Patents by Inventor Shuaishuai Tan
Shuaishuai Tan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240136681Abstract: A battery cover includes a top cover assembly and an insulating support. The top cover assembly can be fixedly connected with a case to form an accommodation space for accommodating a core, and the top cover assembly can be welded with a tab on the core. The insulating support can be accommodated in the accommodation space. The insulating support and the top cover assembly form an accommodation cavity for accommodating the tab, and the insulating support is provided with a notch for the tab to pass through.Type: ApplicationFiled: September 4, 2023Publication date: April 25, 2024Inventors: Chenneng LIN, Liquan CHEN, Shuaishuai SONG, Li GONG, Shansong WU, Dongmei SONG, Lei WU, Jin TAN
-
Patent number: 11956361Abstract: A network function service invocation method includes sending, by a first network function network element, a first request message to an authorization network element, wherein the first request message is used to request permission to invoke a first network function service provided by a second network function network element, performing, by the authorization network element, identity authentication on the first network function network element, generating, by the authorization network element, a token when determining that the identity authentication succeeds, wherein the token is used to indicate that the first network function network element has the permission to invoke the first network function service of the second network function network element, and sending, by the authorization network element, a token to the first network function network element.Type: GrantFiled: December 2, 2021Date of Patent: April 9, 2024Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Shuaishuai Tan, Lu Gan, Bo Zhang, Rong Wu
-
Publication number: 20240040376Abstract: A security negotiation method includes receiving, by a terminal, security negotiation information from a centralized unit control plane (CU-CP)/a centralized unit user plane (CU-UP), where the security negotiation information includes an integrity protection indication identifier of the CU-UP, and determining, by the terminal based on the integrity protection indication identifier, whether to enable user-plane integrity protection of the terminal.Type: ApplicationFiled: August 11, 2023Publication date: February 1, 2024Inventors: Rong Wu, Bo Zhang, Shuaishuai Tan
-
Patent number: 11824981Abstract: A discovery method and apparatus based on a service-based architecture, where the method includes a control network element sending a discovery response to a first functional network element, where the discovery response includes a determined security parameter and an access address or an identifier of a second functional network element. The first functional network element receives the discovery response from the control network element, and sends an access request to the second functional network element based on the address or the identifier of the second functional network element, where the access request includes the received security parameter. The second functional network element receives the access request from the first functional network element, verifies correctness of the security parameter, and determines, based on the correctness of the security parameter, whether the access request is authorized by the first functional network element.Type: GrantFiled: March 16, 2022Date of Patent: November 21, 2023Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Bo Zhang, Lu Gan, Rong Wu, Shuaishuai Tan
-
Patent number: 11778459Abstract: This application provides an example secure session method and apparatus. The method includes receiving, by a user plane gateway, a service request message from user equipment UE, where the service request message is used to request to establish a connection between the UE and a service server in a data network. The user plane gateway and the UE separately generate an encryption key and an integrity protection key based on the service request message, and activate encryption protection and/or integrity protection based on the generated encryption key and integrity protection key.Type: GrantFiled: February 9, 2021Date of Patent: October 3, 2023Assignee: Huawei Technologies Co., Ltd.Inventors: Rong Wu, Bo Zhang, Shuaishuai Tan
-
Patent number: 11765578Abstract: A security negotiation method includes receiving, by a terminal, security negotiation information from a centralized unit control plane (CU-CP)/a centralized unit user plane (CU-UP), where the security negotiation information includes an integrity protection indication identifier of the CU-UP, and determining, by the terminal based on the integrity protection indication identifier, whether to enable user-plane integrity protection of the terminal.Type: GrantFiled: July 23, 2020Date of Patent: September 19, 2023Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Rong Wu, Bo Zhang, Shuaishuai Tan
-
Patent number: 11722888Abstract: This application provides a security context obtaining method and apparatus. The method includes: receiving, by a user plane gateway, a PDU session establishment request from UE, where the PDU session establishment request is used to request to establish a PDU session between the user plane gateway and the UE, and the PDU session is carried between the UE and a service server of a data network; and separately obtaining, by the user plane gateway and the UE, a security context used for the PDU session, and activating user plane security protection based on the security context. Therefore, during PDU session reestablishment, for example, PDU session reestablishment triggered by switching of the user plane gateway, a session management network element, and the like, the user plane gateway and the UE can obtain a new security context, thereby achieving end-to-end protection between the UE and the user plane gateway.Type: GrantFiled: February 19, 2021Date of Patent: August 8, 2023Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Rong Wu, Shuaishuai Tan
-
