Abstract: Systems and methods for wireless communications are disclosed herein. In one embodiment, a wireless communication method includes storing, by a first network entity, mapping information and determining, by the first network entity, based on identification information and the mapping information, that a first node is authorized to connect to a network.

Abstract: Presented are systems and methods for acquiring channel state information. A wireless communicate node may transmit a channel state information reference signal (CSI-RS) to a wireless communication device via a first antenna port of a plurality of antenna ports of the wireless communication node. The wireless communication node may receive a channel state information (CSI) report from the wireless communication device.

Abstract: This disclosure generally relates to encrypted communication between terminal devices and service applications via a communication network. Such encrypted communication may be based on various hierarchical levels of encryption keys that are generated and managed by the communication network. Such encrypted communication and key management may be provided by the communication network to the terminal devices as a service that can be subscribed to. The various levels of encryption keys may be managed to improve flexibility of the communication network and to reduce potential security breaches.

Abstract: A system and method of registration with AMF re-allocation. The system and method includes receiving, by an initial AMF from a wireless communication device via a RAN, a registration request comprising a first device identifier associated with the wireless communication device. The system and method includes determining, by the initial AMF, an identifier type associated with the first device identifier. The system and method includes generating, by the initial AMF, a reroute message comprising a second device identifier. The system and method includes originating, by the initial AMF to the wireless communication device, a security mode command message comprising a redirection criteria or an integrity negotiation algorithm, the security mode command message causes the wireless communication device to set the redirection criteria allowing the wireless communication device to accept a request message that is not integrity protected and return a security mode complete message to the initial AMF.

Abstract: The present disclosure describes methods, systems and devices for establishing secure communication between a user equipment and a service application in a wireless communication. One method includes receiving, by the user equipment, an authentication and key management for service applications identifier (AKMAID) from an authentication server function (AUSF) upon successful completion of an authentication process for registering the user equipment with the communication network.

Abstract: This disclosure generally relates to encrypted communication between terminal devices and service applications via a communication network. Such encrypted communication may be based on various hierarchical levels of encryption keys that are generated and managed by the communication network. Such encrypted communication and key management may be provided by the communication network to the terminal devices as a service that can be subscribed to. The various levels of encryption keys may be managed to improve flexibility of the communication network and to reduce potential security breaches.

Abstract: This disclosure generally relates to encrypted communication between terminal devices and service applications via a communication network. Such encrypted communication may be based on various hierarchical levels of encryption keys that are generated and managed by the communication network. Such encrypted communication and key management may be provided by the communication network to the terminal devices as a service that can be subscribed to. The various levels of encryption keys may be managed to improve flexibility of the communication network and to reduce potential security breaches.

Abstract: Methods, apparatus, and systems to establish a secure communication in a wireless network are described. In one example aspect, a wireless communication method includes generating, by a first function entity, a first identifier configured to be used to establish a secure communication for a first device, using at least a mobile country code, a mobile network code, and a random number, and transmitting the first identifier to the first device.

Abstract: The present document relates to methods, systems, and devices related to digital communication, and more specifically, to techniques related to AUSF selection in the case of dual registrations in AKMA. One example data communication method includes receiving, by a first network function, a request to retrieve an identifier of a second network function that authenticated a terminal from a third function, the request including a parameter. The method also includes transmitting, by the first network function, a response to the third network function that includes the identifier of the second network function that authenticated the terminal that is identified based on the parameter.

Abstract: The present disclosure relates to a wireless communication method, systems and devices for a registration procedure. The wireless communication method for use in a wireless terminal includes determining a concealed identifier based on a permanent identifier and a check value. A message with the concealed identifier for a registration procedure is transmitted to a wireless network node.

Abstract: Method, systems and devices for wireless communication. The method includes protecting privacy of a transmitted network slice selection assistance information (NSSAI) between a user equipment and a base station. The method includes receiving a temporary NSSAI (T-NSSAI) from an access and mobility management function (AMF) to the base station, the T-NSSAI comprising at least one temporary single NSSAI (T-S-NSSAI) and storing the T-NSSAI in the base station. The method also includes receiving a radio resource control (RRC) signaling message from the user equipment to the base station, the RRC signaling message comprising a T-S-NSSAI corresponding to an allowed single NSSAI (S-NSSAI); and selecting the AMF based on the T-S-NSSAI.

