-
公开(公告)号:US11589274B2
公开(公告)日:2023-02-21
申请号:US17190740
申请日:2021-03-03
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
IPC: H04W36/00 , H04W8/08 , H04W48/16 , H04W80/10 , H04L9/08 , H04W12/033 , H04W12/106
Abstract: This application relates to the field of wireless communications technologies. Embodiments of this application provide a security protection method, an apparatus, and a system, to resolve a problem of low efficiency in handing over a terminal between serving base stations. The method in this application includes: receiving, by a target access network device, a correspondence between user plane information and a security policy from a source access network device; and determining, by the target access network device based on the correspondence between user plane information and a security policy, a first user plane protection algorithm corresponding to the user plane information, where the first user plane protection algorithm includes one or both of a user plane encryption algorithm and a user plane integrity protection algorithm. This application is applicable to a procedure in which the terminal is handed over between serving base stations.
-
公开(公告)号:US11533609B2
公开(公告)日:2022-12-20
申请号:US16941769
申请日:2020-07-29
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
IPC: H04W12/03 , H04W12/06 , H04W36/00 , H04W60/04 , H04W12/041 , H04W12/106
Abstract: A message protection method and an apparatus are disclosed. The method includes: When a terminal prepares to hand over from a first-standard system to a second-standard system, the terminal may not have a security context of the second-standard system after handover. Therefore, in the method of the present disclosure, the terminal performs integrity protection on a registration request message and a location update request message by using an integrity key in a security context of the first-standard system before handover. Both the registration request message and the location update request message are messages for triggering handover. Therefore, in the method, security protection is implemented on the message for triggering handover, thereby helping improve communication security.
-
公开(公告)号:US20220210859A1
公开(公告)日:2022-06-30
申请号:US17695140
申请日:2022-03-15
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Longhua Guo , Li Hu , He Li , Rong Wu
Abstract: Embodiments of this application relate to the field of communication technologies, and provide a data transmission method and an apparatus, to ensure security of radio capability information of a terminal in a transmission process. The method includes: A terminal performs NAS security protection on radio capability information based on a NAS security context before establishing an AS security context; then the terminal sends the NAS-security-protected radio capability information to a mobility management network element; and after receiving the NAS-security-protected radio capability information, the mobility management network element performs security deprotection on the NAS-security-protected radio capability information, to obtain and store the radio capability information of the terminal. In this way, in a scenario in which an access network device requires the radio capability information of the terminal, the mobility management network element may send the radio capability information to the access network device.
-
公开(公告)号:US11272360B2
公开(公告)日:2022-03-08
申请号:US16993729
申请日:2020-08-14
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W12/02 , H04W12/033 , H04W8/08 , H04W80/10 , H04W76/27 , H04W92/10 , H04L29/06 , H04W12/08 , H04W12/10 , H04W12/037 , H04W12/041 , H04W12/106
Abstract: A communication method and a related apparatus, where sending, by an access and mobility management function (AMF) entity, a request message to a session management function (SMF) entity, wherein the request message comprises a data network name (DNN) of a terminal device and an identifier of a slice of the terminal device; obtaining, by the SMF entity, a security policy based on the DNN of the terminal device and the identifier of the slice of the terminal device; sending, by the SMF entity, the security policy to a base station; and enabling, by the base station, user plane encryption protection when the security policy comprises first encryption protection indication information indicating the base station to enable the user plane encryption protection.
-
公开(公告)号:US10999736B2
公开(公告)日:2021-05-04
申请号:US16795087
申请日:2020-02-19
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Abstract: A communication method and related device are disclosed. In at least one embodiment, a reference message authentication code is obtained by a terminal device based on a first message authentication code and a second message authentication code. The first message authentication code is used by an AMF to check a service request message, and the second message authentication code is used by an SMF to check the service request message. and sending, by the terminal device, first information and the service request message are sent by the terminal device to the AMF. The first information is used to instruct the AMF to send the service request message to the SMF. The service request message includes second information. The second information includes the reference message authentication code. The SMF can perform a security check on the service request message to ensure security of a communications network.
