GB2622804A

GB2622804A - Method, apparatus and computer program

Info

Publication number: GB2622804A
Application number: GB2214169.1A
Authority: GB
Inventors: Pravinchandra Bhatt Rakshesh; Maria Allwang Christiane; P Pillai Pramod
Original assignee: Nokia Technologies Oy
Current assignee: Nokia Technologies Oy
Priority date: 2022-09-28
Filing date: 2022-09-28
Publication date: 2024-04-03
Also published as: GB202214169D0

Abstract

A method comprising: receiving, from a management element, a configuration for the scrambling of sensitive data; receiving, from a consumer element, a request for data; retrieving the requested data; scrambling the retrieved data using the received configuration to provide scrambled data; and providing, to the consumer element, the scrambled data. In another embodiment, a method comprising: receiving, from a consumer element, a configuration for the scrambling of sensitive data S605; providing, to an element, the configuration for the scrambling of sensitive data S606; forwarding, from the consumer element to the element, a request for data S609; and forwarding, from the element to the consumer element, the requested data S610, wherein requested data has been scrambled according to the configuration is disclosed. The configuration for the scrambling of sensitive data may comprise at least one of: an internet protocol (IP) address, an electronic-mail (email) address, location coordinates, a cell name, a username. The element may be one of: a user Equipment (UE), a base station (BS), a network function (NF), a communication device.

Description

METHOD, APPARATUS AND COMPUTER PROGRAM

Field

The present application relates to a method, apparatus, and computer program for a wireless communication system.

Background

A communication system may be a facility that enables communication sessions between two or more entities such as user terminals, base stations/access points and/or other nodes by providing carriers between the various entities involved in the communications path. A communication system may be provided, for example, by means of a communication network and one or more compatible communication devices. The communication sessions may comprise, for example, communication of data for carrying communications such as voice, electronic mail (email), text message, multimedia and/or content data and so on. Non-limiting examples of services provided comprise two-way or multi-way calls, data communication or multimedia services and access to a data network system, such as the Internet.

Summary

According to an aspect, there is provided an apparatus comprising: means for receiving, from a management element, a configuration for the scrambling of sensitive data; means for receiving, from a consumer element, a request for data; means for retrieving the requested data; means for scrambling the retrieved data using the received configuration to provide scrambled data; and means for providing, to the consumer element, the scrambled data.

In an example, the requested data comprises data that has been collected at the apparatus.

In an example, the means for scrambling comprises: means for providing a one-to-one association between i) the retrieved data which is un-scrambled, and ii) the scrambled data, such that instances of the same un-scrambled data are scrambled to the same scrambled data; and means for storing the one-to-one association.

In an example, the configuration for the scrambling of sensitive data comprises at least one type of data to scramble.

In an example, the configuration for the scrambling of sensitive data comprises at least one type of data to leave unscrambled.

In an example, the at least one type of data comprises at least one of: an internet protocol address, an electronic-mail address, location coordinates, a cell name, a username.

In an example, the means for scrambling the retrieved data comprises: means for generating, for each data point of the data being scrambled, i) the scrambled data point, and ii) a mapping between the un-scrambled data point and the scrambled data point; and means for storing, for each data point of the data, the generated mapping.

In an example, the generated mapping is stored as metadata.

In an example, the apparatus comprises: means for receiving, from the management element, an indication to enable the scrambling of data.

In an example, the apparatus comprises: means for, when the scrambling of data is currently enabled, receiving, from the management element, an indication to disable the scrambling of data.

In an example, the apparatus comprises: means for receiving, from the consumer element, a request for data; means for determining whether the scrambling of data in enabled or disabled; and means for, when it is determined that scrambling is disabled, retrieving the requested data in an un-scrambled form and providing, to the consumer element, the un-scrambled requested data.

In an example, the apparatus comprises: means for receiving, from the management element, a message comprising i) scrambled data, and H) a request to un-scramble the data; means for using the stored mapping to un-scramble the received data; and means for providing, to a law enforcement element, the un-scrambled data.

In an example, the data comprises at least one of: data for troubleshooting, and data for operations administration and maintenance.

In an example, one of: the apparatus is for an element, the apparatus is comprised within the element, and the apparatus is the element.

In an example, the element is one of: a user equipment, a base station, a network function, a communication device.

According to an aspect, there is provided an apparatus comprising: at least one processor, and at least one memory storing instructions that, when executed by the one or more processors, cause the apparatus to perform: receiving, from a management element, a configuration for the scrambling of sensitive data; receiving, from a consumer element, a request for data; retrieving the requested data; scrambling the retrieved data using the received configuration to provide scrambled data; and providing, to the consumer element, the scrambled data.

In an example, the scrambling comprises: providing a one-to-one association between i) the retrieved data which is un-scrambled, and ii) the scrambled data, such that instances of the same un-scrambled data are scrambled to the same scrambled data; and storing the one-to-one association.

In an example, the scrambling the retrieved data comprises: generating, for each data point of the data being scrambled, i) the scrambled data point, and ii) a mapping between the un-scrambled data point and the scrambled data point; and storing, for each data point of the data, the generated mapping.

In an example, the generated mapping is stored as metadata.

In an example, the apparatus is caused to perform: receiving, from the management element, an indication to enable the scrambling of data.

In an example, the apparatus is caused to perform: when the scrambling of data is currently enabled, receiving, from the management element, an indication to disable the scrambling of data.

In an example, the apparatus is caused to perform: receiving, from the consumer element, a request for data; determining whether the scrambling of data in enabled or disabled; and when it is determined that scrambling is disabled, retrieving the requested data in an un-scrambled form and providing, to the consumer element, the un-scrambled requested data.

In an example, the apparatus is caused to perform: receiving, from the 10 management element, a message comprising i) scrambled data, and H) a request to un-scramble the data; using the stored mapping to un-scramble the received data; and providing, to a law enforcement element, the un-scrambled data.

In an example, one of: the method is performed by an element.

According to an aspect, there is provided a method comprising: receiving, from a management element, a configuration for the scrambling of sensitive data; receiving, from a consumer element, a request for data; retrieving the requested data; scrambling the retrieved data using the received configuration to provide scrambled data; and providing, to the consumer element, the scrambled data.

In an example, the requested data comprises data that has been collected at an element.

In an example, the configuration for the scrambling of sensitive data comprises at least one type of data to scramble In an example, the configuration for the scrambling of sensitive data comprises at least one type of data to leave unscrambled.

In an example, the scrambling the retrieved data comprises: generating, for each data point of the data being scrambled, i) the scrambled data point, and H) a mapping between the un-scrambled data point and the scrambled data point; and storing, for each data point of the data, the generated mapping.

In an example, the generated mapping is stored as metadata.

In an example, the method comprises: receiving, from the management element, an indication to enable the scrambling of data.

In an example, the method comprises: when the scrambling of data is currently enabled, receiving, from the management element, an indication to disable the scrambling of data.

In an example, the method comprises: receiving, from the consumer element, a request for data; determining whether the scrambling of data in enabled or disabled; and when it is determined that scrambling is disabled, retrieving the requested data in an un-scrambled form and providing, to the consumer element, the un-scrambled requested data.

In an example, the method comprises: receiving, from the management element, a message comprising i) scrambled data, and ii) a request to un-scramble the data; using the stored mapping to un-scramble the received data; and providing, to a law enforcement element, the un-scrambled data.

