CN109842484A - A kind of next-hop chain counter update method, device and equipment - Google Patents

A kind of next-hop chain counter update method, device and equipment Download PDF

Info

Publication number
CN109842484A
CN109842484A CN201711194065.4A CN201711194065A CN109842484A CN 109842484 A CN109842484 A CN 109842484A CN 201711194065 A CN201711194065 A CN 201711194065A CN 109842484 A CN109842484 A CN 109842484A
Authority
CN
China
Prior art keywords
ncc
timer
counter
pdcp entity
update
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711194065.4A
Other languages
Chinese (zh)
Other versions
CN109842484B (en
Inventor
刘俊
梁靖
陈瑞卡
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Academy of Telecommunications Technology CATT
Datang Mobile Communications Equipment Co Ltd
Original Assignee
China Academy of Telecommunications Technology CATT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Academy of Telecommunications Technology CATT filed Critical China Academy of Telecommunications Technology CATT
Priority to CN201711194065.4A priority Critical patent/CN109842484B/en
Publication of CN109842484A publication Critical patent/CN109842484A/en
Application granted granted Critical
Publication of CN109842484B publication Critical patent/CN109842484B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of next-hop chain counter update method, device and equipment, comprising: to set security update timer and/or counter into the user equipment after an inactive state;Whether changed according to packet data polymerized protocol entity and the security update timer whether time-out and/or the counter reach its threshold value to determine whether to update the next-hop chain counter of user equipment.Using the present invention, the frequency of update is reduced compared to the terminal key update mechanism in LTE, to reduce corresponding signaling overheads.Further, biggish flexibility can also be provided to meet the safety requirements of future 5G mobile communication system by adjusting the threshold value of aforementioned timer and counter.

