Abstract: Certain aspects of the present disclosure provide techniques for controlling access and use of network resources and services by user equipment based on user equipment capabilities. In one aspect, a method for wireless communication by a network entity, includes: receiving, from a user equipment, a request to connect to a network, the request comprising a user equipment identifier and a reduced capability indication; determining a validity of the reduced capability indication based on at least one of: subscription data associated with the user equipment; or one or more capabilities associated with the user equipment; and making a connection decision based on the validity of the reduced capability indication.

Abstract: This disclosure provides methods, devices and systems related multi-link wireless communication. A method may include establishing, between the first WLAN device and a second WLAN device, a multi-link association that enables a first wireless communication link and a second wireless communication link. The method may include determining a temporal key for the multi-link association. The method may include encrypting a first and second media access control (MAC) protocol data unit (MPDU) based on the temporal key. The method may include preparing a first frame including the encrypted first MPDU and a second frame including the encrypted second MPDU. The method may include assigning packet numbers from a set of sequential packet numbers to the first and second frames. The method may include transmitting the first frame over the first wireless communication link and the second frame over the second wireless communication link.

Abstract: Man-in-the-middle attacks on reference signals used for positioning a mobile device in a wireless network can be detected through time and/or angle consistency checks. Time consistency checks may be based on a consistency of peak location and/or power delay profile across multiple reference signals and/or across different signal types, for example. Angle consistency checks may be based on a consistency of an angle at which a reference signal is received across multiple reference signals and/or in comparison with an expected angle, for example. Embodiments may further include reporting detected attacks.

Abstract: Reference signals used in location estimation of a user equipment (UE) in a wireless data network can be secured against a man-in-the-middle attack by a transmitting device withholding the conveyance of transmission parameters for decoding portions of a reference signal until after the portions are transmitted. Thus, receiving devices can buffer received signals and, after receiving the transmission parameters, process the buffered signals. To further prevent an attacker device from attacking future reference signals, transmission parameters can be nondeterministic such that an attacker device obtaining a parameter at a certain period of time is unable to use the decoded parameter predict or determine subsequent transmission parameters.

Abstract: The present disclosure provides techniques that may be applied, for example, for providing network policy information in a secure manner. In some cases, a UE may receive a first message for establishing a secure connection with a network, wherein the first message comprises network policy information, generate a first key based in part on the network policy information, and use the first key to verify the network policy information.

Abstract: One aspect relates to initiating, by a device, a connection with an application server associated with one or more application services. A gateway derives an uplink network token and/or a downlink network token. The tokens are provisioned to the device and/or an application server over the user-plane. The tokens are included with uplink and/or downlink packets, respectively. Another aspect relates to receiving a data packet at a gateway. The gateway determines a requirement for a network token from the packet. The gateway derives the network token based on a device subscription profile maintained by a network. The network token may be sent with the packet to a destination address associated with the packet. A packet including a network token may be received at a gateway. The gateway may verify the network token and send the data packet to an application server or a device if the verifying is successful.

Abstract: Disclosed are methods and systems for providing home network routing information (HNRI) of remote user equipment (UE) following authentication failure, e.g., during establishment of UE-to-network (U2N) relay communication. In some aspects, a first UE may detect an authentication failure during establishment of a secure connection with a second UE, and in response to detecting the authentication failure, notifies the second UE of the authentication failure. In addition, the HNRI of a first authentication node within the home network of the first UE is provided to a second authentication node within the home network of the second UE, either by the first UE, by the second UE, or from being stored by the second authentication node from a previous interaction involving the first UE.

Abstract: In an aspect of the disclosure, a method, a computer-readable medium, and an apparatus are provided that improve data packet exchange between a UE in an inactive mode and a network. In certain configurations, the apparatus may receive, from a user equipment (UE) in an active mode, a first packet including a first identifier associated with an anchor base station, a second identifier associated with a UE context, and a payload. The apparatus may identify the anchor base station based at least in part on one or more of the first identifier associated with the anchor base station or the second identifier associated with the UE context. The apparatus may transmit a second packet to the anchor base station. The second packet may include at least a portion of the first packet.

Abstract: Certain aspects of the present disclosure provide techniques for controlling access and use of network resources and services by user equipment based on user equipment capabilities. In one aspect, a method for wireless communication by a network entity, includes: receiving, from a user equipment, a request to connect to a network, the request comprising a user equipment identifier and a reduced capability indication; determining a validity of the reduced capability indication based on at least one of: subscription data associated with the user equipment; or one or more capabilities associated with the user equipment; and making a connection decision based on the validity of the reduced capability indication.

Abstract: One feature pertains to a method that includes establishing a radio communication connection with a first radio access node (RAN) that uses control plane signaling connections to carry user plane data. The method also includes determining that the wireless communication device is experiencing radio link failure (RLF) with the first RAN and that the radio communication connection should be reestablished with a second RAN. A reestablishment request message is transmitted to the second RAN that includes parameters that enable a core network node communicatively coupled to the second RAN to authenticate the wireless communication device and allow or reject reestablishment of the radio communication connection. The parameters include at least a message authentication code (MAC) based in part on one or more bits of a non-access stratum (NAS) COUNT value maintained at the wireless communication device.

