Patents by Inventor Patrik Salmela
Patrik Salmela has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12149638Abstract: There is provided mechanisms for certificate revocation check during a subscription related procedure for a subscriber entity. A method is performed by the subscriber entity. The method comprises receiving a message from a subscription management entity during the subscription related procedure for the subscriber entity. The message comprises a certificate and an OCSP response for the certificate. The OCSP response indicates a revocation state of the certificate. The method comprises determining whether the certificate has been revoked or not by checking the revocation state as indicated in the OCSP response.Type: GrantFiled: July 1, 2019Date of Patent: November 19, 2024Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Kazi Wali Ullah, Patrik Salmela, Abu Shohel Ahmed
-
Patent number: 12120523Abstract: There is provided mechanisms for remote provisioning of a SIM profile to a subscriber entity. A method is performed by a remote SIM provisioning server. The method comprises obtaining a request from an MNO entity for generation of the SIM profile. The method comprises generating the SIM profile. The method comprises providing, to a storage entity, a key-value pair of the SIM profile. The key-value pair comprises a unique identifier comprising at least one profile specific element of the SIM profile as key and binding information of the at least one profile specific element as value. The unique identifier comprising at least one profile specific element of the SIM profile is represented by profile/subscription unique data elements for the SIM profile. The binding information of the at least one profile specific element is represented by an BID of the subscriber entity, ICCID of the SIM profile, IMSI, and an MNO identifier.Type: GrantFiled: July 3, 2019Date of Patent: October 15, 2024Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Abu Shohel Ahmed, Patrik Salmela, Kazi Wali Ullah
-
Patent number: 12112246Abstract: There is provided mechanisms for a manufacturer of an ML model to embed at least one marker in an electronic file. A method comprises obtaining the electronic file. The electronic file represents content that causes the ML model to determine an output for the electronic file according to a first processing strategy. The method comprises embedding, in the electronic file, the at least one marker that, only when detected by the ML model, causes the output of the electronic file to be determined according to a second processing strategy. The second processing strategy is unrelated to the first processing strategy and deterministically defined by the at least one marker.Type: GrantFiled: October 1, 2018Date of Patent: October 8, 2024Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Kristian Slavov, Patrik Salmela, Edgar Ramos
-
Publication number: 20240283791Abstract: Methods and apparatus are provided. In an example aspect, a method of authorization in a network node is provided. The method comprises receiving, from an authorization node, an indication that a User Equipment, UE, is authorized to access a resource, and receiving, from the authorization node, an indication of network access parameters for the UE for accessing the resource.Type: ApplicationFiled: July 5, 2021Publication date: August 22, 2024Inventors: Patrik Salmela, Mohit Sethi
-
Publication number: 20240275593Abstract: There is provided a method performed by a first wireless device that is roaming in a visited network. The method comprises measuring (901) an amount of data transmitted and/or received by the first wireless device in a first session with the visited network; using (903) a private key to generate a signature for a data usage record that comprises the data measurement, wherein a public key corresponding to the private key is associated, by a home network of the first wireless device, with the first wireless device; and sending (905) the data usage record to the visited network.Type: ApplicationFiled: June 9, 2021Publication date: August 15, 2024Applicant: Telefonaktiebolaget LM Ericsson (publ)Inventors: Patrik SALMELA, Mukesh THAKUR, Santeri PAAVOLAINEN
-
Publication number: 20240276216Abstract: There is provided mechanisms for authenticating a first radio communication device with a network. A method is performed by the first radio communication device. The method comprises obtaining credentials for a network subscription to the network. The method comprises obtaining an upper part of a radio protocol stack, according to which radio protocol stack the first radio communication device is configured to communicate with the network. The method comprises authenticating with the network. The method comprises providing, to a second radio communication device, at least one key, as derived from the credentials during the authenticating, for use by the second radio communication device when executing the remaining part of the radio protocol stack for communication between the second radio communication device and the network.Type: ApplicationFiled: April 22, 2024Publication date: August 15, 2024Inventors: Patrik Salmela, Per STÅHL, Kristian Slavov, Vesa Lehtovirta
-
Publication number: 20240259804Abstract: Methods for enabling end-to-end security for a communication session between a user equipment (UE), registered with a Mobile Network Operator (MNO) network, and a gateway and/or service of an external network are disclosed. In the methods additional keys are generated based on keys obtained in a secondary authentication between the UE and an entity and/or service. An entity, a UE, computer programs and computer program products are also disclosed.Type: ApplicationFiled: June 16, 2021Publication date: August 1, 2024Inventors: Patrik SALMELA, Mohit SETHI, Andrey SHOROV
