-
公开(公告)号:US20230397008A1
公开(公告)日:2023-12-07
申请号:US18452579
申请日:2023-08-21
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
CPC classification number: H04W12/10 , H04W36/0038
Abstract: This application provides a communication method and a communication apparatus. The method includes: A session management network element obtains first indication information in a session establishment process of a session in a first network for a terminal device, where the first indication information indicates that user plane integrity protection in a second network is supported. The session management network element sends a first request message to an access and mobility management function network element in the first network based on the first indication information, where the first request message is used to request to assign a bearer identifier of the second network for the session. The session management network element receives a first response message from the access and mobility management function network element, where the first response message includes the bearer identifier.
-
12.发明公开公开(公告)号:US20230337002A1
公开(公告)日:2023-10-19
申请号:US18340651
申请日:2023-06-23
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
IPC: H04W12/37 , H04W12/60 , H04W12/041 , H04W76/15
CPC classification number: H04W12/37 , H04W12/60 , H04W12/041 , H04W76/15 , H04W48/18
Abstract: A security context generation method and apparatus, and a computer-readable storage medium are provided. In the method, a terminal device obtains a first security context for protecting a first communication service of the terminal device, and sends, to a session management function network element, a session request message for requesting to establish a session of a second communication service which is different from the first communication service. The terminal device receives, from the session management function network element a session accept message for completing establishment of the session of the second communication service. The terminal device obtains an additional generation indication and based on the additional generation indication obtains a second security context for protecting the second communication service. According to the present application, different communication services are protected by using different security contexts, so that security of the communication services can be improved.
-
公开(公告)号:US11706618B2
公开(公告)日:2023-07-18
申请号:US16678314
申请日:2019-11-08
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Abstract: A data packet verification method and a device improve network security. The method includes: receiving a data packet of a terminal device, where the data packet carries a first token and a service identifier, and the service identifier is used to indicate a type of a service to which the data packet belongs; obtaining first input information based on the data packet, and generating a second token based on the first input information, where the first input information includes an identifier of the terminal device and the service identifier carried in the data packet; and sending the data packet when the first token is the same as the second token.
-
公开(公告)号:US20230090543A1
公开(公告)日:2023-03-23
申请号:US18071314
申请日:2022-11-29
Applicant: Huawei Technologies Co., Ltd.
Inventor: Yizhuang Wu , He Li , Li Hu
IPC: H04W12/50 , H04W12/102 , H04W76/14
Abstract: A user plane security enforcement information determining method and an apparatus are provided, to ensure a security requirement of transmitted data of a remote device. In this application, a session management network element may receive a first request for creating a relay-type session of a first terminal device. Then, the session management network element determines first user plane security enforcement information of the session based on first information, and sends the first user plane security enforcement information of the session to an access network device, where the first user plane security enforcement information of the session is for determining a first user plane security activation status of the session between the first terminal device and the access network device.
-
公开(公告)号:US20220210859A1
公开(公告)日:2022-06-30
申请号:US17695140
申请日:2022-03-15
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Longhua Guo , Li Hu , He Li , Rong Wu
Abstract: Embodiments of this application relate to the field of communication technologies, and provide a data transmission method and an apparatus, to ensure security of radio capability information of a terminal in a transmission process. The method includes: A terminal performs NAS security protection on radio capability information based on a NAS security context before establishing an AS security context; then the terminal sends the NAS-security-protected radio capability information to a mobility management network element; and after receiving the NAS-security-protected radio capability information, the mobility management network element performs security deprotection on the NAS-security-protected radio capability information, to obtain and store the radio capability information of the terminal. In this way, in a scenario in which an access network device requires the radio capability information of the terminal, the mobility management network element may send the radio capability information to the access network device.
