Patents by Inventor Zhaoji Lin

Zhaoji Lin has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20240236663
    Abstract: Presented are systems and methods for authorization of proximity based services. A first wireless communication device may send, to a second wireless communication device, a message to access a network via the second wireless communication device as a relay node, using at least one authentication and key management for applications (AKMA) service. The message may include an AKMA key identifier (A-KID) and a freshness parameter. The first wireless communication device may generate a validation token to validate against another validation token of the second wireless communication device. The first wireless communication device may generate the validation token using the freshness parameter and a proximity based service function (PBSF) key (KPBSF).
    Type: Application
    Filed: August 31, 2023
    Publication date: July 11, 2024
    Applicant: ZTE CORPORATION
    Inventors: Yuze LIU, Shilin YOU, Jin PENG, Zhen XING, Zhaoji LIN
  • Patent number: 12021867
    Abstract: Provided are an authentication processing method and device, a storage medium, and an electronic device. The method includes that: a terminal receives an authentication request message from an authentication function; and in cases where authentication on the authentication request message fails, the terminal feeds back an authentication failure message to the authentication function. In cases where the cause of the authentication failure is a Message Authentication Code (MAC) failure and in cases where a cause of authentication failure is a Synchronization (Sync) failure, the terminal feeds back authentication failure messages of the same type to the authentication function.
    Type: Grant
    Filed: January 19, 2020
    Date of Patent: June 25, 2024
    Assignee: ZTE CORPORATION
    Inventors: Jin Peng, Shilin You, Zhenhua Xie, Wantao Yu, Zhaoji Lin, Yongqing Qiu
  • Publication number: 20240137757
    Abstract: Presented are systems and methods for authorization of proximity based services. A first wireless communication device may send, to a second wireless communication device, a message to access a network via the second wireless communication device as a relay node, using at least one authentication and key management for applications (AKMA) service. The message may include an AKMA key identifier (A-KID) and a freshness parameter. The first wireless communication device may generate a validation token to validate against another validation token of the second wireless communication device. The first wireless communication device may generate the validation token using the freshness parameter and a proximity based service function (PBSF) key (KPBSF).
    Type: Application
    Filed: August 30, 2023
    Publication date: April 25, 2024
    Applicant: ZTE CORPORATION
    Inventors: Yuze LIU, Shilin YOU, Jin PENG, Zhen XING, Zhaoji LIN
  • Publication number: 20240080321
    Abstract: This patent document describes, among other things, techniques, and apparatuses for providing onboarding and provisioning of networks. In one aspect, a method of wireless communication is disclosed. The method includes receiving, by a first network node from a second network node, an authentication notification including an identifier for a third network node where a key is stored. The method further includes transmitting, by a first network node, a wireless device parameter update message to the third network node identified by the identifier.
    Type: Application
    Filed: April 26, 2023
    Publication date: March 7, 2024
    Inventors: Jin PENG, Shilin YOU, Yuze LIU, Zhen XING, Zhaoji LIN
  • Publication number: 20240031800
    Abstract: Embodiments of the prevent invention provide a network access authentication method and device. The method comprises: receiving an authentication request message sent by a first serving network, wherein the authentication request message carries a user equipment pseudonym identifier generated by a user equipment; determining whether a local user equipment pseudonym identifier is asynchronous with the user equipment pseudonym identifier generated by the user equipment; and obtaining, if the determination result is yes, an encrypted international mobile subscriber identity (IMSI) to carry out network access authentication on the user equipment. The embodiments of the present invention can solve the problem that a network access process in the related art does not provide a processing method for the case where the user equipment pseudonym identifier in the user equipment is asynchronous with the user equipment pseudonym identifier in a home network.
    Type: Application
    Filed: October 2, 2023
    Publication date: January 25, 2024
    Inventors: Shilin YOU, Hongjun LIU, Jiyan CAI, Zaifeng ZONG, Jin PENG, Zhaoji LIN, Yunyin ZHANG
  • Publication number: 20240007983
    Abstract: This disclosure generally relates performing UE authentication and registration with the core network, and in particular, to supporting secure interactions between the UE and the target AMF when the UE is re-allocated to the target AMF. After the UE initiates a first registration request, the initial AMF may retrieve a candidate AMF list and selects a target AMF to serve the UE. The initial AMF generates a 5G-GUTI for the UE, based on the selected target AMF. The initial AMF requests the UE to initiate a second registration request, by using the generated 5G-GUTI. With the solutions provided in this disclosure, the message interactions between the UE and the target AMF are integrity protected and/or ciphered, without the need to upgrade the UE and without using an indirect connection of the core network.
    Type: Application
    Filed: September 12, 2023
    Publication date: January 4, 2024
    Applicant: ZTE Corporation
    Inventors: Yuze LIU, Shilin YOU, Jinguo ZHU, He HUANG, Shuang LIANG, Xingyue ZHOU, Jin PENG, Zhen XING, Zhaoji LIN
  • Publication number: 20230422032
    Abstract: A session request method, a session request apparatus, a terminal, and a storage medium are provided. The session request method includes: generating an authentication server key when a key agreement authentication is passed; determining, according to the authentication server key, a key identifier of an authentication and key management for applications (AKMA) anchor key; when the key identifier is invalid, updating the key identifier according to a mobile subscriber identification number (MSIN); and sending an updated key identifier to an application function, to request a key-based session.
