公开(公告)号：US11368841B2

公开(公告)日：2022-06-21

申请号：US16332682

申请日：2017-07-25

Applicant: ZTE CORPORATION

Inventor： Shilin You ,  Hongjun Liu ,  Jiyan Cai ,  Zaifeng Zong ,  Jin Peng ,  Zhaoji Lin ,  Yunyin Zhang

IPC: H04W12/03 ,  H04W12/02 ,  H04W12/06 ,  H04W12/08 ,  H04W12/069 ,  H04W12/75 ,  H04W12/72 ,  H04L101/654

Abstract: Embodiments of the prevent disclosure provide a network access authentication method and device. The method includes: receiving an authentication request message sent by a first serving network, the authentication request message carrying a user equipment alias identifier generated by user equipment; determining whether a local user equipment alias identifier is asynchronous with the user equipment alias identifier generated by the user equipment; and when the determination result is positive, obtaining an encrypted International Mobile Subscriber Identification Number IMSI for performing network access authentication on the user equipment.

公开(公告)号：US11778458B2

公开(公告)日：2023-10-03

申请号：US17826914

申请日：2022-05-27

Applicant: ZTE Corporation

Inventor： Shilin You ,  Hongjun Liu ,  Jiyan Cai ,  Zaifeng Zong ,  Jin Peng ,  Zhaoji Lin ,  Yunyin Zhang

IPC: G06F7/04 ,  H04W12/03 ,  H04W12/02 ,  H04W12/069 ,  H04W12/75 ,  H04W12/72 ,  H04W12/06 ,  H04W12/08 ,  H04L101/654

CPC classification number: H04W12/03 ,  H04W12/02 ,  H04W12/06 ,  H04W12/069 ,  H04W12/08 ,  H04W12/72 ,  H04W12/75 ,  H04L2101/654

Abstract: Embodiments of the prevent invention provide a network access authentication method and device. The method comprises: receiving an authentication request message sent by a first serving network, wherein the authentication request message carries a user equipment pseudonym identifier generated by a user equipment; determining whether a local user equipment pseudonym identifier is asynchronous with the user equipment pseudonym identifier generated by the user equipment; and obtaining, if the determination result is yes, an encrypted international mobile subscriber identity (IMSI) to carry out network access authentication on the user equipment. The embodiments of the present invention can solve the problem that a network access process in the related art does not provide a processing method for the case where the user equipment pseudonym identifier in the user equipment is asynchronous with the user equipment pseudonym identifier in a home network.

公开(公告)号：US11751051B2

公开(公告)日：2023-09-05

申请号：US17289968

申请日：2019-08-07

Applicant: ZTE Corporation

Inventor： Shilin You ,  Jiyan Cai ,  Jianhua Liu ,  Zhaoji Lin ,  Jin Peng ,  Boshan Zhang

IPC: H04W12/06 ,  H04W12/72 ,  G06F21/57

CPC classification number: H04W12/06 ,  G06F21/575 ,  H04W12/72 ,  G06F2221/034

Abstract: proviced is an authentication method based on a GBA, and the method includes: a BSF receives an initialization request message sent by a UE, wherein the initialization request message carries a first identifier of the UE, and the first identifier comprises at least one of the following: a SUCI, an identifier converted from the SUCI, and a TMPI associated with the subscriber identity; the BSF acquires an AV of the UE according to the first ID; the BSF completes GBA authentication with the UE according to the acquired AV. In this way, the privacy of the SUPI is protected for the UE, and the SUCI or the identifier converted from the SUCI is used to perform the bootstrapping process of the GBA, thereby improving the security of the GBA authentication process.

公开(公告)号：US12149945B2

公开(公告)日：2024-11-19

申请号：US17988431

申请日：2022-11-16

Applicant: ZTE Corporation

Inventor： Shilin You ,  Jiyan Cai ,  Zhaoji Lin ,  Jin Peng ,  Yuze Liu ,  Zhen Xing ,  Jigang Wang ,  Min Liu

IPC: H04W12/72 ,  H04W12/0433 ,  H04W12/06

Abstract: Provided are a subscription data update method and apparatus, a node, and a storage medium, where the method includes: in a case where a first network function node determines that authentication and key management for applications (AKMA) subscription data of a user is updated, determining, by the first network function node, a second network function node storing an AKMA context of the user; sending, by the first network function node, a subscription data management notification message to the second network function node; and receiving, by the first network function node, a subscription data management notification response message sent by the second network function node; where the subscription data management notification response message is sent after the second network function node deletes the AKMA context of the user according to the subscription data management notification message.

公开(公告)号：US11503533B2

公开(公告)日：2022-11-15

申请号：US17674068

申请日：2022-02-17

Applicant: ZTE CORPORATION

Inventor： Shilin You ,  Jiyan Cai ,  Jin Peng ,  Jinguo Zhu ,  Shuang Liang ,  Fei Lu ,  Wantao Yu ,  Zhaoji Lin

IPC: H04W4/00 ,  H04W40/36 ,  H04W12/102 ,  H04W12/06 ,  H04W60/04

Abstract: A system and method of registration with AMF re-allocation. The system and method includes receiving, by an initial AMF from a wireless communication device via a RAN, a registration request comprising a first device identifier associated with the wireless communication device. The system and method includes determining, by the initial AMF, an identifier type associated with the first device identifier. The system and method includes generating, by the initial AMF, a reroute message comprising a second device identifier. The system and method includes originating, by the initial AMF to the wireless communication device, a security mode command message comprising a redirection criteria or an integrity negotiation algorithm, the security mode command message causes the wireless communication device to set the redirection criteria allowing the wireless communication device to accept a request message that is not integrity protected and return a security mode complete message to the initial AMF.

