WO2015196415A1

WO2015196415A1 - Data secure transmission method and device

Info

Publication number: WO2015196415A1
Application number: PCT/CN2014/080840
Authority: WO
Inventors: 应江威; 许怡娴
Original assignee: 华为技术有限公司
Priority date: 2014-06-26
Filing date: 2014-06-26
Publication date: 2015-12-30
Also published as: CN105393567A; CN105393567B

Abstract

Provided are a data secure transmission method and device. The method comprises: receiving, by a user equipment (UE), a first data packet sent by a server via an interworking facility (IWF) and a mobility management entity (MME), the first data packet carrying the ID of the server or the ID of the IWF; acquiring, by the UE, a public key and/or SDT security context of the server according to the ID of the server or the ID of the IWF in the first data packet, wherein the public key of the server contracted with the UE or the SDT security context generated by means of negotiation with a home subscriber server (HSS) is stored in the UE and identified by means of the ID of the server or the ID of the IWF; verifying and deciphering, by the UE, the first data packet according to the public key of the server and a private key of the UE or SDT security context or the public key and SDT security context of the server to obtain a deciphered first data packet, so as to protect the security of data between the UE and IWF or between the UE and server.

Description

Data transmission method and device

Technical field

The embodiments of the present invention relate to the field of information technology, and in particular, to a data transmission method and device. Background technique

With the widespread application of intelligent terminal and Machine to Machine (M2M), small data packets are transmitted more and more, User Equipment (UE) and Application Server (AS). Data exchange may be performed from time to time, for example, emails supported by smart terminals, Microsoft Service Network (MSN), and Virtual Private Network (VPN). To better control the security of M2M communication, a MTC-Inter Working Function (MTC-IWF) is introduced in the Machine Type Communications (MTC) device and the MTC-related service process. ). In the existing security mechanism, when the UE is in the connection state, if small data needs to be transmitted, the UE transmits the small data packet to the network through the Non-Access Stratum (NAS) message of the control plane, and the UE initially attaches to the UE. In the network, the mutual authentication and key agreement (AKA) process is performed with the network side, and NAS security between the UE and the Mobility Management Entity (MME) is established, and the UE and the UE are AS security between evolved Node Bs (eNBs). When the UE transitions from the connected state to the idle state, there is only a NAS security context between the UE and the MME or even no peer security context. Therefore, the existing NAS security can only guarantee the security between the UE and the MME at most.

In the prior art, there is no MTC-IWF entity in the LTE network to control and manage the MTC device and

There is no T5 interface between the MME and the IWF. In addition, the IWF acts as an entity that directly controls the UE and the MTC service. The two devices may exchange some important signaling and user data. If the UE does not have the IWF and the IWF. Authentication and key negotiation are performed. From the perspective of security, the prior art cannot guarantee end-to-end security between the UE and the server or the IWF, resulting in low system security. Summary of the invention

The embodiment of the present invention provides a method and a device for securely transmitting data. In the scenario where small data between the UE and the server is transmitted through the T5 interface between the MME and the MTC-IWF, there is no corresponding security mechanism to protect the UE. The problem of data transmission between the contract server and the security of the system data transmission.

A first aspect of the embodiments of the present invention provides a data security transmission method, including:

Receiving, by the user equipment, the first data packet sent by the server by the interworking device IWF and the mobility management entity MME, where the first data packet carries an ID of the server or an ID of the IWF; Obtaining, by the ID of the server or the ID of the IWF in a data packet, the public key of the server and/or the SDT security context, where the public key of the server subscribed by the UE or the home subscriber server HSS Negotiating to generate an SDT security context is stored on the UE, and is identified by an ID of the server or an ID of the IWF;

The UE performs verification and decryption on the first data packet according to the public key of the server and the private key of the UE, or the SDT security context, or the public key of the server and the SDT security context. Processing, obtaining the decrypted first data packet.

With reference to the first aspect, in a first possible implementation manner of the first aspect, the method further includes: the UE, in the negotiation with the home subscriber server, the HSS, to generate the SDT security context, and the specific steps include: receiving the secret sent by the HSS Key generation parameter

Generating the SDT key according to the key generation parameter;

The SDT security protection algorithm is negotiated in the non-access security mode command NAS SMC process, or the non-access stratum security algorithm negotiated in the non-access security mode command NAS SMC process is used as the SDT security protection algorithm.

With reference to the first aspect or the first possible implementation manner of the first aspect, in a second possible implementation manner of the first aspect, the UE is based on a public key of the server and a private key of the UE, or The SDT security context, or the public key of the server and the SDT security context, performing verification and decryption processing on the first data packet to obtain the decrypted first data packet, including: Verifying, by the public key of the server, whether the signature in the first data packet is valid; if the UE verifies that the signature in the first data packet is valid, decrypting the first data packet according to the private key of the UE Processing, obtaining the decrypted first data packet.

In conjunction with the first possible implementation of the first aspect, the third possible implementation in the first aspect In the implementation manner, the UE compares the first data packet according to the public key of the server and the private key of the UE, or the SDT security context, or the public key of the server and the SDT security context. Performing verification and decryption processing to obtain the decrypted first data packet, including:

Determining, by the UE, the message authentication code MAC-I in the first data packet according to the SDT security context; if the verification is successful, performing decryption processing on the first data packet to obtain the decrypted first data package.

With reference to the first possible implementation manner of the first aspect, in a fourth possible implementation manner of the first aspect, the UE is based on a public key of the server and a private key of the UE, or the SDT security Context, or the public key of the server and the SDT security context, performing verification and decryption processing on the first data packet to obtain the decrypted first data packet, including:

The UE verifies whether the signature in the first data packet is valid according to the public key of the server; if the signature of the first data packet is valid, the first data packet is performed according to the SDT security context. Decrypting processing, or performing integrity verification and decryption processing on the first data packet according to the SDT security context, to obtain the decrypted first data packet.

In conjunction with the third or fourth possible implementation of the first aspect, in a fifth possible implementation of the first aspect, the method further includes:

The parameter that the UE receives from the HSS includes at least one of an ID of the IWF, an ID of the APP, a random number RAND, and temporary data;

The key generation parameter includes a generation parameter of the SDT key, where the generation parameter of the SDT key includes an access security management entity key, an integrity protection key IK, an encryption key CK, and the IWF. At least one of an ID, an ID of the UE or an International Mobile Subscriber Identity (IMSI), an ID of the APP, the RAND, the temporary data, and an SDT key label.

A second aspect of the embodiments of the present invention provides a data security transmission method, including:

The server signs and encrypts the first data packet waiting to be sent according to the private key of the server and the public key of the user equipment UE that is contracted with the server, or encrypts the first data packet according to the SDT security context. Or the encryption and integrity protection process, wherein the private key of the server and the public key of the UE that is contracted with the server are stored on the server, and the SDT security context is sent by the interworking device IWF;

Transmitting, by the server, the encrypted first data packet to the UE by using the interworking device IWF and the mobility management entity MME, where the UE is configured according to the server in the first data packet ID, obtaining the public key of the server and/or the SDT security context, and according to the public key of the server and the private key of the UE, or the SDT security context, or the public key of the server The SDT security context performs verification and decryption processing on the first data packet to obtain the decrypted first data packet.

A third aspect of the embodiments of the present invention provides a method for securely transmitting data.

Includes:

The interworking device IWF receives the first data packet sent by the server, the first data packet includes an ID and a signature of the server, or an ID of the server and a MAC-I;

The IWF verifies the signature according to the public key of the server, or validates the MAC-I according to an SDT security context, and sends the first data packet through the mobility management entity MME after the verification is passed Or the IWF performs encryption and/or integrity protection processing on the first data packet according to the SDT security context, and sends the first data packet to the UE through the mobility management entity MME;

The public key of the server and the public key of the UE that is contracted with the server are stored on the IWF, and the SDT security context is obtained in advance from the home subscriber server HSS.

With reference to the third aspect, in a first possible implementation manner of the third aspect, the SDT security context is obtained from the home subscriber server HSS in advance, including:

Receiving an SDT key sent by the HSS;

Receiving an SDT security protection algorithm sent by the UE by using the MME;

The SDT security context includes the SDT key and the SDT security protection algorithm.

With reference to the third aspect, or the first possible implementation manner of the third aspect, in a second possible implementation manner of the third aspect, the IWF is to verify the signature according to the public key of the server, or according to the The SDT security context verifies the MAC-I, and sends the first data packet to the UE by using the mobility management entity MME after the verification is passed; or the IWF is configured according to the SDT security context. The first data packet is subjected to an encryption and/or integrity protection process, and the first data packet is sent to the UE by using the mobility management entity MME, including:

The IWF queries and acquires the public key of the server according to the ID of the server, and verifies whether the first data packet signature is valid according to the public key of the server; if the first data packet signature is valid, Transmitting, by the MME, the first data packet to the UE; or,

When the first data packet further includes: an ID of the UE, the IWF acquires the SDT security context according to the ID of the UE, and performs verification on the MAC-I;

If the MAC-I is valid, the first data packet is sent to the UE by using the MME _;

Or,

When the first data packet further includes: an ID of the APP, the IWF acquires the SDT security context according to the ID of the UE and the ID of the APP, and performs verification on the MAC-I;

If the first data packet MAC-I is valid, the first data packet is sent to the UE through the MME;

Or,

When the first data packet further includes: an ID of the UE and/or an ID of the APP, the IWF acquires the SDT security context according to the ID of the UE and/or the ID of the APP, and performs the first data. Encryption and integrity protection processing; and sending the processed first data packet to the UE by using the MME;

Or,

When the first data packet further includes: an ID of the UE and/or an ID of the APP, the IWF acquires the public key of the server according to the ID of the server, and verifies the according to the public key of the server. Signing; if the signature of the first data packet is valid, obtaining the SDT security context according to the ID of the user UE and/or the ID of the APP, performing encryption processing, or encryption and integrity protection processing on the first data And sending the processed first data packet to the UE by using the MME.

In conjunction with the second possible implementation of the third aspect, in a third possible implementation manner of the third aspect, the method further includes:

If the first data packet includes the ID of the server and the ID of the UE, the IWF, according to the correspondence between the server and the UE saved in the pre-configured authorization list, is in the first data packet. Performing a matching check on the ID of the server and the ID of the UE, and after checking that the correspondence between the server and the UE is correct, sending the first data packet to the UE by using the MME;

or, If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the IWF is configured according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list. Performing a matching check on the ID of the server, the ID of the UE, and the ID of the APP in the first data packet, and after checking that the correspondence between the server, the UE, and the APP is correct, Sending, by the MME, the first data packet to the UE;

Or,

If the ID of the server and the ID of the UE are included in the first data packet, the IWF sends the ID of the server and the ID of the UE to the HSS, so that the HSS is based on the advance Corresponding relationship between the server and the UE saved in the configured authorization list, performing matching check on the ID of the server in the first data packet and the ID of the UE, and checking the server and the UE After the corresponding relationship is correct, the acknowledgment result is returned to the IWF, so that the IWF sends the first data packet to the UE by using the MME;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the IWF sends the ID of the server, the ID of the UE, and the ID of the APP. Giving the HSS, for the HSS, according to the correspondence between the server, the UE, and the APP stored in the pre-configured authorization list, the ID of the server in the first data packet, the ID of the UE, and the Performing a matching check on the ID of the APP, and after checking that the correspondence between the server, the UE, and the APP is correct, returning an acknowledgement result to the IWF, so that the IWF passes the first data packet. The MME sends the MME to the UE.

A fourth aspect of the embodiments of the present invention provides a data security transmission method, including:

The mobility management entity MME receives the first data packet sent by the interworking device IWF, where the first data packet includes: an ID of the user equipment UE, an ID of the server, and a signature;

The MME verifies the signature according to the public key of the server, where the public key of the server is stored on the MME;

After the verification signature is valid, the MME sends the first data packet to the UE corresponding to the ID of the UE.

The mobility management entity MME pre-configures the public key of the UE corresponding to each user equipment UE and the public key of the server that is contracted with the UE;

Receiving, by the MME, the first data packet sent by the interworking device IWF, where the first data packet includes: The ID of the UE, the ID and signature of the server;

Obtaining, by the MME, the public key of the server according to the ID of the server, and verifying the signature;

A fifth aspect of the embodiments of the present invention provides a data security transmission method, including:

The home subscriber server HSS receives the identifier of the user equipment UE sent by the mobility management entity MME and/or the ID of the interworking device IWF selected by the MME for the UE; the identifier includes an international mobile subscriber identity IMSI or a temporary mobile subscriber identity TMSI;

And obtaining, by the HSS, the subscription data of the UE according to the identifier, and determining that the UE has the characteristics of the small data service, generating an SDT key according to the previously generated key generation parameter;

The HSS sends the key generation parameter and the SDT key to the IWF corresponding to the ID of the IWF, and sends the key generation parameter to the UE by using the MME, for the UE to The key generation parameter generates an SDT security context, where the SDT security context includes the SDT key and an SDT security protection algorithm.

With reference to the fifth aspect, in a first possible implementation manner of the fifth aspect, the method further includes: the HSS receiving the first data packet sent by the IWF;

If the ID of the server and the ID of the UE are included in the first data packet, the HSS is in the first data packet according to the correspondence between the server and the UE saved in the pre-configured authorization list. Performing a matching check on the ID of the server and the ID of the UE, and after checking that the correspondence between the server and the UE is correct, returning a confirmation result to the IWF, so that the IWF will be the first Transmitting a data packet to the UE by using the MME;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the HSS is configured according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list. Performing a matching check on the ID of the server, the ID of the UE, and the ID of the APP in the first data packet, and after checking that the correspondence between the server, the UE, and the APP is correct, The IWF returns an acknowledgement result, so that the IWF sends the first data packet to the UE by using the MME.

In conjunction with the first possible implementation of the fifth aspect, the second possible implementation in the fifth aspect In the manner of implementation, it also includes:

After the HSS sends the SDT key to the IWF corresponding to the ID of the IWF, the HSS sends the ID of the IWF to the UE by using the MME, so that the UE is based on the IWF. The ID generates an SDT key and sends an SDT security protection algorithm to the IWF through the MME, where the correspondence between the UE and the IWF is stored in the HSS.

With reference to the fifth aspect, any one of the first and second possible implementation manners of the fifth aspect, in a third possible implementation manner of the third aspect, the method further includes:

The parameter that the HSS sends to the UE includes at least one of an ID of the IWF, an ID of an application APP, a random number RAND, and temporary data, where the temporary data is determined by the HSS to have the UE After the characteristics of the small data service, the parameters generated by the HSS for generating the SDT key;

The key generation parameter includes a generation parameter of the SDT key;

The SDT key generation parameter is an access security management entity key and an integrity protection key.

IK, an encryption key CK, an ID of the IWF, an ID of the UE or an international mobile subscriber identity IMSI, an ID of the APP, the RAND, the temporary data, and an SDT key label.

A sixth aspect of the embodiments of the present invention provides a data security transmission method, including:

The user equipment UE performs encryption and/or signature processing on the second data packet according to the private key of the UE and the public key of the server, or performs encryption and/or integrity protection processing on the second data packet according to the SDT security context. Transmitting the processed second data packet to the server by using the mobility management entity MME and the interworking device IWF; wherein the private key of the UE and the public key of the server or the home subscriber that is contracted with the UE The server HSS negotiation generates an SDT security context stored on the UE.

With reference to the sixth aspect, in a first possible implementation manner of the sixth aspect, the method further includes: generating the SDT security context by negotiating with the home user server HSS, where the specific steps include:

Receiving, by the UE, a key generation parameter sent by the HSS;

The UE generates an SDT key according to the key generation parameter;

The UE negotiates the SDT security protection algorithm in the non-access security mode command NAS SMC process, or the non-access layer security algorithm negotiated in the non-access security mode command NAS SMC process as the SDT security protection algorithm.

In combination with the sixth aspect or the first possible implementation of the sixth aspect, the second aspect of the sixth aspect In a possible implementation manner, the UE encrypts and/or performs a second data packet according to the private key of the UE and a public key of the server, or encrypts the second data packet according to an SDT security context. And the integrity protection process, and the processed second data packet is sent to the server by the mobility management entity MME and the interworking device IWF, including:

The UE signs the second data packet according to the private key of the UE, and performs encryption processing on the second data packet according to the public key of the server;

Sending, by the UE, the processed second data packet to the server by using the MME and the IWF, so that the server acquires the public key of the UE according to the ID of the UE in the second data packet, And verifying, according to the public key of the UE, whether the signature in the processed second data packet is valid, and if the verification is valid, decrypting the processed second data packet according to the private key of the server, The decrypted second data packet is obtained.

With reference to the first possible implementation manner of the sixth aspect, in a third possible implementation manner of the sixth aspect, the UE encrypts the second data packet according to the private key of the UE and the public key of the server, and/or And performing the encryption and/or integrity protection processing on the second data packet according to the SDT security context, and sending the processed second data packet to the server by using the mobility management entity MME and the interworking device IWF. Includes:

The UE performs encryption or encryption and integrity protection processing on the second data packet according to the SDT security context;

Transmitting, by the UE, the processed second data packet that carries the MAC-I to the IWF or the server, where the IWF or the server obtains the identifier according to the ID of the UE in the processed second data packet. Determining the SDT security context, and verifying the MAC-I in the second packet after the security protection according to the SDT security context, and if the verification is valid, decrypting the processed second data packet And obtaining the decrypted second data packet.

With reference to the third possible implementation manner of the sixth aspect, in a fourth possible implementation manner of the sixth aspect, the key generation parameter includes:

The parameter sent by the HSS received by the UE includes at least one of an ID of the IWF, an ID of an application APP, a random number RAND, and temporary data;

The key generation parameter includes a generation parameter of the SDT key;

The generation parameter of the SDT key is an access security management entity key, an integrity protection key IK, an encryption key CK, an ID of the IWF, an ID of the UE, or an international mobile subscriber identity IMSI, At least one of an ID of the APP, the RAND, the temporary data, and an SDT key label. A seventh aspect of the embodiments of the present invention provides a data security transmission method, including:

Receiving, by the server, the processed second data packet sent by the interworking device IWF;

Performing signature verification and decryption on the second data packet according to the public key of the user equipment UE and the private key of the server, or searching for an SDT security context according to the ID of the UE and/or the ID of the IWF, after the processing The second data packet is integrity verified and decrypted;

The private key of the server and the public key of the UE that is contracted with the server are stored on the server, and the SDT security context is sent by the interworking device IWF.

An eighth aspect of the embodiments of the present invention provides a data security transmission method, including:

The interworking device IWF receives the processed second data packet sent by the user equipment UE through the mobility management entity MME, where the processed second data packet includes the ID and signature of the UE, or the ID and MAC of the UE. I;

The IWF, according to the public key or SDT security context of the UE, the signature or

The MAC-I performs verification; and after the verification is passed, the processed second data packet is sent to the server;

The public key of the UE is stored on the IWF, and the SDT security context is obtained in advance from the home subscriber server HSS.

With reference to the eighth aspect, in a first possible implementation manner of the eighth aspect, the SDT security context is obtained from the home user server HSS in advance, including:

Receiving an SDT key sent by the HSS;

Receiving an SDT security protection algorithm sent by the UE by using the MME;

With reference to the first possible implementation manner of the eighth aspect, in a second possible implementation manner of the eighth aspect, the IWF, according to the public key or the SDT security context of the UE, the signature or MAC-I Performing verification; and after the verification is passed, sending the processed second data packet to the server, including:

Determining, by the IWF, whether the signature of the processed second data packet is valid according to the public key of the UE;

If the processed second data packet signature is valid, the processed second data is The package is sent to the server;

Or,

The IWF verifies the MAC-I of the processed second data packet according to the SDT security context;

If it is verified that the MAC-I of the processed second data packet is valid, the processed second data packet is decrypted and sent to the server.