Abstract: Apparatus, methods, and computer-readable media for facilitating mobility in sidelink-assisted access link connectivity are disclosed herein. An example method for wireless communication at a user equipment (UE) includes establishing a sidelink connection with a first assistant node (AN) and establishing an access link connection with a first primary node (PN), the first AN and the first PN communicating via a first network interface. The example method also includes determining an occurrence of a node-change triggering event associated with at least one of the first AN and the first PN. The example method also includes performing a node-change procedure based on the occurrence of the node-change triggering event. The example method also includes communicating with at least one of a second AN or a second PN based on the node-change procedure, the second AN and the second PN communicating via a second network interface.

Abstract: Various aspects of the present disclosure generally relate to wireless communication. In some aspects, a relay user equipment (UE) may establish a sidelink unicast link with a remote UE via a sidelink signaling interface. The relay UE may identify configuration information for an adaptation layer of the sidelink signaling interface, the configuration information including at least one of: a remote UE identifier associated with the sidelink unicast link for a relay service, bearer identifier information identifying one or more bearers between the remote UE and a network entity for the relay service, a radio link control (RLC) channel mapping between a bearer identifier and one or more RLC channels, or data routing information associated with the relay service. The relay UE may relay communications between the remote UE and the network entity based at least in part on the configuration information. Numerous other aspects are described.

Abstract: Methods, systems, and devices for wireless communications are described. In some systems, a first user equipment (UE) that is out-of-coverage of a base station and a second UE that is in-coverage of the base station may support signaling exchanges for transmitting or receiving a discovery message, an essential system information block (E-SIB), common SIB updates, or on-demand SIBs within a relaying network before and after a relay connection between the first UE and the second UE. The first UE may receive the discovery message and the E-SIB via same or different signaling and may acquire or decode the E-SIB according to various techniques. The first UE may receive common SIB updates via a dedicated logical channel between the first UE and the second UE and the first UE may initiate on-demand SIB acquisition after establishment of the relay connection and based on a connection type of the first UE.

Abstract: Various aspects of the present disclosure generally relate to wireless communication. In some aspects, a relay user equipment (UE) may establish a sidelink unicast link with a remote UE via a sidelink signaling interface. The relay UE may identify configuration information for an adaptation layer of the sidelink signaling interface, the configuration information including at least one of: a remote UE identifier associated with the sidelink unicast link for a relay service, bearer identifier information identifying one or more bearers between the remote UE and a network entity for the relay service, a radio link control (RLC) channel mapping between a bearer identifier and one or more RLC channels, or data routing information associated with the relay service. The relay UE may relay communications between the remote UE and the network entity based at least in part on the configuration information. Numerous other aspects are described.

Abstract: Methods, systems, and devices for wireless communication are described. A user equipment (UE) may transmit, to a network entity, a consent profile registration request, the consent profile registration request identifying a user identifier. The UE may transmit, to the network entity, a consent profile based at least in part on the consent profile registration request, the consent profile comprising one or more consent types for the user identifier that configure one or more consent parameters for the user identifier on a least a per-user basis.

Abstract: Methods, systems, and devices for wireless communications are described. A target user equipment (UE) may receive an indication of a session key from an initiator UE in a sidelink communications system, from a network entity (e.g., a base station), or the like. In some cases, the target UE may also receive an indication of a nonce in a message of a PRS procedure. The target UE may select a positioning reference signal (PRS) sequence for the PRS procedure using the session key and optionally the nonce, such as by using a defined function at the target UE with the session key and the nonce as an input. Once the target UE selects the PRS sequence, the target UE may encode the PRS sequence and may transmit the PRS sequence to the initiator UE.

Abstract: The present disclosure provides techniques that may be applied, for example, for providing network policy information in a secure manner. In some cases, a UE may receive a first message for establishing a secure connection with a network, wherein the first message comprises network policy information, generate a first key based in part on the network policy information, and use the first key to verify the network policy information.

Abstract: Methods, apparatuses, and computer-readable storage medium for encrypting discovery messages are provided. An example method at a first UE may include obtaining a discovery message that is ciphered based on at least one of a ciphering key, a ciphering algorithm, or a first set of time parameters, where the discovery message is scrambled based on at least one of a scrambling key, a scrambling algorithm, or a second set of time parameters. An example method may also include descrambling the discovery message based on at least one of the scrambling key, the scrambling algorithm, or the second set of time parameters. An example method may also include deciphering the discovery message based on at least one of the ciphering key, the ciphering algorithm, or the first set of time parameters.

Abstract: Certain aspects of the present disclosure relate to methods and apparatus for optimizing delivery of a data to and/or from a UE in a connected but inactive state.

Abstract: Certain aspects of the present disclosure provide techniques for estimating performance of a radio link in a wireless communication systems using historical information. Disclosed methods generally includes determining receipt of historical information from a network, and estimating the performance of a radio link based on at least one selected from the group consisting of determining historical information was not received, and comparing received historical information to information available at the UE.