公开(公告)号：US20170295153A1

公开(公告)日：2017-10-12

申请号：US15632162

申请日：2017-06-23

Applicant: Huawei Technologies Co., Ltd.

Inventor： Tao Zhang ,  Bo Lin ,  Dongmei Zhang

IPC: H04L29/06 ,  H04W12/12 ,  H04W12/06 ,  H04L12/24

CPC classification number: H04L63/062 ,  H04L9/3226 ,  H04L41/0813 ,  H04L63/1441 ,  H04L63/1466 ,  H04L63/205 ,  H04W12/04 ,  H04W12/06 ,  H04W12/10 ,  H04W12/12 ,  H04W24/02 ,  H04W72/0406 ,  H04W92/10

Abstract: The present invention relates to a reconfiguration method and a terminal for receiving reconfiguration information (including an encryption algorithm) sent by a primary base station, updating a local key according to the received encryption algorithm and using the received encryption algorithm and the updated key to communicate with the secondary base station, and further sending reconfiguration complete information to the primary base station.

公开(公告)号：US09736125B2

公开(公告)日：2017-08-15

申请号：US14304073

申请日：2014-06-13

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Dongmei Zhang ,  Jing Chen ,  Yang Cui

IPC: H04L9/08 ,  H04L29/06 ,  H04W12/04 ,  H04W88/06 ,  H04W88/10 ,  H04W76/02

CPC classification number: H04L63/0485 ,  H04L2463/061 ,  H04W12/04 ,  H04W76/15 ,  H04W88/06 ,  H04W88/10

Abstract: In the communications system, a user equipment UE accesses a core network via a first network-side device by using a first air interface and connects to the first network-side device via a second network-side device by using a second air interface to access the core network. The method includes: acquiring, by the network-side device, an input parameter; calculating, by the network-side device, an access stratum root key KeNB* according to the input parameter and an access stratum root key KeNB on the first air interface, or using, by the network-side device, the KeNB as the KeNB*; and generating, by the second network-side device, an access stratum key on the second air interface according to the KeNB*, or sending, by the first network-side device, the KeNB* to the second network-side device.

公开(公告)号：US09215700B2

公开(公告)日：2015-12-15

申请号：US14603068

申请日：2015-01-22

Applicant: Huawei Technologies Co., Ltd.

Inventor： Tao Zhang ,  Bo Lin ,  Dongmei Zhang

IPC: H04W72/02 ,  H04W72/04 ,  H04L9/32 ,  H04W12/10

CPC classification number: H04L63/062 ,  H04L9/3226 ,  H04L41/0813 ,  H04L63/1441 ,  H04L63/1466 ,  H04L63/205 ,  H04W12/04 ,  H04W12/06 ,  H04W12/10 ,  H04W12/12 ,  H04W24/02 ,  H04W72/0406 ,  H04W92/10

Abstract: The present invention relates to a counter check and reconfiguration method, apparatus, and system. The method includes: sending a second identity information and a second count information to a terminal, so that the terminal compares, according to the second identity information, the second count information with third count information maintained by the terminal itself to obtain first comparison result information or second comparison result information; receiving the first comparison result information sent by the terminal, or the second identity information and second comparison result information sent by the terminal; and determining counter check result information according to the received first comparison result information, or the received second identity information and second comparison result information. Thereby, the present invention implements a counter check process and a reconfiguration process in a network architecture in which a primary base station is separated from a secondary base station.

Abstract translation: 本发明涉及一种计数器检查和重新配置方法，装置和系统。 该方法包括：向终端发送第二身份信息和第二计数信息，使得终端根据第二身份信息将第二计数信息与由终端本身维护的第三计数信息进行比较，以获得第一比较结果信息 或第二比较结果信息; 接收由终端发送的第一比较结果信息，或者由终端发送的第二身份信息和第二比较结果信息; 以及根据接收到的第一比较结果信息或所接收的第二身份信息和第二比较结果信息来确定计数器检查结果信息。 因此，本发明在主基站与二次基站分离的网络架构中实现计数器检查处理和重新配置处理。

公开(公告)号：US08989381B2

公开(公告)日：2015-03-24

申请号：US13871900

申请日：2013-04-26

Applicant: Huawei Technologies Co., Ltd.

