公开(公告)号：US12118093B2

公开(公告)日：2024-10-15

申请号：US17169737

申请日：2021-02-08

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bo Zhang ,  Philip Ginzboorg ,  Valtteri Niemi ,  Pekka Laitinen

IPC: G06F15/177 ,  G06F9/00 ,  G06F21/57 ,  H04L9/40 ,  H04W12/06

CPC classification number: G06F21/575 ,  H04L63/083 ,  H04W12/06

Abstract: This application provides an extended authentication method and apparatus for a generic bootstrapping architecture and a storage medium. A first network element obtains a bootstrapping transaction identifier (B-TID) and a key lifetime; and the first network element sends the B-TID and the key lifetime to the terminal, so that the terminal performs extensible authentication protocol (EAP)-based generic bootstrapping architecture (GBA) authentication and key agreement (AKA) authentication with the first network element based on the B-TID and the key lifetime.

公开(公告)号：US10826688B2

公开(公告)日：2020-11-03

申请号：US15905494

申请日：2018-02-26

Applicant: Huawei Technologies Co., Ltd.

Inventor： Bo Zhang ,  Lu Gan ,  Philip Ginzboorg

IPC: H04W12/04 ,  H04L9/08 ,  H04L29/06 ,  H04L9/14 ,  H04L29/08 ,  H04W12/08

Abstract: A key distribution and receiving method includes obtaining, by a first key management center, NAF key information of the first network element and a NAF key of the first network element, wherein the NAF key information of the first network element is information required to obtain the NAF key of the first network element. A service key is obtained. Using the NAF key of the first network element to perform encryption and/or integrity protection on the service key, a first security protection parameter is generated. A first generic bootstrapping architecture GBA push message is sent to the first network element. The GBA push message carries the first security protection parameter and the NAF key information of the first network element.

公开(公告)号：US20170201926A1

公开(公告)日：2017-07-13

申请号：US15469726

申请日：2017-03-27

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Andrey Krendzel ,  Philip Ginzboorg ,  Xavier Gelabert

IPC: H04W40/20 ,  H04W4/02 ,  H04L12/733

CPC classification number: H04W40/20 ,  H04L45/126 ,  H04W4/029 ,  H04W40/24

Abstract: The invention relates to a network entity for geographically routing a data packet towards a mobile device over a communication network.

公开(公告)号：US20200045553A1

公开(公告)日：2020-02-06

申请号：US16598981

申请日：2019-10-10

Applicant: HUAWEI TECHNOLOGIES CO.,LTD.

Inventor： Philip Ginzboorg ,  Valtteri Niemi ,  Bo Zhang

IPC: H04W12/12 ,  H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  H04W12/00

Abstract: A network authentication system comprises user equipment (UE), a service network (SN) and a home network (HN). The HN generates an expected user response (XRES) based on an identifier of the UE and generate an indicator, and sends the part of XRES and the indicator to the SN. The SN receives the part of XRES and indicator, and receives a user response (RES) from the UE. The SN then compares the RES with the XRES base on the indicator, and sends a confirmation message to the HN when the comparison succeeds.

公开(公告)号：US20170257762A1

公开(公告)日：2017-09-07

申请号：US15599855

申请日：2017-05-19

Applicant: Huawei Technologies Co., Ltd.

Inventor： Philip Ginzboorg ,  Kari Juhani Leppanen

IPC: H04W12/06 ,  G06F21/44

CPC classification number: H04W12/06 ,  G06F1/3206 ,  G06F21/35 ,  G06F21/44 ,  H04L25/0202 ,  H04L25/03019 ,  H04W74/006

Abstract: A node and a method therein, for authenticating a mobile device over an air interface. The node comprises a transmitter, a processor, and a receiver. The processor is configured to detect the mobile device, to generate a nonce, to determine a key shared with the mobile device and to compute a second MAC based on the generated nonce and the key, and to construct a second training sequence comprising the second MAC. The transmitter is configured to transmit the generated nonce to the mobile device. The receiver is configured to receive a first training sequence comprising a first MAC from the mobile device and to tune the receiving circuits of the receiver, based on the first and second training sequences; and to receive a further message from the mobile device. Further, the processor is configured to decode the further message and authenticate the mobile device or reject the mobile device.