-
Publication number: 20240195779Abstract: A first edge node can communicate an address candidate for either a first sidecar container of the first edge node or a second sidecar container of a second edge node with a master orchestrator. The first edge node can then communicate traffic between a first application container of the first edge node and a second application container of the second edge node via a connection between the first sidecar container and the second sidecar container using the address candidate.Type: ApplicationFiled: April 15, 2021Publication date: June 13, 2024Inventors: Miika Komu, Patrik Salmela, Tero Kauppinen
-
Publication number: 20240187860Abstract: Methods and means for providing a UE access to an external network are disclosed. In the methods it is determined that a that a secondary authentication procedure is required in order for the UE to access the external network, and then providing, to an entity of the external network, information relating to the UE. The UE related information is included in a message in relation to the secondary authentication procedure between the UE and the entity of the external network.Type: ApplicationFiled: June 15, 2021Publication date: June 6, 2024Inventors: Patrik SALMELA, Mohit SETHI, Andrey SHOROV, Vesa LEHTOVIRTA
-
Patent number: 12003511Abstract: A method for operating a system hosted on a mobile entity is disclosed, wherein the system is operable to connect to a communication network. The method, performed by a controller of the system, comprises seeking to establish a trust relationship with a cooperating system hosted on a mobile entity, and, if a trust relationship with the cooperating system is established, performing at least one of: initiating use of a resource provided by the cooperating system, or initiating provision of a resource for use by the cooperating system. Also disclosed is a method for operating a function comprising a digital representative of a system hosted on a mobile entity, wherein the system is operable to connect to a communication network.Type: GrantFiled: April 30, 2019Date of Patent: June 4, 2024Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Miljenko Opsenica, Patrik Salmela, Roberto Morabito, Edgar Ramos, Tero Kauppinen, Miika Komu
-
Publication number: 20240155452Abstract: Systems and methods for network slice continuity in handover of a communication network are provided. In some embodiments, a User Equipment (UE) is configured to receive, from a network node on a first cell, a first message comprising an indication of at least one cell that supports a particular network slice and engage in a handover operation based on the 5 indication comprised in the received first message. In some embodiments, a network node is configured to sending, to a UE on a first cell, a first message comprising an identification of at least one cell that supports a particular network slice.Type: ApplicationFiled: February 3, 2022Publication date: May 9, 2024Inventors: Patrik Salmela, Markus Hanhisalo, Juha Kujanen
-
Patent number: 11968529Abstract: There is provided mechanisms for authenticating a first radio communication device with a network. A method is performed by the first radio communication device. The method comprises obtaining credentials for a network subscription to the network. The method comprises obtaining an upper part of a radio protocol stack, according to which radio protocol stack the first radio communication device is configured to communicate with the network. The method comprises authenticating with the network. The method comprises providing, to a second radio communication device, at least one key, as derived from the credentials during the authenticating, for use by the second radio communication device when executing the remaining part of the radio protocol stack for communication between the second radio communication device and the network.Type: GrantFiled: March 15, 2019Date of Patent: April 23, 2024Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Patrik Salmela, Per Ståhl, Kristian Slavov, Vesa Lehtovirta
-
Patent number: 11963260Abstract: A method of ending a subscription performed in a network entity is disclosed. The method comprises receiving, from a device comprising an Embedded Universal Integrated Circuit Card, eUICC, a signed confirmation of a profile having been deleted in the device, the profile being associated with a subscription for the device; sending, to a Subscription Manager Data Preparation entity, a command for deletion of the profile; and deleting the user subscription and related profile in case an acknowledgement of the deletion of the profile is received from the Subscription Manager Data Preparation entity. Method in a device, method in a Subscription Manager Data Preparation entity, devices and entities, computer programs and computer program products are also provided.Type: GrantFiled: June 2, 2021Date of Patent: April 16, 2024Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Patrik Salmela, Abu Shohel Ahmed, Kazi Wali Ullah
-
Publication number: 20240107297Abstract: A communication device (2) generates a cryptographic key (20K) as a function of information (20B) bound to an intermediate communication network (20) via which the communication device (2) authenticates a subscription to a subscribed communication network (10). Here, the communication device (2) is served by a serving communication network (30) that differs from the intermediate communication network (20). The communication device (2) protects communication for the communication device (2) based on the generated cryptographic key (20K).Type: ApplicationFiled: December 28, 2020Publication date: March 28, 2024Inventors: Vesa Lehtovirta, Patrik Salmela