Inventor： Dongmei Zhang ,  Jing Chen ,  Lijia Zhang ,  Zhuo Chen

IPC: H04K1/00 ,  H04W12/08 ,  H04W12/02 ,  H04W12/10 ,  H04L29/06 ,  H04W84/04 ,  H04W92/20

CPC classification number: H04W12/10 ,  H04L9/14 ,  H04L63/205 ,  H04W12/02 ,  H04W12/08 ,  H04W84/047 ,  H04W92/20

Abstract: A method and an apparatus for protecting data carried on an Un interface between a eNB and a relay node are disclosed. Three types of radio bearers (RBs) are defined over the Un interface: signaling radio bearers (SRBs) for carrying control plane signaling data, signaling-data radio bearers (s-DRBs) for carrying control plane signaling date; and data-data radio bearers (d-DRBs) for carrying user plane data. An integrity protection algorithm and an encryption algorithm are negotiated for control plane signaling data on an SRB, control plane signaling data carried on an s-DRB, and user plane data carried on a d-DRB. With the respective integrity protection algorithm and encryption algorithm, the data over the Un interface can be protected respectively. Therefore, the security protection on the Un interface is more comprehensive, and the security protection requirements of data borne over different RBs can be met.

Abstract translation: 公开了一种用于保护在eNB和中继节点之间的Un接口上承载的数据的方法和装置。 在Un接口上定义了三种类型的无线承载（RB）：用于承载控制平面信令数据的信令无线电承载（SRB），用于承载控制平面信令日期的信令数据无线电承载（s-DRB）; 和用于承载用户平面数据的数据数据无线电承载（d-DRB）。 协调SRB上的控制平面信令数据，s-DRB上承载的控制平面信令数据和d-DRB上携带的用户平面数据的完整性保护算法和加密算法。 通过各自的完整性保护算法和加密算法，可以分别保护Un接口上的数据。 因此，Un接口的安全保护更全面，可以满足不同RB承载的数据的安全保护要求。

公开(公告)号：US20130310006A1

公开(公告)日：2013-11-21

申请号：US13952985

申请日：2013-07-29

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Xinyi CHEN ,  Dongmei Zhang ,  Lijia Zhang ,  Xiaohan Liu

IPC: H04W12/04

CPC classification number: H04W12/04 ,  H04L63/061 ,  H04L2463/061 ,  H04W88/12

Abstract: A method and a device for key generation are disclosed in embodiments of the present invention. The method for key generation is applied to a UMTS-LTE resource convergence scenario that has a base station as an anchor point, and includes: deriving, according to a root key and a count value of an LTE system, or according to a random number and an LTE system root key, a UMTS integrity key and cipher key, and sending the UMTS integrity key and cipher key to a UMTS control node. The embodiments of the present invention enable the derivation of the UMTS integrity key and cipher key in a UMTS-LTE resource convergence scenario that has a base station as an anchor point, enable a user equipment to communicate securely through a UMTS, and further improve security of data transmitted in the UMTS.

Abstract translation: 在本发明的实施例中公开了用于密钥生成的方法和装置。 用于密钥生成的方法应用于以基站为锚点的UMTS-LTE资源汇聚场景，包括：根据根密钥和LTE系统的计数值，根据随机数 以及LTE系统根密钥，UMTS完整性密钥和密码密钥，并将UMTS完整性密钥和加密密钥发送到UMTS控制节点。 本发明的实施例能够在具有基站作为锚点的UMTS-LTE资源汇聚场景中导出UMTS完整性密钥和加密密钥，使得用户设备能够通过UMTS安全地通信，并进一步提高安全性 的在UMTS中发送的数据。