Description

A kind of next-hop chain counter update method, device and equipment
Technical field
The present invention relates to wireless communication technology field, in particular to a kind of next-hop chain counter update method, device and Equipment.
Background technique
Fig. 1 is EPS key hierarchies schematic diagram, and EPS (Evolved Packet System, evolved packet system) is close Key level is as shown in the figure are as follows:
When safe context is established, UE (User Equipment, user equipment) and MME (Mobility Management Entity, mobility management entity) utilize KASME(MME basic key) and KeNB(base station key) derives NH (Next Hop next-hop);When safe context is not set up, UE and MME utilize KASMENew NH is derived with former NH.Wherein, UE With MME according to KASMEIt is derived by KeNB, enter ECM-CONNECTED (ECM connection in UE;ECM:EPS Connection Management, EPS Connection Management) (state is RRC (Radio Resource Control, wireless heterogeneous networks) to state Connection or S1 context establish during state) during from EPC send eNB to.NCC(Next hop Chaining Counter, next-hop chain counter) it is used to record how many NH generated altogether, keep UE synchronous with eNB, and determine next KeNB*Calculating be to need based on current KeNBOr new NH.
It can be according to HSS (Home Subscriber Server, home subscriber service while core net is by authenticating UE Device) in store UE parameter (CK, IK (Integrity Key, Integrity Key)) and other parameters (service network identification (SN ID), sequence number (SQN), secrete key (AK)) information generation MME basic key KASME.The K generated in MMEASMEOnly in local MME safeguards not unofficial biography.Based on KASMEWith Uplink NAS COUNT (uplink NAS count;NAS:Non Access Stratum, Non-Access Stratum) generate KeNB, according to KASMEAnd NAS key algorithm (containing integrality and Encryption Algorithm) generates NAS key KNASint (NAS tegrity protection key), KNASenc(NAS encryption key).Core net is by that can also send UE NAS to UE after authenticating to UE The relevant NAS SMC of safe context (security mode command, safe mode command) signaling, the signaling include MME The NAS key schedule and necessary parameter (SQN, AK) of UE are passed to, thus generation KASME identical with MME, KNASint, KNASenc key.
The deficiencies in the prior art are: in LTE (Long Term Evolution, long term evolution), carrying out when each RRC connection restores or may all update the key of UE when rebuilding, and the key updating of this method is excessively frequent, sometimes It is not necessary to. Another method is when generation PDCP (Packet Data Convergence Protocol, packet data polymerized agreement) entity Shi Caigeng new key is changed, although this method reduces key updating number, but also increase implementation complexity, and it is to RRC The secure context that connection restores equally correlated process influences also to be discussed.
Summary of the invention
The present invention provides a kind of next-hop chain counter update method, device and equipment, to reduce next-generation movement Frequency when terminal key in communication network updates.
A kind of next-hop chain counter update method is provided in the embodiment of the present invention, comprising:
Security update timer and/or counter are set to enter the UE after INACTIVE state;
Whether changed according to PDCP entity and the security update timer whether time-out and/or the counting Whether device reaches its threshold value to determine whether the NCC of update UE.
Preferably, further comprising:
When the security update timer expiry and/or the counter reach its threshold value, according to the state of UE by pre- If the NCC of policy update UE.
Preferably, further comprising:
If setting is timer, when UE is resident for the first time to a new base station, and PDCP entity changes, open again Move the timer;Or,
If setting is timer, after the timer expiry, the timer is restarted;Or,
If setting is counter, when UE is resident for the first time to a new base station, and PDCP entity changes, open again Move the counter;Or,
If setting is counter, after which reaches its threshold value, the timer is restarted.
Preferably, further comprising:
After PDCP entity of generation unchanged RRC connection recovery process or RRC reconstruction process, by the counter Numerical value adds 1.
Preferably, it is extensive in the connection for receiving INACTIVE UE transmission when base station for judging whether PDCP entity changes When multiple request message, whether there is the context of the UE according to base station, whether the PDCP entity to judge the UE is changed.
Preferably, whether changed according to PDCP entity and the security update timer whether time-out and/or institute State whether counter reaches its threshold value to determine whether the NCC of update UE, comprising:
If PDCP entity changes, the NCC of UE is updated;Or,
If PDCP entity does not change, and only with timer, then the NCC of UE is updated afterwards when the timer times out;Or,
If PDCP entity does not change, and only with counter, then update UE's after counter reaches its threshold value NCC;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out or counter Reach the NCC that UE is updated after its threshold value;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out and counter Reach the NCC that UE is updated after its threshold value.
Preferably, further comprising when updating the NCC of UE:
If it is determined that PDCP entity changes, then the NCC that message MSG4 is updated to UE instruction is restored by RRC connection, and Reset timer and/or counter.
Preferably, updating the NCC of UE one of in the following manner or a combination thereof:
Restore message using RRC connection and indicates new NCC to UE;
In the NCC for making UE configure update from the message that connected state becomes INACTIVE state;
The NCC of update is configured during UE becomes connected state.
A kind of base station is provided in the embodiment of the present invention, comprising:
Processor executes following method for reading the program in memory:
Security update timer and/or counter are set to enter the UE after INACTIVE state;
Whether changed according to PDCP entity and the security update timer whether time-out and/or the counting Whether device reaches its threshold value to determine whether the NCC of update UE;
Transceiver executes following process for sending and receiving data under the control of a processor:
Sending and receiving data is needed according to the NCC for updating UE.
Preferably, further comprising:
When the security update timer expiry and/or the counter reach its threshold value, according to the state of UE by pre- If the NCC of policy update UE.
Preferably, further comprising:
If setting is timer, when UE is resident for the first time to a new base station, and PDCP entity changes, open again Move the timer;Or,
If setting is timer, after the timer expiry, the timer is restarted;Or,
If setting is counter, when UE is resident for the first time to a new base station, and PDCP entity changes, open again Move the counter;Or,
If setting is counter, after which reaches its threshold value, the timer is restarted.
Preferably, further comprising:
