-
公开(公告)号:US20230239693A1
公开(公告)日:2023-07-27
申请号:US18160118
申请日:2023-01-26
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
IPC: H04W12/069 , H04W12/106
CPC classification number: H04W12/069 , H04W12/106
Abstract: An association control method and a related apparatus are provided and are applied to short-range communication. The method includes: determining that an identity of a second node is trusted; sending a first authentication request to the second node, where the first authentication request includes first identity authentication information generated based on a shared key; receiving a first authentication response from the second node, where the first authentication response includes second identity authentication information; performing verification on the second identity authentication information based on the shared key; and updating a first authentication failure counter if the verification fails. This can prevent a node from establishing an association with an unauthorized attacker, and protect data security of the node.
-
公开(公告)号:US11706618B2
公开(公告)日:2023-07-18
申请号:US16678314
申请日:2019-11-08
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Abstract: A data packet verification method and a device improve network security. The method includes: receiving a data packet of a terminal device, where the data packet carries a first token and a service identifier, and the service identifier is used to indicate a type of a service to which the data packet belongs; obtaining first input information based on the data packet, and generating a second token based on the first input information, where the first input information includes an identifier of the terminal device and the service identifier carried in the data packet; and sending the data packet when the first token is the same as the second token.
-
公开(公告)号:US20230171602A1
公开(公告)日:2023-06-01
申请号:US18157594
申请日:2023-01-20
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W12/106
CPC classification number: H04W12/106
Abstract: A communication method includes receiving an association request message, where the association request message includes information about a security algorithm supported by a second node, determining a target security algorithm of a signaling plane and a target MAC length of the signaling plane according to a first algorithm selection policy, where the target security algorithm of the signaling plane belongs to a set of security algorithms indicated by the information about the security algorithm supported by the second node, and generating a first MAC by using the target security algorithm of the signaling plane, where a length of the first MAC is the target MAC length of the signaling plane.
-
公开(公告)号:US11622268B2
公开(公告)日:2023-04-04
申请号:US16874064
申请日:2020-05-14
Applicant: Huawei Technologies Co., Ltd.
Abstract: A secure communication method and a secure communications apparatus related to the field of communications technologies and applied to a terminal. The terminal has a first security context and a second security context, the first security context is used by the terminal to communicate with a first network, the second security context is used by the terminal to communicate with a second network, and the first security context and the second security context include different first information.
-
公开(公告)号:US11611930B2
公开(公告)日:2023-03-21
申请号:US17132231
申请日:2020-12-23
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Jing Chen , Ruchuan Du
Abstract: A method to reduce signaling interaction in an access process of a terminal includes: receiving, by a convergent network device, an access request message from a first access device on a first network, where the access request message carries a first globally unique temporary identity (GUTI) of a terminal, which is an old GUTI on the first network or a GUTI on the first network and obtained by mapping a second GUTI on a second network; determining, by the convergent network device, a first target context of the terminal on the first network based on the first GUTI and a device identifier corresponding to the convergent network device when serving as a mobility management device; and sending, by the convergent network device, an access response message to the first access device to indicate that the terminal has successfully accessed the first network.
-
Patent Agency Ranking
公开(公告)号:US11589274B2
公开(公告)日:2023-02-21
申请号:US17190740
申请日:2021-03-03
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
IPC: H04W36/00 , H04W8/08 , H04W48/16 , H04W80/10 , H04L9/08 , H04W12/033 , H04W12/106
Abstract: This application relates to the field of wireless communications technologies. Embodiments of this application provide a security protection method, an apparatus, and a system, to resolve a problem of low efficiency in handing over a terminal between serving base stations. The method in this application includes: receiving, by a target access network device, a correspondence between user plane information and a security policy from a source access network device; and determining, by the target access network device based on the correspondence between user plane information and a security policy, a first user plane protection algorithm corresponding to the user plane information, where the first user plane protection algorithm includes one or both of a user plane encryption algorithm and a user plane integrity protection algorithm. This application is applicable to a procedure in which the terminal is handed over between serving base stations.
-
公开(公告)号:US11533609B2
公开(公告)日:2022-12-20
申请号:US16941769
申请日:2020-07-29
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
IPC: H04W12/03 , H04W12/06 , H04W36/00 , H04W60/04 , H04W12/041 , H04W12/106
Abstract: A message protection method and an apparatus are disclosed. The method includes: When a terminal prepares to hand over from a first-standard system to a second-standard system, the terminal may not have a security context of the second-standard system after handover. Therefore, in the method of the present disclosure, the terminal performs integrity protection on a registration request message and a location update request message by using an integrity key in a security context of the first-standard system before handover. Both the registration request message and the location update request message are messages for triggering handover. Therefore, in the method, security protection is implemented on the message for triggering handover, thereby helping improve communication security.
-
公开(公告)号:US11483705B2
公开(公告)日:2022-10-25
申请号:US17100093
申请日:2020-11-20
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Dongmei Zhang , Jing Chen , Yang Cui
Abstract: In one example method for generating an access stratum key in a communication system, a terminal device acquires an input parameter, where the terminal device is communicably coupled to a first network-side device through a first air interface and at the same time is communicably coupled to a second network-side device through a second air interface. The terminal device has access to a core network via the first network-side device, and has access to the core network via the second network-side device which has access to the core network through the first network-side device. The terminal device calculates an access stratum root key of the second air interface according to the input parameter and an access stratum root key of the first air interface, and generates an access stratum key of the second air interface according to the access stratum root key of the second air interface.
-
公开(公告)号:US11432218B2
公开(公告)日:2022-08-30
申请号:US17107545
申请日:2020-11-30
Applicant: Huawei Technologies Co., Ltd.
Inventor: Jing Chen , Ruchuan Du , Caixia Qi
Abstract: A converged network device: receives a handover requirement from a first access device in a first network, where the handover requirement carries an identifier of a second access device in a second network or an identity of a tracking area served by the second access device; determines, based on the identifier of the second access device or the identity of the tracking area served by the second access device, that the second access device is managed by the converged network device; sends a handover request to the second access device, where the handover request is used to request the second access device to prepare a related resource for the terminal; sends a handover command to the first access device, where the handover command is used to instruct to hand over the terminal to the second access device; and receives a handover notification from the second access device.
-
公开(公告)号:US11272360B2
公开(公告)日:2022-03-08
申请号:US16993729
申请日:2020-08-14
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W12/02 , H04W12/033 , H04W8/08 , H04W80/10 , H04W76/27 , H04W92/10 , H04L29/06 , H04W12/08 , H04W12/10 , H04W12/037 , H04W12/041 , H04W12/106
Abstract: A communication method and a related apparatus, where sending, by an access and mobility management function (AMF) entity, a request message to a session management function (SMF) entity, wherein the request message comprises a data network name (DNN) of a terminal device and an identifier of a slice of the terminal device; obtaining, by the SMF entity, a security policy based on the DNN of the terminal device and the identifier of the slice of the terminal device; sending, by the SMF entity, the security policy to a base station; and enabling, by the base station, user plane encryption protection when the security policy comprises first encryption protection indication information indicating the base station to enable the user plane encryption protection.
-
-
-
-
-
-
-
-
-
Search Results
165
records
(took 0.026 seconds)
