公开(公告)号：US20190261167A1

公开(公告)日：2019-08-22

申请号：US16400032

申请日：2019-04-30

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bo ZHANG ,  Lu GAN ,  Rong WU

IPC: H04W12/00 ,  H04W12/04 ,  H04W12/06 ,  H04W12/10 ,  H04L29/06

Abstract: Embodiments of the present invention disclose a data transmission method and a related device and system. The system includes an access network device AN and user equipment UE. The AN is configured to receive a base key sent by a key management device in a core network, where the base key is a key generated from two-way authentication between the UE and the core; the AN and the UE are configured to process the base key according to a preset rule to generate an air interface protection key; the UE is configured to: protect a target field in an uplink protocol data unit PDU by using the air interface protection key; and the AN is configured to parse the target field in the uplink protocol data unit by using the air interface protection key.

公开(公告)号：US20190149329A1

公开(公告)日：2019-05-16

申请号：US16248778

申请日：2019-01-16

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Rong WU ,  Bo ZHANG ,  Lu GAN

IPC: H04L9/08 ,  H04L9/32 ,  H04L29/06 ,  H04L9/14

Abstract: Embodiments of the present invention disclose a network system. The system includes user equipment, a network authentication device, and a service authentication device. The service authentication device is configured to obtain reference information and generate a second shared key with reference to the reference information and a first shared key, where the first shared key is a shared key pre-configured between the user equipment and the service authentication device; the user equipment is configured to obtain the reference information and generate the second shared key with reference to the reference information and the first shared key; the service authentication device is configured to send the second shared key to the network authentication device; and the network authentication device is configured to receive the second shared key, where the second shared key is used by the user equipment and the network authentication device to generate a target shared key.

公开(公告)号：US20180013515A1

公开(公告)日：2018-01-11

申请号：US15712581

申请日：2017-09-22

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Huiming WANG ,  Feng LIU ,  Rong WU

IPC: H04K3/00 ,  H04L25/02 ,  H04W12/02 ,  H04B7/06 ,  H04L25/03 ,  H04L29/06

CPC classification number: H04K3/825 ,  H04B7/0617 ,  H04K3/28 ,  H04L9/001 ,  H04L25/0202 ,  H04L25/03343 ,  H04L63/1475 ,  H04W12/02

Abstract: The present disclosure discloses a signal sending method and device. The method includes: receiving, by a base station, an uplink pilot signal sent by authorized user equipment, and determining a direction vector parameter and a first channel fading parameter of a channel calculating, according to the direction vector parameter and the first channel fading parameter, a first signal beamformer parameter, determining a transmission area of an artificial noise signal according to the direction vector parameter, and calculating a second signal beamformer parameter; and processing a to-be-transmitted signal by using the first signal beamformer parameter and the second signal beamformer parameter, and transmitting the processed signal. In this way, in a non-target direction, energy leakage of the secrecy signal to the authorized user equipment is relatively small, and transmitted artificial noise signals are concentrated in an area with a relatively high secrecy signal leakage risk.

公开(公告)号：US20240422627A1

公开(公告)日：2024-12-19

申请号：US18816065

申请日：2024-08-27

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Longhua GUO ,  Rong WU ,  Valtteri NIEMI

IPC: H04W36/00

Abstract: This application provides a cell handover method and apparatus. The method may include: A terminal device receives a physical layer parameter and system information for a candidate cell, and then measures signal strength of the candidate cell based on the physical layer parameter, and sends a measurement result and signature obtaining indication information and/or signature check result indication information to an access network device, where the signature obtaining indication information indicates whether the system information carries a signature, and the signature check result indication information indicates whether signature check succeeds. In the foregoing solution, the terminal device may indicate, to the access network device, whether the system information for the candidate cell carries the signature and/or whether the signature check of the system information succeeds.

公开(公告)号：US20230396433A1

公开(公告)日：2023-12-07

申请号：US18451935

申请日：2023-08-18

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Longhua GUO ,  Rong WU

IPC: H04L9/08 ,  H04L12/18

CPC classification number: H04L9/0891 ,  H04L9/088 ,  H04L12/185

Abstract: Embodiments of this application provide a key update method and apparatus. The key update method includes: generating a second multicast transmission key, where the second multicast transmission key is an updated key of a first multicast transmission key; and sending a first message, where the first message includes the second multicast transmission key and a multicast group identifier, and the first message indicates to update a multicast transmission key corresponding to the multicast group identifier to the second multicast transmission key. The key update method and apparatus in embodiments of this application can meet a key update requirement in a multicast transmission service, to further protect business interests of a service provider and improve system security.

