公开(公告)号：US20170249456A1

公开(公告)日：2017-08-31

申请号：US15594264

申请日：2017-05-12

Applicant: Huawei Technologies Co., Ltd.

Inventor： Tianfu FU ,  Chong ZHOU

IPC: G06F21/51 ,  G06F12/14 ,  H04L29/06 ,  G06F21/56 ,  H04L9/32

CPC classification number: G06F21/51 ,  G06F12/1408 ,  G06F21/56 ,  G06F21/565 ,  G06F21/57 ,  G06F2212/1052 ,  H04L9/3234 ,  H04L9/3247 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/061 ,  H04L63/123

Abstract: Embodiments of the present disclosure disclose an application program integrity verification method and a network device. The method includes: performing eigenvalue calculation on data of an application program when the application program starts, to obtain a first digest of the application program (101); decrypting a stored digital signature of the application program according to a public key in an embedded key pair to obtain a second digest of the application program, where the digital signature is obtained, according to a private key in the key pair, by signing data of the application program each time the application program is updated (102), and the key pair is a manufacturer key pair corresponding to the application program; and determining that integrity verification of the application program passes if the first digest and the second digest are the same, otherwise, determining that integrity verification of the application program does not pass (103).

公开(公告)号：US20140149549A1

公开(公告)日：2014-05-29

申请号：US14167507

申请日：2014-01-29

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Tianfu FU

IPC: H04L29/08

CPC classification number: H04L67/02 ,  H04L12/44 ,  H04L12/462 ,  H04L12/4633

Abstract: The present invention provides a distributed cluster processing system and a packet processing method thereof. The system includes at least one external interface unit, multiple processing units, and a switching unit, where each of the at least one external interface unit is connected between a corresponding processing unit of the multiple processing units and an external network element, and is configured to receive a packet from the external network element, forward the packet to a corresponding processing unit of the multiple directly connected processing units, and send a processed packet to the external network element; and each of the multiple processing units performs specified service processing and is respectively connected to the switching unit, so that the multiple processing units and the switching unit form a star topology structure. According to the system and the method, through a logical combination between the processing units, end-to-end high performance may be achieved.

Abstract translation: 本发明提供一种分布式集群处理系统及其分组处理方法。 该系统包括至少一个外部接口单元，多个处理单元和切换单元，其中至少一个外部接口单元中的每一个连接在多个处理单元的对应处理单元和外部网络元件之间，并被配置 从外部网元接收分组，将分组转发到多个直接连接的处理单元的对应处理单元，并将处理后的分组发送到外部网元; 并且所述多个处理单元中的每一个执行指定的服务处理，并且分别连接到所述切换单元，使得所述多个处理单元和所述切换单元形成星形拓扑结构。 根据系统和方法，通过处理单元之间的逻辑组合，可以实现端到端的高性能。

公开(公告)号：US20210124820A1

公开(公告)日：2021-04-29

申请号：US17090588

申请日：2020-11-05

Applicant: Huawei Technologies Co., Ltd.

Inventor： Tianfu FU ,  Chong ZHOU

IPC: G06F21/51 ,  G06F21/56 ,  G06F21/57 ,  G06F12/14 ,  H04L9/32 ,  H04L29/06

Abstract: Embodiments of the present disclosure disclose an application program integrity verification method and a network device. The method includes: performing characteristic value calculation on data of an application program when the application program starts, to obtain a first digest of the application program; decrypting a stored digital signature of the application program according to a public key in an embedded key pair to obtain a second digest of the application program, where the digital signature is obtained, according to a private key in the key pair, by signing data of the application program each time the application program is updated, and the key pair is a manufacturer key pair corresponding to the application program; and determining that integrity verification of the application program passes if the first digest and the second digest are the same, otherwise, determining that integrity verification of the application program does not pass.

公开(公告)号：US20170193220A1

公开(公告)日：2017-07-06

申请号：US15461244

申请日：2017-03-16

Applicant: Huawei Technologies Co., Ltd.

Inventor： Chong ZHOU ,  Tianfu FU

IPC: G06F21/52 ,  G06F21/57 ,  G06F21/55

Abstract: Disclosed are a method and an apparatus for trusted measurement, where the method includes: obtaining a first processing result by performing a first-manner processing on a code segment, and using a result obtained by performing a second-manner processing on the first processing result as a reference value; obtaining, at a first moment when the system is running, a second processing result by performing the first-manner processing on the code segment, and obtaining a first measurement value by performing the second-manner processing on the second processing result; and determining whether the first measurement value and the reference value are equal, and when the first measurement value and the reference value are equal, the system is trusted, where the code segment in the memory is a code segment that does not change with normal running of the system during one start-up and a running process of the system.