Patents by Inventor Xiaoyu BI

Xiaoyu BI has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10218513
    Abstract: Embodiments of the present invention provide a method and a terminal for message verification, which can enhance timeliness of event message verification. The method includes: receiving an event message sent by a cell broadcast entity; obtaining a public key of a CA according to pre-configured information for determining the public key of the CA and information for determining the public key of the CA and obtained from a network side, or according to information of the CA obtained from the network side; then, obtaining a public key of the cell broadcast entity according to the obtained public key of the CA and an implicit certificate of the cell broadcast entity; verifying a signature of the cell broadcast entity over the event message according to the public key of the cell broadcast entity; and finally, determining legitimacy of the event message according to the verification result.
    Type: Grant
    Filed: May 8, 2015
    Date of Patent: February 26, 2019
    Assignee: HUAWEI TECHNOLOGIE CO., LTD.
    Inventors: Xiaoyu Bi, Jing Chen, Yixian Xu, Chunshan Xiong
  • Patent number: 9232404
    Abstract: Embodiments of the present invention disclose a method, an apparatus, and a system for data transmission. The method for data transmission includes: determining that data to be transmitted is control plane signaling related to a user equipment that camps on a relay node; and transmitting the data through a first user data bearer established between the relay node and a donor base station, where the first user data bearer provides integrity protection for the data. According to the embodiments of the present invention, when the control plane signaling related to the user equipment that camps on the relay node is transmitted between the relay node and the donor base station, integrity protection is provided for the control plane signaling, and therefore attacks such as the denial of a service attack are prevented.
    Type: Grant
    Filed: March 28, 2012
    Date of Patent: January 5, 2016
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Jing Chen, Ke Wang, Hui Ma, Bo Lin, Aiqing Zhang, Dongmei Zhang, Xiaoyu Bi
  • Publication number: 20150244532
    Abstract: Embodiments of the present invention provide a method and a terminal for message verification, which can enhance timeliness of event message verification. The method includes: receiving an event message sent by a cell broadcast entity; obtaining a public key of a CA according to pre-configured information for determining the public key of the CA and information for determining the public key of the CA and obtained from a network side, or according to information of the CA obtained from the network side; then, obtaining a public key of the cell broadcast entity according to the obtained public key of the CA and an implicit certificate of the cell broadcast entity; verifying a signature of the cell broadcast entity over the event message according to the public key of the cell broadcast entity; and finally, determining legitimacy of the event message according to the verification result.
    Type: Application
    Filed: May 8, 2015
    Publication date: August 27, 2015
    Inventors: Xiaoyu Bi, Jing Chen, Yixian Xu, Chunshan Xiong
  • Publication number: 20150236851
    Abstract: A method and an apparatus for updating a public key, a UE and a CA are disclosed. The method includes: receiving a first message including CA public key information, where the CA public key information includes a CA public key or CA public key acquiring information; and updating a local CA public key of a UE according to the CA public key or to the CA public key acquiring information. The present invention can realize update of the CA public key in the UE.
    Type: Application
    Filed: May 7, 2015
    Publication date: August 20, 2015
    Inventors: Xiaoyu Bi, Jing Chen, Yixian Xu, Chunshan Xiong
  • Patent number: 9088616
    Abstract: A method and an apparatus for authentication are disclosed. The method includes: deciding to release a connection or continue a current service according to native information and network policy after an AKA authentication procedure fails. When the EPS AKA authentication procedure fails, the connection is not released immediately in the present invention, but the connection is released or the current service is continued according to the native information and network policy, thus avoiding unnecessary release of connections and saving resources.
    Type: Grant
    Filed: September 21, 2010
    Date of Patent: July 21, 2015
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Xiaoyu Bi, Aiqin Zhang, Dongmei Zhang
  • Patent number: 9027111
    Abstract: Embodiments of the present invention disclose a relay node authentication method, apparatus, and system. The method provided in an embodiment of the present invention includes: sending, by a relay node, an authentication request message to a peer node, where the authentication request message includes a certificate of the relay node, so that the peer node authenticates the relay node according to the certificate of the relay node, where the peer node is a network side node or a security gateway in a security domain where the network side node is located; and receiving, by the relay node, an authentication response message sent by the peer node, where the authentication response message includes a certificate of the peer node, and authenticating the peer node according to the certificate of the peer node.
    Type: Grant
    Filed: August 1, 2012
    Date of Patent: May 5, 2015
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Dongmei Zhang, Aiqin Zhang, Xiaoyu Bi, Jing Liu
  • Publication number: 20140237327
    Abstract: Embodiments of the present invention provide a method for testing a network under an IPsec mechanism, and relate to the field of wireless communications, so as to correct an error generated by a disorder of service data packet receiving during network testing under the IPsec mechanism. The method for testing a network under the IPsec mechanism includes: receiving a session request message, where the session request message contains information about a quantity of IPsec data packets and a sending time interval of the IPsec data packets; after a session is established with a sending end, receiving an IPsec data packet that carries testing information; and performing error detection for the received IPsec data packet according to the received testing information as well as the information about the quantity of IPsec data packets and the sending time interval of the IPsec data packets in the session request message.
