Patents by Inventor Suresh P. Nair

Suresh P. Nair has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240056476
    Abstract: Techniques for security management with compromised-equipment detection in a communication system are disclosed. For example, a method comprises causing intentional introduction of one or more errors in at least one communication protocol layer of a communication network, wherein the communication network has a plurality of user equipment connected thereto via at least one access point. The method further comprises causing verification of one or more received error indicators against one or more expected error indicators to decide whether any of: (i) the plurality of user equipment; (ii) the at least one access point; or (iii) one or more network entities, may be compromised. In other examples, verifications may be correlated with other logs including, for example, security event logs.
    Type: Application
    Filed: August 9, 2023
    Publication date: February 15, 2024
    Inventors: Suresh P. Nair, Rakshesh Pravinchandra Bhatt, Ranganathan Mavureddi Dhanasekaran
  • Publication number: 20240056804
    Abstract: There is provided an apparatus comprising means for determining a change of connection at a user equipment from a source access point to a target access point, and means for receiving, from the target access point, an indication that an associated gateway function is the same for the source access point and the target access point. The apparatus also comprising means for generating an access point key based on the received indication from the target access point, and means for securing communications with the target access point using the generated access point key.
    Type: Application
    Filed: August 10, 2023
    Publication date: February 15, 2024
    Inventors: Ranganathan MAVUREDDI DHANASEKARAN, Saurabh KHARE, Suresh P NAIR
  • Publication number: 20240023176
    Abstract: Systems, methods, apparatuses, and computer program products for a method of mobility between distributed units with a local control plane are provided. For example, a method can include detecting, at a target distributed unit, a handover based on an indication from a source distributed unit after a handover command has been sent to a user equipment to hand over from the source distributed unit to the target distributed unit. The method can also include sending, from the target distributed unit to a central unit user plane, a data transmission resume notification, to trigger to the central unit user plane to resume downlink data transmission toward the target distributed unit. The downlink data transmission was previously suspended by instructions from a source distributed unit to the central unit user plane when the handover was initiated from the source distributed unit to the target distributed unit.
    Type: Application
    Filed: June 9, 2023
    Publication date: January 18, 2024
    Inventors: Sankaran BALASUBRAMANIAM, Subramanya CHANDRASHEKAR, Raghuram Reddy KRISHNAMURTHY, Suresh P NAIR
  • Publication number: 20240007449
    Abstract: Techniques for providing privacy features in communication systems are provided. For example, a message may be provided from user equipment to an element or function in a communication network that comprises one or more privacy indicators, where privacy features for processing the message are determined based on the privacy indicators. The message may comprise an attach request comprising a subscription identifier for a subscriber associated with the user equipment, with the privacy indicators comprising a flag indicating whether the subscription identifier in the attach request is privacy-protected. As another example, the element of function in the communication network may determine privacy features supported by the communication network and generate and send a message to user equipment comprising one or more privacy indicators selected based on the determined privacy features.
    Type: Application
    Filed: September 6, 2023
    Publication date: January 4, 2024
    Inventors: Suresh P. Nair, Anja Jerichow, Annett Seefeldt
  • Publication number: 20230413045
    Abstract: Various example embodiments relate to authentication in case of roaming. An apparatus may be configured to receive, by an application function of a first visitor public land mobile area network (PLMN) or a second visitor PLMN of a device, a registered serving network identifier of the device indicative of the first visitor PLMN; and transmit, based on the registered serving network identifier, an encryption key to an application security function of the first visitor PLMN for encryption of an application session of the device.
    Type: Application
    Filed: June 12, 2023
    Publication date: December 21, 2023
    Inventors: Saurabh KHARE, Suresh P NAIR, Ranganathan MAVUREDDI DHANASEKARAN
  • Publication number: 20230362150
    Abstract: Systems, methods, and software of performing primary re-authentication of User Equipment (UE) (106). In one embodiment, a Unified Data Management (UDM) (218) triggers primary re-authentication of a UE in response to a trigger condition, and sends a re-authentication notification message toward an Access and Mobility Management Function (AMF) (212) to perform primary re-authentication of the UE.
