Patents by Inventor David Castellanos-Zamora

David Castellanos-Zamora has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240080664
    Abstract: A method for an authentication server function, AUSF, of a communication network is provided. The method comprises sending a second authentication request comprising a first identifier associated with a user equipment, UE, or a second identifier associated with the UE, receiving a response to the second authentication request, and when the response comprises an 5 authentication and key management for applications, AKMA, indicator: determining a first security key identifier based on a first field comprised in the response.
    Type: Application
    Filed: November 11, 2021
    Publication date: March 7, 2024
    Inventors: Cheng Wang, David CASTELLANOS ZAMORA, Vlasios Tsiatsis
  • Publication number: 20240056446
    Abstract: The present disclosure provides methods, entities, and computer readable media for non-3GPP access authentication. The method (1600) at a protocol translation entity includes: receiving (S1601), from a Non-3GPP access point, an authentication request message of a first protocol type for a UE that includes an identity of the UE; translating (S1603) the authentication request message of the first protocol type to a corresponding authentication request message of a second protocol type; and transmitting (S1605), to an entity for authentication, the corresponding authentication request message of a second protocol type that includes the identity of the UE.
    Type: Application
    Filed: December 14, 2021
    Publication date: February 15, 2024
    Inventors: David CASTELLANOS ZAMORA, Daniel Nilsson, Stefan Rommer, Cheng Wang, Chunbo Wang
  • Patent number: 11895229
    Abstract: A network node operates a Session Management Function (SMF) in a control plane of a core network of a wireless network. The network node authenticates a User Equipment (UE) with an Extensible Authentication Protocol (EAP) server in a secondary authentication process that uses the SMF as an EAP authenticator. The EAP server is outside of the core network and the UE is separately authenticated with a further network node in the control plane of the core network via a primary authentication process. Authenticating the UE in the secondary authentication process comprises exchanging EAP messages between the SMF and the UE and between the SMF and the EAP server. The SMF authorizes a data session between the UE and the external network through a user plane of the core network based on the UE having successfully authenticated via both the primary authentication process and the secondary authentication process.
    Type: Grant
    Filed: January 4, 2023
    Date of Patent: February 6, 2024
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Noamen Ben Henda, David Castellanos Zamora, Vesa Torvinen
  • Patent number: 11889293
    Abstract: A network node (500, 600) in a home network, HN, of a wireless device (10, 300, 400) assigns a different priority to each of one or more parameter sets in a priority list. Each parameter set comprises one or more parameters used for calculating the subscription identifier. The network node (500, 600) provides the wireless device (10, 300, 400) with the priority list to facilitate the calculation of the subscription identifier by the wireless device (10, 300, 400). The wireless device (10, 300, 400) obtains the priority list, and calculates the subscription identifier using a null parameter set or one of the one or more parameter sets in the priority list selected responsive to the defined priorities. The wireless device (10, 300, 400) then informs the HN of the subscription of the wireless device (10, 300, 400) by sending the calculated subscription identifier to the network node (500, 600).
    Type: Grant
    Filed: December 20, 2018
    Date of Patent: January 30, 2024
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Prajwol Kumar Nakarmi, David Castellanos Zamora, John Mattsson
  • Publication number: 20240008103
    Abstract: A UE is assigned a first server for session control of the session. The first IMS node sends a request to a subscriber server associated with the UE. The request requests assistance data for selecting a second server to be assigned to the UE for the session control. The first IMS node selects a second server to be assigned to the UE for session control, based on the requested assistance data. The first IMS node sends an invitation to the selected second server. The invitation includes an indication indicating that the selected second server is selected to replace the first server. The indication triggers the selected second server, to indicate to the subscriber server to register the address of the selected second server in the subscriber server, to replace the first server in being assigned to the UE for the session control.
