公开(公告)号：US20200029217A1

公开(公告)日：2020-01-23

申请号：US16588599

申请日：2019-09-30

Applicant: Huawei Technologies Co., Ltd.

Inventor： Jing Chen ,  Kai Pan ,  He Li

IPC: H04W12/06 ,  H04L29/06 ,  H04L29/08 ,  H04W12/08 ,  H04W76/11 ,  H04W8/18

Abstract: This application provides a user authentication method and an apparatus. Before establishing, for a terminal device, a session used to transmit service data, an SMF entity receives a session establishment request message; determines, based on the session establishment request message, to perform user authentication on a user using the terminal device; and sends a session establishment message to a UPF entity, where the session establishment message is used to establish a first session for the terminal device, and a session attribute of the first session is: a session used to transmit only a user authentication message. Subsequently, the terminal device and an AAA server transmit the user authentication message through the first session, to complete user authentication.

公开(公告)号：US11989284B2

公开(公告)日：2024-05-21

申请号：US17066902

申请日：2020-10-09

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yong Wang ,  Kai Pan ,  Cuili Ge ,  Jing Chen

IPC: G06F21/54 ,  G06F9/54 ,  G06F21/51 ,  H04L67/133

CPC classification number: G06F21/54 ,  G06F9/547 ,  G06F21/51 ,  H04L67/133

Abstract: A service application programming interface (API) invoking method where a security method applied to an API exposing function entity is updated from an original security method to a new security method, and where the security method of the API exposing function entity is used for communication between the API exposing function entity and an invoker. The method includes: obtaining, by the invoker, a new security method of the API exposing function entity; and sending, by the invoker, a first invoking request to the API exposing function entity using the new security method, where the first invoking request includes a name of a service API, and where the first invoking request is used to invoke the service API.

公开(公告)号：US11503469B2

公开(公告)日：2022-11-15

申请号：US16588599

申请日：2019-09-30

Applicant: Huawei Technologies Co., Ltd.

Inventor： Jing Chen ,  Kai Pan ,  He Li

IPC: H04W12/06 ,  H04W76/11 ,  H04L67/141 ,  H04W8/18 ,  H04W12/069 ,  H04W12/084 ,  H04L9/40

Abstract: This application provides a user authentication method and an apparatus. Before establishing, for a terminal device, a session used to transmit service data, an SMF entity receives a session establishment request message; determines, based on the session establishment request message, to perform user authentication on a user using the terminal device; and sends a session establishment message to a UPF entity, where the session establishment message is used to establish a first session for the terminal device, and a session attribute of the first session is: a session used to transmit only a user authentication message. Subsequently, the terminal device and an AAA server transmit the user authentication message through the first session, to complete user authentication.

公开(公告)号：US20220311602A1

公开(公告)日：2022-09-29

申请号：US17842388

申请日：2022-06-16

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Kai Pan ,  Jing Chen

IPC: H04L9/08 ,  H04L9/32

Abstract: The present disclosure provides example terminal devices, road side units, and servers. One example terminal device performs operations including sending certificate request information to a certificate authority server, where the certificate request information includes identity information of the terminal device. A communication key sent by the certificate authority server is received by the terminal device. Encrypted information that is sent by a road side unit is received by the terminal device, where the encrypted information is information encrypted by using the communication key. The encrypted broadcast information is decrypted by the terminal device by using the communication key.

公开(公告)号：US20210067954A1

公开(公告)日：2021-03-04

申请号：US17023748

申请日：2020-09-17

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Li Hu ,  Jing Chen ,  He Li ,  Kai Pan

IPC: H04W12/00 ,  H04L29/06 ,  H04W8/20 ,  H04W12/06

Abstract: The present disclosure discloses a communication method performed by a management function entity, including: receiving a first request message sent by user equipment UE; sending a second request message to a storage function entity based on the first request message, where the second request message is used to request a security service identifier for the UE, and the security service identifier is used to indicate a security service procedure; receiving a response message including the security service identifier from the storage function entity; obtaining a target security service identifier based on the security service identifier, where the target security service identifier is used to indicate a security service procedure to be initiated by the management function entity; and initiating the security service procedure indicated by the target security service identifier. The present disclosure further discloses a communications device.

