公开(公告)号：US11082843B2

公开(公告)日：2021-08-03

申请号：US16870708

申请日：2020-05-08

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Kai Pan ,  Jing Chen

IPC: H04L29/06 ,  H04B7/26 ,  H04W12/06 ,  H04L9/32 ,  H04W12/04

Abstract: A communication method and a communications apparatus in which the method includes: a terminal device receiving a first authentication request from a security function network element, and obtaining authentication reference information based on the first authentication request, where the authentication reference information is a response value, a resynchronization token, or a cause indication value. The terminal device sends an authentication response message to the security function network element, where the authentication response message includes a first information element used to carry the response value, a second information element used to carry the resynchronization token, and a third information element used to carry the cause indication value, and the authentication reference information is carried in an information element corresponding to the authentication reference information.

公开(公告)号：US20210227393A1

公开(公告)日：2021-07-22

申请号：US17139235

申请日：2020-12-31

Applicant: Huawei Technologies Co., Ltd.

Inventor： He Li ,  Jing Chen

IPC: H04W12/106 ,  H04L29/06 ,  H04W12/033 ,  H04W12/108 ,  H04W12/122 ,  H04W12/0431

Abstract: A security protection method and an apparatus to implement security protection for a plurality of non-access stratum (NAS) connection links. The method includes determining, by a terminal, a first parameter, where the first parameter is used to indicate an access technology used to transmit a non-access stratum NAS message. The terminal can support at least two access technologies, and can separately maintain a corresponding NAS COUNT for each of the at least two access technologies. The method further includes performing, by the terminal, security protection on the NAS message based on the first parameter, a NAS key, and a NAS COUNT corresponding to an access technology used to transmit the NAS message. This application is applicable to a process of performing security protection on a NAS message.

公开(公告)号：US11025414B2

公开(公告)日：2021-06-01

申请号：US16443723

申请日：2019-06-17

Applicant: Huawei Technologies Co., Ltd.

Inventor： Dongmei Zhang ,  Jing Chen

IPC: H04L9/08 ,  H04W12/041 ,  H04W12/0431 ,  H04L29/06 ,  H04W76/14

Abstract: Embodiments of the present invention disclose a key exchange method and apparatus. A network device acquires a first key, and sends a message including the first key to a second user equipment, so that the second user equipment uses, when communicating with a first user equipment by using a D2D link, the first key to protect transmitted information.

公开(公告)号：US20210081527A1

公开(公告)日：2021-03-18

申请号：US17066902

申请日：2020-10-09

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yong Wang ,  Kai Pan ,  Cuili Ge ,  Jing Chen

IPC: G06F21/54 ,  G06F9/54 ,  H04L29/06 ,  G06F21/51

Abstract: A service application programming interface (API) invoking method where a security method applied to an API exposing function entity is updated from an original security method to a new security method, and where the security method of the API exposing function entity is used for communication between the API exposing function entity and an invoker. The method includes: obtaining, by the invoker, a new security method of the API exposing function entity; and sending, by the invoker, a first invoking request to the API exposing function entity using the new security method, where the first invoking request includes a name of a service API, and where the first invoking request is used to invoke the service API.

公开(公告)号：US10911948B2

公开(公告)日：2021-02-02

申请号：US16574899

申请日：2019-09-18

Applicant: Huawei Technologies Co., Ltd.

Inventor： He Li ,  Jing Chen ,  Huan Li

IPC: H04W12/04 ,  H04W76/25 ,  H04W76/11 ,  H04W12/06 ,  H04W8/08 ,  H04W12/10

Abstract: Embodiments of the present invention disclose a method and a system for performing network access authentication based on a non-3GPP network, and a related device. In the solutions of this application, steps in a non-3GPP-based network access authentication procedure in the prior art are reduced, and the UE can quickly access the network.

公开(公告)号：US20200374691A1

公开(公告)日：2020-11-26

申请号：US16993729

申请日：2020-08-14

Applicant: Huawei Technologies Co., Ltd.

