专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US11765754B2 Resource scheduling method and terminal device 有权
公开(公告)号：US11765754B2
公开(公告)日：2023-09-19
申请号：US17018551
申请日：2020-09-11
申请人： Huawei Technologies Co., Ltd.
发明人： Fei Wang , Zhenning Wang , Haibo Chen , Jian Cheng , Hongjiang Zhao , Shanxi Chen
IPC分类号： H04W72/00 , H04W72/52 , H04W72/0446 , H04W72/044 , H04W72/1263
CPC分类号： H04W72/52 , H04W72/0446 , H04W72/0466 , H04W72/1263
摘要： A resource scheduling method implemented by a device, where the resource scheduling method includes determining a load characteristic of a frame drawing thread, where the frame drawing thread draws an image frame determining a target resource scheduling manner based on the load characteristic, and scheduling a resource for the frame drawing thread in the target resource scheduling manner.

2. 发明申请

US20180096162A1 DATA PROTECTION METHOD AND APPARATUS 审中-公开
公开(公告)号：US20180096162A1
公开(公告)日：2018-04-05
申请号：US15820769
申请日：2017-11-22
申请人： HUAWEI TECHNOLOGIES CO., LTD.
发明人： Yutao Liu , Yubin Xia , Haibo Chen
IPC分类号： G06F21/62 , G06F21/52 , G06F21/56 , G06F12/1009
CPC分类号： G06F21/6218 , G06F12/08 , G06F12/1009 , G06F12/145 , G06F21/51 , G06F21/52 , G06F21/563 , G06F21/566 , G06F21/577 , G06F21/62 , G06F21/74 , G06F21/78 , G06F2212/1052 , G06F2212/151 , G06F2212/657 , G06F2221/034
摘要： A data protection method includes detecting whether critical code of an application has been called, with the critical code being used to access critical data; switching from a preconfigured first extended page table (EPT) to a preconfigured second EPT according to preset trampoline code corresponding to the critical code when an operating system calls the critical code using the first EPT, wherein memory mapping relationships of the critical data and the critical code are not configured in the first EPT, the memory mapping relationships of the critical data and the critical code are configured in the second EPT, and the critical data and the critical code are separately stored in independent memory areas; and switching from the second EPT back to the first EPT according to the trampoline code after calling and executing the critical code using the second EPT.

3. 发明授权

US09762555B2 Data processing method and apparatus 有权
公开(公告)号：US09762555B2
公开(公告)日：2017-09-12
申请号：US14808332
申请日：2015-07-24
申请人： Huawei Technologies Co., Ltd.
发明人： Zhichao Hua , Yubin Xia , Haibo Chen
IPC分类号： H04L29/06 , G06F21/33 , G06F21/42 , H04L9/32 , H04L9/08
CPC分类号： H04L63/0435 , G06F21/335 , G06F21/42 , G06F2221/2113 , H04L9/0844 , H04L9/3265 , H04L63/0471 , H04L63/0485 , H04L63/0823 , H04L63/0884 , H04L63/168 , H04L2463/062
摘要： A data processing method and apparatus, where the method includes acquiring a first network data packet that is sent by a target application that runs in an untrusted execution domain, where the first network data packet includes a first identifier; acquiring, in a trusted execution domain, first data corresponding to the first identifier; generating, in the trusted execution domain, a second network data packet according to the first data and the first network data packet; performing, in the trusted execution domain, encryption on the second network data packet by using a first session key to acquire an encrypted second network data packet; and sending the encrypted second network data packet to the target server. The data processing method and apparatus in the embodiments of the present invention can effectively prevent an attacker from stealing data.

