Patents by Inventor Ulf Mattsson
Ulf Mattsson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240314027Abstract: A method implemented in a data collector node (DCN) is described. The DCN is configured to communicate at least with a network node and a data source node (DSN). The method includes determining a data collection coordination. The determined data collection coordination is associated with the DSN and includes determining whether any DCN is registered as a data collection coordinator of for the DSN. Upon determining there is no registered data collection coordinator of for the DSN, a request to register as the data collection coordinator of the DSN is transmitted to the network node. Upon determining the DCN is itself the data collection coordinator, data collection from the DSN is coordinated. Further, upon determining a second DCN is registered as the data collection coordinator, a subscription request for data collection from the DSN is transmitted to the second DCN.Type: ApplicationFiled: February 18, 2022Publication date: September 19, 2024Inventors: Zhang FU, Miguel Angel GARCIA MARTIN, Ulf MATTSSON
-
Patent number: 12093420Abstract: Data in a database can be protected, for instance by tokenizing the entries of the database using one or more token tables. To enable searching data within the database without first detokenizing the tokenized database entries, bigrams of each data entry can also be tokenized and stored in association with the tokenized data entry. When a query term is received, the query term can be parsed into bigrams, and each bigram can be tokenized. The tokenized query bigrams can be used to query the database, and tokenized database entries corresponding to tokenized bigrams that match the tokenized query bigrams can be identified and returned as search results.Type: GrantFiled: October 2, 2021Date of Patent: September 17, 2024Assignee: PROTEGRITY US HOLDING, LLCInventors: Ulf Mattsson, David Clyde Williamson
-
Publication number: 20240244434Abstract: A data collection coordination function, DCCF, network node receives (1a) a request for data from a data consumer, determines (2) a data source for the requested data, verifies (3a, 3b) with a network node that the data consumer and the DCCF are authorized by the data source, receives (3b) a message container for the data consumer from the network node, the message container for the data consumer including a data encryption key KE and a data integrity key Ki, and receives (3b) a message container for the data source from the network node, the message container for the data source including the data encryption key KE and the data integrity key Ki. The DCCF network node transmits (4a) the message container for the data consumer to the data consumer and transmits (5) the message container for the data source to the data source.Type: ApplicationFiled: March 15, 2022Publication date: July 18, 2024Inventors: Pinar Comak, Christine Jost, Ferhat Karakoc, Stefan Håkansson, Ulf Mattsson, Zhang Fu
-
Publication number: 20240163672Abstract: The invention relates to a method for a data consumer network function, NF, of a communication network to collect data from a data producer NF, the method comprising: o sending (810), to a network repository function, NRF, in the communication network, a request for an access token for a service provided by a data collection coordination function, DCCF, in the communication network; o receiving (820), from the NRF, at least one access token for the service provided by the DCCF; and o using (830) the at least one access token, collecting data from the data producer NF in the communication network via the DCCF service.Type: ApplicationFiled: December 21, 2021Publication date: May 16, 2024Inventors: Pinar Comak, Christine Jost, Ferhat Karakoc, Ulf Mattsson, Zhang Fu
-
Patent number: 11979500Abstract: The present disclosure relates to a vaultless format-preserving tokenization system and method that securely converts sensitive data into a non-sensitive format while maintaining the original structure. The process includes encoding the original data, generating a secure modification based on a predetermined format by encoding another input and combining it with a unique hashing key, applying a special encryption technique that incorporates the encoded data, secure modification, and a unique encryption key to produce an encoded version of the data, and finally creating a token from the encoded data to be used in place of the original sensitive information.Type: GrantFiled: January 25, 2021Date of Patent: May 7, 2024Assignee: TOKENEX, INC.Inventors: Justin Stanley, Jacob Burcham, Ulf Mattsson
-
Patent number: 11960620Abstract: A method for distributed tokenization of sensitive strings of characters, such as social security numbers, credit card numbers and the like, in a local server is disclosed. The method comprises the steps of receiving from a central server at least one, and preferably at least two, static token lookup tables, and receiving a sensitive string of characters. In a first tokenization step, a first sub string of characters is substituted with a corresponding first token from the token lookup table(s) to form a first tokenized string of characters, wherein the first sub string of characters is a substring of the sensitive string of characters. Thereafter, in a second step of tokenization, a second sub string of characters is substituted with a corresponding second token from the token lookup table(s) to form a second tokenized string of characters, wherein the second substring of characters is a substring of the first tokenized string of characters. Optionally, one or more additional tokenization steps is/are used.Type: GrantFiled: November 20, 2020Date of Patent: April 16, 2024Assignee: PROTEGRITY CORPORATIONInventor: Ulf Mattsson