With the second possible implementation of the eighth aspect, in a third possible implementation manner of the eighth aspect, before the sending the second data packet to the server, the method further includes: The first data packet includes an ID of the server and an ID of the UE, where the IWF is configured according to a correspondence between a server and a UE saved in a pre-configured authorization list, and the first data packet. Performing a matching check on the ID of the server and the ID of the UE, and after checking that the correspondence between the server and the UE is correct, sending the second data packet to the server; or

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the IWF is configured according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list. Performing a matching check on the ID of the server, the ID of the UE, and the ID of the APP in the first data packet, and after checking that the correspondence between the server, the UE, and the APP is correct, Sending the second data packet to the server;

Or,

If the second data packet includes the ID of the server and the ID of the UE, the IWF sends the ID of the server and the ID of the UE to the HSS, so that the HSS is configured according to the pre-configured Corresponding relationship between the server and the UE saved in the authorization list, performing matching check on the ID of the server in the second data packet and the ID of the UE, and checking the correspondence between the server and the UE After being correct, the second data packet is sent to the server;

Or,

If the second data packet includes the ID of the server, the ID of the UE, and the ID of the application APP, the IWF sends the ID of the server, the ID of the UE, and the ID of the APP to An HSS, for the HSS, according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list, the ID of the server, the ID of the UE, and the ID of the APP in the second data packet. Performing a matching check, checking the server, the UE, and the APP After the correspondence is correct, the second data packet is sent to the server.

A ninth aspect of the embodiments of the present invention provides a data security transmission method, including:

The mobility management entity MME receives the processed second data packet sent by the user equipment UE, where the second data packet includes: an ID of the UE, an ID of the server, and a signature;

The MME verifies the signature according to the public key of the UE, where the public key of the UE is stored on the MME;

After the MME is validated, the MME sends the second data packet to the interworking device in combination with the ninth aspect. In a first possible implementation manner of the ninth aspect, the second data packet is Send to the interworking device IWF, including:

If the second data packet includes an ID of the server and an ID of the UE, the MME is configured according to a pre-configured authorization list, an ID of the server in the second data packet, and the UE ID, according to the correspondence between the server and the UE saved in the authorization list, performing matching check on the ID of the server in the second data packet and the ID of the UE, and checking the server and the After the correspondence between the UEs is correct, the second data packet is sent to the server through the IWF;

Or,

If the second data packet includes the ID of the server, the ID of the UE, and the ID of the application APP, the MME, according to the pre-configured authorization list, the ID of the server in the second data packet The ID of the UE and the ID of the APP, according to the correspondence between the server, the UE, and the APP stored in the authorization list, the ID of the server in the second data packet, and the ID of the UE And performing matching check with the ID of the APP, and after checking that the correspondence between the server, the UE, and the APP is correct, sending the second data packet to the server by using an IWF.

A tenth aspect of the embodiments of the present invention provides a UE, including:

a transceiver module, configured to receive a first data packet sent by the server by using the interworking device IWF and the mobility management entity MME, where the first data packet carries an ID of the server or an ID of the IWF;

a processing module, configured to obtain, according to an ID of the server in the first data packet or an ID of the IWF, a public key of the server and/or the SDT security context, where the UE is The public key of the contracted server is negotiated with the home subscriber server HSS to generate an SDT security context, which is stored on the UE, and is identified by the ID of the server or the ID of the IWF;

The processing module is further configured to: according to the public key of the server and the private key of the UE, or the SDT security context, or the public key of the server and the SDT security context, the first data packet The verification and decryption processing is performed to obtain the decrypted first data packet.

With the tenth aspect, in a first possible implementation manner of the tenth aspect, the transceiver module is further configured to receive a key generation parameter that is sent by the HSS;

The processing module is further configured to generate an SDT key according to the key generation parameter;

The processing module is further configured to negotiate an SDT security protection algorithm in a non-access security mode command NAS SMC process, or a non-access layer security algorithm negotiated in a non-access security mode command NAS SMC process as an SDT security protection algorithm .

With reference to the tenth aspect, or the first possible implementation manner of the tenth aspect, in the second possible implementation manner of the tenth aspect, the processing module is specifically configured to:

Verifying whether the signature in the first data packet is valid according to the public key of the server; if the signature in the first data packet is valid, decrypting the first data packet according to the private key of the UE Processing, obtaining the decrypted first data packet.

In conjunction with the first possible implementation of the tenth aspect, in a third possible implementation manner of the tenth aspect, the processing module is specifically configured to:

And verifying, by the SDT security context, the message authentication code MAC-I in the first data packet; if the verification is successful, decrypting the first data packet to obtain the decrypted first data packet.

In conjunction with the first possible implementation of the tenth aspect, in a fourth possible implementation manner of the tenth aspect, the processing module is specifically configured to:

Verifying whether the signature in the first data packet is valid according to the public key of the server; if the signature of the first data packet is valid, decrypting the first data packet according to the SDT security context, Or performing integrity verification and decryption processing on the first data packet according to the SDT security context to obtain the decrypted first data packet.

With reference to the third or fourth possible implementation manner of the tenth aspect, in a fifth possible implementation manner of the tenth aspect, the method further includes:

The transceiver module is further configured to receive a parameter sent by the HSS, and a parameter packet sent by the HSS At least one of an ID of the IWF, an ID of the APP, a random number RAND, and temporary data is included. An eleventh embodiment of the present invention provides a server, including:

a processing module, configured to perform signature and encryption processing on the first data packet to be sent according to the private key of the server and the public key of the user equipment UE that is contracted with the server, or to use the first data according to the SDT security context The packet is subjected to an encryption process or an encryption and integrity protection process, wherein the private key of the server and the UE public key subscribed to the server are stored on the server, and the SDT security context is sent by the interworking device IWF. ;

a transceiver module, configured to send the encrypted first data packet to the UE by using the IWF and the mobility management entity MME, where the UE obtains the identifier according to an ID of a server in the first data packet. a public key of the server and/or the SDT security context, and based on the public key of the server and the private key of the UE, or the SDT security context, or with the public key of the server and the SDT security context And performing the verification and decryption processing on the first data packet to obtain the decrypted first data packet.

A twelfth aspect of the embodiment of the present invention provides an interworking device IWF, including:

The transceiver module is configured to receive a first data packet sent by the server, where the first data packet includes an ID and a signature of the server, or an ID of the server and a MAC-I;

a processing module, configured to verify the signature according to the public key of the server, or to verify the MAC-I according to an SDT security context, and pass the first data packet after the verification is passed The management entity is sent to the UE by the MME; or the processing module is further configured to perform encryption and/or integrity protection processing on the first data packet according to the SDT security context, and adopt the mobility management by using the first data packet. The entity MME sends to the UE;

In conjunction with the twelfth aspect, in a first possible implementation of the twelfth aspect, the transceiver module is further configured to:

Receiving an SDT key sent by the HSS;

Receiving an SDT security protection algorithm sent by the UE by using the MME;

In combination with the twelfth aspect or the first possible embodiment of the twelfth aspect, in the twelfth aspect In a second possible implementation manner, the method further includes:

The processing module is configured to query and acquire the public key of the server according to the ID of the server, and verify whether the first data packet signature is valid according to the public key of the server; The first data packet signature is valid, and the transceiver module sends the first data packet to the UE by using the MME;

Or,

When the first data packet further includes: an ID of the UE, the processing module is configured to acquire the SDT security context according to the ID of the UE, and verify the MAC-I;

The transceiver module is further configured to: if the processing module verifies that the first data packet signature is valid, send the first data packet to the UE by using the MME;

Or,

When the first data packet further includes: an ID of the APP, the processing module is configured to acquire the SDT security context according to the ID of the UE and the ID of the APP, and verify the MAC-I; The processing module verifies that the first data packet MAC-I is valid, and the transceiver module sends the first data packet to the UE by using the MME;

Or,

When the first data packet further includes: an ID of the UE and/or an ID of the APP, the processing module is further configured to acquire the SDT security context according to the ID of the UE and/or the ID of the APP, where The first data is encrypted and integrity protected;

The transceiver module is further configured to send the processed first data packet to the UE by using the MME;

Or,

When the first data packet further includes: an ID of the UE and/or an ID of the APP, the processing module is further configured to acquire the public key of the server according to the ID of the server, and according to the public key of the server And verifying the signature; if the signature of the first data packet is valid, obtaining the corresponding SDT security context according to the ID of the user UE and/or the ID of the APP, and performing encryption processing on the first data, or Encryption and integrity protection processing;

The transceiver module is further configured to send the processed first data packet to the UE by using the MME.

In combination with the second possible implementation of the twelfth aspect, the third possibility in the twelfth aspect In the implementation manner, the method further includes:

If the first data packet includes the ID of the server and the ID of the UE, the processing module is further configured to: use the first data according to a correspondence between the server and the UE saved in the pre-configured authorization list. Performing a matching check on the ID of the server in the packet and the ID of the UE. After checking that the correspondence between the server and the UE is correct, the transceiver module passes the first data packet through the MME. Sent to the UE;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the processing module is further configured to: correspond to the server, the UE, and the APP saved according to the pre-configured authorization list. a relationship, performing a matching check on an ID of the server in the first data packet, an ID of the UE, and an ID of the APP, and checking a correspondence between the server, the UE, and the APP After being correctly, the transceiver module sends the first data packet to the UE by using the MME;

Or,

And if the first data packet includes an ID of the server and an ID of the UE, the transceiver module sends the ID of the server and the ID of the UE to the HSS, where the HSS is configured according to the HSS. Corresponding relationship between the server and the UE saved in the pre-configured authorization list, performing matching check on the ID of the server in the first data packet and the ID of the UE, and checking the server and the UE After the corresponding relationship is correct, the confirmation result is returned to the IWF, so that the IWF sends the first data packet to the UE by using the MME;

Or,

And if the first data packet includes an ID of the server, an ID of the UE, and an ID of the APP, the transceiver module sets an ID of the server, an ID of the UE, and an ID of the APP. Sending to the HSS, for the HSS, according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list, the ID of the server in the first data packet, the ID of the UE, and Performing a matching check on the ID of the APP, and after checking that the correspondence between the server, the UE, and the APP is correct, returning an acknowledgement result to the IWF, so that the IWF passes the first data packet through the The MME sends to the UE.

A thirteenth aspect of the embodiments of the present invention provides a mobility management entity MME, including: a transceiver module, configured to receive a first data packet sent by the interworking device IWF, where the first data packet The method includes: an ID of the user equipment UE, an ID of the server, and a signature;

a processing module, configured to verify the signature according to the public key of the server, where the public key of the server is stored on the MME;

After receiving the verification signature, the transceiver module sends the first data packet to the UE.

A fourteenth aspect of the embodiments of the present invention provides a home subscriber server HSS, including: a transceiver module, configured to receive an identifier of a user equipment UE sent by a mobility management entity MME, and/or an interworking device IWF selected by the MME for the UE ID; the identifier includes an International Mobile Subscriber Identity (IMSI) or a Temporary Mobile Subscriber Identity (TMSI);

a processing module, configured to acquire the subscription data of the UE according to the identifier, and determine that the UE has the characteristics of the small data service, and generate an SDT key according to the previously generated key generation parameter; the transceiver module is further used to: Sending the key generation parameter and the SDT key to the IWF corresponding to the ID of the IWF, and sending the key generation parameter to the UE by using the MME, for the UE to use the secret The key generation parameter generates an SDT security context, where the SDT security context includes the SDT key and an SDT security protection algorithm.

In conjunction with the fourteenth aspect, in a first possible implementation of the fourteenth aspect, the transceiver module is further configured to receive a first data packet that is sent by the IWF;

And if the first data packet includes the ID of the server and the ID of the UE, the processing module is configured to be in the first data packet according to a correspondence between the server and the UE saved in the pre-configured authorization list. Performing a matching check on the ID of the server and the ID of the UE, and after checking that the correspondence between the server and the UE is correct, returning a confirmation result to the IWF, so that the IWF will be the first a data packet is sent to the UE by the MME;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the processing module according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list. Performing a matching check on the ID of the server, the ID of the UE, and the ID of the APP in the first data packet, after checking that the correspondence between the server, the UE, and the APP is correct, The transceiver module returns an acknowledgement result to the IWF, so that the IWF sends the first data packet to the UE by using the MME.

In combination with the first possible implementation of the fourteenth aspect, the second possibility in the fourteenth aspect In the implementation manner, the method further includes:

After the transceiver module sends the SDT key to the IWF corresponding to the ID of the IWF, the transceiver module is further configured to send the ID of the IWF to the UE by using the MME, so that the The UE generates an SDT key according to the ID of the IWF and sends an SDT security protection algorithm to the IWF through the MME, where the correspondence between the UE and the IWF is stored in the HSS.

With reference to the fourteenth aspect, the first possible implementation manner of the fourteenth aspect, in a third possible implementation manner of the fourteenth aspect, the parameter sent by the transceiver module to the UE And including at least one of an ID of the IWF, an ID of an application APP, a random number RAND, and temporary data, where the temporary data is generated after the processing module determines that the UE has a characteristic of a small data service. The parameters used to generate the SDT key;

The key generation parameter includes a generation parameter of the SDT key.

A fifteenth aspect of the embodiments of the present invention provides a user equipment UE, including:

a processing module, configured to perform encryption and/or signature processing on the second data packet according to the private key of the UE and a public key of the server, or perform encryption and/or integrity protection on the second data packet according to an SDT security context Processing, wherein the private key of the UE and the public key of the server that is contracted with the UE or negotiate with the home subscriber server HSS to generate an SDT security context are stored on the UE;

And a transceiver module, configured to send the processed second data packet to the server by using a mobility management entity MME and an interworking device IWF.

With the fifteenth aspect, in a first possible implementation manner of the fifteenth aspect, the transceiver module is further configured to receive a key generation parameter that is sent by the HSS, and the processing module is further configured to use the The key generation parameter generates an SDT key; the processing module is further configured to negotiate the SDT security protection algorithm in the non-access security mode command NAS SMC process, or negotiate the non-connection in the non-access security mode command NAS SMC process. The intrusion security algorithm acts as an SDT security protection algorithm.

With reference to the fifteenth aspect, or the first possible implementation manner of the fifteenth aspect, in a second possible implementation manner of the fifteenth aspect, the processing module is specifically configured to: according to the private key signature of the UE Decoding a second data packet, and performing encryption processing on the second data packet according to the public key of the server;

The transceiver module is further configured to pass the processed second data packet to the MME and the IWF. Sending to the server, for the server to acquire the public key of the UE according to the ID of the UE in the second data packet, and verifying the processed second data packet according to the public key of the UE Whether the signature is valid, if the verification is valid, decrypting the processed second data packet according to the private key of the server.

In conjunction with the first possible implementation manner of the fifteenth aspect, in a third possible implementation manner of the fifteenth aspect, the processing module is further configured to perform the second data packet according to the SDT security context. Encryption or encryption and integrity protection processing;

The transceiver module is further configured to send the processed second data packet carrying the MAC-I to the server, where the IWF or the server is configured according to the UE ID in the processed second data packet. Acquiring the SDT security context, and verifying the MAC-I in the security-protected second data packet according to the SDT security context, and if the verification is valid, performing the processed second data packet Decrypt.

In conjunction with the third possible implementation manner of the fifteenth aspect, in a fourth possible implementation manner of the fifteenth aspect, the transceiver module is further configured to receive a parameter sent by the HSS, where The parameters transmitted by the HSS include at least one of an ID of the IWF, an ID of the APP, a random number RAND, and temporary data.

A sixteenth aspect of the embodiments of the present invention provides a server, including:

a transceiver module, configured to receive a processed second data packet sent by the interworking device IWF; and a processing module, configured to perform signature verification and decryption on the second data packet according to the public key of the user equipment UE and the private key of the server Or searching for the SDT security context according to the ID of the UE and/or the ID of the IWF, performing integrity verification and decryption on the processed second data packet;

A seventeenth aspect of the embodiments of the present invention provides an interworking device IWF, including:

a transceiver module, configured to receive a processed second data packet sent by the user equipment UE by using the mobility management entity MME, where the processed second data packet includes an ID and a signature of the UE, or an ID of the UE MAC-I;

a processing module, configured to perform verification on the signature or the MAC-I according to the public key or the SDT security context of the UE, where the public key of the UE is stored on the IWF, and the SDT security context is an advance Obtained from the home subscriber server HSS; The transceiver module is further configured to send the processed second data packet to the server after the verification is passed.

In conjunction with the seventeenth aspect, in a first possible implementation manner of the seventeenth aspect, the transceiver module is further configured to:

Receiving an SDT key sent by the HSS;

Receiving an SDT security protection algorithm sent by the UE by using the MME;

In conjunction with the first possible implementation of the seventeenth aspect, in a second possible implementation of the seventeenth aspect, the method includes:

The processing module is further configured to verify, according to the public key of the UE, whether the signature of the processed second data packet is valid;

The transceiver module is further configured to: when the processing module verifies that the signature of the processed second data packet is valid, send the second data packet to a server;

Or,

The processing module is configured to verify the MAC-I of the processed second data packet according to the SDT security context;

The transceiver module is further configured to: if the processing module verifies that the MAC-I of the processed second data packet is valid, decrypt the processed second data packet and send the processed data packet to the server.

With reference to the second possible implementation manner of the seventeenth aspect, in a third possible implementation manner of the twelfth aspect, if the first data packet includes an ID of the server and an ID of the UE, The processing module performs a matching check on the ID of the server in the first data packet and the ID of the UE according to the correspondence between the server and the UE saved in the pre-configured authorization list, and checks the After the correspondence between the server and the UE is correct, the transceiver module sends the second data packet to the server;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the processing module is configured according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list. Performing a matching check on the ID of the server, the ID of the UE, and the ID of the APP in the first data packet, and checking the correspondence between the server, the UE, and the APP After the relationship is correct, the transceiver module sends the second data packet to the server; or

If the second data packet includes the ID of the server and the ID of the UE, the transceiver module sends the ID of the server and the ID of the UE to the HSS, so that the HSS is configured according to the pre-configuration. Corresponding relationship between the server and the UE saved in the authorization list, performing matching check on the ID of the server in the second data packet and the ID of the UE, and checking the correspondence between the server and the UE After the relationship is correct, the second data packet is sent to the server;

Or,

If the second data packet includes the ID of the server, the ID of the UE, and the ID of the application APP, the transceiver module sends the ID of the server, the ID of the UE, and the ID of the APP. Giving the HSS, for the HSS, according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list, the ID of the server in the second data packet, the ID of the UE, and the APP The ID performs a matching check, and after checking that the correspondence between the server, the UE, and the APP is correct, the second data packet is sent to the server.

An eighth aspect of the embodiments of the present invention provides a mobility management entity MME, including: a transceiver module, configured to receive a processed second data packet sent by a user equipment UE, where the second data packet includes: an ID of the UE , server ID and signature;

a processing module, configured to verify the signature according to the public key of the UE, where the public key of the UE is stored on the MME;

The transceiver module is further configured to send the second data packet to the interworking device IWF after verifying that the signature is valid.

In conjunction with the eighteenth aspect, in a first possible implementation manner of the eighteenth aspect, if the second data packet includes an ID of the server and an ID of the UE, the processing module is further configured to: And according to the pre-configured authorization list, the ID of the server in the second data packet, and the ID of the UE, according to the correspondence between the server and the UE saved in the authorization list, in the second data packet Performing a matching check on the ID of the server and the ID of the UE. After checking that the correspondence between the server and the UE is correct, the transceiver module sends the second data packet to the server.

