Patents by Inventor Chengyan Feng
Chengyan Feng has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11646973Abstract: The present embodiments provide a method for managing a hardware resource, a method for querying a location of a hardware resource, and a related apparatus. The method for managing a hardware resource includes receiving, by a virtualized infrastructure manager (VIM), a hardware resource allocation request message sent by a VNF management entity, where the hardware resource allocation request message is used to request the VIM to allocate a hardware resource to a virtual machine that runs a VNFC, and the hardware resource allocation request message includes location information of the hardware resource that the virtual machine requests to allocate. The method also includes allocating, by the VIM, the hardware resource at a corresponding location to the virtual machine according to the location information of the hardware resource.Type: GrantFiled: July 28, 2021Date of Patent: May 9, 2023Assignee: Huawei Technologies Co., Ltd.Inventors: Tao Jin, Qingchun Lin, Chengyan Feng
-
Publication number: 20210359953Abstract: The present embodiments provide a method for managing a hardware resource, a method for querying a location of a hardware resource, and a related apparatus. The method for managing a hardware resource includes receiving, by a virtualized infrastructure manager (VIM), a hardware resource allocation request message sent by a VNF management entity, where the hardware resource allocation request message is used to request the VIM to allocate a hardware resource to a virtual machine that runs a VNFC, and the hardware resource allocation request message includes location information of the hardware resource that the virtual machine requests to allocate. The method also includes allocating, by the VIM, the hardware resource at a corresponding location to the virtual machine according to the location information of the hardware resource.Type: ApplicationFiled: July 28, 2021Publication date: November 18, 2021Inventors: Tao Jin, Qingchun Lin, Chengyan Feng
-
Patent number: 11095569Abstract: The present embodiments provide a method for managing a hardware resource, a method for querying a location of a hardware resource, and a related apparatus. The method for managing a hardware resource includes receiving, by a virtualized infrastructure manager (VIM), a hardware resource allocation request message sent by a VNF management entity, where the hardware resource allocation request message is used to request the VIM to allocate a hardware resource to a virtual machine that runs a VNFC, and the hardware resource allocation request message includes location information of the hardware resource that the virtual machine requests to allocate. The method also includes allocating, by the VIM, the hardware resource at a corresponding location to the virtual machine according to the location information of the hardware resource.Type: GrantFiled: May 5, 2017Date of Patent: August 17, 2021Assignee: Huawei Technologies Co., Ltd.Inventors: Tao Jin, Qingchun Lin, Chengyan Feng
-
Patent number: 10757129Abstract: The present invention discloses a software security verification method, a device, and a system, and relates to the communications field, so as to resolve a problem in the prior art that security verification on a VNF packet increases a VNF instantiation delay and reduces VNF instantiation performance. In a specific solution, after a first device receives an instantiation request of a VNF, the first device performs security verification on a stored VNF packet of the VNF when or after starting to instantiate the VNF according to the instantiation request of the VNF, and the first device sends first result information to a second device when security verification on the VNF packet of the VNF succeeds. The first result information includes information that security verification on the VNF packet of the VNF succeeds. The present invention is applied to software security verification.Type: GrantFiled: October 27, 2017Date of Patent: August 25, 2020Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Chengyan Feng, Jiangsheng Wang
-
Patent number: 10581619Abstract: A certificate management method, a device, and a system relate to the communications field and for certificate management are used to resolve a problem that communication security of a virtual network system is degraded because after a virtualized network function (VNF) instance is terminated in the virtual network system, a private key corresponding to a certificate of the VNF instance may be illegally obtained by an attacker to forge an identity of the VNF instance. A specific solution includes obtaining, by a first device, a certificate identifier of a first instance, and updating certificate status information of the first instance to a revocation state according to the certificate identifier of the first instance, or sending, by the first device, a first request message to a second device, where the first request message requests to revoke a certificate of the first instance.Type: GrantFiled: August 9, 2017Date of Patent: March 3, 2020Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Chengyan Feng, Jiangsheng Wang
-
Patent number: 10367647Abstract: A certificate acquiring method and device, where the method includes receiving a certificate application representation message sent by a newly installed virtualized network function component (VNFC) instance, sending a certificate request message to a certification authority, and acquiring a certificate issued by the certification authority. In this way, the newly installed VNFC instance does not need to use a current manner for a virtualized network function (VNF) to acquire a certificate, which effectively avoids a problem of a cumbersome and more complex process caused when the newly installed VNFC instance acquires a certificate.Type: GrantFiled: November 8, 2016Date of Patent: July 30, 2019Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Chengyan Feng, Jiangsheng Wang
-
