-
公开(公告)号:US11350286B2
公开(公告)日:2022-05-31
申请号:US16990528
申请日:2020-08-11
Applicant: Huawei Technologies Co., Ltd.
Inventor: Chong Zhou , Tianfu Fu , Dacheng Zhang , Jianxiong Wei
IPC: H04W12/71 , H04W12/03 , H04W12/06 , H04W12/04 , H04L9/08 , H04L9/32 , H04W12/033 , H04W12/069 , H04W12/0431
Abstract: A device identifier (ID) obtaining method, a terminal, and a network device, where the method includes sending, by a terminal to a network device, a first message used to obtain a device ID, where the device ID is used to globally identify the terminal uniquely, receiving, by the terminal, an encrypted key pair sent by the network device, where the key pair includes a first public key and a first private key, receiving, by the terminal, information sent by the network device, where the information is used to identify that the first public key is the device ID of the terminal, and determining, by the terminal, that the first public key is the device ID.
-
2.发明申请公开(公告)号:US20180337888A1
公开(公告)日:2018-11-22
申请号:US16050313
申请日:2018-07-31
Applicant: Huawei Technologies Co., Ltd.
IPC: H04L29/06 , H04L12/823
Abstract: A network attack defense policy sending method and apparatus are presented. The method includes receiving attack information which includes a target Internet Protocol (IP) address, and the attack information is used to indicate that a network attack packet whose destination address is the target IP address exists in a first network; determining that the network attack packet enters the first network through a first edge network device, where the first edge network device is an edge device in the first network; sending a defense policy to the first edge network device, where the defense policy is used to instruct the first edge network device to process, according to the defense policy, a packet whose destination address is the target IP address. By means of this application, network resources occupied by a network attack packet can be reduced, and an effect of defending against the network attack packet can be improved.
-
公开(公告)号:US10798060B2
公开(公告)日:2020-10-06
申请号:US16050313
申请日:2018-07-31
Applicant: Huawei Technologies Co., Ltd.
IPC: H04L29/06 , H04L12/24 , H04L12/823
Abstract: A network attack defense policy sending method and apparatus are presented. The method includes receiving attack information which includes a target Internet Protocol (IP) address, and the attack information is used to indicate that a network attack packet whose destination address is the target IP address exists in a first network; determining that the network attack packet enters the first network through a first edge network device, where the first edge network device is an edge device in the first network; sending a defense policy to the first edge network device, where the defense policy is used to instruct the first edge network device to process, according to the defense policy, a packet whose destination address is the target IP address. By means of this application, network resources occupied by a network attack packet can be reduced, and an effect of defending against the network attack packet can be improved.
-
公开(公告)号:US20190327224A1
公开(公告)日:2019-10-24
申请号:US16456706
申请日:2019-06-28
Applicant: Huawei Technologies Co., Ltd.
Inventor: Dacheng Zhang , Tianfu Fu , Chong Zhou
IPC: H04L29/06
Abstract: This application provides a certificate obtaining method, an authentication method, and a network device, to improve control over operation permission of an APP on an API. The certificate is used for permission authentication when the APP accesses an API of a controller. The certificate includes one or more of (a) to (c): (a) information about operation permission of the APP on N application programming interfaces APIs of the controller, (b) identifiers of L APIs that are of the N APIs and that the APP has permission to operate, and (c) identifiers of R APIs that are of the N APIs and that the APP has no permission to operate.
-
公开(公告)号:US20170300595A1
公开(公告)日:2017-10-19
申请号:US15639180
申请日:2017-06-30
Applicant: Huawei Technologies Co., Ltd.
Inventor: Tianfu Fu , Chong Zhou , Yibo Zhang
IPC: G06F17/30 , H04L12/24 , H04L12/743 , H04L12/26 , H04L12/851 , H04L29/06 , H04L12/935 , H04L12/931 , H04L12/741
CPC classification number: G06F16/90344 , H04L29/06 , H04L41/142 , H04L41/50 , H04L41/5009 , H04L43/022 , H04L43/026 , H04L43/06 , H04L43/0817 , H04L43/0847 , H04L43/0852 , H04L43/087 , H04L43/106 , H04L43/18 , H04L45/745 , H04L45/7453 , H04L47/2441 , H04L49/205 , H04L49/3009 , H04L69/16 , H04L69/161
Abstract: A data packet extraction method and apparatus is disclosed. Two hash values calculated based on quintuple information of different data packets of a same session are the same, that is, two calculated remainders are also the same at a same sampling ratio. When one remainder of the two calculated remainders is a preset sampling remainder, all the data packets in a network that belong to the session are extracted, so as to implement data packet extraction based on a session. When the quintuple information of the different data packets of the same session matches a first mapping table, either all the data packets of the same session can match the first mapping table, or none of the data packets of the same session can match the first mapping table, so as to implement data packet extraction based on a session.