Or,

If the second data packet includes an ID of the server, an ID of the UE, and an application APP And the processing module is further configured to use, according to the pre-configured authorization list, the ID of the server in the second data packet, the ID of the UE, and the ID of the APP, according to the authorization list. Corresponding relationship between the saved server, the UE, and the APP, performing matching check on the ID of the server in the second data packet, the ID of the UE, and the ID of the APP, and checking the server and the After the correspondence between the UE and the APP is correct, the transceiver module sends the second data packet to the server.

The method and device for securely transmitting data provided by this embodiment, by using the public key or the private key of the UE and the contracted server, or the SDT security context negotiated by the UE and the HSS, sending the downlink sent by the server to the UE or the uplink of the UE to the server The data packet is encrypted, decrypted or secured, and the small data is transmitted. The solution is that the small data between the UE and the server is transmitted through the T5 interface between the MME and the MTC-IWF. There is no corresponding security mechanism. Protect the problem of data transmission between the UE and the subscription server, and improve the security of system data transmission. DRAWINGS

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, a brief description of the drawings used in the embodiments or the prior art description will be briefly described below. Obviously, the drawings in the following description It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any inventive labor.

1 is a flowchart of Embodiment 1 of a method for secure transmission of data according to the present invention;

2 is a flowchart of Embodiment 5 of a method for secure transmission of data according to the present invention;

3 is a flowchart of Embodiment 6 of a method for secure transmission of data according to the present invention;

4 is a flowchart of Embodiment 9 of a secure transmission method of data according to the present invention;

FIG. 5 is a flowchart of Embodiment 10 of a method for secure transmission of data according to the present invention; FIG.

6 is a flowchart of Embodiment 12 of a method for secure transmission of data according to the present invention;

7 is a flowchart of Embodiment 14 of a method for secure transmission of data according to the present invention;

8 is a flowchart of Embodiment 15 of a method for secure transmission of data according to the present invention;

9 is a flowchart of Embodiment 17 of the method for secure transmission of data according to the present invention;

10 is a downlink data packet transmission interaction diagram of a PKI system using a public key private key to protect a server to a UE;

FIG. 11 is a PKI system for protecting an uplink packet transmission from a UE to a server by using a public key private key. Interaction diagram

12 is an interaction diagram of a UE and an IWF negotiating an SDT security context;

13 is a downlink data packet transmission interaction diagram of a server to a UE based on an SDT security context protection;

14 is an uplink data packet transmission interaction diagram for protecting a UE to a server based on an SDT security context;

15 is a schematic structural diagram of an embodiment of a UE according to the present invention;

16 is a schematic structural diagram of an embodiment of a server according to the present invention;

17 is a schematic structural diagram of an embodiment of an IWF according to the present invention;

18 is a schematic structural diagram of an embodiment of an MME according to the present invention;

19 is a schematic structural view of an embodiment of an HSS according to the present invention;

20 is a schematic structural diagram of still another embodiment of a UE according to the present invention;

21 is a schematic structural diagram of still another embodiment of a server according to the present invention;

22 is a schematic structural diagram of still another embodiment of an IWF according to the present invention;

23 is a schematic structural diagram of still another embodiment of an MME according to the present invention;

24 is a schematic structural diagram of another embodiment of a UE according to the present invention;

25 is a schematic structural diagram of another embodiment of a server according to the present invention;

26 is a schematic structural diagram of another embodiment of an IWF according to the present invention;

27 is a schematic structural diagram of another embodiment of an MME according to the present invention;

28 is a schematic structural view of another embodiment of an HSS according to the present invention;

29 is a schematic structural diagram of still another embodiment of a UE according to the present invention;

FIG. 30 is a schematic structural diagram of still another embodiment of a server according to the present invention; FIG.

FIG. 31 is a schematic structural diagram of still another embodiment of an IWF according to the present invention; FIG.

FIG. 32 is a schematic structural diagram of still another embodiment of an MME according to the present invention. The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. The embodiments are a part of the embodiments of the invention, and not all of the embodiments. Based on the embodiments of the present invention, those of ordinary skill in the art obtain the following without creative efforts. All other embodiments obtained are within the scope of the invention.

1 is a flowchart of Embodiment 1 of a secure transmission method of data according to the present invention. The embodiment of the present invention can be applied to data transmission between a user equipment and a server for machine type communication to protect signaling and data packet security. The execution entity of this embodiment is a user equipment, and is applied to a downlink data packet sending process of the server to the UE. As shown in FIG. 1 , the specific steps are as follows:

S101: The user equipment (User equipment, UE for short) receives the first data packet sent by the server through an Interworking Function (IWF) and a Mobility Management Entity (MME), where the first data packet is sent. Carrying the ID of the server or the ID of the IWF.

In this embodiment, the UE may be a normal mobile phone, a smart phone, a tablet computer, or an automatic instrument such as a water and electricity meter, an industrial remote monitoring device, a payment device, or the like, which can directly communicate, that is, a machine type communication device. The interworking device is a network entity introduced to better control the machine type communication device and related services, and the signaling and data from the server are transmitted to the MME through the IWF and then sent to the machine type communication device, or through the IWF. Signaling and data from the communication device with the machine type are sent to the server. The IWF can also open more interfaces to connect with internal or external servers or other devices, and the present invention is not limited.

The server transmits the first data packet of the downlink data packet to the UE, and needs to pass the transmission of the IWF and the MME device, and performs corresponding processing on the IWF and the MME device, and finally the UE receives the first data packet that has been secured.

S102: The UE obtains a public key of the server and/or the SDT security context according to an ID of the server in the first data packet or an ID of the IWF, where the UE subscribes to the server The public key is negotiated with a Home Subscriber Server (HSS) to generate a Small Data Transmission (SDT) security context stored on the UE, and the identity code (Identity, The ID is referred to as ID) or the ID of the IWF.

In this embodiment, before the data packet is transmitted, the UE needs to pre-configure the private key of the UE, and also configures the public key of the server that has a contractual relationship with the UE, or needs to negotiate with the HSS to generate data for small data. Secured SDT security context.

S103: The UE compares the first number according to a public key of the server and a private key of the UE, or the SDT security context, or a public key of the server and the SDT security context. According to the packet verification and decryption processing, the decrypted first data packet is obtained.

In this embodiment, the first data packet carries the small data to be transmitted, the ID of the server, the ID of the UE, and may also include the ID of an application (Application, referred to as APP) to be sent, according to the user. The ID of the server obtains the public key of the server that has a contractual relationship with the UE and the private key of the UE, or obtains an SDT security context negotiated by the UE with the HSS, and performs verification and decryption processing on the first data packet. Specifically, there are several verification and decryption methods as follows:

The UE verifies the validity of the signature of the first data packet according to the public key of the server having a contractual relationship with the UE, and decrypts the first data packet according to the private key of the UE. Or,

The UE verifies the validity of the MAC-I of the first data packet according to the SDT security protection algorithm and the SDT key in the SDT security context negotiated with the HSS, and then decrypts the first data packet. Or,

The UE verifies the validity of the signature of the first data packet according to the public key of the server having the contract relationship with the UE, and if the encrypted data packet can be based on the SDT security protection algorithm and the SDT key in the negotiated SDT security context, the A packet is decrypted.

Optionally, after decrypting the first data packet, the UE may send the first data packet sent by the server to the application that needs to obtain the small data packet, and complete downlink transmission of the small data packet.

The secure transmission method of the data provided in this embodiment verifies and decrypts the downlink first data packet sent by the server to the UE by using the private key of the UE and the public key of the subscribed server or the SDT security context negotiated by the UE and the HSS, and Sending the decrypted first data packet to the corresponding application, completing the transmission of the small data, and solving the scenario that the small data between the UE and the server is transmitted through the T5 interface between the MME and the MTC-IWF, there is no corresponding Security mechanism to protect the data transmission between the UE and the subscription server, and improve the security of system data transmission.

Further, in the second embodiment of the method of the present invention, on the basis of the foregoing embodiment shown in FIG. 1, the specific implementation manner in which the UE negotiates with the HSS to generate an SDT security context is:

The UE receives a key generation parameter sent by the HSS, and then generates an SDT key according to the key generation parameter. And further, the SDT security protection algorithm is negotiated in the non-access security mode command NAS SMC process, or the non-access stratum security algorithm negotiated in the non-access security mode command NAS SMC process is used as the SDT security protection algorithm.

Further, in the third embodiment of the method of the present invention, based on the first embodiment and the second embodiment shown in FIG. 1 , the specific implementation manners of S103 are as follows: The first implementation manner, the UE verifies whether the signature in the first data packet is valid according to the public key of the server; if the UE verifies that the signature in the first data packet is valid, according to the UE The private key decrypts the first data packet to obtain the decrypted first data packet.

If it is verified that the signature is invalid, the first data packet is discarded.

The second implementation manner, the UE verifies the message authentication code MAC-I in the first data packet according to the SDT security context; if the verification is successful, decrypting the first data packet to obtain the decrypted The first data packet.

If it is verified that the MAC-I is invalid, the first data packet is discarded.

In a third implementation manner, the UE verifies whether the signature in the first data packet is valid according to the public key of the server, and if the signature of the first data packet is valid, according to the SDT security context Decoding the first data packet, or performing integrity verification and decryption processing on the first data packet according to the SDT security context, to obtain the decrypted first data packet. If it is verified that the signature is invalid, the first data packet is discarded.

The secure transmission method of the data provided in this embodiment is effective for verifying the signature of the received first data packet by the UE storing its own private key and the public key of the server with which it is contracted, or the SDT security context negotiated by the UE and the HSS. Sex, decrypt the first data packet with valid signature, or verify the message authentication code MAC-I, and decrypt the correct first data packet of the MAC-I, and send the decrypted first data packet to the corresponding APP, completes the downlink transmission of the data packet, and solves the problem that the corresponding security mechanism protects the transmission of the data packet between the UE and the server through the verification and decryption process, thereby improving the security of the system data transmission.

Further, in the fourth embodiment of the method of the present invention, on the basis of the first embodiment, the second embodiment, and the third embodiment shown in FIG. 1 , before the UE negotiates the SDT security context with the HSS, the UE The parameters received by the HSS include at least one of the ID of the IWF, the ID of the APP, the random number RAND, and the temporary data as a key generation parameter for generating an SDT security context.

The key generation parameter includes a generation parameter of the SDT key, where the generation parameter of the SDT key includes an access security management entity key, an integrity protection key IK, an encryption key CK, and the IWF. At least one of an ID, an ID of the UE, or an International Mobile Subscriber Identity (IMSI), an ID of the APP, the RAND, the temporary data, and an SDT key label. 2 is a flowchart of Embodiment 5 of a method for securely transmitting data according to the present invention. The execution subject of the embodiment is a server, and the server may be a service capability server (SCS) or an application server (AS). ), or other server. The process of sending the downlink data packet to the UE to the UE is as shown in FIG. 2, and the specific steps are as follows: S201: The server waits to send according to the private key of the server and the public key pair of the user equipment UE that is contracted with the server. The first data packet is subjected to a signature and encryption process, or the first data packet is subjected to encryption processing or encryption and integrity protection processing according to an SDT security context, wherein the server's private key and the server contracted with the server The UE public key is stored on the server, and the SDT security context is sent by the interworking device IWF.

In this embodiment, before the data packet is transmitted, the server needs to pre-configure the private key of the server, configure the public key of the UE that has a contractual relationship with the server, or receive the UE and the HSS sent by the interworking device. Negotiating the generated SDT security context for small data security protection, the SDT security context includes an SDT key and an SDT security protection algorithm for data interaction between the UE and the server, so as to perform data packet transmission during data transmission Encryption and decryption and security protection operations.

S202: The server sends the encrypted first data packet to the UE by using the interworking device IWF and the mobility management entity MME, where the UE obtains according to the ID of the server in the first data packet. a public key of the server and/or the SDT security context, and according to the public key of the server and the private key of the UE, or the SDT security context, or the public key of the server and the SDT a security context, performing verification and decryption processing on the first data packet to obtain the decrypted first data packet.

The secure transmission method of the data provided by the embodiment, the first data to be sent by the private key of the UE and the public key of the UE that is subscribed to by the server, or the SDT security context negotiated by the UE and the HSS sent by the IWF. The packet is subjected to encryption processing or encryption and integrity protection processing, and the first data packet encrypted by the signature is sent to the UE through the IWF and the MME, so that the UE can verify the validity of the signature of the first data packet, or verify the message. The authentication code MAC-I decrypts the first data packet, and can send the decrypted first data packet to the corresponding APP to complete downlink transmission of the data packet, and the server signs and encrypts the data packet. Strictly protect the secure transmission of data packets between the UE and the server, and improve the security of system data transmission.

FIG. 3 is a flowchart of Embodiment 6 of a secure transmission method of data according to the present invention, and is performed by this embodiment. The main body is an IWF. The IWF is a network entity introduced to better control the machine type communication device and related services, and the data is transmitted between the MME and the server through the interworking device. The IWF can also open more interfaces to connect with internal or external servers or other devices, and the present invention is not limited. The downlink data packet sending process applied to the server to the UE is as shown in FIG. 3, and the specific steps are as follows:

S301: The interworking device, the IWF, receives the first data packet sent by the server, where the first data packet includes an ID and a signature of the server, or an ID of the server and a MAC-L.

In this embodiment, the first data packet includes other information such as an ID of the server, an ID of the UE, and an ID of the APP to be sent, in addition to the data to be transmitted.

S302: The IWF verifies the signature according to the public key of the server, or validates the MAC-I according to an SDT security context, and passes the first data packet to the mobility management entity after the verification is passed. The MME sends the MME to the UE; or the IWF performs the encryption and/or integrity protection processing on the first data packet according to the SDT security context, and sends the first data packet to the UE by using the mobility management entity MME.

In this embodiment, the SDT security context generated by the UE and the HSS negotiation may be obtained by the IWF receiving the SDT key sent by the HSS. And receiving an SDT security protection algorithm sent by the UE by using the MME, where the SDT key and the SDT security protection algorithm form an SDT security context.

In this embodiment, if the IWF verifies that the signature of the first data packet is invalid, or the MAC-I fails to pass the verification, the IWF discards the first data packet.

The secure transmission method of the data provided by the embodiment, obtains the public key of the server and the public key of the UE that is contracted with the server through the IWF, or obtains the SDT security context negotiated by the UE and the HSS, and receives the signature and encryption sent by the server. Signing the first data packet, and verifying the validity of the signature of the first data packet, or verifying the message authentication code MAC-I, if the signature of the first data packet is verified to be valid or the MAC-I verification is passed, the first The data packet is sent to the UE through the MME, and the downlink transmission of the small data packet is completed. The IWF strictly protects the secure transmission of the data packet between the UE and the server by verifying the signature of the data packet and the MAC-I, and improves the system data transmission. Security. Further, in the seventh embodiment of the method of the present invention, based on the sixth embodiment shown in FIG. 3, the IWF verifies the signature according to the public key of the server in step S303, or according to the SDT security. Context, the MAC-I is verified, and the first data packet is sent to the UE by using the mobility management entity MME after the verification is passed; or the IWF is configured to the first data packet according to the SDT security context. And performing the encryption and/or integrity protection process, and sending the first data packet to the UE by using the mobility management entity MME, where the following implementation manners are as follows: In a first implementation manner, the IWF is configured according to the server. ID querying and obtaining the public key of the server, and verifying whether the first data packet signature is valid according to the public key of the server; if the first data packet signature is valid, the first The data packet is sent to the UE by the MME; if the signature is invalid, the first data packet is discarded.

In a second implementation manner, when the first data packet further includes: an ID of the UE, the IWF acquires the SDT security context according to the ID of the UE, and performs verification on the MAC-I;

And if the MAC-I is valid, the first data packet is sent to the UE by using the MME; if the signature is invalid, the first data packet is discarded.

In a third implementation manner, when the first data packet further includes: an ID of the APP, the IWF acquires the SDT security context according to the ID of the UE and the ID of the APP, and performs verification on the MAC-I;

If the first data packet MAC-I is valid, the first data packet is sent to the UE by using the MME; if the first data packet MAC-I is invalid, the first data is used. The packet is discarded.

In a fourth implementation manner, when the first data packet further includes: an ID of the UE and/or an ID of the APP, the IWF acquires the SDT security context according to the ID of the UE and/or the ID of the APP, where The first data is subjected to encryption and integrity protection processing; and the processed first data packet is sent to the UE by using the MME;

In a fifth implementation manner, when the first data packet further includes: an ID of the UE and/or an ID of the APP, the IWF acquires a public key of the server according to an ID of the server, and according to the server a public key, the signature is verified; if the signature of the first data packet is valid, the SDT security context is obtained according to the ID of the user UE and/or the ID of the APP, and the first data is encrypted, or The encryption and integrity protection process is performed, and the processed first data packet is sent to the UE by using the MME. The secure transmission method of the data provided by the embodiment, obtains the public key of the server and the public key of the UE that is contracted with the server through the IWF, or obtains the SDT security context negotiated by the UE and the HSS, and receives the signature and encryption sent by the server. Signing the first data packet, and verifying the validity of the signature of the first data packet, or verifying the message authentication code MAC-I, or encrypting or integrity protecting the first data packet, and then passing the first data packet The MME sends the UE to complete the downlink transmission of the small data packet, and the IWF strictly protects the secure transmission of the data packet between the UE and the server by verifying the signature of the data packet and MAC-I, or encryption and integrity protection. Improve the security of system data transmission.

Further, in the eighth embodiment of the method of the present invention, on the basis of the sixth embodiment and the seventh embodiment shown in FIG. 3, after the verification is passed, before the first data packet is sent to the UE through the MME, Authorization verification is also required, and the specific implementation methods are as follows:

In a first embodiment, if the ID of the server and the ID of the UE are included in the first data packet, the IWF is configured according to a correspondence between a server and a UE saved in a pre-configured authorization list. Performing a matching check on the ID of the server in the data packet and the ID of the UE. After checking that the correspondence between the server and the UE is correct, sending the first data packet to the MME to the MME. The UE.

In a second implementation manner, if the first data packet includes an ID of the server, an ID of the UE, and an ID of the APP, the IWF is configured according to a server, a UE, and an APP saved in a pre-configured authorization list. Corresponding relationship, performing matching check on the ID of the server in the first data packet, the ID of the UE, and the ID of the APP, and checking the server, the UE, and the APP After the corresponding relationship is correct, the first data packet is sent to the UE by using the MME.

In a third implementation manner, if the first data packet includes an ID of the server and an ID of the UE, the IWF sends the ID of the server and the ID of the UE to the HSS, to And performing, by the HSS, a matching check on the ID of the server in the first data packet and the ID of the UE according to the correspondence between the server and the UE saved in the pre-configured authorization list, and checking the After the corresponding relationship between the server and the UE is correct, the acknowledgment result is returned to the IWF, so that the IWF sends the first data packet to the UE by using the MME.

In a fourth implementation manner, if the first data packet includes an ID of the server, an ID of the UE, and an ID of the APP, the IWF sets an ID of the server, an ID of the UE, and Sending the ID of the APP to the HSS for the HSS according to a pre-configured authorization list Corresponding relationship between the stored server, the UE, and the APP, performing matching check on the ID of the server in the first data packet, the ID of the UE, and the ID of the APP, in checking the server, After the correspondence between the UE and the APP is correct, an acknowledgment result is returned to the IWF, so that the IWF sends the first data packet to the UE by using the MME.

4 is a flowchart of Embodiment 9 of a secure transmission method of data according to the present invention. The executor of this embodiment is an MME, and is applied to a downlink data packet sending process of a server to a UE. As shown in FIG. 4, the specific steps are as follows:

S401: The mobility management entity MME receives the first data packet sent by the interworking device IWF, where the first data packet includes: an ID of the user equipment UE, an ID of the server, and a signature.

S402: The MME verifies the signature according to the public key of the server, where the public key of the server is stored on the MME.

