公开(公告)号：US20160042163A1

公开(公告)日：2016-02-11

申请号：US14885381

申请日：2015-10-16

Applicant: Huawei Technologies Co., Ltd.

Inventor： Zhengde Zhai

IPC: G06F21/31

CPC classification number: G06F21/316 ,  H04L9/32

Abstract: A user authentication method and a terminal. The method includes determining first-type authentication information and second-type authentication information that are of a terminal, wherein the first-type authentication information includes specific attribute information that is in specific attribute information of an interaction object corresponding to a specific interaction behavior of the terminal and whose occurrence frequency within a preset time falls in a preset range, and wherein the second-type authentication information is used to interfere with selection, by the user of the terminal, of the first-type authentication information; presenting an authentication challenge set to the user of the terminal; receiving an identification result; and determining an authentication result. According to the user authentication method, authentication information is dynamically generated using information about an interaction object to perform authentication on a user.

Abstract translation: 用户认证方法和终端。 所述方法包括：确定作为终端的第一类型认证信息和第二类型认证信息，其中所述第一类型认证信息包括与所述交互对象的特定交互行为相对应的特定属性信息中的特定属性信息， 并且其在预设时间内的发生频率落在预设范围内，并且其中所述第二类型认证信息用于干扰所述终端的用户对所述第一类型认证信息的选择; 向所述终端的用户呈现认证挑战; 接收识别结果; 并确定认证结果。 根据用户认证方法，使用关于交互对象的信息动态生成认证信息，以对用户进行认证。

公开(公告)号：US10068105B2

公开(公告)日：2018-09-04

申请号：US15136522

申请日：2016-04-22

Applicant: Huawei Technologies Co., Ltd.

Inventor： Zhengde Zhai

IPC: H04L29/06 ,  G06F21/62 ,  H04L9/32 ,  G06F21/36

Abstract: A user authentication method and terminal, where the method includes acquiring an authentication interaction object and an interference interaction object where the authentication interaction object is a real interaction object stored in a terminal, the interference interaction object is a virtual interaction object constructed by the terminal, and the interference interaction object has a similar feature with the authentication interaction object to cause interference to a user when the user is selecting the authentication interaction object, displaying the authentication interaction object and the interference interaction object in an authentication interface for the user to select from, receiving a selection result and determining whether the selection result is the authentication interaction object, and determining, when the selection result is the authentication interaction object, that authentication succeeds.

公开(公告)号：US10178548B2

公开(公告)日：2019-01-08

申请号：US15491072

申请日：2017-04-19

Applicant: Huawei Technologies Co., Ltd.

Inventor： Zhengde Zhai ,  Yu Shen ,  He Wei

IPC: H04W24/00 ,  H04W12/02 ,  H04W4/02 ,  H04L29/08 ,  H04M1/725 ,  H04W48/04 ,  H04W4/021 ,  H04W4/14

Abstract: A method for protecting intelligent terminal location information is provided, where the method includes: responding to a location query request from an APP, and acquiring current location coordinates of the intelligent terminal; acquiring a privacy sensitivity level of an area in which the current location coordinates are located; acquiring a location trust level of the APP; and obtaining, according to the location trust level of the APP and the privacy sensitivity level of the area in which the current location coordinates are located, a response manner corresponding to the location query request from the APP. In addition, some embodiments of the present application further disclose an intelligent terminal.

公开(公告)号：US10003462B2

公开(公告)日：2018-06-19

申请号：US14867106

申请日：2015-09-28

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lei Xu ,  Zhengde Zhai

IPC: H04L9/08 ,  G06K9/52 ,  G06T3/40 ,  G06K9/46

CPC classification number: H04L9/0866 ,  G06K9/52 ,  G06K2009/4666 ,  G06T3/40 ,  G06T2207/20021 ,  H04L9/0861

Abstract: A key generating method and apparatus, where the method includes acquiring complete picture data of a complete picture; displaying a partial picture of the complete picture in a display window; capturing a first picture from the partial picture, and generating first picture data of the first picture; and generating a key according to the first picture data.

公开(公告)号：US20160020902A1

公开(公告)日：2016-01-21

申请号：US14867106

申请日：2015-09-28

Applicant: Huawei Technologies Co., Ltd.

Inventor： Lei Xu ,  Zhengde Zhai

IPC: H04L9/08 ,  G06K9/52 ,  G06T3/40 ,  G06T7/60

CPC classification number: H04L9/0866 ,  G06K9/52 ,  G06K2009/4666 ,  G06T3/40 ,  G06T2207/20021 ,  H04L9/0861

Abstract: A key generating method and apparatus, where the method includes acquiring complete picture data of a complete picture; displaying a partial picture of the complete picture in a display window; capturing a first picture from the partial picture, and generating first picture data of the first picture; and generating a key according to the first picture data.

Abstract translation: 一种密钥生成方法和装置，其中所述方法包括获取完整图像的完整图像数据; 在显示窗口中显示完整图片的部分图片; 从所述部分图像捕获第一图像，以及生成所述第一图像的第一图像数据; 以及根据第一图像数据产生密钥。

公开(公告)号：US20210011856A1

公开(公告)日：2021-01-14

申请号：US17038613

申请日：2020-09-30

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yubin Xia ,  Zhichao Hua ,  Zhengde Zhai

IPC: G06F12/1009 ,  G06F12/0808 ,  G06F12/0873 ,  G06F12/0811 ,  G06F9/455

Abstract: A method and an apparatus for enhancing isolation of user space from kernel space, to divide an extended page table into a kernel-mode extended page table and a user-mode extended page table, such that user-mode code cannot access some or all content in the kernel space, and/or kernel-mode code cannot access some content in the user space, thereby enhancing isolation of the user space from the kernel space and preventing content leakage of the kernel space.

