公开(公告)号：US20230035970A1

公开(公告)日：2023-02-02

申请号：US17936634

申请日：2022-09-29

Applicant: Huawei Technologies Co., Ltd.

Inventor： Fei Li

IPC: H04W12/069 ,  H04W12/0431 ,  H04W12/041

Abstract: A UDM sends a protection request message to a first AUSF; and the UDM receives a response message that is of the protection request message and that is sent by the first AUSF, and sends terminal parameters update information via an AMF corresponding to a first serving network, where the protection request message requests to protect the terminal parameters update information, and the protection request message carries the terminal parameters update information and information about the first serving network.

公开(公告)号：US20210281986A1

公开(公告)日：2021-09-09

申请号：US17319663

申请日：2021-05-13

Applicant: Huawei Technologies Co., Ltd.

Inventor： Jintao Zhu ,  Fei Li ,  Chengdong He

IPC: H04W4/40 ,  H04W4/12 ,  H04W4/02 ,  H04W12/069

Abstract: A vehicle-to-everything (V2X) abnormal behavior detection method applied to a vehicle communications system that includes a V2X sending terminal, a V2X receiving terminal, and a V2X server. The method includes that the V2X receiving terminal receives a V2X message from the V2X sending terminal. The V2X receiving terminal determines, according to an abnormal behavior detection policy, that the V2X message is an abnormal message. The V2X receiving terminal sends a report message including the V2X message to the V2X server.

公开(公告)号：US20250150827A1

公开(公告)日：2025-05-08

申请号：US19016501

申请日：2025-01-10

Applicant: Huawei Technologies Co., Ltd.

Inventor： Jintao Zhu ,  Fei Li ,  Hui Ding

IPC: H04W12/10 ,  H04W12/03 ,  H04W28/02

Abstract: This application provides a communication method, a communication apparatus, and a communication system. The method includes: obtaining a security policy corresponding to a quality of service flow identifier (QFI), where the security policy includes an integrity protection policy and/or a confidentiality protection policy; and performing, according to the security policy, security protection on a first data radio bearer (DRB) corresponding to the QFI. According to the technical solutions provided in this application, data security protection on a user plane at a QoS flow/DRB granularity can be implemented.

公开(公告)号：US12089045B2

公开(公告)日：2024-09-10

申请号：US17695145

申请日：2022-03-15

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Fei Li ,  Juan Deng

IPC: H04W12/08 ,  H04L9/32 ,  H04W12/03 ,  H04W12/041 ,  H04W12/102 ,  H04W92/10

CPC classification number: H04W12/102 ,  H04L9/3242 ,  H04W12/03 ,  H04W12/041 ,  H04W92/10

Abstract: Embodiments of this application disclose an air interface information security protection method and apparatus, to protect security performance of air interface information sent by a terminal to a base station. In an embodiment, a terminal determines a first message authentication code (MAC) value based on a security key and air interface information, where the security key is a non-access stratum (NAS) security key between the terminal and a core network device; and the terminal sends the air interface information and the first MAC value to a base station.

公开(公告)号：US20240089728A1

公开(公告)日：2024-03-14

申请号：US18505391

申请日：2023-11-09

Applicant: Huawei Technologies Co., Ltd.

Inventor： Fei Li

IPC: H04W12/033 ,  H04W12/041 ,  H04W12/06 ,  H04W12/10

CPC classification number: H04W12/033 ,  H04W12/041 ,  H04W12/06 ,  H04W12/10

Abstract: A communication method and apparatus are provided. The method includes: A home network security endpoint receives a first request from user equipment, where the first request includes a first identifier of the user equipment. The home network security endpoint then send a second request to a first network function, where the second request includes a second identifier of the user equipment, and receive a first key from the first network function, where the first key is generated based on a cipher key, an integrity key, and a name of a serving network of the user equipment. The home network security endpoint may generate a second key based on the first key, where the second key includes an encryption protection key and/or an integrity protection key.

