公开(公告)号：US20230208625A1

公开(公告)日：2023-06-29

申请号：US18176289

申请日：2023-02-28

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Yong Wang ,  Jing Chen

IPC: H04L9/08

CPC classification number: H04L9/0833 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/0891

Abstract: Embodiments of the present disclosure provide a communication method and apparatus, applied to nodes supporting short-range communication, for example, Bluetooth nodes or nodes in an in-vehicle short-range communication system. The method includes receiving an association request message from a second node and determining a group key of a first communication group. The first communication group is a communication group to which the second node belongs. The method further includes encrypting the group key of the first communication group, based on a shared key between a first node and the second node, to obtain a first protection key and sending a first association establishment message to the second node. The first association establishment message includes a first protection key.

公开(公告)号：US11665535B2

公开(公告)日：2023-05-30

申请号：US16916481

申请日：2020-06-30

Applicant: Huawei Technologies Co., Ltd.

Inventor： He Li ,  Jing Chen

IPC: H04W12/033 ,  H04W76/15 ,  H04W12/106 ,  H04W84/18

CPC classification number: H04W12/033 ,  H04W12/106 ,  H04W76/15 ,  H04W84/18

Abstract: A method, an apparatus, and a system for dual-connectivity communication, where the method may include: sending, by a master Node, a first message to a secondary Node, where the first message includes a user plane security policy, and the user plane security policy is used by the secondary Node to determine a user plane security protection method between the secondary Node and a user terminal; receiving, by the master Node, a second message from the secondary Node, where the second message includes user plane security enabling type indication information, and the user plane security enabling type indication information is used to indicate a user plane security protection method between the secondary Node and the user terminal; and sending, by the master Node, a third message to the user terminal, where the third message includes the user plane security enabling type indication information.

公开(公告)号：US20230099065A1

公开(公告)日：2023-03-30

申请号：US18070203

申请日：2022-11-28

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Yong Wang ,  Jing Chen

IPC: H04W12/04 ,  H04W12/062

Abstract: Embodiments of this application provide a security authentication method and a related apparatus, applied to the field of short-range communication, and in particular, to cockpit domain communication. The method includes: A first node receives a first association request message from a second node, where the first association request message includes a first fresh parameter; and the first node obtains a first pre-shared key PSK, where the first PSK corresponds to an identity of the second node, the first PSK is a PSK generated based on a second fresh parameter from the second node and a third fresh parameter from the first node, and the first PSK is used to verify the identity of the second node. According to the embodiments of this application, communication security can be improved.

公开(公告)号：US11564100B2

公开(公告)日：2023-01-24

申请号：US17139235

申请日：2020-12-31

Applicant: Huawei Technologies Co., Ltd.

Inventor： He Li ,  Jing Chen

IPC: H04W12/106 ,  H04L9/40 ,  H04W12/033 ,  H04W12/108 ,  H04W12/122 ,  H04W12/0431

Abstract: A security protection method and an apparatus to implement security protection for a plurality of non-access stratum (NAS) connection links. The method includes determining, by a terminal, a first parameter, where the first parameter is used to indicate an access technology used to transmit a non-access stratum NAS message. The terminal can support at least two access technologies, and can separately maintain a corresponding NAS COUNT for each of the at least two access technologies. The method further includes performing, by the terminal, security protection on the NAS message based on the first parameter, a NAS key, and a NAS COUNT corresponding to an access technology used to transmit the NAS message. This application is applicable to a process of performing security protection on a NAS message.

公开(公告)号：US11463873B2

公开(公告)日：2022-10-04

申请号：US16749911

申请日：2020-01-22

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Li Hu ,  Jing Chen

IPC: H04W12/00 ,  H04W12/0431 ,  H04W36/00 ,  H04W36/08 ,  H04W12/0433 ,  H04W92/20

Abstract: The present disclosure discloses a communication method and a device. The method is performed by a target base station and includes: receiving a handover request from a source base station, where the handover request includes a first key and first indication information, and the first indication information is used to indicate whether the first key is an updated key; and sending second indication information to the source base station based on the handover request, where the second indication information is used to indicate whether an access layer key between the target base station and a terminal device is an updated key. Using the embodiments of the present disclosure helps resolve a problem that a potential security risk exists in data transmitted between the terminal device and the target base station, and helps resolve a problem that a key change of the terminal device is not controlled by the base station.