    Type: Application
    Filed: March 3, 2021
    Publication date: January 4, 2024
    Inventors: Emiliano MERINO VAZQUEZ, Cristina RUIZ BALMASEDA, David CASTELLANOS ZAMORA, Jesus Angel DE GREGORIO RODRIGUEZ
  • Patent number: 11864091
    Abstract: A method for discovering services in a telecommunication network provided by a network function, NF, in a Service Based Architecture, SBA, based telecommunication network, said method comprising the steps of receiving a discovery request, from a Network function, NF, consumer, for discovering an NF producer to interact with, wherein said discovery request comprises a Mobile Station International Subscriber Directory Number, MSISDN, associated with said NF consumer, transmitting to an address translate server, an address translate query, wherein said address translate query comprises said MSISDN, receiving an address translate response, wherein said address translate response comprises a Universal Resource Identifier, URI, and transmitting, to said NF, a discovery response, wherein said discovery response comprises an NF producer instance for interaction with said NF.
    Type: Grant
    Filed: December 3, 2018
    Date of Patent: January 2, 2024
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Ralf Keller, David Castellanos Zamora, Jose Miguel Dopico Sanjuan
  • Patent number: 11864098
    Abstract: The present specification faces the issues of selecting a right 5G Network Function, NF, instance in scenarios wherein NF instances are considered NF segments that manage different sets of users and wherein NF segmentation is not based on SUPI ranges. To solve these issues, there is provided a new procedure for accessing an NF segment, wherein registration and discovery of the right NF segment is based on a Routing Indicator, and wherein the Routing Indicator, which is received with a Subscription Concealed Identifier (SUCI) identifying a UE, is included in any interaction between 5GC NFs.
    Type: Grant
    Filed: January 25, 2019
    Date of Patent: January 2, 2024
    Assignee: Telefonaktiebolaget LM Ericsson (Publ)
    Inventors: David Castellanos Zamora, Jesus-Angel De-Gregorio-Rodriguez
  • Publication number: 20230403554
    Abstract: A method by an AUSF of a home PLMN configured to communicate through an interface with electronic devices is provided. A first authentication request is received from a first PLMN that is authenticating an electronic device. A first security key used for integrity protection of messages delivered from the home PLMN to the electronic device is obtained. A second authentication request is received from a second PLMN that is authenticating the electronic device. A second security key used for integrity protection of the messages delivered from the home PLMN to the electronic device is obtained. A message protection request is received. Which of the first security key and the second security key is a latest security key is determined. The latest security key is used to protect a message associated with the message protection request.
    Type: Application
    Filed: August 29, 2023
    Publication date: December 14, 2023
    Inventors: Noamen Ben Henda, David Castellanos ZAMORA, Monica Wifvesson, Vesa Lehtovirta
  • Publication number: 20230354007
    Abstract: The present disclosure provides a method for a first network element in a communication network to perform service subscriptions for a UE. The method includes: in response to receiving a request comprising service subscription information for the UE from a second network element serving the UE and assisting in the service, cross referencing the service subscription information for the UE in the request with stored service subscription information for the UE for consistency; and in response to being not consistent, initiating updating of service subscriptions for the UE in the second network element according to the stored service subscription information for the UE. Corresponding devices, computer readable storage medium, carrier, etc. are also provided.
    Type: Application
    Filed: September 21, 2020
    Publication date: November 2, 2023
    Inventors: Miguel Angel GARCIA MARTIN, David CASTELLANOS ZAMORA, Emiliano MERINO VAZQUEZ, Pablo ACEVEDO MONTSERRAT, Juying GAN, Yunjie LU
  • Patent number: 11792720
    Abstract: Network equipment in a wireless communication network is configured to receive at least a portion of a subscription concealed identifier, SUCI, (34) for a subscriber. The SUCI (34) contains a concealed subscription permanent identifier, SUPI, (20) for the subscriber. The received at least a portion of the SUCI (34) indicates a sub-domain code, SDC. The SDC indicates a certain sub-domain, from among multiple sub-domains of a home network of the subscriber, to which the subscriber is assigned. The network equipment is also configured to determine, based on the SDC and from among multiple instances of a provider network function in the home network respectively allocated to provide a service to be consumed for subscribers assigned to different sub-domains, an instance of the provider network function to provide the service to be consumed for the subscriber.