In this embodiment, the MME may directly configure the public key of the UE and the server, or the public key of the UE and the server may be stored in the subscription information of the HSS. When the UE initially accesses the network for authentication and key negotiation. The MME receives the public key of the UE and the server that the HSS sends to the MME.

S403: After the verification signature is valid, the MME sends the first data packet to the UE corresponding to the ID of the UE.

In this embodiment, if the MME verifies that the signature of the first data packet is invalid and fails the verification, the first data packet is discarded, and the downlink transmission process of the data is interrupted.

The secure transmission method of the data provided by the embodiment, the MME obtains the public key of the server and the public key of the UE that is contracted with the server, and receives the signed first encrypted data packet sent by the IWF, according to the public key of the server. Verifying the validity of the signature of the first data packet, if verifying that the first data packet is sent to the UE corresponding to the ID of the UE, the problem that the corresponding security mechanism protects the data packet between the UE and the server is solved. Improve the security of system data transmission.

FIG. 5 is a flowchart of Embodiment 10 of the data security transmission method of the present invention. The execution entity of this embodiment is an HSS, and can be applied to the SDT security context negotiation before the uplink and downlink data packet transmission between the UE and the server. As shown in Figure 5, the specific steps are:

S501: The HSS receives the identifier of the UE sent by the MME and/or the ID of the IWF selected by the MME for the UE; the identifier includes an International Mobile Subscriber Identification Number (IMSI) or a temporary mobile subscriber identity ( Temporary Mobile Subscriber Identity, TMSI for short. In this embodiment, a plurality of IWFs exist in the network. If the UE does not restrict access to a specific IWF, the MME needs to select a serving IWF for the UE according to the load condition of all IWFs, and the MME needs to select the selected IWF. The ID is sent to the HSS so that the HSS generates the SDT key.

S502: The HSS acquires the subscription data of the UE according to the identifier, and when determining that the UE has the characteristics of the small data service, generates an SDT key according to the previously generated key generation parameter.

In this embodiment, the method for acquiring the key generation parameter in advance may generate the corresponding key generation parameter for the HSS itself, or may generate the key generation parameter sent by the UE or the MME, and may also generate a part of the key generation for the HSS itself. The parameter, the other part of the key generation parameter sent by the UE or the MME is received, which is not limited by the present invention.

S503: The HSS sends the key generation parameter and the SDT key to an IWF corresponding to the ID of the IWF, and sends the key generation parameter to the UE by using the MME, where The UE generates an SDT security context according to the key generation parameter, where the SDT security context includes the SDT key and an SDT security protection algorithm.

In this embodiment, the HSS sends the key generation parameter and the SDT key to the IWF, or sends the same to the server through the IWF. In addition, if the UE restricts access to an IWF, the HSS pre-configures the corresponding contract relationship between the IWF and the UE, and the HSS needs to send the ID of the IWF to the MME before this step. After the HSS sends the SDT key to the IWF corresponding to the ID of the IWF, the HSS sends the ID of the IWF to the UE through the MME, so that the UE is based on the IWF. ID generates an SDT key and sends an SDT security protection algorithm to the IWFo through the MME

The method for secure transmission of data provided by this embodiment generates an SDT key according to a key generation parameter by the HSS, and sends the parameter to the UE, so that the UE generates a parameter SDT security context according to the key, and notifies the SDT security context. IWF, in order to encrypt and decrypt and integrity protect data packets on the IWF and UE during data transmission, and solve the problem that there is no corresponding security mechanism to protect the transmission of data packets between the UE and the server, and improve system data transmission. Security.

Further, in the eleventh embodiment of the present invention, on the basis of the tenth embodiment shown in FIG. 5, after the HSS receives the first data packet sent by the IWF, the HSS needs to perform authorization verification. The specific implementation is:

In a first implementation manner, if the first data packet includes an ID of the server and an ID of the UE, the HSS is configured according to a server and a UE that are saved in a pre-configured authorization list. And performing a matching check on the ID of the server in the first data packet and the ID of the UE, and after checking that the correspondence between the server and the UE is correct, returning an acknowledgement result to the IWF So that the IWF sends the first data packet to the UE through the MME;

In a second implementation manner, if the first data packet includes an ID of the server, an ID of the UE, and an ID of the APP, the HSS is configured according to a server, a UE, and a UE saved in a pre-configured authorization list. Corresponding relationship of the APP, performing matching check on the ID of the server in the first data packet, the ID of the UE, and the ID of the APP, and checking the server, the UE, and the APP After the corresponding relationship is correct, the confirmation result is returned to the IWF, so that the IWF sends the first data packet to the UE by using the MME.

Further, after performing the authorization verification, after the HSS sends the SDT key to the IWF corresponding to the ID of the IWF, the HSS sends the ID of the IWF to the UE through the MME. So that the UE generates an SDT key according to the ID of the IWF and sends an SDT security protection algorithm to the IWF through the MME, where the correspondence between the UE and the IWF is stored in the HSS.

In the above-mentioned tenth embodiment and the embodiment, the parameter that the HSS sends to the UE includes at least one of an ID of the IWF, an ID of an application APP, a random number RAND, and temporary data, where the The temporary data is a parameter generated by the HSS for generating an SDT key after the HSS determines that the UE has a characteristic of a small data service;

The key generation parameter includes a generation parameter of the SDT key;

The secure transmission method of the data provided in this embodiment generates an SDT key according to the key generation parameter by the HSS, and sends the parameter to the UE, so that the UE generates a parameter SDT security context according to the key, and notifies the SDT security context. The IWF and the HSS perform authorization verification on the server and the UE, so that the data encryption and decryption and integrity protection can be performed on the IWF and the UE during the data transmission process, and the corresponding security mechanism is not protected to protect the data packet between the UE and the server. The problem of transmission increases the security of system data transmission.

FIG. 6 is a flowchart of Embodiment 12 of the method for secure transmission of data according to the present invention. The executor of this embodiment is a UE, which is mainly used in the process of transmitting uplink data packets sent by the UE to the server. As shown in 6, the specific steps are:

S601: The user equipment UE performs encryption and/or signature processing on the second data packet according to the private key of the UE and the public key of the server, or performs encryption and/or integrity protection on the second data packet according to the SDT security context. deal with.

In this embodiment, the private key of the UE and the public key of the server that is contracted with the UE or negotiate with the home subscriber server HSS to generate an SDT security context are stored on the UE. The UE may encrypt the second data packet according to the private key of the UE and the public key of the server, or encrypt and sign, and may also encrypt or encrypt and protect the second data packet according to the SDT security context.

The IWF is a network entity introduced to better control the machine type communication equipment and related services. The signaling and data from the server are transmitted to the MME through the IWF and then sent to the machine type communication device, or the IWF will come from the IWF. Signaling and data with the machine type communication device are sent to the server. The IWF can also open more interfaces to internal or external servers, or other devices, and the present invention is not limited.

The UE may negotiate with the HSS for the SDT security context. The UE may receive the key generation parameter sent by the HSS, and the UE generates an SDT key according to the key generation parameter.

S602: The UE sends the processed second data packet to the server by using the mobility management entity MME and the interworking device IWF.

The secure transmission method of the data provided by the embodiment, the second data packet to be sent to the server is encrypted by the UE acquiring the private key of the UE and the public key of the server with which the UE is subscribed, or the SDT security context negotiated by the UE and the HSS. Encryption and integrity protection, sent to the server by the MME and IWF, complete the uplink transmission of the data packet, through signature encryption, and integrity protection, and solve the problem that there is no corresponding security mechanism to protect the transmission of the data packet between the UE and the server. Problem, improve the security of system data transmission.

Further, in the thirteenth embodiment of the method of the present invention, based on the embodiment shown in FIG. 6 above, S601 and S602 specifically have the following implementation manners: In a first implementation manner, the UE signs the second data packet according to the private key of the UE, and performs encryption processing on the second data packet according to the public key of the server.

In a second implementation manner, the UE performs encryption or encryption and integrity protection processing on the second data packet according to the SDT security context.

Transmitting, by the UE, the processed second data packet that carries the MAC-I to the IWF or the server, where the IWF or the server obtains the identifier according to the ID of the UE in the processed second data packet. Determining the SDT security context, and verifying the MAC-I in the second packet after the security protection according to the SDT security context, and if the verification is valid, decrypting the processed second data packet And obtaining the decrypted second data packet. If the verification MAC-I is invalid, the second data packet is discarded, and the uplink data transmission process is ended.

In the foregoing embodiment, the parameter that is sent by the HSS received by the UE includes at least one of an ID of the IWF, an ID of an application APP, a random number RAND, and temporary data.

The key generation parameter includes a generation parameter of the SDT key;

The generating parameter of the SDT key is an access security management entity key, an integrity protection key IK, an encryption key CK, an ID of the IWF, an ID of the UE or an international mobile subscriber identity IMSI, the APP At least one of an ID, the RAND, the temporary data, and an SDT key label.

The secure transmission method of the data provided by the embodiment, the second data packet to be sent to the server is encrypted by the UE acquiring the private key of the UE and the public key of the server with which the UE is subscribed, or the SDT security context negotiated by the UE and the HSS. Encryption and integrity protection, sent to the server through the MME and IWF, the server verifies the signature or MAC-I, decrypts the second data packet, completes the uplink transmission of the data packet, encrypts by signature, and solves the integrity protection. There is no corresponding security mechanism to protect the transmission of data packets between the UE and the server, and improve the security of system data transmission.

FIG. 7 is a flowchart of Embodiment 14 of the data security transmission method of the present invention. The execution entity of this embodiment is a server, and the server may be an SCS or an AS, and is mainly applied to the UE to send to the server. During the transmission of the uplink data packet, as shown in Figure 7, the specific steps are:

S701: The server receives the processed second data packet sent by the interworking device IWF.

In this embodiment, the second data packet carries information such as the ID of the UE, the ID of the IWF, the ID of the server, the identification identifier, or the MAC-I.

S702: Perform signature verification and decryption on the second data packet according to the public key of the user equipment UE and the private key of the server, or search for an SDT security context according to the ID of the UE and/or the ID of the IWF. The processed second data packet is integrity verified and decrypted.

In this embodiment, the server may pre-configure the private key of the server and the public key of the user equipment UE that is contracted with the server, or the SDT security context sent by the IWF; wherein the SDT security context includes The SDT key and the SDT security protection algorithm generated by the UE and the HSS are negotiated.

The secure transmission method of the data provided by the embodiment, the server obtains its own private key and the public key of the UE with which it is contracted, or receives the SDT security context negotiated by the UE and the HSS sent by the IWF, and the received UE passes the MME and the The second data packet sent by the IWF performs signature verification and decryption or MAC-I verification and decryption, and completes uplink transmission of the data packet. The server solves the problem of no corresponding security mechanism protection by verifying and decrypting the data packet. The problem of data packet transmission between the UE and the server improves the security of system data transmission.

FIG. 8 is a flowchart of the fifteenth embodiment of the method for secure transmission of data according to the present invention. The executor of the embodiment is an IWF, which is mainly used in the process of transmitting uplink data packets sent by the UE to the server, as shown in FIG. The steps are:

S801: The interworking device IWF receives the processed second data packet sent by the user equipment UE by using the mobility management entity MME, where the processed second data packet includes an ID and a signature of the UE, or an ID of the UE. MAC-I.

S802: The IWF verifies the signature or the MAC-I according to the public key or the SDT security context of the UE. After the verification is passed, the processed second data packet is sent to the server.

The public key of the UE is stored on the IWF, and the SDT security context is obtained in advance from the home subscriber server HSS. In this embodiment, the IWF pre-configures the public key of the server corresponding to each server and the public key of the UE that is contracted with the server, and/or obtains the SDT security context generated by the negotiation between the UE and the HSS; The SDT security context includes the SDT key and the SDT security protection algorithm.

In this embodiment, the acquiring the SDT security context may be: receiving an SDT key sent by the HSS, receiving an SDT security protection algorithm sent by the UE by using the MME, the SDT key, and the SDT security protection. The algorithm forms the SDT security context.

The secure transmission method of the data provided by the embodiment, obtains the public key of the server and the public key of the UE that is contracted by the IWF, or obtains the SDT security context negotiated by the UE and the HSS, and sends the second sent by the received UE to the MME. The data packet is verified by the signature or verified by the MAC-I, and the second data packet that is verified is sent to the server to complete the uplink transmission of the data packet. The server solves the problem by verifying and decrypting the data packet. The security mechanism protects the transmission of data packets between the UE and the server, improving the security of system data transmission.

Further, in the sixteenth embodiment of the method of the present invention, on the basis of the foregoing embodiment shown in FIG. 8, the IWF obtains the SDT security context from the home subscriber server HSS in advance, and specifically includes: receiving the HSS sending And receiving an SDT security protection algorithm sent by the UE by using the MME; where the SDT security context includes the SDT key and the SDT security protection algorithm.

In this embodiment, the IWF verifies the signature or the MAC-I according to the public key or the SDT security context of the UE; and after the verification is passed, sends the processed second data packet to The specific implementation manner of the server is as follows:

In a first implementation manner, the IWF verifies whether the signature of the processed second data packet is valid according to the public key of the UE, and if it is verified that the processed second data packet signature is valid, The processed second data packet is sent to the server.

In a second implementation manner, the IWF verifies the MAC-I of the processed second data packet according to the SDT security context; if the MAC address of the processed second data packet is verified If I is valid, the processed second data packet is decrypted and sent to the server.

Optionally, before sending the second data packet to the server, the IWF also needs to perform authorization verification, and the specific verification manners include the following:

In the first verification mode, if the first data packet includes the ID of the server and the ID of the UE, the IWF is configured according to a correspondence between the server and the UE saved in the pre-configured authorization list. Performing a matching check on the ID of the server in the first data packet and the ID of the UE, and after checking that the correspondence between the server and the UE is correct, sending the second data packet to The server.

The second verification mode, if the first data packet includes an ID of the server, an ID of the UE, and an ID of the APP, the IWF is configured according to a server, a UE, and an APP saved in a pre-configured authorization list. Corresponding relationship, performing matching check on the ID of the server in the first data packet, the ID of the UE, and the ID of the APP, and checking the server, the UE, and the APP After the correspondence is correct, the second data packet is sent to the server.

a third verification mode, if the second data packet includes the ID of the server and the ID of the UE, the IWF sends the ID of the server and the ID of the UE to the HSS for the The HSS performs a matching check on the ID of the server in the second data packet and the ID of the UE according to the correspondence between the server and the UE stored in the pre-configured authorization list, and checks the server and the After the corresponding relationship of the UE is correct, the second data packet is sent to the server.

The fourth verification mode, if the second data packet includes the ID of the server, the ID of the UE, and the ID of the application APP, the IWF sets the ID of the server, the ID of the UE, and the Sending the ID of the APP to the HSS, for the HSS to associate the ID of the server in the second data packet with the UE, according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list. The ID and the ID of the APP are checked for matching. After checking that the correspondence between the server, the UE, and the APP is correct, the second data packet is sent to the server.

The secure transmission method of the data provided by the embodiment, obtains the public key of the server and the public key of the UE that is contracted by the IWF, or obtains the SDT security context negotiated by the UE and the HSS, and sends the second sent by the received UE to the MME. The data packet is verified by the signature or verified by the MAC-I, and the server and the UE are authenticated, and the second data packet that is verified is sent to the server to complete the uplink transmission of the data packet, and the server signs the data packet. The verification and decryption process solves the problem that there is no corresponding security mechanism to protect the transmission of data packets between the UE and the server, and the security of the system data transmission is improved.

FIG. 9 is a flowchart of Embodiment 17 of the method for secure transmission of data according to the present invention. The executor of this embodiment is an MME, which is mainly used in the process of transmitting uplink data packets sent by the UE to the server, such as As shown in Figure 9, the specific steps are:

S901: The mobility management entity MME receives the processed second data packet sent by the user equipment UE, where the second data packet includes: an ID of the UE, an ID of the server, and a signature.

S902: The MME verifies the signature according to the public key of the UE.

In this embodiment, the public key of the UE is stored on the MME.

If it is verified that the signature of the second data packet has not passed, the second data packet is discarded, and the transmission process of the uplink data packet is ended.

S903: After verifying that the signature is valid, the MME sends the second data packet to the interworking device IWF.

In the secure transmission method of the data provided by the embodiment, the MME obtains the public key of the server and the public key of the UE that is contracted with the MME, performs signature verification on the second data packet sent by the received UE, and verifies the passed second data packet. The IWF is sent to the server to complete the uplink transmission of the data packet. The MME solves the problem that the corresponding security mechanism protects the transmission of the data packet between the UE and the server by verifying the signature of the data packet, thereby improving the security of the system data transmission. Sex.

In the eighteenth embodiment of the secure transmission method of the data of the present invention, on the basis of the foregoing embodiment, before the second data packet is sent to the IWF, the MME needs to perform authorization verification, and specifically includes the following two verification methods. :

In the first verification mode, if the second data packet includes the ID of the server and the ID of the UE, the MME is configured according to a pre-configured authorization list, and the server in the second data packet. ID and the ID of the UE, according to the correspondence between the server and the UE saved in the authorization list, performing matching check on the ID of the server and the ID of the UE in the second data packet, inspecting After checking that the correspondence between the server and the UE is correct, the second data packet is sent to the server through the IWF.

The second verification mode, if the second data packet includes the ID of the server, the ID of the UE, and the ID of the application APP, the MME is configured according to the pre-configured authorization list and the second data packet. The ID of the server, the ID of the UE, and the ID of the APP, according to the correspondence between the server, the UE, and the APP stored in the authorization list, the ID of the server in the second data packet Performing a matching check on the ID of the UE and the ID of the APP, and after checking that the correspondence between the server, the UE, and the APP is correct, sending the second data packet to the server. The corresponding embodiments are used to illustrate the interaction process of each device in the secure transmission method of data provided by the present invention.

FIG. 10 is a diagram showing a downlink data packet transmission interaction between a server and a UE by using a public key private key based on a PKI system. In this embodiment, the server stores its own private key, and also stores the public key of the UE with which it has a contractual relationship. Each UE stores its own private key, and also saves the server with which it has a contractual relationship. Public key, in the downstream direction, the server uses its private key to sign the small data packet, encrypts the small data packet with the public key of the UE to be sent, and when the UE receives the small data packet, the public key of the server is used. Verify the validity of the signature, and then use its private key to decrypt the small data packet, as shown in Figure 10. The specific interaction process is as follows:

S1001: The server sends the first data packet signed and encrypted according to the private key of the server and the public key of the UE to the IWF.

In this embodiment, the server may encapsulate the first data packet in the Tsp-AP-PDU, and send the data to the IWF through the Tsp-AP protocol, where the data to be sent, the ID of the server, the ID of the UE, and the APP may be carried. Information such as the ID and identification of the data.

S1002: The IWF verifies whether the signature is valid according to the public key of the server, and if the verification signature is valid, sends the first data packet to the MME.

In this embodiment, the IWF searches for the public key of the corresponding server according to the ID of the server, and verifies whether the signature of the first data packet is valid. If the signature is invalid, the first data packet is blocked, and if the signature is valid, the IWT The first data packet is encapsulated in the T5-AP-PDU and sent to the MME through the T5-AP protocol.

Optionally, if necessary, the IWF may also send the ID of the server, the ID of the UE, and the ID of the APP to the HSS for further verification. The HSS according to the correspondence between the server and the UE saved in the pre-configured authorization list, Performing a matching check on the ID of the server in the first data packet and the ID of the UE, after checking that the server corresponding to the ID of the server is allowed to send a data packet to the UE corresponding to the ID of the UE, Sending the first data packet to the MME.

Among them, because the number of servers is limited and they only sign up with certain UEs, they may remain connected to the IWF through the Tsp interface. Therefore, the IWF can directly preset the public key of the UE and the public key information of the server.

