Patent Grant
10505718
The present subject matter relates generally to communication networks, and more particularly, to natively integrating blockchain technologies in the context of registering User Equipment (UE) in telecommunication networks (e.g., 4G, 5G, etc.)
An ever-increasing consumer demand, improved technological advancements (e.g., hardware/software infrastructure), and industry collaboration has driven significant growth in modern telecommunication networks and continues to drive its evolution. Indeed, each iteration or “next generation” of network capabilities, e.g., represented by standards promulgated by a Third Generation Partnership Project (3GPP), interconnects more devices, improves network bandwidth, increases data-rates, and so on. For example, a transition from 3rd Generation (3G) networks to 4th Generation (4G) networks introduced new network services and connected mobile devices to third party data networks such as the Internet. More recently, a transition is underway from existing 4G networks to new 5G networks, which includes a new service-oriented architecture for provisioning network services/resources in a dynamic, scalable, and customizable fashion (e.g., micro-services, network functions virtualization (NFV), etc.). For example, this service-oriented architecture supports network slices, which employ an isolated set of programmable resources that can implement individual network functions and/or application services through software programs within a respective network slice, without interfering with other functions and services on coexisting network slices. In turn, the service-oriented architecture, including its network slice implementation, creates opportunities to employ new mechanisms that natively support such dynamic and flexible workload provisioning and improve overall UE mobility.
The embodiments herein may be better understood by referring to the following description in conjunction with the accompanying drawings in which like reference numerals indicate identical or functionally similar elements. Understanding that these drawings depict only exemplary embodiments of the disclosure and are not therefore to be considered to be limiting of its scope, the principles herein are described and explained with additional specificity and detail through the use of the accompanying drawings in which:
This disclosure describes techniques for registering User Equipment (UE) in a telecommunication network (e.g., 4G/5G networks, etc.) using a natively integrated blockchain platform. In particular, the techniques can support complimentary or substitute blockchain authentication procedures for any User Equipment (UE) attaching to a 5G network. For example, according to one or more embodiments of this disclosure, a network function (NF) entity in a communication network determines a UE supports a blockchain authentication procedure. The NF entity exchanges authentication messages with a Blockchain Authentication Function (BAF) entity over a blockchain network interface and receives a blockchain authentication confirmation from the BAF entity. The NF entity further registers the UE based on the blockchain authentication confirmation. In some embodiments, the NF entity can include an Access and Mobility Management Function (AMF) entity and/or an Authentication Server Function (AUSF) entity. Notably, the AMF entity may communicate directly with the BAF entity over the blockchain network interface and/or the AMF entity can invoke the AUSF entity to perform the authentication procedure and communicate with the BAF entity over another blockchain network interface.
Description
Various embodiments of the disclosure are discussed in detail below. While specific implementations are described in detail, it should be understood that this is done for illustration purposes only. A person skilled in the relevant art will recognize that other components and configurations may be used without departing from the spirit and scope of the disclosure.
As provided herein, this disclosure relates to communication networks (e.g., telecommunication networks), which include a number of network devices/modules/entities or “Network Function(s)” (NF(s)), as is appreciated by those skilled in the art. For sake of clarity, the NFs described herein are based on NFs specified by existing Technical Specifications such as the 3GPP TS 23.501, TS 23.502, TS 24.501, TS 29.509, TS 29.518, TS 33.301, TS 33.501, each of which is incorporated herein by reference to its entirety. Moreover, while some operations and functionality may be described and/or attributed to a particular NF, it is appreciated that such operations are not intended to be limited to the particular NF, but may be performed by other NFs as appropriate, particularly in view of the ongoing development and evolving nature of telecommunication networks.
A communication network is a geographically distributed collection of nodes interconnected by communication links and segments for transporting data between end nodes, such as mobile devices, computers, personal computing devices (and so on), and other devices, such as network entities, sensors, etc. Many types of networks are available, ranging from local area networks (LANs) to wide area networks (WANs). LANs typically connect these nodes over dedicated private communications links located in the same general physical location, such as a building or campus. WANs, on the other hand, typically connect geographically dispersed nodes over long-distance communications links, such as common carrier telephone lines, optical lightpaths, synchronous optical networks (SONET), synchronous digital hierarchy (SDH) links, etc. Some communication networks can include telecommunication networks, which transport data between end nodes, such as user equipment (UE), which can include mobile devices.
Those skilled in the art will understand that any number of nodes, devices, communication links, and the like may be used, and that the view shown herein is for simplicity. In particular, the representations of telecommunication networks 100, including respective interconnected network entities, are illustrated and described herein for purposes of discussion, not limitation, and it is appreciated that the illustrated networks can include (or exclude) any number of network entities, communication links, and the like, and can support inter-network operability and compatibility.
Access network 150 represents the infrastructure or radio towers, such as a Radio Access Network (RAN), for receiving and transmitting data packets between end user nodes (UE) as well as the various network entities (e.g., core network entities). Access network 150 includes NodeBs (NBs) for 3G network 110, eNodeBs (eNBs) for 4G network 120, and gNodeBs (gNBs) for 5G network 130. The infrastructure for each network may support different functionality and it is appreciated that infrastructure illustrated within one network can include appropriate hardware/software to support functionality of other telecommunication networks.
Respective network entities that form core network 160 (within the telecommunication networks 100) operatively connect respective RAN infrastructure (NBs, eNBs, gNBs) to third party networks such as a voice network 105 (e.g., a Public Switched Telephone Network (PSTN) network) and/or a data network 108 to create end-to-end connections. Prior to 3G (e.g., 2G, 2.5G, etc.) the third party network primarily included a voice network/PSTN 105 (e.g., a circuit switched network). From 3G onward, the third party network transitioned to include a public network (e.g., the Internet), represented by data network 108 (e.g., a packet switched network). Core network 160 and its respective network entities collectively operate to manage connections, bandwidth, and mobility for respective UE.
Notably, core network 160 evolved along three functional planes, including service management, session management, and mobility management. Service management for 2G and 3G networks includes operations to create an Integrated Services Digital Network (ISDN) over wireless links (e.g., Uu links). Session management for 3G and 4G networks generally include operations establish, maintain, and release network resources (e.g., data connections). In particular, in 3G network 110, session management includes a standalone General Packet Radio Service (GPRS) network, while 4G network 120 introduced a fully integrated data only network optimized for mobile broadband (where basic telephone operations are supported as one profile). Mobility management generally includes operations that support movement of UE in a mobile network, such as system registration, location tracking and handover (e.g., often optimized reduce heavy signaling loads). For example, in the context of 4G network 120, a Serving Gateway (SGW) and a Packet Data Gateway (PGW) support session management operations while mobility management operations (which maintains data sessions for mobile UE) are centralized within a Mobility Management Entity (MME).
5G network 130, as discussed in greater detail herein, introduces a new service base architecture (SBA) 132, which generally redistributes functionality of 4G network entities into smaller service-based functions/network entities. In addition, packet routing and forwarding functions (which are performed by SGW and PGW in 4G network 120) are realized as services rendered through a new network function/entity called the User Plane Function (UPF). In this fashion, 5G network 130 provides a modular set of services that support dynamic and scalable deployment of resources to satisfy diverse user demands.
The illustrative device 200 comprises one or more network interfaces 210, at least one processor 220, and a memory 240 interconnected by a system bus 250. Network interface(s) 210 contain the mechanical, electrical, and signaling circuitry for communicating data over links (e.g., wires or wireless links) within the telecommunication networks 100 (e.g., ref.