In an example, one of: the method is performed by an element.

According to an aspect, there is provided an apparatus comprising: means for providing, to a management element, a configuration for the scrambling of sensitive data; means for providing, to an element, a request for data; and means for receiving, from the element, the requested data, wherein requested data has been scrambled according to the configuration.

In an example, the apparatus comprises: means for providing, to the element, an indication to disable the scrambling of data; means for providing, to the element, a request for data; and means for receiving, from the element, the requested data, wherein the data is un-scrambled.

In an example, the apparatus comprises: means for providing, to the management element, a message comprising i) scrambled data, and ii) a request to un-scramble the data; and means for receiving, from the element, the requested data that has been un-scrambled by the element.

In an example, the requested data comprises data that has been collected at the element.

In an example, the apparatus comprises: means for providing, to the element, an indication to enable the scrambling of data.

In an example, the apparatus comprises: means for, when the scrambling of data is currently enabled at the element, providing, to the element, an indication to disable the scrambling of data.

In an example, one of: the apparatus is for a consumer element, the apparatus is comprised within the consumer element, and the apparatus is the consumer element.

In an example, the consumer element is one of: an operator entity, a customer support entity, a law enforcement entity, a base station, a network function, a communication device.

According to an aspect, there is provided an apparatus comprising: at least one processor, and at least one memory storing instructions that, when executed by the one or more processors, cause the apparatus to perform: providing, to a management element, a configuration for the scrambling of sensitive data; providing, to an element, a request for data; and receiving, from the element, the requested data, wherein requested data has been scrambled according to the configuration.

In an example, the apparatus is caused to perform providing, to the element, an indication to disable the scrambling of data; providing, to the element, a request for data; and receiving, from the element, the requested data, wherein the data is un-scram bled.

In an example, the apparatus is caused to perform: providing, to the 10 management element, a message comprising i) scrambled data, and H) a request to un-scramble the data; and receiving, from the element, the requested data that has been un-scram bled by the element.

In an example, the apparatus is caused to perform: providing, to the element, an indication to enable the scrambling of data.

In an example, the apparatus is caused to perform: when the scrambling of 25 data is currently enabled at the element, providing, to the element, an indication to disable the scrambling of data.

According to an aspect, there is provided a method comprising: providing, to a management element, a configuration for the scrambling of sensitive data; providing, to an element, a request for data; and receiving, from the element, the requested data, wherein requested data has been scrambled according to the configuration.

In an example, the method comprises providing, to the element, an indication to disable the scrambling of data; providing, to the element, a request for data; and receiving, from the element, the requested data, wherein the data is un-scrambled. In an example, the method comprises: providing, to the management element, a message comprising i) scrambled data, and ii) a request to un-scramble the data; and receiving, from the element, the requested data that has been un-scrambled by the element.

In an example, the method comprises providing, to the element, an indication to enable the scrambling of data.

In an example, the method comprises: when the scrambling of data is currently enabled at the element, providing, to the element, an indication to disable the scrambling of data.

In an example, the method is performed by a consumer element.

According to an aspect, there is provided an apparatus comprising: means for receiving, from a consumer element, a configuration for the scrambling of sensitive data; means for providing, to an element, the configuration for the scrambling of sensitive data; means for forwarding, from the consumer element to the element, a request for data; and means for forwarding, from the element to the consumer element, the requested data, wherein requested data has been scrambled according to the configuration.

In examples, one of: the apparatus is for a management element, the 25 apparatus is comprised within the management element, and the apparatus is the management element.

In examples, the management element is one of: a base station, a network function, a communication device.

According to an aspect, there is provided an apparatus comprising: at least one processor, and at least one memory storing instructions that, when executed by the one or more processors, cause the apparatus to perform: receiving, from a consumer element, a configuration for the scrambling of sensitive data; providing, to an element, the configuration for the scrambling of sensitive data; forwarding, from the consumer element to the element, a request for data; and forwarding, from the element to the consumer element, the requested data, wherein requested data has been scrambled according to the configuration.

In an example, the method comprises: providing, to the element, an indication to enable the scrambling of data.

In examples, the method is performed by management element.

According to an aspect, there is provided a method comprising: receiving, from a consumer element, a configuration for the scrambling of sensitive data; providing, to an element, the configuration for the scrambling of sensitive data; forwarding, from the consumer element to the element, a request for data; and forwarding, from the element to the consumer element, the requested data, wherein requested data has been scrambled according to the configuration.

In examples, the method is performed by management element.

According to an aspect, there is provided a computer program comprising instructions, which when executed by an apparatus, cause the apparatus to perform at least the following: receiving, from a management element, a configuration for the scrambling of sensitive data; receiving, from a consumer element, a request for data; retrieving the requested data; scrambling the retrieved data using the received configuration to provide scrambled data; and providing, to the consumer element, the scrambled data.

According to an aspect, there is provided a computer program comprising instructions, which when executed by an apparatus, cause the apparatus to perform at least the following: providing, to a management element, a configuration for the scrambling of sensitive data; providing, to an element, a request for data; and receiving, from the element, the requested data, wherein requested data has been scrambled according to the configuration.

According to an aspect, there is provided a computer program comprising instructions, which when executed by an apparatus, cause the apparatus to perform at least the following: receiving, from a consumer element, a configuration for the scrambling of sensitive data; providing, to an element, the configuration for the scrambling of sensitive data; forwarding, from the consumer element to the element, a request for data; and forwarding, from the element to the consumer element, the requested data, wherein requested data has been scrambled according to the configuration.

According to an aspect, there is provided a computer program comprising instructions stored thereon for performing at least the following: receiving, from a management element, a configuration for the scrambling of sensitive data; receiving, from a consumer element, a request for data; retrieving the requested data; scrambling the retrieved data using the received configuration to provide scrambled data; and providing, to the consumer element, the scrambled data.

According to an aspect, there is provided a computer program comprising instructions stored thereon for performing at least the following: providing, to a management element, a configuration for the scrambling of sensitive data; providing, to an element, a request for data; and receiving, from the element, the requested data, wherein requested data has been scrambled according to the configuration.

According to an aspect, there is provided a computer program comprising instructions stored thereon for performing at least the following: receiving, from a consumer element, a configuration for the scrambling of sensitive data; providing, to an element, the configuration for the scrambling of sensitive data; forwarding, from the consumer element to the element, a request for data; and forwarding, from the element to the consumer element, the requested data, wherein requested data has been scrambled according to the configuration.

According to an aspect, there is provided a non-transitory computer readable medium comprising program instructions, that, when executed by an apparatus, cause the apparatus to perform: receiving, from a management element, a configuration for the scrambling of sensitive data; receiving, from a consumer element, a request for data; retrieving the requested data; scrambling the retrieved data using the received configuration to provide scrambled data; and providing, to the consumer element, the scrambled data.

According to an aspect, there is provided a non-transitory computer readable medium comprising program instructions, that, when executed by an apparatus, cause the apparatus to perform: providing, to a management element, a configuration for the scrambling of sensitive data; providing, to an element, a request for data; and receiving, from the element, the requested data, wherein requested data has been scrambled according to the configuration.