S1003: The MME verifies whether the signature is valid according to the public key of the server, and if the verification is valid, sends the first data packet to the UE. In this embodiment, the MME searches for the public key of the corresponding server according to the ID of the server, and verifies whether the signature of the first data packet is valid. If the signature is invalid, the first data packet is blocked, and if the signature is valid, the MME The first packet is sent to the UE via a NAS message such as a Generic NAS Transport message.

The MME may directly preset the public key of the UE and the public key of the server; or the public key of the UE and the public key of the server are stored in the subscription information in the HSS. When the UE initially attaches to the network for AKA, the HSS may The public key of the UE and the public key information of the server are sent to the MME.

S1004: The UE receives the first data packet, and verifies whether the signature is valid according to the public key of the server. If the signature of the first data packet is valid, the first data packet is decrypted by using the private key of the UE, and sent to the corresponding APP.

In this embodiment, the UE finds the public key of the corresponding server according to the ID of the server, and after verifying that the signature is valid, decrypts the small data packet with the private key, and sends the first data packet to the corresponding APP according to the ID of the APP. .

Further, if it is necessary to return a corresponding data packet or an acknowledgement character (Acknowledgement, ACK for short), the APP sends it to the UE, signs the data packet or ACK with the private key of the UE, and encrypts the small data with the public key of the target server. Packet or ACK (in addition, ACK can be encrypted without encryption)

The MME and the IWF are sent to the server.

In the secure transmission method of the data provided by the embodiment, the first data packet is encrypted and signed by the server and the public key of the UE, and the signature of the first data packet is verified by the IWF and the MME, and the authorization relationship may also be verified by the HSS. The first data packet is sent to the UE. In the scenario that the small data between the UE and the server is transmitted through the T5 interface between the MME and the MTC-IWF, there is no corresponding security mechanism to protect the data transmission between the UE and the subscription server, and the system data transmission is improved. Security.

11 is an uplink data packet transmission interaction diagram for protecting a UE to a server by using a public key private key based on a PKI system. In this embodiment, the server stores its own private key, and also stores the public key of the UE with which it has a contractual relationship. Each UE stores its own private key, and also saves the server with which it has a contractual relationship. Public key, in the uplink direction, the UE uses its private key to sign the small data packet, encrypts the small data packet with the public key of the server to be sent, and when the server receives the small data packet, the public key of the UE is used. Verify the validity of the signature, and then decrypt the small data packet with the private key of the server. As shown in Figure 11, the specific interaction process is as follows: S1101: The UE signs and encrypts the second data packet by using the private key of the UE and the public key of the server, and sends the second data packet to the MME.

In this embodiment, the second data packet is sent to the MME through a NAS message (such as a Generic NAS Transport message). The second data packet may carry information such as an ID of the server, an ID of the UE, and an ID of the APP and an identification identifier of the data.

S1102: The MME verifies whether the signature is valid according to the public key of the UE, and if the verification signature is valid, sends the second data packet to the IWF.

In this embodiment, if the verification signature is invalid, the MME may block the second data packet. When the signature is valid, the MME may encapsulate the second data packet in the T5-AP-PDU and send it to the IWF through the T5-AP protocol.

S1103: The IWF verifies whether the signature is valid according to the public key of the UE, and if the signature of the second data packet is verified to be valid, the second data packet is sent to the server.

In this embodiment, the IWF searches for the public key of the UE according to the ID of the UE, and verifies whether the signature of the second data packet is valid. If the signature is invalid, the second data packet is blocked, and if the second data packet is valid, the second data packet is valid. It is encapsulated in the Tsp-AP-PDU and sent to the server through the Tsp-AP protocol.

S1104: The server receives the second data packet, and verifies whether the signature is valid according to the public key of the UE. If the signature of the second data packet is verified to be valid, the second data packet is decrypted by using the private key of the server.

In this embodiment, the server can verify whether the signature is valid by the public key of the UE, and if valid, decrypt the second data packet by using the private key of the server itself, and respond.

Further, if it is necessary to return the corresponding data packet or Acknowledgement (ACK), the server will use the private key of the server to sign the data packet or ACK, and encrypt the data packet or ACK with the public key of the target UE (in addition , ACK can be sent to the UE through the IWF and MME without encryption.

In the secure transmission method of the data provided by the embodiment, the second data packet is encrypted and signed by the server and the public key of the UE, and the second data packet is verified by the MME or the IWF, or the second data is advanced. The package is sent to the server. In the scenario that the small data between the UE and the server is transmitted through the T5 interface between the MME and the MTC-IWF, there is no corresponding security mechanism to protect the data transmission between the UE and the subscription server, and the system data transmission is improved. Security.

FIG. 12 is an interaction diagram of a UE and an IWF negotiating an SDT security context. In this embodiment, the HSS stores the association between the ID of the server, the ID of the UE, and the ID of the APP, and also stores the IMSI of the UE. information. As shown in Figure 12, the specific negotiation process is as follows:

S1201: The MME sends the IMSI of the UE or the TMSI of the UE to the HS S and the ID of the interworking device IWF selected by the MME for the UE.

In this embodiment, after the UE accesses the network, if there is a specific access IWF, the MME directly sends the IMSI to the HSS. If there is no specific access IWF, there are multiple IWFs in the network, and the MME may load according to the IWF. In this case, the UE selects the serving IWF. At this time, the MME needs to report the ID of the IWF to the HSS, so that the HSS generates an SDT key, and sends the SDT key to the corresponding IWF.

S1202: The HSS queries the subscription data of the UE according to the IMSI, and determines that the UE has the characteristics of the small data service, and generates an SDT key according to the key generation parameter.

In this embodiment, the HSS searches for the subscription data of the UE according to the IMSI. If the UE is a UE of the machine type communication and has the small data transmission service characteristic, the SDT security context is generated according to the key generation parameter, where the SDT key is generated. The generated parameters are at least one of Kasme, IK, CK, IWF ID, UE ID or IMSI, APP ID, RAND, Nonce_SDT, SDT key label.

S1203: The HSS sends the SDT key to the IWF.

In this embodiment, the IMSI information of the UE, the ID of the UE, the ID of the server, and the ID of the APP are also sent to the IWF while the SDT algorithm is being transmitted.

S1203: The HSS sends the generated key generation parameter to the UE by using the MME, and the MME sends the ID of the IWF to the UE by using a NAS (Service Capability Server, SMC for short).

S1204: The UE receives a key generation parameter sent by the HSS, and generates an SDT security context according to the key generation parameter.

In this embodiment, the UE negotiates the SDT security protection algorithm in the non-access security mode command NAS SMC process, or the non-access layer security algorithm negotiated in the non-access security mode command NAS SMC process as the SDT security protection algorithm. .

S1205: The MME sends the NAS algorithm negotiated with the UE to the IWF as an SDT security protection algorithm.

In this embodiment, the MME sends the negotiated NAS algorithm to the IWF as an SDT security protection algorithm, and the IWF saves the SDT key and the SDT security protection algorithm as the SDT security context. After the negotiation is completed, if there is a packet transfer between the server and the UE, the SDT can be safely used up and down. Encryption and decryption, or integrity protection.

Further, the IWF sends the SDT security context, the UE ID, the server ID, and the APP ID to the server.

Figure 13 is a diagram showing the downlink data packet transmission interaction between the server and the UE based on the SDT security context protection. In this embodiment, both the IWF and the UE store the SDT security context negotiated in step 12, and the IWF sends the security context to the server. In the downlink direction, the server encrypts and integrity protects the first data packet by using the SDT security context, and the UE receives the first data packet, uses the SDT security context to verify the MAC-I, and decrypts the first data packet. As shown in Figure 13, the specific interaction process is as follows:

S1301: The server encrypts or encrypts and protects the first data packet according to the SDT security context, and sends the first data packet to the IWF.

S1302: The IWF obtains the corresponding SDT security context according to the ID of the UE or the ID of the server and the ID of the UE, and validates the MAC-I of the first data packet, and sends the first data to the MME after the verification is passed.

In this embodiment, the IWF verifies whether the server can initiate the SDT small data service according to one or more of the ID of the server, the ID of the UE, and the ID of the APP, and the locally saved white/black list. The server may initiate the service of the small data packet, and then verify the MAC-I of the first data packet. If the verification fails, the first data packet of the block, if the verification succeeds, the first data packet is encapsulated in the T5-AP-PDU. The MME is sent to the MME through the T5-AP protocol.

Optionally, if necessary, the IWF may send the ID of the server and the ID of the UE to the HSS for further verification. The HSS according to the correspondence between the ID of the server and the ID of the UE saved in the pre-configured authorization list. Performing a matching check on the ID of the server in the first data packet and the ID of the UE, after checking that the server corresponding to the ID of the server is allowed to send a data packet to the UE corresponding to the ID of the UE, Sending the first data packet to the MME.

Alternatively, the IWF may also send the ID of the server, the ID of the UE, and the ID of the APP to the HSS for further verification. The HSS according to the ID of the server, the ID of the UE, and the ID of the APP saved in the pre-configured authorization list. Corresponding relationship, performing matching check on the ID of the server in the first data packet, the ID of the UE, and the ID of the APP, and checking that the server corresponding to the ID of the server is allowed to the UE After the application corresponding to the ID and the ID of the APP sends the data packet, the first data packet is sent to the MME. S1303: The MME sends the first data packet to the UE by using a NAS message.

S1304: The UE receives the first data packet, and selects the SDT security context to verify the MAC-I of the first data packet according to the ID of the IWF, and decrypts the first data packet after the verification is passed.

In this embodiment, if the SDT security context is negotiated between the UE and the multiple IWFs, the UE needs to select the corresponding SDT security context according to the ID of the IWF, and perform MAC-I verification on the first data packet. If the verification fails, Then, the first data packet block is decrypted, and if the verification is passed, the first data packet is decrypted and sent to the corresponding APP.

Further, if it is necessary to return the corresponding data packet or ACK, the APP sends it to the UE, and uses the SDT security context encryption or encryption and integrity protection data packet or ACK of the UE (in addition, the ACK may not be encrypted) through the MME. And the IWF is sent to the server.

In the secure transmission method of the data provided by the embodiment, the first data packet is encrypted or encrypted and integrity protected by the negotiated SDT security context of the IWF and the UE, and the first data packet signature is verified by the IWF, and the HSS can also be used. Verify the authorization relationship and send the first data packet to the UE. In the scenario that the small data between the UE and the server is transmitted through the T5 interface between the MME and the MTC-IWF, there is no corresponding security mechanism to protect the data transmission between the UE and the subscription server, and the system data transmission is improved. Security.

Figure 14 is a diagram showing the uplink packet transmission interaction of the UE to the server based on the SDT security context. In this embodiment, both the IWF and the UE store the SDT security context negotiated in step 12, and the IWF sends the security context to the server. In the downlink direction, the server encrypts and integrity protects the first data packet by using the SDT security context, and the UE receives the first data packet, uses the SDT security context to verify the MAC-I, and decrypts the first data packet. As shown in Figure 13, the specific interaction process is as follows:

S1401: If the SDT security context is negotiated between the UE and the multiple IWFs, the UE searches for the corresponding SDT security context according to the ID of the IWF, and encrypts or encrypts and protects the second data packet with the SDT security context, and sends To the MME.

S1402: The MME performs a matching check on the ID of the server, the ID of the UE, and the ID of the APP in the second data packet according to the correspondence between the server, the UE, and the APP saved in the authorization list. After the UE corresponding to the ID of the UE is allowed to send the data packet to the application corresponding to the ID of the server and the ID of the APP, the second data packet is forwarded to the IWF; or the MME saves according to the authorization list. Corresponding relationship between the server and the UE, the service in the second data packet The ID of the UE is matched with the ID of the UE, and the second data packet is forwarded to the IWF after the UE corresponding to the ID of the UE is allowed to send a data packet to the server corresponding to the ID of the server.

In this embodiment, in order for the MME to block illegal data, the MME according to the pre-configured authorization list, the ID of the server in the second data packet, the ID of the UE, and/or the ID of the APP, according to the authorization list. Corresponding relationship between the saved server, the UE, and/or the APP, performing matching check on the ID of the server in the second data packet, the ID of the UE, and/or the ID of the APP, in the check The UE corresponding to the ID of the UE is allowed to send a data packet to the application corresponding to the ID of the server and the ID of the APP, or the server corresponding to the ID corresponding to the ID of the UE is allowed to check the ID corresponding to the ID of the server. After transmitting the data packet, the second data packet is sent to the server. Of course, you can also perform a matching check on the IWF (or HSS).

S1403: The IWF searches for the corresponding SDT security context according to the ID of the UE, and verifies the MAC-I with the SDT security context. If the verification succeeds, the second data packet is sent to the server.

S1404: The server receives the second data packet, and verifies the MAC-I according to the SDT security context sent by the receiving IWF, and if the verification decrypts the second data packet by reusing the SDT security context.

Further, if it is necessary to return a corresponding data packet or ACK, the server transmits the data packet or ACK according to the SDT security context encryption or encryption and integrity protection (in addition, the ACK may not be encrypted) to the UE through the IWF and the MME.

In the secure transmission method of the data provided by the embodiment, the second data packet is encrypted or encrypted and integrity protected by the negotiated SDT security context of the IWF and the UE, and the MME verifies the authorization relationship, and the IWF or the HSS can also be used to verify the authorization relationship. The second data packet is sent to the server through the verification of the signature of the second data packet by the IWF. In the scenario that the small data between the UE and the server is transmitted through the T5 interface between the MME and the MTC-IWF, there is no corresponding security mechanism to protect the data transmission between the UE and the subscription server, and the system data transmission is improved. Security.

Furthermore, the secure transmission method of the data of the present invention also provides a security protection method for the data packets in combination with the embodiments shown in Figs. 10, 11 and Figs. The private key of the server is configured only on the server, and the server signs the first data packet with the private key. If encryption is required, the key negotiation is based on the technical solution shown in FIG. 12, and the SDT key is negotiated to perform the first data packet. encryption. Then: the server sends the downlink direction of the first data packet to the UE, the integrity protection is implemented by the signature generated by the public key of the server, and the encryption protection is implemented by the SDT security context negotiated by the IWF, and the specific process refers to the embodiment shown in FIG. 13; The uplink direction of the second data packet is sent by the UE to the server, and the embodiment shown in FIG. 14 is completed. All consistent.

Alternatively, the server using the PKI system and the public key of the UE are combined with the existing LTE NAS security method: The security between the UE and the MME depends on the NAS security and the security between the MME and the IWF depends on the network domain security (Network Domain Security, referred to as NDS) Security, IWF security and server security rely on NDS security, including Internet Protocol Security (IPsec) and Transport Layer Security (TLS). In the downstream direction, the server signs the first data packet with its private key, and the IWF, MME, and UE both query the public key of the server to verify the validity of the signature of the first data packet, and the first data packet of the server. The authorization is still verified by the IWF and/or HSS (optional, the IWF certificate and private key are configured on the IWF, the first data packet is signed by the IWF, and the security between the IWF and the server is guaranteed by the Internet Protocol security IPsec) The encryption of the first data packet is implemented by the NAS on the MME; in the uplink direction, it is completely protected by the NAS security, and the security between the IWF and the server is guaranteed by the IPsec. The MME is configured with the ID of the UE, the ID of the server, and the APP. The binding relationship of the ID, in order to check the data authorization of the UE's uplink second data packet. Only after the NAS integrity verification and authorization verification on the MME, the MME will send the second data packet to the IWF, otherwise block, so that the illegal data packet can be blocked as early as possible (optional, the authorization verification can be on the IWF or HSS) Carried on) .

The method for securely transmitting data provided by the embodiment of the present invention is mainly for small data transmission of machine type communication of the T5 interface, establishing a security association between the UE and the IWF, or establishing an end-to-end security association between the UE and the server. Therefore, the secure transmission of the machine-like data is ensured, and the secure transmission method and the transmission method of the data can be applied to a similar communication system or communication scenario, which is not limited by the present invention.

FIG. 15 is a schematic structural diagram of an embodiment of a UE according to the present invention. As shown in FIG. 15, the UE includes a transceiver module 151 and a processing module 152. The transceiver module 151 is configured to receive a first data packet sent by the server by using the interworking device IWF and the mobility management entity MME, where the first data packet carries an ID of the server or an ID of the IWF; 152. The public key and/or the SDT security context of the server is obtained according to an ID of the server in the first data packet or an ID of the IWF, where the server that is subscribed by the UE The public key is negotiated with the home subscriber server HSS to generate an SDT security context, which is stored on the UE, and is identified by an ID of the server or an ID of the IWF; the processing module 152 is further configured to a key and a private key of the UE, or the SDT security context, or the public of the server And the SDT security context, performing verification and decryption processing on the first data packet to obtain the decrypted first data packet.

The UE provided in this embodiment is used to perform the technical solution of the method shown in FIG. 1. The processing module performs verification and decryption on the downlink first data packet sent by the server received by the transceiver module to the UE, and decrypts the first data. The packet is sent to the corresponding application to complete the transmission of the small data. In the scenario where the small data between the UE and the server is transmitted through the T5 interface between the MME and the MTC-IWF, there is no corresponding security mechanism to protect the UE and the scenario. The problem of data transmission between the contracted servers improves the security of system data transmission.

Optionally, the transceiver module 151 is further configured to receive a key generation parameter that is sent by the HSS, where the processing module 152 is further configured to generate an SDT key according to the key generation parameter, where the processing module 152 further The SDT security protection algorithm is used to negotiate the SDT security protection algorithm in the non-access security mode command NAS SMC process, or the non-access stratum security algorithm negotiated in the non-access security mode command NAS SMC process as the SDT security protection algorithm.

Optionally, the processing module 152 is specifically configured to:

Optionally, the transceiver module 151 is further configured to receive the parameter sent by the HSS, where the parameter sent by the HSS includes at least one of an ID of the IWF, an ID of the APP, a random number RAND, and temporary data. .

The implementation manner of the above embodiment corresponds to the method embodiments 1 to 4 shown in FIG. For the technical solutions, methods, principles, and technical effects of the first to fourth embodiments, refer to the method embodiments, and details are not described herein again.

FIG. 16 is a schematic structural diagram of an embodiment of a server according to the present invention. As shown in FIG. 16, the server includes a processing module 161 and a transceiver module 162. The processing module 161 is configured to perform signature and encryption processing on the first data packet to be sent according to the private key of the server and the public key of the user equipment UE that is subscribed to the server, or according to the SDT security context. The first data packet is subjected to an encryption process or an encryption and integrity protection process, wherein the private key of the server and the public key of the UE that is contracted with the server are stored on the server, and the SDT security context is an interworking device. Sent by the IWF;

The transceiver module 162 is configured to send the encrypted first data packet to the UE by using the IWF and the mobility management entity MME, where the UE obtains the location according to the ID of the server in the first data packet. Describe the public key of the server and/or the SDT security context, and according to the public key of the server and the private key of the UE, or the SDT security context, or the public key of the server and the SDT security Context, performing verification and decryption processing on the first data packet to obtain the decrypted first data packet.

The server provided in this embodiment is configured to perform the method shown in FIG. 2, and the processing module encrypts and signs the first data packet to be sent according to the private key of the server and the public key of the UE, and encrypts the signature by the transceiver module. A data packet is sent to the UE through the IWF and the MME to complete downlink transmission of the data packet. The server strictly protects the secure transmission of the data packet between the UE and the server by signing and encrypting the data packet, thereby improving system data transmission. safety.

