公开(公告)号：US20200007335A1

公开(公告)日：2020-01-02

申请号：US16566018

申请日：2019-09-10

Applicant: Huawei Technologies Co., Ltd.

Inventor： Shuaishuai Tan ,  Lu Gan ,  Bo Zhang ,  Rong Wu

IPC: H04L9/32 ,  H04L29/06

Abstract: A network function service invocation method includes sending, by a first network function network element, a first request message to an authorization network element, wherein the first request message is used to request permission to invoke a first network function service provided by a second network function network element, performing, by the authorization network element, identity authentication on the first network function network element; generating, by the authorization network element, a token when determining that the identity authentication succeeds, wherein the token is used to indicate that the first network function network element has the permission to invoke the first network function service of the second network function network element, and sending, by the authorization network element, a token to the first network function network element.

公开(公告)号：US20190297494A1

公开(公告)日：2019-09-26

申请号：US16441598

申请日：2019-06-14

Applicant: Huawei Technologies Co., Ltd.

Inventor： Rong Wu ,  Bo Zhang ,  Lu Gan

IPC: H04W12/04 ,  H04W8/08 ,  H04W76/25 ,  H04W88/02 ,  H04W80/10 ,  H04W76/11

Abstract: An anchor key generation method, device, and system, where the method includes generating, by a unified data management network element (UDM), an intermediate key based on a cipher key (CK), an integrity key (IK), and indication information regarding an operator; sending, by the UDM, the intermediate key to an authentication server function (AUSF); receiving, by the AUSF, the intermediate key; generating, by the AUSF, an anchor key based on the intermediate key; sending, by the AUSF, the anchor key to a security anchor function (SEAF); and generating, by the SEAF, a key (Kamf) based on the anchor key, where the Kamf is used to derive a 3rd Generation Partnership Project (3GPP) key.

公开(公告)号：US20180270210A1

公开(公告)日：2018-09-20

申请号：US15977787

申请日：2018-05-11

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lu Gan ,  Bo Zhang

IPC: H04L29/06 ,  H04L9/08 ,  H04W12/04 ,  H04W12/06 ,  H04W12/10

CPC classification number: H04L63/061 ,  H04L9/0844 ,  H04L9/0869 ,  H04L29/06 ,  H04L63/0457 ,  H04L63/1475 ,  H04L2209/80 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06 ,  H04W12/10 ,  H04W12/12

Abstract: An embodiment method includes: obtaining, by a first key management system, a shared key of a first network element, where the shared key of the first network element is generated according to a key parameter obtained after the first network element performs authentication or a root key of the first network element; obtaining a service key, where the service key is used to perform encryption and/or integrity protection on communication data in a first service between the first network element and a second network element; performing encryption and/or integrity protection on the service key by using the shared key of the first network element, to generate a first security protection parameter; and sending the first security protection parameter to the first network element.