公开(公告)号：US20240357360A1

公开(公告)日：2024-10-24

申请号：US18762930

申请日：2024-07-03

Applicant: Huawei Technologies Co., Ltd.

Inventor： Christopher J.P. Newton ,  Liqun Chen ,  Fei Liu ,  Loganathan Parthipan ,  Donghui Wang ,  Yurong Song

IPC: H04W12/40

CPC classification number: H04W12/40

Abstract: This application provides a communication method integrated with trusted measurement and an apparatus. The method includes: A first network element sends a first request message, where the first request message is for requesting to verify whether terminal device is trusted. The first network element receives a first response message, where the first response message is for verifying whether the terminal device is trusted.

公开(公告)号：US11388083B2

公开(公告)日：2022-07-12

申请号：US16869761

申请日：2020-05-08

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Donghui Wang ,  Hongpei Li ,  Bingyang Liu

IPC: H04L45/02 ,  H04L45/00 ,  H04W40/24 ,  H04W84/18

Abstract: This application provides a secure route identification method and an apparatus. A first AS node receives a first message. The first message is used to indicate a target path for reaching a first route prefix, and the target path is used to indicate a first neighboring relationship between AS nodes on the target path. Then, the first AS node determines, based on the first neighboring relationship and neighbor information of an AS node on the target path that is stored in a blockchain, whether a security threat exists on the target path. The neighbor information of the AS node on the target path includes a second neighboring relationship between the AS node on the target path and another AS node.

公开(公告)号：US10298600B2

公开(公告)日：2019-05-21

申请号：US14985807

申请日：2015-12-31

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Jinming Li ,  Donghui Wang

IPC: G06F17/00 ,  H04L29/06 ,  H04L12/64

Abstract: The present disclosure provides a method, an apparatus, and a system for cooperative defense on a network. Alarm information sent by a security device of a first subnet that is being attacked is received by a controller; the controller generates flow table information according to the alarm information, and forwards the flow table information to a switching device of the first subnet and a switching device of at least one second subnet, which is equivalent to that, after detecting an attack, a security device of a subnet generates alarm information, and shares, by using the controller, the alarm information with a switching device of the subnet and a switching device of another subnet that is not being attacked, to form networkwide cooperative defense, thereby enhancing network security.

公开(公告)号：US20240275621A1

公开(公告)日：2024-08-15

申请号：US18444769

申请日：2024-02-19

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Donghui Wang ,  Jing Chen ,  Fei Liu ,  kai li

IPC: H04L9/00

CPC classification number: H04L9/50

Abstract: A first blockchain node determines a block type of a first block and determines the first block based on the block type of the first block. The first blockchain node sends the first block to a second blockchain node and the second blockchain node determines the block type of the first block. The second blockchain node performs block verification on the first block based on the block type of the first block. After verification succeeds, the second blockchain node updates a first blockchain, where the block type is a first type or a second type. The first blockchain node and the second blockchain node are configured to maintain the first blockchain, and the first blockchain includes at least one first-type block and at least one second-type block.

公开(公告)号：US12032424B2

公开(公告)日：2024-07-09

申请号：US17850019

申请日：2022-06-27

Applicant: Huawei Technologies Co., Ltd.

Inventor： Shiyong Fu ,  Houcun Zhu ,  Donghui Wang ,  Xiangen Xu ,  Zhaojin Li

IPC: G06F1/3209 ,  H02J1/02

CPC classification number: G06F1/3209 ,  H02J1/02

Abstract: A filtering-based power supply apparatus used in a power sourcing equipment (PSE) includes a power supply control circuit and an adaptive filter circuit. The power supply control circuit includes a power supply channel and a detection module. The power supply channel includes a control switch configured to control on and off of the power supply channel. The detection module is configured to send a detection signal to the power supply channel to detect whether a peer device connected to the power supply channel is a valid powered device. The control switch is turned off in a detection process of the power supply channel. The adaptive filter circuit is configured to filter noise in the detection signal in the detection process of the power supply channel.