FIG. 17 is a schematic structural diagram of an embodiment of an IWF according to the present invention. As shown in FIG. 17, the IWF includes a transceiver module 171 and a processing module 172. The transceiver module 171 is configured to receive a first data packet sent by the server, where the first data packet includes an ID and a signature of the server, or an ID of the server and a MAC-I, and the processing module 172 is configured to: The public key of the server verifies the signature, or is used to verify the MAC-I according to an SDT security context, and send the first data packet to the UE through the mobility management entity MME after the verification is passed Or the processing module is further configured to: perform encryption and/or integrity protection processing on the first data packet according to the SDT security context, and send the first data packet to the UE by using a mobility management entity MME; The public key of the server and the public key of the UE that is contracted with the server are stored on the IWF, and the SDT security context is obtained in advance from the home subscriber server HSS. The IWF provided in this embodiment is used to perform the method shown in FIG. 3. The transceiver module receives the signed and encrypted first data packet signature sent by the server, and verifies the validity of the signature of the first data packet by using the processing module, or verifies The message authentication code MAC-I, if it is verified that the signature of the first data packet is valid or the MAC-I verification is passed, the first data packet is sent to the UE through the MME, and the downlink transmission of the small data packet is completed, and the IWF passes the The signature of the data packet and the verification of the MAC-I strictly protect the secure transmission of the data packet between the UE and the server, and improve the security of the system data transmission.

The SDT security protection algorithm includes: Key and the SDT security protection algorithm.

Optionally, the processing module 172 is configured to query and acquire a public key of the server according to the ID of the server, and verify, according to the public key of the server, whether the first data packet signature is valid. If the processing module 172 verifies that the first data packet signature is valid, the transceiver module 171 sends the first data packet to the UE through the MME;

Or,

When the first data packet further includes: an ID of the UE, the processing module 172 is configured to acquire the SDT security context according to the ID of the UE, and verify the MAC-I.

If the processing module 172 verifies that the first data packet signature is valid, the transceiver module 171 sends the first data packet to the UE through the MME;

Or,

When the first data packet further includes: an ID of the APP, the processing module 172 is configured to acquire the SDT security context according to the ID of the UE and the ID of the APP, and verify the MAC-I;

If the processing module 172 verifies that the first data packet MAC-I is valid, the transceiver module 171 sends the first data packet to the UE through the MME;

Or,

When the first data packet further includes: an ID of the UE and/or an ID of the APP, the processing module 172 is further configured to acquire the SDT security context according to the ID of the UE and/or the ID of the APP, where Decoding the first data for encryption and integrity protection;

The transceiver module 171 is further configured to send the processed first data packet to the UE by using the MME; or,

When the first data packet further includes: an ID of the UE and/or an ID of the APP, the processing module 172 is further configured to acquire the public key of the server according to the ID of the server, and according to the publicity of the server Key, verifying the signature; if the signature of the first data packet is valid, obtaining the corresponding SDT security context according to the ID of the user UE and/or the ID of the APP, and performing encryption processing on the first data, Or encryption and integrity protection processing;

The transceiver module 171 is further configured to send the processed first data packet to the UE by using the MME.

Optionally, if the first data packet includes the ID of the server and the ID of the UE, the processing module 172 is further configured to: according to the correspondence between the server and the UE saved in the pre-configured authorization list, Performing a matching check on the ID of the server in the first data packet and the ID of the UE. After checking that the correspondence between the server and the UE is correct, the transceiver module 171 will perform the first Transmitting a data packet to the UE by using the MME;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the processing module 172 is further configured to: according to the server, the UE, and the APP saved in the pre-configured authorization list. Corresponding relationship, performing matching check on the ID of the server in the first data packet, the ID of the UE, and the ID of the APP, and checking the correspondence between the server, the UE, and the APP After the relationship is correct, the transceiver module 171 sends the first data packet to the UE by using the MME;

Or,

If the ID of the server and the ID of the UE are included in the first data packet, the transceiver module 171 sends the ID of the server and the ID of the UE to the HSS for the HSS. Performing a matching check on the ID of the server in the first data packet and the ID of the UE according to the correspondence between the server and the UE saved in the pre-configured authorization list, and checking the server and the After the corresponding relationship of the UE is correct, the acknowledgment result is returned to the IWF, so that the IWF sends the first data packet to the UE by using the MME;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the transceiver module 171 sets the ID of the server, the ID of the UE, and the APP. The ID of the server is sent to the HSS for the HSS to associate with the server, the UE, and the APP in the pre-configured authorization list, the ID of the server in the first data packet, and the UE. Checking the ID and the ID of the APP, and after checking that the correspondence between the server, the UE, and the APP is correct, returning an acknowledgement result to the IWF, so that the IWF passes the first data packet. The MME sends the MME to the UE.

The implementation manners of the foregoing embodiments are the same as the method embodiments 6 to 8 of FIG. 3, and are used to implement the technical solutions of the sixth to eighth embodiments. The methods, principles, and technical effects can be referred to the method embodiments. Narration.

FIG. 18 is a schematic structural diagram of an embodiment of an MME according to the present invention. As shown in FIG. 18, the MME includes a transceiver module 181 and a processing module 182. The transceiver module 181 is configured to receive the first data packet sent by the interworking device IWF, where the first data packet includes: an ID of the user equipment UE, an ID and a signature of the server, and a processing module 182, configured to: according to the server a public key, the signature is verified; wherein the public key of the server is stored on the MME; the transceiver module 181 sends the first data packet to the server after the processing module verifies that the signature is valid Said UE.

The MME provided in this embodiment is configured to perform the method shown in FIG. 4, and the transceiver module receives the signed first encrypted data packet signature sent by the IWF, and validates the signature of the first data packet according to the public key of the server. The processing module determines that if the first data packet is sent to the UE corresponding to the ID of the UE after the verification is passed, the problem that the corresponding security mechanism protects the data packet between the UE and the server is solved, and the system data transmission is improved. safety.

FIG. 19 is a schematic structural diagram of an embodiment of an HSS according to the present invention. As shown in FIG. 19, the HSS includes a transceiver module 191 and a processing module 192. The transceiver module 191 is configured to receive an identifier of the user equipment UE sent by the mobility management entity MME and/or an ID of the interworking device IWF selected by the MME for the UE; the identifier includes an international mobile subscriber identity IMSI or temporary mobility a user identifier TMSI; a processing module 192, configured to query the subscription data of the UE according to the IMSI, and determine that the UE has the characteristics of the small data service, and is configured to acquire the subscription data of the UE according to the identifier, and determine that the UE has The SDT key is generated according to the key generation parameter that is acquired in advance; the transceiver module 191 is further configured to send the key generation parameter and the SDT key to the ID of the IWF. The IWF, and the key generation parameter is sent to the UE by the MME, for the UE to generate an SDT security context according to the key generation parameter, where the SDT security context includes the SDT key And SDT security protection algorithms. The HSS provided in this embodiment is used to perform the technical solution of the method embodiment shown in FIG. 5, and the processing module generates an SDT key according to the key generation parameter, and sends the parameter to the UE through the transceiver module, so that the UE can The key generates a parameter SDT security context, and informs the IWF of the SDT security context, so that the data packet can be encrypted, decrypted and integrity protected on the IWF and the UE during the data transmission process, and the corresponding security mechanism is protected from the data packet. The problem of transmission between the UE and the server improves the security of system data transmission.

Optionally, the transceiver module 191 is further configured to receive the first data packet sent by the IWF; if the first data packet includes an ID of the server and an ID of the UE, the processing module 192 Performing a matching check on the ID of the server in the first data packet and the ID of the UE according to the correspondence between the server and the UE saved in the pre-configured authorization list, and checking the server and the After the corresponding relationship of the UE is correct, the acknowledgment result is returned to the IWF, so that the IWF sends the first data packet to the UE by using the MME;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the processing module 192 is configured according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list. Performing a matching check on the ID of the server, the ID of the UE, and the ID of the APP in the first data packet, after checking that the correspondence between the server, the UE, and the APP is correct The transceiver module 191 returns an acknowledgement result to the IWF, so that the IWF sends the first data packet to the UE by using the MME.

Optionally, after the sending and receiving module 191 sends the SDT key to the IWF corresponding to the ID of the IWF, the transceiver module 191 is further configured to send the ID of the IWF to the The UE is configured to enable the UE to generate an SDT key according to the ID of the IWF and send an SDT security protection algorithm to the IWF by using an MME, where a correspondence between the UE and the IWF is stored in the HSS.

Optionally, the parameter sent by the transceiver module 191 to the UE includes at least one of an ID of the IWF, an ID of an application APP, a random number RAND, and temporary data, where the temporary data is in the After the processing module 192 determines that the UE has the characteristics of the small data service, the generated parameters for generating the SDT key are generated;

The key generation parameter includes a generation parameter of the SDT key.

The implementation manner of the above embodiment corresponds to the method embodiments 10 and 11 shown in FIG. 5, and is used for For the technical solutions of the tenth embodiment and the eleventh embodiment, the method, the principle, and the technical effects can be referred to the method embodiments, and details are not described herein again.

FIG. 20 is a schematic structural diagram of still another embodiment of a UE according to the present invention. As shown in FIG. 20, the UE includes a processing module 201 and a transceiver module 202. The processing module 201 is configured to perform encryption and/or signature processing on the second data packet according to the private key of the UE and the public key of the server, or encrypt the second data packet according to an SDT security context. An integrity protection process; wherein, the private key of the UE and the public key of the server that is contracted with the UE or negotiate with the home subscriber server HSS to generate an SDT security context is stored on the UE; The processed second data packet is sent to the server through the mobility management entity MME and the interworking device IWF.

The UE provided in this embodiment is used to perform the technical solution of the embodiment shown in FIG. 6. The processing module encrypts or encrypts the second data packet to be sent to the server according to the private key of the UE and the public key of the server or the SDT security context. And integrity protection, the transceiver module sends to the server through the MME and the IWF, completes the uplink transmission of the data packet, through signature encryption, and integrity protection, and solves the problem that no corresponding security mechanism protects the transmission of the data packet between the UE and the server. The problem is to improve the security of system data transmission.

Optionally, the transceiver module 202 is further configured to receive a key generation parameter that is sent by the HSS, where the processing module 201 is further configured to generate an SDT key according to the key generation parameter, where the processing module 201 further The SDT security protection algorithm is used to negotiate the SDT security protection algorithm in the non-access security mode command NAS SMC process, or the non-access stratum security algorithm negotiated in the non-access security mode command NAS SMC process as the SDT security protection algorithm.

Optionally, the processing module 201 is specifically configured to: sign the second data packet according to the private key of the UE, and perform encryption processing on the second data packet according to the public key of the server;

The transceiver module 202 is further configured to send the processed second data packet to the server by using the MME and the IWF, where the server obtains the identifier according to the ID of the UE in the second data packet. And verifying, by the public key of the UE, whether the signature in the processed second data packet is valid according to the public key of the UE, and if the verification is valid, pairing the processed second data according to the private key of the server The packet is decrypted.

Optionally, the processing module 201 is further configured to perform encryption or encryption and integrity protection processing on the second data packet according to the SDT security context. The transceiver module 202 is further configured to send the processed second data packet that carries the MAC-I to the server, where the IWF or the server is configured according to the UE in the processed second data packet. Determining, by the ID, the SDT security context, and verifying the MAC-I in the second packet after the security protection according to the SDT security context, and if the verification is valid, processing the processed second data packet Decrypt.

Optionally, the transceiver module 202 is further configured to receive the parameter sent by the HSS, where the parameter sent by the HSS includes at least one of an ID of the IWF, an ID of the APP, a random number RAND, and temporary data. The key generation parameter includes a generation parameter of the SDT key.

The implementation manners of the foregoing embodiments are the same as those of the method embodiments 12 and 13 shown in FIG. 6 , and are used to implement the technical solutions of the twelfth and thirteenth embodiments. The method, the principle, and the technical effects can be referred to the method embodiments. I will not repeat them here.

FIG. 21 is a schematic structural diagram of still another embodiment of a server according to the present invention. As shown in FIG. 21, the server includes: a transceiver module 211 and a processing module 212. The transceiver module 211 is configured to receive the processed second data packet sent by the interworking device IWF. The processing module 212 is configured to perform, according to the public key of the user equipment UE and the private key of the server, the second data packet. Signature verification and decryption, or searching for the SDT security context according to the ID of the UE and/or the ID of the IWF, performing integrity verification and decryption on the processed second data packet; wherein, the private key and the server of the server The public key of the UE that is subscribed by the server is stored on the server, and the SDT security context is sent by the interworking device IWF.

The server provided in this embodiment is used to perform the technical solution of the method shown in FIG. 7. The transceiver module receives the second data packet, and the processing module passes the MME according to the private key of the server and the public key of the UE or the SDT security context. And the second data packet sent by the IWF performs integrity verification and decryption, completes the uplink transmission of the data packet, and the server solves the problem that there is no corresponding security mechanism to protect the data packet in the UE and the server through the signature verification and decryption process of the data packet. The problem of transmission between the two, to improve the security of system data transmission.

FIG. 22 is a schematic structural diagram of still another embodiment of an IWF according to the present invention. As shown in FIG. 22, the IWF includes a transceiver module 221 and a processing module 222. The transceiver module 221 is configured to receive the processed second data packet sent by the user equipment UE by using the mobility management entity MME, where the processed second data packet includes an ID and a signature of the UE, or the UE ID and MAC-I; processing module 222, configured to use the public key or SDT security context of the UE, the signature or MAC-I The public key of the UE is stored on the IWF, and the SDT security context is obtained from the home subscriber server HSS in advance; the transceiver module 221 is further configured to: after the verification is passed, the processing is performed. The second packet is sent to the server.

The IWF provided in this embodiment is used to perform the method shown in FIG. 8. The processing module sends the second data sent by the UE received by the transceiver module to the UE through the MME according to the public key of the server and the public key of the UE or the SDT security context. The packet is verified by the signature or verified by the MAC-I, and the second data packet that is verified is sent to the server to complete the uplink transmission of the data packet. The server solves the problem of no corresponding security by verifying and decrypting the data packet. The mechanism protects the transmission of data packets between the UE and the server, and improves the security of system data transmission.

Optionally, the processing module 222 is further configured to verify, according to the public key of the UE, whether the signature of the processed second data packet is valid.

The transceiver module 221 is further configured to: when the processing module 222 verifies that the signature of the processed second data packet is valid, send the second data packet to a server;

Or,

The processing module 222 is configured to verify, according to the SDT security context, the MAC-I of the processed second data packet.

The transceiver module 221 is further configured to: after the processing module 222 verifies that the MAC-I of the processed second data packet is valid, decrypt the processed second data packet and send the processed data packet to the server. .

Optionally, it also includes:

If the first data packet includes the ID of the server and the ID of the UE, the processing module 222 is configured to be in the first data packet according to the correspondence between the server and the UE saved in the pre-configured authorization list. Performing a matching check on the ID of the server and the ID of the UE. After checking that the correspondence between the server and the UE is correct, the transceiver module 221 sends the second data packet to the server. ;

Or,

If the first data packet includes an ID of the server, an ID of the UE, and the APP ID of the server, the ID of the UE, and the APP in the first data packet according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list. The ID is matched, and after the server, the UE, and the APP are in the correct relationship, the transceiver module 221 sends the second data packet to the server; or

If the second data packet includes the ID of the server and the ID of the UE, the transceiver module 221 sends the ID of the server and the ID of the UE to the HSS, so that the HSS is based on the advance. Corresponding relationship between the server and the UE saved in the configured authorization list, performing matching check on the ID of the server in the second data packet and the ID of the UE, and checking the server and the UE After the correspondence is correct, the second data packet is sent to the server;

Or,

If the second data packet includes the ID of the server, the ID of the UE, and the ID of the application APP, the transceiver module 221 sets the ID of the server, the ID of the UE, and the ID of the APP. Sending to the HSS, for the HSS, according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list, the ID of the server in the second data packet, the ID of the UE, and the APP The ID is checked, and after checking that the correspondence between the server, the UE, and the APP is correct, the second data packet is sent to the server.

The implementation manners of the foregoing embodiments are the same as the method embodiments 15 and 16 shown in FIG. 8 , and are used to implement the technical solutions of the fifteenth embodiment and the sixteenth embodiment. The method, the principle, and the technical effects can be referred to the method implementation. For example, it will not be described here.

FIG. 23 is a schematic structural diagram of still another embodiment of an MME according to the present invention. As shown in FIG. 23, the MME includes a transceiver module 231 and a processing module 232. The transceiver module 231 is configured to receive the processed second data packet sent by the user equipment UE, where the second data packet includes: an ID of the UE, an ID and a signature of the server, and a processing module 232, configured to The public key of the UE is used to verify the signature; wherein the public key of the UE is stored on the MME; the transceiver module 231 is further configured to: after verifying that the signature is valid, the second data The packet is sent to the interworking device IWF.

The MME provided in this embodiment is used to perform the technical solution of the method shown in FIG. 9. The processing module performs signature verification on the second data packet sent by the UE received by the transceiver module, and the transceiver module verifies the passed second data packet. The IWF sends the packet to the server to complete the uplink transmission of the data packet. The MME solves the problem that there is no corresponding security mechanism to protect the data packet in the UE and the signature verification of the data packet. The problem of transmission between servers improves the security of system data transmission.

Optionally, if the second data packet includes the ID of the server and the ID of the UE, the processing module 232 is further configured to: according to the pre-configured authorization list, the second data packet Performing matching check on the ID of the server and the ID of the UE in the second data packet according to the ID of the server and the ID of the UE according to the correspondence between the server and the UE saved in the authorization list After the correspondence between the server and the UE is checked, the transceiver module 231 sends the second data packet to the server;

Or,

If the second data packet includes the ID of the server, the ID of the UE, and the ID of the application APP, the processing module 232 is further configured to: according to the pre-configured authorization list, in the second data packet The ID of the server, the ID of the UE, and the ID of the APP, according to the correspondence between the server, the UE, and the APP stored in the authorization list, the ID of the server in the second data packet, Performing a matching check on the ID of the UE and the ID of the APP. After checking that the correspondence between the server, the UE, and the APP is correct, the transceiver module 231 sends the second data packet to The server.

The implementation manner of the foregoing embodiment is the same as the method embodiment shown in FIG. 8 and is used to implement the technical solution shown in FIG. 8. The method, the principle, and the technical effect can be referred to the method embodiment, and details are not described herein again.

FIG. 24 is a schematic structural diagram of another embodiment of a UE according to the present invention. As shown in FIG. 24, the UE includes: a transceiver 241 and a processor 242, where the transceiver 241 is configured to receive the server through the interworking device IWF and mobility management. a first data packet sent by the entity MME, where the first data packet carries an ID of the server or an ID of the IWF; the processor 241 is configured to: according to the ID of the server in the first data packet, or the ID of the IWF, obtaining the public key of the server and/or the SDT security context, wherein the public key of the server subscribed by the UE or negotiated with the home subscriber server HSS to generate an SDT security context is stored on the UE, and Identifying by the ID of the server or the ID of the IWF; the processor 242 is further configured to use the public key of the server and the private key of the UE, or the SDT security context, or the server The public key and the SDT security context perform verification and decryption processing on the first data packet to obtain a decrypted first data packet.

The technical solution provided by the UE in this embodiment is used to perform the method shown in FIG. 1 , and the execution method, the principle, and the technical effect are similar, and the server sends the server received by the transceiver to the UE. The first data packet is verified and decrypted, and the decrypted first data packet is sent to the corresponding application through the transceiver, and the small data transmission is completed, and the small data between the UE and the server is solved through the MME and the MTC- In the scenario of T5 interface transmission between IWFs, there is no corresponding security mechanism to protect the data transmission between the UE and the subscription server, and improve the security of system data transmission.

On the basis of the foregoing embodiment, the transceiver 241 is further configured to receive a key generation parameter sent by the HSS, where the processor 242 is further configured to generate the SDT key according to the key generation parameter. And the SDT security protection algorithm is negotiated in the non-access security mode command NAS SMC process, or the non-access stratum security algorithm negotiated in the non-access security mode command NAS SMC process is used as the SDT security protection algorithm.

