Discovery method and apparatus based on service-based architecture

    公开(公告)号:US11296877B2

    公开(公告)日:2022-04-05

    申请号:US16716044

    申请日:2019-12-16

    Abstract: A discovery method and apparatus based on a service-based architecture, where the method includes a control network element sending a discovery response to a first functional network element, where the discovery response includes a determined security parameter and an access address or an identifier of a second functional network element. The first functional network element receives the discovery response from the control network element, and sends an access request to the second functional network element based on the address or the identifier of the second functional network element, where the access request includes the received security parameter. The second functional network element receives the access request from the first functional network element, verifies correctness of the security parameter, and determines, based on the correctness of the security parameter, whether the access request is authorized by the first functional network element.

    Network function service invocation method, apparatus, and system

    公开(公告)号:US11218314B2

    公开(公告)日:2022-01-04

    申请号:US16566018

    申请日:2019-09-10

    Abstract: A network function service invocation method includes sending, by a first network function network element, a first request message to an authorization network element, wherein the first request message is used to request permission to invoke a first network function service provided by a second network function network element, performing, by the authorization network element, identity authentication on the first network function network element; generating, by the authorization network element, a token when determining that the identity authentication succeeds, wherein the token is used to indicate that the first network function network element has the permission to invoke the first network function service of the second network function network element, and sending, by the authorization network element, a token to the first network function network element.

    Key configuration method, key management center, and network element

    公开(公告)号:US10903987B2

    公开(公告)日:2021-01-26

    申请号:US15978794

    申请日:2018-05-14

    Inventor: Bo Zhang Lu Gan

    Abstract: This application provides a key configuration method and an apparatus. A key management center obtains a service key, and performs encryption and/or integrity protection on the service key to obtain a token. The key management center sends the token to a first network element, the first network element forwards the token to a second network element, and the second network element obtains the service key based on the token. The service key is used to perform encryption and/or integrity protection on data transmitted between the first network element and the second network element. Therefore, security key configuration can be implemented through interaction between the key management center and the network elements, thereby laying a foundation for end-to-end security communication between the first network element and the second network element.

    Service Switching Processing Method, Related Product, and Computer Storage Medium

    公开(公告)号:US20210007018A1

    公开(公告)日:2021-01-07

    申请号:US17029542

    申请日:2020-09-23

    Inventor: Lu Gan

    Abstract: A source mobile edge computing (MEC) platform sends first indication information to an application server (AS) when determining that a target application is to stop processing service data of user equipment (UE), wherein the first indication information indicates that the service data of the UE is to be processed in the AS. The target application is deployed on the source MEC platform to process the service data of the UE. The AS is configured to respond to the first indication information and send a first response message to the source MEC platform, wherein the first response message indicates that the AS is ready to process the service data of the UE.

    COMMUNICATION METHOD, RELATED DEVICE, AND SYSTEM

    公开(公告)号:US20200008041A1

    公开(公告)日:2020-01-02

    申请号:US16569415

    申请日:2019-09-12

    Abstract: Embodiments of the present invention disclose a communication method, a related device, and a system. The system may include a terminal, a first access network node (AN), and a second AN. The first AN is configured to determine that the terminal meets a condition of being handed over from the first AN to the second AN, where a value of a target parameter used for encryption and/or integrity protection when the terminal and the first AN communicate with each other before the terminal is handed over to the second AN is equal to a first reference value. In the system, the first AN may further be configured to send a target message to the second AN to instruct the second AN to obtain a second reference value. The second AN may be configured to obtain the second reference value based on the target message. Furthermore, the terminal may be configured to obtain the second reference value, where the second reference value is used as a value of the target parameter used for encryption and/or integrity protection when the second AN and the terminal communicate with each other. According to the embodiments of the present invention, security performance of the terminal can be improved.

    Method and Apparatus for Detecting Man-In-The-Middle Attack

    公开(公告)号:US20190281070A1

    公开(公告)日:2019-09-12

    申请号:US16422051

    申请日:2019-05-24

    Abstract: A system and method for detecting a man-in-the-middle attack, where the includes sending, by a secondary base station, a first check request message to a master base station, wherein the first check request message comprises first identifier information of an evolved random access bearer (ERAB) and a first data packet count value corresponding to the first identifier information; receiving, by the master base station, the first check request message; obtaining second identifier information that matches the first identifier information, wherein the second identifier information is an identifier of a data radio bearer (DRB) corresponding to the ERAB; sending a second check request message to a user terminal, wherein the second check request message comprises the first data packet count value and the second identifier information; and receiving, by the master base station, a check response message from the user terminal.

    Key negotiation method and Internet of Things (IoT) device

    公开(公告)号:US12155755B2

    公开(公告)日:2024-11-26

    申请号:US17780902

    申请日:2020-11-26

    Abstract: A key negotiation method and an electronic device are provided, and relate to the field of communications technologies. Specifically, the method includes: An IoT control device multicasts, in a first local area network, a discovery message that carries a first public key, and sends a second ciphertext to a first IoT device after receiving a first ciphertext and a second public key. After receiving a third ciphertext from the first IoT device, the IoT control device decrypts the third ciphertext based on a first session key, to obtain a second signature and second session information; verifies the second signature based on a long-term public key of the first IoT device; and performs encrypted communication with the first IoT device based on the first session key after the second signature is successfully verified.

    Control method, apparatus, and system

    公开(公告)号:US12010105B2

    公开(公告)日:2024-06-11

    申请号:US17684820

    申请日:2022-03-02

    Abstract: A first device and a home hub have a same TEE platform, and a second device and the home hub have different TEE platforms. A control method includes the home hub receiving an identity credential of the second device and public key information of the first device from the second device. The home hub controls an IoT device based on the identity credential of the second device. The home hub receives private key information that is of the first device and that is from the first device. The home hub forms an identity credential of the first device based on the public key information of the first device and the private key information of the first device to control the IoT device.

Patent Agency Ranking