公开(公告)号：US20180220364A1

公开(公告)日：2018-08-02

申请号：US15927873

申请日：2018-03-21

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Na LI ,  Jingxue ZHONG ,  Weiwei ZHONG ,  Jing CHEN

IPC: H04W48/16 ,  H04W12/08 ,  H04W12/04 ,  H04W12/06

CPC classification number: H04W48/16 ,  H04L63/08 ,  H04W8/04 ,  H04W12/04 ,  H04W12/06 ,  H04W12/08 ,  H04W88/06

Abstract: The present application provides an access method, device, and system of UE, and relates to the communications field. The method is performed by a first network device on a 3GPP network, including: receiving, by using a second network device on a non-3GPP network, an access request message from the UE; generating a first NAS verification code according to an identifier of the UE and a NAS security context of the UE stored in the first network device; if the access request message includes a second NAS verification code, detecting whether the second NAS verification code is the same as the first NAS verification code; and if the second NAS verification code is the same as the first NAS verification code, sending an access key of the non-3GPP network to the second network device.

公开(公告)号：US20180176773A1

公开(公告)日：2018-06-21

申请号：US15890900

申请日：2018-02-07

Applicant: HUAWEI TECHNOLOGIES CO. , LTD.

Inventor： Dongmei ZHANG ,  Jing CHEN

IPC: H04W12/04 ,  H04L9/08 ,  H04L29/06 ,  H04W76/14

CPC classification number: H04W12/04 ,  H04L9/0819 ,  H04L63/06 ,  H04L63/061 ,  H04L63/205 ,  H04W76/14

Abstract: Embodiments of the present invention disclose a key exchange method and apparatus, which relate to the communications field, and can enable user equipments establishing a D2D link to share a set of keys, and further, information security can be achieved when a user equipment transmits service data or a signaling message through a Ud interface. A network device acquires a first key, and sends a message including the first key to a second user equipment, so that the second user equipment uses, when communicating with a first user equipment by using a D2D link, the first key to protect transmitted information. Embodiments of the present invention are applicable to an exchange process of keys for protecting data on a D2D link.

公开(公告)号：US20180007599A1

公开(公告)日：2018-01-04

申请号：US15601398

申请日：2017-05-22

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Min HUANG ,  Jing CHEN ,  Aiqin ZHANG ,  Xiaohan LIU

IPC: H04W36/08 ,  H04W12/04 ,  H04W36/00 ,  H04W76/04

CPC classification number: H04W36/08 ,  H04W12/04 ,  H04W36/0038 ,  H04W36/0088 ,  H04W76/27

Abstract: Method, apparatus and systems are provided for key derivation. A target base station receives multiple keys derived by a source base station, where the keys correspond to cells of the target base station. The target base station selects a key corresponding to the target cell after obtaining information regarding a target cell that a user equipment (UE) is to access. An apparatus for key derivation and a communications system are also provided.

公开(公告)号：US20170359719A1

公开(公告)日：2017-12-14

申请号：US15688343

申请日：2017-08-28

Applicant: Huawei Technologies Co., Ltd.

Inventor： Xing LI ,  Zhenzhen LI ,  Jing CHEN

IPC: H04W12/04 ,  H04W12/06 ,  H04L9/08 ,  H04L9/32

CPC classification number: H04W12/04 ,  H04L9/0847 ,  H04L9/3271 ,  H04L63/205 ,  H04L2463/061 ,  H04W12/06 ,  H04W12/0602 ,  H04W12/08 ,  H04W36/0038 ,  H04W36/0066 ,  H04W88/06

Abstract: Embodiments of the invention relate to the communications field, and provide a key generation method, device, and system. The method includes: after receiving a first command, obtaining, by UE located in a first-standard network, a type identifier of a second-standard network that needs to provide a service to the UE, where the first command is a service request response message, or a handover command, or any message in an air interface secure activation process; determining, by the UE, an access key according to the type identifier of the second-standard network, a key of the first-standard network, and a NAS count of the first-standard network by using a preset key derivation algorithm; and generating, by the UE, an AS key of the second-standard network according to the access key. The present invention can resolve problems of relatively long total communication latency and relatively high communication load of a heterogeneous network.

