription, and transmits a message to the SIM-less device via the direct communication containing subscription credentials for the temporary subscription. The SIM-less device may therefore register with the cellular network using the subscription credentials provided by the UE, and establish a direct connection with the cellular network using the temporary subscription.

Abstract: Techniques are disclosed for security management during an onboarding process for user equipment. For example, from a perspective of an onboarding network, a method comprises authenticating, via the onboarding network, user equipment based on an onboarding record previously configured for the user equipment or a set of user equipment and maintained by the onboarding network. Upon successful authentication, a communication session is established from the onboarding network to a provisioning server for remote provisioning of the user equipment. Advantageously, the onboarding process is performed without a default credential server.

Abstract: According to an example aspect of the present invention, there is provided a method comprising, embedding information for time synchronization to a SSB, encrypting the SSB and transmitting in a cellular communication network the encrypted SSB comprising the information for time synchronization.

Abstract: There are provided measures for handling of paging messages in communication endpoint to network relaying scenarios.

Abstract: According to an example aspect of the present invention, there is provided an apparatus comprising at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to transmit, by a user equipment, a concealed identifier of the user equipment to an onboarding network, wherein the concealed identifier of the user equipment indicates that the user equipment is requesting unauthenticated access to the onboarding network and execute, by the user equipment, a key generating authentication protocol to access the onboarding network without performing authentication of the user equipment.

Abstract: Systems, methods, and software of directly connecting a SIM-less device with a cellular network. In one embodiment, User Equipment (UE) includes a Subscriber Identity Module (SIM) provisioned with a plurality of subscription profiles for subscriptions to the cellular network. The UE establishes a direct communication with a SIM-less device that does not have a subscription with the cellular network. The UE selects one of the subscriptions provisioned in the SIM as a temporary subscription assigned to the SIM-less device to allow the SIM-less device to establish a direct connection with the cellular network using the temporary subscription, and transmits a message to the SIM-less device via the direct communication containing subscription credentials for the temporary subscription. The SIM-less device may therefore register with the cellular network using the subscription credentials provided by the UE, and establish a direct connection with the cellular network using the temporary subscription.

Abstract: There is disclosed methods, apparatuses and computer program products for an authentication procedure in a unicast device to device communication. In accordance with an embodiment the method comprises receiving from an initiating device a request to establish a unicast device to device communication between the initiating device and a target device; sending from the target device an authentication request to the initiating device for authenticating the initiating device; receiving from the initiating device an authentication response to the authentication request including one or more parameters related to the authentication; providing information of the one or more parameters to the application; examining by an application in the target device whether the one or more parameters can be accepted; and if the examining reveals that at least one of the one or more parameters cannot be accepted, sending an authentication failure message to the initiating device.

Abstract: According to an example aspect of the present invention, there is provided method, comprising: generating a first key based on a first input specific to a mobile device, wherein the first input comprises measurement of mutable code of the mobile device and a unique device secret, generating a symmetric second key on the basis of the first key and a second input specific to the mobile device, and generating authentication credentials on the basis of the second key for authenticating the mobile device to a mobile communications network.

Abstract: An apparatus, a method and a computer program is described comprising: receiving a plurality of synchronisation symbol blocks; classifying the received synchronisation symbol blocks based on delay relative to an expected reception time; and identifying one or more candidate line of sight paths on the basis of the delay relative to the expected reception time.