-
公开(公告)号:US11985238B2
公开(公告)日:2024-05-14
申请号:US17085878
申请日:2020-10-30
发明人: Yanjiang Yang , Zhuo Wei , Hsiao-Ying Lin , He Wei , Junqiang Shen
摘要: Embodiments disclose a vehicle-mounted device upgrade method and a related device. The method may be applied to an intelligent vehicle, the intelligent vehicle includes a vehicle-mounted control device, and the method may include: receiving, by the vehicle-mounted control device, a first partial key sent by the communications device; restoring, by the vehicle-mounted control device, a first key by using the first partial key and a second partial key that is stored on the vehicle-mounted control device; and performing, by the vehicle-mounted control device, secure processing on a first upgrade file by using the first key, to obtain the securely processed first upgrade file, where the secure processing includes generating first message authentication code (MAC), and the securely processed first upgrade file includes the first upgrade file and the first MAC. According to this application, the vehicle-mounted device can be securely and efficiently upgraded.
-
公开(公告)号:US11895157B2
公开(公告)日:2024-02-06
申请号:US17939637
申请日:2022-09-07
发明人: Zhongding Lei , Lichun Li , Haiguang Wang , Xin Kang
摘要: Embodiments of this application provide a network security management method and an apparatus. The method includes: receiving, by a first network device, a session request sent by a terminal device, where the session request is used to request establishment of a first session with a first data network, the session request includes first authentication information for the first session, and the first authentication information includes identifier information of the first data network; obtaining, by the first network device, second authentication information for a second session of the terminal device, where the second authentication information includes identifier information of a second data network to which the second session is connected; and if the identifier information of the first data network is the same as the identifier information of the second data network, authorizing the terminal device to establish the first session with the first data network.
-
公开(公告)号:US11429511B2
公开(公告)日:2022-08-30
申请号:US16552534
申请日:2019-08-27
发明人: Ting Dai , Yongzheng Wu
IPC分类号: G06F11/36
摘要: This document describes a device and method for a device to reinforce the control flow integrity of a software application as the application is being executed on the device.
-
4.发明授权公开(公告)号:US11252134B2
公开(公告)日:2022-02-15
申请号:US16748568
申请日:2020-01-21
发明人: Yanjiang Yang , Zhuo Wei , Hsiao-Ying Lin , Qingdi Sha
摘要: This document describes a system and method for managing communications between modules in a Controller Area Network (CAN) in a secure manner. In particular, the system employs a hierarchical key generation method that allows a module in the CAN to use a single ascendant key together with relevant identifiers to generate descendant keys for CAN identities in the Controller Area Network. These keys are then used by the broadcasting and receiving CAN modules to authenticate published messages.
-
公开(公告)号:US10931445B2
公开(公告)日:2021-02-23
申请号:US15977220
申请日:2018-05-11
发明人: Haiguang Wang , Jie Shi , Xin Kang
摘要: Embodiments of the invention provide methods and apparatuses for session key generation, which use Diffie-Hellman procedure in both user equipment and network to prevent an attacker from breaking the session key by simply listening to signal exchanges passively when the attacker possesses credentials of a USIM card.
-
公开(公告)号:US20200099522A1
公开(公告)日:2020-03-26
申请号:US16686861
申请日:2019-11-18
发明人: Yanjiang YANG , Zhuo WEI , Cheng Kang CHU , Jie SHI
摘要: This invention relates to a symmetric key-based generation and distribution system and method for a vehicle access authentication framework comprising: a first device operated by a car owner, a second device operated by a delegated user, and a third device residing in a vehicle. The first device is configured to: request for an authentication key from the third device, the request for the authentication key comprising an ID of the first device, idO; receive an authentication key KidO from the third device;; and generate a delegated authentication key KidU based on authentication key KidO and an ID of the second device in response to receiving a request for delegated authentication key from the second device, the request for delegated authentication key comprising the ID of the second device.
-
公开(公告)号:US20200084028A1
公开(公告)日:2020-03-12
申请号:US16688729
申请日:2019-11-19
发明人: Haiguang WANG , Xin KANG , Zhongding LEI , Fei LIU
摘要: A key management method/apparatus (user equipment) are described. The key management includes encrypting user identity information based on a first public key. The user equipment sends a first user identity message to a first network device. The first user identity message includes the user identity information, an indication identifier that indicates whether the user identity information is encrypted, and a reference identifier for indexing the first public key. The first network device sends, to a second network device, a third user identity message including the user identity information and the reference identifier that indexes the first public key. Thus, when receiving the third user identity message, the second network device can determine the encrypted user identity information, according to a pre-stored mapping table including the first private key.
-
公开(公告)号:US10581860B2
公开(公告)日:2020-03-03
申请号:US16372668
申请日:2019-04-02
发明人: Lichun Li , Haiguang Wang , Xin Kang
摘要: A system for managing and distributing a blacklist of User Equipment IDs (UE IDs) in a network. The system comprises a number of groups of networks, each of the groups of networks comprise a blacklist server and a number of authentication servers. The system further comprises a Package Key Generator (PKG). The blacklist server is configured to: store a blacklist containing UE IDs that are not allowed to gain access to the network; transmit the blacklist to the plurality of authentication servers in the same group; receive a message; determine a content in the message is an order to add a new revoked UE ID to the blacklist; update the blacklist to include the new revoked UE ID; and send an update blacklist message to the plurality of authentication servers in the same group.
-
公开(公告)号:US20200068397A1
公开(公告)日:2020-02-27
申请号:US16673467
申请日:2019-11-04
发明人: Xin Kang , Haiguang Wang , Zhongding Lei , Fei Liu
摘要: This application provides a network authentication method, a network device, a terminal device, and a storage medium. In one aspect, in this application, a network device generates a symmetric key by itself, and generates a correct sequence number of a terminal device in real time by using a first sequence number. In other words, in this application, the network device does not need to store the symmetric key and the correct sequence number of the terminal device, but generates the symmetric key and the correct sequence number of the terminal device in real time. Therefore, storage load of an HSS in the prior art can be reduced.
-
公开(公告)号:US10554584B2
公开(公告)日:2020-02-04
申请号:US16032804
申请日:2018-07-11
发明人: Zhiguo Ge , Naxin Zhang
IPC分类号: H04L12/933 , H04L12/433 , H04L12/54 , H04L12/861 , H04L12/70
摘要: This invention is related to an Express Traversal (EXTRA) Network on Chip (NoC) comprising a number of EXTRA routers. The EXTRA NoC comprises a Buffer Write and Route Computation (BW/RC) pipeline, a Switch Allocation-Local (SA-L) pipeline, a Setup Request (SR) pipeline, a Switch Allocation-Global (SA-G) pipeline, and a Switch Traversal and Link Traversal (ST/LT) pipeline. The BW/RC pipeline is configured to write an incoming flit to an input buffer(s) of a start EXTRA router and compute the route for the incoming head flit by selecting an output port to depart from the start EXTRA router. The SA-L pipeline is configured to arbitrate the start EXTRA router to choose an input port and an output port for a winning flit. The SR pipeline is configured to handle the transmission of a number of SR signals from the start EXTRA router to downstream EXTRA routers.
-
-
-
-
-
-
-
-
-
搜索结果
91 条记录 (耗时 0.03 秒)
