公开(公告)号：US20130086259A1

公开(公告)日：2013-04-04

申请号：US13673536

申请日：2012-11-09

Applicant: Huawei Technologies Co., Ltd.

Inventor： Zhouyi Yu ,  Tianfu Fu ,  Yan Li

IPC: G06F15/173

CPC classification number: H04L12/66 ,  H04L12/2872 ,  H04L12/6418 ,  H04L61/2015 ,  H04L61/2514

Abstract: Embodiments of the present invention relate to a method for acquiring an IP address and a network access device. The method includes: after receiving a first IP address acquiring message from a first network, assigning a first IP address to the first network by using a process and associating an identifier of the first network with a first session, so that the network access device is capable of mapping the first IP address to a first private network IP address and sending the same to the first network, thereby avoiding the problem of complex implementation in the prior art resulted from a process where a gateway configured for a family network or an enterprise network needs to initiate an IPoE dial-up process. In this way, the gateway configured for the family network or the enterprise network is simplified, operation and maintenance costs are reduced, and flat networks are further implemented.

Abstract translation: 本发明的实施例涉及一种用于获取IP地址和网络接入设备的方法。 该方法包括：在从第一网络接收到第一IP地址获取消息之后，通过使用处理并将第一网络的标识符与第一会话相关联来向第一网络分配第一IP地址，使得网络接入设备 能够将第一IP地址映射到第一专用网络IP地址并将其发送到第一网络，从而避免了现有技术中由配置用于家庭网络或企业网络的网关的过程导致的复杂实现的问题 需要启动IPoE拨号过程。 以这种方式，为家庭网络或企业网络配置的网关简化，降低了运营和维护成本，进一步实现了平面网络。

公开(公告)号：US11451531B2

公开(公告)日：2022-09-20

申请号：US16456706

申请日：2019-06-28

Applicant: Huawei Technologies Co., Ltd.

Inventor： Dacheng Zhang ,  Tianfu Fu ,  Chong Zhou

IPC: H04L9/40 ,  H04L9/32

Abstract: A certificate obtaining method, an authentication method, and a network device, where a certificate is used for permission authentication when an application APP accesses an application programming interface (API) of a controller. The certificate includes one or more of: (a) information about operation permission of the APP on N application programming interfaces APIs of the controller, (b) identifiers of L APIs that are of the N APIs and that the APP has permission to operate, or (c) identifiers of R APIs that are of the N APIs and that the APP does not have permission to operate.

公开(公告)号：US20200374696A1

公开(公告)日：2020-11-26

申请号：US16990528

申请日：2020-08-11

Applicant: Huawei Technologies Co., Ltd.

Inventor： Chong Zhou ,  Tianfu Fu ,  Dacheng Zhang ,  Jianxiong Wei

IPC: H04W12/00 ,  H04W12/04 ,  H04L9/32 ,  H04L9/08 ,  H04W12/06

Abstract: A device identifier (ID) obtaining method, a terminal, and a network device, where the method includes sending, by a terminal to a network device, a first message used to obtain a device ID, where the device ID is used to globally identify the terminal uniquely, receiving, by the terminal, an encrypted key pair sent by the network device, where the key pair includes a first public key and a first private key, receiving, by the terminal, information sent by the network device, where the information is used to identify that the first public key is the device ID of the terminal, and determining, by the terminal, that the first public key is the device ID.

公开(公告)号：US10713352B2

公开(公告)日：2020-07-14

申请号：US15461244

申请日：2017-03-16

Applicant: Huawei Technologies Co., Ltd.

Inventor： Chong Zhou ,  Tianfu Fu

IPC: G06F21/57 ,  G06F21/52 ,  G06F21/55

Abstract: A method and an apparatus for trusted measurement, where the method includes: obtaining a first processing result by performing a first-manner processing on a code segment, and using a result obtained by performing a second-manner processing on the first processing result as a reference value; obtaining, at a first moment when the system is running, a second processing result by performing the first-manner processing on the code segment, and obtaining a first measurement value by performing the second-manner processing on the second processing result; and determining whether the first measurement value and the reference value are equal, and when the first measurement value and the reference value are equal, the system is trusted, where the code segment in the memory is a code segment that does not change with normal running of the system during one start-up and a running process of the system.

公开(公告)号：US20180278632A1

公开(公告)日：2018-09-27

申请号：US15993485

申请日：2018-05-30

Applicant: Huawei Technologies Co., Ltd.

Inventor： Tianfu Fu ,  Chong Zhou ,  Ziyi Liu

IPC: H04L29/06

CPC classification number: H04L63/1416 ,  H04L29/06 ,  H04L63/1425 ,  H04L63/1458

Abstract: This application relates to the field of network security technologies, and provides a method and a device for detecting a network attack. The method includes: collecting characteristic information of each of N sessions in a network, where N is an integer greater than 1; obtaining a statistical result, where the statistical result is a result obtained by collecting statistics on the characteristic information of the N sessions by using each of the N sessions as a sampling unit and by using the characteristic information as a sample value; and when a difference between the statistical result and a reference result exceeds a preset condition, determining the network is under a network attack. According to this application, a session-type network attack can be effectively detected because instead of a packet, a session is used as a sampling unit.