-
Patent number: 11962699Abstract: Data in various formats can be protected in a distributed tokenization environment. Examples of such formats include date and time data, decimal data, and floating point data. Such data can tokenized by a security device that instantiates a number of tokenization pipelines for parallel tokenization of the data. Characteristics of such data can be used to tokenize the data. For instance, token tables specific to the data format can be used to tokenized the data. Likewise, a type, order, or configuration of the operations within each tokenization pipeline can be selected based on the data format or characteristics of the data format. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The tokenization pipeline outputs are combined, producing tokenized data, which can be provided to a remote system for storage or processing.Type: GrantFiled: January 21, 2022Date of Patent: April 16, 2024Assignee: PROTEGRITY CORPORATIONInventors: Ulf Mattsson, Denis Scherbakov
-
Publication number: 20240048975Abstract: Systems and methods for secure data collection in Fifth Generation System (5GS) are provided. In some embodiments, a Data Collection Coordination Function (DCCF) in a data management framework is adapted to receive, from a first data consumer, a subscription request message, determine a data producer for the particular data, obtain one or more keys for data encryption and/or data integrity for the particular data, controlling one or more entities in a messaging framework of the data management framework, sending a subscription response message to the first data consumer, and sending a subscription request message to the data producer. The subscription request message comprises the one or more keys to be used by the data producer when sending notifications of the particular data to the first data consumer via the messaging framework.Type: ApplicationFiled: December 10, 2021Publication date: February 8, 2024Inventors: Zhang Fu, Pinar Comak, Ulf Mattsson, Maria Belen Pancorbo Marcos
-
Patent number: 11838891Abstract: Methods and devices of enabling paging of a wireless communication device. In an aspect, a method of a node configured to provide core network user plane functionality in a communications network is provided to enable paging of a wireless communication device being in an idle state.Type: GrantFiled: October 22, 2018Date of Patent: December 5, 2023Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Jari Vikberg, Göran Hall, Ulf Mattsson, Gunnar Mildh, Göran Rune
-
Patent number: 11825332Abstract: A method of operation of an OAM node in a 5G system for fulfilling a service level agreement (SLA) for a network slice. The method comprises the OAM node initializing the slice information at a first network entity (NSSF) including the initial number of users allowed for a slice and transmitting information related to KPI for the slice for QoE monitoring; receiving one or more Quality of Experience (QoE) measurements related to one or more users of the slice, using the received one or more QoE measurements to determine whether the KPI for the slice is reached in accordance with the SLA and in response to determining that the KPI for the slice is not in accordance with the SLA, triggering an action in at least one of corresponding Radio Access Network or a Core Network associated with the slice, such as resource reconfiguration or redistribution across different slices.Type: GrantFiled: November 20, 2019Date of Patent: November 21, 2023Assignee: Telefonaktiebolaget L M Ericsson (publ)Inventors: Paul Schliwa-Bertling, Ulf Mattsson, Maria Pancorbo Marcos
-
Publication number: 20230370516Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.Type: ApplicationFiled: July 21, 2023Publication date: November 16, 2023Inventors: Vichai Levy, Yigal Rozenberg, Rajnish Jain, Ulf Mattsson
-
Patent number: 11792660Abstract: The invention relates to methods of providing requested network information from a first core Network Function (NF) to a second NF, and devices performing the methods. In an aspect, a method performed by a first core NF entity of providing requested network information to a second NF entity is provided. The method comprises receiving a request to obtain the network information originating from the second NF entity, determining an expiry time stipulating how long the requested network information is valid, and transmitting, towards the second NF entity, the requested network information and the expiry time.Type: GrantFiled: December 29, 2021Date of Patent: October 17, 2023Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Helen Örtenblad, Ulf Mattsson, Miguel Angel Puente Pestaña
-
Patent number: 11750681Abstract: A gateway device for implementing data security is described herein. The gateway device is coupled between a client device and a server device, and generates a mapping between portions of data received from a client device and interface fields or data elements of the client device. Upon receiving subsequent data from the client device, the gateway device can access the generated mapping to identify portions of the subsequent data corresponding to particular interface fields or data elements of the client device using the mapping, and can encode the identified portions of the subsequent data, for instance based on data protection techniques defined by a security policy. The encoded data can then be outputted by the gateway device to the server device.Type: GrantFiled: October 2, 2021Date of Patent: September 5, 2023Assignee: PROTEGRITY CORPORATIONInventors: Vichai Levy, Yigal Rozenberg, Rajnish Jain, Ulf Mattsson