-
Patent Agency Ranking
公开(公告)号:US11272360B2
公开(公告)日:2022-03-08
申请号:US16993729
申请日:2020-08-14
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W12/02 , H04W12/033 , H04W8/08 , H04W80/10 , H04W76/27 , H04W92/10 , H04L29/06 , H04W12/08 , H04W12/10 , H04W12/037 , H04W12/041 , H04W12/106
Abstract: A communication method and a related apparatus, where sending, by an access and mobility management function (AMF) entity, a request message to a session management function (SMF) entity, wherein the request message comprises a data network name (DNN) of a terminal device and an identifier of a slice of the terminal device; obtaining, by the SMF entity, a security policy based on the DNN of the terminal device and the identifier of the slice of the terminal device; sending, by the SMF entity, the security policy to a base station; and enabling, by the base station, user plane encryption protection when the security policy comprises first encryption protection indication information indicating the base station to enable the user plane encryption protection.
-
公开(公告)号:US10798578B2
公开(公告)日:2020-10-06
申请号:US16386462
申请日:2019-04-17
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W8/08 , H04W12/10 , H04W76/27 , H04W12/04 , H04W12/00 , H04L29/06 , H04W92/10 , H04W12/02 , H04W12/08 , H04W80/10
Abstract: A communication method and a related apparatus are provided. A base station obtains a security policy, where the security policy includes integrity protection indication information, and the integrity protection indication information is used to indicate the base station whether to enable integrity protection for a terminal device; and when the integrity protection indication information indicates the base station to enable integrity protection for the terminal device, the base station sends a target user plane integrity protection algorithm to the terminal device.
-
公开(公告)号:US10582378B2
公开(公告)日:2020-03-03
申请号:US16520833
申请日:2019-07-24
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Abstract: A message protection method, user equipment, and a core network device are disclosed. The method includes: sending a request message on which no security protection is performed to the core network device, where the request message includes a first random number; receiving an abnormal response message, where the abnormal response message includes a third random number and a signature; and determining, based on the third random number, the signature, and an obtained credential, whether the abnormal response message is a valid message. According to the message protection method provided in the embodiments of the disclosure, security protection can be performed on a message transmitted before a security context is established between the user equipment and the core network device, so as to improve network communication security.
-
19.发明授权公开(公告)号:US12185395B2
公开(公告)日:2024-12-31
申请号:US17674590
申请日:2022-02-17
Applicant: Huawei Technologies Co., Ltd.
Inventor: Longhua Guo , Li Hu , He Li
IPC: H04W76/12 , H04W12/033 , H04W12/106 , H04W88/14
Abstract: A communications method includes: an integrated access and backhaul (IAB) node receives an uplink data packet from a terminal; the IAB node determines a packet data convergence protocol (PDCP) layer security status of the uplink data packet; the IAB node determines a target secure tunnel from a plurality of secure tunnels between the IAB node and an IAB donor based on the PDCP layer security status of the uplink data packet; and the IAB node sends the uplink data packet to the IAB donor through the target secure tunnel. This application is applicable to a data transmission process.
-
公开(公告)号:US20240267973A1
公开(公告)日:2024-08-08
申请号:US18440598
申请日:2024-02-13
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Li Hu , Jing Chen , Yinghui Yu
Abstract: A link re-establishment method, an apparatus, and a system are described. The method includes: obtaining, by user equipment UE, a MAC of the UE based on a NAS integrity key and a first MAC generation parameter, where the first MAC generation parameter includes an identifier of the UE; sending, by the UE, a re-establishment request message to a target RAN, where the re-establishment request message includes the MAC and the first MAC generation parameter; and receiving, by the UE, a re-establishment response message of the target RAN. The UE triggers, by sending the re-establishment request message, a CP functional entity to perform authentication on the UE. The method and apparatus of the present disclosure address a problem that an excessively long time is consumed to re-establish a connection to a target RAN by using an RAU procedure, increases a speed of re-establishing a connection between UE and a network, and improves user experience.
-
-
-
-
-
-
-
-
-
Search Results
56
records
(took 0.017 seconds)
