-
公开(公告)号:US20190110194A1
公开(公告)日:2019-04-11
申请号:US16206497
申请日:2018-11-30
Applicant: Huawei Technologies Co., Ltd.
Inventor: Hualin Zhu , He Li , Weisheng Jin
Abstract: Embodiments of this application relate to the field of communications technologies, and provide a network connection method and an apparatus. The method carried out by a network control element includes: sending a first connection parameter to a terminal, and sending a second connection parameter to a security node, so that a network connection between the terminal and the security node is established by using the first connection parameter and the second connection parameter, where the first connection parameter is used for decrypting data encrypted by using the second connection parameter, correspondingly, the second connection parameter is used for decrypting data encrypted by using the first connection parameter, and the first connection parameter and the second connection parameter each include a security parameter used when the terminal and the security node establish the network connection.
-
公开(公告)号:US09894110B2
公开(公告)日:2018-02-13
申请号:US15015008
申请日:2016-02-03
Applicant: Huawei Technologies Co., Ltd.
Inventor: He Li , Jinzhou Ye , Ridong Xu , Biao Zhang , Shufeng Shi , Boqiang Luo
CPC classification number: H04L65/1069 , H04L12/1407 , H04L41/0668 , H04L41/0893 , H04L43/10 , H04L65/00 , H04L65/1016 , H04L65/1046 , H04L65/1073 , H04L69/40
Abstract: Embodiments of the present invention disclose a method, a related apparatus, and a system for recovering a called service of a terminal. The method includes: when a called request of a user terminal is received, querying an initial proxy-call session control function (P-CSCF) entity with which the user terminal currently registers; if it is detected that the initial P-CSCF is faulty, selecting an available P-CSCF and sending, to the available P-CSCF, a notification message that carries a redundancy identifier, where the redundancy identifier is used to instruct the available P-CSCF to trigger the user terminal to re-register with the P-CSCF; and when a registration complete message sent by the P-CSCF with which the user terminal re-registers is received, delivering the called request to the re-registered P-CSCF to bear a called service of the user terminal.
-
公开(公告)号:US12273344B2
公开(公告)日:2025-04-08
申请号:US17674607
申请日:2022-02-17
Applicant: Huawei Technologies Co., Ltd.
Abstract: A communication method, apparatus, and system are provided, to resolve problems in a conventional technology that an AKMA authentication procedure is complex and signaling overheads are large. Principles of the method are as follows: In a registration procedure of a terminal device, AKMA authentication is implicitly indicated based on primary authentication. For example, if primary authentication succeeds, it may be considered that AKMA authentication also succeeds. In addition, an AKMA temporary identifier is allocated to the terminal device after AKMA authentication succeeds. According to the method, apparatus, and system in this application, no additional AKMA authentication is required. This simplifies a procedure and reduces signaling overheads.
-
公开(公告)号:US12256005B2
公开(公告)日:2025-03-18
申请号:US17954167
申请日:2022-09-27
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: He Li , Rong Wu , Yizhuang Wu
Abstract: This application provides a communication system, method, and apparatus. The system is applied to implement authentication and key management for applications (AKMA) service-based data transmission between a terminal device and an application function network element. The system includes an AKMA anchor function network element and a network exposure function network element. The network exposure function network element obtains first identification information from a unified data management network element, where the first identification information is used to determine an authentication server function network element corresponding to the terminal device, and sends the first identification information to the AKMA anchor function network element. The AKMA anchor function network element obtains, from the unified data management network element based on the first identification information, identification information of the authentication server function network element corresponding to the terminal device.
-
公开(公告)号:US20250048076A1
公开(公告)日:2025-02-06
申请号:US18922273
申请日:2024-10-21
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: He Li , Rong Wu , Ao Lei , Yizhuang Wu
Abstract: A communication method and apparatus are provided. The method may include: A mobility management network element receives a transaction identifier of a remote terminal device and a name of a data network from a relay terminal device. The mobility management network element determines a subscription permanent identifier of the remote terminal device based on the transaction identifier, and then sends the subscription permanent identifier and the name of the data network to a session management network element. After receiving the subscription permanent identifier and the name of the data network, the session management network element determines, by using a data management network element based on the subscription permanent identifier and the name of the data network, whether to perform secondary authentication on the remote terminal device. Whether to perform secondary authentication on the remote terminal device can be determined by using the provided solution.