After PDCP entity of generation unchanged RRC connection recovery process or RRC reconstruction process, by the counter Numerical value adds 1.
Preferably, it is extensive in the connection for receiving INACTIVE UE transmission when base station for judging whether PDCP entity changes When multiple request message, whether there is the context of the UE according to base station, whether the PDCP entity to judge the UE is changed.
Preferably, whether changed according to PDCP entity and the security update timer whether time-out and/or institute State whether counter reaches its threshold value to determine whether the NCC of update UE, comprising:
If PDCP entity changes, the NCC of UE is updated;Or,
If PDCP entity does not change, and only with timer, then the NCC of UE is updated afterwards when the timer times out;Or,
If PDCP entity does not change, and only with counter, then update UE's after counter reaches its threshold value NCC;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out or counter Reach the NCC that UE is updated after its threshold value;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out and counter Reach the NCC that UE is updated after its threshold value.
Preferably, further comprising when updating the NCC of UE:
If it is determined that PDCP entity changes, then the NCC that message MSG4 is updated to UE instruction is restored by RRC connection, and Reset timer and/or counter.
Preferably, updating the NCC of UE one of in the following manner or a combination thereof:
Restore message using RRC connection and indicates new NCC to UE;
In the NCC for making UE configure update from the message that connected state becomes INACTIVE state;
The NCC of update is configured during UE becomes connected state.
A kind of NCC updating device is provided in the embodiment of the present invention, comprising:
Setting module, for set security update timer and/or counter into the UE after INACTIVE state;
Judgment module is updated, for whether changing according to PDCP entity and whether is the security update timer Whether the overtime and/or described counter reaches its threshold value to determine whether the NCC of update UE.
A kind of computer equipment is provided in the embodiment of the present invention, including memory, processor and storage are on a memory And the computer program that can be run on a processor, the processor realize above-mentioned next-hop chain when executing the computer program Counter update method.
A kind of computer readable storage medium, the computer-readable recording medium storage are provided in the embodiment of the present invention There is the computer program for executing above-mentioned next-hop chain counter update method.
The present invention has the beneficial effect that:
In technical solution provided in an embodiment of the present invention, security update timing is set to enter the UE after INACTIVE state Device and/or counter, then whether changed according to PDCP entity and the security update timer whether time-out and/ Or whether the counter reaches its threshold value to determine whether the NCC of update UE.Since the determination of whether the NCC for updating UE is to pass through Set a security update timer and/or counter, and based on whether change to PDCP entity, whether the timer surpasses When and/or counter whether reach its threshold value to judge, therefore reduced more compared to the terminal key update mechanism in LTE New frequency, to reduce corresponding signaling overheads.
It further, can also be by adjusting the threshold value of aforementioned timer and counter, to meet future 5G mobile communication The safety requirements of system provides biggish flexibility.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present invention, constitutes a part of the invention, this hair Bright illustrative embodiments and their description are used to explain the present invention, and are not constituted improper limitations of the present invention.In the accompanying drawings:
Fig. 1 is EPS key hierarchies schematic diagram in background technique;
Fig. 2 is that LTE connection restores correlated process security information update flow diagram in the embodiment of the present invention;
Fig. 3 is NCC update method implementation process diagram in the embodiment of the present invention;
Fig. 4 is NCC updating device structural schematic diagram in the embodiment of the present invention;
Fig. 5 is architecture of base station schematic diagram in the embodiment of the present invention.
Specific embodiment
Inventor notices in LTE during invention and connects in recovery process and its security mechanism:
In LTE, RRC connection recovery process betides IDLE (Idle state) UE.IDLE UE is in RRC connection recovery process CONNECTED (connected state) will be entered after success.Therefore, all there is corresponding RRC connection before each RRC connection recovery process Hang-up process.
1) the hang-up process before restoring.
In LTE, eNB requests to hang up UE context and relevant bearer context (being stored in EPC) to MME, then turns UE Move on to RRC_IDLE.ENB first sends out S1-AP UE Context Suspend Request (S1-AP customer equipment context to MME It suspends request;S1-AP:S1Application Protocol, S1 interface application protocol)) message, MME according to its local policy, It is right new { NH, NCC } may to be sent to eNB.Then, eNB sends RRC connection Suspend (RRC connection extension to UE Rise) message, wherein what is carried is old security information.If { NH, the NCC } that eNB obtains update is right, then K is keptRRCint(RRC Signaling tegrity protection key), and other keys of AS (Access Stratum, access layer) safe context are deleted, also It is to say, deletes K after sending RRC connection Suspend message to UEeNB, KRRCencAnd KUPenc(customer side encryption is close Key);Otherwise, if eNB { NH, the NCC } that does not obtain update from MME is right, then AS key is kept.
2) recovery process after hanging up.
Security information in RRC Connection Resume Request (RRC connection recovery request) message is ShortResumeMAC-I, calculating input includes source base station C-RNTI (the Cell-Radio Network that UE is suspended before this Temporary Identifier, Cell Radio Network Temporary Identifier/Identity, Cell-RNTI), source base station PCI (physical cell identity, Physical-layer cell identifier), restore constant, target BS Cell-ID and with the consistent K in source base station endRRCint。 ShortResumeMAC-I verifies user for network side.Target BS receives the RRC Connection Resume of UE UE context request message is sent to source base station based on the Resume id information in the message after Request message, source base station is received It can be according to UE ID, K after to the messageRRCintEtc. information generate another short MAC-I, with UE send short MAC-I It is compared.If they are the same, then source base station derives new KeNB*.If source base station obtains more during hang-up before this from MME New { NH, NCC } is right, then right using { NH, NCC } is somebody's turn to do, and derives new KeNB*.Then, the upper and lower of the UE is sent to target BS Text, including new KeNB*, associated new NCC, UE EPS security capabilities (adopt including the UE security algorithm supported and source cell Encryption and protection algorithm integrallty).Accordingly, target BS derives and is originated from KeNB*The corresponding new AS key (RRC of algorithm Integrity Key, encryption key and UP key), all PDCP COUNT (PDCP counter) are reset to 0, and activate PDCP layers New key.
