公开(公告)号：US20210273883A1

公开(公告)日：2021-09-02

申请号：US17259493

申请日：2018-07-11

Applicant: NOKIA TECHNOLOGIES OY

Inventor： Zhiyuan HU ,  Duan CHEN ,  Zhigang LUO

IPC: H04L12/725 ,  H04L29/06 ,  H04L29/08 ,  H04L12/715

Abstract: Example embodiments of the present disclosure relate to enablement of a service function chain based on a software defined network. In some embodiments, there is provided a method implemented at a service function chain controller. The method comprises creating a service function chain for a packet, the service function chain comprising a set of ordered service functions that are to process the packet; and configuring respective forwarding rules associated with the service function chain directly or indirectly to a plurality of network nodes in a software defined network, the respective forwarding rules indicating how the plurality of network nodes forward the packet to the set of ordered service functions in the service function chain. In this way, it is possible to enable the service function chain in the software defined network.

公开(公告)号：US20210266735A1

公开(公告)日：2021-08-26

申请号：US17255313

申请日：2018-06-29

Applicant: Nokia Technologies Oy

Inventor： Zhiyuan HU ,  Wen WEI ,  Mingyu ZHAO ,  Yueming YIN ,  Zhigang LUO

IPC: H04W12/02 ,  H04L29/12 ,  H04W76/10 ,  H04W12/06

Abstract: Embodiments of the disclosure provide a method, device and computer readable medium for protecting MAC addresses. According to embodiments of the present disclosure, the terminal device may obtain a set of virtual MAC addressed from a network device and may connect with a further network device (for example, Wi-Fi AP or Bluetooth devices) using the virtual MAC addresses. In this way, tracking the terminal device with MAC address is prevented so that user privacy protection could be enhanced.

公开(公告)号：US20230179638A1

公开(公告)日：2023-06-08

申请号：US17923722

申请日：2020-05-06

Applicant: NOKIA TECHNOLOGIES OY

Inventor： Zhiyuan HU ,  Jing PING ,  Iris ADAM ,  Zhigang LUO

IPC: H04L9/40 ,  H04L41/5051 ,  H04L41/40

CPC classification number: H04L63/205 ,  H04L41/5051 ,  H04L41/40 ,  H04L63/0209

Abstract: Methods and apparatus are disclosed for preventing network attacks in a network slice. A method may comprise: obtaining security requirements of a network slice instance; determining respective security policy to be applied to each of a plurality of constituent network slice subnet instances of the network slice instance based on the security requirements of the network slice instance; and causing each of the plurality of constituent network slice subnet instances to be provided with one ore more security function instances configured according to respective determined security policy. The method can be performed in a network slice layer.

公开(公告)号：US20220321330A1

公开(公告)日：2022-10-06

申请号：US17634439

申请日：2019-08-13

Applicant: Nokia Technologies Oy

Inventor： Zhiyuan HU ,  Yueming YIN ,  Zhigang LUO

IPC: H04L9/08 ,  H04L9/32

Abstract: Embodiments of the present disclosure relate to devices, methods, apparatuses and computer readable storage media of data security for network slice management. The method comprises transmitting at least one entry associated with attributes of data generated by the first device to a second device; in response to a request for accessing the data received from a third device, determining whether the third device has an authority for accessing the data based on the request; and in response to a determination that the third device has the authority for accessing the data, causing the third device to check the integrity of the data based on the attributes of the data obtained from the second device. In this way, the service consumer may detect the data tampering. Moreover, it can be guaranteed that only authorized data user can access the raw performance data, the raw fault data or the configuration data