Patent number: 11533610Abstract: Embodiments of this application provide a key generation method, applied to a scenario in which a base station is divided into a centralized unit and a distributed unit and a control plane and a user plane of the centralized unit are separated. And the control plane entity of the centralized unit obtains a root key, generates a user plane security key based on the root key, and sends the first user plane security key to the user plane entity of the first centralized unit. According to this application, key isolation between different user plane entities is implemented. Further, in an actual operation, the control plane entity or the user plane entity of the centralized unit may be flexibly selected to generate the user plane security key.Type: GrantFiled: September 24, 2020Date of Patent: December 20, 2022Assignee: Huawei Technologies Co., Ltd.Inventors: Rong Wu, Bo Zhang, Shuaishuai Tan
-
Patent number: 11496320Abstract: Embodiments of this application provide a registration method and apparatus based on a service-based architecture. In this method, a management network element determines configuration information of a function network element, where the configuration information includes a security parameter; and the management network element sends the configuration information to the function network element. The function network element receives the configuration information sent by the management network element; and the function network element sends a registration request to a control network element based on the configuration information, where the registration request includes the security parameter.Type: GrantFiled: February 27, 2020Date of Patent: November 8, 2022Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Bo Zhang, Lu Gan, Rong Wu, Shuaishuai Tan
-
Publication number: 20220278831Abstract: A discovery method and apparatus based on a service-based architecture, where the method includes a control network element sending a discovery response to a first functional network element, where the discovery response includes a determined security parameter and an access address or an identifier of a second functional network element. The first functional network element receives the discovery response from the control network element, and sends an access request to the second functional network element based on the address or the identifier of the second functional network element, where the access request includes the received security parameter. The second functional network element receives the access request from the first functional network element, verifies correctness of the security parameter, and determines, based on the correctness of the security parameter, whether the access request is authorized by the first functional network element.Type: ApplicationFiled: March 16, 2022Publication date: September 1, 2022Inventors: Bo Zhang, Lu Gan, Rong Wu, Shuaishuai Tan
-
Patent number: 11431695Abstract: An authorization method and a network element are disclosed, to implement a third-party authorization function based on a 5G service-based network architecture. The method is: receiving, by a resource control network element, a resource usage request message sent by a terminal device; replacing a first user identifier in the resource usage request message with a second user identifier; sending an authorization request message carrying the second user identifier to an authorization server by using an NEF; receiving, by using the NEF, an authorization response message sent by the authorization server, where the authorization response message includes an authorization result that is obtained by performing authorization based on the second user identifier and the resource usage request message; and allocating a network resource to the terminal device based on the authorization result, and sending a resource allocation response message to the terminal device.Type: GrantFiled: March 10, 2020Date of Patent: August 30, 2022Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Shuaishuai Tan, Lu Gan, Bo Zhang, Rong Wu
-
Publication number: 20220166622Abstract: A network function service invocation method includes sending, by a first network function network element, a first request message to an authorization network element, wherein the first request message is used to request permission to invoke a first network function service provided by a second network function network element, performing, by the authorization network element, identity authentication on the first network function network element, generating, by the authorization network element, a token when determining that the identity authentication succeeds, wherein the token is used to indicate that the first network function network element has the permission to invoke the first network function service of the second network function network element, and sending, by the authorization network element, a token to the first network function network element.Type: ApplicationFiled: December 2, 2021Publication date: May 26, 2022Inventors: Shuaishuai Tan, Lu Gan, Bo Zhang, Rong Wu
-
Patent number: 11296877Abstract: A discovery method and apparatus based on a service-based architecture, where the method includes a control network element sending a discovery response to a first functional network element, where the discovery response includes a determined security parameter and an access address or an identifier of a second functional network element. The first functional network element receives the discovery response from the control network element, and sends an access request to the second functional network element based on the address or the identifier of the second functional network element, where the access request includes the received security parameter. The second functional network element receives the access request from the first functional network element, verifies correctness of the security parameter, and determines, based on the correctness of the security parameter, whether the access request is authorized by the first functional network element.Type: GrantFiled: December 16, 2019Date of Patent: April 5, 2022Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Bo Zhang, Lu Gan, Rong Wu, Shuaishuai Tan