    Type: Application
    Filed: April 23, 2014
    Publication date: August 21, 2014
    Applicant: Huawei Technologies Co., Ltd.
    Inventors: Xiaoyu BI, Lei XIE
  • Patent number: 8605908
    Abstract: A method and a device for obtaining a security key in a relay system are disclosed in the embodiment of the present invention. A node in the relay system obtains an initial key, according to the initial key, the node obtains a root key of an air interface protection key between the node and another node that is directly adjacent to the node, and according to the root key, the node obtains the air interface protection key between the node and said another node that is directly adjacent to the node. Therefore, according to the initial key, each lower-level node obtains a root key of an air interface protection key between each lower-level node, so that data of a UE on a Un interface link may be respectively protected, that is, each active UE has a set of security parameters on the Un interface link, and effective security protection is performed on data on each segment of an air interface.
    Type: Grant
    Filed: May 3, 2012
    Date of Patent: December 10, 2013
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Dongmei Zhang, Xiaoyu Bi, Aiqin Zhang
  • Publication number: 20120297474
    Abstract: Embodiments of the present invention disclose a relay node authentication method, apparatus, and system. The method provided in an embodiment of the present invention includes: sending, by a relay node, an authentication request message to a peer node, where the authentication request message includes a certificate of the relay node, so that the peer node authenticates the relay node according to the certificate of the relay node, where the peer node is a network side node or a security gateway in a security domain where the network side node is located; and receiving, by the relay node, an authentication response message sent by the peer node, where the authentication response message includes a certificate of the peer node, and authenticating the peer node according to the certificate of the peer node.
    Type: Application
    Filed: August 1, 2012
    Publication date: November 22, 2012
    Inventors: Dongmei ZHANG, Aiqin Zhang, Xiaoyu Bi, Jing Liu
  • Publication number: 20120213372
    Abstract: A method and a device for obtaining a security key in a relay system are disclosed in the embodiment of the present invention. A node in the relay system obtains an initial key, according to the initial key, the node obtains a root key of an air interface protection key between the node and another node that is directly adjacent to the node, and according to the root key, the node obtains the air interface protection key between the node and said another node that is directly adjacent to the node. Therefore, according to the initial key, each lower-level node obtains a root key of an air interface protection key between each lower-level node, so that data of a UE on a Un interface link may be respectively protected, that is, each active UE has a set of security parameters on the Un interface link, and effective security protection is performed on data on each segment of an air interface.
    Type: Application
    Filed: May 3, 2012
    Publication date: August 23, 2012
    Applicant: Huawei Technologies Co., Ltd.
    Inventors: Dongmei Zhang, Xiaoyu Bi, Aiqin Zhang
  • Publication number: 20120182929
    Abstract: Embodiments of the present invention disclose a method, an apparatus, and a system for data transmission. The method for data transmission includes: determining that data to be transmitted is control plane signaling related to a user equipment that camps on a relay node; and transmitting the data through a first user data bearer established between the relay node and a donor base station, where the first user data bearer provides integrity protection for the data. According to the embodiments of the present invention, when the control plane signaling related to the user equipment that camps on the relay node is transmitted between the relay node and the donor base station, integrity protection is provided for the control plane signaling, and therefore attacks such as the denial of a service attack are prevented.
    Type: Application
    Filed: March 28, 2012
    Publication date: July 19, 2012
    Applicant: Huawei Technologies Co., Ltd.
    Inventors: Jing Chen, Ke Wang, Hui Ma, Bo Lin, Aiqing Zhang, Dongmei Zhang, Xiaoyu Bi
  • Publication number: 20120077501
    Abstract: Method, device, and system for deriving keys are provided in the field of mobile communications technologies. The method for deriving keys may be used, for example, in a handover process of a User Equipment (UE) from an Evolved Universal Terrestrial Radio Access Network (EUTRAN) to a Universal Terrestrial Radio Access Network (UTRAN). If a failure occurred in a first handover, the method ensures that the key derived by a source Mobility Management Entity (MME) for a second handover process of the UE is different from the key derived for the first handover process of the UE. This is done by changing input parameters used in the key derivation, so as to prevent the situation in the prior art that once the key used on one Radio Network Controller (RNC) is obtained, the keys on other RNCs can be derived accordingly, thereby enhancing the network security.
    Type: Application
    Filed: December 13, 2011
    Publication date: March 29, 2012
    Applicant: Huawei Technologies Co., Ltd.
    Inventors: Aiqin Zhang, Jing Chen, Xiaoyu Bi
  • Publication number: 20110072488
    Abstract: A method and an apparatus for authentication are disclosed. The method includes: deciding to release a connection or continue a current service according to native information and network policy after an AKA authentication procedure fails. When the EPS AKA authentication procedure fails, the connection is not released immediately in the present invention, but the connection is released or the current service is continued according to the native information and network policy, thus avoiding unnecessary release of connections and saving resources.
    Type: Application
    Filed: September 21, 2010
    Publication date: March 24, 2011
    Inventors: Xiaoyu BI, Aiqin Zhang, Dongmei Zhang