Patents by Inventor Karl Norrman
Karl Norrman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11924630Abstract: The present disclosure relates to methods and apparatus for flexible, security context management during AMF changes. One aspect of the disclosure is a mechanism for achieving backward security during AMF changes in idle mode. Instead of passing the current NAS key to the target AMF, the source AMF derives a new NAS key, provides the new NAS key to the target AMF, along with a key change indication indicating that the NAS key has changed. The target AMF sends the key change indication to the user equipment.Type: GrantFiled: July 30, 2021Date of Patent: March 5, 2024Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Noamen Ben Henda, Christine Jost, Karl Norrman, Monica Wifvesson
-
Publication number: 20240073683Abstract: The present disclosure relates to methods and apparatus for flexible, security context management during AMF changes. One aspect of the disclosure is a mechanism for achieving backward security during AMF changes in idle mode. Instead of passing the current NAS key to the target AMF, the source AMF derives a new NAS key, provides the new NAS key to the target AMF, along with a key change indication indicating that the NAS key has changed. The target AMF sends the key change indication to the user equipment.Type: ApplicationFiled: November 3, 2023Publication date: February 29, 2024Inventors: Noamen Ben Henda, Christine Jost, Karl Norrman, Monica Wifvesson
-
Patent number: 11917073Abstract: A message authentication code, for a message transmitted and received over a communications network, is formed by applying inputs to an integrity algorithm acting on the message. The inputs comprise: an integrity key; a value indicating a transfer direction; and a frame-dependent integrity input, wherein the frame-dependent integrity input is a frame-dependent modulo count value that also depends on a random value and on a frame-specific sequence number.Type: GrantFiled: March 29, 2022Date of Patent: February 27, 2024Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Vesa Torvinen, Noamen Ben Henda, Qian Chen, Vesa Lehtovirta, Mats Näslund, Karl Norrman, Gang Ren, Mikael Wass, Monica Wifvesson
-
Patent number: 11917055Abstract: A method in a User Equipment (UE) of an Evolved Packet System (EPS) establishes a security key (K_eNB) for protecting Radio Resource Control/User Plane (RRC/UP) traffic exchanged with a serving eNodeB. The method comprises sending a Non-Access Stratum (NAS) Service Request to a Mobility Management Entity (MME), the request indicating a NAS uplink sequence number (NAS_U_SEQ). The method further comprises receiving an indication of the NAS_U_SEQ of the NAS Service Request sent to the MME, back from the MME via the eNodeB. The method further comprises deriving the K_eNB from at least the received indication of the NAS_U_SEQ and from a stored Access Security Management Entity-key (K_ASME) shared with said MME.Type: GrantFiled: July 2, 2021Date of Patent: February 27, 2024Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Rolf Blom, Gunnar Mildh, Karl Norrman
-
Patent number: 11792025Abstract: A method of verifying that a first device and a second device are physically interconnected is disclosed. The method is performed by a verifier and includes sending a challenge R1 to the first device, for use as basis for input to a first physical unclonable function, PUF, —part of the first device, receiving, a response, RES1, from the second device, the response RES1 being based on an output of a second PUF part of the second device, and verifying that the first device and the second device are interconnected for the case that the received response, RES1, and an expected response fulfills a matching criterion. A method in a first device and a method in a second device and corresponding devices, computer programs and computer program products are also disclosed.Type: GrantFiled: February 10, 2017Date of Patent: October 17, 2023Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Karl Norrman, Elena Dubrova, Bernard Smeets
