Abstract: A terminal device obtains grid location information relating to a cell of a predetermined grid in which the terminal device is located. The terminal device then calculates a message integrity code based on the grid location information and transmits a proximity service discovery message. The discovery message includes the calculated message integrity code and does not include the grid location information. A second terminal device receives the proximity service discovery message. The second terminal device then obtains grid location information relating to at least one cell of a predetermined grid within a predetermined distance of a location of the second terminal device, calculates at least one message integrity code based on the grid location information, and determines whether a calculated message integrity code matches the message integrity code in the received discovery message. The second terminal device then acts on the received discovery message only if there is a match.

Abstract: According to certain embodiments, a method by a user equipment (UE) for securing network steering information includes transmitting a registration request to a Visited Public Land Mobile Network (VPLMN). Upon successful authentication b an authentication server function (AUSF), a home network root key is generated. A protected message comprising Network Steering information is received from a first network node. The protected message is protected using a configuration key (Kconf) and a first Message Authentication Code (MAC-1). The configuration key (Kconf) is determined from the home network root key, and the UE verifies the MAC-1. Based on the Kconf and the MAC-1, it is verified that the VPLMN did not alter Network Steering Information. An acknowledgement message, which is protected with a second Message Authentication Code (MAC-2), is transmitted to a Home Public Land Mobile Network (HPLMN).

Abstract: A method for handling change of serving Access and Mobility Managing Function for a user equipment. The method comprises sending of a context request to a source Access and Mobility Managing Function. This sending is performed from a target Access and Mobility Managing Function. In the target Access and Mobility Managing Function, a context is received (S3) in reply from the source Access and Mobility Managing Function. The context comprises a parameter which identifies a Security Anchor Function Access and Mobility Managing Function. The Security Anchor Function Access and Mobility Managing Function keeps a key, which is shared with the user equipment. A method for handling a change of serving Access and Mobility Managing Function in a user equipment is also disclosed as well as Access and Mobility Managing Function and User Equipments therefore.

Abstract: A message authentication code, for a message transmitted and received over a communications network, is formed by applying inputs to an integrity algorithm acting on the message. The inputs comprise: an integrity key; a value indicating a transfer direction; and a frame-dependent integrity input, wherein the frame-dependent integrity input is a frame-dependent modulo count value that also depends on a random value and on a frame-specific sequence number.

Abstract: Network equipment (26) in a wireless communication network is configured to receive at least a portion of a subscription concealed identifier, SUCI, (34) for a subscriber (13). The SUCI (34) contains a concealed subscription permanent identifier, SUPI, (20) for the subscriber (13). The received at least a portion of the SUCI (34) indicates a sub-domain code, SDC, (32). The SDC (32) indicates a certain sub-domain, from among multiple sub-domains (30-1, 30-2, . . . 30-N) of a home network of the subscriber (13), to which the subscriber (13) is assigned. The network equipment (26) is also configured to determine, based on the SDC (32) and from among multiple instances (24-1, 24-2, . . . 24-M) of a provider network function in the home network respectively allocated to provide a service to be consumed for subscribers assigned to different sub-domains, an instance of the provider network function to provide the service to be consumed for the subscriber (13).

Abstract: A basestation in a cellular communications network is operable to send a message to a Mobility Management Entity, relating to a suspension or resumption of a connection of a UE, wherein the message contains key renewal information. The Mobility Management Entity receives the message, and determines whether a key renewal condition is met. If the key renewal condition is met, the MME forwards a new NH, NCC pair to the base station. If a message received from the MME includes a NH, NCC pair, the basestation derives keying information using the NH, NCC pair for future use in deriving keys.

Abstract: Methods, network nodes, computer programs, carrier and user equipment, wherein a proof-of-presence in communications between private land mobile networks (PLMNs) is presented. In an example method performed by a network node in a home public land mobile network (HPLMN) of a user equipment (UE), the network node obtains, from a visited public land mobile network (VPLMN), a proof-of-presence indicator that represents the UE as being present in the VPLMN. The network node verifies whether or not the UE is present in the VPLMN by determining whether or not the proof-of-presence indicator was generated by the UE using a secret shared between the UE and at least the HPLMN. Upon verification of the presence of the UE in the VPLMN, sensitive information can be communicated by the HPLMN to the VPLMN.

Abstract: A method performed by a proximity service server. The method comprises generating a ProSe query code and a ProSe response code, sending at least a the ProSe response code together with a first and a second discovery key to a first end device, and sending at least the first discovery key and the ProSe query code to a second end device, so that the second end device can securely discover the first end device over an air interface.

Abstract: A method performed by a network node of a serving public land mobile network, PLMN, associated with a user equipment, UE, comprising: obtaining a secret identifier that uniquely identifies the UE, wherein the secret identifier is a secret that is shared between the UE and at least a home PLMN of the UE and that is shared by the home PLMN with the network node; and performing an operation related to the UE using the secret identifier. Other methods, computer programs, computer program products, network nodes and a serving PLMN are also disclosed.

Abstract: A radio access network, RAN, node configures user plane access stratum, AS, security in a wireless communication system that includes a radio access network, RAN, and a core network, CN. The RAN node is configured to receive, from the CN, signaling that indicates a decision by the CN of whether or not the RAN node is to activate user plane AS security and that indicates whether or not the RAN node is allowed to overrule the decision by the CN. For example, the signaling may indicate whether the decision by the CN is a command that the RAN node must comply with or a preference that the RAN node is permitted to overrule. Regardless, the RAN node may also be configured to activate or not activate user plane AS security, depending on the signaling.

