Patents by Inventor Monica Wifvesson

Monica Wifvesson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20250031039
    Abstract: A remote communication device performs an authentication procedure with a home communication network, via a relay communication device, to authenticate the remote communication device to the home communication network for a proximity-based service, ProSe. Performing the authentication procedure comprises deriving one or more keys included in an authentication vector. The remote communication device generates an anchor key for the ProSe directly from the one or more keys included in the authentication vector. The remote communication device protects ProSe direct communication between the remote communication device and the relay communication device using security key material derived from the anchor key.
    Type: Application
    Filed: October 18, 2022
    Publication date: January 23, 2025
    Inventors: Zhang Fu, Monica Wifvesson, Juying Gan, Cheng Wang, Qian Chen, David Castellanos Zamora
  • Patent number: 12200491
    Abstract: A method to operate a UE for handling security policy for user plane protection of communications in a communications system is provided. The method includes transmitting a packet data unit (PDU) session establishment request network access stratum (NAS) message toward an Access and Mobility Management Function (AMF) to establish a PDU session. The method further includes receiving an access network (AN) specific resource setup message indicating whether the UE is to activate integrity protection for data radio bearers (DRBs) serving the PDU session.
    Type: Grant
    Filed: May 4, 2019
    Date of Patent: January 14, 2025
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Noamen Ben Henda, Peter Hedman, Paul Schliwa-Bertling, Monica Wifvesson
  • Patent number: 12185176
    Abstract: In a wireless communication network implementing network slicing (NS), an Initial Access and Mobility Management Function (AMF) for a user equipment (UE) in one NS is able to re-allocate a UE to a Target AMF in a different NS, despite not being able to directly communicate with the Target AMF due to NS security restrictions. In a first embodiment, the Initial AMF transfers the UE context—including its security context—to a Default AMF. The Default AMF has the capability to communicate with network functions in different NSes. The Default AMF transfers the UE context to the Target AMF. In a second embodiment, a security key Kamf? is horizontally derived in a manner that avoids NS security conflicts. The derived key is transferred to the UE and Target AMF, which establish a security context. In a third embodiment, the Initial AMF allocates a Token, and transfers it, along with the UE security context (directly or via RAN) to the Default AMF. The Default AMF then transfers the security context to the Target AMF.
    Type: Grant
    Filed: August 14, 2020
    Date of Patent: December 31, 2024
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Monica Wifvesson, Vlasios Tsiatsis, Peter Hedman
  • Patent number: 12184703
    Abstract: A method is provided to operate a CN node to determine UP security activation. A UP session establishment request is obtained for a wireless device. An indication is obtained that the UP session establishment request is associated with an emergency session and/or that null ciphering and/or null integrity protection are applied to a CP associated with a CP session for the wireless device. It is determined that a UP should be configured for the UP session without activating integrity and/or confidentiality protection for the UP based on the indication. A UP security policy is provided to a RAN node associated with the wireless device, wherein the UP security policy indicates to configure the UP for the UP session without activating integrity and/or confidentiality protection based on determining that a UP should be configured for the UP session without activating integrity and/or confidentiality protection.
    Type: Grant
    Filed: May 30, 2023
    Date of Patent: December 31, 2024
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Monica Wifvesson, Prajwol Kumar Nakarmi, Noamen Ben Henda, Håkan Palm
  • Patent number: 12177662
    Abstract: A method performed by a UE. The method incudes generating a SUCI comprising: i) an encrypted part in which a Mobile Subscription Identification Number of a SUPI is encrypted and ii) a clear-text part comprising: a) a Mobile Country Code of the SUPI, b) a Mobile Network Code of the SUPI, c) a public key identifier for a public key of a home network of the user equipment, and d) an encryption scheme identifier that identifies an encryption scheme used by the UE to encrypt the Mobile Subscription Identification Number in the SUCI. The method also includes transmitting the SUCI to an authentication server in the home network for forwarding of the SUCI to a de-concealing server capable of decrypting the Mobile Subscription Identification Number.
    Type: Grant
    Filed: May 5, 2022
    Date of Patent: December 24, 2024
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Vesa Torvinen, Noamen Ben Henda, David Castellanos Zamora, Prajwol Kumar Nakarmi, Pasi Saarinen, Monica Wifvesson
  • Publication number: 20240388897
    Abstract: A method performed by a user equipment, UE, for enabling a user plane integrity protection mode in a radio access network packet data convergence protocol, PDCP, is provided. The method includes providing an indication of a user plane integrity protection, UP IP, mode supported by the UE. The method further includes receiving an activation message from a receiving node that includes an indication to the UE to activate the UP IP mode. The receiving node is a long term evolution eNodeB. Methods performed by a network node and a radio access node are also provided.