Memory 240 comprises a plurality of storage locations that are addressable by processor 220 for storing software programs and data structures associated with the embodiments described herein. Processor 220 may comprise necessary elements or logic adapted to execute the software programs and manipulate data structures 245. An operating system 242, portions of which are typically resident in memory 240 and executed by processor 220, functionally organizes the device by, inter alia, invoking operations in support of services and/or software processes executing on the device/module. These services and/or software processes may comprise an illustrative “block chain registration” process/service 244 as well as “session establishment” process/services 246, as described herein. Note that while processes/services 244 and 246 are shown in centralized memory 240, some embodiments provide for these processes/services to be operated in a distributed communication network.
Illustratively, the techniques described herein may be performed by hardware, software, and/or firmware, such as in accordance with the illustrative blockchain authentication process 244 and/or the illustrative session establishment process 246, which may contain computer executable instructions executed by processor 220 to perform functions relating to UE authentication and/or UE session establishment described herein.
It will be apparent to those skilled in the art that other processor and memory types, including various computer-readable media, may be used to store and execute program instructions pertaining to the techniques described herein. Also, while the description illustrates various processes, it is expressly contemplated that various processes may be embodied as modules configured to operate in accordance with the techniques herein (e.g., according to the functionality of a similar process). Further, while the processes have been shown separately, those skilled in the art will appreciate that processes may be routines or modules within other processes. For example, processor 220 can include one or more programmable processors, e.g., microprocessors or microcontrollers, or fixed-logic processors. In the case of a programmable processor, any associated memory, e.g., memory 240, may be any type of tangible processor readable memory, e.g., random access, read-only, etc., that is encoded with or stores instructions that can implement program modules, e.g., a module having blockchain registration process 244 and/or session establishment process 246 encoded thereon. Processor 220 can also include a fixed-logic processing device, such as an application specific integrated circuit (ASIC) or a digital signal processor that is configured with firmware comprised of instructions or logic that can cause the processor to perform the functions described herein. Thus, program modules may be encoded in one or more tangible computer readable storage media for execution, such as with fixed logic or programmable logic, e.g., software/computer instructions executed by a processor, and any processor may be a programmable processor, programmable digital logic, e.g., field programmable gate array, or an ASIC that comprises fixed digital logic, or a combination thereof. In general, any process logic may be embodied in a processor or computer readable medium that is encoded with instructions for execution by the processor that, when executed by the processor, are operable to cause the processor to perform the functions described herein.
As noted above, a transition is currently underway from existing 4G networks to new 5G networks, which includes a new service-oriented architecture (e.g., SBA 132—
With respect to dynamic network resource and/or workload provisioning, the 5G network also supports additional processes and procedures for UE registration, session establishment, session maintenance, and so on, which can improve network services for a variety of devices with very different quality of service (QoS) requirements. For example, as disclosed herein, this disclosure provides complimentary and/or alternative mechanisms—e.g., blockchain registration capabilities—to natively support such dynamic and flexible workload provisioning and improve overall UE mobility.
Blockchain technologies generally facilitate transparent, verifiable, and secure digital asset transactions with proof of rights and ownership. For example, blockchain technologies generally employ distributed ledger technology (DLT) with built-in cryptography to enable open and trusted exchanges over the internet without requiring central servers and/or independent trusted authorities. However, despite its advantages, existing protocols/network architectures in the telecommunications context generally fail to support native blockchain technologies due, in part, to underlying security requirements for initial registration processes. Blockchain technologies can be employed within existing telecommunication networks, however mobile network operators and/or mobile network entities are generally unaware of blockchain transactions because such blockchain transactions generally only occur after a mobile session is established (e.g., using overlay messages), which in turn, inhibits blockchain technology integration and participation by mobile service providers.
Accordingly, as described in greater detail herein, embodiments of this disclosure provide a native blockchain platform that employs blockchain operations that can serve as additional and/or alternative registration processes within a mobile network, and that further operates in conjunction with various mobile Network Functions (NFs) or network entities (including UE) over new blockchain network interfaces. In particular, these blockchain authentication operations may satisfy security requirements for network service providers, and can provide access to a variety of new types of devices/users. In addition, the native blockchain platform of this disclosure also supports device registration in the context of a roaming network—e.g., when UE is outside of its local/home network and attempts to connect to a roaming/visiting network.
Referring again to the figures,
The blockchain interfaces represent communication links that facilitate an exchange of messages or data packets between BAF(s) and SBA 132 (e.g., NFs that form SBA 132. In particular, BCx can facilitate exchanging messages related to policy request, authorization, network usage, lawful intercept, accounting, and the like. BCy can facilitate exchanging messages related to secondary authentication, authorization, resource sharing, lawful intercept, network slicing, etc. BCz can facilitate exchanging messages related to standalone Authentication public key pre-set, authorization, Distributed Ledger Technology query/set, etc.
Blockchain network 304 generally facilitates sharing network resources or access to network functions (NFs) such as Access and Mobility Management Function (AMF), Session Management Function (SMF), Network Repository Function (NRF), and so on, with User Equipment (e.g., UE 308), and creates specific trust boundaries across multiple service providers using distributed blockchain ledgers, as discussed in greater detail herein. Blockchain network 304 may represent an open source blockchain network or platform such distributed ledgers, hyperledger Sawtooth, and the like.
With specific reference to
As shown, the network entities that form SBA 132 include AMF 320, SMF 325, Network Slice Selection Function (NSSF) 330, Network Exposure Function (NEF) 335v|335h, Network Repository Function (NRF) 340v|340h, Policy Control Function (PCF) 345v|345h, and Application Function (AF) 350. These network entities can be implemented either as a network element on a dedicated hardware, as a software instance running on a dedicated hardware, or as a virtualized function instantiated on an appropriate platform, e.g., a cloud infrastructure, as is appreciated by those skilled in the art.
In general, UE 308 connects to RAN/Access Network (AN) 310 as well as AMF 320. Here, the RAN can include a base station while the AN can include a base station supporting non-3GPP access, e.g., Wi-Fi access. AMF 320 provides UE-based authentication, authorization, mobility management, etc. SMF 325 is responsible for session management, IP address allocation to UE(s), and traffic management/selection of a User Plane Function (UPF) (e.g., UPF 315) for proper routing/data transfer. If UE 308 has multiple sessions, different SMFs may be allocated to each session for individual management and/or different functionality per session. AF 350 generally provides information on packet flows to PCF 345v, which is responsible for policy control in order to support Quality of Service (QoS). Based on the information from AF 350, PCF 345v determines policies about mobility and session management for proper AMF/SMF operations. AUSF 355 stores authentication data for UE 308, and UDM 360 stores subscription data for UE 308. Data network 108 provides Internet access or operator services. The foregoing operations (and additional functionality) for respective network entities can be found in 3GPP Technical Specification (TS) 23.501 v 15.2.0 and TS 23.502v15.2.0, which is incorporated by herein by reference to its entirety.
As mentioned, the native blockchain platform shown in
Continuing to refer to
RAN/Access Network (AN) 310 receives the RRC messages from UE 308 and selects an appropriate AMF 320 and/or redirects the RRC messages to a new AMF as appropriate. Here, RAN/AN 310 can determine the RRC message from UE 308 include an indication to perform the blockchain authentication procedure (e.g., in an access category) and selects AMF 320 and/or redirects to a new AMF based on its capability to support the blockchain authentication procedure.