公开(公告)号：US09781109B2

公开(公告)日：2017-10-03

申请号：US14869102

申请日：2015-09-29

Applicant: Huawei Technologies Co., Ltd.

Inventor： Zhengde Zhai

IPC: H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  G06F21/44 ,  H04W12/02 ,  H04W12/04 ,  H04W12/08

CPC classification number: H04L63/0876 ,  G06F21/44 ,  H04L9/3236 ,  H04L9/3242 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/06 ,  H04L63/08 ,  H04L63/0823 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06 ,  H04W12/08

Abstract: A method, a terminal device, and a network device are provided. The method of the present invention includes acquiring, by a terminal device, a key, an identity of the terminal device, and identification information of one or more applications on the terminal device, where identification information of different applications on the terminal device is different from each other, and the identity of the terminal device includes International Mobile Equipment Identity (IMEI) and/or International Mobile Subscriber Identity (IMSI); generating, for identification information of one application by using a preset encryption algorithm according to the identity of the terminal device and the key, an encryption result corresponding to the application; and when the application runs on the terminal device, accessing a network by using the encryption result corresponding to the application. The present invention is applicable to protecting information security of a terminal device accessing a network.

公开(公告)号：US20160239676A1

公开(公告)日：2016-08-18

申请号：US15136522

申请日：2016-04-22

Applicant: Huawei Technologies Co., Ltd.

Inventor： Zhengde Zhai

IPC: G06F21/62 ,  H04L9/32 ,  H04L29/06

CPC classification number: G06F21/6218 ,  G06F21/36 ,  G06F2221/032 ,  H04L9/3234 ,  H04L9/3271 ,  H04L63/08 ,  H04L63/0876

Abstract: A user authentication method and terminal, where the method includes acquiring an authentication interaction object and an interference interaction object where the authentication interaction object is a real interaction object stored in a terminal, the interference interaction object is a virtual interaction object constructed by the terminal, and the interference interaction object has a similar feature with the authentication interaction object to cause interference to a user when the user is selecting the authentication interaction object, displaying the authentication interaction object and the interference interaction object in an authentication interface for the user to select from, receiving a selection result and determining whether the selection result is the authentication interaction object, and determining, when the selection result is the authentication interaction object, that authentication succeeds.

Abstract translation: 一种用户认证方法和终端，其中所述方法包括获取认证交互对象和所述认证交互对象是存储在终端中的真实交互对象的干扰交互对象，所述干扰交互对象是由所述终端构成的虚拟交互对象， 并且所述干扰交互对象与所述认证交互对象具有类似的特征，以在所述用户选择所述认证交互对象时向所述用户施加干扰，在认证接口中显示所述认证交互对象和所述干扰交互对象以供所述用户选择 接收选择结果并确定所述选择结果是所述认证交互对象，以及当所述选择结果是所述认证交互对象时确定所述认证成功。

公开(公告)号：US20160021111A1

公开(公告)日：2016-01-21

申请号：US14869102

申请日：2015-09-29

Applicant: Huawei Technologies Co., Ltd.

Inventor： Zhengde Zhai

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/02 ,  H04W12/08 ,  H04W12/04 ,  G06F21/44

CPC classification number: H04L63/0876 ,  G06F21/44 ,  H04L9/3236 ,  H04L9/3242 ,  H04L63/04 ,  H04L63/0407 ,  H04L63/06 ,  H04L63/08 ,  H04L63/0823 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06 ,  H04W12/08

Abstract: A method, a terminal device, and a network device are provided. The method of the present invention includes acquiring, by a terminal device, a key, an identity of the terminal device, and identification information of one or more applications on the terminal device, where identification information of different applications on the terminal device is different from each other, and the identity of the terminal device includes International Mobile Equipment Identity (IMEI) and/or International Mobile Subscriber Identity (IMSI); generating, for identification information of one application by using a preset encryption algorithm according to the identity of the terminal device and the key, an encryption result corresponding to the application; and when the application runs on the terminal device, accessing a network by using the encryption result corresponding to the application. The present invention is applicable to protecting information security of a terminal device accessing a network.

Abstract translation: 提供了一种方法，终端设备和网络设备。 本发明的方法包括：通过终端装置获取关键字，终端装置的身份，以及终端装置上的不同应用的识别信息不同的终端装置上的一个或多个应用的​​识别信息 并且终端设备的身份包括国际移动设备标识（IMEI）和/或国际移动用户标识（IMSI）; 通过使用根据终端设备的身份和密钥的预设加密算法来生成用于一个应用的识别信息的与该应用相对应的加密结果; 并且当应用在终端设备上运行时，通过使用与应用相对应的加密结果访问网络。 本发明适用于保护接入网络的终端设备的信息安全。

公开(公告)号：US11436155B2

公开(公告)日：2022-09-06

申请号：US17038613

申请日：2020-09-30

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yubin Xia ,  Zhichao Hua ,  Zhengde Zhai

IPC: G06F12/00 ,  G06F12/1009 ,  G06F9/455 ,  G06F12/0808 ,  G06F12/0811 ,  G06F12/0873

Abstract: A method and an apparatus for enhancing isolation of user space from kernel space, to divide an extended page table into a kernel-mode extended page table and a user-mode extended page table, such that user-mode code cannot access some or all content in the kernel space, and/or kernel-mode code cannot access some content in the user space, thereby enhancing isolation of the user space from the kernel space and preventing content leakage of the kernel space.