Patents by Inventor Xin Kang

Xin Kang has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20200275270
    Abstract: A method for devices without SIM card (SD) to communicate directly with a core network. The method may be performed in the following matter. The SD registers with the core network through a cellular device (MD) in order to obtain a credential for the SD. The credential comprises Access ID, key, and control parameters. The SD then performs a mutual authentication directly with the core network using the credential. If the SD authenticates successfully with the core network, the SD is granted access to the servers via the core network.
    Type: Application
    Filed: May 14, 2020
    Publication date: August 27, 2020
    Inventors: Xin KANG, Haiguang WANG, JIE SHI
  • Patent number: 10694376
    Abstract: This application provides a network authentication method, a network device, a terminal device, and a storage medium. In one aspect, in this application, a network device generates a symmetric key by itself, and generates a correct sequence number of a terminal device in real time by using a first sequence number. In other words, in this application, the network device does not need to store the symmetric key and the correct sequence number of the terminal device, but generates the symmetric key and the correct sequence number of the terminal device in real time. Therefore, storage load of an HSS in the prior art can be reduced.
    Type: Grant
    Filed: November 4, 2019
    Date of Patent: June 23, 2020
    Assignee: Huawei International Pte., Ltd.
    Inventors: Xin Kang, Haiguang Wang, Zhongding Lei, Fei Liu
  • Patent number: 10681543
    Abstract: A method for devices without SIM card (SD) to communicate directly with a core network. The method may be performed in the following matter. The SD registers with the core network through a cellular device (MD) in order to obtain a credential for the SD. The credential comprises Access ID, key, and control parameters. The SD then performs a mutual authentication directly with the core network using the credential. If the SD authenticates successfully with the core network, the SD is granted access to the servers via the core network.
    Type: Grant
    Filed: September 17, 2018
    Date of Patent: June 9, 2020
    Assignee: Huawei International Pte., Ltd.
    Inventors: Xin Kang, Haiguang Wang, Jie Shi
  • Publication number: 20200162922
    Abstract: A data transmission method, a related device, and a related system. The method includes: receiving, by a first access network device, a data packet (for example, small data) sent by user equipment (for example, an IoT device), where the data packet includes a first cookie and raw data; verifying, by the first access network device, the first cookie, to obtain a verification result; and processing, by the first access network device, the raw data based on the verification result. Implementation of embodiments can reduce load on a network side when a large quantity of user equipments need to perform communication, thereby increasing data transmission efficiency.
    Type: Application
    Filed: January 21, 2020
    Publication date: May 21, 2020
    Inventors: Xin KANG, Haiguang WANG, Zhongding LEI, Fei LIU
  • Publication number: 20200153871
    Abstract: Embodiments of this application provide a network security management method and an apparatus. The method includes: receiving, by a first network device, a session request sent by a terminal device, where the session request is used to request establishment of a first session with a first data network, the session request includes first authentication information for the first session, and the first authentication information includes identifier information of the first data network; obtaining, by the first network device, second authentication information for a second session of the terminal device, where the second authentication information includes identifier information of a second data network to which the second session is connected; and if the identifier information of the first data network is the same as the identifier information of the second data network, authorizing the terminal device to establish the first session with the first data network.
    Type: Application
    Filed: January 17, 2020
    Publication date: May 14, 2020
    Inventors: Zhongding LEI, Lichun LI, Haiguang WANG, Xin KANG
  • Patent number: 10642337
    Abstract: Micro-idle power in a subsystem of a portable computing device may be actively managed based on client voting. Each client vote may include a client activity status indication and a client latency tolerance indication. Votes are aggregated to provide an aggregate client latency tolerance, which may be used to obtain a set of micro-idle time values. Micro-idle timers in the subsystem may be set to associated micro-idle time values. The micro-idle timers determine whether one or more of the micro-idle time values have elapsed. A power management policy associated with each micro-idle time value determined to have elapsed may be applied to a portion of the subsystem.