公开(公告)号：US20230370992A1

公开(公告)日：2023-11-16

申请号：US18356637

申请日：2023-07-21

Applicant: ZTE Corporation

Inventor： Shilin YOU ,  Jiyan Cai ,  Jinguo Zhu ,  Yuze Liu ,  He Huang ,  Shuang Liang ,  Xingyue Zhou ,  Jin Peng ,  Zhen Xing ,  Zhaoji Lin

IPC: H04W60/04 ,  H04W8/18 ,  H04W60/00 ,  H04W60/06

CPC classification number: H04W60/04 ,  H04W8/18 ,  H04W60/005 ,  H04W60/06

Abstract: This disclosure generally relates performing UE authentication and registration with the core network, and in particular, to supporting secure interactions between the UE and the target AMF when the UE is re-allocated to the target AMF. During a UE registration procedure, the initial AMF generate a 5G-GUTI for the UE and retrieves a candidate AMF list. The initial AMF sends the generated 5G-GUTI (or 5G-S-TMSI), the candidate AMF list, and a full registration request message to the (R)AN for storage and subsequent use. The initial AMF, once determines an AMF re-allocation is needed, instruct the UE to re-start the registration procedure with the core network, by using the generated 5G-GUTI. The (R)AN selects the target AMF, and forward the stored full registration request message to the target AMF to complete the registration.

公开(公告)号：US20220279471A1

公开(公告)日：2022-09-01

申请号：US17739651

申请日：2022-05-09

Applicant: ZTE Corporation

Inventor： Shilin You ,  Jiyan Cai ,  Yuze Liu ,  Jin Peng ,  Wantao Yu ,  Zhaoji Lin

IPC: H04W60/04 ,  H04W12/06 ,  H04W12/0431 ,  H04W12/03

Abstract: The present disclosure relates to a wireless communication method, systems and devices for a registration procedure. The wireless communication method for use in a wireless terminal includes determining a concealed identifier based on a permanent identifier and a check value. A message with the concealed identifier for a registration procedure is transmitted to a wireless network node.

公开(公告)号：US10051456B2

公开(公告)日：2018-08-14

申请号：US15503721

申请日：2014-11-12

Applicant: ZTE CORPORATION

Inventor： Shilin You ,  Jiyan Cai ,  Zaifeng Zong ,  Shuang Liang ,  Zhaoji Lin ,  Jin Peng ,  Yang Li

IPC: H04W4/00 ,  H04W8/00 ,  H04W48/10 ,  H04W4/80

Abstract: The present disclosure discloses a near field communication discovery method, apparatus and system. Herein, the method includes: a discovery terminal receiving discovery information allocated by a network side to a discovered terminal, herein the discovery information includes a discovery identity, and the discovery information is transmitted by the network side to the discovered terminal; the discovery terminal performing paging or broadcasting using the discovery identity; and the discovery terminal receiving a response returned by the discovered terminal to determine that the discovered terminal is discovered.

公开(公告)号：US20240356745A1

公开(公告)日：2024-10-24

申请号：US18683504

申请日：2022-03-23

Applicant: ZTE Corporation

Inventor： Shilin You ,  Yuze Liu ,  Jiyan Cai ,  Zhen Xing ,  Jin Peng ,  Zhaoji Lin

IPC: H04L9/08

CPC classification number: H04L9/088

Abstract: A key update method, a network element, user equipment, and a storage medium are disclosed. The method may include: sending an application key update request to a second network element according to a user identity in response to an application key corresponding to a key identifier carried in a session establishment request being invalid; and determining an updated application key according to a message associated with the application key update request.

公开(公告)号：US12096207B2

公开(公告)日：2024-09-17

申请号：US18375885

申请日：2023-10-02

Applicant: ZTE Corporation

Inventor： Shilin You ,  Hongjun Liu ,  Jiyan Cai ,  Zaifeng Zong ,  Jin Peng ,  Zhaoji Lin ,  Yunyin Zhang

IPC: G06F7/04 ,  H04W12/02 ,  H04W12/03 ,  H04W12/06 ,  H04W12/069 ,  H04W12/08 ,  H04W12/72 ,  H04W12/75 ,  H04L101/654

CPC classification number: H04W12/03 ,  H04W12/02 ,  H04W12/06 ,  H04W12/069 ,  H04W12/08 ,  H04W12/72 ,  H04W12/75 ,  H04L2101/654

Abstract: Embodiments of the prevent invention provide a network access authentication method and device. The method comprises: receiving an authentication request message sent by a first serving network, wherein the authentication request message carries a user equipment pseudonym identifier generated by a user equipment; determining whether a local user equipment pseudonym identifier is asynchronous with the user equipment pseudonym identifier generated by the user equipment; and obtaining, if the determination result is yes, an encrypted international mobile subscriber identity (IMSI) to carry out network access authentication on the user equipment. The embodiments of the present invention can solve the problem that a network access process in the related art does not provide a processing method for the case where the user equipment pseudonym identifier in the user equipment is asynchronous with the user equipment pseudonym identifier in a home network.