-
Patent number: 11228905Abstract: A security implementation method, a related apparatus, and a system, where the method includes receiving, by a first network element, a request for handing over a user equipment from a source access network device to a target access network device to perform communication. The method further includes: obtaining, by the first network element, a security key, where the security key is used for protecting the communication between the user equipment and the target access network device after the user equipment is handed over from the source access network device to the target access network device; and sending, by the first network element, the security key to the target access network device.Type: GrantFiled: December 19, 2019Date of Patent: January 18, 2022Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Rong Wu, Lu Gan, Bo Zhang, Shuaishuai Tan
-
Patent number: 11218314Abstract: A network function service invocation method includes sending, by a first network function network element, a first request message to an authorization network element, wherein the first request message is used to request permission to invoke a first network function service provided by a second network function network element, performing, by the authorization network element, identity authentication on the first network function network element; generating, by the authorization network element, a token when determining that the identity authentication succeeds, wherein the token is used to indicate that the first network function network element has the permission to invoke the first network function service of the second network function network element, and sending, by the authorization network element, a token to the first network function network element.Type: GrantFiled: September 10, 2019Date of Patent: January 4, 2022Assignee: HUAWEI TECHNOLOGIES CO., LTD.Inventors: Shuaishuai Tan, Lu Gan, Bo Zhang, Rong Wu
-
Publication number: 20210185524Abstract: This application provides a security context obtaining method and apparatus. The method includes: receiving, by a user plane gateway, a PDU session establishment request from UE, where the PDU session establishment request is used to request to establish a PDU session between the user plane gateway and the UE, and the PDU session is carried between the UE and a service server of a data network; and separately obtaining, by the user plane gateway and the UE, a security context used for the PDU session, and activating user plane security protection based on the security context. Therefore, during PDU session reestablishment, for example, PDU session reestablishment triggered by switching of the user plane gateway, a session management network element, and the like, the user plane gateway and the UE can obtain a new security context, thereby achieving end-to-end protection between the UE and the user plane gateway.Type: ApplicationFiled: February 19, 2021Publication date: June 17, 2021Inventors: Rong WU, Shuaishuai TAN
-
Publication number: 20210168594Abstract: This application provides an example secure session method and apparatus. The method includes receiving, by a user plane gateway, a service request message from user equipment UE, where the service request message is used to request to establish a connection between the UE and a service server in a data network. The user plane gateway and the UE separately generate an encryption key and an integrity protection key based on the service request message, and activate encryption protection and/or integrity protection based on the generated encryption key and integrity protection key.Type: ApplicationFiled: February 9, 2021Publication date: June 3, 2021Inventors: Rong WU, Bo ZHANG, Shuaishuai TAN
-
Publication number: 20210168614Abstract: A data transmission method and a device. The data transmission method includes performing integrity protection on to-be-sent data, to generate a packet data convergence protocol (PDCP) data packet, where the PDCP data packet includes identification information and integrity protection information, the identification information is at least used to indicate that integrity protection is performed on data carried in the PDCP data packet, and the integrity protection information is used to perform integrity check on the data carried in the PDCP data packet, and sending the PDCP data packet.Type: ApplicationFiled: February 9, 2021Publication date: June 3, 2021Inventors: Bo Zhang, Rong Wu, Shuaishuai Tan
-
Publication number: 20210058771Abstract: Embodiments of this application provide a key generation method, applied to a scenario in which a base station is divided into a centralized unit and a distributed unit and a control plane and a user plane of the centralized unit are separated. And the control plane entity of the centralized unit obtains a root key, generates a user plane security key based on the root key, and sends the first user plane security key to the user plane entity of the first centralized unit. According to this application, key isolation between different user plane entities is implemented. Further, in an actual operation, the control plane entity or the user plane entity of the centralized unit may be flexibly selected to generate the user plane security key.Type: ApplicationFiled: September 24, 2020Publication date: February 25, 2021Inventors: Rong WU, Bo ZHANG, Shuaishuai TAN
-
Publication number: 20200359208Abstract: A security negotiation method includes receiving, by a terminal, security negotiation information from a centralized unit control plane (CU-CP)/a centralized unit user plane (CU-UP), where the security negotiation information includes an integrity protection indication identifier of the CU-UP, and determining, by the terminal based on the integrity protection indication identifier, whether to enable user-plane integrity protection of the terminal.Type: ApplicationFiled: July 23, 2020Publication date: November 12, 2020Inventors: Rong Wu, Bo Zhang, Shuaishuai Tan