    Type: Grant
    Filed: June 17, 2021
    Date of Patent: October 17, 2023
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Cheng Wang, David Castellanos Zamora, Prajwol Kumar Nakarmi, Vesa Torvinen
  • Publication number: 20230308871
    Abstract: An authentication server (16) in a home network (18) of a wireless device (10) receives, from a network node (14), a request (20) for authentication data (22) based on which to authenticate the wireless device (10). The request (20) indicates a serving network (12) on which the authentication data (22) is to be based. The authentication server (16) checks whether or not the network node (14) is authorized to request authentication data (22) that is based on the indicated serving network (12).
    Type: Application
    Filed: July 29, 2021
    Publication date: September 28, 2023
    Inventors: David Castellanos Zamora, Jesus Angel De Gregorio Rodriguez, Emiliano Merino Vazquez, Cristina Ruiz Balmaseda
  • Publication number: 20230300607
    Abstract: Disclosed herein is a method performed by a network node and a network node for handling User Equipment, UE, Parameters Update, UPU, data set types which may not be supported by a UE, the method comprising one or more of: receiving an indication of UPU data set types supported by a UE; determining if a given UPU data set type is supported by the UE based on the indication; if the given UPU data set type is supported by the UE, sending a UPU message to the UE with the given UPU data set type; and if the given UPU data set type is not supported by the UE, not sending the UPU message to the UE with the given UPU data set type.
    Type: Application
    Filed: August 12, 2021
    Publication date: September 21, 2023
    Inventors: Ivo Sedlacek, Mikael Wass, David Castellanos Zamora
  • Publication number: 20230292125
    Abstract: A method by a first core network (CN) node of a core network of a wireless communication system for authenticating a user equipment (UE) to the CN. The method includes receiving, from a second CN node, a first authentication request to authenticate the UE to the CN, and determining that the UE should be authenticated by an external authentication entity that is external to the wireless communication system. The first CN node transmits a second authentication request toward the external authentication entity, and receives a first authentication response verifying authenticity of the UE. The method further includes obtaining a key for securing communications with the UE based on the authentication response, and transmitting a second authentication response to the second CN node identifying the UE and including the key for securing communications with the UE.
    Type: Application
    Filed: August 10, 2021
    Publication date: September 14, 2023
    Inventors: Noamen BEN HENDA, Vesa LEHTOVIRTA, Henrik NORMANN, David CASTELLANOS ZAMORA
  • Patent number: 11743722
    Abstract: A method by an AUSF of a home PLMN configured to communicate through an interface with electronic devices is provided. A first authentication request is received from a first PLMN that is authenticating an electronic device. A first security key used for integrity protection of messages delivered from the home PLMN to the electronic device is obtained. A second authentication request is received from a second PLMN that is authenticating the electronic device. A second security key used for integrity protection of the messages delivered from the home PLMN to the electronic device is obtained. A message protection request is received. Which of the first security key and the second security key is a latest security key is determined. The latest security key is used to protect a message associated with the message protection request.
    Type: Grant
    Filed: June 2, 2021
    Date of Patent: August 29, 2023
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Noamen Ben Henda, David Castellanos Zamora, Monica Wifvesson, Vesa Lehtovirta
  • Publication number: 20230269582
    Abstract: A method performed by a first IP multimedia system, IMS, node, for handling authentication of a user equipment, UE, in a communication network. The method includes receiving a request from a second IMS node to retrieve an authentication vector. The request includes a private identifier generated from a subscription permanent identifier. The method further includes sending a request to retrieve an indication, where the request includes a subscription permanent identifier, receiving the indication, and generating the authentication vector using the received indication. In addition, the method includes sending the generated authentication vector to the second IMS node for authenticating the UE.