As discussed in greater detail below, AMF 320 can perform the blockchain authentication procedure by exchanging authentication messages with one or more Blockchain Authentication Function (BAF) entities (e.g., BAF(s) 305a-n) over blockchain network interfaces BCx and/or BCy.
The blockchain authentication procedure generally refers to authentication messages exchanged between one or more core NFs and a BAF, which is exposed to the core NFs over the new blockchain network interfaces. The authentication messages provide the BAF with UE credentials and the BAF, in turn, compares the UE credentials against UE credentials stored on a blockchain or distributed ledger. As is appreciated by those skilled in the art, the BAF returns authentication confirmation messages if the UE credentials match the UE credentials stored on the blockchain or distributed ledger.
For example,
In general, UE 308 may indicates support for the blockchain authentication procedure to AMF 320 using RRC messages over RAN/AN network interfaces (which are further transmitted to AMF 320) and/or UE 308 may send a Non-Access Stratum (NAS) messages directly to AMF 320 (e.g., over network interface N1), which NAS messages indicate UE 308 supports/request the blockchain authentication procedure. For these NAS layer messages, the indication can be included directly in a NAS message (e.g., as payload data such as registration type) and/or in follow-on request (e.g., follow-on request data).
In addition, AMF 320 and/or AUSF 355 may still perform conventional authentication processes, depending on service provider or mobile network operator security/integrity policies, as is appreciated by those skilled in the art—e.g., generating/creating encryption keys (e.g., anchor keys), sending authentication requests to AUSF 355, selecting UDM 360, retrieving vectors, e.g., credentials and/or encryption keys, from UDM 360, and so on. In this fashion, the blockchain authentication procedure can complement (or augment) existing authentication processes (e.g., 5G Extensible Authentication Protocol (EAP)—Authentication and Key Agreement (AKA) procedures defined by 3GPP TS 33.301, etc.) to serve as an enhanced or secondary form of security, while in other embodiments, the blockchain authentication procedure can replace existing authentication processes (e.g., if existing authentication processes fail.
As mentioned,
Blockchain Registration Process via AUSF
Referring now to
Next, RAN/AN 310 selects an AMF—here, AMF 320—based on the registration message. For example, RAN/AN 310 determines the registration request message indicates UE 308 supports the blockchain authentication procedure, and can select an appropriate AMF that likewise supports such procedure. Alternatively, RAN/AN 310 can reject the blockchain authentication request, which causes the UE to revert to exiting 3GPP behaviour.
At step 404, RAN/AN 310 sends a registration request message to AMF 320. As mentioned, these registration request messages (and corresponding call flows) may generally follow existing registration procedures such as those specified in 3GPP TS 23.502 (e.g., 4.2.2.2). However, in accordance with the disclosed blockchain authentication procedure, the registration request message may further include a registration type information element (e.g., 5GS registration type information element, defined in 3GPP TS 24.501, 9.8.3.7) that indicates guest access with the additional blockchain mechanisms (e.g., the blockchain authentication procedure).
For example, the 5GS registration type information element is provided below:
In one embodiment, the 5GS registration type information element can enable a follow-on attribute and/or set the follow-on-request bit, which can indicate support or information corresponding to the blockchain authentication procedure. In another embodiment, the 5GS registration type information element can be modified to include a registration type that indicates the guest authenticating mechanism (e.g., the blockchain authentication procedure).
As discussed in greater detail below, the blockchain authentication procedure, whether indicated in the registration request message with the follow-on request bit or the modified registration type, can include a non-3GPP authentication procedure piggy backed over a Non-Access Stratum (NAS) message. For example, the blockchain authentication procedure could be carried in a transparent container payload of the NAS protocol where the authentication type can be indicated in a NAS payload. Notably, in accordance with network service provider or operator policy/requirements, AMF 320 may first perform standard EAP-AKA procedures (e.g., as defined by 3GPP TS 33.301, 6.1.2 and 6.1.3), and if successful, AMF 320 may further perform the blockchain authentication procedure as a complimentary or supplemental process. However, as mentioned above, in some instances, AMF 320 may perform the blockchain authentication procedure and register/attach UE 308 to the network even if the standard EAP-AKA procedures fail (depending on policy/requirements).
Signaling diagram 401 continues to steps 406 and 408 where UE 308 and AMF 320 exchange identity request/response messages. Here, AMF 320 initiates a UE identity request at step 406 during an initial registration, e.g., when AMF 320 is new to UE 308, and/or when AMF 320 was not provided Subscriber Concealed Identifier (SUCI) information from prior AMF(s) (e.g., in accordance with 3GPP TS 23.502 procedures). As shown, AMF 320 particularly initiates authentication with UE 308 by sending an identity request message at step 406 and, in response, UE 308 generates and transmits, a corresponding identity response (e.g., with a SUCI or privacy preserving identifier containing a concealed subscriber permanent identifier (SUPI)) in step 408.
In some embodiments, UE 308 returns additional parameters at step 408 to indicate support for the blockchain authorization procedure (e.g., in addition to or as an alternative to the above discussed indications in 5GS registration type information). After step 408, AMF 320 initiates UE authentication processes with an AUSF and selects AUSF 355 based on, for example, SUCI/SUPI information (described in 3GPP TS 23.501) and/or the indicated support for the blockchain authorization procedure.
Steps 410-424 illustrate the blockchain authentication procedure employed by AUSF 355 in conjunction with conventional authentication calls (e.g., as specified by 3GPP TS 33.501) between AMF 320, AUSF 355, and UDM 360. As described below, the ordering and exchange messages represented by steps 410-424 reflect various bi-lateral message exchanges.
In particular, step 410 provides optional challenges/responses between AMF 320 and UE 308, which allow UE 308 to indicate support for the blockchain authorization procedure in NAS messages sent to AMF 320 (e.g., over network interface N1).
At step 412, AMF 320 can invoke existing authentication services by sending an authentication request message to AUSF 355. In response, AUSF 355 checks that the requesting AMF in the serving network is entitled to use the serving network and sends, at step 414, a corresponding authentication request message to UDM 360. UDM 360 generates and sends an authentication vector (e.g., security keys, etc.) to AUSF 355, again at step 414.
AUSF 355 also exchanges EAP-Requests/AKA-Challenges with AMF 320, at step 416, which further solicit EAP challenges/responses from UE 308, at step 418. As shown, the EAP challenges/responses between UE 308 and AMF 320 can include NAS messages with blockchain payload data to provide AMF 320 (and thus AUSF 355 at step 416) relevant blockchain authentication information (e.g., UE 308 registration information with prior BAF entities, etc.) for subsequent or secondary authentication with BAF 305 (e.g., step 424 discussed below). In accordance with existing authentication protocols, and based on the EAP challenges/responses received by AUSF 355 at step 416, AUSF 355 can complete UE authentication with UDM 360 at step 414.
Collectively, the messages exchanged at steps 410-416 can confirm/accept the UE's credentials or deny/reject the UE's credentials based on existing authentication protocols. In addition, these messages can provide appropriate security context/acknowledgements between UE 308, AMF 320, AUSF 355, and UDM 360, which protect/encrypt subsequent messages from UE 308.
Regardless of success/failure of UE authentication in steps 410, AMF 320 and AUSF 355 may further perform the blockchain authentication procedure (e.g., as a complimentary/substitute authentication procedure). In this fashion, the blockchain authentication procedure can thought of as an extension to existing calls and/or may include additional flags/parameters in appropriate messages.