公开(公告)号：US20220294649A1

公开(公告)日：2022-09-15

申请号：US17831136

申请日：2022-06-02

Applicant: Huawei Technologies Co., Ltd.

Inventor： Kai Pan ,  Jing Chen ,  Xiaojun Wang

IPC: H04L9/32 ,  H04L9/08

Abstract: A certificate revocation list updating method includes determining by a first road side unit (RSU), based on a first certificate revocation list stored by the first RSU, that a certificate used by a first on board unit (OBU) in a coverage area of the first RSU is revoked, sending, by the first RSU, a first notification message to one or more OBUs in the coverage area of the first RSU, where the first notification message notifies the one or more OBUs to update a certificate revocation list.

公开(公告)号：US11284456B2

公开(公告)日：2022-03-22

申请号：US16751551

申请日：2020-01-24

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： He Li ,  Jing Chen ,  Huan Li

IPC: H04W76/11 ,  H04L29/06 ,  H04W12/06 ,  H04W60/00 ,  H04W88/16

Abstract: This application discloses a method and an apparatus for obtaining an identifier of a terminal device. The method is performed by a gateway node and includes: receiving a first message sent by a terminal device, and sending a second message to a control plane node, where both the first message and the second message carry a temporary identifier of the terminal device; receiving a third message sent by the control plane node, where the third message is sent by the control plane node when the control plane node cannot obtain a permanent identifier of the terminal device; sending a fourth message to the terminal device based on the third message; receiving a fifth message sent by the terminal device, where the fifth message carries the permanent identifier of the terminal device; and sending the permanent identifier to the control plane node based on the fifth message.

公开(公告)号：US11178584B2

公开(公告)日：2021-11-16

申请号：US15927873

申请日：2018-03-21

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Na Li ,  Jingxue Zhong ,  Weiwei Zhong ,  Jing Chen

IPC: H04W36/00 ,  H04W12/043 ,  H04W76/20 ,  H04W88/08 ,  H04L29/06 ,  H04W12/041 ,  H04W12/062 ,  H04W12/0431 ,  H04W48/16 ,  H04W88/06 ,  H04W8/04

Abstract: The present application provides an access method, device, and system of UE, and relates to the communications field. The method is performed by a first network device on a 3GPP network, including: receiving, by using a second network device on a non-3GPP network, an access request message from the UE; generating a first NAS verification code according to an identifier of the UE and a NAS security context of the UE stored in the first network device; if the access request message includes a second NAS verification code, detecting whether the second NAS verification code is the same as the first NAS verification code; and if the second NAS verification code is the same as the first NAS verification code, sending an access key of the non-3GPP network to the second network device.

公开(公告)号：US20210352481A1

公开(公告)日：2021-11-11

申请号：US17380455

申请日：2021-07-20

Applicant: Huawei Technologies Co., Ltd.

Inventor： Longhua Guo ,  He Li ,  Jing Chen

IPC: H04W12/104 ,  H04W4/029

Abstract: A data transmission method includes calculating, by a user equipment (UE), a first message authentication code of first location privacy setting data, sending, by the UE, the first message authentication code and the first location privacy setting data to a data management network element, receiving, by the UE, a second message authentication code from the data management network element, calculating, by the UE, a third message authentication code of the first location privacy setting data, determining, by the UE, that the first location privacy setting data is not tampered with when the second message authentication code is the same as the third message authentication code.

公开(公告)号：US20210058789A1

公开(公告)日：2021-02-25

申请号：US17089216

申请日：2020-11-04

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Li Hu ,  Jing Chen ,  Kai Pan

IPC: H04W12/08 ,  H04W48/02 ,  H04W12/00

Abstract: This application provides a method for restricting access of a terminal device, and an apparatus. The method includes: receiving, by an access network device, a first identifier that is from a terminal device, where the first identifier is used to identify the terminal device; and if the first identifier matches a second identifier, restricting, by the access network device, access of the terminal device, where the second identifier is used to identify a terminal device having abnormal behavior. Based on the solution, the access network device pre-records the second identifier of the terminal device having the abnormal behavior.