Communication method, related device, and system

    公开(公告)号:US11051171B2

    公开(公告)日:2021-06-29

    申请号:US16569415

    申请日:2019-09-12

    Abstract: Embodiments of the present invention disclose a communication method, a related device, and a system. The system may include a terminal, a first access network node (AN), and a second AN. The first AN is configured to determine that the terminal meets a condition of being handed over from the first AN to the second AN, where a value of a target parameter used for encryption and/or integrity protection when the terminal and the first AN communicate with each other before the terminal is handed over to the second AN is equal to a first reference value. In the system, the first AN may further be configured to send a target message to the second AN to instruct the second AN to obtain a second reference value. The second AN may be configured to obtain the second reference value based on the target message. Furthermore, the terminal may be configured to obtain the second reference value, where the second reference value is used as a value of the target parameter used for encryption and/or integrity protection when the second AN and the terminal communicate with each other. According to the embodiments of the present invention, security performance of the terminal can be improved.

    Cyber security management system, method, and apparatus

    公开(公告)号:US10897712B2

    公开(公告)日:2021-01-19

    申请号:US16240710

    申请日:2019-01-05

    Abstract: Embodiments of the present invention disclose a cyber security management system, method, and apparatus. The system includes user equipment (UE), an access network (AN), a network function selection module, and at least two authentication modules. The UE is configured to send a first service request to the network function selection module, where the first service request carries authentication protocol information. The network function selection module is configured to: select a target authentication module based on the authentication protocol information, and send a second service request to the target authentication module. The target authentication module is configured to perform mutual authentication with the UE. The target authentication module is further configured to: determine a first security configuration according to a specified security policy, and send the first security configuration to the AN.

    Network key processing method and system and related device

    公开(公告)号:US11431479B2

    公开(公告)日:2022-08-30

    申请号:US16517645

    申请日:2019-07-21

    Abstract: Embodiments of this application disclose a network key processing system, including user equipment, a security anchor network element, and an access and mobility management network element, where the security anchor network element is configured to: obtain a first key parameter from a slice selection network element, where the first key parameter includes identifier information of N network slices; generate N slice-dedicated keys based on the first key parameter; and send the N slice-dedicated keys to the corresponding N network slices respectively; the access and mobility management network element is configured to: obtain the first key parameter, and send the first key parameter to the user equipment; and the user equipment is configured to: generate the N slice-dedicated keys for the N network slices based on the first key parameter, and access the N network slices based on the generated N slice-dedicated keys.

    Network key processing method and system and related device

    公开(公告)号:US11917054B2

    公开(公告)日:2024-02-27

    申请号:US17819188

    申请日:2022-08-11

    CPC classification number: H04L9/0819 H04L9/085 H04L9/14 H04L63/0428

    Abstract: Embodiments of this application disclose a network key processing system, including user equipment, a security anchor network element, and an access and mobility management network element, where the security anchor network element is configured to: obtain a first key parameter from a slice selection network element, where the first key parameter includes identifier information of N network slices; generate N slice-dedicated keys based on the first key parameter; and send the N slice-dedicated keys to the corresponding N network slices respectively; the access and mobility management network element is configured to: obtain the first key parameter, and send the first key parameter to the user equipment; and the user equipment is configured to: generate the N slice-dedicated keys for the N network slices based on the first key parameter, and access the N network slices based on the generated N slice-dedicated keys.

    COMMUNICATION METHOD, RELATED DEVICE, AND SYSTEM

    公开(公告)号:US20200008041A1

    公开(公告)日:2020-01-02

    申请号:US16569415

    申请日:2019-09-12

    Abstract: Embodiments of the present invention disclose a communication method, a related device, and a system. The system may include a terminal, a first access network node (AN), and a second AN. The first AN is configured to determine that the terminal meets a condition of being handed over from the first AN to the second AN, where a value of a target parameter used for encryption and/or integrity protection when the terminal and the first AN communicate with each other before the terminal is handed over to the second AN is equal to a first reference value. In the system, the first AN may further be configured to send a target message to the second AN to instruct the second AN to obtain a second reference value. The second AN may be configured to obtain the second reference value based on the target message. Furthermore, the terminal may be configured to obtain the second reference value, where the second reference value is used as a value of the target parameter used for encryption and/or integrity protection when the second AN and the terminal communicate with each other. According to the embodiments of the present invention, security performance of the terminal can be improved.

Patent Agency Ranking