公开(公告)号：US20230148392A1

公开(公告)日：2023-05-11

申请号：US18148914

申请日：2022-12-30

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bin Yu ,  Wenjun Chang ,  Xingjian He ,  Wei Chen ,  Donghui Wang

IPC: H04L47/2425 ,  H04L47/2408 ,  H04L47/2475 ,  H04L47/41

CPC classification number: H04L47/2433 ,  H04L47/2408 ,  H04L47/2475 ,  H04L47/41

Abstract: This application discloses a network and a data transmission method and apparatus, and belongs to the field of communication technologies. The network includes a core device and an edge device. The edge device identifies a service type of a first service packet from the core device, and reports a service type identifier of the first packet to the core device. The core device determines a priority corresponding to the service type identifier based on a stored service priority correspondence, and forwards, based on the priority, a service packet belonging to a same service flow as the first service packet. A strong service identification capability of the edge device is used to precisely identify thousands of service types, and a strong entry storage capability of the core device is used to store a correspondence that records thousands of service types and priorities. This effectively avoids problems such as transmission congestion and a packet loss that are caused by an incapability of precisely identifying a service type and allocation of a same priority to service packets of different service types.

公开(公告)号：US11637755B2

公开(公告)日：2023-04-25

申请号：US17205357

申请日：2021-03-18

Applicant: Huawei Technologies Co., Ltd.

Inventor： Donghui Wang ,  Jinming Li

IPC: H04L41/12 ,  H04L41/044 ,  H04L12/46

Abstract: A software defined network (SDN) system, controller, and controlling method, where the SDN system includes at least one Nth level controller and at least two (N+1)th level controllers belonging to the Nth level controller, where the (N+1)th level controller is configured to receive a first message sent by a node belonging to the (N+1)th level controller, and when the first message is a cross-domain message according to status information of each node that is managed by the (N+1)th level controller, forward the first message to the Nth level controller to which the (N+1)th level controller belongs, and the Nth level controller receives the first message, and perform decision processing according to status information of the (N+1)th level controller that is managed by and belongs to the Nth level controller and status information of boundary nodes of the (N+1)th level controller belonging to the Nth level controller.

公开(公告)号：US20210344714A1

公开(公告)日：2021-11-04

申请号：US17369057

申请日：2021-07-07

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Huazhi Yang ,  Donghui Wang

IPC: H04L29/06 ,  H04L12/741 ,  H04L29/12 ,  H04L12/721

Abstract: This application discloses a cyber threat deception method and system, and a forwarding device. The forwarding device obtains a deception target set, where the deception target set includes a deception target, and the deception target includes an unused internet protocol (IP) address or an unopened port number on a used IP address. The forwarding device receives an IP packet from a host, and determines whether a destination party that the IP packet requests to access belongs to the deception target set. If the destination party that the IP packet requests to access belongs to the deception target set, the forwarding device sends the IP packet to a honeypot management server. The forwarding device receives a response packet, returned by the honeypot management server, of the corresponding IP packet. The forwarding device sends the response packet to the host.

公开(公告)号：US10917437B2

公开(公告)日：2021-02-09

申请号：US16015208

申请日：2018-06-22

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Jinming Li ,  Donghui Wang

IPC: H04L29/06 ,  H04L12/751

Abstract: Conflict detection and resolution methods and apparatuses relate to the field of communications technologies. The conflict detection method includes: acquiring, by a controller, a flow path of a data flow on a network, where the flow path is used to indicate a path along which the data flow reaches an address in a destination address range from an address in a source address range through at least two intermediate nodes on the network, a first flow table rule is added to or deleted from flow tables of the at least two intermediate nodes, and the first flow table rule is any flow table rule; and determining, by the controller, whether a conflict exists according to an address range of the flow path and an address range of a security policy.

公开(公告)号：US20200059412A1

公开(公告)日：2020-02-20

申请号：US16665773

申请日：2019-10-28

Applicant: Huawei Technologies Co., Ltd.

Inventor： Donghui Wang ,  Jinming Li

IPC: H04L12/24 ,  H04L12/46

Abstract: A software defined network (SDN) system, controller, and controlling method, where the SDN system includes at least one Nth level controller and at least two (N+1)th level controllers belonging to the Nth level controller, where the (N+1)th level controller is configured to receive a first message sent by a node belonging to the (N+1)th level controller, and when the first message is a cross-domain message according to status information of each node that is managed by the (N+1)th level controller, forward the first message to the Nth level controller to which the (N+1)th level controller belongs, and the Nth level controller receives the first message, and perform decision processing according to status information of the (N+1)th level controller that is managed by and belongs to the Nth level controller and status information of boundary nodes of the (N+1)th level controller belonging to the Nth level controller.