Next, target BS responds UE with RRC Connection Resume message (including what is obtained from source base station NCC), using new AS key in PDCP layers of progress integrity protection.After UE receives the message, integrality school is carried out to its MAC-I It tests, if verifying successfully, all PDCP COUNT are reset to 0 by UE, activate PDCP layers of new AS key, are then sent out to target BS Send while using the RRC Connection Resume Complete message of integrity protection and encryption.
The situation of new base station is restored to for UE, after recovery process success, target BS will also be executed as in X2 switching Path Switch (path integration) process;The situation of same base is restored to for UE, after recovery process success, the base S1-AP UE Context Resume Request message will also be sent to MME by standing, and MME is received after the message according to its local Strategy determines whether to derive new NH.If the instruction of its local policy has derived new NH, will accordingly new { NH, NCC } to passing through S1- AP UE Context Resume Response message is sent to base station.
Fig. 2 is that LTE connection restores correlated process security information update flow diagram, according to foregoing description, if UE is new Security information more new technological process when base station is restored is as shown in Figure 2.
For NR connection recovery process and its security mechanism, in 5G NR (next generation Radio, next-generation sky Mouthful) in, RRC connection recovery process betides INACTIVE (inactive) UE.Even for successful RRC connection recovery process, Whether UE has to enter into connected state, and there are also to be determined.A kind of possible mode is: after connection recovery process is completed, UE is still It is maintained at INACTIVE state.In addition, also there are also to be determined for complete safety mechanism in the process.
To sum up, the deficiencies in the prior art are:, all may be more when carrying out RRC connection every time and restoring or rebuild in LTE The key of new UE, the key updating of this method is excessively frequent, sometimes It is not necessary to.Another method is to work as that PDCP entity occurs more Change Shi Caigeng new key, although this method reduces key updating number, but also increase implementation complexity, and it connects RRC The secure context influence for connecing recovery equally correlated process is also to be discussed.
In 5G NR, a kind of UE (terminal) state, i.e., inactive (INACTIVE) state have been newly increased.In order to as far as possible Control plane time delay is reduced while reducing UE energy consumption, the correlated process of INACTIVE state receives larger concern, and UE enters How to be updated to its key after INACTIVE state is discussing the problem of, will affect UE and network Safety and related signaling expense.In this regard, proposing UE in the embodiment of the present invention enters the key updating after an inactive state Scheme.Description of specific embodiments of the present invention with reference to the accompanying drawing.
Fig. 3 is NCC update method implementation process diagram, as shown in the figure, comprising:
Step 301 sets security update timer and/or counter to enter the UE after INACTIVE state;
Step 302, whether changed according to PDCP entity and the security update timer whether time-out and/or Whether the counter reaches its threshold value to determine whether the NCC of update UE.
Specifically, being that it sets a security update timer (comprising the time for into the UE after INACTIVE state Threshold value) and/or counter (including frequency threshold value), to assist NCC (the Next hop Chaining for controlling whether to update UE Counter, next-hop chain counter).Wherein, by the way of timer to control PDCP entity it is constant in the case where it is same The use duration of NCC, and by the way of counter then to control PDCP entity it is constant in the case where same NCC use time Number.Two ways can be selected first, can also apply simultaneously.
In implementation, it can further include:
When the security update timer expiry and/or the counter reach its threshold value, according to the state of UE by pre- If the NCC of policy update UE.
Specifically, in the key updating after UE enters an inactive state, it, can basis after the NCC for determining to update UE The state of UE and local policy use the specific update mode of suitable NCC when timer expiry or counter reach its threshold value.
Local policy refers to selects one kind from available method, specifically how to select to be exactly local policy, this is being arranged It when ground strategy, then can be determined, can be needed according to practice to be configured by operator.
In implementation, it can further include:
If setting is timer, when UE is resident for the first time to a new base station, and PDCP entity changes, open again Move the timer;Or,
If setting is timer, after the timer expiry, the timer is restarted;Or,
If setting is counter, when UE is resident for the first time to a new base station, and PDCP entity changes, open again Move the counter;Or,
If setting is counter, after which reaches its threshold value, the timer is restarted.
Specifically, according to timer mode, then when the UE is resident for the first time, to new base station, (and PDCP entity changes Become) or the timer expiry after, (again) starts the timer;According to counter type, then when the UE is resident for the first time to one After a new base station (and PDCP entity changes) or the counter reach its threshold value, (again) starts the counter.
In implementation, it can further include:
After PDCP entity of generation unchanged RRC connection recovery process or RRC reconstruction process, by the counter Numerical value adds 1.
Specifically, according to counter type, it is subsequent to work as PDCP entity of generation not when restarting the counter The RRC connection of change restores, after reconstruction process, and the numerical value of the counter adds 1.
In implementation, it is extensive in the connection for receiving INACTIVE UE transmission when base station for judging whether PDCP entity changes When multiple request message, whether there is the context of the UE according to base station, whether the PDCP entity to judge the UE is changed.
Specifically, when base station receives the connection recovery request message of some INACTIVE UE transmission, it can be according to this base It stands and whether has the context of the UE, to judge whether the PDCP entity of the UE changes.
In implementation, whether changed according to PDCP entity and the security update timer whether time-out and/or institute State whether counter reaches its threshold value to determine whether the NCC of update UE, comprising:
If PDCP entity changes, the NCC of UE is updated;Or,
If PDCP entity does not change, and only with timer, then the NCC of UE is updated afterwards when the timer times out;Or,
