专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20210400482A1 Authentication Result Update Method and Communications Apparatus 有权
公开(公告)号：US20210400482A1
公开(公告)日：2021-12-23
申请号：US17464104
申请日：2021-09-01
申请人： Huawei Technologies Co., Ltd.
发明人： Xuwen Zhao , Chengdong He
IPC分类号： H04W12/06 , H04W12/122 , H04L29/06
摘要： An authentication result update method and a communications apparatus, where the authentication result update method includes: determining that an authentication result of a terminal device in a first serving network needs to be updated; and sending a first service invocation request to an authentication server, where the first service invocation request is used to request to update the authentication result stored in a unified data management device, where visited network spoofing can be prevented after authentication is completed, and where network security can be improved.

2. 发明授权

US09538373B2 Method and device for negotiating security capability when terminal moves 有权
标题翻译：终端移动时协商安全能力的方法和设备
公开(公告)号：US09538373B2
公开(公告)日：2017-01-03
申请号：US14873504
申请日：2015-10-02
申请人： Huawei Technologies Co., Ltd.
发明人： Chengdong He
IPC分类号： H04L29/06 , H04W12/04 , H04W12/06 , H04L9/08 , H04W36/00 , H04W12/10 , H04W12/12
CPC分类号： H04W12/04 , H04L9/0844 , H04L9/088 , H04L63/0492 , H04L63/062 , H04L63/0876 , H04L63/1441 , H04L63/20 , H04L63/205 , H04L69/24 , H04L2463/061 , H04W8/02 , H04W12/10 , H04W12/12 , H04W36/0038
摘要： An MME negotiates security in case of idle state mobility for a UE from a first network to a LTE network. The UE sends its security capabilities including non-access stratum (NAS) security capabilities supported by the UE to the LTE network. The MME selects a NAS security algorithm, in accordance with the NAS security capabilities of the UE, and sends the selected NAS security algorithm to the UE, sharing the NAS security algorithm between the UE and the LTE network when the UE moves from the first network to the LTE network. The MME also derives, in accordance with the selected NAS security algorithm, a NAS protection key from an authentication vector-related key so as to security communication between the UE and the LTE network.
摘要翻译：在UE从第一网络到LTE网络的空闲状态移动性的情况下，MME协商安全性。 UE向LTE网络发送其安全能力，包括UE支持的非接入层（NAS）安全功能。 MME根据UE的NAS安全能力选择NAS安全算法，并将所选择的NAS安全算法发送给UE，当UE从第一个网络移动时，在UE和LTE网络之间共享NAS安全算法到LTE网络。 MME还根据所选择的NAS安全算法从认证向量相关的密钥导出NAS保护密钥，以便UE和LTE网络之间的安全通信。

3. 发明授权

US08812848B2 Method, system and device for negotiating security capability when terminal moves 有权
标题翻译：终端移动时协商安全能力的方法，系统和设备
公开(公告)号：US08812848B2
公开(公告)日：2014-08-19
申请号：US14147179
申请日：2014-01-03
申请人： Huawei Technologies Co., Ltd.
发明人： Chengdong He
IPC分类号： H04L29/06
CPC分类号： H04W12/04 , H04L9/0844 , H04L9/088 , H04L63/0492 , H04L63/062 , H04L63/0876 , H04L63/1441 , H04L63/20 , H04L63/205 , H04L69/24 , H04L2463/061 , H04W8/02 , H04W12/10 , H04W12/12 , H04W36/0038
摘要： A method, user equipment (UE) and system are provided for negotiating a security capability during idle state mobility of the UE from a non-long term evolution (non-LTE) network to a long term evolution (LTE) network. The UE sends UE security capabilities supported by the UE to the LTE network for a non-access stratum (NAS) security algorithm selection use. The UE then receives from the LTE network selected NAS security algorithm. The UE further generates a root key from an authentication vector-related key stored at the UE and then derives, from the generated root key, a NAS protection key for security communication with the LTE network.
摘要翻译：提供了一种方法，用户设备（UE）和系统，用于在UE从非长期演进（non-LTE）网络到长期演进（LTE）网络的空闲状态移动性期间协商安全能力。 UE向UE提供UE所支持的UE安全功能，用于非接入层（NAS）安全算法选择的使用。然后，UE从LTE网络接收所选择的NAS安全算法。 UE还从存储在UE处的认证向量相关密钥生成根密钥，然后从生成的根密钥中导出用于与LTE网络进行安全通信的NAS保护密钥。