-
Patent number: 11758443Abstract: According to an aspect, there is provided a method of operating a first radio access node in a communication network, the method comprising determining (601) whether a first base key that is used to determine a first encryption key for encrypting communications between a communication device and the first radio access node can be used by a second radio access node for determining a second encryption key for encrypting communications between the communication device and the second radio access node; and if the first base key can be used by the second radio access node, sending (603) the first base key to the second radio access node during handover of the communication device from the first radio access node to the second radio access node.Type: GrantFiled: November 30, 2020Date of Patent: September 12, 2023Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Rasmus Axén, Karl Norrman
-
Patent number: 11743718Abstract: The present disclosure relates to methods and apparatus for flexible, security context management during AMF changes. One aspect of the disclosure is a mechanism for achieving backward security during AMF changes. Instead of passing the current NAS key to the target AMF, the source AMF derives a new NAS key, provides the new NAS key to the target AMF, and sends a key change indication to the UE, either directly or through some other network node. The UE can then derive the new NAS key from the old NAS key. In some embodiments, the AMF may provide a key generation parameter to the UE to use in deriving the new NAS key. In other embodiments, the target AMF may change one or more security algorithms.Type: GrantFiled: July 22, 2022Date of Patent: August 29, 2023Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Noamen Ben Henda, Christine Jost, Karl Norrman, Monica Wifvesson
-
Publication number: 20230269578Abstract: The present disclosure generally relates to the field of security context setup. More specifically, the present disclosure relates to techniques of supporting security context setup in a wireless communication network. A method embodiment relates to supporting security context setup in a wireless communication network, the method comprising initiating (S304), by a radio access network (RAN) element of the wireless communication network, Access Stratum (AS) security context setup for a first Radio Access Technology (RAT) and a second RAT in a common signaling procedure.Type: ApplicationFiled: April 19, 2023Publication date: August 24, 2023Inventors: Osman Nuri Can Yilmaz, Icaro L. J. Da Silva, Karl Norrman, Paul Schliwa-Bertling, Stefan Wager
-
Patent number: 11722473Abstract: A communication device of a communication network receives, via a network, a challenge, generates a first Diffie Hellman, DH, parameter, a first verification code for the first DH parameter, forwards the challenge or a derivative thereof to an identity module, receives at least one result parameter as response from the identity module, determines, based on the result parameter, whether the first DH parameter is authentic, and if the first DH parameter is authentic, generates and sends a second DH parameter to the network device for session key generation based on the first DH parameter and the second DH parameter.Type: GrantFiled: February 23, 2021Date of Patent: August 8, 2023Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Mats Näslund, Bengt Sahlin, Karl Norrman, Jari Arkko
-