If PDCP entity does not change, and only with counter, then update UE's after counter reaches its threshold value NCC;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out or counter Reach the NCC that UE is updated after its threshold value;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out and counter Reach the NCC that UE is updated after its threshold value.
Specifically, if it is determined that PDCP entity does not change, then judge security update timer whether time-out or counter Whether reach its threshold value, thus determines whether to update the NCC of UE, specifically then can be such that
If only with timer, when the timer times out after just need update UE NCC;
If need to just update the NCC of UE after counter reaches its threshold value only with counter;
It, can be there are two types of mode if using timer and counter simultaneously:
When the timer times out or counter reaches the NCC that UE need to be just updated after its threshold value;
When the timer times out and counter reaches the NCC that UE need to be just updated after its threshold value.
In implementation, when updating the NCC of UE, it can further include:
If it is determined that PDCP entity changes, then the NCC that message MSG4 is updated to UE instruction is restored by RRC connection, and Reset timer and/or counter.
Specifically, then updating the NCC of UE if it is determined that PDCP entity changes, that is, utilize RRC connection recovery message MSG4 The NCC updated to UE instruction, so that UE updates current each association key.Meanwhile resetting aforementioned timer and/or counter.
In implementation, if it is determined that PDCP entity does not change, then the NCC of UE can be updated one of in the following manner:
Restore message using RRC connection and indicates new NCC to UE;Or,
In the NCC for making UE configure update from the message that connected state becomes INACTIVE state;Or,
The NCC of update is configured during UE becomes connected state.
Specifically, if it is determined that the NCC of UE need to be updated, then can be reached according to timer expiry or counter its threshold value when Quarter and local policy, the NCC of UE are updated using suitable mode, and reset the timer or counter.Wherein, UE is updated The mode of NCC can include but is not limited to following a certain kind:
Restore using RRC connection and (be similar to RRCConnectionResume) to indicate new NCC to UE;
UE is set to configure new NCC from the message that connected state becomes INACTIVE state;
New NCC is configured during UE becomes connected state, including but not limited to (is similar to using reconstruction RRCConnectionReestablishment) message or RRC connection reconfiguration (are similar to RRCConnectionReconfiguration) message configures.
It is illustrated below by example.
Embodiment 1:
In this example, it is to judge the whether changed embodiment of the PDCP entity of UE, specifically can be such that
1, it after an INACTIVE UE is moved in some base station range, when there is business arrival, is sent out to the base station Send RRC connection recovery request message;
2, when base station receives RRC connection recovery request message, the recovery identification information in the message is extracted, with accordingly Locally searching whether that having the recovery identifies corresponding UE contextual information.
If base station is locally having found the corresponding UE contextual information of recovery mark, then it is assumed that UE is initiated in same base station RRC connection recovery request, therefore determine that the PDCP entity of the UE does not change;
If base station is locally failing to find the corresponding UE contextual information of recovery mark, then it is assumed that UE is initiated in new base station RRC connection recovery request, therefore determine that the PDCP entity of the UE changes.
Embodiment 2:
In this example, it is that NCC when only with timer or counter type updates embodiment, specifically can be such that
If timer expiry or counter reach its threshold value, if UE is an inactive state, according to local policy, selection A kind of following NCC update mode:
Restore and (be similar to RRCConnectionResume) message using RRC connection in subsequent RRC connection recovery process New NCC is indicated to UE;
When UE enters connected state after the success of subsequent RRC connection recovery process, (it is similar to using RRC connection reconstruction RRCConnectionReestablishment) message, or (be similar to using RRC connection reconfiguration RRCConnectionReconfiguration) message indicates new NCC to UE;
UE enters connected state after the success of subsequent RRC connection recovery process, and when need to then return an inactive state, UE is set to configure new NCC from the message that connected state becomes INACTIVE state;
If UE is connected state when timer expiry or counter reach its threshold value, according to local policy, selection is such as next Kind NCC update mode:
Using RRC connection reconstruction (being similar to RRCConnectionReestablishment) message, or utilize RRC connection Reconfiguration (being similar to RRCConnectionReconfiguration) message indicates new NCC to UE;
If UE need to then return an inactive state, configure UE from the message that connected state becomes INACTIVE state newly NCC.
Embodiment 3:
In this example, be when and meanwhile NCC when using timer and counter type update embodiment, specifically can be as Under:
According to: when the timer times out or counter reaches that the NCC of UE need to be just updated after its threshold value, then:
If timer is overtime before counter reaches its threshold value, according to the state of UE when timer expiry, and according to this Ground strategy selects a kind of NCC update mode according to embodiment 2;
If counter reaches its threshold value before timer expiry, the state of UE when reaching its threshold value according to counter, and According to local policy, a kind of NCC update mode is selected according to embodiment 2;
According to: timer expiry and counter reaches the NCC that UE need to be just updated after its threshold value, then:
If timer expiry betides after counter reaches its threshold value, according to the state of UE when timer expiry, and According to local policy, a kind of NCC update mode is selected according to embodiment 2;
If timer expiry betides before counter reaches its threshold value, the shape of UE when reaching its threshold value according to counter State, and according to local policy, a kind of NCC update mode is selected according to embodiment 2;
Based on the same inventive concept, NCC updating device, base station, computer equipment, meter are additionally provided in the embodiment of the present invention Calculation machine readable storage medium storing program for executing, since the principle that these equipment solve the problems, such as is similar to NCC update method, the reality of these equipment The implementation for the method for may refer to is applied, overlaps will not be repeated.
Fig. 4 is NCC updating device structural schematic diagram, as shown, may include:
Setting module 401, for set security update timer and/or counting into the UE after INACTIVE state Device;
Judgment module 402 is updated, for whether changing according to PDCP entity and the security update timer is Whether no time-out and/or the counter reach its threshold value to determine whether the NCC of update UE.