公开(公告)号：US10904750B2

公开(公告)日：2021-01-26

申请号：US16383087

申请日：2019-04-12

Applicant: Huawei Technologies Co., Ltd.

Inventor： Jing Chen ,  Kai Pan ,  He Li

IPC: H04W8/08 ,  H04W12/04 ,  H04W76/25 ,  H04W12/06 ,  H04W60/00 ,  H04W76/11

Abstract: In a method for security handling in a mobility of a terminal device, a target access and mobility management function (AMF) entity receives a first message for registering a terminal device, sends a second message to a source AMF entity after receiving the first message. The source AMF entity derives a first key based on a key between the source AMF entity and the terminal device, sends the first key to the target AMF entity. The target AMF entity determines to use the first key based on security related information after receiving the first key and determines a communication key between the target AMF entity and the terminal device based on the first key after determining to use the first key.

公开(公告)号：US10805793B2

公开(公告)日：2020-10-13

申请号：US16585978

申请日：2019-09-27

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Li Hu ,  Jing Chen ,  He Li ,  Kai Pan

IPC: H04W12/06 ,  H04W12/00 ,  H04L29/06 ,  H04W8/20

Abstract: The present disclosure discloses a communication method performed by a management function entity, including: receiving a first request message sent by user equipment UE; sending a second request message to a storage function entity based on the first request message, where the second request message is used to request a security service identifier for the UE, and the security service identifier is used to indicate a security service procedure; receiving a response message including the security service identifier from the storage function entity; obtaining a target security service identifier based on the security service identifier, where the target security service identifier is used to indicate a security service procedure to be initiated by the management function entity; and initiating the security service procedure indicated by the target security service identifier. The present disclosure further discloses a communications device.

公开(公告)号：US20190268753A1

公开(公告)日：2019-08-29

申请号：US16383087

申请日：2019-04-12

Applicant: Huawei Technologies Co., Ltd.

Inventor： Jing Chen ,  Kai Pan ,  He Li

IPC: H04W8/08 ,  H04W60/00 ,  H04W76/11 ,  H04W12/04 ,  H04W76/25 ,  H04W12/06

Abstract: In a method for security handling in a mobility of a terminal device; a target access and mobility management function (AMF) entity receives a first message for registering a terminal device, sends a second message to a source AMF entity after receiving the first message. The source AMF entity derives a first key based on a key between the source AMF entity and the terminal device, sends the first key to the target AMF entity. The target AMF entity determines to use the first key based on security related information after receiving the first key and determines a communication key between the target AMF entity and the terminal device based on the first key after determining to use the first key.

公开(公告)号：US20240137224A1

公开(公告)日：2024-04-25

申请号：US18400283

申请日：2023-12-29

Applicant: Huawei Technologies Co., Ltd.

Inventor： Kai Pan ,  Miao Yang ,  Mingchao Li

IPC: H04L9/32 ,  H04L9/06 ,  H04L9/14

CPC classification number: H04L9/3242 ,  H04L9/0618 ,  H04L9/14

Abstract: In a communication method, when MAC addresses in a plurality of VSI messages conflict, in response to only some of the VSI messages, a VSI message receiving end sends an action response message carrying a conflicting MAC address. In this way, a device that can correctly decrypt the action response message can decrypt, for a few times, ciphertext information in received action-request messages using a key of the device.

公开(公告)号：US11678187B2

公开(公告)日：2023-06-13

申请号：US17089216

申请日：2020-11-04

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Li Hu ,  Jing Chen ,  Kai Pan

IPC: H04W12/08 ,  H04W12/71 ,  H04W48/02 ,  H04L9/06

CPC classification number: H04W12/08 ,  H04W12/71 ,  H04W48/02 ,  H04L9/0643

Abstract: This application provides a method for restricting access of a terminal device, and an apparatus. The method includes: receiving, by an access network device, a first identifier that is from a terminal device, where the first identifier is used to identify the terminal device; and if the first identifier matches a second identifier, restricting, by the access network device, access of the terminal device, where the second identifier is used to identify a terminal device having abnormal behavior. Based on the solution, the access network device pre-records the second identifier of the terminal device having the abnormal behavior.