-
Patent number: 11727135Abstract: Database entries can be protected by indexing the entries using a plurality of indexes, each associated with a level of access rights. A level of access rights can be determined from a search query, and an index can be selected based on the determined level of access rights. A search key can be generated based on the received query, and the selected index can be searched using the search query. Database entries mapped to the values of the selected index returned in response to the search can be outputted. Each index is associated with a different granularity defining the number and/or ambiguity of search results returned in response to searching an index.Type: GrantFiled: February 9, 2022Date of Patent: August 15, 2023Assignee: Protegrity CorporationInventors: Yigal Rozenberg, Ulf Mattsson
-
Patent number: 11669637Abstract: New tokenization tables are derived at intervals in order to increase the security of tokenized data that is transferred between two endpoints. Generation of the new tokenization tables is based on previous tokenization tables, which advantageously allows the generation process to be performed locally at the two endpoints independently of an external tokenization table provider. New tokenization tables can periodically be distributed to the endpoints as a new starting point for derivation.Type: GrantFiled: October 2, 2021Date of Patent: June 6, 2023Assignee: Protegrity CorporationInventors: Yigal Rozenberg, Ulf Mattsson
-
Publication number: 20230156577Abstract: Methods and apparatus are provided to enable a consumer network function (consumer NF) to discover instances of a NWDAF 90 co-located with NFs in the 5GC 30 of a communication network 10. Existing procedures and messages between NFs are leveraged to distribute lists of NWDAFs 90 co-located with a NF, such as a UPF 35, AMF 40 or SMF 45. A NF can provide a list of NWDAF instances for a particular UE 15 that are co-located with either the same NF or a separate producer NF when the communication procedure for the UE 15 is invoked. Over time, the consumer NFs build a database associating the co-located NWDAFs in other NFs with corresponding UEs 15 served by the consumer NF. When the consumer NF needs analytic data for one or more UEs 15 served by the consumer NF, the consumer NF can use a UE ID to look up the co-located NWDAFs for the UE 15 and subscribe with the co-located NWDAF instances to receive analytics data for the UE 15.Type: ApplicationFiled: March 5, 2021Publication date: May 18, 2023Inventors: Miguel Angel Muñoz de la Torre Alonso, Ulf Mattsson, Antonio Iniesta Gonzalez, Miguel Angel Garcia Martin, Maria Belen Pancorbo Marcos
-
Publication number: 20230153544Abstract: Unicode data can be protected in a distributed tokenization environment. Data to be tokenized can be accessed or received by a security server, which instantiates a number of tokenization pipelines for parallel tokenization of the data. Unicode token tables are accessed by the security server, and each tokenization pipeline uses the accessed token tables to tokenization a portion of the data. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The outputs of the tokenization pipelines are combined, producing tokenized data, which can be provided to a remote computing system for storage or processing.Type: ApplicationFiled: January 17, 2023Publication date: May 18, 2023Inventors: Ulf Mattsson, David Clyde Williamson, Yigal Rozenberg, Vichai Levy, Raul Ortega, Denis Scherbakov, Fredrik Mörtberg
-
Publication number: 20230148296Abstract: A technique for maintaining a subscription of a subscriber Network Function, NF, for receiving events related to a User Equipment, UE, from a serving NF in a telecommunication system is disclosed, wherein the UE is served by a first instance of the serving NF.Type: ApplicationFiled: July 1, 2020Publication date: May 11, 2023Inventors: Miguel Angel Puente Pestaña, Ulf Mattsson, Maria Belen Pancorbo Marcos, Miguel Angel Garcia Martin
-
Patent number: 11622398Abstract: Methods of connecting a wireless communication device to a user plane in a wireless communication network and devices performing the methods. In one aspect, a network node configured to connect a wireless communication device to a user plane in a wireless communication network comprises a processing unit and a memory containing instructions executable by the processing unit, wherein the network node is to provide core network user plane functionality and/or radio access network user plane functionality, via an interface.Type: GrantFiled: July 6, 2018Date of Patent: April 4, 2023Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Jari Vikberg, Göran Hall, Ulf Mattsson, Gunnar Mildh, Göran Rune
-
Patent number: 11586832Abstract: Unicode data can be protected in a distributed tokenization environment. Data to be tokenized can be accessed or received by a security server, which instantiates a number of tokenization pipelines for parallel tokenization of the data. Unicode token tables are accessed by the security server, and each tokenization pipeline uses the accessed token tables to tokenization a portion of the data. Each tokenization pipeline performs a set of encoding or tokenization operations in parallel and based at least in part on a value received from another tokenization pipeline. The outputs of the tokenization pipelines are combined, producing tokenized data, which can be provided to a remote computing system for storage or processing.Type: GrantFiled: February 17, 2021Date of Patent: February 21, 2023Assignee: PROTEGRITY CORPORATIONInventors: Ulf Mattsson, David Clyde Williamson, Yigal Rozenberg, Vichai Levy, Raul Ortega, Denis Scherbakov, Fredrik Mörtberg