4. 发明授权

US10588015B2 Terminal authenticating method, apparatus, and system 有权
公开(公告)号：US10588015B2
公开(公告)日：2020-03-10
申请号：US15197381
申请日：2016-06-29
申请人： Huawei Technologies Co., Ltd.
发明人： Bo Zhang , Chengdong He
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30 , H04L29/06 , H04W12/06
摘要： Embodiments of the present invention disclose a terminal authenticating method, including: receiving, by a UE-to-network relay UE-R, a first request message sent by user equipment UE; sending, by the UE-R, a second request message to a control network element according to the first request message sent by the UE; receiving, by the UE-R, an authentication request message sent by the control network element, and determining whether the authentication request message is for authenticating on the UE; if the authentication request message is for authenticating on the UE, sending, by the UE-R, an authentication request message to the UE; and receiving, by the UE-R, an authentication response message sent by the UE according to the authentication request message, and sending the authentication response message to the control network element.

5. 发明授权

US10383017B2 Security capability negotiation method, system, and equipment 有权
公开(公告)号：US10383017B2
公开(公告)日：2019-08-13
申请号：US15495607
申请日：2017-04-24
申请人： Huawei Technologies Co., Ltd.
发明人： Chengdong He
IPC分类号： H04W36/14 , H04W36/00 , H04W12/02 , H04L29/06 , H04W12/10
摘要： A security capability negotiation method is applicable to perform security capability negotiation during a mobile network handover. Moreover, a security capability negotiation system is also provided. Consistent with the provided system and method, it may be unnecessary for the MME to know the security capability of the corresponding eNB in a certain manner during a handover from a 2G/3G network to an LTE network. Meanwhile, during the handover from the LTE network to the 3G network, the SGSN does not need to introduce new requirements.

6. 发明申请

US20190200234A1 Signaling Attack Prevention Method and Apparatus 审中-公开
公开(公告)号：US20190200234A1
公开(公告)日：2019-06-27
申请号：US16289120
申请日：2019-02-28
申请人： Huawei Technologies Co., Ltd.
发明人： Chengdong He
IPC分类号： H04W12/12 , H04L29/06 , H04W12/08
CPC分类号： H04W12/1204 , H04L63/0236 , H04L63/029 , H04L63/123 , H04W12/0017 , H04W12/0808 , H04W12/12
摘要： A signaling attack prevention method and apparatus, where the method includes receiving a general packet radio service (GPRS) Tunneling Protocol (GTP-C) message from a public data network gateway (PGW), determining whether the GTP-C message is received from an S8 interface, determining whether a characteristic parameter of the GTP-C message is valid when the GTP-C message is received from the S8 interface, and discarding the GTP-C message or returning, to the PGW, a GTP-C response message carrying an error code cause value when the characteristic parameter of the GTP-C message is invalid. By determining validity of each parameter in the GTP-C message, a hacker is effectively prevented from attacking a serving gateway (SGW) using each attack path, and communication security is improved.

7. 发明申请

US20170094506A1 Communication Method and Device 有权
公开(公告)号：US20170094506A1
公开(公告)日：2017-03-30
申请号：US15372093
申请日：2016-12-07
申请人： Huawei Technologies Co., Ltd.
发明人： Chengdong He
IPC分类号： H04W12/04 , H04L9/08 , H04W36/00 , H04W12/10 , H04W8/02 , H04L29/06 , H04W12/06
CPC分类号： H04W12/04 , H04L9/0844 , H04L9/088 , H04L63/0492 , H04L63/062 , H04L63/0876 , H04L63/1441 , H04L63/20 , H04L63/205 , H04L69/24 , H04L2463/061 , H04W8/02 , H04W12/10 , H04W12/12 , H04W36/0038
摘要： A communication method includes receiving by a SGSN a context request message from a mobility management entity (MME), obtaining by the SGSN an authentication vector-related key, and calculating by the SGSN a root key according to the authentication vector-related key. In addition, the method further includes sending by the SGSN a context response message including the root key to the MME, wherein the MME derives a NAS protection key according to the root key.

