公开(公告)号：US12170694B2

公开(公告)日：2024-12-17

申请号：US17414667

申请日：2018-12-29

Applicant: Nokia Technologies Oy

Inventor： Zhiyuan Hu ,  Duan Chen ,  Yueming Yin ,  Zhigang Luo

IPC: H04L29/06 ,  G06F21/62 ,  H04L9/40

Abstract: Embodiments of the present disclosure relate to devices, methods, apparatuses and computer readable storage media for data sharing. In example embodiments, a method for data sharing is provided. The method comprises, in response to receiving a first request to share data of a user from a data sharing agent, creating a data sharing smart contract for the user. The method further comprises publishing the data sharing smart contract to one or more data consumers. The method further comprises, in response to receiving a second request to access the data from a data consumer, generating, by executing the data sharing smart contract, an indication that the data consumer is authorized to access the data. In addition, the method further comprises sending the indication to the data consumer. In this way, end users are enabled to manage and share their personal data by themselves.

公开(公告)号：US20210211439A1

公开(公告)日：2021-07-08

申请号：US17057571

申请日：2018-05-22

Applicant: Nokia Technologies Oy

Inventor： Zhiyuan Hu ,  Jing Ping ,  Stephane Mahieu ,  Yueming Yin ,  Zhigang Luo

IPC: H04L29/06 ,  H04L12/725

Abstract: Embodiments of the present disclosure relate to methods, devices and computer readable storage medium for tracing an attack source in a service function chain overlay network. In example embodiments, a request for tracing an attack source of an attacking data is sent at the attack tracer to a first service function chain domain of a plurality of service function chain domains through which the attacking data flow passes subsequently. The request includes flow characteristics of the attacking data flow. Then, the attack tracer receives a first set of results of flow matching based on the flow characteristics from the first service function chain domain. The attack tracer identifies the attack source in the plurality of service function chain domains at least in part based on the first set of results. In this way, the attack source may be traced efficiently in the service function chain overlay network.

公开(公告)号：US20210044567A1

公开(公告)日：2021-02-11

申请号：US16963946

申请日：2018-02-06

Applicant: Nokia Technologies Oy

Inventor： Zhiyuan Hu ,  Jing Ping ,  Stephane Mahieu ,  Yueming Yin

IPC: H04L29/06

Abstract: Embodiments of the present disclosure relate to a method, apparatus, and computer readable medium for providing a security service for a data center. According to the method, a packet terminating at or originating from the data center is received. At least one label is determined for the packet, each label indicating a security requirement for the packet. Based on the at least one label, a security service chain is selected for the packet, the security service chain including an ordered set of security functions deployed in the data center and to be applied to the packet. The packet is transmitted to the selected security service chain in association with the at least one label, the packet being processed by the ordered set of security functions in the security service chain.

公开(公告)号：US11991186B2

公开(公告)日：2024-05-21

申请号：US17057571

申请日：2018-05-22

Applicant: Nokia Technologies Oy

Inventor： Zhiyuan Hu ,  Jing Ping ,  Stephane Mahieu ,  Yueming Yin ,  Zhigang Luo

IPC: G06F21/00 ,  H04L9/40 ,  H04L45/302

CPC classification number: H04L63/1416 ,  H04L45/306 ,  H04L63/1425 ,  H04L63/1441 ,  H04L2463/146

Abstract: Embodiments of the present disclosure relate to methods, devices and computer readable storage medium for tracing an attack source in a service function chain overlay network. In example embodiments, a request for tracing an attack source of an attacking data is sent at the attack tracer to a first service function chain domain of a plurality of service function chain domains through which the attacking data flow passes subsequently. The request includes flow characteristics of the attacking data flow. Then, the attack tracer receives a first set of results of flow matching based on the flow characteristics from the first service function chain domain. The attack tracer identifies the attack source in the plurality of service function chain domains at least in part based on the first set of results. In this way, the attack source may be traced efficiently in the service function chain overlay network.

公开(公告)号：US20220060514A1

公开(公告)日：2022-02-24

申请号：US17414667

申请日：2018-12-29

Applicant: Nokia Technologies Oy

Inventor： Zhiyuan Hu ,  Duan Chen ,  Yueming Yin ,  Zhigang Luo

IPC: H04L29/06 ,  G06F21/62

Abstract: Embodiments of the present disclosure relate to devices, methods, apparatuses and computer readable storage media for data sharing. In example embodiments, a method for data sharing is provided. The method comprises, in response to receiving a first request to share data of a user from a data sharing agent, creating a data sharing smart contract for the user. The method further comprises publishing the data sharing smart contract to one or more data consumers. The method further comprises, in response to receiving a second request to access the data from a data consumer, generating, by executing the data sharing smart contract, an indication that the data consumer is authorized to access the data. In addition, the method further comprises sending the indication to the data consumer. In this way, end users are enabled to manage and share their personal data by themselves.

公开(公告)号：US11877147B2

公开(公告)日：2024-01-16

申请号：US17255313

申请日：2018-06-29

Applicant: Nokia Technologies Oy

Inventor： Zhiyuan Hu ,  Wen Wei ,  Mingyu Zhao ,  Yueming Yin ,  Zhigang Luo

IPC: H04W12/02 ,  H04W76/10 ,  H04W12/06 ,  H04L61/5092 ,  H04W12/75 ,  H04W12/71 ,  H04L101/622

CPC classification number: H04W12/02 ,  H04L61/5092 ,  H04W12/06 ,  H04W76/10 ,  H04L2101/622 ,  H04W12/71 ,  H04W12/75

Abstract: Embodiments of the disclosure provide a method, device and computer readable medium for protecting MAC addresses. According to embodiments of the present disclosure, the terminal device may obtain a set of virtual MAC addressed from a network device and may connect with a further network device (for example, Wi-Fi AP or Bluetooth devices) using the virtual MAC addresses. In this way, tracking the terminal device with MAC address is prevented so that user privacy protection could be enhanced.

公开(公告)号：US11558353B2

公开(公告)日：2023-01-17

申请号：US16963946

申请日：2018-02-06

Applicant: Nokia Technologies Oy

Inventor： Zhiyuan Hu ,  Jing Ping ,  Stephane Mahieu ,  Yueming Yin

IPC: H04L29/06 ,  H04L9/40

Abstract: Embodiments of the present disclosure relate to a method, apparatus, and computer readable medium for providing a security service for a data center. According to the method, a packet terminating at or originating from the data center is received. At least one label is determined for the packet, each label indicating a security requirement for the packet. Based on the at least one label, a security service chain is selected for the packet, the security service chain including an ordered set of security functions deployed in the data center and to be applied to the packet. The packet is transmitted to the selected security service chain in association with the at least one label, the packet being processed by the ordered set of security functions in the security service chain.