公开(公告)号：US20160014630A1

公开(公告)日：2016-01-14

申请号：US14865770

申请日：2015-09-25

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Yixian XU ,  Jing CHEN ,  Dong ZHAO ,  Lan ZOU

IPC: H04W24/10 ,  H04W76/02 ,  H04W12/02

CPC classification number: H04W12/02 ,  H04W24/10 ,  H04L61/2596 ,  H04L61/6054 ,  H04W8/26 ,  H04W12/00518 ,  H04W76/10 ,  H04W76/11

Abstract: The present invention relates to the field of communications, and in particular, to a processing method for minimization of drive tests, a network device, and a communications system. The method includes: obtaining, by a first network device, a virtual identity, where the virtual identity is corresponding to a real identity of a terminal; and sending, by the first network device, the virtual identity of the terminal performing minimization of drive tests and minimization of drive tests information, where the minimization of drive tests information includes at least one of a minimization of drive tests result and a trace recording session reference. According to the present invention, some measurement results can be mapped to same UE without exposing user privacy.

Abstract translation: 本发明涉及通信领域，特别涉及用于最小化驱动测试，网络设备和通信系统的处理方法。 该方法包括：由第一网络设备获得虚拟身份，虚拟身份与终端的真实身份相对应; 以及由所述第一网络设备发送执行驱动测试的最小化并且最小化驱动测试信息的终端的虚拟身份，其中驱动测试信息的最小化包括驱动测试结果的最小化和跟踪记录会话中的至少一个 参考。 根据本发明，一些测量结果可以映射到相同的UE而不暴露用户隐私。

公开(公告)号：US20150350981A1

公开(公告)日：2015-12-03

申请号：US14824342

申请日：2015-08-12

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Min HUANG ,  Jing CHEN ,  Aiqin ZHANG ,  Xiaohan LIU

IPC: H04W36/08 ,  H04W36/00 ,  H04W76/04 ,  H04W12/04

CPC classification number: H04W36/08 ,  H04W12/04 ,  H04W36/0038 ,  H04W36/0088 ,  H04W76/27

Abstract: A method, an apparatus and a system for key derivation are disclosed. The method includes the following steps: a target base station) receives multiple keys derived by a source base station, where the keys correspond to cells of the target base station; the target base station selects a key corresponding to the target cell after knowing a target cell that a user equipment (UE) wants to access. An apparatus for key derivation and a communications system are also provided.

Abstract translation: 公开了一种用于密钥推导的方法，装置和系统。 该方法包括以下步骤：目标基站）接收由源基站导出的多个密钥，其中密钥对应于目标基站的小区; 目标基站在知道用户设备（UE）想要访问的目标小区之后，选择与目标小区相对应的密钥。 还提供了用于密钥推导的装置和通信系统。

公开(公告)号：US20150208236A1

公开(公告)日：2015-07-23

申请号：US14667099

申请日：2015-03-24

Applicant: Huawei Technologies Co., Ltd.

Inventor： Xiaoying XU ,  Jing CHEN

IPC: H04W12/04 ,  H04W36/00 ,  H04L9/14 ,  H04W36/08

CPC classification number: H04W12/04 ,  H04B1/406 ,  H04L9/14 ,  H04L63/06 ,  H04L63/10 ,  H04L2209/24 ,  H04W12/08 ,  H04W12/10 ,  H04W36/0022 ,  H04W36/0038 ,  H04W36/08 ,  H04W48/18 ,  H04W88/06 ,  H04W88/08

Abstract: Solution for security negotiation during handover of a user equipment (UE) between different radio access technologies are provided. In the solution, the UE receives NAS security information and AS security information which are selected by the target system and then performs security negotiation with the target system according to the received NAS security information and AS security information. As such, the UE may obtain the key parameter information of the NAS and AS selected by a LTE system and perform security negotiation with the LTE system when the UE hands over from a different system, such as a UTRAN, to the LTE system.

Abstract translation: 提供了用于在不同无线电接入技术之间的用户设备（UE）切换期间的安全协商的解决方案。 在该解决方案中，UE接收目标系统选择的NAS安全信息和AS安全信息，然后根据接收的NAS安全信息和AS安全信息，与目标系统进行安全协商。 因此，UE可以获取LTE系统选择的NAS和AS的密钥参数信息，并且当UE从诸如UTRAN的不同系统切换到LTE系统时，与LTE系统进行安全协商。

公开(公告)号：US20150043537A1

公开(公告)日：2015-02-12

申请号：US14526205

申请日：2014-10-28

Applicant: Huawei Technologies Co., Ltd.