-
Patent Agency Ranking
公开(公告)号:US12218983B2
公开(公告)日:2025-02-04
申请号:US16990317
申请日:2020-08-11
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Abstract: Embodiments of this application provide security protection methods and apparatuses. One method includes: obtaining, by a master station, a user plane security policy, wherein the user plane security policy indicates whether to activate a user plane security protection, the master station communicates with a secondary station under a dual connectivity scenario; sending, by the master station, a message comprising the user plane security policy to the secondary station; receiving, by the secondary station, the message from the master station; and determining, by the secondary station, a user plane security algorithm based on the user plane security policy.
-
公开(公告)号:US20240357361A1
公开(公告)日:2024-10-24
申请号:US18759815
申请日:2024-06-29
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Ahmad Shawky Muhanna , He Li , Mazin Ali Al-Shalash
CPC classification number: H04W12/60 , H04L63/205
Abstract: A method and apparatus are provided for delivering user equipment (UE) new radio (NR) security capabilities and mobility management entity interworking. In the embodiments, adding the UE NR security capabilities in a new information element over a non-access stratum (NAS) is compatible with a legacy mobility management entity and eliminate any potential of bidding-down attack and is more advantageous and serves the security solution better. As long as the UE is connected to the long term evolution (LTE) and all UE security capabilities including LTE security capabilities have been replayed correctly and successfully in the NAS security mode command (SMC) message, the UE may not consider the absence of the UE NR security capabilities in the NAS SMC as a security vulnerability.
-
公开(公告)号:US12047781B2
公开(公告)日:2024-07-23
申请号:US17683022
申请日:2022-02-28
Applicant: Huawei Technologies Co., Ltd.
Inventor: Ahmad Shawky Muhanna , He Li , Mazin Ali Al-Shalash
CPC classification number: H04W12/60 , H04L63/205
Abstract: A method and apparatus are provided for delivering user equipment (UE) new radio (NR) security capabilities and mobility management entity interworking. In the embodiments, adding the UE NR security capabilities in a new information element over a non-access stratum (NAS) is compatible with a legacy mobility management entity and eliminate any potential of bidding-down attack and is more advantageous and serves the security solution better. As long as the UE is connected to the long term evolution (LTE) and all UE security capabilities including LTE security capabilities have been replayed correctly and successfully in the NAS security mode command (SMC) message, the UE may not consider the absence of the UE NR security capabilities in the NAS SMC as a security vulnerability.
-
公开(公告)号:US20240179519A1
公开(公告)日:2024-05-30
申请号:US18431568
申请日:2024-02-02
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W12/06 , H04W12/041 , H04W12/0431
CPC classification number: H04W12/06 , H04W12/041 , H04W12/0431
Abstract: Embodiments of this application disclose a communication method and a related apparatus. The method includes: A UDM receives a plurality of authentication vector obtaining request messages from one or more AUSFs for same UE, where the plurality of authentication vector obtaining request messages are for obtaining authentication vectors corresponding to the UE; and the UDM sequentially processes the plurality of authentication vector obtaining request messages, to avoid a problem that subsequently an intermediate key Kausf stored on the UE and an intermediate key Kausf stored on a network device side are out of synchronization because the UE receives a plurality of NAS SMC messages or EAP-Success messages whose receiving time sequence is uncontrollable.
-
公开(公告)号:US20230354013A1
公开(公告)日:2023-11-02
申请号:US18348473
申请日:2023-07-07
Applicant: Huawei Technologies Co., Ltd.
Inventor: He Li , Yizhuang Wu , Rong Wu
Abstract: A method includes: User equipment determines whether confidentiality protection is activated for communication data between the user equipment and an application function device. The user equipment sends a user plane message to the application function device. The user plane message includes an identifier of the user equipment, and the identifier is an encrypted identifier in a case in which the confidentiality protection is inactivated.
-
-
-
-
-
-
-
-
-
Search Results
87
records
(took 0.02 seconds)