-
Patent Agency Ranking
公开(公告)号:US10404773B2
公开(公告)日:2019-09-03
申请号:US14167507
申请日:2014-01-29
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Tianfu Fu
Abstract: The present invention provides a distributed cluster processing system and a packet processing method thereof. The system includes at least one external interface unit, multiple processing units, and a switching unit, where each of the at least one external interface unit is connected between a corresponding processing unit of the multiple processing units and an external network element, and is configured to receive a packet from the external network element, forward the packet to a corresponding processing unit of the multiple directly connected processing units, and send a processed packet to the external network element; and each of the multiple processing units performs specified service processing and is respectively connected to the switching unit, so that the multiple processing units and the switching unit form a star topology structure. According to the system and the method, through a logical combination between the processing units, end-to-end high performance may be achieved.
-
公开(公告)号:US20160330569A1
公开(公告)日:2016-11-10
申请号:US15215171
申请日:2016-07-20
Applicant: Huawei Technologies Co., Ltd.
CPC classification number: H04W4/60 , G06Q50/10 , H04L67/02 , H04L67/20 , H04L67/327 , H04W76/10 , H04W76/18
Abstract: A network device executes a method including receiving a request message for a first service sent by a user equipment; determining a first service requested by the request message for the first service; and sending the request message for the first service to a first value added service server.
Abstract translation: 网络设备执行包括接收用户设备发送的第一服务的请求消息的方法; 确定由第一服务的请求消息请求的第一服务; 以及将所述第一服务的请求消息发送到第一增值业务服务器。
-
公开(公告)号:US20130086259A1
公开(公告)日:2013-04-04
申请号:US13673536
申请日:2012-11-09
Applicant: Huawei Technologies Co., Ltd.
IPC: G06F15/173
CPC classification number: H04L12/66 , H04L12/2872 , H04L12/6418 , H04L61/2015 , H04L61/2514
Abstract: Embodiments of the present invention relate to a method for acquiring an IP address and a network access device. The method includes: after receiving a first IP address acquiring message from a first network, assigning a first IP address to the first network by using a process and associating an identifier of the first network with a first session, so that the network access device is capable of mapping the first IP address to a first private network IP address and sending the same to the first network, thereby avoiding the problem of complex implementation in the prior art resulted from a process where a gateway configured for a family network or an enterprise network needs to initiate an IPoE dial-up process. In this way, the gateway configured for the family network or the enterprise network is simplified, operation and maintenance costs are reduced, and flat networks are further implemented.
Abstract translation: 本发明的实施例涉及一种用于获取IP地址和网络接入设备的方法。 该方法包括:在从第一网络接收到第一IP地址获取消息之后,通过使用处理并将第一网络的标识符与第一会话相关联来向第一网络分配第一IP地址,使得网络接入设备 能够将第一IP地址映射到第一专用网络IP地址并将其发送到第一网络,从而避免了现有技术中由配置用于家庭网络或企业网络的网关的过程导致的复杂实现的问题 需要启动IPoE拨号过程。 以这种方式,为家庭网络或企业网络配置的网关简化,降低了运营和维护成本,进一步实现了平面网络。
-
公开(公告)号:US10129722B2
公开(公告)日:2018-11-13
申请号:US15215171
申请日:2016-07-20
Applicant: Huawei Technologies Co., Ltd.
Abstract: A network device executes a method including receiving a request message for a first service sent by a user equipment; determining a first service requested by the request message for the first service; and sending the request message for the first service to a first value added service server.
-
公开(公告)号:US20170200010A1
公开(公告)日:2017-07-13
申请号:US15468776
申请日:2017-03-24
Applicant: Huawei Technologies Co., Ltd.
Inventor: Tianfu Fu , Chong Zhou , Hao Lei , Liang Zhu , Yubai Ye
CPC classification number: G06F21/575 , G06F9/4406 , G06F21/57 , H04L9/14 , H04L63/0428 , H04L63/06 , H04L63/10 , H04L63/20 , H04L2209/16
Abstract: Disclosed are a security control method and a network device. The method includes: a network device obtains confidential data generated by a software trusted platform module (TPM) running in the network device, where the confidential data includes permanent confidential data and refreshable confidential data, the permanent confidential data is data that cannot be updated during a startup process of the network device and the refreshable confidential data is data that can be updated during a startup process of the network device; the network device encrypts the permanent confidential data by using a white box algorithm and stores the permanent confidential data encrypted by using the white box algorithm and the refreshable confidential data in a storage unit whose address is hidden.
-
-
-
-
-
-
-
-
-
Search Results
15
records
(took 0.025 seconds)