Depending on policies and/or security requirements, AMF 320 may continue on to perform the blockchain authentication process with AUSF 355. As mentioned above, AMF 320 can receive relevant blockchain authentication information from UE 308 in the course of exchanging authentication messages based on existing procedures, or alternatively, UE 308 can send separate NAS messages to AMF 320 with the blockchain authentication information included in payload data, such as shown at step 420. The blockchain authentication information is used by AMF 320/AUSF 355 to authenticate UE 308 with BAF 305. For example, the blockchain authentication information can include a blockchain entity ID that corresponds to BAF 305 as well as blockchain credentials, such as blockchain registration information, blockchain subscription information, and so on. Preferably, UE 308 registers and subscribes to BAF 305 (e.g., over blockchain network interface BCz) to obtain the blockchain authentication information. AMF 320 receives these NAS messages, identifies the blockchain entity ID, and selects an appropriate BAF (here, BAF 305) based on the blockchain entity ID.
AMF 320 further invokes AUSF 355, at step 422, to continue the blockchain authentication procedure and authenticate UE 308 with BAF 305 using, for example, a Nausf service call over the N12 network interface. In this fashion, AMF 320 sends service-based API messages (e.g., as defined by 3GPP TS 29.509 and TS 29.518) with appropriate blockchain authentication flags/parameters/payload/etc. to AUSF 355.
AUSF 355 receives the API messages and exchanges, at step 424, blockchain authentication messages with BAF 305 over blockchain network interface BCx. AUSF 355 further sends these blockchain authentication messages to AMF 320 (e.g., blockchain authentication confirmation, etc.) so AMF can complete the blockchain authentication procedure. It is appreciated the blockchain authentication procedure may require additional messages to handle situations where BAF 305 is slow to respond, is unavailable or out of service, and/or fails to confirm the UE credentials. In these situations, AMF 320 may send temporary Ack messages to UE 308 to provide additional processing time for BAF 305 to authenticate the UE credentials.
In sum, steps 420-424 represent blockchain authentication operations where AMF 320 receives identifying information for the BAF associated with UE 308 and selects BAF 305 based on the identifying information (e.g., steps 420-422), and completes the authentication transaction by acting as an agent of UE 308 since UE 308 may be considered a client of BAF 305 (e.g., steps 424). Preferably, UE 308 previously registered and subscribed to BAF 305 over blockchain interface BCz.
Once UE 308 is successfully authenticated with the blockchain authentication procedure, signaling diagram continues to steps 430, 432, 436, and 438, which include messages to complete UE 308 registration in accordance with 3GPP TS 23.502 (e.g., UDM selection/update, PCF selection, registration acceptance, and so on).
In some embodiments of this disclosure, the blockchain authentication procedure may also include an optional credit check for UE 308, shown as a charging event at step 434. Notably, this credit check represents a charging authorization procedure that can be performed after UE 308 is authenticated with BAF 305 but before AMF 320 completes registration and attaches UE 308 to the SBA network.
In operation, PCF 345 manages mobility credentials for UE 308 and performs the credit authorization procedure with BAF 305 in an authorization layer. The credit authorization procedure determines if UE 308 (and its corresponding user) can complete a transaction (e.g., can the user pay for the transaction now or at a future time), the type and/or number of network services the user can afford (e.g., which can limit or restrict access to network resources), and so on. For example, in an Internet of Things (IoT) context, PCF 345 can use the credit authorization procedure to determine virtual contract information (e.g., credit worthiness) associated with UE 308, which can be shared with other network entities/services (e.g., NFs) in SBA 132.
As mentioned above, steps 430, 432, 436, and 438 include messages to complete UE 308 registration in accordance with 3GPP TS 23.502.
Blockchain Secondary Authentications Using AMF
In other embodiments of this disclosure, AMF 320 may directly perform the blockchain authentication procedure with BAF 305 (e.g., after, for example, AMF 320 successfully obtains an appropriate security context/acknowledgements from AUSF 355/UDM 360), which ensure encryption/integrity protection for messages exchanged with UE 308.
In particular, signaling diagram 402 of
In addition to the steps shown in signaling diagram 401, signaling diagram 402 further provides steps 426 and 428, which represent AMF 320 operations to directly exchange blockchain authentication messages with BAF 305. In particular, at step 426, UE 308 exchanges blockchain authentication information with AMF 320 using, for example, NAS messages that can include blockchain payload data. The blockchain authentication information is used by AMF 320 to authenticate UE 308 with BAF 305. As mentioned, the blockchain authentication information can include a blockchain entity ID that corresponds to BAF 305 as well as blockchain credentials, such as blockchain registration information, blockchain subscription information, and so on. AMF 320 receives these NAS messages and selects an appropriate BAF (here, BAF 305) based on the blockchain entity ID. AMF 320 further authenticates UE 308 with BAF 305 at step 428 and may receive an authentication confirmation from BAF 305.
Steps 430, 432, 436, and 438 represent messages for completing UE registration in accordance with 3GPP TS 23.502.
Procedure 500 begins at step 505 and continues on to step 510 where, as discussed above, the AMF determines User Equipment (UE) (e.g., UE 308) supports a blockchain authentication procedure. For example, the AMF can determine the UE supports the blockchain authentication procedure from a Radio Request Control message (RRC) such as a registration request message and/or a Non-Access Stratum message received from the UE (e.g., in a registration type field, a NAS payload field, follow-on request data, etc.). Notably, in some embodiments, the RAN/AN in communication with the UE may select the AMF based on the indicated support for the blockchain authentication procedure.
Procedure continues to step 515 where the AMF optionally selects or invokes an Authentication Server Function (AUSF) entity to perform the blockchain authentication procedure. As discussed above, the AMF may directly communicate and authenticate the UE with a Blockchain Authentication Function (BAF) entity (e.g, BAF 305), or it may invoke an AUSF to perform the blockchain authentication procedure.
In step 520, the AMF receives blockchain credentials from the UE. The blockchain credentials refer to blockchain authentication information and can include blockchain registration/subscription information. In some embodiments, the UE receives the blockchain credentials from the BAF entity over a blockchain network interface (e.g., BCz).
The AMF further determines, at step 525, the blockchain credentials include a blockchain entity ID, and selects, at step 530, the BAF (e.g., BAF 305) for blockchain authentication based on the same.
The AMF also exchanges authentication messages, at step 535 with the BAF. As mentioned, the AMF exchange the authentication messages directly with the BAF (e.g., over a blockchain network interface BCy or indirectly (e.g., through the AUSF entity, which communicates with the BAF entity over a blockchain network interface BCz). The AMF receives, at step 540, a blockchain authentication confirmation from the BAF entity (again, either directly or indirectly through the AUSF entity). Notably, in some embodiments, the BAF entity may require additional processing time to validate the UE's credentials. In these embodiments, the AMF may send temporary Ack. messages to the UE to accommodate the additional processing time.
The AMF can optionally invoke, at step 545, a Policy Control Function (PCF) entity (e.g., PCF 345) to perform a credit authorization procedure (e.g., in an authorization layer) for a user associated with the UE. As mentioned above, the credit authorization procedure can determine a scope of network services (e.g., access or restrict) to be provided to the UE based on the credit worthiness of the user. In some embodiments, this information may be included as part of a virtual contract that can be shared with various NFs. Next, the PCF can provide, at step 545, the UE access to one or more network resources based on the credit authorization procedure (e.g., credit worthiness of the user). Finally, the AMF registers the UE at step 555.
Procedure subsequently ends at step 560, but may return again to step 510 where the AMF determines another UE supports the blockchain authentication procedure.