    Type: Grant
    Filed: August 3, 2017
    Date of Patent: May 5, 2020
    Assignee: Qualcomm Incorporated
    Inventors: Vinod Chamarty, Trang Nguyen, Edwin Jose, Xin Kang, Sean Sweeney, Michael Drop, Boris Andreev, Farrukh Aquil
  • Patent number: 10624033
    Abstract: Methods, systems, and devices for wireless communication are described. A user equipment (UE) may be enabled for voice over long term evolution (VoLTE). The UE may include an audio layer to encode and decode voice information and a packet layer to transmit voice packets. The packet layer may store parameters related to a discontinuous reception (DRX) in a shared memory. The audio layer may obtain the DRX parameters and encode voice information based on the parameters. For example, the audio layer coding may be synchronized with the wake period of the DRX cycle. The audio layer may encode voice information during a wake up period of the packet layer DRX cycle, and the packet layer may transmit the voice packets while awake. The audio layer may perform back to back encodings at the beginning of the DRX cycle. The packet layer may extend the wake period to transmit the voice packets.
    Type: Grant
    Filed: October 2, 2017
    Date of Patent: April 14, 2020
    Assignee: QUALCOMM Incorporated
    Inventors: Ping Zhou, Sudhir Krishnan, Prashanth Gurram, Kunal Atitkar, Franck Dahan, Xin Kang
  • Publication number: 20200100105
    Abstract: The disclosure provides a network authentication method, a network device, and a core network device, the network authentication method including: receiving, by a first network device, an access request message sent by a terminal device, where the access request message includes an identity of the terminal device; determining, by the first network device based on the identity of the terminal device, whether to allow authentication on the terminal device; if the first network device does not allow the authentication on the terminal device, sending, by the first network device, the identity of the terminal device to a core network device, so that the core network device performs network authentication based on the identity of the terminal device.
    Type: Application
    Filed: November 27, 2019
    Publication date: March 26, 2020
    Inventors: Haiguang WANG, Xin KANG, Zhongding LEI, Fei LIU
  • Publication number: 20200084028
    Abstract: A key management method/apparatus (user equipment) are described. The key management includes encrypting user identity information based on a first public key. The user equipment sends a first user identity message to a first network device. The first user identity message includes the user identity information, an indication identifier that indicates whether the user identity information is encrypted, and a reference identifier for indexing the first public key. The first network device sends, to a second network device, a third user identity message including the user identity information and the reference identifier that indexes the first public key. Thus, when receiving the third user identity message, the second network device can determine the encrypted user identity information, according to a pre-stored mapping table including the first private key.
    Type: Application
    Filed: November 19, 2019
    Publication date: March 12, 2020
    Inventors: Haiguang WANG, Xin KANG, Zhongding LEI, Fei LIU
  • Patent number: 10581860
    Abstract: A system for managing and distributing a blacklist of User Equipment IDs (UE IDs) in a network. The system comprises a number of groups of networks, each of the groups of networks comprise a blacklist server and a number of authentication servers. The system further comprises a Package Key Generator (PKG). The blacklist server is configured to: store a blacklist containing UE IDs that are not allowed to gain access to the network; transmit the blacklist to the plurality of authentication servers in the same group; receive a message; determine a content in the message is an order to add a new revoked UE ID to the blacklist; update the blacklist to include the new revoked UE ID; and send an update blacklist message to the plurality of authentication servers in the same group.
    Type: Grant
    Filed: April 2, 2019
    Date of Patent: March 3, 2020
    Assignee: Huawei International Pte. Ltd.
    Inventors: Lichun Li, Haiguang Wang, Xin Kang
  • Publication number: 20200068397
    Abstract: This application provides a network authentication method, a network device, a terminal device, and a storage medium. In one aspect, in this application, a network device generates a symmetric key by itself, and generates a correct sequence number of a terminal device in real time by using a first sequence number. In other words, in this application, the network device does not need to store the symmetric key and the correct sequence number of the terminal device, but generates the symmetric key and the correct sequence number of the terminal device in real time. Therefore, storage load of an HSS in the prior art can be reduced.
