公开(公告)号：US20130305386A1

公开(公告)日：2013-11-14

申请号：US13943469

申请日：2013-07-16

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lijia ZHANG ,  Yixian XU ,  Jing CHEN

IPC: G06F21/60

CPC classification number: G06F21/60 ,  H04L63/205 ,  H04W4/70 ,  H04W12/04 ,  H04W12/06

Abstract: The present invention relates to communication technologies and discloses a method and an apparatus for protecting security of data, so as to solve the problem of the prior art in which the security of data transmission between a communication terminal which has a characteristic of small data transmission and the network cannot be guaranteed. Information relevant to security context is stored if a communication terminal has a characteristic of small data transmission; current security context is obtained according to the information relevant to security context; and security protection of communication data is performed by employing the current security context. The embodiments of the present invention may be applied to a communication system having a characteristic of small data transmission, such as an MTC and the like.

Abstract translation: 本发明涉及通信技术，并且公开了一种用于保护数据安全性的方法和装置，以解决现有技术的问题，其中具有小数据传输特性的通信终端与数据传输特性之间的数据传输安全性 网络无法保证。 如果通信终端具有小数据传输的特征，则存储与安全上下文相关的信息; 根据与安全环境相关的信息获取当前的安全上下文; 并且通过采用当前的安全上下文来执行通信数据的安全保护。 本发明的实施例可以应用于具有小数据传输特性的通信系统，例如MTC等。

公开(公告)号：US20170078288A1

公开(公告)日：2017-03-16

申请号：US15337830

申请日：2016-10-28

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yizhuang WU ,  Yixian XU ,  Huan LI ,  Youyang YU

IPC: H04L29/06

CPC classification number: H04L63/0876 ,  H04L63/061 ,  H04L63/0807 ,  H04L2463/081 ,  H04W12/08 ,  H04W84/12

Abstract: Embodiments of the present invention provide a method for accessing a communications network by a terminal, an apparatus, and a communications system, relate to the communications field, and can effectively reduce a resource waste on a network side that is caused when WLCP is triggered by a malicious application on a terminal. A first message sent by a second device is received, where the first message includes a second message and an authentication parameter, the authentication parameter is a token or a User Datagram Protocol UDP port number, and the second message includes the encrypted authentication parameter; or the first message includes a second message, and the second message includes an encrypted authentication parameter; or the first message includes a second message and an authentication parameter; and the second message is sent to a terminal.

Abstract translation: 本发明的实施例提供了一种通过终端，装置和通信系统访问通信网络的方法，涉及通信领域，并且可以有效地减少在WLCP被触发时引起的网络侧的资源浪费 终端上的恶意应用程序。 接收由第二设备发送的第一消息，其中第一消息包括第二消息和认证参数，认证参数是令牌或用户数据报协议UDP端口号，第二消息包括加密认证参数; 或者第一消息包括第二消息，并且第二消息包括加密认证参数; 或者第一消息包括第二消息和认证参数; 并且第二个消息被发送到终端。

公开(公告)号：US20160014630A1

公开(公告)日：2016-01-14

申请号：US14865770

申请日：2015-09-25

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Yixian XU ,  Jing CHEN ,  Dong ZHAO ,  Lan ZOU

IPC: H04W24/10 ,  H04W76/02 ,  H04W12/02

CPC classification number: H04W12/02 ,  H04W24/10 ,  H04L61/2596 ,  H04L61/6054 ,  H04W8/26 ,  H04W12/00518 ,  H04W76/10 ,  H04W76/11

Abstract: The present invention relates to the field of communications, and in particular, to a processing method for minimization of drive tests, a network device, and a communications system. The method includes: obtaining, by a first network device, a virtual identity, where the virtual identity is corresponding to a real identity of a terminal; and sending, by the first network device, the virtual identity of the terminal performing minimization of drive tests and minimization of drive tests information, where the minimization of drive tests information includes at least one of a minimization of drive tests result and a trace recording session reference. According to the present invention, some measurement results can be mapped to same UE without exposing user privacy.

Abstract translation: 本发明涉及通信领域，特别涉及用于最小化驱动测试，网络设备和通信系统的处理方法。 该方法包括：由第一网络设备获得虚拟身份，虚拟身份与终端的真实身份相对应; 以及由所述第一网络设备发送执行驱动测试的最小化并且最小化驱动测试信息的终端的虚拟身份，其中驱动测试信息的最小化包括驱动测试结果的最小化和跟踪记录会话中的至少一个 参考。 根据本发明，一些测量结果可以映射到相同的UE而不暴露用户隐私。

公开(公告)号：US20140237559A1

公开(公告)日：2014-08-21

申请号：US14264566

申请日：2014-04-29

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Lijia ZHANG ,  Jing CHEN ,  Yixian XU

IPC: H04W12/04

CPC classification number: H04W12/04 ,  H04L9/0833 ,  H04L9/0869 ,  H04L63/062 ,  H04L63/065 ,  H04L2463/061 ,  H04W4/70 ,  H04W88/08

Abstract: A method and a related device for generating a group key are provided. A group ID of a group to which an MTC device belongs and a group communication root key related to a security key are received from an MME, where the security key is corresponding to the group ID; a group key corresponding to the group ID is generated according to the group communication root key; and a generating parameter used to generate the group key is sent to the MTC device, so that the MTC device generates the group key according to the group key generating parameter and a security key saved in the MTC device. Therefore, a base station only needs to maintain a same group key for a same group, thereby reducing the operation complexity of the base station.

Abstract translation: 提供了一种用于生成组密钥的方法和相关设备。 从MME接收MTC设备所属的组的组ID和与安全密钥相关的组通信根密钥，其中安全密钥对应于组ID; 根据组通信根密钥生成与组ID对应的组密钥; 并且将用于生成组密钥的生成参数发送到MTC设备，使得MTC设备根据组密钥生成参数和保存在MTC设备中的安全密钥生成组密钥。 因此，基站仅需要为同一组保持相同的组密钥，从而降低基站的操作复杂度。

公开(公告)号：US20140105383A1

公开(公告)日：2014-04-17

申请号：US14109809

申请日：2013-12-17

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lijia ZHANG ,  Yixian XU

IPC: H04L9/28

CPC classification number: H04L9/14 ,  G06F21/602 ,  H04L63/205 ,  H04W4/08 ,  H04W4/70 ,  H04W12/0017 ,  H04W12/04 ,  H04W12/10

Abstract: Disclosed is a method for negotiating machine type communication (MTC) device group algorithms, including: selecting a negotiated group encryption algorithm and a negotiated group integrity algorithm from group encryption algorithms and group integrity algorithms supported by an MTC device; sending a security mode command message or a radio resource control (RRC) connection reconfiguration message to the MTC device, wherein the security mode command message or the RRC connection reconfiguration message carries the negotiated group encryption algorithm and the negotiated group integrity algorithm. The method disclosed in this invention enables the MTC devices to realize the encryption and the integrity protection of communication contents when performing group communication.

Abstract translation: 公开了一种用于协商机器类型通信（MTC）设备组算法的方法，包括：从MTC设备支持的组加密算法和组完整性算法中选择协商组加密算法和协商组完整性算法; 向所述MTC设备发送安全模式命令消息或无线资源控制（RRC）连接重配置消息，其中，所述安全模式命令消息或所述RRC连接重配置消息携带所协商的组加密算法和协商的组完整性算法。 本发明公开的方法使得MTC设备能够在进行群组通信时实现通信内容的加密和完整性保护。