Abstract: A system and method of registration with AMF re-allocation. The system and method includes receiving, by an initial AMF from a wireless communication device via a RAN, a registration request comprising a first device identifier associated with the wireless communication device. The system and method includes determining, by the initial AMF, an identifier type associated with the first device identifier. The system and method includes generating, by the initial AMF, a reroute message comprising a second device identifier. The system and method includes originating, by the initial AMF to the wireless communication device, a security mode command message comprising a redirection criteria or an integrity negotiation algorithm, the security mode command message causes the wireless communication device to set the redirection criteria allowing the wireless communication device to accept a request message that is not integrity protected and return a security mode complete message to the initial AMF.

Abstract: Provided are a method and device for reporting a capacity, a method and device for key agreement, a terminal and a communication device and system. The terminal sends anti-pseudo base station capacity indication information to the communication device, and the anti-pseudo base station capacity indication information can indicate an anti-pseudo base station capacity of the terminal to the communication device. The communication device can determine the anti-pseudo base station capacity of the terminal after acquiring the anti-pseudo base station capacity indication information sent by the terminal, and perform an authentication and key agreement process matching the anti-pseudo base station capacity of the terminal and an anti-pseudo base station capacity of a target base station.

Abstract: Provided are an authentication processing method and device, a storage medium, and an electronic device. The method includes that: a terminal receives an authentication request message from an authentication function; and in cases where authentication on the authentication request message fails, the terminal feeds back an authentication failure message to the authentication function. In cases where the cause of the authentication failure is a Message Authentication Code (MAC) failure and in cases where a cause of authentication failure is a Synchronization (Sync) failure, the terminal feeds back authentication failure messages of the same type to the authentication function.

Abstract: An anti-pseudo base station method and apparatus, and a computer-readable storage medium are provided. The anti-pseudo base station method includes: sending, by a base station, first anti-pseudo base station capacity information to a mobile terminal, wherein the first anti-pseudo base station capacity information is used for identifying an anti-pseudo base station capacity of the base station.

Abstract: Provided are an authentication processing method and device, a storage medium and an electronic device, the method includes: a terminal receives a first authentication request message from a network side; the terminal determines whether the number of times of receiving the first authentication request message is greater than a predetermined threshold; and when the number of times is greater than the predetermined threshold, the terminal stops responding to the first authentication request message.

Abstract: A method for attaching user equipment, UE, with a network slice supported by one or more network entities is described herein. A user parameter and subscriber-related information identifying the UE are sent from the UE to at least one of the one or more network entities. A network parameter is sent to the UE. A temporary network slice identifier is generated at (i) the UE and at (ii) at least one of the one or more network entities for use in attaching the UE to the network slice. The temporary network slice identifier is generated based on (a) the user parameter, (b) the network parameter, and (c) subscriber-related information. The temporary network slice identifier generated at the UE may be identical to the temporary network slice identifier generated at the at least one network entity.

Abstract: Methods, systems, and devices related to related to digital wireless communication, and more specifically, to techniques related to securing a user authentication procedure. In one exemplary aspect, a method for wireless communication includes transmitting an authentication message from a network node. The method also includes determining a failure value indicating a reason for failure of the authentication message. The method also includes encrypting the failure value and an identifier. The method also includes transmitting an encrypted response message to the network node. In another exemplary aspect, a method for wireless communication includes transmitting an authentication message to a terminal. The method also includes receiving an encrypted response message from the terminal. The method also includes decrypting the encrypted response message to determine the failure value and the indicator.

Abstract: The embodiments of the disclosure disclose a method, device and system for accessing a network slice. The method includes that: User Equipment (UE) sends, to a base station, request information for accessing a network slice, wherein the request information contains user identity information and temporary network slice identity information (SliceIDt); a user subscription data management entity receives the request information from the UE through the base station, determines authentication information of the UE according to the user identity information contained in the request information, searches for corresponding network slice identity information (SliceID) according to the SliceIDt and sends the authentication information to a security management entity of the network slice corresponding to the SliceID; and the security management entity performs access authentication with the UE according to the authentication information, and in case of successful authentication, the UE accesses the network slice.

Abstract: Disclosed is a key negotiation method including that a network entity generates an MTC communication key between an MTC device or an MTC application and a network by utilizing a key distribution algorithm for MTC communication according to a root key for the MTC communication maintained by the network entity. The network entity generates an MTC group key by utilizing a key distribution algorithm for MTC group communication according to the root key. The network entity issues the generated MTC communication key and the generated MTC group key to the MTC device or the MTC application via a secure method so as to allow the MTC device or the MTC application to securely store the MTC communication key and the MTC group key. Also disclosed are a network entity, a key negotiation system and a computer storage medium.