-
Publication number: 20240107317Abstract: A communication device (2) obtains a subscription identifier (50) that identifies a subscription to a first communication network (10). The subscription identifier (50) includes a first network identifier (52) that identifies the first communication network (10) and includes a second network identifier (54) that identifies a second communication network serving the first communication network (10). In some embodiments, the subscription identifier (50) conceals the first network identifier (52). Alternatively or additionally, the subscription identifier (50) is an International Mobile Subscriber Identity, IMSI, or is a Network Access Identifier, NAI, that includes the first network identifier (52) in a username part of the NAI. Regardless, the communication device (2) transmits the subscription identifier (50).Type: ApplicationFiled: December 28, 2020Publication date: March 28, 2024Inventors: Patrik Salmela, Vesa Lehtovirta
-
Publication number: 20240107288Abstract: A first network node (20N) in a first communication network (20) transmits information to a second network node (10N) in a second communication network (10). The information indicates a third communication network (30) is in a control signaling path (15) between a communication device (2) and the second communication network (10). In some embodiments, the first network node (20N) and/or the second network node (10N) may apply one or more policies based on the information, e.g., whether to authenticate a subscription of the communication device (2) to the second communication network (10).Type: ApplicationFiled: December 28, 2020Publication date: March 28, 2024Inventors: Patrik Salmela, Vesa Lehtovirta
-
Publication number: 20240056794Abstract: There is provided mechanisms for handling download of a subscription profile from a pool of subscription profiles. The subscription profiles of the pool of subscription profiles are served by an MNO entity. A method is performed by a subscription management entity. The subscription management entity manages the pool of subscription profiles. The pool of subscription profiles has its own pool identifier. The method comprises obtaining a request from a communication device for download of one of the subscription profiles from the pool of subscription profiles. The method comprises enabling download to the communication device of one of the subscription profiles from the pool of subscription profiles. The method comprises filling up the pool of subscription profiles so that total number of subscription profiles in the pool of subscription profiles remains unchanged.Type: ApplicationFiled: December 17, 2020Publication date: February 15, 2024Applicant: Telefonaktiebolaget LM Ericsson (publ)Inventors: Patrik SALMELA, Per STÅHL
-
Patent number: 11888828Abstract: Embodiments relate to a method for secure domain name system, DNS, queries. The method is performed in a DNS client, and the method includes obtaining an encryption key and internet protocol, IP, address for a final DNS resolver, creating a session key, encrypting a DNS query and the created session key with the obtained encryption key, and sending a DNS message containing the encrypted DNS query and the created session key to an intermediate DNS resolver, different from the final DNS resolver, together with the obtained IP address for the final DNS resolver. Methods, nodes, computer programs, and a computer program product for secure DNS queries are also presented.Type: GrantFiled: November 26, 2018Date of Patent: January 30, 2024Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Niilo Lehtikuja, Patrik Salmela
-
Publication number: 20240031799Abstract: Communication equipment (4, 6) generates an inner subscription concealed identifier (10C). Generating the inner subscription concealed identifier (10C) includes concealing at least a part of a subscription identifier (10S) using cryptographic key material (10K) associated with a first communication network (10), e.g., a non-public network. The subscription identifier (10S) identifies a subscription to the first communication network (10). The communication equipment (4, 6) generates an outer subscription concealed identifier (20C). Generating the outer subscription concealed identifier (20C) includes concealing the inner subscription concealed identifier (10C) using cryptographic key material (20K) associated with a second communication network (20), e.g., a public network. The communication equipment (4, 6) transmits the outer subscription concealed identifier (20C).Type: ApplicationFiled: December 28, 2020Publication date: January 25, 2024Inventors: Patrik Salmela, Vesa Lehtovirta
-
Patent number: 11844144Abstract: There is provided mechanisms for handling a subscription profile for a subscriber entity. A method is performed by a subscription management entity. The method comprises obtaining a request from a mobile network operator entity to configure the subscription profile for the subscriber entity. The method comprises configuring the subscription profile with a customized PIN/PUK code for the subscriber entity. The method comprises providing an indication of the customized PIN/PUK code being configured in the subscription profile in a response to the mobile network operator entity.Type: GrantFiled: October 27, 2017Date of Patent: December 12, 2023Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Abu Shohel Ahmed, Patrik Salmela, Kazi Wali Ullah