    Type: Application
    Filed: September 29, 2021
    Publication date: December 28, 2023
    Inventors: Yuze LIU, Shilin YOU, Jin PENG, Zhaoji LIN
  • Publication number: 20230413047
    Abstract: Techniques are described to perform network relay security. An example wireless communication method includes receiving, by a network device, a request message that includes an identifier associated with a first communication device; determining, by the network device in response to the receiving, that the first communication device is authenticated based on a local policy of the network device; and sending, by the network device in response to the determining, a message to a second communication device to relay to the first communication device, where the message indicates that the identifier is rejected by the network device for communication with the first communication device, or where the message indicates that the first communication device is triggered to send another identifier.
    Type: Application
    Filed: August 30, 2023
    Publication date: December 21, 2023
    Inventors: Yuze LIU, Shilin YOU, Zhen XING, Zhaoji LIN, Jigang WANG
  • Publication number: 20230413055
    Abstract: This patent document describes, among other things, techniques, and apparatuses for a security method of discovery in proximity-based services. In one aspect, a method of wireless communication is disclosed. The method includes transmitting, by a wireless device to a first network function, an encrypted and integrity-protected message, wherein the encrypted and integrity-protected message is encrypted using a first key that is derived from a second key, wherein the wireless device has established the second key using a communication with a second network function, and wherein the encrypted and integrity-protected message is obtained by encrypting and integrity-protecting a message.
    Type: Application
    Filed: August 30, 2023
    Publication date: December 21, 2023
    Inventors: Jin PENG, Shilin YOU, Yuze LIU, Zhen XING, Zhaoji LIN
  • Publication number: 20230379709
    Abstract: Provided are a registration method and apparatus, an authentication method and apparatus, a routing indicator determination method and apparatus, an entity, and a terminal. The registration method includes acquiring authentication information of a unified data management (UDM); determining a routing indicator (RID) according to the authentication information; and sending a registration request to a key anchor function according to the RID.
    Type: Application
    Filed: July 27, 2023
    Publication date: November 23, 2023
    Applicant: ZTE CORPORATION
    Inventors: Yuze LIU, Shilin YOU, Jin PENG, Zhen XING, Zhaoji LIN
  • Publication number: 20230370992
    Abstract: This disclosure generally relates performing UE authentication and registration with the core network, and in particular, to supporting secure interactions between the UE and the target AMF when the UE is re-allocated to the target AMF. During a UE registration procedure, the initial AMF generate a 5G-GUTI for the UE and retrieves a candidate AMF list. The initial AMF sends the generated 5G-GUTI (or 5G-S-TMSI), the candidate AMF list, and a full registration request message to the (R)AN for storage and subsequent use. The initial AMF, once determines an AMF re-allocation is needed, instruct the UE to re-start the registration procedure with the core network, by using the generated 5G-GUTI. The (R)AN selects the target AMF, and forward the stored full registration request message to the target AMF to complete the registration.
    Type: Application
    Filed: July 21, 2023
    Publication date: November 16, 2023
    Applicant: ZTE Corporation
    Inventors: Shilin YOU, Jiyan Cai, Jinguo Zhu, Yuze Liu, He Huang, Shuang Liang, Xingyue Zhou, Jin Peng, Zhen Xing, Zhaoji Lin
  • Publication number: 20230336535
    Abstract: This disclosure generally relates to UE authentication and authorization with an edge data network in communication networks. Such authentication and authorization may be based on the generation and application of an edge computing key for a UE. Such edge computing key may be used for bi-directional authentication and may be dynamically updated during various stages of the authentication and authorization process. The authentication and authorization supports a UE connected to multiple AMFs belonging to different PLMNs.
    Type: Application
    Filed: June 16, 2023
    Publication date: October 19, 2023
    Applicant: ZTE Corporation
    Inventors: Shilin YOU, Jiyan Cai, Qing Wang, Jigang Wang, Yuze Liu, Jin Peng, Zhen Xing, Zhaoji Lin
  • Patent number: 11778458
    Abstract: Embodiments of the prevent invention provide a network access authentication method and device. The method comprises: receiving an authentication request message sent by a first serving network, wherein the authentication request message carries a user equipment pseudonym identifier generated by a user equipment; determining whether a local user equipment pseudonym identifier is asynchronous with the user equipment pseudonym identifier generated by the user equipment; and obtaining, if the determination result is yes, an encrypted international mobile subscriber identity (IMSI) to carry out network access authentication on the user equipment. The embodiments of the present invention can solve the problem that a network access process in the related art does not provide a processing method for the case where the user equipment pseudonym identifier in the user equipment is asynchronous with the user equipment pseudonym identifier in a home network.