It should be noted that while certain steps within procedure 500 may be optional, and further, the steps shown in
The techniques described herein, therefore, provide a native blockchain platform for wireless networks. This native blockchain platform supports new use cases that create opportunities to share network resources across multiple provider networks, increase workload mobility security, improve billing/mediation and reconciliation and create mechanisms for roaming authentication/registration using blockchain technology. In addition, the native blockchain platform provides new opportunities for the app economy and creates a new market place for Mobile virtual network operators (MVNO) participation. As discussed above the native blockchain platform facilitates new methods for authenticating UE when attaching the UE to the network as well as new methods to facilitate payments for network services as part of blockchain charging events.
While there have been shown and described illustrative embodiments of the native blockchain platform and corresponding operations in a specific network context (e.g., a mobile core network for a 5G network), it is to be understood that various other adaptations and modifications may be made within the spirit and scope of the embodiments herein. For example, the embodiments and operations disclosed herein have been described with respect to certain devices, NFs, interfaces, and systems, however it is appreciated that such embodiments are provided for purposes of example, not limitation and that the blockchain authentication techniques disclosed herein can be incorporated as part of existing wireless networks.
The foregoing description has been directed to specific embodiments. It will be apparent, however, that other variations and modifications may be made to the described embodiments, with the attainment of some or all of their advantages. For instance, it is expressly contemplated that the components, elements, and/or operations described herein can be implemented as software being stored on a tangible (non-transitory) computer-readable medium, devices, and memories (e.g., disks/CDs/RAM/EEPROM/etc.) having program instructions executing on a computer, hardware, firmware, or a combination thereof. Further, methods describing the various functions and techniques described herein can be implemented using computer-executable instructions that are stored or otherwise available from computer readable media. Such instructions can comprise, for example, instructions and data which cause or otherwise configure a general purpose computer, special purpose computer, or special purpose processing device to perform a certain function or group of functions. Portions of computer resources used can be accessible over a network. The computer executable instructions may be, for example, binaries, intermediate format instructions such as assembly language, firmware, or source code. Examples of computer-readable media that may be used to store instructions, information used, and/or information created during methods according to described examples include magnetic or optical disks, flash memory, USB devices provided with non-volatile memory, networked storage devices, and so on. In addition, devices implementing methods according to these disclosures can comprise hardware, firmware and/or software, and can take any of a variety of form factors. Typical examples of such form factors include laptops, smart phones, small form factor personal computers, personal digital assistants, and so on. Functionality described herein also can be embodied in peripherals or add-in cards. Such functionality can also be implemented on a circuit board among different chips or different processes executing in a single device, by way of further example. Instructions, media for conveying such instructions, computing resources for executing them, and other structures for supporting such computing resources are means for providing the functions described in these disclosures. Accordingly this description is to be taken only by way of example and not to otherwise limit the scope of the embodiments herein. Therefore, it is the object of the appended claims to cover all such variations and modifications as come within the true spirit and scope of the embodiments herein.
This application claims benefit to U.S. provisional application No. 62/682,770, filed on Jun. 8, 2018, which is expressly incorporated by reference herein in its entirety.
| Number | Name | Date | Kind |
|---|---|---|---|
| 4236068 | Walton | Nov 1980 | A |
| 5642303 | Small et al. | Jun 1997 | A |
| 5751223 | Turner | May 1998 | A |
| 6812824 | Goldinger et al. | Nov 2004 | B1 |
| D552603 | Tierney | Oct 2007 | S |
| 7573862 | Chambers et al. | Aug 2009 | B2 |
| D637569 | Desai et al. | May 2011 | S |
| 7975262 | Cozmei | Jul 2011 | B2 |
| 8010079 | Mia et al. | Aug 2011 | B2 |
| 8102814 | Rahman et al. | Jan 2012 | B2 |
| 8260320 | Herz | Sep 2012 | B2 |
| 8284748 | Borghei | Oct 2012 | B2 |
| 8300594 | Bernier et al. | Oct 2012 | B1 |
| 8325626 | Tóth et al. | Dec 2012 | B2 |
| 8396485 | Grainger et al. | Mar 2013 | B2 |
| 8446899 | Lei et al. | May 2013 | B2 |
| 8457145 | Zimmerman et al. | Jun 2013 | B2 |
| 8458184 | Dorogusker et al. | Jun 2013 | B2 |
| D691636 | Bunton | Oct 2013 | S |
| 8549638 | Aziz | Oct 2013 | B2 |
| 8553634 | Chun et al. | Oct 2013 | B2 |
| 8644301 | Tamhankar et al. | Feb 2014 | B2 |
| 8650279 | Mehta et al. | Feb 2014 | B2 |
| 8669902 | Pandey et al. | Mar 2014 | B2 |
| 8676182 | Bell et al. | Mar 2014 | B2 |
| 8682279 | Rudolf et al. | Mar 2014 | B2 |
| 8693367 | Chowdhury et al. | Apr 2014 | B2 |
| 8718644 | Thomas et al. | May 2014 | B2 |
| 8761174 | Jing et al. | Jun 2014 | B2 |
| 8768389 | Nenner et al. | Jul 2014 | B2 |
| 8849283 | Rudolf et al. | Sep 2014 | B2 |
| 8909698 | Parmar et al. | Dec 2014 | B2 |
| 8958318 | Hastwell et al. | Feb 2015 | B1 |