4. 发明申请

US20160028701A1 Data Processing Method and Apparatus 有权
标题翻译：数据处理方法与装置
公开(公告)号：US20160028701A1
公开(公告)日：2016-01-28
申请号：US14808332
申请日：2015-07-24
申请人： Huawei Technologies Co., Ltd.
发明人： Zhichao Hua , Yubin Xia , Haibo Chen
IPC分类号： H04L29/06
CPC分类号： H04L63/0435 , G06F21/335 , G06F21/42 , G06F2221/2113 , H04L9/0844 , H04L9/3265 , H04L63/0471 , H04L63/0485 , H04L63/0823 , H04L63/0884 , H04L63/168 , H04L2463/062
摘要： A data processing method and apparatus, where the method includes acquiring a first network data packet that is sent by a target application that runs in an untrusted execution domain, where the first network data packet includes a first identifier; acquiring, in a trusted execution domain, first data corresponding to the first identifier; generating, in the trusted execution domain, a second network data packet according to the first data and the first network data packet; performing, in the trusted execution domain, encryption on the second network data packet by using a first session key to acquire an encrypted second network data packet; and sending the encrypted second network data packet to the target server. The data processing method and apparatus in the embodiments of the present invention can effectively prevent an attacker from stealing data.
摘要翻译：一种数据处理方法和装置，其中所述方法包括获取在不可信执行域中运行的目标应用发送的第一网络数据分组，其中所述第一网络数据分组包括第一标识符; 在可信执行域中获取对应于所述第一标识符的第一数据; 在可信执行域中根据第一数据和第一网络数据分组生成第二网络数据分组; 通过使用第一会话密钥来获取加密的第二网络数据分组，在所述可信执行域中对所述第二网络数据分组进行加密; 并将加密的第二网络数据分组发送到目标服务器。本发明实施例中的数据处理方法和装置可以有效地防止攻击者窃取数据。

5. 发明公开

US20230413304A1 Resource Scheduling Method and Terminal Device 审中-公开
公开(公告)号：US20230413304A1
公开(公告)日：2023-12-21
申请号：US18449790
申请日：2023-08-15
申请人： Huawei Technologies Co., Ltd.
发明人： Fei Wang , Zhenning Wang , Haibo Chen , Jian Cheng , Hongjiang Zhao , Shanxi Chen
IPC分类号： H04W72/52 , H04W72/0446 , H04W72/044 , H04W72/1263
CPC分类号： H04W72/52 , H04W72/0446 , H04W72/0466 , H04W72/1263
摘要： A resource scheduling method implemented by a device, where the resource scheduling method includes determining a load characteristic of a frame drawing thread, where the frame drawing thread draws an image frame determining a target resource scheduling manner based on the load characteristic, and scheduling a resource for the frame drawing thread in the target resource scheduling manner.

6. 发明授权

US11687645B2 Security control method and computer system 有权
公开(公告)号：US11687645B2
公开(公告)日：2023-06-27
申请号：US16838935
申请日：2020-04-02
申请人： HUAWEI TECHNOLOGIES CO., LTD.
发明人： Haibo Chen , Nan Wang , Shanxi Chen , Miao Xie
IPC分类号： G06F21/54 , G06N20/00 , G06F21/74 , G06F16/245 , G06F7/58 , G06F21/57 , G06Q50/26
CPC分类号： G06F21/54 , G06F21/74 , G06N20/00 , G06F7/582 , G06F7/588 , G06F16/245 , G06F21/577 , G06F2221/033 , G06F2221/2101 , G06Q50/265
摘要： A security control method and a computer system are provided. A first domain and a second domain are deployed in the computer system, the second domain is more secure than the first domain, a program is deployed in the first domain, and a control flow management module and an audit module are deployed in the second domain. The second domain is more secure than the first domain. When the program in the first domain is executed, the control flow management module obtains control flow information by using a tracer. The audit module audits the to-be-audited information according to an audit rule, and when the to-be-audited information matches the audit rule, determines that the audit succeeds and then allows the first domain to perform a subsequent operation, for example, to access a secure program in the second domain.

7. 发明授权

US11321452B2 Execution environment virtualization method and apparatus and virtual execution environment access method and apparatus 有权
公开(公告)号：US11321452B2
公开(公告)日：2022-05-03
申请号：US16043124
申请日：2018-07-23
申请人： HUAWEI TECHNOLOGIES CO., LTD.
发明人： Zhichao Hua , Yubin Xia , Haibo Chen
IPC分类号： G06F21/53 , G06F9/455 , G06F9/50 , G06F12/109 , G06F12/14 , G06F9/48 , G06F21/62
摘要： The present disclosure provides an execution environment virtualization method. The method includes: creating an ordinary virtual machine and a trusted virtual machine for a user in the ordinary execution environment, where the ordinary virtual machine executes an ordinary application of the user, and the trusted virtual machine executes a security application of the user; allocating memories to the ordinary virtual machine and the trusted virtual machine; establishing a mapping relationship between an ordinary memory of the ordinary virtual machine and a physical memory, to obtain a first memory mapping table; and establishing a mapping relationship between a virtual physical memory of the trusted virtual machine and a physical memory, to obtain a second memory mapping table. Therefore, the ordinary application and the security application run in execution environments independent of each other, thereby ensuring data security of the user.