公开(公告)号：US20230262459A1

公开(公告)日：2023-08-17

申请号：US18309530

申请日：2023-04-28

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Fei Li ,  Bo Zhang

IPC: H04W12/069 ,  H04W12/69

CPC classification number: H04W12/069 ,  H04W12/69

Abstract: A service authorization method includes: A first network element sends a first token request to a network repository function network element. After receiving the first token request from the first network element, the network repository function network element may complete verification on validity of a network function service consumer entity by determining, through verification, whether first information of the network function service consumer entity that is carried in the first token request matches second information in a certificate in an assertion of the network function service consumer entity, and does not rely on a profile of the network function service consumer entity to verify the validity of the network function service consumer entity.

公开(公告)号：US20210168139A1

公开(公告)日：2021-06-03

申请号：US17171675

申请日：2021-02-09

Applicant: Huawei Technologies Co., Ltd.

Inventor： Fei Li ,  Bo Zhang

IPC: H04L29/06

Abstract: A service authorization method includes receiving, by a server from a client, a request requesting an access token, where the request includes slice information, performing, by the server, authentication on the client, adding, by the server, the slice information to the access token, and sending, by the server, a response message to the client when the client is authenticated, where the response message comprises the access token.

公开(公告)号：US10218624B2

公开(公告)日：2019-02-26

申请号：US15822714

申请日：2017-11-27

Applicant: Huawei Technologies Co., Ltd.

Inventor： Fei Li ,  Yizhou Li

IPC: H04L12/801 ,  H04L12/723 ,  H04L12/46

Abstract: Embodiments provide a service instance mapping method, apparatus and system. The service instance mapping method includes: correlating a layer-2 service instance with a service access port of the service instance, and determining correspondence between the service access port and a service instance identifier. The method also includes mapping the service instance identifier to a service label of a packet.

公开(公告)号：US20140043972A1

公开(公告)日：2014-02-13

申请号：US14061535

申请日：2013-10-23

Applicant: Huawei Technologies Co., Ltd.

Inventor： Fei Li ,  Yizhou Li

IPC: H04L12/801 ,  H04L12/723

CPC classification number: H04L47/17 ,  H04L12/4662 ,  H04L45/50

Abstract: The present invention discloses a service instance mapping method, apparatus and system. The service instance mapping method includes: correlating a layer-2 service instance with a service access port of the service instance, and determining correspondence between the service access port and a service instance identifier; and mapping the service instance identifier to a service label of a packet. In embodiments of the present invention, because the service label is adopted to carry the service instance identifier, a higher service label supporting capability may be included, more service instances may be supported, and a multi-tenant requirement in a large-scale public cloud environment can be met; control protocol support is extended, and extension of a TRILL protocol can fulfill a higher service development capability.

Abstract translation: 本发明公开了一种服务实例映射方法，装置和系统。 业务实例映射方法包括：将二层业务实例与业务实例的业务接入端相关联，确定业务接入端口与业务实例标识符的对应关系; 并将服务实例标识符映射到分组的服务标签。 在本发明的实施例中，由于采用业务标签来承载业务实例标识符，所以可以包含更高的业务标签支持能力，可以支持更多的业务实例，大规模公有云中的多租户需求 环境可以满足; 控制协议支持得到扩展，TRILL协议的扩展可以实现更高的业务开发能力。

公开(公告)号：US12052233B2

公开(公告)日：2024-07-30

申请号：US17512627

申请日：2021-10-27

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bo Zhang ,  Fei Li

IPC: H04L9/40 ,  H04L67/60

CPC classification number: H04L63/0823 ,  H04L63/102 ,  H04L67/60

Abstract: In an identity verification method for a network function service, a network element receives from a requesting network element a network function (NF) service request that includes a token, The token includes first certificate information. The network element verifies the first certificate information to determine whether an identity represented by the first certificate information is consistent with an identity of the requesting network element. When the network element determines that the identity represented by the first certificate information is inconsistent with the identity of the requesting network element, the network element rejects the NF service request.