According to an aspect, there is provided a non-transitory computer readable medium comprising program instructions, that, when executed by an apparatus, cause the apparatus to perform: receiving, from a consumer element, a configuration for the scrambling of sensitive data; providing, to an element, the configuration for the scrambling of sensitive data; forwarding, from the consumer element to the element, a request for data; and forwarding, from the element to the consumer element, the requested data, wherein requested data has been scrambled according to the configuration. A computer product stored on a medium may cause an apparatus to perform the methods as described herein.

A non-transitory computer readable medium comprising program instructions, that, when executed by an apparatus, cause the apparatus to perform the methods as described herein.

An electronic device may comprise apparatus as described herein.

In the above, various aspects have been described. It should be appreciated that further aspects may be provided by the combination of any two or more of the various aspects described above.

Various other aspects and further embodiments are also described in the is following detailed description and in the attached claims According to some aspects, there is provided the subject matter of the independent claims. Some further aspects are defined in the dependent claims. The embodiments that do not fall under the scope of the claims are to be interpreted as examples useful for understanding the disclosure.

List of abbreviations: AF: Application Function AMF: Access Management Function AN: Access Network BS: Base Station CM: Configuration Management CN: Core Network DL: Downlink eNB: eNodeB FM: Fault Management gNB: gNodeB lloT: Industrial Internet of Things IMSI: International Mobile Subscriber Identity KPI: Key Performance Indicator LI: Lawful Interception LTE: Long Term Evolution MAC: Medium Access Control s MDAS: Management Data Analytics Services MS: Mobile Station NE: Network Element NEF: Network Exposure Function NG-RAN: Next Generation Radio Access Network NF: Network Function NMS: Network Management System NR: New Radio NRF: Network Repository Function NW: Network is OAM: Operations Administration and Maintenance 0-CU: Open Centralised Unit 0-DU: Open Distributed Unit 0-RU: Open Radio Unit PLMN: Public Land Mobile Network PM: Performance Metrics RAN: Radio Access Network RF: Radio Frequency SMF: Session Management Function SMO: Service Management Orchestrator UE: User Equipment UDR: Unified Data Repository UDM: Unified Data Management UL: Uplink UPF: User Plane Function 3GPP: 3'd Generation Partnership Project 5G: 5th Generation 5GC: 5G Core network 5G-AN: 5G Radio Access Network 5GS: 5G System

Description of Figures

Embodiments will now be described, by way of example only, with reference to the accompanying Figures in which: Figure 1 shows a schematic representation of a 5G system; Figure 2 shows a schematic representation of a control apparatus; Figure 3 shows a schematic representation of a terminal; Figure 4 shows a schematic representation of a problem whereby sensitive data is transmitted without scrambling between network elements; Figure 5 shows a schematic representation, at a system level view, of an open radio access network; Figure 6 shows an example signalling diagram between network elements is for the scrambling of sensitive data.

Figure 7 shows an example signalling diagram between network elements for the de-scrambling of sensitive data.

Figure 8 shows an example method flow diagram performed by an element; Figure 9 shows another example method flow diagram performed by a 20 consumer element; Figure 10 shows another example method flow diagram performed by a management element; and Figure 11 shows a schematic representation of a non-volatile memory medium storing instructions which when executed by a processor allow a processor 25 to perform one or more of the steps of the method of Figures 8 to 10.

Detailed description

Before explaining in detail some examples of the present disclosure, certain general principles of a wireless communication system and mobile communication devices are briefly explained with reference to Figures 1 to 3 to assist in understanding the technology underlying the described examples.

In a wireless communication system 100, such as that shown in Figure 1, mobile communication devices/terminals or user apparatuses, and/or user equipments (UE), and/or machine-type communication devices 102 are provided wireless access via at least one base station (not shown) or similar wireless transmitting and/or receiving node or point. A communication device is provided with an appropriate signal receiving and transmitting apparatus for enabling communications, for example enabling access to a communication network or communications directly with other devices. The communication device may access a carrier provided by a station or access point, and transmit and/or receive communications on the carrier.

In the following certain examples are explained with reference to mobile communication devices capable of communication via a wireless cellular system and mobile communication systems serving such mobile communication devices. Before explaining in detail the examples of the disclosure, certain general principles of a wireless communication system, access systems thereof, and mobile communication devices are briefly explained with reference to Figures 1, 2 and 3 to assist in understanding the technology underlying the described examples.

Figure 1 shows a schematic representation of a 5G system (5GS) 100. The 5GS may comprise a device 102 such as user equipment or terminal, a 5G radio access network (5G-RAN) 106, a 5G core network (5GC) 104, one or more network functions (NF), one or more application function (AF) 108 and one or more data networks (DN) 110.

The 5G-RAN 106 may comprise one or more gNodeB (gNB) distributed unit functions connected to one or more gNodeB (gNB) centralized unit functions.

The 5GC 104 may comprise an access management function (AMF) 112, a session management function (SMF) 114, an authentication server function (AUSF) 116, a user data management (UDM) 118, a user plane function (UPF) 120, a network exposure function (NEF) 122 and/or other NFs. Some of the examples as shown below may be applicable to 3GPP 5G standards. However, some examples may also be applicable to 4G, 3G and other 3GPP standards.

In a communication system, such as that shown in Figure 1, mobile communication devices/terminals or user apparatuses, and/or user equipments (UE), and/or machine-type communication devices are provided with wireless access via at least one base station or similar wireless transmitting and/or receiving node or point. The terminal is provided with an appropriate signal receiving and transmitting apparatus for enabling communications, for example enabling access to a communication network or communications directly with other devices. The communication device may access a carrier provided by a base station or access point, and transmit and/or receive communications on the carrier.

Figure 2 illustrates an example of a control apparatus 200 for controlling a function of the 5G-RAN or the 5GC as illustrated on Figure 1. The control apparatus may comprise at least one random access memory (RAM) 211a, at least one read only memory (ROM) 211b, at least one processor 212, 213 and an input/output interface 214. The at least one processor 212, 213 may be coupled to the RAM 211a and the ROM 211b. The at least one processor 212, 213 may be configured to execute an appropriate software code 215. The software code 215 may for example allow to perform one or more steps to perform one or more of the present aspects. The software code 215 may be stored in the ROM 211b. The control apparatus 200 may be interconnected with another control apparatus 200 controlling another function of the 5G-AN or the 5GC. In some examples, each function of the 5G-AN or the 5GC comprises a control apparatus 200. In alternative examples, two or more functions of the 5G-AN or the 5GC may share a control apparatus.

Figure 3 illustrates an example of a terminal 300, such as the terminal illustrated on Figure 1. The terminal 300 may be provided by any device capable of sending and receiving radio signals. Non-limiting examples comprise a user equipment, a mobile station (MS) or mobile device such as a mobile phone or what is known as a 'smart phone', a computer provided with a wireless interface card or other wireless interface facility (e.g., USB dongle), a personal data assistant (PDA) or a tablet provided with wireless communication capabilities, a machine-type communications (MTC) device, a Cellular Internet of things (CloT) device or any combinations of these or the like. The terminal 300 may provide, for example, communication of data for carrying communications. The communications may be one or more of voice, electronic mail (email), text message, multimedia, data, machine data and so on.

The terminal 300 may receive signals over an air or radio interface 307 via appropriate apparatus for receiving and may transmit signals via appropriate apparatus for transmitting radio signals. In Figure 3, a transceiver apparatus is designated schematically by block 306. The transceiver apparatus 306 may be provided for example by means of a radio part and associated antenna arrangement. The antenna arrangement may be arranged internally or externally to the mobile device.