    Type: Application
    Filed: May 3, 2023
    Publication date: November 9, 2023
    Inventors: Suresh P. NAIR, Saurabh KHARE, Ranganathan MAVUREDDI DHANASEKARAN
  • Publication number: 20230345246
    Abstract: Systems, methods, and software of performing an Authentication and Key Management for Applications (AKMA) authentication service. An AKMA authentication proxy resides between User Equipment (UE) and a plurality of Application Functions (AFs). The AKMA authentication proxy receive an application session establishment request message from the UE requesting an application session with a first application function, sends a key request message toward an AKMA anchor function (AAnF) requesting AKMA application keys for a plurality of application functions, receives a key response message sent from the AAnF that includes the AKMA application keys, identifies a first AKMA application key for the first application function from the AKMA application keys derived by the AAnF, and forwards the application session establishment request message to the first application function with the first AKMA application key.
    Type: Application
    Filed: April 21, 2023
    Publication date: October 26, 2023
    Inventors: Saurabh KHARE, Suresh P NAIR, Ranganathan MAVUREDDI DHANASEKARAN
  • Patent number: 11792172
    Abstract: Techniques for providing privacy features in communication systems are provided. For example, a message may be provided from user equipment to an element or function in a communication network that comprises one or more privacy indicators, where privacy features for processing the message are determined based on the privacy indicators. The message may comprise an attach request comprising a subscription identifier for a subscriber associated with the user equipment, with the privacy indicators comprising a flag indicating whether the subscription identifier in the attach request is privacy-protected. As another example, the element of function in the communication network may determine privacy features supported by the communication network and generate and send a message to user equipment comprising one or more privacy indicators selected based on the determined privacy features.
    Type: Grant
    Filed: October 26, 2017
    Date of Patent: October 17, 2023
    Assignee: NOKIA TECHNOLOGIES OY
    Inventors: Suresh P. Nair, Anja Jerichow, Annett Seefeldt
  • Patent number: 11637871
    Abstract: User equipment (UE) and a network node may establish data radio bearers (DRBs) for wireless communication of user plane data. For each DRB, the UE and network node may signal static integrity protection for the user plane data during set-up of the DRB. When the DRB has static integrity protection, integrity protection is applied to the user plane data for a duration of the DRB.
    Type: Grant
    Filed: November 5, 2018
    Date of Patent: April 25, 2023
    Assignee: NOKIA OF AMERICA CORPORATION
    Inventor: Suresh P. Nair
  • Publication number: 20230046112
    Abstract: In response to a radio link failure between given user equipment and a source access node of a communication system during a data transfer operation over a control plane, a method is provided for recovering the radio link for the given user equipment through a target access node of the communication system. The radio link recovery is enabled via a mobility management node of the communication system using a non-access stratum security context previously established between the given user equipment and the mobility management node.
    Type: Application
    Filed: October 28, 2022
    Publication date: February 16, 2023
    Inventor: Suresh P. Nair
  • Patent number: 11582214
    Abstract: Certain embodiments provide a method of updating a security. The method can include monitoring a bearer that includes first and second radio accesses according to different radio technologies between user equipment and a communications network. One or more properties of the monitored bearer can be determined. An update of a security key utilized for securing communications over at least one of the radio accesses can be triggered in response to determining that the determined properties meet at least one triggering condition capable of indicating a need for the update.
    Type: Grant
    Filed: September 30, 2016
    Date of Patent: February 14, 2023
    Assignee: NOKIA TECHNOLOGIES OY
    Inventors: Daniela Laselva, Suresh P. Nair, Mika Rinne
  • Publication number: 20230037332
    Abstract: Techniques are disclosed for verification of user equipment (UE) for small data transmission (SDT) when the user equipment is in an inactive state with respect to a communication network. For example, the UE is verified at a selected target gNB upon an SDT resume request initiated by the UE, i.e., a returning UE with respect to the selected target gNB, or otherwise prior to UE data resuming transmission to an anchor gNB from the selected target gNB.
    Type: Application
    Filed: July 29, 2022
    Publication date: February 9, 2023
    Applicant: Nokia Technologies Oy
    Inventors: Subramanya Chandrashekar, Daniela Laselva, Suresh P. Nair, Philippe Godin
  • Patent number: 11523280
    Abstract: In response to a radio link failure between given user equipment and a source access node of a communication system during a data transfer operation over a control plane, a method is provided for recovering the radio link for the given user equipment through a target access node of the communication system. The radio link recovery is enabled via a mobility management node of the communication system using a non-access stratum security context previously established between the given user equipment and the mobility management node.