| 9060352 | Chan et al. | Jun 2015 | B2 |
| 9130859 | Knappe | Sep 2015 | B1 |
| 9173084 | Foskett | Oct 2015 | B1 |
| 9173158 | Varma | Oct 2015 | B2 |
| D744464 | Snyder et al. | Dec 2015 | S |
| 9270709 | Shatzkamer et al. | Feb 2016 | B2 |
| 9271216 | Friman et al. | Feb 2016 | B2 |
| 9281955 | Moreno et al. | Mar 2016 | B2 |
| D757424 | Phillips et al. | May 2016 | S |
| D759639 | Moon et al. | Jun 2016 | S |
| 9369387 | Filsfils et al. | Jun 2016 | B2 |
| 9389992 | Gataullin et al. | Jul 2016 | B2 |
| 9426305 | De Foy et al. | Aug 2016 | B2 |
| D767548 | Snyder et al. | Sep 2016 | S |
| 9467918 | Kwan | Oct 2016 | B1 |
| D776634 | Lee et al. | Jan 2017 | S |
| 9544337 | Eswara et al. | Jan 2017 | B2 |
| 9569771 | Lesavich et al. | Feb 2017 | B2 |
| 9609504 | Karlqvist et al. | Mar 2017 | B2 |
| 9615268 | Navarro et al. | Apr 2017 | B2 |
| 9634952 | Gopinathan et al. | Apr 2017 | B2 |
| 9642167 | Snyder et al. | May 2017 | B1 |
| 9654344 | Chan et al. | May 2017 | B2 |
| 9712444 | Bolshinsky et al. | Jul 2017 | B1 |
| 9713114 | Yu | Jul 2017 | B2 |
| 9736056 | Vasseur et al. | Aug 2017 | B2 |
| 9762683 | Karampurwala et al. | Sep 2017 | B2 |
| 9772927 | Gounares et al. | Sep 2017 | B2 |
| 9820105 | Snyder et al. | Nov 2017 | B2 |
| D804450 | Spiel et al. | Dec 2017 | S |
| 9858559 | Raleigh et al. | Jan 2018 | B2 |
| 9860151 | Ganichev et al. | Jan 2018 | B2 |
| 9933224 | Dumitriu et al. | Feb 2018 | B2 |
| 9923780 | Rao et al. | Mar 2018 | B2 |
| 9961560 | Farkas et al. | May 2018 | B2 |
| 9967906 | Verkaik et al. | May 2018 | B2 |
| 9980220 | Snyder et al. | May 2018 | B2 |
| 9985837 | Rao et al. | May 2018 | B2 |
| 9998368 | Chen et al. | Jun 2018 | B2 |
| 10108954 | Dunlevy et al. | Oct 2018 | B2 |
| 10123202 | Polehn | Nov 2018 | B1 |
| 10164779 | Uhr | Dec 2018 | B2 |
| 10171248 | King | Jan 2019 | B2 |
| 20030087645 | Kim et al. | May 2003 | A1 |
| 20030116634 | Tanaka | Jun 2003 | A1 |
| 20040029576 | Flykt et al. | Feb 2004 | A1 |
| 20040203572 | Aerrabotu et al. | Oct 2004 | A1 |
| 20050090225 | Muehleisen et al. | Apr 2005 | A1 |
| 20050169193 | Black et al. | Aug 2005 | A1 |
| 20050186904 | Kowalski et al. | Aug 2005 | A1 |
| 20060022815 | Fischer et al. | Feb 2006 | A1 |
| 20060030290 | Rudolf et al. | Feb 2006 | A1 |
| 20060092964 | Park et al. | May 2006 | A1 |
| 20060126882 | Deng et al. | Jun 2006 | A1 |
| 20060146803 | Bae et al. | Jul 2006 | A1 |
| 20060187866 | Werb et al. | Aug 2006 | A1 |
| 20060245406 | Shim | Nov 2006 | A1 |
| 20070037605 | Logan | Feb 2007 | A1 |
| 20070130471 | Walker Pina et al. | Jun 2007 | A1 |
| 20070239854 | Janakiraman et al. | Oct 2007 | A1 |
| 20080037715 | Prozeniuk et al. | Feb 2008 | A1 |
| 20080084888 | Yadav et al. | Apr 2008 | A1 |
| 20080101381 | Sun et al. | May 2008 | A1 |
| 20080163207 | Reumann et al. | Jul 2008 | A1 |
| 20080233969 | Mergen | Sep 2008 | A1 |
| 20090129389 | Halna DeFretay et al. | May 2009 | A1 |
| 20090203370 | Giles et al. | Aug 2009 | A1 |
| 20090282048 | Ransom et al. | Nov 2009 | A1 |
| 20090298511 | Paulson | Dec 2009 | A1 |
| 20090307485 | Weniger et al. | Dec 2009 | A1 |
| 20100039280 | Holm et al. | Feb 2010 | A1 |
| 20100097969 | De Kimpe et al. | Apr 2010 | A1 |
| 20110087799 | Padhye et al. | Apr 2011 | A1 |
| 20110142053 | Van Der Merwe et al. | Jun 2011 | A1 |
| 20110182295 | Singh et al. | Jul 2011 | A1 |
| 20110194553 | Sahin et al. | Aug 2011 | A1 |
| 20110228779 | Goergen | Sep 2011 | A1 |
| 20120023552 | Brown et al. | Jan 2012 | A1 |
| 20120054367 | Ramakrishnan et al. | Mar 2012 | A1 |
| 20120088476 | Greenfield | Apr 2012 | A1 |
| 20120115512 | Grainger et al. | May 2012 | A1 |
| 20120157126 | Rekimoto | Jun 2012 | A1 |
| 20120167207 | Beckley et al. | Jun 2012 | A1 |
| 20120182147 | Forster | Jul 2012 | A1 |
| 20120284777 | Eugenio et al. | Nov 2012 | A1 |
| 20120311127 | Kandula et al. | Dec 2012 | A1 |
| 20120324035 | Cantu et al. | Dec 2012 | A1 |
| 20130029685 | Moshfeghi | Jan 2013 | A1 |
| 20130039391 | Skarp | Feb 2013 | A1 |
| 20130057435 | Kim | Mar 2013 | A1 |
| 20130077612 | Khorami | Mar 2013 | A1 |
| 20130088983 | Pragada et al. | Apr 2013 | A1 |
| 20130107853 | Pettus et al. | May 2013 | A1 |
| 20130108263 | Srinivas et al. | May 2013 | A1 |
| 20130115916 | Herz | May 2013 | A1 |
| 20130145008 | Kannan et al. | Jun 2013 | A1 |
| 20130155906 | Nachum et al. | Jun 2013 | A1 |
| 20130191567 | Rofougaran et al. | Jul 2013 | A1 |
| 20130203445 | Grainger et al. | Aug 2013 | A1 |
| 20130217332 | Altman et al. | Aug 2013 | A1 |
| 20130232433 | Krajec et al. | Sep 2013 | A1 |
| 20130273938 | Ng et al. | Oct 2013 | A1 |
| 20130317944 | Huang et al. | Nov 2013 | A1 |
| 20130322438 | Gospodarek et al. | Dec 2013 | A1 |
| 20130343198 | Chhabra et al. | Dec 2013 | A1 |
| 20130347103 | Veteikis et al. | Dec 2013 | A1 |
| 20140007089 | Bosch et al. | Jan 2014 | A1 |
| 20140016926 | Soto et al. | Jan 2014 | A1 |
| 20140025770 | Warfield et al. | Jan 2014 | A1 |
| 20140031031 | Gauvreau et al. | Jan 2014 | A1 |
| 20140052508 | Pandey et al. | Feb 2014 | A1 |
| 20140059655 | Beckley et al. | Feb 2014 | A1 |
| 20140087693 | Walby et al. | Mar 2014 | A1 |
| 20140105213 | A K et al. | Apr 2014 | A1 |
| 20140118113 | Kaushik et al. | May 2014 | A1 |
| 20140148196 | Bassan-Eskenazi et al. | May 2014 | A1 |
| 20140179352 | V.M. et al. | Jun 2014 | A1 |
| 20140191868 | Ortiz et al. | Jul 2014 | A1 |
| 20140198808 | Zhou | Jul 2014 | A1 |
| 20140222997 | Mermoud et al. | Aug 2014 | A1 |
| 20140233460 | Pettus et al. | Aug 2014 | A1 |
| 20140269321 | Kamble et al. | Sep 2014 | A1 |
| 20140302869 | Rosenbaum et al. | Oct 2014 | A1 |
| 20140337824 | St. John et al. | Nov 2014 | A1 |
| 20140341568 | Zhang et al. | Nov 2014 | A1 |
| 20150016286 | Ganichev et al. | Jan 2015 | A1 |
| 20150016469 | Ganichev et al. | Jan 2015 | A1 |
| 20150023176 | Korja et al. | Jan 2015 | A1 |
| 20150030024 | Venkataswami et al. | Jan 2015 | A1 |
| 20150043581 | Devireddy et al. | Feb 2015 | A1 |
