公开(公告)号：EP1408707B1

公开(公告)日：2010-04-14

申请号：EP02703450.3

申请日：2002-02-10

申请人： Huawei Technologies Co., Ltd.

发明人： CHEN, Yuehua ,  ZHENG, Zhibin ,  LIU, Shuling

IPC分类号： H04B7/005 ,  H04W36/18

CPC分类号： H04B7/022 ,  H04W52/143 ,  H04W52/40 ,  H04W88/08

摘要： A recognition method of identifying primary cell in site selective diversity transmit (SSDT), comprise the steps of: (1) system allocates ID to each cell; (2) UE periodically send the primary cell ID to connected cell by upline FBI field; (3) base station receives the primary cell ID from mobile station, if the signal received by base station meets any of following conditions, then said base station regards itself as primary cell; Identification condition is: A. received primary cell ID code matchs with the ID code of itself; B. received upline signal quality is under the quality threshold Qth, meanwhile, received primary cell ID code matchs with local cell itself ID code in a certain extent; C. the use of upline reducing mode makes the losing of ID code overrun the limitation. A few non primary cells which want to transmit signal to UE were avoided, thereby system interference was reduced, and system stability and system capacity were improved.

公开(公告)号：EP2053777B1

公开(公告)日：2016-01-13

申请号：EP07800922.2

申请日：2007-08-10

申请人： Huawei Technologies Co., Ltd.

发明人： LIU, Hongwei ,  LIU, Shuling ,  WEI, Jiwei ,  LIU, Bing

IPC分类号： H04L9/32 ,  G06F21/32 ,  G06Q20/34 ,  G06Q20/38 ,  G06Q20/40 ,  G07F7/12 ,  G07C9/00 ,  G07F7/10

CPC分类号： G06F21/32 ,  G06Q20/3578 ,  G06Q20/388 ,  G06Q20/405 ,  G06Q20/40975 ,  G07C9/00158 ,  G07F7/1008 ,  G07F7/122 ,  H04L9/3231 ,  H04L9/3263 ,  H04L9/3273 ,  H04L2209/56

公开(公告)号：EP2009839A1

公开(公告)日：2008-12-31

申请号：EP07711053.4

申请日：2007-03-06

申请人： Huawei Technologies Co., Ltd.

发明人： LIU, Shuling ,  WEI, Jiwei ,  LI, Chao

IPC分类号： H04L9/32

CPC分类号： H04L9/3231 ,  H04L9/3263 ,  H04L63/0861

摘要： Methods and systems for implementing authentication on information security are disclosed, and the process includes: receiving from a user an access request which carries an attribute certificate, wherein the attribute certificate includes an extension identifier for indicating a biometric certificate associated with the attribute certificate; acquiring the biometric certificate, determining, according to the extension identifier, whether the acquired biometric certificate is associated with the attribute certificate carried in the access request; if the biometric certificate is associated with the attribute certificate, acquiring biometric feature data of the user, and performing identity authentication based on the biometric feature data and the biometric certificate; performing privilege authentication based on the attribute certificate; and controlling the access based on the results of the identity authentication and privilege authentication. A corresponding relation is established between the privilege authentication and the identity authentication so that the privilege management can be performed accurately and reliably.

摘要翻译： 公开了实现信息安全认证的方法和系统，该过程包括：从用户接收携带属性证书的访问请求，其中属性证书包括用于指示与属性证书相关联的生物特征证书的扩展标识符; 获取所述生物特征证书，根据所述扩展标识符确定所获取的生物特征证书是否与所述访问请求中携带的属性证书相关联; 如果所述生物特征证书与所述属性证书相关联，则获取所述用户的生物特征数据，并且基于所述生物特征数据和所述生物特征证书执行身份认证; 基于属性证书执行特权认证; 并根据身份认证和特权认证的结果来控制访问。 在特权认证和身份认证之间建立对应的关系，从而可以准确可靠地执行权限管理。

公开(公告)号：EP1936892A1

公开(公告)日：2008-06-25

申请号：EP06791210.5

申请日：2006-10-08

申请人： Huawei Technologies Co., Ltd.

发明人： WEI, Jiwei ,  ZHENG, Zhibin ,  LIU, Shuling

IPC分类号： H04L12/58

CPC分类号： H04L51/12 ,  H04L63/0227 ,  H04L63/104 ,  H04L63/1433

摘要： A system for controlling the security of network and the method thereof, are general applied in the network security field. The server at the network side receives the local security information collected and reported by the terminal device, analyzes the plurality of the security information, determines the security policy based on the analyzed result. Because the linkage between the network side and the terminal side is realized and the security policy is draw based on the information from the terminal device, thereby the threat of security from the terminal device may be confront at the source. The present invention may consider the more information sources when drawing the security policy; therefore the security policy may be more proper and exact. Furthermore the difference security service is provided, which is corresponded to the terminal device of the different user levels. Moreover, the present invention also provides the protection from the Spam based on the linkage between the terminal and server.

公开(公告)号：EP1408707A1

公开(公告)日：2004-04-14

申请号：EP02703450.3

申请日：2002-02-10

申请人： Huawei Technologies Co., Ltd.