    Type: Grant
    Filed: May 27, 2022
    Date of Patent: October 3, 2023
    Assignee: ZTE Corporation
    Inventors: Shilin You, Hongjun Liu, Jiyan Cai, Zaifeng Zong, Jin Peng, Zhaoji Lin, Yunyin Zhang
  • Publication number: 20230300702
    Abstract: This disclosure generally relates performing UE authentication and registration with the core network, and in particular, to supporting secure interactions between the UE and the target AMF when the UE is re-allocated to the target AMF from an initial AMF. The Access Network element stores a candidate AMF list, and optionally, the original Registration Request message from the UE. The initial AMF, once determines an AMF re-allocation is needed, instruct the UE to re-start the registration procedure with the core network according to the stored candidate AMF list. With the solutions provided in this disclosure, the message interactions between the UE and the target AMF are integrity protected, without the need to upgrade the UE and without using an indirect connection of the core network.
    Type: Application
    Filed: May 24, 2023
    Publication date: September 21, 2023
    Applicant: ZTE Corporation
    Inventors: Shilin YOU, Jiyan CAI, Jinguo ZHU, Yuze LIU, Jin PENG, Zhen XING, Zhaoji LIN
  • Patent number: 11751051
    Abstract: proviced is an authentication method based on a GBA, and the method includes: a BSF receives an initialization request message sent by a UE, wherein the initialization request message carries a first identifier of the UE, and the first identifier comprises at least one of the following: a SUCI, an identifier converted from the SUCI, and a TMPI associated with the subscriber identity; the BSF acquires an AV of the UE according to the first ID; the BSF completes GBA authentication with the UE according to the acquired AV. In this way, the privacy of the SUPI is protected for the UE, and the SUCI or the identifier converted from the SUCI is used to perform the bootstrapping process of the GBA, thereby improving the security of the GBA authentication process.
    Type: Grant
    Filed: August 7, 2019
    Date of Patent: September 5, 2023
    Assignee: ZTE CORPORATION
    Inventors: Shilin You, Jiyan Cai, Jianhua Liu, Zhaoji Lin, Jin Peng, Boshan Zhang
  • Publication number: 20230232240
    Abstract: Provided are a subscription data update method and apparatus, a node, and a storage medium, where the method includes: in a case where a first network function node determines that authentication and key management for applications (AKMA) subscription data of a user is updated, determining, by the first network function node, a second network function node storing an AKMA context of the user; sending, by the first network function node, a subscription data management notification message to the second network function node; and receiving, by the first network function node, a subscription data management notification response message sent by the second network function node; where the subscription data management notification response message is sent after the second network function node deletes the AKMA context of the user according to the subscription data management notification message.
    Type: Application
    Filed: November 16, 2022
    Publication date: July 20, 2023
    Applicant: ZTE Corporation
    Inventors: Shilin YOU, Jiyan CAI, Zhaoji LIN, Jin PENG, Yuze LIU, Zhen XING, Jigang WANG, Min LIU
  • Publication number: 20230048689
    Abstract: Embodiments of the present disclosure provide a network access authentication processing method and device. The method includes: receiving a confirmation message sent by user equipment, the confirmation message carrying a first signature token generated by the user equipment according to a first Privacy enhanced Mobile Subscriber Identifier (PMSI); verifying whether the first signature token is valid; and when the first signature token is invalid, obtaining the PMSI to perform network access authentication on the user equipment.
    Type: Application
    Filed: July 25, 2017
    Publication date: February 16, 2023
    Inventors: Shilin YOU, Jiyan CAI, Shuang LIANG, Jin PENG, Zhaoji LIN, Xiaowu ZHAO
  • Publication number: 20220394472
    Abstract: Systems and methods for wireless communications are disclosed herein. In one embodiment, a wireless communication method includes storing, by a first network entity, mapping information and determining, by the first network entity, based on identification information and the mapping information, that a first node is authorized to connect to a network.
    Type: Application
    Filed: August 17, 2022
    Publication date: December 8, 2022
    Inventors: Yuze LIU, Shilin YOU, Jin PENG, Wantao YU, Zhaoji LIN
  • Publication number: 20220394566
    Abstract: Presented are systems and methods for acquiring channel state information. A wireless communicate node may transmit a channel state information reference signal (CSI-RS) to a wireless communication device via a first antenna port of a plurality of antenna ports of the wireless communication node. The wireless communication node may receive a channel state information (CSI) report from the wireless communication device.
    Type: Application
    Filed: August 19, 2022
    Publication date: December 8, 2022
    Inventors: Yuze LIU, Shilin YOU, Jin PENG, Wantao YU, Zhaoji LIN
  • Publication number: 20220368684
    Abstract: This disclosure generally relates to encrypted communication between terminal devices and service applications via a communication network. Such encrypted communication may be based on various hierarchical levels of encryption keys that are generated and managed by the communication network. Such encrypted communication and key management may be provided by the communication network to the terminal devices as a service that can be subscribed to. The various levels of encryption keys may be managed to improve flexibility of the communication network and to reduce potential security breaches.
    Type: Application
    Filed: July 6, 2022
    Publication date: November 17, 2022
    Applicant: ZTE Corporation
    Inventors: Shilin YOU, Jiyan CAI, Jin PENG, Wantao YU, Yuze LIU, Zhaoji LIN, Yuxin MAO, Jigang WANG