Publication number: 20230224059Abstract: Methods and apparatus in a fifth-generation wireless communications, including an example method, in a wireless device, that includes receiving a downlink signal comprising an uplink access configuration index, using the uplink access configuration index to identify an uplink access configuration from among a predetermined plurality of uplink access configurations, and transmitting to the wireless communications network according to the identified uplink access configuration. The example method further includes, in the same wireless device, receiving, in a first subframe, a first Orthogonal Frequency-Division Multiplexing (OFDM) transmission formatted according to a first numerology and receiving, in a second subframe, a second OFDM transmission formatted according to a second numerology, the second numerology differing from the first numerology. Variants of this method, corresponding apparatuses, and corresponding network-side methods and apparatuses are also disclosed.Type: ApplicationFiled: January 5, 2023Publication date: July 13, 2023Inventors: Stefan Parkvall, Janne Peisa, Gunnar Mildh, Robert Baldemair, Stefan Wager, Jonas Kronander, Karl Werner, Richard Abrahamsson, Ismet Aktas, Peter Alriksson, Junaid Ansari, Shehzad Ali Ashraf, Henrik Asplund, Fredrik Athley, Håkan Axelsson, Joakim Axmon, Johan Axnäs, Kumar Balachandran, Gunnar Bark, Jan-Erik Berg, Andreas Bergström, Håkan Björkegren, Nadia Brahmi, Cagatay Capar, Anders Carlsson, Andreas Cedergren, Mikael Coldrey, Icaro L. J. da Silva, Erik Dahlman, Ali El Essaili, Ulrika Engström, Mårten Ericson, Erik Eriksson, Mikael Fallgren, Rui Fan, Gabor Fodor, Pål Frenger, Jonas Fridén, Jonas Fröberg Olsson, Anders Furuskär, Johan Furuskog, Virgile Garcia, Ather Gattami, Fredrik Gunnarsson, Ulf Gustavsson, Bo Hagerman, Fredrik Harrysson, Ning He, Martin Hessler, Kimmo Hiltunen, Songnam Hong, Dennis Hui, Jörg Huschke, Tim Irnich, Sven Jacobsson, Niklas Jaldén, Simon Järmyr, Zhiyuan Jiang, Martin Johansson, Niklas Johansson, Du Ho Kang, Eleftherios Karipidis, Patrik Karlsson, Ali S. Khayrallah, Caner Kilinc, Göran N. Klang, Sara Landström, Christina Larsson, Gen Li, Lars Lindbom, Robert Lindgren, Bengt Lindoff, Fredrik Lindqvist, Jinhua Liu, Thorsten Lohmar, Qianxi Lu, Lars Manholm, Ivana Maric, Jonas Medbo, Qingyu Miao, Reza Moosavi, Walter Müller, Elena Myhre, Karl Norrman, Bengt-Erik Olsson, Torgny Palenius, Sven Petersson, Jose Luis Pradas, Mikael Prytz, Olav Queseth, Pradeepa Ramachandra, Edgar Ramos, Andres Reial, Thomas Rimhagen, Emil Ringh, Patrik Rugeland, Johan Rune, Joachim Sachs, Henrik Sahlin, Vidit Saxena, Nima Seifi, Yngve Selén, Eliane Semaan, Sachin Sharma, Cong Shi, Johan Sköld, Magnus Stattin, Anders Stjernman, Dennis Sundman, Lars Sundström, Miurel Isabel Tercero Vargas, Claes Tidestav, Sibel Tombaz, Johan Torsner, Hugo Tullberg, Jari Vikberg, Peter von Wrycza, Thomas Walldeen, Pontus Wallentin, Hai Wang, Ke Wang Helmersson, Jianfeng Wang, Yi-Pin Eric Wang, Niclas Wiberg, Emma Wittenmark, Osman Nuri Can Yilmaz, Ali Zaidi, Zhan Zhang, Zhang Zhang, Yanli Zheng
-
Patent number: 11696127Abstract: A communication system for resuming a connection comprises a user equipment (UE) and network nodes. A first network node is configured to prepopulate a UE context, and send, to a second network node, the UE context. The second network node is configured to receive, from the first network node, the UE context, and send, to a UE, a resume request message including a freshness parameter and the UE context. The UE is configured to receive, from the second network node, a resume request message including the freshness parameter and the UE context, generate an authentication token based on the freshness parameter and the UE context, and send, to the second network node, a resume response message including the authentication token. The communication system provides a freshness parameter and a prepopulated UE context to secure and facilitate resume procedure against replay attacks.Type: GrantFiled: November 16, 2018Date of Patent: July 4, 2023Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Magnus Stattin, Gunnar Mildh, Dung Pham Van, Paul Schliwa-Bertling, Icaro L. J. Da Silva, Karl Norrman, Oscar Ohlsson
-