Patent number: 10225246Abstract: The embodiments of the present invention disclose a certificate acquiring method and device. A virtualized network function manager (VNFM) receives a certificate application proxy message sent by a virtualized network function (VNF) instance. The VNFM uses the authentication information to authenticate the VNF instance, and when the authentication succeeds, sends a certificate application message to a certificate authority (CA). Then the VNFM receives a certificate issued by the CA, and sends the certificate to the VNF instance. In this way, through a trusted link between the VNFM and the certificate authority, the instantiated VNF instance applies for a certificate issued by the certificate authority, thereby effectively ensuring security of a management channel between the VNF instance and the VNFM.Type: GrantFiled: November 8, 2016Date of Patent: March 5, 2019Assignee: Huawei Technologies Co., Ltd.Inventors: Ying Xiong, Jiangsheng Wang, Chengyan Feng
-
Patent number: 10205719Abstract: The invention discloses a network function virtualization-based certificate configuration method, apparatus, and system. A virtualized network management entity obtains initial credential information of a virtualized network function entity; and installs the initial credential information onto the virtualized network function entity during or after instantiation of the virtualized network function entity, so that the virtualized network function entity obtains, from a certificate authority by using the initial credential information, a formal certificate issued by a network operator of the virtualized network function entity. The invention not only can apply to a network function virtualization scenario, but also can resolve a problem of a security risk in network function virtualization.Type: GrantFiled: September 23, 2016Date of Patent: February 12, 2019Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Chengyan Feng, Jing Chen
-
Publication number: 20180063184Abstract: The present invention discloses a software security verification method, a device, and a system, and relates to the communications field, so as to resolve a problem in the prior art that security verification on a VNF packet increases a VNF instantiation delay and reduces VNF instantiation performance. In a specific solution, after a first device receives an instantiation request of a VNF, the first device performs security verification on a stored VNF packet of the VNF when or after starting to instantiate the VNF according to the instantiation request of the VNF, and the first device sends first result information to a second device when security verification on the VNF packet of the VNF succeeds. The first result information includes information that security verification on the VNF packet of the VNF succeeds. The present invention is applied to software security verification.Type: ApplicationFiled: October 27, 2017Publication date: March 1, 2018Applicant: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Chengyan FENG, Jiangsheng Wang
-
Publication number: 20170338968Abstract: A certificate management method, a device, and a system relate to the communications field and for certificate management are used to resolve a problem that communication security of a virtual network system is degraded because after a virtualized network function (VNF) instance is terminated in the virtual network system, a private key corresponding to a certificate of the VNF instance may be illegally obtained by an attacker to forge an identity of the VNF instance. A specific solution includes obtaining, by a first device, a certificate identifier of a first instance, and updating certificate status information of the first instance to a revocation state according to the certificate identifier of the first instance, or sending, by the first device, a first request message to a second device, where the first request message requests to revoke a certificate of the first instance.Type: ApplicationFiled: August 9, 2017Publication date: November 23, 2017Inventors: Chengyan Feng, Jiangsheng Wang
-
Publication number: 20170244647Abstract: The present embodiments provide a method for managing a hardware resource, a method for querying a location of a hardware resource, and a related apparatus. The method for managing a hardware resource includes receiving, by a virtualized infrastructure manager (VIM), a hardware resource allocation request message sent by a VNF management entity, where the hardware resource allocation request message is used to request the VIM to allocate a hardware resource to a virtual machine that runs a VNFC, and the hardware resource allocation request message includes location information of the hardware resource that the virtual machine requests to allocate. The method also includes allocating, by the VIM, the hardware resource at a corresponding location to the virtual machine according to the location information of the hardware resource.Type: ApplicationFiled: May 5, 2017Publication date: August 24, 2017Inventors: Tao Jin, Qingchun Lin, Chengyan Feng
-
Publication number: 20170054710Abstract: The embodiments of the present invention disclose a certificate acquiring method and device. A virtualized network function manager (VNFM) receives a certificate application proxy message sent by a virtualized network function (VNF) instance. The VNFM uses the authentication information to authenticate the VNF instance, and when the authentication succeeds, sends a certificate application message to a certificate authority (CA). Then the VNFM receives a certificate issued by the CA, and sends the certificate to the VNF instance.Type: ApplicationFiled: November 8, 2016Publication date: February 23, 2017Inventors: Ying XIONG, Jiangsheng WANG, Chengyan FENG
-
Publication number: 20170054565Abstract: A certificate acquiring method and device, where the method includes receiving a certificate application representation message sent by a newly installed virtualized network function component (VNFC) instance, sending a certificate request message to a certification authority, and acquiring a certificate issued by the certification authority. In this way, the newly installed VNFC instance does not need to use a current manner for a virtualized network function (VNF) to acquire a certificate, which effectively avoids a problem of a cumbersome and more complex process caused when the newly installed VNFC instance acquires a certificate.Type: ApplicationFiled: November 8, 2016Publication date: February 23, 2017Inventors: Chengyan Feng, Jiangsheng Wang
