Abstract: The disclosure relates to a 5G or 6G communication system for supporting a higher data transmission rate. Accordingly, the embodiments herein provide a method for handling key distribution for multicast and broadcast services (MBS) in a wireless network. The method includes sending, by an application function (AF) server (100), an MB session announcement message to the UE (300) in the wireless network, where the MB session announcement message includes the TMGI and the HL MC address. Further, the method includes generating, by the AF server (100), the sessionkey (KMBS) for the TMGI and the HL MC address, where the sessionkey (KMBS) is provided to the UE (300) and the plurality of network entities (200). Further, the method includes protecting, by the AF server (100), a MBS traffic associated with the UE (300) and the plurality of network entities (200) using the generated session key (KMBS).

Abstract: The disclosure relates to a 5G or 6G communication system for supporting a higher data transmission rate. Embodiments herein is to provide a method for providing user consent for UE in a 5G network (1000) by a UE (300). The method includes receiving a request message from a network apparatus (200) to check with the UE (300) whether the network apparatus (200) can provide subscribed event information to a NWDAF (100). The request message includes the subscribed event information and a consumer NF ID to obtain consent from the UE (300). Further, the method includes determining, by the UE (300), using the preconfigured data whether a consent can be provided for the subscribed event information to the NWDAF (100). Further, the method includes sending, by the UE (300), a response message to the network apparatus (200), wherein the response message comprises a consent indication allowing the network apparatus (200) to provide the subscribed event information to the NWDAF (100).

Abstract: Disclosed herein are a communication technique for merging, with an IoT technology, a 5G communication system for supporting a data transmission rate higher than that of a 4G system; and a system therefor. Embodiments herein disclose a method of protecting sensitive user plane traffic in an User Equipment (UE) (100), the method comprising: transmitting, to a network (200), by the UE (100) a first NAS message comprising an indicator indicating that the UE (200) supports of a secure channel for domain name system (DNS); receiving, from the network (200), by the UE (100) a second NAS message including DNS server security information in response to transmitting the first NAS message; and transmitting, to the network (200), by the UE (100) the DNS over the secure channel based on the DNS server security information.

Abstract: The disclosure relates to a 5G or 6G communication system for supporting a higher data transmission rate. Embodiments herein disclose a method for providing restricted service access in a wireless network by a first network entity (i.e., target AMF entity (400)). The method includes requesting a NRF entity (600) to grant an access-token to access a second network entity (i.e., initial AMF entity (300)). Further, the method includes receiving a message comprising a restricted service access to the second network entity based on the access-token. Further, the method includes sending a restricted UE context transfer request to the second network entity based on the message comprising the restricted service access. Further, the method includes receiving a UE context transfer response from the second network entity based on the restricted UE context transfer request.

Abstract: The present disclosure relates to a communication method and system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. Embodiments herein provide a method for determining whether a base station is genuine or rouge in a wireless network. If a received authentication key matches with the authentication key generated in the UE, the method includes identifying a base station as genuine base station and carrying out a normal procedure. If the received authentication key does not match with the generated authentication key, the method includes identifying the base station as a rouge base station.

Abstract: A method performed by a first terminal performing vehicle-to-everything (V2X) communication with a second terminal via one or more PC5 unicast links in a wireless communication system is provided. The method may include: receiving, from a core network entity, information on one or more security policies respectively corresponding to the one or more PC5 unicast links, wherein each of the one or more PC5 unicast links is associated with one or more V2X services; transmitting, to the second terminal, a direct communication request message including the one or more security policies for initiating the V2X communication; and in case that the transmitted direct communication request message is accepted by the second terminal, activating a security of each of the one or more PC5 unicast links based on the received information on the one or more security policies.

Abstract: The present disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates Beyond 4th-Generation (4G) communication system such as Long Term Evolution (LTE). In accordance with an aspect of the present disclosure, a method of transmitting data in a device to device communication system is provided. The method includes determining whether a security feature is applied to one or more packet data convergence protocol (PDCP) data units, configuring the one or more PDCP data units based on the determined result, and transmitting the one or more PDCP data units to one or more receiving user equipments (UEs).