The terminal 300 may be provided with at least one processor 301, at least one memory ROM 302a, at least one RAM 302b and other possible components 303 for use in software and hardware aided execution of tasks it is designed to perform, including control of access to and communications with access systems and other communication devices. The at least one processor 301 is coupled to the RAM 302b and the ROM 302a. The at least one processor 301 may be configured to execute an appropriate software code 308. The software code 308 may for example allow to perform one or more of the present aspects. The software code 308 may be stored in the ROM 302a.

The processor, storage and other relevant control apparatus may be provided on an appropriate circuit board and/or in chipsets. This feature is denoted by reference 304. The device may optionally have a user interface such as keypad 305, touch sensitive screen or pad, combinations thereof or the like. Optionally one or more of a display, a speaker and a microphone may be provided depending on the type of the device.

In network communications, various types of data collected from various wireless network entities may contain private, personal or sensitive data. Examples of such private, personal and sensitive data include public internet protocol (IP) addresses, medium access control (MAC) addresses, international mobile subscriber information (IMS!), subscriber names, e-mail addresses, cell names with information about the area, operator user identities, location information from user equipments (UEs), base station names.

While collecting logs such as, for example, system logs (syslogs), base station snapshot logs, trace data (including trace messages, minimization of drive test measurements, radio link failure and RRC connection establishment failure reports), performance metrics (including performance measurements and key performance indicators (KPIs)), configuration management data (including plan files, system configuration files), and fault management data from various network entities, it is likely that private, personal and/or sensitive data is also included.

In an open-radio access network (0-RAN) or multi-vendor environment, network elements of the network may be procured from different vendors. For example, an open-distributed unit (0-DU) may be provided by a first vendor, an open-radio unit (0-RU) from a second vendor, and a service management orchestrator (SMO) from a third vendor. The logs that are generated from the 0-RU transit through 0-DU and SMO before they are made available to an operator. This would mean that the data in those logs are available to the other vendors. A compromised vulnerable software comprised in the 0-DU or the SMO may be able to exploit any private, personal or sensitive data present in the 0-RU logs.

In existing wireless network deployments, when at least one of: troubleshooting, and operations, administration, and maintenance (OAM) tasks are required, various kinds of logs may be collected from remotely located network elements. These logs are often sent to development teams in different countries. When transmitting data between different countries, there are often country specific privacy requirements which mandate concealing any such data. Some wireless network deployments use concealing and/or masking of private/personal/sensitive data in order to protect said data. However, concealing/masking any pad of the logs may hamper troubleshooting and/or any OAM tasks. In this way, it is often a challenge to ensure that private/personal/sensitive data within logs is protected in a manner that troubleshooting and/or the OAM tasks are not impacted even though such data fields do not have their original values. In a multi-vendor environment, such as 0-RAN, private/personal/sensitive data should not be available in so-called 'free-text', so to avoid any possible misuse. An example of 'free-text is shown in Table 1 below.

Time Cell Name RRC Conns DL Traffic Average Latency Average ACT 09:00:00 UTC 934054 EPUNFDDAKDIG02 0 4.35E+09 3 1.89 09:00:00 UTC 932907 EPUNFDDDURKA3 0 8.89E+09 6 1.99 09:00:00 UTC 900335 EPUNFDDKALEWADI1 0 1.64E+09 4 2.34 Table 1 Example of performance metric data collected from a network As shown in Table 1 above, performance metric data in logs may comprise information about a cell name. In the third row of Table 1, the cell name is "900335 EPUNFDDKALEWADI1". This information indicates that the cell is deployed in the city of Pune (India), Kalewadi/Park Street with frequency division duplex (FDD) and long term evolution (LTE).

As shown in Table 1, the cell name reveals the location of the cell, which is sensitive information from the point of view of the operator. Further, the technology 10 related details like FDD and LTE may be misused by someone with malicious intents.

In multi-vendor environments, whereby data is transmitted between different vendors, it is important to protect private, personal and/or sensitive data to avoid possible misuse of this data. This is also applicable for architectures with a gNB split because their data exchanged between an open-centralised unit (0-CU), an open-distributed unit (0-DU), and an open-radio unit (0-RU) may be exchanged between different vendors.

In the existing standards, there are no mechanisms to allow for the protection of private, personal and sensitive data before it is collected by a management 20 system for wireless networks (i.e. SMO/OAM/network management system (NMS)). The private, personal and sensitive data may comprise at least one of: performance metrics (PMs), configuration management (CM), fault management (FM), logs, traces, control plane signalling messages containing privacy sensitive information, UE location information (e.g. co-ordinates, serving cell ID, moving velocity), UE trajectory predictions. This data may be used for troubleshooting and/or OAM purposes, and/or for any artificial intelligence (AD/machine learning (ML) based network optimizations.

Sources of such data include management data, as well as control plane/signalling messages used across various 4G/5G network elements. An example of messages having sensitive information is detailed in 3GPP TS 38.423, which includes a 'I-Landover Request' having an information elements (lEs) including: target cell global IDs, location reporting information, UE history information, etc. Figure 4 shows a schematic representation of a problem whereby sensitive data is transmitted without scrambling between network elements.

There is provided an 0-RU 401, an 0-DU 403 and a network controller 405. The network controller 405 may be, for example, an SMO 405.

Data from the 0-RU 401, the 0-DU 403 and the network controller 405 is transmitted to an operator 407. The data received at the operator 407 is forwarded to one or more customer support teams 409 for further analysis. The arrows of Figure 4 indicate the transmission of the data between the elements.

In this way, the data (which may comprise private, personal and/or sensitive) data is exposed to various people/various network elements.

One or more of the following examples aim to address one or more of the problems identified above.

In examples, there is provided a mechanism for protecting sensitive data comprised in collected data, whereby the data may be used for troubleshooting, operations and maintenance purposes. The sensitive data may be protected by scrambling the data, in some examples. The data may be collected by a management system. In the following examples, when sensitive data is referred to, this encompasses any private, personal, or sensitive data. This relates also to any data transferred between any network entities of wireless networks.

In the context of some of the following examples, scrambling may be defined as the modification of a string (e.g. text/numerical data) to provide an output string. In some examples, when performing the modification, a one-to-one mapping between the input and output string may also be provided, such that, if de-scrambling is to be performed (for example, for lawful interception), this mapping can be used to determine the input string. For example, a public IP address 1.1.1.1 is scrambled to become x.y.z.a. This is performed consistently across all of the data being scrambled such that whenever this IP address appears, it is scrambled to become x.y.z.a. This ensures that troubleshooting or analytics applied on this IP address are not impacted. However, the sensitive information is concealed.

The impacted data may be, for example, logs in text format, trace data, PM data, KPls, security event logs.

In some examples, a scrambling agent ensures that the sensitive data is scrambled before it leaves (i.e. is transmitted from) a network element. A network element includes UEs, base stations, network management stations (NMS), or any other component of a wireless network.

In some examples, it is ensured that the scrambling method used does not impact on any troubleshooting (manual or automated), or any process which uses this data for any maintenance and operation tasks.