    Type: Application
    Filed: July 17, 2024
    Publication date: November 21, 2024
    Inventors: Monica Wifvesson, Noamen Ben Henda
  • Patent number: 12137340
    Abstract: In some embodiments, a method in a wireless device comprises registering first and second connections with an AMF. The first and second connections share a first security context and connect via first and second access networks, respectively. The method further comprises establishing a second security context with the AMF, setting a flag to a first value based on the second security context having been taken into use on the first connection, and setting the flag to a second value based on the second security context having been taken into use on the second connection. The second value indicates that the second security context has been taken into use on both the first and second connections. The method further comprises retaining the first security context when the flag is set to the first value, and disposing of the first security context after setting the flag to the second value.
    Type: Grant
    Filed: February 15, 2019
    Date of Patent: November 5, 2024
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Noamen Ben Henda, Vesa Torvinen, Monica Wifvesson
  • Patent number: 12137380
    Abstract: Core network equipment is configured for use in a core network of a wireless communication system. The core network equipment is configured to switch switching to using a new non-access stratum, NAS, security context between a user equipment and the core network equipment. The core network equipment is also configured to, during or in association with a handover procedure for handover of the user equipment, signal from the core network equipment that the new NAS security context between the user equipment and the core network equipment is to be used as a basis for an access stratum (AS) security context between the user equipment and radio access network equipment.
    Type: Grant
    Filed: November 23, 2021
    Date of Patent: November 5, 2024
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Prajwol Kumar Nakarmi, Karl Norrman, Monica Wifvesson
  • Publication number: 20240357358
    Abstract: A method for operating a User Equipment (UE) is disclosed, the UE configured to connect to a communication network. The method comprises: indicating to the communication network an Integrity Protection for User Plane (IPUP) mode supported by the UE when requesting registration with the communication network. The IPUP mode comprises one of: use of Integrity Protection for User Plane data exchanged with the UE, non-use of Integrity Protection for User Plane data exchanged with the UE, or use of Integrity Protection for User Plane data, and non-use of Confidentiality Protection for User Plane data.
    Type: Application
    Filed: June 25, 2024
    Publication date: October 24, 2024
    Inventors: Monica Wifvesson, Vesa Torvinen, Karl Norrman, Prajwol Kumar Nakarmi
  • Publication number: 20240340639
    Abstract: A wireless communication device (12) transmits, to a network node (18A-1, 18A-2, 18B) in an Evolved Packet System (10A), signaling (14A) indicating a capability (16) of the wireless communication device (12) to support user plane integrity protection over New Radio, NR, in Evolved Universal Terrestrial Radio Access-NR Dual Connectivity, EN-DC. Based on the indicated capability (16), a secondary gNB for EN-DC may activate or deactivate user plane integrity protection over NR in EN-DC.
    Type: Application
    Filed: August 1, 2022
    Publication date: October 10, 2024
    Inventors: Monica Wifvesson, Prajwol Kumar Nakarmi
  • Patent number: 12114159
    Abstract: A method of operating a network node of a communication network includes establishing a PDU session with a UE, configuring a first UP security policy for the PDU session that applies to radio bearers set up between the UE and a first RAN, and configuring a second UP security policy for the PDU session that applies to radio bearers set up between the UE and a second RAN. A method of operating a UE includes establishing a PDU session with a UPF in a core network, via a first RAN, configuring a first UP security policy for the PDU session that applies to radio bearers set up between the UE and the first RAN, and configuring a second UP security policy for the PDU session that applies to radio bearers set up between the UE and a second RAN. Related network nodes and UEs are disclosed.
    Type: Grant
    Filed: September 30, 2020
    Date of Patent: October 8, 2024
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventor: Monica Wifvesson
  • Publication number: 20240323689
    Abstract: A method performed by a first node includes obtaining a configuration for performing backhaul integrity protection and verification for backhaul adaptation protocol, BAP, data protocol data unit, PDU, packets transmitted and/or received over a backhaul link. The method includes computing a security token to be included in a BAP data PDU to be transmitted. The method includes adding the security token in the BAP data PDU. The method includes transmitting the BAP data PDU with the security token towards a second IAB node.
    Type: Application
    Filed: June 30, 2022
    Publication date: September 26, 2024
    Inventors: Mattias BERGSTRÖM, Marco BELLESCHI, Prajwol Kumar NAKARMI, Monica WIFVESSON
  • Patent number: 12075253
    Abstract: There is provided mechanisms for attachment of a wireless device to an MNO. A method is performed by the wireless device. The method comprises providing an authorization token to an AMF node of the MNO in conjunction with authenticating with the AMF node. The method comprises completing attachment to the MNO upon successful validation of the authorization token by the AMF node.
