公开(公告)号：US11051171B2

公开(公告)日：2021-06-29

申请号：US16569415

申请日：2019-09-12

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bo Zhang ,  Rong Wu ,  Lu Gan ,  Lichun Li

IPC: H04W12/08 ,  H04W8/02 ,  H04W8/26 ,  H04W36/08 ,  H04W12/04

Abstract: Embodiments of the present invention disclose a communication method, a related device, and a system. The system may include a terminal, a first access network node (AN), and a second AN. The first AN is configured to determine that the terminal meets a condition of being handed over from the first AN to the second AN, where a value of a target parameter used for encryption and/or integrity protection when the terminal and the first AN communicate with each other before the terminal is handed over to the second AN is equal to a first reference value. In the system, the first AN may further be configured to send a target message to the second AN to instruct the second AN to obtain a second reference value. The second AN may be configured to obtain the second reference value based on the target message. Furthermore, the terminal may be configured to obtain the second reference value, where the second reference value is used as a value of the target parameter used for encryption and/or integrity protection when the second AN and the terminal communicate with each other. According to the embodiments of the present invention, security performance of the terminal can be improved.

公开(公告)号：US10966083B2

公开(公告)日：2021-03-30

申请号：US16441598

申请日：2019-06-14

Applicant: Huawei Technologies Co., Ltd.

Inventor： Rong Wu ,  Bo Zhang ,  Lu Gan

IPC: H04L9/00 ,  H04W12/04 ,  H04W80/10 ,  H04W88/02 ,  H04W76/11 ,  H04W76/25 ,  H04W8/08 ,  H04L9/08 ,  H04L29/06

Abstract: An anchor key generation method, device, and system, where the method includes generating, by a unified data management network element (UDM), an intermediate key based on a cipher key (CK), an integrity key (IK), and indication information regarding an operator; sending, by the UDM, the intermediate key to an authentication server function (AUSF); receiving, by the AUSF, the intermediate key; generating, by the AUSF, an anchor key based on the intermediate key; sending, by the AUSF, the anchor key to a security anchor function (SEAF); and generating, by the SEAF, a key (Kamf) based on the anchor key, where the Kamf is used to derive a 3rd Generation Partnership Project (3GPP) key.

公开(公告)号：US10728757B2

公开(公告)日：2020-07-28

申请号：US16409207

申请日：2019-05-10

Applicant: Huawei Technologies Co., Ltd.

Inventor： Rong Wu ,  Lu Gan ,  Bo Zhang ,  Shuaishuai Tan

IPC: H04L29/00 ,  H04W12/04 ,  H04W12/00 ,  H04W36/00 ,  H04W36/08 ,  H04W12/08 ,  H04W12/06

Abstract: A security implementation method includes receiving, by a first network element, a request for handing over user equipment from a source access network device to a target access network device to perform communication. The method further includes obtaining, by the first network element, a security key, where the security key is used for protecting the communication between the user equipment and the target access network device after the user equipment is handed over from the source access network device to the target access network device, and sending, by the first network element, the security key to the target access network device.

公开(公告)号：US20200213290A1

公开(公告)日：2020-07-02

申请号：US16814018

申请日：2020-03-10

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Shuaishuai Tan ,  Lu Gan ,  Bo Zhang ,  Rong Wu

IPC: H04L29/06 ,  H04W12/06 ,  H04L12/911 ,  H04W12/08 ,  H04L9/32 ,  H04L9/30 ,  H04L9/08 ,  H04W8/18 ,  H04W12/04

Abstract: An authorization method and a network element are disclosed, to implement a third-party authorization function based on a 5G service-based network architecture. The method is: receiving, by a resource control network element, a resource usage request message sent by a terminal device; replacing a first user identifier in the resource usage request message with a second user identifier; sending an authorization request message carrying the second user identifier to an authorization server by using an NEF; receiving, by using the NEF, an authorization response message sent by the authorization server, where the authorization response message includes an authorization result that is obtained by performing authorization based on the second user identifier and the resource usage request message; and allocating a network resource to the terminal device based on the authorization result, and sending a resource allocation response message to the terminal device.

公开(公告)号：US20200007335A1

公开(公告)日：2020-01-02

申请号：US16566018

申请日：2019-09-10

Applicant: Huawei Technologies Co., Ltd.

Inventor： Shuaishuai Tan ,  Lu Gan ,  Bo Zhang ,  Rong Wu

IPC: H04L9/32 ,  H04L29/06

Abstract: A network function service invocation method includes sending, by a first network function network element, a first request message to an authorization network element, wherein the first request message is used to request permission to invoke a first network function service provided by a second network function network element, performing, by the authorization network element, identity authentication on the first network function network element; generating, by the authorization network element, a token when determining that the identity authentication succeeds, wherein the token is used to indicate that the first network function network element has the permission to invoke the first network function service of the second network function network element, and sending, by the authorization network element, a token to the first network function network element.

公开(公告)号：US20190297494A1

公开(公告)日：2019-09-26

申请号：US16441598

申请日：2019-06-14

Applicant: Huawei Technologies Co., Ltd.

Inventor： Rong Wu ,  Bo Zhang ,  Lu Gan

IPC: H04W12/04 ,  H04W8/08 ,  H04W76/25 ,  H04W88/02 ,  H04W80/10 ,  H04W76/11

Abstract: An anchor key generation method, device, and system, where the method includes generating, by a unified data management network element (UDM), an intermediate key based on a cipher key (CK), an integrity key (IK), and indication information regarding an operator; sending, by the UDM, the intermediate key to an authentication server function (AUSF); receiving, by the AUSF, the intermediate key; generating, by the AUSF, an anchor key based on the intermediate key; sending, by the AUSF, the anchor key to a security anchor function (SEAF); and generating, by the SEAF, a key (Kamf) based on the anchor key, where the Kamf is used to derive a 3rd Generation Partnership Project (3GPP) key.

公开(公告)号：US09960880B2

公开(公告)日：2018-05-01

申请号：US15712581

申请日：2017-09-22

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Huiming Wang ,  Feng Liu ,  Rong Wu

IPC: H04K3/00 ,  H04W12/02 ,  H04L25/02 ,  H04B7/06 ,  H04L25/03 ,  H04L29/06

CPC classification number: H04K3/825 ,  H04B7/0617 ,  H04K3/28 ,  H04L9/001 ,  H04L25/0202 ,  H04L25/03343 ,  H04L63/1475 ,  H04W12/02

Abstract: The present disclosure discloses a signal sending method and device. The method includes: receiving, by a base station, an uplink pilot signal sent by authorized user equipment, and determining a direction vector parameter and a first channel fading parameter of a channel calculating, according to the direction vector parameter and the first channel fading parameter, a first signal beamformer parameter, determining a transmission area of an artificial noise signal according to the direction vector parameter, and calculating a second signal beamformer parameter; and processing a to-be-transmitted signal by using the first signal beamformer parameter and the second signal beamformer parameter, and transmitting the processed signal. In this way, in a non-target direction, energy leakage of the secrecy signal to the authorized user equipment is relatively small, and transmitted artificial noise signals are concentrated in an area with a relatively high secrecy signal leakage risk.