Patent number: 11653199Abstract: The present disclosure generally relates to the field of security context setup. More specifically, the present disclosure relates to techniques of supporting security context setup in a wireless communication network. A method embodiment relates to supporting security context setup in a wireless communication network, the method comprising initiating (S304), by a radio access network (RAN) element of the wireless communication network, Access Stratum (AS) security context setup for a first Radio Access Technology (RAT) and a second RAT in a common signaling procedure.Type: GrantFiled: April 20, 2021Date of Patent: May 16, 2023Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Osman Nuri Can Yilmaz, Icaro L. J. Da Silva, Karl Norrman, Paul Schliwa-Bertling, Stefan Wager
-
Patent number: 11652562Abstract: Methods and apparatus in a fifth-generation wireless communications, including an example method, in a wireless device, that includes receiving a downlink signal comprising an uplink access configuration index, using the uplink access configuration index to identify an uplink access configuration from among a predetermined plurality of uplink access configurations, and transmitting to the wireless communications network according to the identified uplink access configuration. The example method further includes, in the same wireless device, receiving, in a first subframe, a first Orthogonal Frequency-Division Multiplexing (OFDM) transmission formatted according to a first numerology and receiving, in a second subframe, a second OFDM transmission formatted according to a second numerology, the second numerology differing from the first numerology. Variants of this method, corresponding apparatuses, and corresponding network-side methods and apparatuses are also disclosed.Type: GrantFiled: December 31, 2020Date of Patent: May 16, 2023Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Stefan Parkvall, Janne Peisa, Gunnar Mildh, Robert Baldemair, Stefan Wager, Jonas Kronander, Karl Werner, Richard Abrahamsson, Ismet Aktas, Peter Alriksson, Junaid Ansari, Shehzad Ali Ashraf, Henrik Asplund, Fredrik Athley, Håkan Axelsson, Joakim Axmon, Johan Axnäs, Kumar Balachandran, Gunnar Bark, Jan-Erik Berg, Andreas Bergström, Häkan Björkegren, Nadia Brahmi, Cagatay Capar, Anders Carlsson, Andreas Cedergren, Mikael Coldrey, Icaro L. J. da Silva, Erik Dahlman, Ali el Essaili, Ulrika Engström, Mårten Ericson, Erik Eriksson, Mikael Fallgren, Rui Fan, Gabor Fodor, Pål Frenger, Jonas Fridén, Jonas Fröberg Olsson, Anders Furuskär, Johan Furuskog, Virgile Garcia, Ather Gattami, Fredrik Gunnarsson, Ulf Gustavsson, Bo Hagerman, Fredrik Harrysson, Ning He, Martin Hessler, Kimmo Hiltunen, Songnam Hong, Dennis Hui, Jörg Huschke, Tim Irnich, Sven Jacobsson, Niklas Jaldén, Simon Järmyr, Zhiyuan Jiang, Niklas Johansson, Martin Johansson, Du Ho Kang, Eleftherios Karipidis, Patrik Karlsson, Ali S. Khayrallah, Caner Kilinc, Göran N. Klang, Sara Landström, Christina Larsson, Gen Li, Lars Lindbom, Robert Lindgren, Bengt Lindoff, Fredrik Lindqvist, Jinhua Liu, Thorsten Lohmar, Qianxi Lu, Lars Manholm, Ivana Maric, Jonas Medbo, Qingyu Miao, Reza Moosavi, Walter Muller, Elena Myhre, Karl Norrman, Bengt-Erik Olsson, Torgny Palenius, Sven Petersson, Jose Luis Pradas, Mikael Prytz, Olav Queseth, Pradeepa Ramachandra, Edgar Ramos, Andres Reial, Thomas Rimhagen, Emil Ringh, Patrik Rugeland, Johan Rune, Joachim Sachs, Henrik Sahlin, Vidit Saxena, Nima Seifi, Yngve Selén, Eliane Semaan, Sachin Sharma, Cong Shi, Johan Sköld, Magnus Stattin, Anders Stjernman, Dennis Sundman, Lars Sundström, Miurel Isabel Tercero Vargas, Claes Tidestav, Sibel Tombaz, Johan Torsner, Hugo Tullberg, Jari Vikberg, Peter von Wrycza, Thomas Walldeen, Pontus Wallentin, Hai Wang, Ke Wang Helmersson, Jianfeng Wang, Yi-Pin Eric Wang, Niclas Wiberg, Emma Wittenmark, Osman Nuri Can Yilmaz, Ali Zaidi, Zhan Zhang, Zhang Zhang, Yanli Zheng
-
