Data file registration management system, method, management apparatus, and recording medium
US-2018270111-A1 · Sep 20, 2018 · US
Software security verification method, device, and system
US10757129B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10757129-B2 |
| Application number | US-201715795623-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 27, 2017 |
| Priority date | Apr 30, 2015 |
| Publication date | Aug 25, 2020 |
| Grant date | Aug 25, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present invention discloses a software security verification method, a device, and a system, and relates to the communications field, so as to resolve a problem in the prior art that security verification on a VNF packet increases a VNF instantiation delay and reduces VNF instantiation performance. In a specific solution, after a first device receives an instantiation request of a VNF, the first device performs security verification on a stored VNF packet of the VNF when or after starting to instantiate the VNF according to the instantiation request of the VNF, and the first device sends first result information to a second device when security verification on the VNF packet of the VNF succeeds. The first result information includes information that security verification on the VNF packet of the VNF succeeds. The present invention is applied to software security verification.
First claim
Opening claim text (preview).
What is claimed is: 1. A software security verification method, comprising: receiving, by a first device, an instantiation request to instantiate a virtualized network function (VNF); performing, by the first device, security verification on a stored VNF packet of the VNF during an instantiation process of the VNF started by the first device according to the instantiation request of the VNF, wherein the security verification on the stored VNF packet of the VNF comprises authenticating the stored VNF packet of the VNF; sending, by the first device, first result information to a second device when security verification on the VNF packet of the VNF succeeds, wherein: a software image of the stored VNF packet is stored in the second device; and the first result information comprises information indicating that the security verification on the VNF packet of the VNF succeeds; sending, by the first device, first instruction information to the second device, wherein the first instruction information is configured to instruct the second device to perform security verification on the software image of the VNF; and receiving, by the first device, second result information from the second device, wherein the second result information comprises a result of performing security verification on the software image of the VNF by the second device. 2. The method according to claim 1 , wherein the method further comprises: when security verification on the VNF packet of the VNF fails, terminating, by the first device, VNF instantiation, or sending, by the first device, first result information to the second device, wherein the first result information comprises information that security verification on the VNF packet of the VNF fails. 3. The method according to claim 1 , wherein the VNF packet of the VNF comprises a software image of the VNF; and performing, by the first device, security verification on the stored VNF packet of the VNF comprises: performing, by the first device, security verification on the software image of the VNF. 4. The method according to claim 1 , wherein the first device is a network functions virtualization orchestrator (NFVO), and the second device is a virtualized infrastructure manager (VIM). 5. A software security verification method, comprising: determining, by a second device, a security verification result of a virtualized network function (VNF) packet of a VNF, wherein: the security verification result is a result of a security verification on a stored VNF packet of the VNF during an instantiation process of the VNF started by a first device according to an instantiation request of the VNF received by the first device; and a software image of the stored VNF packet of the VNF is stored in the second device; receiving, by the second device, first instruction information sent by a first device, wherein the first instruction information is configured to instruct the second device to perform security verification on the software image of the VNF; performing, by the second device, security verification on the software image of the VNF according to the first instruction information, and determining a security verification result of the software image of the VNF; sending, by the second device, second result information to the first device, wherein the second result information comprises the result of performing security verification on the software image of the VNF by the second device; and connecting, by the second device, a virtual machine (VM) to a network when the security verification on the VNF packet of the VNF succeeds and the software image of the VNF succeeds, wherein the VM is a VM created for the VNF by the second device. 6. The method according to claim 5 , wherein the method further comprises: terminating, by the second device, the VNF instantiation process when the security verification on the VNF packet of the VNF fails, wherein the VNF instantiation process comprises connecting the VM to the network. 7. The method according to claim 5 , wherein determining, by the second device, the security verification result of the VNF packet of the VNF comprises: receiving, by the second device, first result information from the first device, wherein the first result information comprises the security verification result of the stored VNF packet of the VNF. 8. A first device, comprising a processor, a memory, a bus, and a transmitter, wherein the processor, the memory, and the transmitter are connected to each other by using the bus; the processor is configured to: receive an instantiation request to instantiate a virtualized network function (VNF); during an instantiation process of the VNF started by first device according to the instantiation request of the VNF, perform security verification on a stored VNF packet of the VNF; and the transmitter is configured to: send first result information to a second device when a verification result of the processor indicates that security verification on the VNF packet of the VNF succeeds, wherein: a software image of the stored VNF packet is stored in the second device; and the first result information comprises information that security verification on the VNF packet of the VNF succeeds; send first instruction information to the second device, wherein the first instruction information is configured to instruct the second device to perform security verification on the software image of the VNF; and receive second result information from the second device, wherein the second result information comprises a result of performing security verification on the software image of the VNF by the second device. 9. The device according to claim 8 , wherein the processor is further configured to terminate VNF instantiation when security verification on the VNF packet of the VNF fails; or the transmitter is further configured to send first result information to the second device when security verification on the VNF packet of the VNF fails, wherein the first result information comprises information that security verification on the VNF packet of the VNF fails. 10. The device according to claim 8 , wherein the VNF packet of the VNF comprises a software image of the VNF; and the processor is further configured to perform security verification on the software image of the VNF. 11. A second device, comprising: a processor, a memory, a bus, wherein the processor and the memory are connected to each other by using the bus; and the processor is configured to: determine a security verification result of a virtualized network function (VNF) packet of a VNF, wherein the security verification result is a result of a security verification on a stored VNF packet of the VNF during an instantiation process of the VNF started by a first device according to an instantiation request of the VNF received by the first device; and connect a virtual machine VM to a network when determining that security verification on the VNF packet of the VNF succeeds, wherein the VM is a VM created for the VNF by the second device; and a transmitter, wherein the transmitter is configured to send second result information to the first device, wherein the second result information comprises the result of performing security verification on the software image of the VNF by the second device. 12. The device according to claim 11 , wherein the processor is further configured to terminate VNF instantiation when determining that security verification on the VNF packet of the VNF fails, wherein VNF instantiation comprises connecting the VM to the network. 13. The device according to claim 11 , wherei
Assignees
Inventors
Classifications
- H04L63/1433Primary
Vulnerability analysis · CPC title
- H04L63/12Primary
Applying verification of the received information (cryptographic mechanisms or cryptographic arrangements for data integrity or data verification H04L9/32) · CPC title
Interconnection of networks · CPC title
Bus networks · CPC title
Discovery or management of network topologies · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10757129B2 cover?
- The present invention discloses a software security verification method, a device, and a system, and relates to the communications field, so as to resolve a problem in the prior art that security verification on a VNF packet increases a VNF instantiation delay and reduces VNF instantiation performance. In a specific solution, after a first device receives an instantiation request of a VNF, the …
- Who is the assignee on this patent?
- Huawei Tech Co Ltd
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1433. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 25 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).