8. 发明授权

US10007785B2 Method and apparatus for implementing virtual machine introspection 有权
公开(公告)号：US10007785B2
公开(公告)日：2018-06-26
申请号：US15199200
申请日：2016-06-30
申请人： Huawei Technologies Co., Ltd.
发明人： Bin Tu , Haibo Chen , Yubin Xia
IPC分类号： G06F11/00 , G06F21/56 , G06F9/455 , G06F21/53
CPC分类号： G06F21/565 , G06F9/45558 , G06F21/53 , G06F2009/45587 , G06F2009/45591 , G06F2221/034
摘要： The present disclosure relates to the field of information technologies and discloses a method and an apparatus for implementing virtual machine introspection. The method provided in the present disclosure may further include: determining to-be-checked data in a virtual machine; starting to read the to-be-checked data, saving a copy of the read to-be-checked data, and storing a storage address of the read to-be-checked data in a hardware transactional memory, so that the hardware transactional memory is capable of monitoring the read to-be-checked data according to the storage address; when the read to-be-checked data is modified, stop reading the to-be-checked data, and delete the copy; and when reading the to-be-checked data is completed and it is not detected that the read to-be-checked data is modified, performing security check on the copy. The method can be applied to virtual machine introspection.

9. 发明申请

US20160314297A1 Method and Apparatus for Implementing Virtual Machine Introspection 有权
标题翻译：实现虚拟机内省的方法和装置
公开(公告)号：US20160314297A1
公开(公告)日：2016-10-27
申请号：US15199200
申请日：2016-06-30
申请人： Huawei Technologies Co., Ltd.
发明人： Bin Tu , Haibo Chen , Yubin Xia
IPC分类号： G06F21/56 , G06F21/53 , G06F9/455
CPC分类号： G06F21/565 , G06F9/45558 , G06F21/53 , G06F2009/45587 , G06F2009/45591 , G06F2221/034
摘要： The present disclosure relates to the field of information technologies and discloses a method and an apparatus for implementing virtual machine introspection. The method provided in the present disclosure may further include: determining to-be-checked data in a virtual machine; starting to read the to-be-checked data, saving a copy of the read to-be-checked data, and storing a storage address of the read to-be-checked data in a hardware transactional memory, so that the hardware transactional memory is capable of monitoring the read to-be-checked data according to the storage address; when the read to-be-checked data is modified, stop reading the to-be-checked data, and delete the copy; and when reading the to-be-checked data is completed and it is not detected that the read to-be-checked data is modified, performing security check on the copy. The method can be applied to virtual machine introspection.
摘要翻译：本公开涉及信息技术领域，并且公开了一种用于实现虚拟机内省的方法和装置。本公开中提供的方法还可以包括：确定虚拟机中的待检查数据; 开始读取待检查的数据，保存读取的被检查数据的副本，以及将读取的被检查数据的存储地址存储在硬件事务存储器中，使得硬件事务存储器能够根据存储地址监视读取的被检查数据; 当读取的被检查数据被修改时，停止读取待检查的数据，并删除副本; 并且当读取待检查数据完成并且未检测到读取的被检查数据被修改时，对拷贝执行安全性检查。该方法可以应用于虚拟机内省。

10. 发明授权

US10638311B2 Communication method for mobile terminal and mobile terminal 有权
公开(公告)号：US10638311B2
公开(公告)日：2020-04-28
申请号：US15795491
申请日：2017-10-27
申请人： Huawei Technologies Co., Ltd.
发明人： Wenhao Li , Yubin Xia , Haibo Chen
IPC分类号： H04L29/06 , G06F21/53 , H04W12/02 , H04W12/08 , H04W12/00 , H04M1/68
CPC分类号： H04W12/02 , G06F21/53 , H04W12/0013 , H04W12/0806 , G06F2221/2149 , H04L63/0428 , H04M1/68
摘要： Embodiments of the present disclosure disclose a secure communication method for a mobile terminal and a mobile terminal. The secure communication method may include: when a wireless communication connection is established between the mobile terminal and another mobile terminal, and the wireless communication connection meets a preset security processing trigger condition, prohibiting, by means of setting, a program in a common virtual kernel from accessing a shared memory between a secure virtual kernel and the common virtual kernel and accessing a peripheral that needs to be called for the wireless communication connection; performing, by using the secure virtual kernel, preset policy-based processing on communication content corresponding to the wireless communication connection; and outputting, by using the secure virtual kernel, communication content obtained by performing the preset policy-based processing.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式