Abstract: A terminal device obtains grid location information relating to a cell of a predetermined grid in which the terminal device is located. The terminal device then calculates a message integrity code based on the grid location information and transmits a proximity service discovery message. The discovery message includes the calculated message integrity code and does not include the grid location information. A second terminal device receives the proximity service discovery message. The second terminal device then obtains grid location information relating to at least one cell of a predetermined grid within a predetermined distance of a location of the second terminal device, calculates at least one message integrity code based on the grid location information, and determines whether a calculated message integrity code matches the message integrity code in the received discovery message. The second terminal device then acts on the received discovery message only if there is a match.

Abstract: A terminal device obtains grid location information relating to a cell of a predetermined grid in which the terminal device is located. The terminal device then calculates a message integrity code based on the grid location information and transmits a proximity service discovery message. The discovery message includes the calculated message integrity code and does not include the grid location information. A second terminal device receives the proximity service discovery message. The second terminal device then obtains grid location information relating to at least one cell of a predetermined grid within a predetermined distance of a location of the second terminal device, calculates at least one message integrity code based on the grid location information, and determines whether a calculated message integrity code matches the message integrity code in the received discovery message. The second terminal device then acts on the received discovery message only if there is a match.

Abstract: A radio access network, RAN, node (12) configures user plane access stratum, AS, security in a wireless communication system (10) that includes a radio access network, RAN, (10B) and a core network, CN (10A). The RAN node (12) is configured to receive, from the CN (10A), signaling (20) that indicates a decision by the CN (10A) of whether or not the RAN node (12) is to activate user plane AS security and that indicates whether or not the RAN node (12) is allowed to overrule the decision by the CN (10A). For example, the signaling (20) may indicate whether the decision by the CN is a command that the RAN node (12) must comply with or a preference that the RAN node (12) is permitted to overrule. Regardless, the RAN node (12) may also be configured to activate or not activate user plane AS security, depending on the signaling (20).

Abstract: A method performed by a network node (106) of a serving public land mobile network, PLMN, (112) associated with a user equipment, UE, (102) comprising: obtaining a secret identifier (110) that uniquely identifies the UE, wherein the secret identifier is a secret that is shared between the UE and at least a home PLMN of the UE and that is shared by the home PLMN with the network node; and performing an operation (108) related to the UE using the secret identifier. Other methods, computer programs, computer program products, network nodes and a serving PLMN are also disclosed.

Abstract: Methods for operating a UE, a network node, a Session Management Function (SMF) and a Unified Data Management (UDM) are disclosed. The methods include transmitting, by a UE, a Protocol Data Unit (PDU) Session Establishment Request message toward an SMF in the communication network (902A), and receiving at the UE a policy decision on security protection of User Plane (UP) data terminating in a RAN for the PDU Session (904A). The policy decision received at the UE may be in accordance with a UP security policy provided by the SMF to the RAN during PDU Session Establishment. Also disclosed are a UE, network node, SMF and UDM.

Abstract: A method performed by a proximity service server is disclosed. The method comprises generating a ProSe query code and a ProSe response code, sending at least a the ProSe response code together with a first and a second discovery key to a first end device, and sending at least the first discovery key and the ProSe query code to a second end device, so that the second end device can securely discover the first end device over an air interface.

Abstract: A terminal device obtains grid location information relating to a cell of a predetermined grid in which the terminal device is located. The terminal device then calculates a message integrity code based on the grid location information and transmits a proximity service discovery message. The discovery message includes the calculated message integrity code and does not include the grid location information. A second terminal device receives the proximity service discovery message. The second terminal device then obtains grid location information relating to at least one cell of a predetermined grid within a predetermined distance of a location of the second terminal device, calculates at least one message integrity code based on the grid location information, and determines whether a calculated message integrity code matches the message integrity code in the received discovery message. The second terminal device then acts on the received discovery message only if there is a match.

Abstract: A method for handling change of serving Access and Mobility Managing Function for a user equipment. The method comprises sending (S2) of a context request to a source Access and Mobility Managing Function. This sending is performed from a target Access and Mobility Managing Function. In the target Access and Mobility Managing Function, a context is received (S3) in reply from the source Access and Mobility Managing Function. The context comprises a parameter which identifies a Security Anchor Function Access and Mobility Managing Function. The Security Anchor Function Access and Mobility Managing Function keeps a key, which is shared with the user equipment. A method for handling a change of serving Access and Mobility Managing Function in a user equipment is also disclosed as well as Access and Mobility Managing Function and User Equipments therefore.

Abstract: A method of operation of a terminal device in a cellular communications network is disclosed. The method comprises sending a GMM Attach Request message to the network, the GMM Attach Request message identifying security capabilities of the terminal device. The terminal device receiving from the network an echo message in the GMM layer including information identifying the security capabilities of the terminal device, wherein the echo message is received with integrity protection.

Abstract: Enabling the exchange of connection parameters where a user equipment (UE) lacks a secret shared with the network (e.g. a server), such as key materials, and lacks a valid certificate. In some embodiments, the connection parameters may be exchanged via EAP messages. In certain aspects, and particularly with respect to emergency attach, a simplified protocol is used with limited overhead because the UE does not attempt to authenticate the network, and the network does not attempt to authenticate the UE.