-
公开(公告)号:US10999736B2
公开(公告)日:2021-05-04
申请号:US16795087
申请日:2020-02-19
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Abstract: A communication method and related device are disclosed. In at least one embodiment, a reference message authentication code is obtained by a terminal device based on a first message authentication code and a second message authentication code. The first message authentication code is used by an AMF to check a service request message, and the second message authentication code is used by an SMF to check the service request message. and sending, by the terminal device, first information and the service request message are sent by the terminal device to the AMF. The first information is used to instruct the AMF to send the service request message to the SMF. The service request message includes second information. The second information includes the reference message authentication code. The SMF can perform a security check on the service request message to ensure security of a communications network.
-
公开(公告)号:US10833874B2
公开(公告)日:2020-11-10
申请号:US16178955
申请日:2018-11-02
Applicant: Huawei Technologies Co., Ltd.
Inventor: Jiangwei Ying , Yanmei Yang , Jing Chen , Qi Li
Abstract: A certificate notification method, including reporting a certificate of a first terminal to a server, obtaining public key maintenance information including a public key corresponding to a certificate of each of one or more terminals within a preset area range and certificate identification information corresponding to the certificate of the corresponding terminal, receiving a communication message including certificate identification information corresponding to a certificate of the second terminal and a signature generated by the second terminal, determining, according to certificate identification information and the public key maintenance information, a public key corresponding to the certificate of the second terminal, and verifying, according to the public key corresponding to the certificate of the second terminal, the signature generated by the second terminal.
-
公开(公告)号:US10798578B2
公开(公告)日:2020-10-06
申请号:US16386462
申请日:2019-04-17
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W8/08 , H04W12/10 , H04W76/27 , H04W12/04 , H04W12/00 , H04L29/06 , H04W92/10 , H04W12/02 , H04W12/08 , H04W80/10
Abstract: A communication method and a related apparatus are provided. A base station obtains a security policy, where the security policy includes integrity protection indication information, and the integrity protection indication information is used to indicate the base station whether to enable integrity protection for a terminal device; and when the integrity protection indication information indicates the base station to enable integrity protection for the terminal device, the base station sends a target user plane integrity protection algorithm to the terminal device.
-
公开(公告)号:US10681546B2
公开(公告)日:2020-06-09
申请号:US16357950
申请日:2019-03-19
Applicant: Huawei Technologies Co., Ltd.
Inventor: He Li , Youyang Yu , Jing Chen
Abstract: A processing method for terminal access to a 3GPP network is provided. UE sends an access request message to a core network device on the 3GPP network, and the core network device sends an unauthorized access message to the UE after determining that the UE has no permission to access the 3GPP network. The unauthorized access message includes authentication information of the core network device. The UE performs authentication on the core network device according to the authentication information of the core network device, and executes a corresponding network access policy after authentication on the core network device by the UE succeeds, that is, after the UE determines that a source of the unauthorized access message is authorized.
-
公开(公告)号:US10582378B2
公开(公告)日:2020-03-03
申请号:US16520833
申请日:2019-07-24
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Abstract: A message protection method, user equipment, and a core network device are disclosed. The method includes: sending a request message on which no security protection is performed to the core network device, where the request message includes a first random number; receiving an abnormal response message, where the abnormal response message includes a third random number and a signature; and determining, based on the third random number, the signature, and an obtained credential, whether the abnormal response message is a valid message. According to the message protection method provided in the embodiments of the disclosure, security protection can be performed on a message transmitted before a security context is established between the user equipment and the core network device, so as to improve network communication security.
-
Patent Agency Ranking
86.发明申请公开(公告)号:US20190363879A1
公开(公告)日:2019-11-28
申请号:US16537330
申请日:2019-08-09
Applicant: HUAWEI TECHNOLOGIES CO.,LTD.