    Type: Application
    Filed: November 4, 2019
    Publication date: February 27, 2020
    Inventors: Xin Kang, Haiguang Wang, Zhongding Lei, Fei Liu
  • Publication number: 20200007324
    Abstract: Embodiments of this application provide a private key generation method and system, and a device. The method includes: receiving, by a terminal device, a first response message sent by a first network device, where the first response message includes at least a first sub-private key, and the first sub-private key is generated based on a first parameter set sent by a second network device; receiving, by the terminal device, a second response message sent by the second network device, where the second response message includes at least a second sub-private key, and the second sub-private key is generated based on a second parameter set sent by the first network device; and synthesizing, by the terminal device, a joint private key based on at least the first sub-private key and the second sub-private key.
    Type: Application
    Filed: September 9, 2019
    Publication date: January 2, 2020
    Inventors: Xin KANG, Xuwu ZHANG, Yanjiang YANG, Haiguang WANG, Zhongding LEI
  • Publication number: 20190394033
    Abstract: This application discloses a private key generation method and system, and a device. The method includes: sending, by a first network device, a first request to a second network device, where the first request includes a first parameter set; receiving, by the first network device, a first response message returned by the second network device, where the first response message includes a first sub-private key and a second parameter set, the first sub-private key is generated based on the first parameter set, and the first sub-private key is generated for a terminal device; generating, by the first network device, a second sub-private key based on the second parameter set, where the second sub-private key is generated for the terminal device; and synthesizing, by the first network device, the first sub-private key and the second sub-private key into a joint private key according to a synthesis formula.
    Type: Application
    Filed: September 6, 2019
    Publication date: December 26, 2019
    Inventors: Xin KANG, Xuwu ZHANG, Yanjiang YANG, Haiguang WANG, Zhongding LEI
  • Publication number: 20190342082
    Abstract: Embodiments of this application disclose a network key processing system, including user equipment, a security anchor network element, and an access and mobility management network element, where the security anchor network element is configured to: obtain a first key parameter from a slice selection network element, where the first key parameter includes identifier information of N network slices; generate N slice-dedicated keys based on the first key parameter; and send the N slice-dedicated keys to the corresponding N network slices respectively; the access and mobility management network element is configured to: obtain the first key parameter, and send the first key parameter to the user equipment; and the user equipment is configured to: generate the N slice-dedicated keys for the N network slices based on the first key parameter, and access the N network slices based on the generated N slice-dedicated keys.
    Type: Application
    Filed: July 21, 2019
    Publication date: November 7, 2019
    Inventors: Zhongding LEI, Lichun LI, Bo ZHANG, Fei LIU, Haiguang WANG, Xin KANG
  • Patent number: 10426345
    Abstract: A device for generating composite images of dynamically changing surgical anatomy includes circuitry configured to receive, from an endoscopic imaging device, endoscopic image data. The circuitry is configured to receive, from a tomographic imaging device, intra-operative tomographic image data. The circuitry is configured to receive, from a tracking device, spatial tracking data corresponding to the endoscopic imaging device and the tomographic imaging device. The circuitry is configured to generate real-time dynamically changing composite image data by overlaying, based on the spatial tracking data, the intra-operative tomographic image data on the endoscopic image data. The circuitry is configured to output the composite image data to a display.
