公开(公告)号：US20240080669A1

公开(公告)日：2024-03-07

申请号：US18308072

申请日：2023-04-27

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Yan XI ,  Xiaochun XIONG

IPC: H04W12/122 ,  H04L9/40 ,  H04W12/106

CPC classification number: H04W12/122 ,  H04L63/1466 ,  H04W12/106

Abstract: A man-in-the-middle detection method and apparatus. The method includes: A base station receives, in a first physical frame, a RRC message from user equipment UE; the base station receives from the UE a second RRC message including frame information of a second physical frame, and security protection is performed on the first RRC message and the second RRC message by using an access stratum AS security context established by the UE and the base station; and the base station determines whether the first physical frame matches the second physical frame. Thereby, whether a man-in-the-middle exists in air interface communication is determined by determining whether a physical frame in which the UE sends an uplink message matches a physical frame in which the base station receives the uplink message, to prevent the man-in-the-middle from bypassing detection through a mechanism of the man-in-the-middle and improve a man-in-the-middle detection rate.

公开(公告)号：US20250088426A1

公开(公告)日：2025-03-13

申请号：US18963171

申请日：2024-11-27

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Yan XI ,  Xueqiang YAN ,  Mingyu ZHAO

IPC: H04L41/12 ,  H04L9/40

Abstract: An example method includes: A first data agent network element obtains first data, receives first indication information and second indication information, where the first indication information includes an indication of an operation performed by the first data agent network element on the first data, the second indication information indicates information about a first network element interacting with the first data agent network element, and the information about the first network element includes address information of the first network element or an identifier of the first network element, or is used to determine the address information that is of the first network element and that is reported by the first data agent network element. The first data agent network element performs the operation on the first data, to obtain first information and sends the first information based on the information about the first network element.

公开(公告)号：US20250045443A1

公开(公告)日：2025-02-06

申请号：US18921098

申请日：2024-10-21

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Mingyu ZHAO ,  Xueqiang YAN ,  Bo LI ,  Yan XI ,  Yang WANG ,  Weijun XING

IPC: G06F21/62 ,  G06F16/23

Abstract: A data management method, a system, and a device are provided. An example method includes: A data storage entity receives a data access request and sends an access permission verification request to a distributed ledger node storing a data access policy of the client and/or a data access policy of the user. The distributed ledger node verifies, based on an identifier of a client and/or an identifier of a user in the access permission verification request and a distributed ledger, whether the client has data access permission, and sends a first access permission verification response to the data storage entity if the client has the data access permission, where the first access permission verification response indicates that the client has the data access permission. After receiving the first access permission verification response sent from the distributed ledger node, the data storage entity sends corresponding data to the client.