    Type: Grant
    Filed: January 26, 2017
    Date of Patent: August 27, 2024
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Maria Esther Bas Sanchez, David Castellanos Zamora, Peter Hedman, Christine Jost, Monica Wifvesson
  • Publication number: 20240284178
    Abstract: A method to operate a UE for handling security policy for user plane protection of communications in a communications system is provided. The method includes transmitting a packet data unit (PDU) session establishment request network access stratum (NAS) message toward an Access and Mobility Management Function (AMF) to establish a PDU session. The method further includes receiving an access network (AN) specific resource setup message indicating whether the UE is to activate integrity protection for data radio bearers (DRBs) serving the PDU session.
    Type: Application
    Filed: May 4, 2019
    Publication date: August 22, 2024
    Inventors: Noamen BEN HENDA, Peter HEDMAN, Paul SCHLIWA-BERTLING, Monica WIFVESSON
  • Patent number: 12069471
    Abstract: The AMF re-allocation procedure for an Initiating AMF that has reroute capability via an Access Network (AN) is optimized in scenarios where a wireless device, such as a User Equipment (UE), already shares a 5G security context with-in a Last Serving AMF that is different from the Initiating AMF, and where the Initiating AMF and the Last Serving AMF can communicate with each other via an interface.
    Type: Grant
    Filed: June 12, 2020
    Date of Patent: August 20, 2024
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Peter Hedman, Vlasios Tsiatsis, Monica Wifvesson, Qian Chen, Noamen Ben Henda, Ivo Sedlacek
  • Publication number: 20240276211
    Abstract: A key management is provided that enables security activation before handing over a user equipment from a source 5G wireless communication system, i.e., a Next Generation System (NGS), to a target 4G wireless communication system, i.e., a Evolved Packet System (EPS)/Long Term Evolution (LTE). The key management achieves backward security, i.e., prevents the target 4G wireless communication system from getting knowledge of 5G security information used in the source 5G wireless communication system.
    Type: Application
    Filed: April 16, 2024
    Publication date: August 15, 2024
    Inventors: Monica Wifvesson, Noamen Ben Henda, Vesa Lehtovirta, Christine Jost
  • Publication number: 20240276224
    Abstract: A method performed by a user equipment, UE, for enabling user plane integrity protection of data in a packet data convergence protocol, PDCP, in a radio access network is provided. The method includes sending a session establishment request towards a session management node that includes an indication of a user plane integrity protection mode supported by the UE. The method further includes receiving an activation message from a receiving radio access node that includes an indication to the UE to activate the user plane integrity protection mode for a data radio bearer established with the receiving radio access node. Methods performed by a session management node, a target access and mobility node, and a radio access node are also provided.
    Type: Application
    Filed: April 26, 2024
    Publication date: August 15, 2024
    Inventors: Monica Wifvesson, Noamen Ben Henda
  • Patent number: 12058515
    Abstract: A method performed by a user equipment, UE, for enabling a user plane integrity protection mode in a radio access network packet data convergence protocol, PDCP, is provided. The method includes providing an indication of a user plane integrity protection, UP IP, mode supported by the UE. The method further includes receiving an activation message from a receiving node that includes an indication to the UE to activate the UP IP mode. The receiving node is a long term evolution eNodeB. Methods performed by a network node and a radio access node are also provided.
    Type: Grant
    Filed: April 27, 2020
    Date of Patent: August 6, 2024
    Assignee: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Monica Wifvesson, Noamen Ben Henda
  • Publication number: 20240259792
    Abstract: A UE configured to perform a process that includes transmitting, via a RAN node, a Protocol Data Unit (PDU) Session Establishment Request message toward a Session Management Function (SMF). The process also includes, after transmitting the PDU Session Establishment Request message, the UE receiving from the RAN node a Radio Resource Control (RRC) Connection Reconfiguration message comprising: i) a PDU session identifier (ID) identifying a PDU session, ii) a PDU Session Establishment Accept message generated by the SMF, and iii) indications for the activation of user plane (UP) integrity protection and ciphering for each data radio bearer (DRB) belonging to the PDU session according to a security policy received by the RAN node.
    Type: Application
    Filed: April 11, 2024
    Publication date: August 1, 2024
    Applicant: Telefonaktiebolaget LM Ericsson (publ)
    Inventors: Vesa TORVINEN, Noamen BEN HENDA, Monica WIFVESSON
  • Publication number: 20240259797
    Abstract: Systems and methods are disclosed for supporting remote User Equipment (UE) authentication via a relay UE. In one embodiment, a method performed by a relay UE comprises receiving a first message conveyed by a remote UE and sending a second message to a relay access and mobility function (AMF), wherein the second message comprises a UE-to-Network (U2N) connection mapping identification (ID) that identifies the remote UE. In this manner, the relay UE and relay AMF are able to identify that the second message (e.g., an authentication related message) is for the remote UE. Embodiments of a relay UE and embodiments of a relay AMF and methods of operation thereof are also disclosed.
    Type: Application
    Filed: August 23, 2022
    Publication date: August 1, 2024
    Inventors: Zhang Fu, Monica Wifvesson, Ivo Sedlacek