In some examples, each field of data being scrambled has one-to-one mapping preserved. The one-to-one mapping may consistently appear across multiple data collections. For example, a same piece of data appearing a first time and a second time may be scrambled in the same way, to provide a common output.

In some example, the performing of scrambling of data is provided in each network element or network function feeding into any OAM or troubleshooting data collection entity (manual or automated).

In some examples, a scrambling manager is provided that can provide configurations for different scrambling agents across a network. The scrambling manager may also provide an interface to enable and disable scrambling. The disabling of scrambling may be provided for an authenticated user, such as for lawful interception.

These examples will be described in more detail below.

Figure 5 shows a schematic representation, at a system level view, of an 20 open radio access network.

There is provided an 0-RU 501. The 0-RU 501 comprises a first scrambling agent 503. There is also provided an 0-DU 505, which comprises a second scrambling agent 507. The 0-RU 501 and 0-DU 505 may be provided by different vendors. There is also provided a management element 509. The management system may be one of an NMS or an SMO, for example. The management element 509 comprises a third scrambling agent 511 and a scrambling manager 513.

The first 503, second 507 and third scrambling agents 511 are configured to scramble sensitive data before it is transmitted to other elements. The scrambling manager 513 is configured to manage the configurations of the first 503, second 507 and third scrambling agents 511.

The arrows in Figure 5 indicate the transmission of data between elements of the system. The 0-RU 501 is configured to communicate with an operator 515, and the 0-DU 505. Sensitive data that is being transmitted to the operator 515/0-DU 505, from the 0-RU 501, is first scrambled by the first scrambling agent 503 before the transmission. The 0-DU 505 is configured to communicate with the operator 515, and the management element 509. Sensitive data that is being transmitted to the operator 515/ management element 509, from the 0-DU 505, is first scrambled by the second scrambling agent 507 before the transmission. The management element 509 is configured to communicate with the operator 515. Sensitive data that is being transmitted to the operator 515, from the management element 509, is first scrambled by the third scrambling agent 511 before the transmission.

Scrambled data received at the operator 515 is then provided to at least one consumer element 517. The at least one consumer element 517 may comprise a customer support team, or the like. In some examples, the 0-RU 501, 0-DU 505, and management element 509 transmit the scrambled data directly the at least one consumer element 517.

In this way, in Figure 5, each element of the system that generates data for troubleshooting or OAM tasks has a scrambling agent 503, 507, 511, which scrambles the data before it leaves that element. Each scrambling agent 503, 507, 511 may store its own metadata related to the scrambling, in a secure manner. This metadata may be used to maintain a one-to-one (unique) mapping between scrambled and un-scrambled sensitive data. The different scrambling agents 503, 507, 511 may use different methods for scrambling the data. For example, in a multi-vendor environment, each vendor may have its own independent scrambling agent, using their own algorithms and metadata.

Figure 6 shows an example signalling diagram between network elements for the scrambling of sensitive data.

Figure 6 shows communications between three elements of a system, including a consumer element, a management element (ME) hosting a scrambling manager, and an element (or network element (NE)) hosting a scrambling agent. The management element hosting the scrambling manager may be, for example, an NMS, or SMO. The consumer element may be, for example, an operator, or a customer support team. In other examples, the consumer element is an element or device for artificial intelligence (AD/machine learning (ML) model training and/or inference. The Al/ML model may use data such as UE location information and UE trajectory prediction, and other management data, for the training and/or inference.

The consumer element is assumed to be authorised to perform the following steps of this example of Figure 6. The consumer element may be configured to perform analysis on collected data. For example, for troubleshooting or OAM purposes.

The management element may be considered to be of a network. The element may be considered to be of the network also.

At S601, the consumer element provides a message to the management element. The message requesting that the scrambling manager enables the scrambling of sensitive data at the element hosting the scrambling agent. In some examples, there are a plurality of elements each hosting scrambling agents. The request of the message may indicate that the management element enable scrambling at a scrambling agent hosted by the management element. This can be seen in Figure 5, whereby the management element 509 hosts both a scrambling agent and a scrambling manager.

At S602, the management element enables the scrambling of sensitive data at the element hosting the scrambling agent.

At S603, the element hosting the scrambling agent acknowledge a successful enabling of scrambling.

Steps 5602 and 5603 may be looped for each element hosting scrambling agents that are present in the system. In this case, the management element communicates with each element to enable the scrambling.

At S604, the management element provides a response message to the consumer element, indicating that scrambling has been successfully enabled. The management element may indicate which element(s) hosting scrambling agents have been successfully enabled. The response message may comprise a list of elements where scrambling is enabled.

At S605, the consumer element provides a scrambling configuration to the management element. The scrambling configuration may comprise a data type list.

The data type list indicating which types of data are to be scrambled. This data type list may include a list of sensitive data types, for example, public IP addresses, email addresses, location coordinates, cell names, usernames.

At 5606, the management element provides the scrambling configuration to the element hosting the scrambling agent. The scrambling configuration may indicate that the element is to provide a one-to-one association between input data and scrambled output data. In this way, instances of the same un-scrambled data is to be scrambled to become the same scrambled data (according to the one-to-one association). The one-to-one association may be stored at the element, according to the configuration.

The one-to-one association may also be referred to as a one-to-one mapping. At 5607, the element acknowledges successful receipt of the scrambling io configuration.

Steps S606 and S607 may be looped for each element hosting scrambling agents that are present in the system. In this case, the management element communicates with each element to provide the scrambling configuration.

At S608, the management element provides a response message to the is consumer element, indicating that the scrambling configurations have been successfully received at the elements hosting the scrambling agent. The response may include a list of elements impacted, and the data types that will be scrambled by each element.

At S609, the consumer element provides a request for data from the element hosting the scrambling agent. In some examples, the consumer element may also provide the request to the management element (which hosts a scrambling agent). In some examples, the consumer element may provide the request to the plurality of elements.

For example, the requested data may be all of the data collected/measured 25 by the element. In other examples, the requested data may be subset of the data collected/measured by the element. The requested data may be at least a subset of all collected/measured data by element(s) during a timeframe.

In some examples, during runtime, whenever the consumer element is to collect data, e.g. for analysis and/or processing, the data collection request can be sent to the element(s) and/or management element. The analysis to be performed by the consumer element may be for troubleshooting, in some examples. The analysis to be performed by the consumer element may be for OAM purposes, in some examples.

At S610, in response to receiving the request for data, the element retrieves the requested data. The element may retrieve the data from a local storage, or a storage accessible to the element. The element scrambles the requested data using the stored scrambling configuration. In some examples, the scrambling of the data according to the configuration may comprise scrambling certain fields/points within the data (and leaving others unscrambled).

In some examples, the element generates/provides a one-to-one association between the input data and the scrambled output data, when scrambling the data. This will be described in more detail below.

Following the scrambling of the data, the element provides/transmits the requested scrambled data to the consumer element. The provision/transmission of the requested scrambled data to the consumer element may be across/via a network.

The scrambling of data in this manner may be performed for any data transferred between any network entities of wireless/wired networks.

As an example only, the consumer element may request 'cell name' data. The scrambling configuration stored at the element indicates that 'cell name' is a data type that should be scrambled. The element will then proceed to scramble the 'cell name' data for data collected and stored. Once the data has been successfully scrambled, the element provides the scrambled data to the consumer element. The element may provide all collected data to the consumer element, wherein only the 'cell name' data is scrambled. Alternatively, the element may provide only the scrambled 'cell name' data. It should be understood that this is an example only, to aid in the understanding of the present disclosure.