For convenience of description, each section of apparatus described above is divided into various modules with function or unit describes respectively. Certainly, each module or the function of unit can be realized in same or multiple softwares or hardware in carrying out the present invention.
When implementing technical solution provided in an embodiment of the present invention, can implement as follows.
Fig. 5 is architecture of base station schematic diagram, as shown, including: in base station
Processor 500 executes following process for reading the program in memory 520:
Security update timer and/or counter are set to enter the UE after INACTIVE state;
Whether changed according to PDCP entity and the security update timer whether time-out and/or the counting Whether device reaches its threshold value to determine whether the NCC of update UE;
Transceiver 510 executes following process for sending and receiving data under control of the processor 500:
Sending and receiving data is needed according to the NCC for updating UE.
In implementation, further comprise:
When the security update timer expiry and/or the counter reach its threshold value, according to the state of UE by pre- If the NCC of policy update UE.
In implementation, further comprise:
If setting is timer, when UE is resident for the first time to a new base station, and PDCP entity changes, open again Move the timer;Or,
If setting is timer, after the timer expiry, the timer is restarted;Or,
If setting is counter, when UE is resident for the first time to a new base station, and PDCP entity changes, open again Move the counter;Or,
If setting is counter, after which reaches its threshold value, the timer is restarted.
In implementation, further comprise:
After PDCP entity of generation unchanged RRC connection recovery process or RRC reconstruction process, by the counter Numerical value adds 1.
In implementation, it is extensive in the connection for receiving INACTIVE UE transmission when base station for judging whether PDCP entity changes When multiple request message, whether there is the context of the UE according to base station, whether the PDCP entity to judge the UE is changed.
In implementation, whether changed according to PDCP entity and the security update timer whether time-out and/or institute State whether counter reaches its threshold value to determine whether the NCC of update UE, comprising:
If PDCP entity changes, the NCC of UE is updated;Or,
If PDCP entity does not change, and only with timer, then the NCC of UE is updated afterwards when the timer times out;Or,
If PDCP entity does not change, and only with counter, then update UE's after counter reaches its threshold value NCC;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out or counter Reach the NCC that UE is updated after its threshold value;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out and counter Reach the NCC that UE is updated after its threshold value.
In implementation, when updating the NCC of UE, further comprise:
If it is determined that PDCP entity changes, then the NCC that message MSG4 is updated to UE instruction is restored by RRC connection, and Reset timer and/or counter.
In implementation, if it is determined that PDCP entity does not change, then update UE's one of in the following manner or a combination thereof NCC:
Restore message using RRC connection and indicates new NCC to UE;Or,
In the NCC for making UE configure update from the message that connected state becomes INACTIVE state;Or,
The NCC of update is configured during UE becomes connected state.
Wherein, in Fig. 5, bus architecture may include the bus and bridge of any number of interconnection, specifically by processor 500 The various circuits for the memory that the one or more processors and memory 520 of representative represent link together.Bus architecture is also Various other circuits of such as peripheral equipment, voltage-stablizer and management circuit or the like can be linked together, these are all It is it is known in the art, therefore, it will not be further described herein.Bus interface provides interface.Transceiver 510 can To be multiple element, that is, includes transmitter and transceiver, the list for communicating over a transmission medium with various other devices is provided Member.Processor 500, which is responsible for management bus architecture and common processing, memory 520, can store processor 500 and is executing operation When used data.
Additionally provide a kind of computer equipment in embodiment, including memory, processor and storage are on a memory and can The computer program run on a processor, the processor realize the above-mentioned update side NCC when executing the computer program Method.
A kind of computer readable storage medium is additionally provided in embodiment, the computer-readable recording medium storage is held The computer program of the above-mentioned NCC update method of row.
Specific implementation may refer to the implementation of above-mentioned NCC update method.
In conclusion in technical solution provided in an embodiment of the present invention, for being into the UE after INACTIVE state Whether it sets a security update timer and/or counter, and changed and the safety by judging PDCP entity Updating timer, whether overtime and/or counter reaches its threshold value, to decide whether to update the NCC of UE, and according to timing The state of UE and local policy are using the specific update mode of suitable NCC when device time-out or counter reach its threshold value.
For setting a security update timer (including time threshold) for it into the UE after INACTIVE state And/or counter (including frequency threshold value), to assist NCC (the Next hop Chaining for controlling whether to update UE Counter, next-hop chain counter).Wherein, by the way of timer to control PDCP entity it is constant in the case where it is same The use duration of NCC, and by the way of technology device then to control PDCP entity it is constant in the case where same NCC use time Number.Two ways can be selected first, can also apply simultaneously.
In scheme, by one security update timer of setting and/or counter, and it is based on that PDCP entity whether occurs Variation, the timer whether time-out and/or counter whether reach its threshold value judgement come decide whether update UE NCC and Specific update mode reduces the frequency of update compared to the terminal key update mechanism in LTE, to reduce corresponding Signaling overheads.Meanwhile it can be by adjusting the threshold value of aforementioned timer and counter, for the peace for meeting future 5G mobile communication system It is complete to require to provide biggish flexibility.
It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more, The shape for the computer program product implemented in usable storage medium (including but not limited to magnetic disk storage and optical memory etc.) Formula.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art Mind and range.In this way, if these modifications and changes of the present invention belongs to the range of the claims in the present invention and its equivalent technologies Within, then the present invention is also intended to include these modifications and variations.