-
Publication number: 20170012968Abstract: The invention discloses a network function virtualization-based certificate configuration method, apparatus, and system. A virtualized network management entity obtains initial credential information of a virtualized network function entity; and installs the initial credential information onto the virtualized network function entity during or after instantiation of the virtualized network function entity, so that the virtualized network function entity obtains, from a certificate authority by using the initial credential information, a formal certificate issued by a network operator of the virtualized network function entity. The invention not only can apply to a network function virtualization scenario, but also can resolve a problem of a security risk in network function virtualization.Type: ApplicationFiled: September 23, 2016Publication date: January 12, 2017Inventors: Chengyan FENG, Jing CHEN
-
Patent number: 9386448Abstract: The disclosure provides a method for updating an air interface key, a core network node and user equipment. The update method comprises: a core network node receives a relocation indication message, wherein the relocation indication message is configured to indicate that the User Equipment (UE) is about to relocate to a target Radio Network Controller (RNC) from a source RNC (Step S602); the core network node uses the key parameter to calculate a next hop enhanced key (Step S604); and then the core network node sends the next hop enhanced key to the target RNC (Step S606). Through the disclosure, the forward security of the user is guaranteed, and thus the communication security of the radio access system is improved.Type: GrantFiled: June 8, 2011Date of Patent: July 5, 2016Assignee: ZTE CORPORATIONInventors: Chengyan Feng, Lu Gan
-
Patent number: 9032485Abstract: The disclosure provides an anchor authenticator relocation method and system. The method includes: after an old authenticator accepts an anchor authenticator relocation request of a Mobile Station (MS), a new authenticator sends an authenticator relocation request to an AAA server; when the AAA server's verification on the new authenticator is passed and the old authenticator confirms that the new authenticator is trusted, the anchor authenticator is relocated to the new authenticator. The disclosure provides a detailed solution to perform anchor authenticator relocation without re-authentication.Type: GrantFiled: December 31, 2010Date of Patent: May 12, 2015Assignee: ZTE CorporationInventors: Li Chu, Ge Zhu, Chengyan Feng, Hongyun Qu, Ling Xu
-
Patent number: 8938071Abstract: The disclosure discloses a method for updating an air interface key, a core network node and a radio access system, wherein the method for updating an air interface key comprises: a core network node receives a relocation complete indication message from a target RNC (S502), the relocation complete indication message is configured to indicate the successful relocation of User Equipment (UE) from a source RNC to the target RNC; the core network node uses the saved traditional key and the current enhanced key to calculate a next hop enhanced key (S504); the core network node sends the next hop enhanced key to the target RNC (S506). Through the disclosure, the forward security of users is guaranteed effectively, thus the communication security of the radio access system is improved overall.Type: GrantFiled: March 9, 2011Date of Patent: January 20, 2015Assignee: ZTE CorporationInventors: Chengyan Feng, Lu Gan
-
Patent number: 8934868Abstract: The disclosure discloses a method for updating and generating an air interface key and a radio access system. The updating method comprises: a source Radio Network Controller (RNC) completes the static relocation towards a target RNC; the target RNC performs intra-Serving-RNC (SRNC) relocation; during the intra-SRNC relocation, the target RNC updates enhanced key of itself according to a key received from the source RNC or a core network node. With the disclosure, the enhanced air interface key can be updated during the SRNC static relocation process without increasing the time delay of the SRNC relocation, and security and efficiency of the system are improved.Type: GrantFiled: March 11, 2011Date of Patent: January 13, 2015Assignee: ZTE CorporationInventors: Chengyan Feng, Feng He
-
Patent number: 8804962Abstract: The disclosure provides a method and a system for establishing an enhanced air interface key. During a serving Radio Network Controller (RNC) relocation process, a target RNC with an enhanced security capability enables a received legacy key to perform security protection on communication in the serving RNC relocation process when the target RNC cannot learn from a relocation request sent by a source RNC whether or not a user equipment supports the enhanced security capability (500); and when the target RNC receives a message from the user equipment and learns that the user equipment supports the enhanced security capability, the target RNC notifies a core network to establish and enable the enhanced air interface keys on the network side and in the user equipment respectively (501).Type: GrantFiled: March 10, 2011Date of Patent: August 12, 2014Assignee: ZTE CorporationInventors: Chengyan Feng, Lu Gan
-
Patent number: 8712054Abstract: The present invention discloses a method and system for establishing an enhanced key when a terminal moves from an EUTRAN to an enhanced UTRAN, so as to ensure that the terminal can carry out normal communication safely in the enhanced UTRAN. The method includes: when the terminal moves from the EUTRAN to the enhanced UTRAN, a target enhanced serving GPRS support node (SGSN+) in the enhanced UTRAN deducing an intermediate key used in the UTRAN according to a mapped traditional key obtained from a source mobile management entity; and the terminal, after deducing the mapped traditional key, further deduces the intermediate key used in the enhanced UTRAN by using an algorithm which is the same as that of the target SGSN+ according to the mapped traditional key.Type: GrantFiled: April 2, 2011Date of Patent: April 29, 2014Assignee: ZTE CorporationInventors: Chengyan Feng, Xintai Wang