    Type: Grant
    Filed: April 4, 2014
    Date of Patent: October 1, 2019
    Assignee: Children's National Medical Center
    Inventors: Raj Shekhar, Xin Kang, Mahdi Azizian, Timothy Kane, Craig Peters
  • Publication number: 20190297083
    Abstract: A system for managing and distributing a blacklist of User Equipment IDs (UE IDs) in a network. The system comprises a number of groups of networks, each of the groups of networks comprise a blacklist server and a number of authentication servers. The system further comprises a Package Key Generator (PKG). The blacklist server is configured to: store a blacklist containing UE IDs that are not allowed to gain access to the network; transmit the blacklist to the plurality of authentication servers in the same group; receive a message; determine a content in the message is an order to add a new revoked UE ID to the blacklist; update the blacklist to include the new revoked UE ID; and send an update blacklist message to the plurality of authentication servers in the same group.
    Type: Application
    Filed: April 2, 2019
    Publication date: September 26, 2019
    Inventors: Lichun LI, Haiguang WANG, Xin KANG
  • Publication number: 20190261180
    Abstract: Embodiments provide a network authentication method, and a related device and system. In this method, an access request sent by user equipment is received by a network authentication network element. The received access request includes identification information of the user equipment. It is then verified, by the network authentication network element, whether the identification information is valid. If the identification information is valid, a slice authentication network element corresponding to the user equipment is determined based on the identification information. The identification information can be then sent to the slice authentication network element corresponding to the user equipment. The identification information is used by the slice authentication network element corresponding to the user equipment to generate authentication data for the user equipment and initiate a user authentication request to the user equipment by using the authentication data.
    Type: Application
    Filed: April 30, 2019
    Publication date: August 22, 2019
    Inventors: Zhongding LEI, Haiguang WANG, Xin KANG
  • Publication number: 20190238322
    Abstract: A key distribution method is disclosed. In this method, a key request can be received by a key management system (KMS) from a mobile operator network element (MNO). The key request can carry a public key of UE. At least one PVT and one SSK can be allocated to the US based on an IBC ID. The at least one PVT and SSK can be encrypted based on the public key to generate ciphertext; and an object can be signed based on a preset digital signature private key (DSPK) to generate a digital signature. The object can include the public key and the ciphertext. Still, a signature validation public key associated with the DSPK can be determined and a key response can be returned to the MNO. The key response can carry the signature validation public key, the public key of the UE, the ciphertext, and the digital signature.
    Type: Application
    Filed: April 12, 2019
    Publication date: August 1, 2019
    Inventors: Haiguang WANG, Yanjiang YANG, Xin KANG, Zhongding LEI
  • Publication number: 20190208417
    Abstract: This application discloses a mobile network authentication method, a terminal device, a server, and a network authentication entity. The method includes: receiving, by a first terminal device, a DH public key and a first ID that are sent by at least one second terminal device; sending a first message to a server, where the first message includes a DH public key of each second terminal device of the at least one second terminal device and a first ID of the second terminal device; receiving a second message sent by the server, where the second message includes a DH public key of the server and a second ID of the second terminal device that is generated by the server; and sending, by the first terminal device, the second ID of the second terminal device and the DH public key of the server to the second terminal device.
    Type: Application
    Filed: March 8, 2019
    Publication date: July 4, 2019
    Inventors: Xin KANG, Haiguang WANG, Yanjiang YANG, Zhongding LEI
  • Publication number: 20190159023
    Abstract: This invention relates to a key generation and distribution method. The method comprises receiving a first request from a first requestor, the first requestor comprising an identity of the first requestor; generating a new identity (ID) based on the identity of the first requestor; generating a secret key for the new ID with a predetermined pair of global keys, namely Global Secret Key (GSK), Global Public Key (GPK); transmitting the new ID, secret key and the GPK to the first requestor; receiving a request from a second requestor, the request comprising a plurality of identities; generating an new ID for each of the plurality of identities; generating a secret key based on the IBC key generation algorithm for each of the plurality of new IDs; and transmitting the plurality of new IDs, secret keys corresponding to each of the plurality of IDs and the GPK to the second requestor.
    Type: Application
    Filed: January 25, 2019
    Publication date: May 23, 2019
    Inventors: Haiguang WANG, Jie SHI, Xin KANG