Claims (19)

1. a kind of next-hop chain counter NCC update method characterized by comprising
Security update timer and/or counter are set to enter the user equipment (UE) after inactive INACTIVE state;
Whether changed according to packet data polymerized agreement PDCP entity and whether the security update timer is overtime And/or whether the counter reaches its threshold value to determine whether the NCC of update UE.
2. the method as described in claim 1, which is characterized in that further comprise:
When the security update timer expiry and/or the counter reach its threshold value, default plan is pressed according to the state of UE Slightly update the NCC of UE.
3. the method as described in claim 1, which is characterized in that further comprise:
If setting is timer, when UE is resident for the first time to a new base station, and PDCP entity changes, restarting should Timer;Or,
If setting is timer, after the timer expiry, the timer is restarted;Or,
If setting is counter, when UE is resident for the first time to a new base station, and PDCP entity changes, restarting should Counter;Or,
If setting is counter, after which reaches its threshold value, the timer is restarted.
4. method as claimed in claim 3, which is characterized in that further comprise:
After PDCP entity of generation unchanged radio resource control RRC connection recovery process or RRC reconstruction process, by this The numerical value of counter adds 1.
5. the method as described in claim 1, which is characterized in that judging whether PDCP entity changes is when base station receives When the connection recovery request message that INACTIVE UE is sent, whether there is the context of the UE, according to base station to judge the UE's Whether PDCP entity is changed.
6. the method as described in claim 1, which is characterized in that whether changed according to PDCP entity and the safety Updating timer, whether time-out and/or the counter reach its threshold value to determine whether to update the NCC of UE, comprising:
If PDCP entity changes, the NCC of UE is updated;Or,
If PDCP entity does not change, and only with timer, then the NCC of UE is updated afterwards when the timer times out;Or,
If PDCP entity does not change, and only with counter, then the NCC of UE is updated after counter reaches its threshold value;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out or counter reaches The NCC of UE is updated after its threshold value;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out and counter reaches The NCC of UE is updated after its threshold value.
7. method as claimed in claim 6, which is characterized in that when updating the NCC of UE, further comprise:
If it is determined that PDCP entity changes, then the NCC that message MSG4 is updated to UE instruction is restored by RRC connection, and reset Timer and/or counter.
8. method as claimed in claim 6, which is characterized in that if it is determined that PDCP entity does not change, then by with lower section The NCC of one of formula update UE:
Restore message using RRC connection and indicates new NCC to UE;Or,
In the NCC for making UE configure update from the message that connected state becomes INACTIVE state;Or,
The NCC of update is configured during UE becomes connected state.
9. a kind of base station characterized by comprising
Processor executes following method for reading the program in memory:
Security update timer and/or counter are set to enter the user equipment (UE) after inactive INACTIVE state;
Whether changed according to packet data polymerized agreement PDCP entity and whether the security update timer is overtime And/or whether the counter reaches its threshold value to determine whether the NCC of update UE;
Transceiver executes following process for sending and receiving data under the control of a processor:
Sending and receiving data is needed according to the NCC for updating UE.
10. base station as claimed in claim 9, which is characterized in that further comprise:
When the security update timer expiry and/or the counter reach its threshold value, default plan is pressed according to the state of UE Slightly update the NCC of UE.
11. base station as claimed in claim 9, which is characterized in that further comprise:
If setting is timer, when UE is resident for the first time to a new base station, and PDCP entity changes, restarting should Timer;Or,
If setting is timer, after the timer expiry, the timer is restarted;Or,
If setting is counter, when UE is resident for the first time to a new base station, and PDCP entity changes, restarting should Counter;Or,
If setting is counter, after which reaches its threshold value, the timer is restarted.
12. base station as claimed in claim 11, which is characterized in that further comprise:
After PDCP entity of generation unchanged radio resource control RRC connection recovery process or RRC reconstruction process, by this The numerical value of counter adds 1.
13. base station as claimed in claim 9, which is characterized in that judging whether PDCP entity changes is when base station is received To INACTIVE UE send connection recovery request message when, whether have the context of the UE, according to base station to judge the UE PDCP entity it is whether changed.
14. base station as claimed in claim 9, which is characterized in that whether changed according to PDCP entity and the safety Updating timer, whether time-out and/or the counter reach its threshold value to determine whether to update the NCC of UE, comprising:
If PDCP entity changes, the NCC of UE is updated;Or,
If PDCP entity does not change, and only with timer, then the NCC of UE is updated afterwards when the timer times out;Or,
If PDCP entity does not change, and only with counter, then the NCC of UE is updated after counter reaches its threshold value;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out or counter reaches The NCC of UE is updated after its threshold value;Or,
If PDCP entity does not change, and uses timer and counter simultaneously, then when the timer times out and counter reaches The NCC of UE is updated after its threshold value.
15. base station as claimed in claim 14, which is characterized in that when updating the NCC of UE, further comprise:
If it is determined that PDCP entity changes, then the NCC that message MSG4 is updated to UE instruction is restored by RRC connection, and reset Timer and/or counter.
16. base station as claimed in claim 14, which is characterized in that if it is determined that PDCP entity does not change, then by following The NCC of one of mode update UE:
Restore message using RRC connection and indicates new NCC to UE;Or,
In the NCC for making UE configure update from the message that connected state becomes INACTIVE state;Or,
The NCC of update is configured during UE becomes connected state.
17. a kind of NCC updating device characterized by comprising
Setting module, for set security update timer and/or counter into the UE after INACTIVE state;
Judgment module is updated, for whether changing according to PDCP entity and whether the security update timer is overtime And/or whether the counter reaches its threshold value to determine whether the NCC of update UE.
18. a kind of computer equipment including memory, processor and stores the meter that can be run on a memory and on a processor Calculation machine program, which is characterized in that the processor realizes any side of claim 1 to 8 when executing the computer program Method.
19. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has perform claim It is required that the computer program of 1 to 8 any the method.
CN201711194065.4A 2017-11-24 2017-11-24 Method, device and equipment for updating next-hop chain counter Active CN109842484B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711194065.4A CN109842484B (en) 2017-11-24 2017-11-24 Method, device and equipment for updating next-hop chain counter

