Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020198157 - MULTI-ACCESS DISTRIBUTED EDGE SECURITY IN MOBILE NETWORKS

Publication Number WO/2020/198157
Publication Date 01.10.2020
International Application No. PCT/US2020/024281
International Filing Date 23.03.2020
IPC
H04L 29/06 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
H04W 76/11 2018.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
76Connection management
10Connection setup
11Allocation or use of connection identifiers
H04W 24/08 2009.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
24Supervisory, monitoring or testing arrangements
08Testing using real traffic
H04W 12/06 2009.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
12Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
06Authentication
H04W 76/12 2018.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
76Connection management
10Connection setup
12Setup of transport tunnels
H04W 80/12 2009.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
80Wireless network protocols or protocol adaptations to wireless operation
08Upper layer protocols
12Application layer protocols, e.g. WAP
CPC
H04L 63/0227
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
02for separating internal from external traffic, e.g. firewalls
0227Filtering policies
H04L 63/20
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
20for managing network security; network security policies in general
H04W 12/08
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
12Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
08Access security
Applicants
  • PALO ALTO NETWORKS, INC. [US]/[US]
Inventors
  • VERMA, Sachin
  • BURAKOVSKY, Leonid
Agents
  • SCHALLOP, Michael, J.
Priority Data
16/368,75928.03.2019US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) MULTI-ACCESS DISTRIBUTED EDGE SECURITY IN MOBILE NETWORKS
(FR) SÉCURITÉ DE BORD DISTRIBUÉ À ACCÈS MULTIPLE DANS DES RÉSEAUX MOBILES
Abstract
(EN)
Techniques for providing multi-access distributed edge security in mobile networks (e.g., service provider networks for mobile subscribers, such as for 5G networks) are disclosed. In some embodiments, a system/process/computer program product for multi- access distributed edge security in mobile networks in accordance with some embodiments includes monitoring network traffic on a service provider network at a security platform to identify a new session, wherein the service provider network includes a 5G network or a converged 5G network; extracting subscription and/or equipment identifier information for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the subscription and/or equipment identifier information.
(FR)
L'invention concerne des techniques de sécurité de bord distribué à accès multiple dans des réseaux mobiles (par exemple, des réseaux de fournisseurs de service pour des abonnés mobiles tel que la 5G). Selon certains modes de réalisation, un système/procédé/produit-programme d'ordinateur pour la sécurité de bord distribué à accès multiple dans des réseaux mobiles selon certains modes de réalisation comprend la surveillance d'un trafic de réseau sur un réseau de fournisseur de service au niveau d'une plateforme de sécurité pour identifier une nouvelle session, le réseau de fournisseur de service comprenant un réseau 5G ou un réseau 5G convergent; l'extraction des informations de tranche de réseau pour un trafic d'utilisateur associé à la nouvelle session au niveau de la plateforme de sécurité; et la détermination d'une politique de sécurité à appliquer, au niveau de la plateforme de sécurité, à la nouvelle session sur la base des informations d'identification de d'équipement et/ou d'abonnement.
Also published as
EP2020732718
EP20732718.0
Latest bibliographic data on file with the International Bureau