Abstract: Disclosed herein are a communication technique for merging, with an IoT technology, a 5G communication system for supporting a data transmission rate higher than that of a 4G system; and a system therefor. Embodiments herein disclose a method of protecting sensitive user plane traffic in an User Equipment (UE) (100), the method comprising: transmitting, to a network (200), by the UE (100) a first NAS message comprising an indicator indicating that the UE (200) supports of a secure channel for domain name system (DNS); receiving, from the network (200), by the UE (100) a second NAS message including DNS server security information in response to transmitting the first NAS message; and transmitting, to the network (200), by the UE (100) the DNS over the secure channel based on the DNS server security information.

Abstract: The present disclosure relates to a 5G communication system or a 6G communication system for supporting higher data rates beyond a 4G communication system such as long term evolution (LTE). The present disclosure provides a system and method for security protocol implemented in a communication network. The method performed by a first network entity includes determining based on a HUB being in a trusted area or in a non-trusted area, whether one or more network functions (NFs) are configured to perform security operations based on a generation of a message by a corresponding one or more NFs.

Abstract: The present disclosure relates to a communication method and system for converging a 5th Generation (5G) communication system for supporting higher data rates beyond a 4th Generation (4G) system with a technology for Internet of Things (IoT). The method includes comparing plurality of parameters (e.g. TAI) received in message (e.g. initial NAS message, registration request, first protected NAS message) from UE and plurality of parameters (e.g. TAI) broadcasted/received/stored by AMF entity and/or genuine gNB. AMF entity and/or genuine gNB sends an accept message (e.g. NAS accept) or reject message (e.g. NAS reject, RRC reject or RRC reconfiguration.) with appropriate error cause value to UE to mitigate the MitM attack. Based on received message from AMF entity and/or genuine gNB, UE detects that UE is camped on genuine gNB or fake gNB. UE performs action(s) (e.g. cell reselection), when UE is camped on fake gNB/eNB to mitigate MitM attack.

Abstract: Embodiments herein provide a method for handling synchronization of Home Network (HN) security key(s) in a wireless network. The proposed method includes receiving a Non-access stratum (NAS) authentication request message from a network entity (200A), where the UE (100A) holds a first Home network (HN) security key. Further, the method includes determining an authentication response message for the received NAS authentication request message and generating a second HN security key from a plurality of input parameters received in the NAS authentication request message and sending authentication response message to the network entity (200A). Further, the method includes storing the second HN security key in response to receiving a NAS security mode command message from the network entity (200A) or ignore the second HN security key in response to receiving a NAS reject message from the network entity (200A).

Abstract: The present disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates Beyond 4th-Generation (4G) communication system such as Long Term Evolution. Methods and systems for mitigating Denial of Service (DOS) attacks in wireless networks, by performing admission control by verifying a User Equipment's (UE's) registration request via a Closed Access Group (CAG) cell without performing a primary authentication are provided. Embodiments herein disclose methods and system for verifying permissions of the UE to access a CAG cell based on the UE's Subscription identifier, before performing the primary authentication. The method for mitigating DOS attacks in wireless networks includes requesting a public land mobile network for accessing a non-public network (NPN) through a CAG cell, verifying the permissions of a UE to access the requested NPN through the CAG cell, and performing a primary authentication.

Abstract: Accordingly, the embodiments herein provide a method for authentication of an IAB node by an IAB-donor node in a wireless network. The method includes obtaining an IAB authorization information of the IAB node from one of an Access and Mobility Management Function (AMF) and a Mobility Management Entity (MME) of the wireless network, determining whether the IAB authorization information of the IAB node indicates the IAB node is authorized, and allocating a unique identity/parameter to the IAB node during an IAB- Mobile Termination (MT) setup and/or Backhaul Radio Link Control (RLC) channel establishment and/or Routing update phase. Further, the method includes storing the unique identity/parameter in a user equipment (UE) - context, which is used to identify the UE-context during an IAB- Distributed Unit (DU) part setup for authorization check and/or authentication.