Inventor： He Li ,  Jing Chen ,  Li Hu

IPC: H04W12/00 ,  H04W12/04 ,  H04W8/08 ,  H04W80/10 ,  H04W76/27 ,  H04W92/10 ,  H04L29/06 ,  H04W12/10 ,  H04W12/02 ,  H04W12/08

Abstract: A communication method and a related apparatus, where sending, by an access and mobility management function (AMF) entity, a request message to a session management function (SMF) entity, wherein the request message comprises a data network name (DNN) of a terminal device and an identifier of a slice of the terminal device; obtaining, by the SMF entity, a security policy based on the DNN of the terminal device and the identifier of the slice of the terminal device; sending, by the SMF entity, the security policy to a base station; and enabling, by the base station, user plane encryption protection when the security policy comprises first encryption protection indication information indicating the base station to enable the user plane encryption protection.

公开(公告)号：US10798082B2

公开(公告)日：2020-10-06

申请号：US16388326

申请日：2019-04-18

Applicant: Huawei Technologies Co., Ltd.

Inventor： He Li ,  Jing Chen ,  Huan Li ,  Yizhuang Wu

IPC: H04L29/06 ,  H04L9/30 ,  H04W12/02 ,  H04W12/06 ,  H04L9/32

Abstract: This application relates to the field of communications technologies, and discloses a network authentication triggering system, method and a related device. The method includes: receiving a first message from a terminal, where the first message carries first identity information and identifier information, the first identity information is encrypted identity information, and the identifier information is used to identify an encryption manner of the first identity information; and sending a second message to a first security function entity, where the second message is used to trigger authentication for the terminal, and the second message carries the identifier information. This application provides a solution of triggering an authentication process when identity information is encrypted.

公开(公告)号：US10681551B2

公开(公告)日：2020-06-09

申请号：US16404163

申请日：2019-05-06

Applicant: Huawei Technologies Co., Ltd.

Inventor： He Li ,  Jing Chen

IPC: H04W12/10 ,  H04W12/04 ,  H04W12/00 ,  H04L29/06 ,  H04W12/12

Abstract: A security protection method and an apparatus to implement security protection for a plurality of non-access stratum (NAS) connection links. The method includes determining, by a terminal, a first parameter, where the first parameter is used to indicate an access technology used to transmit a non-access stratum NAS message. The terminal can support at least two access technologies, and can separately maintain a corresponding NAS COUNT for each of the at least two access technologies. The method further includes performing, by the terminal, security protection on the NAS message based on the first parameter, a NAS key, and a NAS COUNT corresponding to an access technology used to transmit the NAS message. This application is applicable to a process of performing security protection on a NAS message.

公开(公告)号：US10560848B2

公开(公告)日：2020-02-11

申请号：US16386462

申请日：2019-04-17

Applicant: Huawei Technologies Co., Ltd.

Inventor： He Li ,  Jing Chen ,  Li Hu

IPC: H04W8/08 ,  H04W12/10 ,  H04W12/04 ,  H04W80/10 ,  H04W76/27

Abstract: A communication method and a related apparatus are provided. A base station obtains a security policy, where the security policy includes integrity protection indication information, and the integrity protection indication information is used to indicate the base station whether to enable integrity protection for a terminal device; and when the integrity protection indication information indicates the base station to enable integrity protection for the terminal device, the base station sends a target user plane integrity protection algorithm to the terminal device.

公开(公告)号：US20200029205A1

公开(公告)日：2020-01-23

申请号：US16585978

申请日：2019-09-27

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Li Hu ,  Jing Chen ,  He Li ,  Kai Pan

IPC: H04W12/00 ,  H04W8/20 ,  H04L29/06 ,  H04W12/06

Abstract: The present disclosure discloses a communication method performed by a management function entity, including: receiving a first request message sent by user equipment UE; sending a second request message to a storage function entity based on the first request message, where the second request message is used to request a security service identifier for the UE, and the security service identifier is used to indicate a security service procedure; receiving a response message including the security service identifier from the storage function entity; obtaining a target security service identifier based on the security service identifier, where the target security service identifier is used to indicate a security service procedure to be initiated by the management function entity; and initiating the security service procedure indicated by the target security service identifier. The present disclosure further discloses a communications device.