8. 发明申请

US20170012997A1 Method and Apparatus for Detecting Man-In-The-Middle Attack 审中-公开
标题翻译：用于检测中间人攻击的方法和装置
公开(公告)号：US20170012997A1
公开(公告)日：2017-01-12
申请号：US15270722
申请日：2016-09-20
申请人： Huawei Technologies Co., Ltd.
发明人： Rong Wu , Chengdong He , Lu Gan
IPC分类号： H04L29/06
CPC分类号： H04L63/14 , H04L63/12 , H04L63/1441 , H04W12/12
摘要： A method and an apparatus for detecting a man-in-the-middle attack, where the method includes receiving, by a macro evolved Node B (MeNB), a first check request message sent by a secondary evolved Node B (SeNB), where the first check request message includes first identifier information and a first data packet count value, generating a second check request message according to the first identifier information, sending the second check request message to a user terminal, receiving a first check response message generated by the user terminal according to the second check request message, where the first check response message includes second identifier information and a second data packet count value, determining, by the MeNB, that the man-in-the-middle attack exists between the SeNB and the user terminal when the first data packet count value is different from the second data packet count value.
摘要翻译：一种用于检测中间人攻击的方法和装置，其中所述方法包括由宏演进节点B（MeNB）接收由次演进节点B（SeNB）发送的第一检查请求消息，其中所述第一检查请求消息包括第一标识信息和第一数据包计数值，根据所述第一标识信息生成第二检查请求消息，向所述用户终端发送所述第二检查请求消息，接收所述第一检查请求消息，用户终端根据第二检查请求消息，其中第一检查响应消息包括第二标识符信息和第二数据包计数值，由MeNB确定在SeNB和第二检查请求消息之间存在中间人攻击当第一数据分组计数值与第二数据分组计数值不同时，用户终端。

9. 发明申请

US20160249209A1 Negotiation Processing Method for Security Algorithm, Control Network Element, and Control System 有权
标题翻译：安全算法协调处理方法，控制网元和控制系统
公开(公告)号：US20160249209A1
公开(公告)日：2016-08-25
申请号：US15143095
申请日：2016-04-29
申请人： Huawei Technologies Co., Ltd.
发明人： Bo Zhang , Chengdong He , Lu Gan
IPC分类号： H04W12/04 , H04L9/08
CPC分类号： H04W12/04 , H04L9/0816 , H04L63/205 , H04W76/14
摘要： A negotiation processing method for a security algorithm, a control network element, and a control system where the negotiation processing method for a security algorithm includes selecting, by a control network element according to a security capability of first user equipment (UE) and a security capability of second UE, a security algorithm supported by both the first UE and the second UE, and notifying, by the control network element, the selected security algorithm to the first UE and the second UE, and hence, negotiation of a security algorithm between two UEs in proximity communication can be implemented under the control of a control network element.
摘要翻译：一种用于安全算法的协商处理方法，控制网元和控制系统，其中安全算法的协商处理方法包括：根据第一用户设备（UE）的安全能力和安全性第二UE的能力，由第一UE和第二UE支持的安全算法，以及由控制网元向所述第一UE和所述第二UE通知所选择的安全算法，并且因此在所述第一UE和所述第二UE之间进行安全算法的协商接近通信中的两个UE可以在控制网元的控制下实现。

10. 发明申请

US20160248857A1 Key Negotiation Processing Method and Apparatus 审中-公开
标题翻译：关键谈判处理方法与装置
公开(公告)号：US20160248857A1
公开(公告)日：2016-08-25
申请号：US15146690
申请日：2016-05-04
申请人： Huawei Technologies Co., Ltd.
发明人： Bo Zhang , Chengdong He , Lu Gan
IPC分类号： H04L29/08 , H04L9/08
CPC分类号： H04L67/141 , H04L9/0838 , H04L63/06 , H04L69/24 , H04L2209/80 , H04W12/04 , H04W76/14
摘要： A method and apparatus of key negotiation processing, which includes acquiring, by a control network element, a first key negotiation parameter and a second key negotiation parameter, and sending, by the control network element, the first key negotiation parameter and/or the second key negotiation parameter to the first user equipment UE and a second UE such that the first UE and the second UE generate a key according to the first key negotiation parameter and the second key negotiation parameter. Key negotiation may be performed between two UEs that perform proximity communication.
摘要翻译：一种密钥协商处理的方法和装置，包括由控制网元获取第一密钥协商参数和第二密钥协商参数，并由控制网元发送第一密钥协商参数和/或第二密钥协商参数密钥协商参数给第一用户设备UE和第二UE，使得第一UE和第二UE根据第一密钥协商参数和第二密钥协商参数生成密钥。可以在执行邻近通信的两个UE之间执行密钥协商。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式