Abstract: Methods and systems for identifying AUSF and accessing related keys in 5G ProSe. The AUSF corresponding to a remote UE is identified by an AMF based on routing indicator or SKI. The AUSF is capable of key management of ProSe UE-to-Network relay communication. The AUSF authorizes the remote UE to access a 5G core network through one or more UE-to-network relays. The authorization of the remote UE is performed based on a SUPI corresponding to the remote UE. The SUPI is obtained from a UDM. Once the remote UE is authorized, the AUSF can derive keys that enable the remote UE to access the 5G core network through the one or more UE-to-network relays. The keys derived by the AUSF 803 can be referred to as authentication keys. The derived keys include REAR key, KNR_ProSe, KD, and KNRP.

Abstract: Embodiments herein provide a method and a wireless network device (100) for handing a paging cause of a service. The method includes receiving, by the wireless network device (100), a NAS message includes the paging cause of the service provided by the wireless network device (100) and a first value corresponding to the paging cause from a UE (200). The method includes modifying, by the wireless network device (100), the first value of the paging cause of the service to a second value, and sending a NAS response message to the UE (200), where the NAS response message includes the paging cause of the service and the second value of the paging cause. The second value enables the UE (200) to respond to a paging message based on the second value of the paging cause.

Abstract: Accordingly, embodiments herein disclose a method for handling a closed access group (CAG) related procedure in a wireless communication system. A network may receive a radio resource control (RRC) resume request message from a user equipment (UE). The network may determine whether the at least one CAG identifier (ID) broadcasted in a CAG cell is included in an allowed CAG list of the UE (100) in response to the RRC resume request message. The network may proceed with a RRC resume procedure in response to determining that the at least one CAG ID is included in the allowed CAG list.

Abstract: The present disclosure relates to a communication method and system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. Accordingly the embodiments herein provides a method and system for ciphering of initial NAS message protection procedure. A UE is registered to a first PLMN and a first 5G NAS security context has been established. The UE selects a second PLMN. The UE sends Initial Registration procedure with only cleartext IE to the second PLMN. The second PLMN may initiate and perform authentication procedure.

Abstract: The disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates Beyond 4th-Generation (4G) communication system such as long term evolution (LTE). Accordingly, embodiments herein provide a method for integrity protection of user plane (UP) signaling messages in a wireless network. The method includes receiving integrity protection data rate capability of a user equipment (UE) (300). Further, the method includes receiving a dedicated protocol data unit (PDU) session establishment request to establish the dedicated PDU session for exchange of the UP signalling messages. Further, the method includes establishing the dedicated PDU session with integrity protection based on the integrity protection data rate capability of the UE (300). Further, the method includes exchanging the UP signalling message with the UE (300) over the established dedicated PDU session with integrity protection.

Abstract: The present disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates Beyond 4th-Generation (4G) communication system such as Long Term Evolution (LTE). Embodiments herein provide method and system for end-to-end security over signaling plane in a mission critical data (MCData) communication system. The proposed method includes various ways of securing MCData data payload transmitted over signaling plane using short data service (SDS). The proposed method allows usage of multiple security keys to encrypt the MCData SDS message as per the requirements. Various Keys such as, signaling plane key or media plane key or a dedicated MCData data payload signaling key can be used independently or in a combination thereof to achieve the desired security context. The proposed method allows protection of all the application level components with the signaling plane security context.

Abstract: The present disclosure relates to a pre-5th-Generation (5G) or 5G communication system to be provided for supporting higher data rates Beyond 4th-Generation (4G) communication system such as Long Term Evolution (LTE). Embodiments herein disclose methods for establishing secure communication in a wireless communication network (3000) by an AUSF entity (400). The method includes receiving a key request message from a remote UE (100a) through an AMF entity (500). Further, the method includes acquiring one of the SUPI of the remote UE (100a) and a REAR ID associated with the SUPI of the remote UE (100a). Further, the method includes generating a rear key for remote UE (100a) communication via a UE-to-network relay. The REAR key is used for deriving a first ProSe key.