-
公开(公告)号:US20250063357A1
公开(公告)日:2025-02-20
申请号:US18938104
申请日:2024-11-05
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Abstract: An authentication method, a communication apparatus, and a storage medium are provided. The method includes: a first function network element in a home network determines whether a terminal needs to be authenticated; the first function network element obtains an authentication material when the terminal needs to be authenticated; the first function network element obtains a first authentication vector based on the authentication material; and the first function network element sends a first authentication request message to an AMF to trigger authentication on the terminal, wherein the first authentication request message includes the first authentication vector. According to this application, the first function network element in the home network determines to trigger authentication on the terminal.
-
公开(公告)号:US20230397008A1
公开(公告)日:2023-12-07
申请号:US18452579
申请日:2023-08-21
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
CPC classification number: H04W12/10 , H04W36/0038
Abstract: This application provides a communication method and a communication apparatus. The method includes: A session management network element obtains first indication information in a session establishment process of a session in a first network for a terminal device, where the first indication information indicates that user plane integrity protection in a second network is supported. The session management network element sends a first request message to an access and mobility management function network element in the first network based on the first indication information, where the first request message is used to request to assign a bearer identifier of the second network for the session. The session management network element receives a first response message from the access and mobility management function network element, where the first response message includes the bearer identifier.
-
33.发明公开公开(公告)号:US20230337002A1
公开(公告)日:2023-10-19
申请号:US18340651
申请日:2023-06-23
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
IPC: H04W12/37 , H04W12/60 , H04W12/041 , H04W76/15
CPC classification number: H04W12/37 , H04W12/60 , H04W12/041 , H04W76/15 , H04W48/18
Abstract: A security context generation method and apparatus, and a computer-readable storage medium are provided. In the method, a terminal device obtains a first security context for protecting a first communication service of the terminal device, and sends, to a session management function network element, a session request message for requesting to establish a session of a second communication service which is different from the first communication service. The terminal device receives, from the session management function network element a session accept message for completing establishment of the session of the second communication service. The terminal device obtains an additional generation indication and based on the additional generation indication obtains a second security context for protecting the second communication service. According to the present application, different communication services are protected by using different security contexts, so that security of the communication services can be improved.
-
公开(公告)号:US20230086032A1
公开(公告)日:2023-03-23
申请号:US18050977
申请日:2022-10-28
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Longhua Guo , He Li , Rong Wu , Yizhuang Wu
IPC: H04L9/08 , H04L9/14 , H04L67/141
Abstract: This application provides a key management method, a device, and a system. The method includes: A terminal device sends a first application session establishment request message to a first application function network element, where the establishment request message carries identification information of a first key, and the first key is an authentication and key management for applications AKMA key. The terminal device receives a first authentication request message in a procedure of the re-authentication. The terminal device sends a response message for the first authentication request message in the procedure of the re-authentication. The terminal device receives a response message for the establishment request message. The terminal device derives a communication key between the terminal device and the first application function network element by using the first key.
-
公开(公告)号:US11496320B2
公开(公告)日:2022-11-08
申请号:US16803624
申请日:2020-02-27
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Bo Zhang , Lu Gan , Rong Wu , Shuaishuai Tan
Abstract: Embodiments of this application provide a registration method and apparatus based on a service-based architecture. In this method, a management network element determines configuration information of a function network element, where the configuration information includes a security parameter; and the management network element sends the configuration information to the function network element. The function network element receives the configuration information sent by the management network element; and the function network element sends a registration request to a control network element based on the configuration information, where the registration request includes the security parameter. The control network element receives the registration request sent by the function network element, where the registration request includes the security parameter; and the control network element verifies correctness of the security parameter, and determines validity of the registration request based on the correctness of the security parameter.