Publication number: 20230109947Abstract: Methods and apparatus in a fifth-generation wireless communications network, including an example method, in a wireless device, that includes determining a reporting quality threshold for a parameter related to channel state information (CSI); performing a measurement for each of a plurality of beams from a first predetermined set of beams for evaluation; evaluating the measurement for each of the plurality of beams against the reporting quality threshold; discontinuing the performing and evaluating of measurements in response to determining that the reporting quality threshold is met for one of the beams, such that one or more beams in the first predetermined set of beams are not measured and evaluated; and reporting, to the wireless communications network, CSI for the one of the beams.Type: ApplicationFiled: June 8, 2022Publication date: April 13, 2023Inventors: Stefan Parkvall, Janne Peisa, Gunnar Mildh, Robert Baldemair, Stefan Wager, Jonas Kronander, Karl Werner, Richard Abrahamsson, Ismet Aktas, Peter Alriksson, Junaid Ansari, Shehzad Ali Ashraf, Henrik Asplund, Fredrik Athley, Håkan Axelsson, Joakim Axmon, Johan Axnäs, Kumar Balachandran, Gunnar Bark, Jan-Erik Berg, Andreas Bergström, Håkan Björkegren, Nadia Brahmi, Cagatay Capar, Anders Carlsson, Andreas Cedergren, Mikael Coldrey, Icaro L. J. da Silva, Erik Dahlman, Ali El Essaili, Ulrika Engström, Mårten Ericson, Erik Eriksson, Mikael Fallgren, Rui Fan, Gabor Fodor, Pål Frenger, Jonas Fridén, Jonas Fröberg Olsson, Anders Furuskär, Johan Furuskog, Virgile Garcia, Ather Gattami, Fredrik Gunnarsson, Ulf Gustavsson, Bo Hagerman, Fredrik Harrysson, Ning He, Martin Hessler, Kimmo Hiltunen, Songnam Hong, Dennis Hui, Jörg Huschke, Tim Irnich, Sven Jacobsson, Niklas Jaldén, Simon Järmyr, Zhiyuan Jiang, Martin Johansson, Niklas Johansson, Du Ho Kang, Eleftherios Karipidis, Patrik Karlsson, Ali S. Khayrallah, Caner Kilinc, Göran N. Klang, Sara Landström, Christina Larsson, Gen Li, Bo Lincoln, Lars Lindbom, Robert Lindgren, Bengt Lindoff, Fredrik Lindqvist, Jinhua Liu, Thorsten Lohmar, Qianxi Lu, Lars Manholm, Ivana Maric, Jonas Medbo, Qingyu Miao, Reza Moosavi, Walter Müller, Elena Myhre, Johan Nilsson, Karl Norrman, Bengt-Erik Olsson, Torgny Palenius, Sven Petersson, Jose Luis Pradas, Mikael Prytz, Olav Queseth, Pradeepa Ramachandra, Edgar Ramos, Andres Reial, Thomas Rimhagen, Emil Ringh, Patrik Rugeland, Johan Rune, Joachim Sachs, Henrik Sahlin, Vidit Saxena, Nima Seifi, Yngve Selén, Eliane Semaan, Sachin Sharma, Cong Shi, Johan Sköld, Magnus Stattin, Anders Stjernman, Dennis Sundman, Lars Sundström, Miurel Isabel Tercero Vargas, Claes Tidestav, Sibel Tombaz, Johan Torsner, Hugo Tullberg, Jari Vikberg, Peter von Wrycza, Thomas Walldeen, Anders Wallén, Pontus Wallentin, Hai Wang, Ke Wang Helmersson, Jianfeng Wang, Yi-Pin Eric Wang, Niclas Wiberg, Emma Wittenmark, Osman Nuri Can Yilmaz, Ali Zaidi, Zhan Zhang, Zhang Zhang, Yanli Zheng
-
Publication number: 20230072080Abstract: According to an exemplary embodiment, there is provided a method of operating a terminal device. The method includes operating the terminal device in a connected state with respect to the communication network. The method further includes receiving a first signal from a first radio access node in the communication network indicating that the connected state is to be suspended, the first signal having information for use in determining a first key for encrypting data to be sent between the terminal device and the first radio access node or another radio access node in the communication network if the connected state is resumed.Type: ApplicationFiled: November 16, 2022Publication date: March 9, 2023Inventors: Oscar OHLSSON, Karl NORRMAN, Paul SCHLIWA-BERTLING, Magnus STATTIN
-
Patent number: 11595822Abstract: A method performed by a resolver in a core network of a wireless communication system, where the method comprise: receiving, from a requester in the core network, a request to resolve a provided identifier that is one of a subscription identifier and a pseudonym identifier serving in the core network as a pseudonym for the subscription identifier; and transmitting, to the requester as a response to the request, a resolved identifier that is the other of the subscription identifier and the pseudonym identifier.Type: GrantFiled: October 4, 2018Date of Patent: February 28, 2023Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Prajwol Kumar Nakarmi, Mats Näslund, Karl Norrman
