-
公开(公告)号:US12132823B2
公开(公告)日:2024-10-29
申请号:US17706877
申请日:2022-03-29
Applicant: Huawei Technologies Co., Ltd.
Inventor: Bo Zhang
CPC classification number: H04L9/0825 , H04L9/0866 , H04L9/0869 , H04L9/3213
Abstract: A communication authentication method and a related device, the method including sending, by a user terminal, a generic bootstrapping architecture (GBA) authentication request carrying a user terminal identifier, receiving, by the user terminal, an authentication request carrying an authentication token (AUTN) and a random number (RAND), and deriving, by the user terminal, a first authentication vector based on the AUTN and the RAND, where the first authentication vector is different from a second authentication vector of the user terminal, the first authentication vector is a 5th generation (5G) GBA authentication vector, and the second authentication vector includes at least one of a 3rd generation/4th generation (3G/4G) GBA authentication vector or a 5G authentication vector.
-
92.发明授权公开(公告)号:US12118093B2
公开(公告)日:2024-10-15
申请号:US17169737
申请日:2021-02-08
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Bo Zhang , Philip Ginzboorg , Valtteri Niemi , Pekka Laitinen
IPC: G06F15/177 , G06F9/00 , G06F21/57 , H04L9/40 , H04W12/06
CPC classification number: G06F21/575 , H04L63/083 , H04W12/06
Abstract: This application provides an extended authentication method and apparatus for a generic bootstrapping architecture and a storage medium. A first network element obtains a bootstrapping transaction identifier (B-TID) and a key lifetime; and the first network element sends the B-TID and the key lifetime to the terminal, so that the terminal performs extensible authentication protocol (EAP)-based generic bootstrapping architecture (GBA) authentication and key agreement (AKA) authentication with the first network element based on the B-TID and the key lifetime.
-
公开(公告)号:US11824981B2
公开(公告)日:2023-11-21
申请号:US17696093
申请日:2022-03-16
Applicant: Huawei Technologies Co., Ltd.
Inventor: Bo Zhang , Lu Gan , Rong Wu , Shuaishuai Tan
CPC classification number: H04L9/088 , H04L9/3247 , H04L63/0435 , H04W12/06
Abstract: A discovery method and apparatus based on a service-based architecture, where the method includes a control network element sending a discovery response to a first functional network element, where the discovery response includes a determined security parameter and an access address or an identifier of a second functional network element. The first functional network element receives the discovery response from the control network element, and sends an access request to the second functional network element based on the address or the identifier of the second functional network element, where the access request includes the received security parameter. The second functional network element receives the access request from the first functional network element, verifies correctness of the security parameter, and determines, based on the correctness of the security parameter, whether the access request is authorized by the first functional network element.
-
公开(公告)号:US11503467B2
公开(公告)日:2022-11-15
申请号:US17185467
申请日:2021-02-25
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Hua Li , Chengdong He , Bo Zhang
Abstract: Example authentication methods, devices, and systems are provided, where those example can be used to verify validity of access location information of a next generation-residential gateway (NG-RG) in a fixed-mobile convergence architecture. One example method includes a network device receiving first link information that is used to represent an access location of a residential gateway, and the network device obtaining second link information of the residential gateway. When the first link information matches partial or all information of the second link information, or when the first link information matches partial or all information of one link information of the second link information, the network device verifies validity of the access location of the residential gateway.
-
公开(公告)号:US20220278831A1
公开(公告)日:2022-09-01
申请号:US17696093
申请日:2022-03-16
Applicant: Huawei Technologies Co., Ltd.
Inventor: Bo Zhang , Lu Gan , Rong Wu , Shuaishuai Tan
Abstract: A discovery method and apparatus based on a service-based architecture, where the method includes a control network element sending a discovery response to a first functional network element, where the discovery response includes a determined security parameter and an access address or an identifier of a second functional network element. The first functional network element receives the discovery response from the control network element, and sends an access request to the second functional network element based on the address or the identifier of the second functional network element, where the access request includes the received security parameter. The second functional network element receives the access request from the first functional network element, verifies correctness of the security parameter, and determines, based on the correctness of the security parameter, whether the access request is authorized by the first functional network element.