公开(公告)号：US12008108B2

公开(公告)日：2024-06-11

申请号：US17169737

申请日：2021-02-08

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bo Zhang ,  Philip Ginzboorg ,  Valtteri Niemi ,  Pekka Laitinen

IPC: G06F15/177 ,  G06F9/00 ,  G06F21/57 ,  H04L9/40 ,  H04W12/06

CPC classification number: G06F21/575 ,  H04L63/083 ,  H04W12/06

Abstract: This application provides an extended authentication method and apparatus for a generic bootstrapping architecture and a storage medium. A first network element obtains a bootstrapping transaction identifier (B-TID) and a key lifetime; and the first network element sends the B-TID and the key lifetime to the terminal, so that the terminal performs extensible authentication protocol (EAP)-based generic bootstrapping architecture (GBA) authentication and key agreement (AKA) authentication with the first network element based on the B-TID and the key lifetime.

公开(公告)号：US11223954B2

公开(公告)日：2022-01-11

申请号：US16598981

申请日：2019-10-10

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Philip Ginzboorg ,  Valtteri Niemi ,  Bo Zhang

IPC: H04W12/122 ,  H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  H04W12/40

Abstract: A network authentication system comprises user equipment (UE), a service network (SN) and a home network (HN). The HN generates an expected user response (XRES) based on an identifier of the UE and generate an indicator, and sends the part of XRES and the indicator to the SN. The SN receives the part of XRES and indicator, and receives a user response (RES) from the UE. The SN then compares the RES with the XRES base on the indicator, and sends a confirmation message to the HN when the comparison succeeds.

公开(公告)号：US10477425B2

公开(公告)日：2019-11-12

申请号：US15834859

申请日：2017-12-07

Applicant: Huawei Technologies Co., Ltd.

Inventor： Mario Costa ,  Philip Ginzboorg ,  Gunnar Hedby ,  Kari Juhani Leppanen

IPC: H04W24/10 ,  H04W72/04 ,  H04W72/08 ,  H04W24/02

Abstract: A computing apparatus configured to communicate with nodes of a wireless communication system. The computing apparatus includes a processor configured to receive a radio link measurement corresponding to a user node. The processor determines a physical disturbance based on the radio link measurement and determines an at risk user node and a time at which the at risk user node is likely to experience a radio link disturbance, based on the physical disturbance. The processor then determines a connectivity adjustment for the at risk user node, and sends the determined connectivity adjustment to the wireless communication system.

公开(公告)号：US20180198605A1

公开(公告)日：2018-07-12

申请号：US15905494

申请日：2018-02-26

Applicant: Huawei Technologies Co., Ltd.

Inventor： Bo Zhang ,  Lu Gan ,  Philip Ginzboorg

IPC: H04L9/08 ,  H04L29/06 ,  H04L9/14 ,  H04L29/08

CPC classification number: H04L9/0819 ,  H04L9/08 ,  H04L9/14 ,  H04L63/06 ,  H04L63/061 ,  H04L67/26 ,  H04W12/04031

Abstract: A key distribution and receiving method includes obtaining, by a first key management center, NAF key information of the first network element and a NAF key of the first network element, wherein the NAF key information of the first network element is information required to obtain the NAF key of the first network element. A service key is obtained. Using the NAF key of the first network element to perform encryption and/or integrity protection on the service key, a first security protection parameter is generated. A first generic bootstrapping architecture GBA push message is sent to the first network element. The GBA push message carries the first security protection parameter and the NAF key information of the first network element.

公开(公告)号：US10588045B2

公开(公告)日：2020-03-10

申请号：US15843905

申请日：2017-12-15

Applicant: Huawei Technologies Co., Ltd.

Inventor： Andrey Krendzel ,  Philip Ginzboorg ,  Henrik Lundqvist ,  Kari Heiska

IPC: H04W28/02 ,  H04L12/721 ,  H04L12/717 ,  H04W84/04

Abstract: A flow controller for controlling a data flow through a mobile communication network includes a processor configured to receive a request from a network entity, the request indicating interfaces of the network entity and a data flow destination, and determine at least one interface and a path from a data flow policy of the mobile communication network. The processor is also configured to send a reply to the network entity, the reply indicating at least one of the interfaces of the network entity to be used for the data flow and the path to be used for the data flow.