    Type: Application
    Filed: August 13, 2021
    Publication date: August 24, 2023
    Inventors: David CASTELLANOS ZAMORA, Afshin ABTIN
  • Publication number: 20230232356
    Abstract: A method of operating a core network node in a communication system includes receiving, at a first network function, a registration message from a radio access network node to register a user equipment, UE, and, responsive to the registration message, transmitting a request for information on whether network slices associated with the UE are subject to Network Slice-Specific Authentication and Authorization, NSSAA. Responsive to the request, the method receives a response message including Single-Network Slice Selection Assistance Information, S-NSSAI, information associated with the UE, the S-NSSAI information including NSSAA status information relating to the S-NSSAI information, and determines whether to initiate an NSSAA procedure with the UE based on the S-NSSAI information. Related network nodes are disclosed.
    Type: Application
    Filed: November 5, 2020
    Publication date: July 20, 2023
    Inventors: Kaj JOHANSSON, Peter HEDMAN, David CASTELLANOS ZAMORA
  • Publication number: 20230209326
    Abstract: A method, performed by a first node (111), for handling subscriptions in a communications network (100). The first node (111) operates in the communications network (100). The first node (111) sends (303), to a second node (112), a first indication. The first indication requests subscription to report new accessibility for a device (140) to a second domain different than a first domain currently accessible by the device (140). The first node (111) receives (304) a second indication from the second node (112). The second indication indicates the new accessibility by the device (140) to the second domain. A fifth node (115) receives (501), from the first node (111), a fifth indication indicating a notification of an event by the device (140) after the new accessibility has been enabled. The fifth indication is received based on a previous indication sent by the fifth node (115) prior to the new accessibility has been enabled.
    Type: Application
    Filed: June 29, 2020
    Publication date: June 29, 2023
    Inventors: Emiliano MERINO VAZQUEZ, Miguel Angel GARCIA MARTIN, Beatriz MAROTO GIL, David CASTELLANOS ZAMORA
  • Publication number: 20230199486
    Abstract: According to some embodiments, a method performed by a network node capable of operating as an authentication server function (AUSF) comprises generating an anchor key (KAKMA) and a KAKMA key identifier (KAKMA ID) associated with a wireless device and transmitting, to at least one authentication and key management for applications (AKMA) anchor function (AAnF) instance, key material associated with the wireless device.
    Type: Application
    Filed: March 31, 2021
    Publication date: June 22, 2023
    Inventors: Cheng Wang, David CASTELLANOS ZAMORA, Vlasios Tsiatsis, Helena Vahidi Mazinani
  • Publication number: 20230188574
    Abstract: There is provided mechanisms for indicating IMS voice support over PS for a UE in a PLMN. A method is performed by an AMF of the PLMN. The method comprises obtaining a trigger for the AMF to indicate IMS voice support over PS for the UE in the PLMN. The method comprises obtaining information of IMS voice support over PS for the UE in the PLMN. The method comprises providing, based on the information, an indication to a radio access network serving the UE in the PLMN. The indication specifies the IMS voice support over PS for the UE in the PLMN.
    Type: Application
    Filed: March 17, 2021
    Publication date: June 15, 2023
    Applicant: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Ralf KELLER, Ann-Christine SANDER, Afshin ABTIN, David CASTELLANOS ZAMORA
  • Publication number: 20230171603
    Abstract: The present disclosure relates to provisioning of a UE with credentials to access a communication network, such as a SNPN. A DCS maintains a binding of UE onboarding credentials and a UE identifier with network information for the authorized SNPN. After obtaining the network information from the DCS, the onboarding network requests authorization from a provisioning server (190) in the SNPN to initiate a provisioning procedure with the SNPN. The provisioning server (190) verifies that the UE is authorized to access the SNPN and determines the type of provisioning procedure to use (e.g., control plane provisioning or user plane provisioning). If verification is successful, the provisioning server (190) sends a response authorizing the onboarding network to initiate provisioning of the UE and indicating the type of provisioning procedure to use. The authorization procedure prevents rogue or malicious UEs from attempting to initiate a provisioning procedure with the ANPN without prior authorization.
    Type: Application
    Filed: May 12, 2021
    Publication date: June 1, 2023
    Inventors: Miguel Angel Garcia Martin, David Castellanos Zamora, Peter Hedman