Inventor： Jing CHEN ,  Dongmei ZHANG ,  Xiaoying XU

IPC: H04W36/00 ,  H04W12/04

CPC classification number: H04W36/0038 ,  H04W12/04 ,  H04W12/06 ,  H04W36/14

Abstract: Embodiments of the present invention disclose a security processing method and system in a network handover process. The method includes: generating, by a network switching node, a target key after receiving a handover request; sending, by the network switching node, security information including the target key to a target network node, and receiving a handover response message sent by the target network node; and sending, by the network switching node, a handover command to a mobile terminal, so that the mobile terminal accesses a target network. By adopting the present invention, security processing in handover of a mobile terminal from a 3G network to an HSPA network or an LTE network may be completed in a case that the network switching node currently used in the network is not changed.

Abstract translation: 本发明的实施例公开了一种网络切换过程中的安全处理方法和系统。 该方法包括：在接收到切换请求之后，由网络交换节点生成目标密钥; 由所述网络交换节点向所述目标网络节点发送包括所述目标密钥的安全信息，以及接收所述目标网络节点发送的切换响应消息; 以及由网络交换节点向移动终端发送切换命令，使得移动终端接入目标网络。 通过采用本发明，可以在当前在网络中使用的网络交换节点没有改变的情况下完成移动终端从3G网络切换到HSPA网络或LTE网络的安全处理。

公开(公告)号：US20140233735A1

公开(公告)日：2014-08-21

申请号：US14263253

申请日：2014-04-28

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lijia ZHANG ,  Jing CHEN

IPC: H04W12/04

CPC classification number: H04W12/04 ,  H04L9/0656 ,  H04L9/12 ,  H04L63/10 ,  H04L63/104 ,  H04L2209/80 ,  H04W4/70 ,  H04W12/02

Abstract: Embodiments of the present application provide an encryption method, a decryption method, and a related apparatus. The encryption method includes: generating a keystream, where the keystream is used to encrypt a part of data to be encrypted in an initial layer-3 message, and the part of data to be encrypted includes small data; generating, by performing an exclusive OR operation on the keystream and the initial layer-3 message, an initial layer-3 message in which the part of data is encrypted; and sending the initial layer-3 message in which the part of data is encrypted, where the initial layer-3 message includes an added encryption indication, and the encryption indication is used to indicate that the part of data to be encrypted in the initial layer-3 message is encrypted.

Abstract translation: 本申请的实施例提供一种加密方法，解密方法和相关装置。 加密方法包括：生成密钥流，其中密钥流用于加密在初始层3消息中要加密的数据的一部分，并且要加密的部分数据包括小数据; 通过对密钥流和初始层3消息执行异或运算，生成其中部分数据被加密的初始层3消息; 并且发送其中部分数据被加密的初始层3消息，其中初始层3消息包括添加的加密指示，并且加密指示用于指示要在初始层中加密的数据的一部分 -3消息被加密。

公开(公告)号：US20140068709A1

公开(公告)日：2014-03-06

申请号：US14079350

申请日：2013-11-13

Applicant: Huawei Technologies Co., Ltd.

Inventor： Xiaoying XU ,  Jing CHEN

IPC: H04W12/08

CPC classification number: H04W12/04 ,  H04B1/406 ,  H04L9/14 ,  H04L63/06 ,  H04L63/10 ,  H04L2209/24 ,  H04W12/08 ,  H04W12/10 ,  H04W36/0022 ,  H04W36/0038 ,  H04W36/08 ,  H04W48/18 ,  H04W88/06 ,  H04W88/08

Abstract: Solution for security negotiation during handover of a user equipment (UE) between different radio access technologies are provided. In the solution, the UE receives NAS security information and AS security information which are selected by the target system and then performs security negotiation with the target system according to the received NAS security information and AS security information. As such, the UE may obtain the key parameter information of the NAS and AS selected by a LTE system and perform security negotiation with the LTE system when the UE hands over from a different system, such as a UTRAN, to the LTE system.

Abstract translation: 提供了用于在不同无线电接入技术之间的用户设备（UE）切换期间的安全协商的解决方案。 在该解决方案中，UE接收目标系统选择的NAS安全信息和AS安全信息，然后根据接收的NAS安全信息和AS安全信息，与目标系统进行安全协商。 因此，UE可以获取LTE系统选择的NAS和AS的密钥参数信息，并且当UE从诸如UTRAN的不同系统切换到LTE系统时，与LTE系统进行安全协商。