-
Patent Agency Ranking
公开(公告)号:US10798578B2
公开(公告)日:2020-10-06
申请号:US16386462
申请日:2019-04-17
Applicant: Huawei Technologies Co., Ltd.
IPC: H04W8/08 , H04W12/10 , H04W76/27 , H04W12/04 , H04W12/00 , H04L29/06 , H04W92/10 , H04W12/02 , H04W12/08 , H04W80/10
Abstract: A communication method and a related apparatus are provided. A base station obtains a security policy, where the security policy includes integrity protection indication information, and the integrity protection indication information is used to indicate the base station whether to enable integrity protection for a terminal device; and when the integrity protection indication information indicates the base station to enable integrity protection for the terminal device, the base station sends a target user plane integrity protection algorithm to the terminal device.
-
公开(公告)号:US10681546B2
公开(公告)日:2020-06-09
申请号:US16357950
申请日:2019-03-19
Applicant: Huawei Technologies Co., Ltd.
Inventor: He Li , Youyang Yu , Jing Chen
Abstract: A processing method for terminal access to a 3GPP network is provided. UE sends an access request message to a core network device on the 3GPP network, and the core network device sends an unauthorized access message to the UE after determining that the UE has no permission to access the 3GPP network. The unauthorized access message includes authentication information of the core network device. The UE performs authentication on the core network device according to the authentication information of the core network device, and executes a corresponding network access policy after authentication on the core network device by the UE succeeds, that is, after the UE determines that a source of the unauthorized access message is authorized.
-
公开(公告)号:US20200178068A1
公开(公告)日:2020-06-04
申请号:US16783976
申请日:2020-02-06
Applicant: Huawei Technologies Co., Ltd.
Inventor: Ahmad Shawky Muhanna , He Li , Mazin Ali Al-Shalash
Abstract: A method and apparatus are provided for delivering user equipment (UE) new radio (NR) security capabilities and mobility management entity interworking. In the embodiments, adding the UE NR security capabilities in a new information element over a non-access stratum (NAS) is compatible with a legacy mobility management entity and eliminate any potential of bidding-down attack and is more advantageous and serves the security solution better. As long as the UE is connected to the long term evolution (LTE) and all UE security capabilities including LTE security capabilities have been replayed correctly and successfully in the NAS security mode command (SMC) message, the UE may not consider the absence of the UE NR security capabilities in the NAS SMC as a security vulnerability.
-
公开(公告)号:US20190215690A1
公开(公告)日:2019-07-11
申请号:US16357950
申请日:2019-03-19
Applicant: Huawei Technologies Co., Ltd.
Inventor: He Li , Youyang Yu , Jing Chen
Abstract: A processing method for terminal access to a 3GPP network is provided. UE sends an access request message to a core network device on the 3GPP network, and the core network device sends an unauthorized access message to the UE after determining that the UE has no permission to access the 3GPP network. The unauthorized access message includes authentication information of the core network device. The UE performs authentication on the core network device according to the authentication information of the core network device, and executes a corresponding network access policy after authentication on the core network device by the UE succeeds, that is, after the UE determines that a source of the unauthorized access message is authorized.
-
公开(公告)号:US12069541B2
公开(公告)日:2024-08-20
申请号:US17513418
申请日:2021-10-28
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Longhua Guo , He Li
IPC: H04W4/029
CPC classification number: H04W4/029
Abstract: A method includes receiving, from a gateway mobile location center, a reliable positioning requirement for obtaining the location of a terminal device. The method also includes determining based on the received reliable position requirement a positioning method that is based on the terminal device reporting and a network-assisted positioning. The method further includes obtaining a first location reported by the terminal device and a second location reported by a base station. The method additionally includes determining location information of the terminal device based on the first location and the second location. The method also includes sending a positioning response to an application function entity from the gateway mobile location center. The positioning response comprises the location information of the terminal device.
-
-
-
-
-
-
-
-
-
Search Results
87
records
(took 0.037 seconds)