-
Patent Agency Ranking
公开(公告)号:US11431695B2
公开(公告)日:2022-08-30
申请号:US16814018
申请日:2020-03-10
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Shuaishuai Tan , Lu Gan , Bo Zhang , Rong Wu
IPC: H04L9/40 , H04L9/08 , H04L9/30 , H04L9/32 , H04L47/70 , H04W8/18 , H04W12/06 , H04W12/08 , H04W12/0431
Abstract: An authorization method and a network element are disclosed, to implement a third-party authorization function based on a 5G service-based network architecture. The method is: receiving, by a resource control network element, a resource usage request message sent by a terminal device; replacing a first user identifier in the resource usage request message with a second user identifier; sending an authorization request message carrying the second user identifier to an authorization server by using an NEF; receiving, by using the NEF, an authorization response message sent by the authorization server, where the authorization response message includes an authorization result that is obtained by performing authorization based on the second user identifier and the resource usage request message; and allocating a network resource to the terminal device based on the authorization result, and sending a resource allocation response message to the terminal device.
-
公开(公告)号:US20220210859A1
公开(公告)日:2022-06-30
申请号:US17695140
申请日:2022-03-15
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Longhua Guo , Li Hu , He Li , Rong Wu
Abstract: Embodiments of this application relate to the field of communication technologies, and provide a data transmission method and an apparatus, to ensure security of radio capability information of a terminal in a transmission process. The method includes: A terminal performs NAS security protection on radio capability information based on a NAS security context before establishing an AS security context; then the terminal sends the NAS-security-protected radio capability information to a mobility management network element; and after receiving the NAS-security-protected radio capability information, the mobility management network element performs security deprotection on the NAS-security-protected radio capability information, to obtain and store the radio capability information of the terminal. In this way, in a scenario in which an access network device requires the radio capability information of the terminal, the mobility management network element may send the radio capability information to the access network device.
-
公开(公告)号:US11296877B2
公开(公告)日:2022-04-05
申请号:US16716044
申请日:2019-12-16
Applicant: Huawei Technologies Co., Ltd.
Inventor: Bo Zhang , Lu Gan , Rong Wu , Shuaishuai Tan
Abstract: A discovery method and apparatus based on a service-based architecture, where the method includes a control network element sending a discovery response to a first functional network element, where the discovery response includes a determined security parameter and an access address or an identifier of a second functional network element. The first functional network element receives the discovery response from the control network element, and sends an access request to the second functional network element based on the address or the identifier of the second functional network element, where the access request includes the received security parameter. The second functional network element receives the access request from the first functional network element, verifies correctness of the security parameter, and determines, based on the correctness of the security parameter, whether the access request is authorized by the first functional network element.
-
公开(公告)号:US11228905B2
公开(公告)日:2022-01-18
申请号:US16720673
申请日:2019-12-19
Applicant: Huawei Technologies Co., Ltd.
Inventor: Rong Wu , Lu Gan , Bo Zhang , Shuaishuai Tan
IPC: H04L29/06 , H04W12/041 , H04W36/00 , H04W36/08 , H04W12/04 , H04W12/08 , H04W12/06 , H04W12/033 , H04W12/0431
Abstract: A security implementation method, a related apparatus, and a system, where the method includes receiving, by a first network element, a request for handing over a user equipment from a source access network device to a target access network device to perform communication. The method further includes: obtaining, by the first network element, a security key, where the security key is used for protecting the communication between the user equipment and the target access network device after the user equipment is handed over from the source access network device to the target access network device; and sending, by the first network element, the security key to the target access network device.
-
公开(公告)号:US11218314B2
公开(公告)日:2022-01-04
申请号:US16566018
申请日:2019-09-10
Applicant: Huawei Technologies Co., Ltd.
Inventor: Shuaishuai Tan , Lu Gan , Bo Zhang , Rong Wu
Abstract: A network function service invocation method includes sending, by a first network function network element, a first request message to an authorization network element, wherein the first request message is used to request permission to invoke a first network function service provided by a second network function network element, performing, by the authorization network element, identity authentication on the first network function network element; generating, by the authorization network element, a token when determining that the identity authentication succeeds, wherein the token is used to indicate that the first network function network element has the permission to invoke the first network function service of the second network function network element, and sending, by the authorization network element, a token to the first network function network element.
-
-
-
-
-
-
-
-
-
Search Results
77
records
(took 0.031 seconds)