Optionally, the processor 242 is specifically configured to:

Optionally, the processor 242 is further configured to: verify, according to the SDT security context, the message authentication code MAC-I in the first data packet; if the verification succeeds, decrypt the first data packet And obtaining the decrypted first data packet.

Optionally, the processor 242 is further configured to: verify, according to the public key of the server, whether the signature in the first data packet is valid; if the signature of the first data packet is valid, according to the SDT The security context decrypts the first data packet, or performs integrity verification and decryption processing on the first data packet according to the SDT security context to obtain the decrypted first data packet.

Optionally, the parameter that the transceiver 241 receives from the HSS includes at least one of an ID of the IWF, an ID of the APP, a random number RAND, and temporary data; the key generation parameter includes the a generation parameter of the SDT key; wherein the generation parameter of the SDT key includes an access security management entity key, an integrity protection key IK, an encryption key CK, an ID of the IWF, an ID of the UE, or At least one of an international mobile subscriber identity IMSI, an ID of the APP, the RAND, the temporary data, and an SDT key label.

The UE provided in this embodiment is used to perform the technical solutions in the first and third embodiments, and the technical solutions shown in FIG. 10, FIG. 12 and FIG. 13 , and the implementation principles and technical effects are similar, and details are not described herein again.

25 is a schematic structural diagram of another embodiment of a server according to the present invention, as shown in FIG. The server includes: a processor 251 and a transceiver 252, wherein the processor 251 is configured to perform signature and encryption processing on the first data packet to be sent according to the private key of the server and the public key of the user equipment UE that is contracted with the server. Or performing encryption processing or encryption and integrity protection processing on the first data packet according to an SDT security context, where the private key of the server and the UE public key subscribed to the server are stored on the server The SDT security context is sent by the interworking device IWF; the transceiver 252 is configured to send the encrypted first data packet to the UE by using the IWF and the mobility management entity MME; Determining the ID of the server in the first data packet, obtaining the public key of the server and/or the SDT security context, and according to the public key of the server and the private key of the UE, or the SDT security context, Or performing verification and decryption processing on the first data packet with the public key of the server and the SDT security context to obtain the decrypted first data packet.

The server provided in this embodiment corresponds to the method embodiment provided by FIG. 2 of the present invention. The server is used to implement the technical solution of the method shown in FIG. 2, and the processor is based on the private key of the server and the private key of the UE or The SDT security context performs encryption processing or encryption and integrity protection processing on the first data packet to be sent, and the transceiver sends the first data packet encrypted by the identifier to the UE through the IWF and the MME, so that the UE can verify the first data. The validity of the signature of the packet, or verifying the message authentication code MAC-I, decrypting the first data packet, and transmitting the decrypted first data packet to the corresponding APP, completing the downlink transmission of the data packet, the server Through the signature and encryption process of the data packet, the secure transmission of the data packet between the UE and the server is strictly protected, and the security of the system data transmission is improved.

FIG. 26 is a schematic structural diagram of another embodiment of an IWF according to the present invention. As shown in FIG. 26, the IWF includes: a transceiver 261 and a processor 262, where the transceiver 261 is configured to receive a first data packet sent by the server, where The first data packet includes an ID and a signature of the server, or an ID of the server and a MAC-I; a processor 262, configured to verify the signature according to the public key of the server, or used to secure according to SDT Context, the MAC-I is verified, and the first data packet is sent to the UE by using the mobility management entity MME after the verification is passed; or the processing module is further configured to: according to the SDT security context The first data packet is subjected to an encryption and/or integrity protection process, and the first data packet is sent to the UE by the mobility management entity MME; wherein the public key of the server and the UE that is contracted with the server The public key is stored on the IWF, and the SDT security context is obtained in advance from the home subscriber server HSS. The IWF provided in this embodiment is used to implement the technical solution of the method embodiment shown in FIG. 3, and the implementation principle and the technical effect are similar, by using the public key of the stored server and the public key of the UE that is contracted with the server, or SDT. The security context, the transceiver receives the signed and encrypted first data packet signature sent by the server, and verifies the validity of the signature of the first data packet, or verifies the message authentication code MAC-I, if the signature of the first data packet is verified After the valid or MAC-I verification is passed, the transceiver sends the first data packet to the UE through the MME to complete downlink transmission of the small data packet, and the IWF strictly protects the data by signing the data packet and verifying the MAC-I. Secure transmission between the UE and the server to improve the security of system data transmission.

On the basis of the foregoing embodiment, the transceiver 261 is further configured to receive an SDT key sent by the HSS, where the transceiver 261 is further configured to receive an SDT security protection algorithm sent by the UE by using the MME, where The SDT security context includes the SDT key and the SDT security protection algorithm.

Optionally, the processor 262 is further configured to query and acquire a public key of the server according to the ID of the server, and verify, according to the public key of the server, whether the first data packet signature is valid; Verifying that the first data packet signature is valid, the transceiver 261 is further configured to send the first data packet to the UE by using the MME;

Or,

When the first data packet further includes: an ID of the UE, the processor 262 is further configured to acquire the SDT security context according to the ID of the UE, and verify the MAC-I;

If the MAC-I is valid, the transceiver 261 is further configured to send the first data packet to the UE by using the MME;

Or,

When the first data packet further includes: an ID of the APP, the processor 262 is further configured to acquire the SDT security context according to the ID of the UE and the ID of the APP, and verify the MAC-I;

If the first data packet MAC-I is valid, the transceiver 261 is further configured to send the first data packet to the UE by using the MME;

Or,

When the first data packet further includes: an ID of the UE and/or an ID of the APP, the processor 262 is further configured to acquire the SDT security context according to the ID of the UE and/or the ID of the APP, where The first data is subjected to encryption and integrity protection processing; the transceiver 261 sends the processed first data packet to the UE through the MME;

Or,

When the first data packet further includes: an ID of the UE and/or an ID of the APP, the processor 262 is further configured to acquire the public key of the server according to the ID of the server, and according to the publicity of the server Key, verifying the signature; if the signature of the first data packet is valid, obtaining the SDT security context according to the ID of the user UE and/or the ID of the APP, encrypting the first data, or encrypting And the integrity protection process, the transceiver 261 sends the processed first data packet to the UE by using the MME.

Optionally, if the first data packet includes the ID of the server and the ID of the UE, the processor 262 is further configured to: according to the correspondence between the server and the UE saved in the pre-configured authorization list, Performing a matching check on the ID of the server in the first data packet and the ID of the UE. After checking that the correspondence between the server and the UE is correct, the transceiver 261 will perform the first Transmitting a data packet to the UE by using the MME;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the processor 262 is further configured to: according to the server, the UE, and the APP saved in the pre-configured authorization list. Corresponding relationship, performing matching check on the ID of the server in the first data packet, the ID of the UE, and the ID of the APP, and checking the correspondence between the server, the UE, and the APP After the relationship is correct, the transceiver 261 sends the first data packet to the UE by using the MME;

Or,

And if the ID of the server and the ID of the UE are included in the first data packet, the transceiver 261 is further configured to send the ID of the server and an ID of the UE to the HSS, where The HSS performs a matching check on the ID of the server in the first data packet and the ID of the UE according to the correspondence between the server and the UE saved in the pre-configured authorization list, and checks the server. After the corresponding relationship with the UE is correct, the acknowledgment result is returned to the IWF, so that the transceiver 261 sends the first data packet to the UE by using the MME;

Or,

If the first data packet includes an ID of the server, an ID of the UE, and the APP ID, the transceiver 261 is further configured to send the ID of the server, the ID of the UE, and the ID of the APP to the HSS, for the HSS to save according to a pre-configured authorization list. Corresponding relationship between the server, the UE, and the APP, performing matching check on the ID of the server in the first data packet, the ID of the UE, and the ID of the APP, and checking the server, the UE, and After the corresponding relationship of the APP is correct, the confirmation result is returned to the IWF, so that the transceiver 261 sends the first data packet to the UE by using the MME.

The IWF provided in this embodiment is used to perform the technical solutions shown in Embodiments 6 to 8 and 10, 12, and 13. The implementation methods, principles, and technical effects can be referred to the method embodiments. Narration.

FIG. 27 is a schematic structural diagram of another embodiment of an MME according to the present invention. As shown in FIG. 26, the MME includes: a transceiver 271 and a processor 272. The transceiver 271 is configured to receive a first data packet sent by the interworking device IWF. The first data packet includes: an ID of the user equipment UE, an ID of the server, and a signature; the processor 272 is configured to verify the signature according to the public key of the server; where the public key storage of the server On the MME, the transceiver 271 sends the first data packet to the UE after the processor 272 verifies that the signature is valid.

The MME provided in this embodiment is used to perform the technical solution of the method embodiment shown in FIG. 4, and the execution method, the principle, and the technical effect are similar. The public key of the saved server and the public key of the UE that is contracted with the server are used. The transceiver receives the signed and encrypted first data packet signature sent by the IWF, and the processor verifies the validity of the signature of the first data packet according to the public key of the server, and if the verification sends the first data packet to the transceiver The UE corresponding to the ID of the UE solves the problem that the corresponding security mechanism protects the transmission of the data packet between the UE and the server, and improves the security of the system data transmission.

FIG. 28 is a schematic structural diagram of another embodiment of an HSS according to the present invention. As shown in FIG. 28, the HSS includes: a transceiver 281 and a processor 282, where the transceiver 281 is configured to receive an identifier of the user equipment UE sent by the mobility management entity MME. And/or the MME is an ID of the interworking device IWF selected by the UE; the identifier includes an international mobile subscriber identity (IMSI) or a temporary mobile subscriber identity (TMSI), and the processor 282 is configured to acquire the subscription data of the UE according to the identifier. And determining, by the UE, that the UE has the characteristics of the small data service, generating an SDT key according to the previously generated key generation parameter; the transceiver 281 is further configured to send the key generation parameter and the SDT key to An IWF corresponding to the ID of the IWF, and sending the key generation parameter to the UE by using the MME, for the UE Generating an SDT security context according to the key generation parameter, where the SDT security context includes the SDT key and an SDT security protection algorithm.

The HSS provided in this embodiment is used to perform the method shown in FIG. 5 or the technical solution, and the SDT key is generated by the processor according to the key generation parameter, and the transceiver sends the parameter to the UE, so that the UE can use the key according to the key. Generating a parameter SDT security context and informing the IWF of the SDT security context, so that the data packet can be encrypted and decrypted and integrity protected on the IWF and the UE during the data transmission process, and the corresponding security mechanism is not protected in the UE. The problem of transmission between the server and the server improves the security of system data transmission.

On the basis of the foregoing embodiment, the transceiver 281 is further configured to receive a first data packet sent by the IWF; if the first data packet includes an ID of the server and an ID of the UE, The processor 282 is further configured to perform, according to the correspondence between the server and the UE saved in the pre-configured authorization list, the ID of the server in the first data packet and the ID of the UE, and check After checking that the corresponding relationship between the server and the UE is correct, the transceiver 281 returns an acknowledgement result to the IWF, so that the IWF sends the first data packet to the UE by using the MME;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the processor 282 is further configured to use the server, the UE, and the APP saved according to the pre-configured authorization list. Corresponding relationship, performing matching check on the ID of the server in the first data packet, the ID of the UE, and the ID of the APP, and checking the correspondence between the server, the UE, and the APP After the relationship is correct, the transceiver 281 returns an acknowledgement result to the IWF, so that the IWF sends the first data packet to the UE through the MME.

Optionally, after the transceiver 281 is further configured to send the SDT key to the IWF corresponding to the ID of the IWF, send the ID of the IWF to the UE by using the MME, so that The UE generates an SDT key according to the ID of the IWF and sends an SDT security protection algorithm to the IWF through the MME, where the correspondence between the UE and the IWF is stored in the HSS.

Optionally, the parameter that is sent by the transceiver 281 to the UE includes at least one of an ID of the IWF, an ID of an application APP, a random number RAND, and temporary data, where the temporary data is in the After the HSS determines that the UE has the characteristics of a small data service, the HSS generates a parameter for generating an SDT key; the key generation parameter includes a generation parameter of the SDT key; wherein the generation parameter of the SDT key is an access security management entity key, an integrity protection key IK And an encryption key CK, an ID of the IWF, an ID of the UE or an international mobile subscriber identity IMSI, an ID of the APP, the RAND, the temporary data, and an SDT key label.

The HSS provided in this embodiment is used to implement the technical solutions shown in the tenth and eleventh embodiments, and the technical solutions shown in FIG. 10 and FIG. 13 , and the implementation methods, principles, and technical effects are similar, and details are not described herein again.

FIG. 29 is a schematic structural diagram of still another embodiment of a UE according to the present invention. As shown in FIG. 29, the UE includes: a processor 291 and a transceiver 292, where the processor 291 is configured to use a private key of the UE and a public key of the server. Performing encryption and/or signature processing on the second data packet, or performing encryption and/or integrity protection processing on the second data packet according to the SDT security context; wherein the private key of the UE and the subscription with the UE The public key of the server is negotiated with the home subscriber server HSS to generate an SDT security context, and the transceiver 292 is configured to send the processed second data packet to the mobility management entity MME and the interworking device IWF. Said server.

The UE provided in this embodiment is used to perform the technical solution of the method embodiment shown in FIG. 6. The implementation principle and the technical effect are similar. The private key saved by the processor and the public key of the server with which the server is subscribed, or SDT security context, the processor will encrypt or encrypt and protect the second data packet sent by the server. The transceiver sends the data packet to the server through the MME and the IWF, completes the uplink transmission of the data packet, encrypts by signature, and protects the integrity. , solve the problem that there is no corresponding security mechanism to protect the transmission of the data packet between the UE and the server, and improve the security of the system data transmission.

Optionally, the transceiver 292 is further configured to receive a key generation parameter that is sent by the HSS, where the processor 291 is further configured to generate an SDT key according to the key generation parameter, where the processor 291 further The SDT security protection algorithm is used to negotiate the SDT security protection algorithm in the non-access security mode command NAS SMC, or the non-access stratum security algorithm negotiated in the non-access security mode command NAS SMC process as the SDT security protection algorithm.

Optionally, the processor 291 is further configured to: sign the second data packet according to the private key of the UE, and perform encryption processing on the second data packet according to the public key of the server;

The transceiver 292 is further configured to send the processed second data packet to the server by using the MME and the IWF, for the server to use, according to the ID of the UE in the second data packet. Obtaining a public key of the UE, and verifying, according to the public key of the UE, whether the signature in the processed second data packet is valid, and if the verification is valid, performing the processed according to the private key of the server The second data packet is decrypted.

Optionally, the processor 291 is further configured to perform encryption or encryption and integrity protection processing on the second data packet according to the SDT security context.

The transceiver 292 is further configured to send the processed second data packet carrying the MAC-I to the IWF or the server, where the IWF or the server is configured according to the processed second data packet. Obtaining, by the ID of the UE, the SDT security context, and verifying the MAC-I in the second packet after the security protection according to the SDT security context, and if the verification is valid, performing the second processing The packet is decrypted.

Optionally, the parameter sent by the HSS received by the transceiver 292 includes at least one of an ID of the IWF, an ID of an application APP, a random number RAND, and temporary data; the key generation parameter includes the a generation parameter of the SDT key; wherein the generation parameter of the SDT key is an access security management entity key, an integrity protection key IK, an encryption key CK, an ID of the IWF, an ID of the UE, or At least one of an international mobile subscriber identity IMSI, an ID of the APP, the RAND, the temporary data, and an SDT key label.

The UE provided in this embodiment is used to perform the technical solutions of the method embodiments 12 to 14 and FIG. 11 and FIG. 14 , and the execution methods, principles, and technical effects thereof are similar, and details are not described herein again.

FIG. 30 is a schematic structural diagram of still another embodiment of a server according to the present invention. As shown in FIG. 30, the server includes: a transceiver 301 and a processor 302, and a transceiver 301, configured to receive a processed second sent by the interworking device IWF. The processor 302 is configured to perform signature verification and decryption on the second data packet according to the public key of the user equipment UE and the private key of the server, or search according to the ID of the UE and/or the ID of the IWF. An SDT security context, performing integrity verification and decryption on the processed second data packet; wherein the private key of the server and the public key of the UE that is contracted with the server are stored on the server, where The SDT security context is sent by the interworking device IWF.

The server provided in this embodiment is used to execute the technical solution of the method embodiment shown in FIG. 7. The execution method, the principle, and the technical effect are similar. The private key saved by the processor and the public key of the UE that is contracted by the server are similar. Or the SDT security context, the processor performs verification and decryption of the signature of the second data packet sent by the UE through the MME and the IWF, or the verification of the MAC-I. Decryption, complete the uplink transmission of the data packet, the server solves the problem that the corresponding security mechanism protects the transmission of the data packet between the UE and the server by the signature verification and decryption process of the data packet, and improves the security of the system data transmission. .

FIG. 31 is a schematic structural diagram of still another embodiment of an IWF according to the present invention. As shown in FIG. 31, the IWF includes: a transceiver 311 and a processor 312, where the transceiver 311 is configured to receive, by the user equipment, the UE, that the UE is sent by the mobility management entity MME. The processed second data packet, the processed second data packet includes an ID and a signature of the UE, or an ID of the UE and a MAC-I; and a processor 312, configured to be used according to the UE The key or the SDT security context is used to verify the signature or the MAC-I; wherein the public key of the UE is stored on the IWF, and the SDT security context is obtained in advance from the home subscriber server HSS; The device 311 is further configured to send the processed second data packet to the server after the verification is passed.

The IWF provided in this embodiment is used to perform the technical solution of the method embodiment shown in FIG. 8. The implementation principle and the technical effect are similar. The public key of the server and the public key of the UE that is contracted with the server are pre-configured by the processor, or Acquiring the SDT security context negotiated by the UE and the HSS, performing signature verification or MAC-I verification on the second data packet sent by the UE received by the transceiver, and transmitting, by the transceiver, the second data packet that is verified to be sent to the server, After the uplink transmission of the data packet is completed, the server solves the problem that the corresponding security mechanism protects the transmission of the data packet between the UE and the server by the signature verification and decryption process of the data packet, thereby improving the security of the system data transmission.

Optionally, the transceiver 311 is further configured to receive an SDT key that is sent by the HSS, where the transceiver 311 is further configured to receive an SDT security protection algorithm that is sent by the UE by using the MME, where the SDT is The security context includes the SDT key and the SDT security protection algorithm.

Optionally, the processor 312 is further configured to verify, according to the public key of the UE, whether the signature of the processed second data packet is valid.

And if the verification of the processed second data packet signature is valid, the transceiver 311 is further configured to send the processed second data packet to the server;

Or,

The processor 312 is further configured to verify, according to the SDT security context, the MAC-I of the processed second data packet.

If the MAC-I of the processed second data packet is verified to be valid, the transceiver 311 The method further includes: decrypting the processed second data packet, and transmitting the processed data packet to the server. Optionally, before the transceiver 311 sends the second data packet to the server, the method further includes:

If the first data packet includes the ID of the server and the ID of the UE, the processor 312 is further configured to: according to the correspondence between the server and the UE saved in the pre-configured authorization list, the first Performing a matching check on the ID of the server in the data packet and the ID of the UE. After checking that the correspondence between the server and the UE is correct, the transceiver 311 sends the second data packet to The server;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the processor 312 is further configured to: according to the server, the UE, and the APP saved in the pre-configured authorization list. Corresponding relationship, performing matching check on the ID of the server in the first data packet, the ID of the UE, and the ID of the APP, and checking the correspondence between the server, the UE, and the APP After the relationship is correct, the transceiver 311 sends the second data packet to the server; or

If the second data packet includes the ID of the server and the ID of the UE, the transceiver 311 is further configured to send the ID of the server and the ID of the UE to the HSS, where The HSS performs a matching check on the ID of the server in the second data packet and the ID of the UE according to the correspondence between the server and the UE saved in the pre-configured authorization list, and checks the server and the server. After the correspondence between the UEs is correct, the second data packet is sent to the server; or

If the second data packet includes the ID of the server, the ID of the UE, and the ID of the application APP, the transceiver 311 is further configured to use an ID of the server, an ID of the UE, and the The ID of the APP is sent to the HSS, and the ID of the server and the ID of the UE in the second data packet are used by the HSS according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list. And performing matching check with the ID of the APP, and after checking that the correspondence between the server, the UE, and the APP is correct, sending the second data packet to the server.