In some scenarios, law enforcement agencies may need to obtain logs from wireless networks with non-scrambled data including, for example, !MS's, usernames, cell names, public IP addresses, to be used for an investigation. In such scenarios, de-scrambled logs are to be made available to the authorities. Operators may provide an interface with authentication and authorization, for such lawful interception (LI), to obtain de-scrambled data.

Figure 7 shows communications between three elements of a system, including a consumer element, a management element (ME) hosting a scrambling manager, and an element (or network element (NE)) hosting a scrambling agent. The consumer element is a law enforcement (LE) consumer, in this example. The management element hosting the scrambling manager may be, for example, an NMS, or SMO. The LE consumer is assumed to be authorised to perform the following steps of this example of Figure 7. The LE consumer may be configured to perform analysis on collected data for a (police) investigation, for example.

At S701, the LE consumer provides a message to the management element to request that the scrambling of data be disabled at the element hosting the scrambling agent. In some examples, the request to disable may be for a specific type of data (only).

The message from the LE consumer may comprise a list with at least one of: element(s), and management element, that the disabling request is addressed to.

It is assumed that the authentication and authorization for such LE consumer is already performed before executing S701.

At S702, the management element disables the scrambling of data at the element, as per the request.

In some examples, when the disabling is to occur at a plurality of elements, for the impacted elements (i.e. elements and/or management elements), the management element disables the scrambling.

In some examples, when the LE consumer requests to disable a specific type of data (in 5701), then the management element disables the scrambling that the requested data type. Said another way, scrambling will be disabled for the request data type, but the scrambling will continue for the other data types Cif they were already configured as such). This ensures that the rest of the sensitive data is still scrambled at the element(s).

At S703, the element provides an acknowledgement message to the management element. The element may acknowledge a change in the scrambling configuration, for disabling at least some sensitive data scrambling. The management element may receive acknowledgment messages from each element that has been impacted by the disabling.

At S704, the management element provides a message to the LE consumer indicating that the disabling has been successful at the element. The message may comprise information about this disabling with details of affected elements and the type(s) data that will not be scrambled when requested.

At S705, the LE consumer requests data from the element hosting the scrambling agent. The request is for unscrambled data.

The LE consumer may request for troubleshooting or OAM data, from any element (element(s) and/or management element). The data may be used by the LE consumer for an investigation, for example.

At S706, when it is determined that the requested data is not scrambled at the element, the element provides the un-scrambled requested data to the LE consumer. The requested data may not have been scrambled due to the disabling of the scrambling in step S702. In some examples, a plurality of elements hosting scrambling agents provide the requested un-scrambled data to the LE consumer.

The subsequent steps in Figure 7, as shown in a dashed line box show an alternative (or additional) scenario whereby scrambled data is to be de-scrambled.

At S707, the LE consumer has data with at least one scrambled data field/ data point. In some examples, all fields/points of the data are scrambled. As the data is scrambled the LE consumer is not able to view, or understand the data.

The data may be being used for an investigation, for example.

The LE consumer provides a request for the de-scrambling of data, to the management element. The request may comprise the data to descramble. The data to descramble may be provided in a data file.

At S708, the management element determines which element is associated with the request for the de-scrambling of the data. As the scrambling method/type used at each element may be unique or different, the data for de-scrambling should be provided to the correct element (i.e. the element hosting the scrambling agent that originally scrambled the data).

In this example of Figure 7, it is assumed that the requested data for unscrambling (from the LE consumer) was previously scrambled by the element hosting the scrambling agent.

At S709, the management element provides the requested data to be de-scrambled to the element. In some examples, the data for de-scrambling is provided in a data file.

At S710, the element descrambles the requested data. When the LE S consumer has requested at least one data field or data point of the data to be descrambled, the element descrambles the requested at least one data field or data point. The remaining portion of the data may be left scrambled. The method for descrambling the data at the element is described in more detail below.

The element provides the unscrambled requested data to the management io element.

At S711, the management element forwards the unscrambled requested data to the LE consumer.

Table 2 below shows an example of how an unscrambled 'Cell Name' column can be scrambled to a random alpha-numeric string. The figures and is names given in Table 2 are examples only to aid in the understanding of the

disclosure.

S.No. Unscrambled Cell Name Scrambled Cell Name 1 935792_EPUNFDDVSHLNGR3 YKSJ28392 2 934363_EPUNFDDAKDIG03 ZRX076322 3 934363_EPUNFDDAKDIG01 HFMF51803 4 900335 EPUNFDDKALEWADI3 GKGY55218 932907 EPUNFDDDURKA1 MTHB26071 6 932907 EPUNFDDDURKA2 0J0X10584 7 904924_EPUNFDDBALEWAD12 YTTC53782 8 916536_EPUNFDDPARKSTRT1 T0QN45263 9 943817_EPUNFDDBALRLC1 NJRN69757 ZQEPUNFDDNKTEBSTI3 MZHV95187 11 904924_EPUNFDDBALEWADI3 TSPN80602 12 916536_EPUNFDDPARKSTRT3 FBQE32204 13 934363 EPUNFDDAKDIG03 ZRX076322 14 935792 EPUNFDDVSHLNGR1 FKKD70389 934363 EPUNFDDAKDIG01 HFMF51803 16 935792_EPUNFDDVSHLNGR2 FWJL59431 17 ZQLTEFDDPUNROM43050M3 KHAI88180 18 934363_EPUNFDDAKDIG02 0HXU60780 19 900335_EPUNFDDKALEWADI1 LLFG19888 ZQLTEFDDPUNROM43050M1 TWBP73424 21 EPUNFDDPIMPLSGR2 GLKY41968 22 934363_EPUNFDDAKDIG03 ZRXG76322 23 904924_EPU NFDDBALEWAD 11 MWCP64020 24 932907 EPUNFDDDURKA3 0GRL82411 900335_EPUNFDDKALEWADI2 JNMP68021 26 ZQEPUNFDDNKTEBSTI1 AAWX31210 27 ZQEPUNFDDSUNNOWRLC1 0PPT51455 28 a2LTEFDDPUNROM43050M2 MFRC48838 29 900335 EPUNFDDKALEWADI1 LLFG19888 916536 EPUNFDDPARKSTRT2 GGID78897 31 934363 EPUNFDDAKDIG02 0HXU60780 32 934363_EPUNFDDAKDIG01 HFMF51803 33 935792_EPUNFDDVSHLNGR3 YKSJ28392 34 934363_EPUNFDDAKDIG03 ZRX076322 934363_EPUNFDDAKDIG01 HFMF51803 36 900335 EPUNFDDKALEWADI3 GKGY55218 Table 2: Examples of scrambled and unscrambled 'Cell Name' data In Table 2 above, the serial numbers (S.No.) 1 and 33 have the same 'Cell name' in free-text, i.e. in unscrambled form. Therefore, as per examples, the unscrambled and the scrambled 'Cell name' is the same for both S.No. 1 and S.No. 33. Similarly, serial numbers 2, 13, 22 and 34 all have the same unscrambled and scrambled 'Cell name' data.