Inventor: Dongmei Zhang , Jing Chen
Abstract: Embodiments of the present invention disclose a method, an apparatus, and a system for establishing a security context and relates to the communications field, so as to comprehensively protect UE data. The method includes: acquiring an encryption algorithm of an access node; acquiring a root key and deriving, according to the root key and the encryption algorithm, an encryption key of the access node; sending the encryption key and the encryption algorithm to the access node, so that the access node starts downlink encryption and uplink decryption; sending the encryption algorithm of the access node to the UE so as to negotiate the encryption algorithm with the UE; and instructing the access node to start downlink encryption and uplink decryption and instructing, during algorithm negotiation, the UE to start downlink decryption and uplink encryption.
-
公开(公告)号:US10397775B2
公开(公告)日:2019-08-27
申请号:US15890900
申请日:2018-02-07
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Dongmei Zhang , Jing Chen
Abstract: Embodiments of the present invention disclose a key exchange method and apparatus, which relate to the communications field, and can enable user equipments establishing a D2D link to share a set of keys, and further, information security can be achieved when a user equipment transmits service data or a signaling message through a Ud interface. A network device acquires a first key, and sends a message including the first key to a second user equipment, so that the second user equipment uses, when communicating with a first user equipment by using a D2D link, the first key to protect transmitted information. Embodiments of the present invention are applicable to an exchange process of keys for protecting data on a D2D link.
-
公开(公告)号:US20190215690A1
公开(公告)日:2019-07-11
申请号:US16357950
申请日:2019-03-19
Applicant: Huawei Technologies Co., Ltd.
Inventor: He Li , Youyang Yu , Jing Chen
Abstract: A processing method for terminal access to a 3GPP network is provided. UE sends an access request message to a core network device on the 3GPP network, and the core network device sends an unauthorized access message to the UE after determining that the UE has no permission to access the 3GPP network. The unauthorized access message includes authentication information of the core network device. The UE performs authentication on the core network device according to the authentication information of the core network device, and executes a corresponding network access policy after authentication on the core network device by the UE succeeds, that is, after the UE determines that a source of the unauthorized access message is authorized.
-
公开(公告)号:US10348703B2
公开(公告)日:2019-07-09
申请号:US15989890
申请日:2018-05-25
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Dongmei Zhang , Jing Chen , Yang Cui
Abstract: In the communications system, a user equipment UE accesses a core network via a first network-side device by using a first air interface and connects to the first network-side device via a second network-side device by using a second air interface to access the core network. The method includes: acquiring, by the network-side device, an input parameter; calculating, by the network-side device, an access stratum root key KeNB* according to the input parameter and an access stratum root key KeNB on the first air interface, or using, by the network-side device, the KeNB as the KeNB*; and generating, by the second network-side device, an access stratum key on the second air interface according to the KeNB*, or sending, by the first network-side device, the KeNB* to the second network-side device.
-
90.发明授权公开(公告)号:US10299116B2
公开(公告)日:2019-05-21
申请号:US15589687
申请日:2017-05-08
Applicant: Huawei Technologies Co., Ltd.
Inventor: Xiaoying Xu , Jing Chen
IPC: H04L29/06 , H04W12/04 , H04W36/00 , H04B1/403 , H04W88/06 , H04W12/08 , H04L9/14 , H04W36/08 , H04W12/10 , H04W48/18 , H04W88/08
Abstract: Solution for security negotiation during handover of a user equipment (UE) between different radio access technologies is provided. In the solution, the UE receives non-access stratum (NAS) security information and access stratum (AS) security information which are selected by the target system and then performs security negotiation with the target system according to the received NAS security information and AS security information. As such, the UE may obtain the key parameter information of the NAS and AS selected by a long term evolution (LTE) system and perform security negotiation with the LTE system when the UE hands over from a different system, such as a universal terrestrial radio access network (UTRAN), to the LTE system.
-
-
-
-
-
-
-
-
-
Search Results
165
records
(took 0.021 seconds)