| 20150063166 | Sif et al. | Mar 2015 | A1 |
| 20150065161 | Ganesh et al. | Mar 2015 | A1 |
| 20150087330 | Prechner et al. | Mar 2015 | A1 |
| 20150103818 | Kuhn et al. | Apr 2015 | A1 |
| 20150163192 | Jain et al. | Jun 2015 | A1 |
| 20150172391 | Kasslin et al. | Jun 2015 | A1 |
| 20150223337 | Steinmacher-Burow | Aug 2015 | A1 |
| 20150256972 | Markhovsky et al. | Sep 2015 | A1 |
| 20150264519 | Mirzaei | Sep 2015 | A1 |
| 20150280827 | Adiletta et al. | Oct 2015 | A1 |
| 20150288410 | Adiletta et al. | Oct 2015 | A1 |
| 20150326704 | Ko et al. | Nov 2015 | A1 |
| 20150358777 | Gupta | Dec 2015 | A1 |
| 20150362581 | Friedman et al. | Dec 2015 | A1 |
| 20150379510 | Smith | Dec 2015 | A1 |
| 20160007315 | Lundgreen et al. | Jan 2016 | A1 |
| 20160044627 | Aggarwal et al. | Feb 2016 | A1 |
| 20160099847 | Melander et al. | Apr 2016 | A1 |
| 20160100395 | Xu et al. | Apr 2016 | A1 |
| 20160105408 | Cooper et al. | Apr 2016 | A1 |
| 20160127875 | Zampini, II | May 2016 | A1 |
| 20160146495 | Malve et al. | May 2016 | A1 |
| 20160330045 | Tang et al. | Nov 2016 | A1 |
| 20160344641 | Javidi et al. | Nov 2016 | A1 |
| 20170026974 | Dey et al. | Jan 2017 | A1 |
| 20170116693 | Rae et al. | Apr 2017 | A1 |
| 20170164212 | Opsenica et al. | Jun 2017 | A1 |
| 20170177898 | Dillenberger | Jun 2017 | A1 |
| 20170180134 | King | Jun 2017 | A1 |
| 20170180999 | Alderfer et al. | Jun 2017 | A1 |
| 20170181136 | Bharadwaj et al. | Jun 2017 | A1 |
| 20170195205 | Li et al. | Jul 2017 | A1 |
| 20170202000 | Fu et al. | Jul 2017 | A1 |
| 20170214551 | Chan et al. | Jul 2017 | A1 |
| 20170214675 | Johnsrud et al. | Jul 2017 | A1 |
| 20170243208 | Kurian et al. | Aug 2017 | A1 |
| 20170273083 | Chen et al. | Sep 2017 | A1 |
| 20170302663 | Nainar et al. | Oct 2017 | A1 |
| 20170317997 | Smith | Nov 2017 | A1 |
| 20170330179 | Song et al. | Nov 2017 | A1 |
| 20170330180 | Song et al. | Nov 2017 | A1 |
| 20170332421 | Sternberg | Nov 2017 | A1 |
| 20170339706 | Andreoli-Fang et al. | Nov 2017 | A1 |
| 20170364700 | Goldfarb et al. | Dec 2017 | A1 |
| 20180060835 | Martin | Mar 2018 | A1 |
| 20180063018 | Bosch et al. | Mar 2018 | A1 |
| 20180069311 | Pallas et al. | Mar 2018 | A1 |
| 20180082076 | Murray | Mar 2018 | A1 |
| 20180084389 | Snyder et al. | Mar 2018 | A1 |
| 20180084427 | Huo | Mar 2018 | A1 |
| 20180136633 | Small et al. | May 2018 | A1 |
| 20180137512 | Georgiadis | May 2018 | A1 |
| 20180139056 | Imai et al. | May 2018 | A1 |
| 20180139107 | Senarath et al. | May 2018 | A1 |
| 20180197173 | Durvasula et al. | Jul 2018 | A1 |
| 20180212970 | Chen et al. | Jul 2018 | A1 |
| 20180253539 | Minter et al. | Sep 2018 | A1 |
| 20180287806 | Carboni et al. | Oct 2018 | A1 |
| 20180294966 | Hyun et al. | Oct 2018 | A1 |
| 20180294977 | Uhr et al. | Oct 2018 | A1 |
| 20180343128 | Uhr et al. | Nov 2018 | A1 |
| 20180374094 | Kohli et al. | Dec 2018 | A1 |
| 20190005470 | Uhr et al. | Jan 2019 | A1 |
| 20190012695 | Bishnoi et al. | Jan 2019 | A1 |
| 20190058709 | Kempf et al. | Feb 2019 | A1 |
| Number | Date | Country |
|---|---|---|
| 107079036 | Aug 2017 | CN |
| 107784748 | Mar 2018 | CN |
| WO 2013020126 | Feb 2013 | WO |
| WO 2014098556 | Jun 2014 | WO |
| WO 2015131920 | Sep 2015 | WO |
| 2017078657 | May 2017 | WO |
| WO 2017187011 | Nov 2017 | WO |
| WO 2017187397 | Nov 2017 | WO |
| WO 2018009340 | Jan 2018 | WO |
| WO 2018028777 | Feb 2018 | WO |
| 2018053271 | Mar 2018 | WO |
| WO 2018066362 | Apr 2018 | WO |
| Entry |
|---|
| “Cisco ASR 5x00 Mobility Management Entity Administration Guide,” Version 15.0, Cisco Systems, Inc., Last updated Jun. 13, 2014, pp. 1-266. |
| “Cisco 10000 Series Router Quality of Service Configuration Guide, Chapter 20: Configuring Quality of Service for MPLS Traffic,” Cisco Systems, Inc., Updated Nov. 17, 2013, pp. 1-34. |
| “Enterprise Mobility 7.3 Design Guide, Chapter 11: CISCO Mobility Services Engine,” Cisco Systems, Inc., Updated Apr. 20, 2015, 8 pages. |
| “I Love WiFi, The difference between L2 and L3 Roaming Events,” Apr. 1, 2010, 6 pages. |
| “Quality of Service Regulation Manual,” ITU 2017, pp. 1-174. |
| “Wi-FI Location-Based Services 4.1 Design Guide,” May 20, 2008, 206 pages. |
| Afolabi, Ibrahim, et al., “Network Slicing & Softwarization: A Survey on Principles, Enabling Technologies & Solutions,” Mar. 21, 2018, pp. 1-24. |
| Ali, Z., et al., “Performance Measurement in Segment Routing Networks with IPv6 Data Plane (SRv6),” Spring Working Group, Feb. 26, 2018, pp. 1-17. |
| An, Xueli, et al., “Virtualization of Cellular Network EPC Gateways based on a Scalable SDN Architecture,” IEEE, Feb. 12, 2015, pp. 1-7. |
| Antonioli, Roberto, et al., “Dual Connectivity for LTE-NR Cellular Networks,” Research Gate, Sep. 3-6, 2017, pp. 171-175. |
| Bekan, Adnan, et al., “D5.1: Machine Learning Algorithms Development and Implementation,” 2016-2018 eWINE Consortium, 23, 2016, pp. 1-72. |
| Bogale, Tadilo Endeshaw, et al., “Machine Intelligence Techniques for Next-Generation Context-Aware Wireless Networks,” arxiv.org, Jan. 12, 2018, pp. 1-10. |
| Carter, Steve Sr., “E911 VoIP Essentials For Enterprise Deployments,” XO Communications, LLC, 2012, 9 pages. |
| Chalise, Batu K., et al., “MIMO Relaying for Multiaccess Communication in Cellular Networks,” Sensor Array and MultiChannel Signal Processing Workshop, 2008, SAM 2008, 5th IEEE, Jul. 21, 2008, pp. 146-150. |
| Cheng, W., et al., “Path Segment in MPLS Based Sement Routing Network,” Network Working Group, Oct. 2017, pp. 1-10. |
| Christidis, Konstantinos, et al., “Blockchains and Smart Contracts for the Internet of Things,” IEEE Access, Special Section on the of Research in Internet of Things (IoT), vol. 4, May 10, 2016, pp. 1-12. |
| Cox, Jacob H. Jr., et al., “Advancing Software-Defined Networks: A Survey,” IEEE, Oct. 12, 2017, pp. 25487-25526. |
| Cui, Wenzhi et al., “DiFS: Distributed Flow Scheduling for Data Center Networks,” Nanjing University, China, Jul. 28, 2013, 10 pages. |