In examples, when a scrambling is being performed by a scrambling agent, a mapping (association) between unscrambled data and scrambled data is provided. The configuration for the provision of the mapping may be indicated in provided configuration for scrambling. In some examples, when performing the scrambling of data, a mapping between the input data (un-scrambled) and the output data (scrambled) is provided, according to the configuration.

In some other examples, when a scrambling is being performed by a scrambling agent, a mapping (association) between unscrambled data and scrambled data is derived by the scrambling agent using techniques such as for example, clustering with persistent memory, or other unsupervised learning techniques. While using such techniques, persistent memory supports the requirement of ensuring a one-to-one mapping (association).

For example, at step S610 of Figure 6. The mapping may be stored by the scrambling agent. The mapping may be maintained as metadata by the scrambling agent. The stored mapping ensuring that there is consistent mapping between un-scrambled and scrambled data points. The mapping is one-to-one between the unscrambled and the scrambled data.

This mapping ensures that it does not impact troubleshooting or any OAM purposes, or for consumption of any Al/ML based applications. This is because, if the scrambled data is being analysed by a consumer element, the scrambled data provided for, for example, S.No. 1 and S.No. 33 should be the same at the consumer element, i.e. "YKSJ28392". In this way, during troubleshooting and/or OAM, when "YKSJ28392" is received, the troubleshooting and/OAM knows the same 'Cell name' is involved (even though the actual 'Cell name' is not known). If different scrambled data is provided for the same 'Cell name', then the troubleshooting and/or OAM may not be accurate or correct.

For example, if the scrambling shown in Table 2 is performed by the same scrambling agent (e.g. the first scrambling agent 503 of 0-RU 501), when the scrambling agent scrambles "935792_EPUNFDDVSHLNGR3" of serial number 1, the scrambling agent will output "YKSJ28392". The scrambling agent will also generate a mapping between "935792_EPUNFDDVSHLNGR3" and "YKSJ28392".

The mapping may be stored as metadata. Then, whenever the scrambling agent subsequently is to scramble serial number 33, "935792_EPUNFDDVSHLNGR3", the data is scrambled in the same way to provide the same output. The scrambling agent may use the stored mapping when scrambling the serial number 33 'Cell name' data.

The stored mapping between the unscrambled and scrambled data is used by the scrambling agent when the scrambling agent is to de-scramble scrambled data. This may occur if an LE consumer requests data to be de-scrambled (e.g. in step S709 of Figure 7).

As an example, the generation of scrambled data may be performed using a persistent python 'drain3' package. Python drain3' performs clustering of an input vector, and, if persistence is enabled, maintains the mapping between the input data point and a cluster ID in a bin file. When a different dataset is provided into draina with the same bin file, 'drain3' ensures that any data-point having been previously assigned cluster ID is assigned the same cluster ID.

In other examples, any method for scrambling may be used whereby a (consistent) mapping is maintained by the scrambling agent.

Similar scrambling methods may be extended to any datatypes including IF addresses, MAC addresses, location coordinates, for example. When, for example, an IF address (unscrambled) is replaced with another IF address in the scrambled data, this will not hamper troubleshooting or any OAM tasks. In this case, each time the same IF address appears in a dataset, the same scrambled IP address should be generated. Such mapping maya be maintained as metadata. The mapping may be securely stored by a scrambling agent.

One or more of the examples above allow for private, personal and sensitive data to be scrambled without hampering any troubleshooting and OAM tasks. In this way, data privacy is not compromised in a multi-vendor environment, is while still allowing troubleshooting, OAM, and automation functions to work seamlessly. Even if there are compromised network functions present within a network, private, personal and sensitive information will not be leaked.

Figure 8 shows an example method flow performed by an apparatus. The apparatus may be for an element. The apparatus may be comprised within the element. The apparatus may be the element. In examples, the element is one of: a user equipment, a base station, a network function, a communication device.

In S801, the method comprises receiving, from a management element, a configuration for the scrambling of sensitive data.

In S803, the method comprises receiving, from a consumer element, a request for data.

In S805, the method comprises retrieving the requested data.

In S807, the method comprises scrambling the retrieved data using the received configuration to provide scrambled data.

In S809, the method comprises providing, to the consumer element, the scrambled data.

Figure 9 shows an example method flow performed by an apparatus. The apparatus may be for a consumer element. The apparatus may be comprised within the consumer element. The apparatus may be the consumer element. In examples, the consumer element is one of: an operator entity, a customer support entity, a law enforcement entity, a base station, a network function, a communication device.

In S901, the method comprises providing, to a management element, a configuration for the scrambling of sensitive data In S903, the method comprises providing, to an element, a request for data. In S905, the method comprises receiving, from the element, the requested data, wherein requested data has been scrambled according to the configuration. Figure 10 shows an example method flow performed by an apparatus. The apparatus may be for a management element. The apparatus may be comprised 10 within the management element. The apparatus may be the management element. In examples, the management element is one of: a base station, a network function, a communication device.

In S1001, the method comprises receiving, from a consumer element, a configuration for the scrambling of sensitive data.

In S1003, the method comprises providing, to an element, the configuration for the scrambling of sensitive data.

In S1005, the method comprises forwarding, from the consumer element to the element, a request for data.

In S1007, the method comprises forwarding, from the element to the 20 consumer element, the requested data, wherein requested data has been scrambled according to the configuration.

Figure 11 shows a schematic representation of non-volatile memory media 1100a (e.g. computer disc (CD) or digital versatile disc (DVD)) and 1100b (e.g. universal serial bus (USB) memory stick) storing instructions and/or parameters 1102 which when executed by a processor allow the processor to perform one or more of the steps of the methods of Figure 8, Figure 9 or Figure 10.

It is noted that while the above describes example embodiments, there are several variations and modifications which may be made to the disclosed solution without departing from the scope of the present invention.

The examples may thus vary within the scope of the attached claims. In general, some embodiments may be implemented in hardware or special purpose circuits, software, logic or any combination thereof. For example, some aspects may be implemented in hardware, while other aspects may be implemented in firmware or software which may be executed by a controller, microprocessor or other computing device, although embodiments are not limited thereto. While various embodiments may be illustrated and described as block diagrams, flow charts, or using some other pictorial representation, it is well understood that these blocks, apparatus, systems, techniques or methods described herein may be implemented in, as non-limiting examples, hardware, software, firmware, special purpose circuits or logic, general purpose hardware or controller or other computing devices, or some combination thereof.

The examples may be implemented by computer software stored in a memory and executable by at least one data processor of the involved entities or by hardware, or by a combination of software and hardware. Further in this regard it should be noted that any procedures may represent program steps, or interconnected logic circuits, blocks and functions, or a combination of program steps and logic circuits, blocks and functions. The software may be stored on such is physical media as memory chips, or memory blocks implemented within the processor, magnetic media such as hard disk or floppy disks, and optical media such as for example DVD and the data variants thereof, CD.

The term "non-transitory", as used herein, is a limitation of the medium itself (i.e. tangible, not a signal) as opposed to a limitation on data storage persistency 20 (e.g. RAM vs ROM).

As used herein, "at least one of the following:<a list of two or more elements>" and "at least one of: <a list of two or more elements>" and similar wording, where the list of two or more elements are joined by "and", or "or", mean at least any one of the elements, or at least any two or more of the elements, or at least all of the elements.