-
Patent Agency Ranking
公开(公告)号:US11252649B2
公开(公告)日:2022-02-15
申请号:US16967253
申请日:2018-02-05
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Kai Yuan , Xiaoyan Duan , Bo Zhang , Feifei Sui , Zhenrong Wei
Abstract: A switching method and a terminal device, which relate to the communications field. The switching method comprises: establishing, by a terminal device, a first packet data network PDN connection in a long term evolution LTE access network; switching, by the terminal device, the first PDN connection from the LTE access network to a wireless local area network WLAN access network; establishing, by the terminal device, a second PDN connection in the LTE access network, so that the terminal device is in a registered state in the LTE network; and switching, by the terminal device, the first PDN connection or a third PDN connection established in the WLAN access network, to the LTE access network.
-
公开(公告)号:US11228908B2
公开(公告)日:2022-01-18
申请号:US16400032
申请日:2019-04-30
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
IPC: H04W12/00 , H04W12/04 , H04W12/06 , H04W12/10 , H04L29/06 , H04W28/06 , H04W12/08 , H04W12/033 , H04W12/041 , H04W12/069 , H04W12/106 , H04L9/32
Abstract: Embodiments of the present invention disclose a data transmission method and a related device and system. The system includes an access network device AN and user equipment UE. The AN is configured to receive a base key sent by a key management device in a core network, where the base key is a key generated from two-way authentication between the UE and the core; the AN and the UE are configured to process the base key according to a preset rule to generate an air interface protection key; the UE is configured to: protect a target field in an uplink protocol data unit PDU by using the air interface protection key; and the AN is configured to parse the target field in the uplink protocol data unit by using the air interface protection key.
-
公开(公告)号:US11075752B2
公开(公告)日:2021-07-27
申请号:US16248778
申请日:2019-01-16
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
IPC: H04L9/08 , H04L9/32 , H04L9/14 , H04L29/06 , H04W4/70 , H04W12/041 , H04W12/069 , H04W12/69
Abstract: Embodiments of the present invention disclose a network system. The system includes user equipment, a network authentication device, and a service authentication device. The service authentication device is configured to obtain reference information and generate a second shared key with reference to the reference information and a first shared key, where the first shared key is a shared key pre-configured between the user equipment and the service authentication device; the user equipment is configured to obtain the reference information and generate the second shared key with reference to the reference information and the first shared key; the service authentication device is configured to send the second shared key to the network authentication device; and the network authentication device is configured to receive the second shared key, where the second shared key is used by the user equipment and the network authentication device to generate a target shared key.
-
公开(公告)号:US11025597B2
公开(公告)日:2021-06-01
申请号:US16521171
申请日:2019-07-24
Applicant: Huawei Technologies Co., Ltd.
IPC: H04L29/06 , H04L9/08 , H04L29/08 , H04W12/033 , H04W12/041 , H04W12/106
Abstract: A security implementation method includes obtaining, by a first device, a security policy of a session and at least one key, and sending, by the first device, protected data to a second device, where the protected data is obtained by protecting security of session data of the session using the at least one key based on the security policy of the session, and the second device is configured to restore the protected data using the at least one key based on the security policy to obtain the session data, where when the first device is a terminal device, the second device is an access network node or a user plane node, or when the first device is an access network node or a user plane node, the second device is a terminal device.
-
公开(公告)号:US10959091B2
公开(公告)日:2021-03-23
申请号:US16351254
申请日:2019-03-12
Applicant: Huawei Technologies Co., Ltd.
Abstract: A method includes: receiving, by a session management device, a path switching request used to request to hand over user equipment UE from a source network to a target network; obtaining a target security policy based on the path switching request, and obtaining a second shared key generated based on a first shared key and the target security policy, and sending the second shared key to a target gateway; and sending, by the session management device, the second shared key to the UE; or sending the target security policy to the UE, so that the UE generates the second shared key based on the first shared key and the target security policy, where the second shared key is used to perform end-to-end protection on secure data transmission between the UE and the target gateway.
-
-
-
-
-
-
-
-
-
Search Results
107
records
(took 0.028 seconds)
