Key Generation Method, Master eNodeB, Secondary eNodeB and User Equipment
    12.
    发明申请
    Key Generation Method, Master eNodeB, Secondary eNodeB and User Equipment 审中-公开
    密钥生成方法,主eNodeB,辅助eNodeB和用户设备

    公开(公告)号:US20170005795A1

    公开(公告)日:2017-01-05

    申请号:US15268808

    申请日:2016-09-19

    Abstract: The present disclosure relates to a key generation method, a master eNodeB, a secondary eNodeB, and UE. The key generation method includes: determining a key parameter corresponding to a data radio bearer DRB; sending the key parameter to UE corresponding to the DRB, so that the UE generates a user plane key according to the key parameter and a basic key generated by the UE; receiving a basic key generated by a master eNodeB and sent by the master eNodeB; and generating the user plane key according to the key parameter and the basic key generated by the master eNodeB.

    Abstract translation: 本公开涉及密钥生成方法,主eNodeB,辅助eNodeB和UE。 密钥生成方法包括:确定与数据无线承载DRB对应的密钥参数; 向与所述DRB相对应的UE发送所述密钥参数,使得所述UE根据所述密钥参数和所述UE生成的基本密钥生成用户平面密钥; 接收由主eNodeB产生并由主机eNodeB发送的基本密钥; 以及根据由主eNodeB产生的密钥参数和基本密钥生成用户平面密钥。

    Discovery method and apparatus based on service-based architecture

    公开(公告)号:US11824981B2

    公开(公告)日:2023-11-21

    申请号:US17696093

    申请日:2022-03-16

    CPC classification number: H04L9/088 H04L9/3247 H04L63/0435 H04W12/06

    Abstract: A discovery method and apparatus based on a service-based architecture, where the method includes a control network element sending a discovery response to a first functional network element, where the discovery response includes a determined security parameter and an access address or an identifier of a second functional network element. The first functional network element receives the discovery response from the control network element, and sends an access request to the second functional network element based on the address or the identifier of the second functional network element, where the access request includes the received security parameter. The second functional network element receives the access request from the first functional network element, verifies correctness of the security parameter, and determines, based on the correctness of the security parameter, whether the access request is authorized by the first functional network element.

    IoT Device and IoT Device Authorization Method

    公开(公告)号:US20230336994A1

    公开(公告)日:2023-10-19

    申请号:US18043463

    申请日:2021-07-26

    Inventor: Lu Gan

    CPC classification number: H04W12/08 H04W12/0431 H04W12/40

    Abstract: An Internet of Things (IoT) authorization method includes an IoT device that wirelessly communicates with a first electronic device and a second electronic device. A transmit distance of the second antenna is less than a transmit distance of the first antenna. When instructions stored in the memory are executed by the processor, the IoT device is configured to receive a first message indicating to add a shared control device for the IoT device; send, through the second antenna, a second message including device information of the IoT device; receive, in response to the second message, a third message including device information of the second electronic device; and send, through the first antenna, a fourth message including the device information of the second electronic device to the first electronic device.

    Discovery Method and Apparatus Based on Service-Based Architecture

    公开(公告)号:US20220278831A1

    公开(公告)日:2022-09-01

    申请号:US17696093

    申请日:2022-03-16

    Abstract: A discovery method and apparatus based on a service-based architecture, where the method includes a control network element sending a discovery response to a first functional network element, where the discovery response includes a determined security parameter and an access address or an identifier of a second functional network element. The first functional network element receives the discovery response from the control network element, and sends an access request to the second functional network element based on the address or the identifier of the second functional network element, where the access request includes the received security parameter. The second functional network element receives the access request from the first functional network element, verifies correctness of the security parameter, and determines, based on the correctness of the security parameter, whether the access request is authorized by the first functional network element.

    Control Method, Apparatus, and System

    公开(公告)号:US20220272077A1

    公开(公告)日:2022-08-25

    申请号:US17684820

    申请日:2022-03-02

    Abstract: A first device and a home hub have a same TEE platform, and a second device and the home hub have different TEE platforms. A control method includes the home hub receiving an identity credential of the second device and public key information of the first device from the second device. The home hub controls an IoT device based on the identity credential of the second device. The home hub receives private key information that is of the first device and that is from the first device. The home hub forms an identity credential of the first device based on the public key information of the first device and the private key information of the first device to control the IoT device.

    Network authentication method, and related device and system

    公开(公告)号:US11075752B2

    公开(公告)日:2021-07-27

    申请号:US16248778

    申请日:2019-01-16

    Inventor: Rong Wu Bo Zhang Lu Gan

    Abstract: Embodiments of the present invention disclose a network system. The system includes user equipment, a network authentication device, and a service authentication device. The service authentication device is configured to obtain reference information and generate a second shared key with reference to the reference information and a first shared key, where the first shared key is a shared key pre-configured between the user equipment and the service authentication device; the user equipment is configured to obtain the reference information and generate the second shared key with reference to the reference information and the first shared key; the service authentication device is configured to send the second shared key to the network authentication device; and the network authentication device is configured to receive the second shared key, where the second shared key is used by the user equipment and the network authentication device to generate a target shared key.

    Security implementation method, device, and system

    公开(公告)号:US11025597B2

    公开(公告)日:2021-06-01

    申请号:US16521171

    申请日:2019-07-24

    Inventor: Bo Zhang Rong Wu Lu Gan

    Abstract: A security implementation method includes obtaining, by a first device, a security policy of a session and at least one key, and sending, by the first device, protected data to a second device, where the protected data is obtained by protecting security of session data of the session using the at least one key based on the security policy of the session, and the second device is configured to restore the protected data using the at least one key based on the security policy to obtain the session data, where when the first device is a terminal device, the second device is an access network node or a user plane node, or when the first device is an access network node or a user plane node, the second device is a terminal device.

    Network handover protection method, related device, and system

    公开(公告)号:US10959091B2

    公开(公告)日:2021-03-23

    申请号:US16351254

    申请日:2019-03-12

    Inventor: Rong Wu Bo Zhang Lu Gan

    Abstract: A method includes: receiving, by a session management device, a path switching request used to request to hand over user equipment UE from a source network to a target network; obtaining a target security policy based on the path switching request, and obtaining a second shared key generated based on a first shared key and the target security policy, and sending the second shared key to a target gateway; and sending, by the session management device, the second shared key to the UE; or sending the target security policy to the UE, so that the UE generates the second shared key based on the first shared key and the target security policy, where the second shared key is used to perform end-to-end protection on secure data transmission between the UE and the target gateway.

Patent Agency Ranking