| Doyle, Matthew G., “An IP Address Management Solution for a Server Solution Provider,” A Dissertation Submitted to The University of Liverpool, Sep. 28, 2005, 116 pages. |
| Galvan T., Carlos E., et al., “Wifi bluetooth based combined positioning algorithm,” International Meeting of Electrical Engineering Research ENIINVIE 2012, Procedia Engineering 35 (2012 ), pp. 101-108. |
| Geller, Michael, et al. , “5G Security Innovation with Cisco,” Whitepaper Cisco Public, Jun. 8, 2018, pp. 1-29. |
| Gesbert, David, “Advances in Multiuser MIMO Systems (Tutorial Part II) Emerging Topics in Multiuser MIMO Networks,” IEEE PIMRC Conference, Sep. 2007, 107 pages. |
| Halperin, Daniel, et al., “Augmenting Data Center Networks with Multi-Gigabit Wireless Links,” Aug. 15-19, 2011, SIGCOMM'11, ACM 978-1-4503-0797-0/11/08, pp. 38-49. |
| Herb, Daniel, et al., “ROAUM: How to Unblock ROAMING IoT Using BLockchain,” available at https://uploads-ssl.webflow.com/5987a08baeea4300016b7bd9/5a7a6d6cee5bc400010a08f2_Roaum_Roaming_IoT_Whitepaper.pdf, pp. 1-14. |
| Hsieh, Cynthia, “Location Awareness in VMware View 4.5 and Above,” VMware, 2011, 8 pages. |
| Husain, Syed, et al., “Mobile Edge Computing with Network Resource Slicing for Internet-of-Things,” IEEE 2017, pp. 1-7. |
| Jero, Samuel, et al., “Identifier Binding Attacks and Defenses in Software-Defined Networks,” USENIX, The Advanced Computing Systems Association, Aug. 16-18, 2017, 19 pages. |
| Ji, Philip N., et al., “Demonstration of High-Speed MIMO OFDM Flexible Bandwidth Data Center Network,” Optical Society of America, 2012, 2 pages. |
| Kandula, Srikanth, et al., “Flyways To De-Congest Data Center Networks,” Microsoft Research, Oct. 23, 2009, 6 pages. |
| Katayama, Y. et al., “MIMO Link Design Strategy for Wireless Data Center Applications,” IEEE Wireless Communications and Networking Conference: Services, Applications, and Business, 2012, 5 pages. |
| Leary, Jonathan, et al., “Wireless LAN Fundamentals: Mobility,” Jan. 9, 2004, Cisco Press, 15 pages. |
| Leonhardt, Ulf, “Supporting Location-Awareness in Open Distributed Systems,” May 1998, 186 pages. |
| Morozov, Yury, “Blockchain Telecom: Bubbletone Blockchain,” Dec. 29, 2017, pp. 1-33. |
| Network Heresy, “NVGRE, VXLAN and What Microsoft is Doing Right,” Oct. 3, 2011, 5 pages. |
| Norwegian National Security Authority, “N-03 Security guidance for switches and routers,” Sep. 26, 2012, pp. 1-24. |
| Saraiva de Sousa, Nathan F., et al., “Network Service Orchestration: A Survey,” IEEE Communications Surveys & Tutorials, Mar. 23, 2018, pp. 1-30. |
| Savvides, Andreas, et al., “Dynamic Fine-Grained Localization in Ad-Hoc Networks of Sensors”, Proceeding MobiCom '01 Proceedings of the 7th annual international conference on Mobile computing and networking, Jul. 2001, pp. 166-179. |
| Shwetha, D., et al.,“A Bandwidth Request Mechanism for QoS Enhancement in Mobile WiMAX Networks,” International Journal of Advanced Research in Electrical Electronics and Instrumentation Engineering, vol. 3, Issue 1, Jan. 2014, pp. 1-8. |
| Sun, et al., “The future of Wi-Fi,” IEEE Communications Magazine, vol. 52, No. 11, Nov. 21, 2014, 166 pages. |
| Ventre, Pier Luigi, et al., “Performance Evaluation and Tuning of Virtual Infrastructure Managers for (Micro) Virtual Network Functions,” ieee.org, Nov. 7-10, 2016, pp. 1-7. |
| Wright, Joshua, “Detecting Wireless LAN MAC Address Spoofing,” Jan. 21, 2003, pp. 1-20. |
| Zickau, Sebastian, et al., “Enabling Location-based Policies in a Healthcare Cloud Computing Environment,” 2014 IEEE 3rd International Conference on Cloud Networking (Cloudnet), Oct. 2014, pp. 353-358. |
| Abdulqadder, Ihsan H., et al, “Deployment Of Robust Security Scheme In SDN Based 5G Network Over NFV Enabled Cloud Environment,” IEEE, 2018, pp. 1-12. |
| Blockchain @ Telco: How blockchain can impact the telecommunications industry and its relevance to the C-Suite, Monitor Deloitte, Jun. 20, 2018, 13 pages. |
| Kaloxylos, Alexandros, “A Survey and an Analysis of Network Slicing in 5G Networks,” IEEE Communications Standards Magazine, Mar. 2018, pp. 60-65. |
| Leukert, Bernd, et al., “IoT 2020: Smart and secure IoT platform,” International Electrotechnical Commission, Oct. 11, 2016, 181 pages. |
| Lin, Jun, et al., “Using blockchain to build trusted LoRaWAN sharing server,” Emeraldinsight.com, Sep. 7, 2017, pp. 1-15. |
| Moinet, Axel, et al., “Blockchain based trust & authentication for decentralized sensor networks,” Jun. 6, 2017, 6 pages. |
| Yang, Hui, et al., “Blockchain-based trusted authentication in cloud radio over fiber network for 5g,” Optical Communications and Networks (ICOCN), 2017 16th International Conference on IEEE, 2017, 3 pages. |
| International Search Report and Written Opinion from the International Searching Authority, dated Sep. 16, 2019, 12 pages, for corresponding International Patent Application No. PCT/US2019/036144. |
| International Search Report and Written Opinion from the International Searching Authority, dated Sep. 18, 2019, 11 pages, for corresponding International Patent Application No. PCT/US2019/036164. |
| “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Procedures for the 5G System; Stage 2 (Release 15),” 3GPP TS 23.502 V15.1.0, Mar. 27, 2018, 285 pages. |
| Amann, David, “Konzeption eines Blockchain-basierten Triple-A-Systems und Implementierung als EAP-Erweiterung zur Authentifizierung über,” IEEE 802.1X, Sep. 27, 2017, 100 pages. |
| Kiyomoto, Shinsaku, et al., “On Blockchain-Based Authorization Architecture for Beyond-5G Mobile Services,” The 12the International Conference for Internet Technology and Secured Transactions (ICITST-2017), Dec. 11, 2017, pp. 136-141. |
| Raju, Savaranan, et al., “Identity Management using Blockchain for Cognitive Cellular Networks,” IEEE ICC 2017 Communication and Information Systems Security Symposium, May 21, 2017, 6 pages. |
| Number | Date | Country | |
|---|---|---|---|
| 62682770 | Jun 2018 | US |