发明人： CHEN, Yuehua ,  ZHENG, Zhibin ,  LIU, Shuling

IPC分类号： H04Q7/30

CPC分类号： H04B7/022 ,  H04W52/143 ,  H04W52/40 ,  H04W88/08

摘要： A method for identifying the primary cell under Site Selective Diversity Transmit comprises the steps of: (1) An ID is assigned by the system to each cell; (2) The ID indicating the primary cell is transmitted periodically by UE to the connected cells via the up link FBI fields; (3) The ID indicating the primary cell transmitted by the mobile station is received by the base station, if the signals received by the base station satisfy with one of the following conditions, then the said base station will consider itself as a primary cell; the identification conditions are: A. The ID code word indicating the primary cell received by the base station is matched with the ID code word of itself; B. The quality of the up link signals received does not satisfy with a quality threshold Qth, at the same time, there is a certain matching degree between the received ID code word indicating the primary cell and the ID code word of the cell itself; and C. The bits of dropping of the ID code word caused by using the up link compression mode excess a limitation. The signals transmitted form some of the non-primary cells having extremely bad quality to UE can be prevented, thereby the system interference is reduced, and the system stability and the system capacity are increased.

摘要翻译： 识别站点选择性分集传输（SSDT）中的主要小区的识别方法包括以下步骤：（1）系统向每个小区分配ID; （2）UE通过上行FBI字段周期性地将主小区ID发送到连接的小区; （3）基站从移动台接收主小区ID，如果基站接收到的信号满足以下条件，则基站将自身视为主小区; 识别条件是：A.接收到的主要小区ID码与其本身的ID码匹配; B.接收上线信号质量低于质量阈值Qth，同时接收到的主小区ID码在一定程度上与本地小区本身的ID码匹配; C.使用上行减号模式使ID码丢失超出限制。

公开(公告)号：EP2053777A1

公开(公告)日：2009-04-29

申请号：EP07800922.2

申请日：2007-08-10

申请人： Huawei Technologies Co., Ltd.

发明人： LIU, Hongwei ,  LIU, Shuling ,  WEI, Jiwei ,  LIU, Bing

IPC分类号： H04L9/14

CPC分类号： G06F21/32 ,  G06Q20/3578 ,  G06Q20/388 ,  G06Q20/405 ,  G06Q20/40975 ,  G07C9/00158 ,  G07F7/1008 ,  G07F7/122 ,  H04L9/3231 ,  H04L9/3263 ,  H04L9/3273 ,  H04L2209/56

摘要： The present invention discloses a method, device and system for authentication. The method for authentication includes: acquiring the privilege security level corresponding to a client-end; inquiring the identity security level corresponding to the privilege security level according to an established relation of association between privilege security level and identity security level; determining the authentication parameters for identity authentication according to the identity security level; performing identity authentication on the client-end using the authentication parameters; and obtaining an authentication result. The identity authentication and privilege authentication are combined, and identity authentication is performed according to the identity security level in accord with the privilege security level so that rules of identity authentication can be adjusted, and the flexibility of the process of authentication may be improved.

摘要翻译： 本发明公开了一种认证方法，设备和系统。 认证方法包括：获取客户端对应的特权安全等级; 根据建立的权限安全级别与身份安全级别关联关系，查询所述权限安全级别对应的身份安全级别; 根据身份安全等级确定身份认证的认证参数; 使用认证参数在客户端执行身份认证; 并获得认证结果。 将身份认证和权限认证相结合，根据权限安全级别根据身份安全级别进行身份认证，从而可以调整身份认证规则，提高认证过程的灵活性。

公开(公告)号：EP1860898A1

公开(公告)日：2007-11-28

申请号：EP06804927.9

申请日：2006-10-13

申请人： Huawei Technologies Co., Ltd.

发明人： JI, Changfeng ,  WEI, Jiwei ,  LIU, Shuling ,  ZHENG, Zhibin

IPC分类号： H04Q7/32

CPC分类号： H04L63/102 ,  H04L63/145 ,  H04L67/34 ,  H04W8/22 ,  H04W8/245 ,  H04W12/08 ,  H04W12/12

摘要： A correlative reacting system(CRS) and method for realizing mobile station secure update is provided in the invention, the CRS includes security correlative agent(SCA) and security correlative server(SCS) which is in the network side and communicates with SCA though air interface. In the invention, the CRS interchanges information with mobile station and control mobile station to update automatically. The automatic secure update includes automatic download install, updating SCA and repairing insecure factor of mobile station automatically and so on. In the invention, mobile station can automatically be controlled to finish automatic secure update without user's participance, thus mobile station's security can be improved and it's burden of security process can be decreased, and service communication quality can be increases, synchronously communication burden of operation manager can be decreased.

摘要翻译： 本发明提供了一种实现移动台安全更新的相关反应系统（CRS）和方法，其中包括网络侧的安全相关代理（SCA）和安全相关服务器（SCS），并通过空中接口与SCA进行通信 。 在本发明中，CRS与移动台和控制移动台交换信息自动更新。 自动安全更新包括自动下载安装，更新SCA和自动修复移动台的不安全因素等。 在本发明中，移动台可以自动控制，无需用户参与即可完成自动安全更新，从而可以提高移动台的安全性，降低安全性过程的负担，提高服务通信质量，同步操作管理员的通信负担 可以减少。