    Type: Grant
    Filed: November 20, 2020
    Date of Patent: December 6, 2022
    Assignee: NOKIA TECHNOLOGIES OY
    Inventor: Suresh P. Nair
  • Patent number: 11224032
    Abstract: Embodiments provide a mobile communications device that includes a processor configured to communicate with a transceiver and a memory. The transceiver is configured to exchange control signals with a network node. The memory contains instructions that when executed by the processor configure the processor to operate the transceiver to exchange the control signals. The instructions further configure the processor to pass a first proper subset of the control signals to a remote device without operating according to the control signals, and to operate according to control signals in a second proper subset of the control signals. The processor is thereby configured to operate on behalf of a remote communication device to support communication between the remote communication device and the network node.
    Type: Grant
    Filed: August 23, 2019
    Date of Patent: January 11, 2022
    Assignee: Nokia of America Corporation
    Inventor: Suresh P. Nair
  • Patent number: 11057766
    Abstract: A reconfiguration message is received at user equipment in a communication system from a disaggregated base station with which the user equipment has a current security context established. The reconfiguration message comprises an instruction to compute a new security context based on a security domain counter value, wherein the security domain counter value represents a given security domain from a plurality of security domains supported by the disaggregated base station. The new security context is computed at the user equipment for the given security domain based on the security domain counter value. A set of security keys are derived from the new security context at the user equipment.
    Type: Grant
    Filed: November 1, 2018
    Date of Patent: July 6, 2021
    Assignee: Nokia Technologies Oy
    Inventors: Suresh P. Nair, Tsunehiko Chiba, Philippe Godin
  • Patent number: 11038923
    Abstract: In a communication system comprising a first network operatively coupled to a second network, wherein the first network comprises a first security edge protection proxy element operatively coupled to a second security edge protection proxy element of the second network; the method comprises configuring at least a given one of the first and second security edge protection proxy elements to apply application layer security to one or more information elements in a received message from a network function before sending the message to the other one of the first and second security edge protection proxy elements.
    Type: Grant
    Filed: June 21, 2018
    Date of Patent: June 15, 2021
    Assignee: Nokia Technologies Oy
    Inventors: Nagendra S. Bykampadi, Suresh P. Nair, Anja Jerichow
  • Publication number: 20210099877
    Abstract: In response to a radio link failure between given user equipment and a source access node of a communication system during a data transfer operation over a control plane, a method is provided for recovering the radio link for the given user equipment through a target access node of the communication system. The radio link recovery is enabled via a mobility management node of the communication system using a non-access stratum security context previously established between the given user equipment and the mobility management node.
    Type: Application
    Filed: November 20, 2020
    Publication date: April 1, 2021
    Inventor: Suresh P. Nair
  • Patent number: 10963553
    Abstract: Security management techniques for service authorization for communication systems are provided. In one or more methods, a first element or function in a home network of a communication system registers a second element or function in the home network as a service consumer of one or more services provided by at least a third element or function in the home network, receives a request from the second element or function, and provides an access token to the second element or function responsive to authenticating the second element or function, the access token being used by the second element or function to access the one or more services provided by the third element or function.
    Type: Grant
    Filed: June 21, 2018
    Date of Patent: March 30, 2021
    Assignee: Nokia Technologies Oy
    Inventors: Nagendra S. Bykampadi, Suresh P. Nair
  • Patent number: 10917789
    Abstract: In response to a radio link failure between given user equipment and a source access node of a communication system during a data transfer operation over a control plane, a method is provided for recovering the radio link for the given user equipment through a target access node of the communication system. The radio link recovery is enabled via a mobility management node of the communication system using a non-access stratum security context previously established between the given user equipment and the mobility management node.
    Type: Grant
    Filed: September 11, 2017
    Date of Patent: February 9, 2021
    Assignee: NOKIA TECHNOLOGIES OY
    Inventor: Suresh P. Nair
  • Patent number: 10893025
    Abstract: In a communication system comprising a first network operatively coupled to a second network, wherein the first network comprises a first security edge protection proxy element operatively coupled to a second security edge protection proxy element of the second network; the method comprises constructing a message at a network function in the first network destined for the second network, wherein the message comprises at least one information element and an indicator, wherein the indicator is set to specify at least one security operation to be applied to the at least one information element before sending the message to the second security edge protection proxy element of the second network.
    Type: Grant
    Filed: June 21, 2018
    Date of Patent: January 12, 2021
    Assignee: Nokia Technologies Oy
    Inventors: Nagendra S. Bykampadi, Suresh P. Nair, Anja Jerichow