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711194065.4A CN109842484B (en) 2017-11-24 2017-11-24 Method, device and equipment for updating next-hop chain counter

Publications (2)

Publication Number Publication Date
CN109842484A true CN109842484A (en) 2019-06-04
CN109842484B CN109842484B (en) 2020-11-06

Family

ID=66877330

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711194065.4A Active CN109842484B (en) 2017-11-24 2017-11-24 Method, device and equipment for updating next-hop chain counter

Country Status (1)

Country Link
CN (1) CN109842484B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114051287A (en) * 2021-09-28 2022-02-15 浪潮软件科技有限公司 Terminal connection time distribution method and system
WO2023185960A1 (en) * 2022-04-01 2023-10-05 华为技术有限公司 Communication method and apparatus

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013166637A1 (en) * 2012-05-07 2013-11-14 Telefonaktiebolaget L M Ericsson (Publ) Base station and method in relay node mobility
WO2017129288A1 (en) * 2016-01-25 2017-08-03 Telefonaktiebolaget Lm Ericsson (Publ) Key management for ciot

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013166637A1 (en) * 2012-05-07 2013-11-14 Telefonaktiebolaget L M Ericsson (Publ) Base station and method in relay node mobility
WO2017129288A1 (en) * 2016-01-25 2017-08-03 Telefonaktiebolaget Lm Ericsson (Publ) Key management for ciot

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114051287A (en) * 2021-09-28 2022-02-15 浪潮软件科技有限公司 Terminal connection time distribution method and system
CN114051287B (en) * 2021-09-28 2023-06-20 浪潮软件科技有限公司 Terminal connection time distribution method and system
WO2023185960A1 (en) * 2022-04-01 2023-10-05 华为技术有限公司 Communication method and apparatus

Also Published As

Publication number Publication date
CN109842484B (en) 2020-11-06

Similar Documents

Publication Publication Date Title
CN108702624B (en) Mobile communication method, device and equipment
KR102177519B1 (en) Methods, apparatuses, computer programs and carriers for security management before handover from 5g to 4g system
KR102040036B1 (en) Security password changing method, base station, and user equipment
JP6890183B2 (en) Managing security contexts in idle mode mobility between different wireless communication systems
KR102208868B1 (en) Security anchor function in 5G systems
AU2018366755B2 (en) Connection resume request method and apparatus
CN106102105B (en) A kind of method and device of switching within cell
CN102685730B (en) Method for transmitting context information of user equipment (UE) and mobility management entity (MME)
CN103959829A (en) Key processing method and device in double-connection mode
CN101841810B (en) The update method of air interface key, core net node and wireless access system
CN106507348B (en) The method and apparatus of UE access core net EPC in a kind of LTE system
CN114071459A (en) RRC (radio resource control) connection recovery method and device
CN110383868A (en) Inactive state in wireless communication system is supported safely
CN105532035B (en) Path switching method, mobile anchor point and base station
CN109803456B (en) Method and device for requesting to recover connection
CN109842484A (en) A kind of next-hop chain counter update method, device and equipment
CN107241769B (en) Switching method and system based on multi-point cooperation in wireless communication network
CN103199990B (en) A kind of method and apparatus of Routing Protocol certification migration
CN103313275A (en) MRO (Mobility Robustness Optimization) scene detection method and device
CN109548094A (en) A kind of connection restoration methods and device, computer storage medium
CN110087338B (en) Method and equipment for authenticating narrowband Internet of things
CN109803257A (en) A kind of security information update method and access network equipment
CN106686673B (en) Method and device for processing SN switching failure in UE switching process
CN110830997B (en) Key determination method and device, storage medium and electronic device
CN109246816A (en) A kind of method and apparatus transmitting downlink data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder

Address after: 100191 No. 40, Haidian District, Beijing, Xueyuan Road

Patentee after: CHINA ACADEMY OF TELECOMMUNICATIONS TECHNOLOGY

Address before: 100191 No. 40, Haidian District, Beijing, Xueyuan Road

Patentee before: CHINA ACADEMY OF TELECOMMUNICATIONS TECHNOLOGY

CP01 Change in the name or title of a patent holder
TR01 Transfer of patent right

Effective date of registration: 20210601

Address after: 100085 1st floor, building 1, yard 5, Shangdi East Road, Haidian District, Beijing

Patentee after: DATANG MOBILE COMMUNICATIONS EQUIPMENT Co.,Ltd.

Address before: 100191 No. 40, Haidian District, Beijing, Xueyuan Road

Patentee before: CHINA ACADEMY OF TELECOMMUNICATIONS TECHNOLOGY

TR01 Transfer of patent right