-
Patent number: 11558745Abstract: A method (200) for operating a User Equipment (UE) is disclosed, the UE configured to connect to a communication network. The method comprises: indicating to the communication network an Integrity Protection for User Plane (IPUP) mode supported by the UE when requesting registration with the communication network (202). The IPUP mode comprises one of: use of Integrity Protection for User Plane data exchanged with the UE (202a), non-use of Integrity Protection for User Plane data exchanged with the UE (202b), or use of Integrity Protection for User Plane data, and non-use of Confidentiality Protection for User Plane data (202c). Also disclosed are an apparatus for operating a UE, methods and apparatus for operating a radio access node and a core node of a communication network, and a computer program operable to carry out methods for operating a UE, a radio access node and/or a core node of a communication network.Type: GrantFiled: January 30, 2018Date of Patent: January 17, 2023Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Monica Wifvesson, Prajwol Kumar Nakarmi, Karl Norrman, Vesa Torvinen
-
Patent number: 11553299Abstract: A method for handling broadcast information is described. A first network node (111) operating in a wireless communications network (100) determines (403) one or more decryption keys (K1, K2, K3) to be provided to a wireless device (131) in the wireless communications network (100). The decryption keys enable the wireless device (131) to decrypt information to be broadcasted by a second network node (112) in the wireless communications network (100). The information comprises a plurality of subsets of positioning information. Each of the subsets is to be, or is, encrypted with a different encryption key based on a respective type of subscription for wireless devices (131, 132, 133) in the wireless communications network (100). The determined decryption keys are based on at least one type of subscription of the wireless device (131). The first network node (111) then initiates (404) providing the determined to the wireless device (131).Type: GrantFiled: April 30, 2018Date of Patent: January 10, 2023Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Sara Modarres Razavi, Åke Busin, Fredrik Gunnarsson, Karl Norrman, Henrik Rydén
-
Patent number: 11523275Abstract: According to an exemplary embodiment, there is provided a method of operating a terminal device. The method includes operating the terminal device in a connected state with respect to the communication network. The method further includes receiving a first signal from a first radio access node in the communication network indicating that the connected state is to be suspended, the first signal having information for use in determining a first key for encrypting data to be sent between the terminal device and the first radio access node or another radio access node in the communication network if the connected state is resumed.Type: GrantFiled: September 2, 2020Date of Patent: December 6, 2022Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Oscar Ohlsson, Karl Norrman, Paul Schliwa-Bertling, Magnus Stattin
-
Patent number: 11516659Abstract: There is provided a method for authentication in device to device discovery. A method performed by a Discoverer device, comprises broadcasting a direct discovery request, receiving a direct discovery response from a Discoveree device, the direct discovery response comprising a first token, and the Discoverer device using the first token to verify that the Discoveree device is authorized to respond to the direct discovery request.Type: GrantFiled: June 7, 2018Date of Patent: November 29, 2022Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Vesa Lehtovirta, Karl Norrman, Monica Wifvesson