The memory may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor-based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory. The data processors may be of any type suitable to the local technical environment, and may include one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs), application specific integrated circuits (ASIC), gate level circuits and processors based on multi core processor architecture, as non-limiting examples.

Alternatively, or additionally some examples may be implemented using circuitry. The circuitry may be configured to perform one or more of the functions and/or method steps previously described. That circuitry may be provided in the base station and/or in the communications device.

As used in this application, the term "circuitry" may refer to one or more or all of the following: (a) hardware-only circuit implementations (such as implementations in only analogue and/or digital circuitry); (b) combinations of hardware circuits and software, such as: (i) a combination of analogue and/or digital hardware circuit(s) with software/firmware and (ii) any portions of hardware processor(s) with software (including digital signal processor(s)), software, and memory(ies) that work together to cause an apparatus, such as the communications device or base station to perform the various functions previously described; and (c) hardware circuit(s) and or processor(s), such as a microprocessor(s) or a portion of a microprocessor(s), that requires software (e.g., firmware) for operation, 20 but the software may not be present when it is not needed for operation.

This definition of circuitry applies to all uses of this term in this application, including in any claims. As a further example, as used in this application, the term circuitry also covers an implementation of merely a hardware circuit or processor (or multiple processors) or portion of a hardware circuit or processor and its (or their) accompanying software and/or firmware. The term circuitry also covers, for example integrated device.

The foregoing description has provided by way of exemplary and non-limiting examples a full and informative description of some embodiments. However, various modifications and adaptations may become apparent to those skilled in the relevant arts in view of the foregoing description, when read in conjunction with the accompanying drawings and the appended claims. However, all such and similar modifications of the teachings will still fall within the scope as defined in the appended claims.

Claims

Claims: 1. An apparatus comprising: means for receiving, from a management element, a configuration for the scrambling of sensitive data; means for receiving, from a consumer element, a request for data; means for retrieving the requested data; means for scrambling the retrieved data using the received configuration to provide scrambled data; and means for providing, to the consumer element, the scrambled data.
2. The apparatus according to claim 1, wherein the means for scrambling comprises: means for providing a one-to-one association between i) the retrieved data 15 which is un-scrambled, and H) the scrambled data, such that instances of the same un-scram bled data are scrambled to the same scrambled data; and means for storing the one-to-one association.
3. The apparatus according to claim 1 or claim 2, wherein the configuration for the scrambling of sensitive data comprises at least one type of data to scramble.
4. The apparatus according to claim 3, wherein the at least one type of data comprises at least one of: an internet protocol address, an electronic-mail address, location coordinates, a cell name, a username.
5. The apparatus according to any of claims 1 to 4, wherein the means for scrambling the retrieved data comprises: means for generating, for each data point of the data being scrambled, i) the scrambled data point, and ii) a mapping between the un-scrambled data point and the scrambled data point; and means for storing, for each data point of the data, the generated mapping.
6. The apparatus according to claim 5, wherein the generated mapping is stored as metadata.
7. The apparatus according to any of claims 1 to 6, wherein the apparatus comprises: means for receiving, from the management element, an indication to enable the scrambling of data
8. The apparatus according to any of claims 1 to 7, wherein the apparatus 10 comprises: means for, when the scrambling of data is currently enabled, receiving, from the management element, an indication to disable the scrambling of data.
9. The apparatus according to any of claims 1 to 8, wherein the apparatus 15 comprises: means for receiving, from the consumer element, a request for data; means for determining whether the scrambling of data in enabled or disabled; and means for, when it is determined that scrambling is disabled, retrieving the requested data in an un-scrambled form and providing, to the consumer element, the un-scrambled requested data.
10. The apparatus according to claim 5 or claim 6, wherein the apparatus comprises: means for receiving, from the management element, a message comprising i) scrambled data, and ii) a request to un-scramble the data; means for using the stored mapping to un-scramble the received data; and means for providing, to a law enforcement element, the un-scrambled data.
11. The apparatus according to any of claims 1 to 10, wherein the data comprises at least one of: data for troubleshooting, and data for operations administration and maintenance.
12. The apparatus according to any of claims 1 to 11, wherein one of: the apparatus is for an element, the apparatus is comprised within the element, and the apparatus is the element.
13. The apparatus according to claim 12, wherein the element is one of a user equipment, a base station, a network function, a communication device.
14. An apparatus comprising: means for providing, to a management element, a configuration for the scrambling of sensitive data; means for providing, to an element, a request for data; and means for receiving, from the element, the requested data, wherein requested data has been scrambled according to the configuration.is
15. The apparatus according to claim 14, wherein the apparatus comprises: means for providing, to the element, an indication to disable the scrambling of data; means for providing, to the element, a request for data; and means for receiving, from the element, the requested data, wherein the data is un-scrambled.
16. The apparatus according to claim 14 or claim 15, wherein the apparatus comprises: means for providing, to the management element, a message comprising i) scrambled data, and ii) a request to un-scramble the data; and means for receiving, from the element, the requested data that has been un-scram bled by the element.
17. The apparatus according to any of claims 14 to 16, wherein one of: the apparatus is for a consumer element, the apparatus is comprised within the consumer element, and the apparatus is the consumer element.
18. An apparatus comprising: means for receiving, from a consumer element, a configuration for the scrambling of sensitive data; means for providing, to an element, the configuration for the scrambling of sensitive data; means for forwarding, from the consumer element to the element, a request for data; and means for forwarding, from the element to the consumer element, the requested data, wherein requested data has been scrambled according to the configuration.
19. The apparatus according to claim 18, wherein one of: the apparatus is for a management element, the apparatus is comprised within the management element, and the apparatus is the management element.is
20. A method comprising: receiving, from a management element, a configuration for the scrambling of sensitive data; receiving, from a consumer element, a request for data; retrieving the requested data; scrambling the retrieved data using the received configuration to provide scrambled data; and providing, to the consumer element, the scrambled data.
21. A method comprising: providing, to a management element, a configuration for the scrambling of sensitive data; providing, to an element, a request for data; and receiving, from the element, the requested data, wherein requested data has been scrambled according to the configuration.
22. A method comprising: receiving, from a consumer element, a configuration for the scrambling of sensitive data; data, providing, to an element, the configuration for the scrambling of sensitive and forwarding, from the consumer element to the element, a request for data; forwarding, from the element to the consumer element, the requested data, wherein requested data has been scrambled according to the configuration.
23. A computer program comprising instructions, which when executed by an apparatus, cause the apparatus to perform at least the following: receiving, from a management element, a configuration for the scrambling of sensitive data; receiving, from a consumer element, a request for data; retrieving the requested data; scrambling the retrieved data using the received configuration to provide is scrambled data; and providing, to the consumer element, the scrambled data.
24. A computer program comprising instructions, which when executed by an apparatus, cause the apparatus to perform at least the following: providing, to a management element, a configuration for the scrambling of sensitive data; providing, to an element, a request for data; and receiving, from the element, the requested data, wherein requested data has been scrambled according to the configuration.
25. A computer program comprising instructions, which when executed by an apparatus, cause the apparatus to perform at least the following: receiving, from a consumer element, a configuration for the scrambling of sensitive data; providing, to an element, the configuration for the scrambling of sensitive data; forwarding, from the consumer element to the element, a request for data; and forwarding, from the element to the consumer element, the requested data, wherein requested data has been scrambled according to the configuration.