公开(公告)号：US20230188997A1

公开(公告)日：2023-06-15

申请号：US18164131

申请日：2023-02-03

Applicant: Huawei Technologies Co., Ltd.

Inventor： He LI ,  Rong WU ,  Yizhuang WU

IPC: H04W12/106 ,  H04W12/041 ,  H04W12/63 ,  H04W12/75 ,  H04W12/0431

CPC classification number: H04W12/106 ,  H04W12/041 ,  H04W12/63 ,  H04W12/75 ,  H04W12/0431

Abstract: A secure communication method and apparatus are disclosed, to ensure security of a direct communication between terminal devices. In this application, a first terminal device may receive a key generation parameter from a first network element, where the key generation parameter includes a ProSe temporary identity of the first terminal device. Then, the first terminal device may generate a first discovery key based on the key generation parameter. The first terminal device sends a ProSe request message, where the ProSe request message includes the ProSe temporary identity and a message integrity code, and the message integrity code is generated based on the discovery key. The second terminal device receives the ProSe request message, and verifies the first terminal device based on the message integrity code, to ensure the security of a direct communication between the first terminal device and the second terminal device.

公开(公告)号：US20230188976A1

公开(公告)日：2023-06-15

申请号：US18166140

申请日：2023-02-08

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Longhua GUO ,  He LI ,  Yizhuang WU ,  Rong WU

IPC: H04W12/033 ,  H04W12/106 ,  H04W80/02

CPC classification number: H04W12/033 ,  H04W12/106 ,  H04W80/02

Abstract: Embodiments of this application provide a communication method and an apparatus, to ensure a multicast service data packet transmission security requirement. An access device may determine a user plane security active state of a multicast DRB in a PDU session, and indicate the user plane security active state of the multicast DRB to a terminal, where the user plane security active state includes whether integrity protection is activated and/or whether confidentiality protection is activated. In addition, the access device configures a multicast PDCP layer entity based on the user plane security active state of the DRB for transmitting multicast service data. The access device may further determine a user plane security active state of a unicast DRB, indicate the user plane security active state to the terminal, and modify a unicast PDCP layer entity.

公开(公告)号：US20230179997A1

公开(公告)日：2023-06-08

申请号：US18164697

申请日：2023-02-06

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Ao LEI ,  He LI ,  Yizhuang WU ,  Rong WU

IPC: H04W12/033 ,  H04W12/037

CPC classification number: H04W12/033 ,  H04W12/037

Abstract: A method for determining a user plane security algorithm, a system, and an apparatus. The method may include: a second device selects a non-null user plane confidentiality protection algorithm based on a security capability of a first device and a security capability of the second device in a case in which user plane confidentiality protection between the second device and the first device is enabled and control plane confidentiality protection between the second device and the first device is not enabled. The second device sends a first message to the first device. The first message includes first algorithm indication information indicating the user plane confidentiality protection algorithm. Therefore, the first device can obtain the non-null user plane confidentiality protection algorithm. Embodiments can be adopted to determine an effective user plane confidentiality protection algorithm, for confidentiality protecting user plane data.

公开(公告)号：US20220303763A1

公开(公告)日：2022-09-22

申请号：US17837476

申请日：2022-06-10

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Longhua GUO ,  He LI ,  Rong WU

IPC: H04W12/03

Abstract: This application provides a communication method, apparatus, and system. The method includes: After a second node sends first indication information to a first node by using a message that is not security protected, the first node may request an IAB donor node to verify whether the first indication information is trustworthy, so that the first node performs a subsequent operation based on a verification result of the IAB donor node. This can eliminate a security risk in a communication process, and help improve communication quality.

公开(公告)号：US20210289359A1

公开(公告)日：2021-09-16

申请号：US17336650

申请日：2021-06-02

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bo ZHANG ,  Rong WU ,  Lu GAN

IPC: H04W12/37 ,  H04L29/06 ,  H04L9/08 ,  H04W12/0431 ,  H04W12/10

Abstract: This application provides a key configuration method. A session management network element receives a request for end-to-end communication and obtains a security policy, where the security policy is determined based on at least one of: a user security requirement that is of the user equipment and that is preconfigured on a home subscriber server, a service security requirement from the user equipment, a security capability requirement supported by the user equipment, a security capability requirement from a carrier network, and a security requirement of a device on the other end of the end-to-end communication. The session management network element obtains a protection key used for protecting the end-to-end communication. The session management network element sends the security policy to the devices on two ends of the end-to-end communication.