The IWF provided in this embodiment is used in the technical solutions shown in the fifteenth, sixteenth, and FIG. 11 and FIG. 14 of the method embodiments, and the execution method, the principle, and the technical effects are similar, and details are not described herein again.

FIG. 32 is a schematic structural diagram of still another embodiment of an MME according to the present invention. As shown in FIG. The transceiver 321 and the processor 322, the transceiver 321 is configured to receive the processed second data packet sent by the user equipment UE, where the second data packet includes: an ID of the UE, an ID of the server, and a signature; The processor 322 is configured to verify the signature according to the public key of the UE, where the public key of the UE is stored on the MME, and the transceiver 321 is further configured to verify that the signature is valid. Then, the second data packet is sent to the interworking device IWF.

The MME provided in this embodiment is used to perform the technical solution of the method embodiment shown in FIG. 9. The implementation principle and the technical effect are similar. The transceiver receives the public key of the stored server and the public key of the UE that is contracted with the transceiver. The second data packet sent by the UE is used for verification of the signature, and the transceiver sends the second data packet that is verified to be sent to the server through the IWF, and completes the uplink transmission of the data packet. The MME solves the problem by verifying the signature of the data packet. The security mechanism protects the transmission of data packets between the UE and the server, improving the security of system data transmission.

Optionally, if the second data packet includes the ID of the server and the ID of the UE, the processor 322 is further configured to: according to the pre-configured authorization list, the second data packet Performing matching check on the ID of the server and the ID of the UE in the second data packet according to the ID of the server and the ID of the UE according to the correspondence between the server and the UE saved in the authorization list After checking that the corresponding relationship between the server and the UE is correct, the transceiver 321 is further configured to send the second data packet to the server by using an IWF;

Or,

If the second data packet includes the ID of the server, the ID of the UE, and the ID of the application APP, the processor 322 is further configured to use, according to the pre-configured authorization list, the second data packet. The ID of the server, the ID of the UE, and the ID of the APP, according to the correspondence between the server, the UE, and the APP stored in the authorization list, the ID of the server in the second data packet, Performing a matching check on the ID of the UE and the ID of the APP. After checking that the correspondence between the server, the UE, and the APP is correct, the transceiver 321 is further configured to use the second data. The packet is sent to the server via the IWF.

The MME provided in this embodiment is used to perform the technical solutions shown in the seventeenth and eighteenth embodiments, and the technical solutions shown in FIG. 11 and FIG. 14 , and the implementation methods, principles, and technical effects are similar, and details are not described herein.

It will be understood by those skilled in the art that all or part of the steps of implementing the above method embodiments may be performed by hardware related to the program instructions. The aforementioned program can be stored in a computer Read in the storage medium. The program, when executed, performs the steps including the foregoing method embodiments; and the foregoing storage medium includes: a medium that can store program codes, such as a ROM, a RAM, a magnetic disk, or an optical disk.

Finally, it should be noted that the above embodiments are only for explaining the technical solutions of the present invention, and are not intended to be limiting thereof; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art will understand that The technical solutions described in the foregoing embodiments may be modified, or some or all of the technical features may be equivalently replaced; and the modifications or substitutions do not deviate from the technical solutions of the embodiments of the present invention. range.

Claims

Claim

A method for securely transmitting data, characterized in that it comprises:

The user equipment UE receives the first data packet sent by the server through the interworking device IWF and the mobility management entity MME, where the first data packet carries an ID of the server or an ID of the IWF; the UE is configured according to the first data. Obtaining, by the ID of the server or the ID of the IWF, the public key of the server and/or the SDT security context, where the public key of the server subscribed by the UE is negotiated with the home user server HSS An SDT security context is stored on the UE, and is identified by an ID of the server or an ID of the IWF;

The method according to claim 1, further comprising: the UE collaborating with the home subscriber server HSS to generate the SDT security context, and the specific steps include:

Receiving a key generation parameter sent by the HSS;

Generating the SDT key according to the key generation parameter;

The method according to claim 1 or 2, wherein the UE is based on a public key of the server and a private key of the UE, or the SDT security context, or a public key of the server The SDT security context, the first data packet is verified and decrypted, and the decrypted first data packet is obtained, including:

The UE verifies whether the signature in the first data packet is valid according to the public key of the server; if the UE verifies that the signature in the first data packet is valid, the UE is configured according to the private key of the UE. The first data packet is decrypted to obtain the decrypted first data packet.

The method according to claim 2, wherein the UE is based on a public key of the server and a private key of the UE, or the SDT security context, or a public key of the server, and the The SDT security context, the first data packet is verified and decrypted, and the decrypted first data packet is obtained, including:

The UE verifies the message authentication code in the first data packet according to the SDT security context MAC-I; if the verification is successful, decrypting the first data packet to obtain the decrypted first data packet.

The method according to claim 4 or 5, further comprising:

7. A method for securely transmitting data, characterized by comprising:

Sending, by the server, the encrypted first data packet to the UE by using the interworking device IWF and the mobility management entity MME, where the UE obtains the identifier according to the ID of the server in the first data packet. a public key of the server and/or the SDT security context, and based on the public key of the server and the private key of the UE, or the SDT security context, or with the public key of the server and the SDT security context And performing the verification and decryption processing on the first data packet to obtain the decrypted first data packet.

8. A method for securely transmitting data, characterized by comprising: The interworking device IWF receives the first data packet sent by the server, the first data packet includes an ID and a signature of the server, or an ID of the server and a MAC-I;

9. The method according to claim 8, characterized by: pre-following from a home subscriber server

The HSS obtains the SDT security context, including:

Receiving an SDT key sent by the HSS;

Receiving an SDT security protection algorithm sent by the UE by using the MME;

The method according to claim 8 or 9, wherein the IWF verifies the signature according to a public key of the server, or verifies the MAC-I according to an SDT security context, and After the verification is passed, the first data packet is sent to the UE by using the mobility management entity MME; or the IWF performs encryption and/or integrity protection processing on the first data packet according to the SDT security context, The first data packet is sent to the UE by the mobility management entity MME, and includes:

The IWF queries and acquires the public key of the server according to the ID of the server, and verifies whether the first data packet signature is valid according to the public key of the server; if the first data packet signature is valid, Transmitting, by the MME, the first data packet to the UE;

Or,

If the MAC-I is valid, the first data packet is sent to the UE through the MME;

or, When the first data packet further includes: an ID of the APP, the IWF acquires the SDT security context according to the ID of the UE and the ID of the APP, and performs verification on the MAC-I;

Or,

The method according to claim 10, wherein the method further comprises: if the first data packet includes an ID of the server and an ID of the UE, the IWF is based on a pre-configured authorization Corresponding relationship between the server and the UE saved in the list, performing matching check on the ID of the server in the first data packet and the ID of the UE, and checking that the correspondence between the server and the UE is correct After the first data packet is sent to the UE by using the MME;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the IWF is configured according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list. Performing a matching check on the ID of the server, the ID of the UE, and the ID of the APP in the first data packet, and after checking that the correspondence between the server, the UE, and the APP is correct, Sending, by the MME, the first data packet to the UE;

Or,

If the ID of the server and the ID of the UE are included in the first data packet, the IWF Sending the ID of the server and the ID of the UE to the HSS, for the HSS to refer to the corresponding relationship between the server and the UE saved in the pre-configured authorization list, in the first data packet Performing a matching check on the ID of the server and the ID of the UE. After checking that the correspondence between the server and the UE is correct, returning an acknowledgement result to the IWF, so that the IWF sends the first data packet. Transmitted to the UE by the MME;

Or,

12. A secure transmission method for data, comprising:

13. A method for secure transmission of data, comprising:

14. The method according to claim 13, further comprising:

Receiving, by the HSS, the first data packet sent by the IWF;

Or,

The method according to claim 14, further comprising:

The method according to any one of claims 13 to 15, further comprising: the parameter that the HSS sends to the UE includes an ID of the IWF, an ID of an application APP, a random number RAND, and a temporary At least one of the data, wherein the temporary data is a parameter generated by the HSS for generating an SDT key after the HSS determines that the UE has a characteristic of a small data service;

The key generation parameter includes a generation parameter of the SDT key;

17. A secure transmission method for data, comprising:

The user equipment UE encrypts the second data packet according to the private key of the UE and the public key of the server. And/or signature processing, or performing encryption and/or integrity protection processing on the second data packet according to the SDT security context, and sending the processed second data packet to the mobility management entity MME and the interworking device IWF The server; wherein the private key of the UE and the public key of the server that is contracted with the UE or negotiate with the home subscriber server HSS to generate an SDT security context are stored on the UE.

The method according to claim 17, further comprising: negotiating with the home subscriber server HSS to generate the SDT security context, and the specific steps include:

Receiving, by the UE, a key generation parameter sent by the HSS;

The UE generates an SDT key according to the key generation parameter;

The method according to claim 17 or 18, wherein the UE performs encryption and/or signature processing on the second data packet according to the private key of the UE and the public key of the server, or according to the SDT security context. Performing the encryption and/or integrity protection processing on the second data packet, and sending the processed second data packet to the server by using the mobility management entity MME and the interworking device IWF, including:

The method according to claim 18, wherein the UE performs encryption and/or signature processing on the second data packet according to the private key of the UE and the public key of the server, or according to the SDT security context. The second data packet is subjected to the encryption and/or integrity protection process, and the processed second data packet is sent to the server by the mobility management entity MME and the interworking device IWF, including:

The UE encrypts or encrypts the second data packet according to the SDT security context. Integrity protection processing;

The method according to claim 20, wherein the key generation parameter comprises: the parameter sent by the HSS received by the UE includes an ID of the IWF, an application APP

At least one of ID, random number RAND, temporary data;

The key generation parameter includes a generation parameter of the SDT key;

22. A secure transmission method for data, comprising:

23. A secure transmission method for data, comprising:

24. The method according to claim 23, characterized in that the user server is pre-followed The HSS obtains the SDT security context, including:

Receiving an SDT key sent by the HSS;

Receiving an SDT security protection algorithm sent by the UE by using the MME;

The method according to claim 23 or 24, wherein the IWF verifies the signature or the MAC-I according to the public key or the SDT security context of the UE; and after the verification is passed, Sending the processed second data packet to the server, including:

If it is verified that the processed second data packet signature is valid, sending the processed second data packet to the server;

Or,

The method according to claim 25, wherein before the sending the second data packet to the server, the method further includes:

If the first data packet includes the ID of the server and the ID of the UE, the IWF, according to the correspondence between the server and the UE saved in the pre-configured authorization list, is in the first data packet. Performing a matching check on the ID of the server and the ID of the UE, and after checking that the correspondence between the server and the UE is correct, sending the second data packet to the server; or

or, If the second data packet includes the ID of the server and the ID of the UE, the IWF sends the ID of the server and the ID of the UE to the HSS, so that the HSS is configured according to the pre-configured Corresponding relationship between the server and the UE saved in the authorization list, performing matching check on the ID of the server in the second data packet and the ID of the UE, and checking the correspondence between the server and the UE After being correct, the second data packet is sent to the server;

Or,

If the second data packet includes the ID of the server, the ID of the UE, and the ID of the application APP, the IWF sends the ID of the server, the ID of the UE, and the ID of the APP to An HSS, for the HSS, according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list, the ID of the server, the ID of the UE, and the ID of the APP in the second data packet. Performing a matching check, and after checking that the correspondence between the server, the UE, and the APP is correct, sending the second data packet to the server.

27. A secure transmission method for data, comprising:

After verifying that the signature is valid, the MME sends the second data packet to the interworking device.

The method according to claim 27, wherein the sending the second data packet to the interworking device IWF comprises:

Or,

If the second data packet includes the ID of the server, the ID of the UE, and the ID of the application APP, the MME according to the pre-configured authorization list, the service in the second data packet The ID of the server, the ID of the UE, and the ID of the APP, according to the correspondence between the server, the UE, and the APP stored in the authorization list, the ID of the server in the second data packet, Performing a matching check on the ID of the UE and the ID of the APP. After checking that the correspondence between the server, the UE, and the APP is correct, the second data packet is sent to the server through the IWF.

A user equipment (UE), comprising:

a processing module, configured to obtain, according to an ID of the server in the first data packet or an ID of the IWF, a public key of the server and/or the SDT security context, where the UE subscribes to the server The public key is negotiated with the home subscriber server HSS to generate an SDT security context, which is stored on the UE, and is identified by the ID of the server or the ID of the IWF;

The UE according to claim 29, comprising:

The transceiver module is further configured to receive a key generation parameter sent by the HSS;

The processing module is further configured to generate the SDT key according to the key generation parameter; the processing module is further configured to negotiate an SDT security protection algorithm in a non-access security mode command NAS SMC process, or The access security mode commands the non-access stratum security algorithm negotiated in the NAS SMC process as the SDT security protection algorithm.

The UE according to claim 29 or 30, wherein the processing module is specifically configured to:

The device according to claim 30, wherein the processing module is configured to: verify, according to the SDT security context, a message authentication code MAC-I in the first data packet; if the verification succeeds, Decrypting the first data packet to obtain the decrypted first number According to the package.

The UE according to claim 30, wherein the processing module is configured to: verify, according to a public key of the server, whether a signature in the first data packet is valid; if the first data is verified If the signature of the packet is valid, the first data packet is decrypted according to the SDT security context, or the first data packet is subjected to integrity verification and decryption processing according to the SDT security context, to obtain a decrypted location. Said the first data packet.

The UE according to claim 32 or 33, further comprising:

The transceiver module is further configured to receive a parameter sent by the HSS, where the parameter sent by the HSS includes at least one of an ID of the IWF, an ID of the APP, a random number RAND, and temporary data.

35. A server, comprising:

36. An interworking device IWF, comprising:

The public key of the server and the public key of the UE that is contracted with the server are stored in On the IWF, the SDT security context is obtained in advance from the home subscriber server HSS.

The IWF according to claim 36, wherein the transceiver module is further configured to: receive an SDT key sent by the HSS;

Receiving an SDT security protection algorithm sent by the UE by using the MME;

The IWF according to claim 36 or 37, further comprising: the processing module, configured to query and acquire a public key of the server according to an ID of the server, and according to the publicity of the server Key, verifying whether the first data packet signature is valid; if the processing module verifies that the first data packet signature is valid, the transceiver module sends the first data packet to the UE through the MME;

Or,

When the first data packet further includes: an ID of the UE and/or an ID of the APP, the processing module is further configured to acquire the public key of the server according to the ID of the server, and according to the publicity of the server Key, verifying the signature; if the signature of the first data packet is valid, obtaining the corresponding SDT security context according to the ID of the user UE and/or the ID of the APP, and performing encryption processing on the first data, Or encryption and integrity protection processing;

39. The IWF according to claim 38, further comprising:

Or,

And if the first data packet includes an ID of the server, an ID of the UE, and an ID of the APP, the transceiver module sets an ID of the server, an ID of the UE, and an ID of the APP. Sending to the HSS, for the HSS, according to the correspondence between the server, the UE, and the APP saved in the pre-configured authorization list, the ID of the server in the first data packet, the UE Checking the ID of the ID and the ID of the APP, and after checking that the correspondence between the server, the UE, and the APP is correct, returning an acknowledgement result to the IWF, so that the IWF sends the first data packet. Transmitted to the UE by the MME.

40. A mobility management entity MME, comprising:

a transceiver module, configured to receive a first data packet sent by the interworking device IWF, where the first data packet includes: an ID of the user equipment UE, an ID of the server, and a signature;

41. A home subscriber server HSS, comprising:

a transceiver module, configured to receive an identifier of the user equipment UE sent by the mobility management entity MME, and/or an ID of the interworking device IWF selected by the MME for the UE; the identifier includes an international mobile subscriber identity IMSI or a temporary mobile subscriber identity TMSI ;

The HSS according to claim 41, wherein the transceiver module is further configured to receive the first data packet sent by the IWF;

Or,

If the first data packet includes the ID of the server, the ID of the UE, and the ID of the APP, the processing module is configured according to the server, the UE, and the UE saved in the pre-configured authorization list. Corresponding relationship of the APP, performing matching check on the ID of the server in the first data packet, the ID of the UE, and the ID of the APP, and checking the server, the UE, and the APP After the corresponding relationship is correct, the transceiver module returns an acknowledgement result to the IWF, so that the IWF sends the first data packet to the UE by using the MME.

43. The HSS of claim 42, further comprising:

The HSS according to any one of claims 41 to 43, wherein the parameters sent by the transceiver module to the UE include an ID of the IWF, an ID of an application APP, a random number RAND, and temporary data. At least one item, wherein the temporary data is a parameter generated by the processing module after determining that the UE has a small data service characteristic, and the key generation parameter includes the SDT Key generation parameters.

45. A user equipment UE, which is characterized by:

46. The UE according to claim 45, comprising:

The UE according to claim 45 or 46, comprising: The processing module is specifically configured to: sign the second data packet according to the private key of the UE, and perform encryption processing on the second data packet according to the public key of the server;

The transceiver module is further configured to send the processed second data packet to the server by using the MME and the IWF, where the server acquires the UE according to an ID of a UE in the second data packet. a public key, and verifying, according to the public key of the UE, whether the signature in the processed second data packet is valid, and if the verification is valid, the processed second data packet according to the private key of the server Decryption processing.

The UE according to claim 46, comprising:

The processing module is further configured to perform encryption or encryption and integrity protection processing on the second data packet according to the SDT security context;

The UE according to claim 48, wherein the transceiver module is further configured to receive a parameter sent by the HSS, where the parameters sent by the HSS include an ID of the IWF, an ID of the APP, and a random Count at least one of RAND, temporary data.

50. A server, comprising:

51. An interworking device IWF, comprising:

a processing module, configured to: according to the public key or SDT security context of the UE, the signature or The MAC-I is authenticated; wherein the public key of the UE is stored on the IWF, and the SDT security context is obtained in advance from the home subscriber server HSS;

The transceiver module is further configured to send the processed second data packet to the server after the verification is passed.

The IWF according to claim 51, wherein the transceiver module is further configured to: receive an SDT key sent by the HSS;

Receiving an SDT security protection algorithm sent by the UE by using the MME;

The IWF according to claim 52, comprising:

Or,

54. The IWF according to claim 53, further comprising:

If the ID of the server and the ID of the UE are included in the first data packet, the processing module is configured to be in the first data packet according to a correspondence between the server and the UE saved in the pre-configured authorization list. Performing a matching check on the ID of the server and the ID of the UE. After checking that the correspondence between the server and the UE is correct, the transceiver module sends the second data packet to the server.

Or,

55. A mobility management entity MME, comprising:

a transceiver module, configured to receive a processed second data packet sent by the user equipment UE, where the second data packet includes: an ID of the UE, an ID of the server, and a signature;

The MME according to claim 55, comprising:

If the second data packet includes the ID of the server and the ID of the UE, the processing module is further configured to: according to the pre-configured authorization list, the ID of the server in the second data packet, and The ID of the UE, according to the correspondence between the server and the UE stored in the authorization list, performing matching check on the ID of the server in the second data packet and the ID of the UE, in the checkpoint After the corresponding relationship between the server and the UE is correct, the transceiver module sends the second data packet to the server;

Or,