WO2017200172A1

WO2017200172A1 - Method for performing security setup for user equipment in wireless communication system and device therefor

Info

Publication number: WO2017200172A1
Application number: PCT/KR2016/015038
Authority: WO
Inventors: 한진백; 강지원; 조희정; 변일무; 김희진; 심현진
Original assignee: 엘지전자(주)
Priority date: 2016-05-20
Filing date: 2016-12-21
Publication date: 2017-11-23

Abstract

The present specification discloses performing, so as to perform security setup for user equipment in a wireless communication system: a step in which a first network node having a common control function performs an authentication process with the user equipment so as to connect the user equipment to one or more second network nodes of a core network; a step of generating a first security key according to the result of the authentication process performed; a step of generating, by using the generated first security key, one or more second security keys respectively corresponding to the one or more second network nodes; and a step of transmitting the generated one or more second security keys to the respective one or more second network nodes. Thus, a security mechanism meeting service requirements by CNIs having mutually different service requirements can be applied.

Description

Method for performing security setting of a terminal in a wireless communication system and apparatus therefor

The present disclosure relates to a wireless communication system, and more particularly, to a method and apparatus for supporting service for setting service differential security between a terminal and a core network.

The mobile communication system has been developed to provide a voice service while ensuring the user's activity. However, the mobile communication system has expanded not only voice but also data service. Currently, the explosive increase in traffic causes a shortage of resources and the demand for faster services. Therefore, a more advanced mobile communication system is required. have.

The requirements of the next generation of mobile communication systems will be able to accommodate the explosive data traffic, dramatically increase the data rate per user, greatly increase the number of connected devices, very low end-to-end latency, and high energy efficiency. It should be possible. For this purpose, Dual Connectivity, Massive Multiple Input Multiple Output (MIMO), In-band Full Duplex, Non-Orthogonal Multiple Access (NOMA), Super Wide Various technologies such as wideband support and device networking have been studied.

In addition, security features expected to be added in a 5G mobile communication system, compared to security features evolved to a 4G mobile communication system, may be as follows.

5G mobile communication systems must accommodate new types of Service Delivery Models such as Network Slicing. Network Slicing means providing a virtual isolated sub-network optimized for service characteristics. This is to provide optimized services for each application because the requirements of applications will be different.

Accordingly, the security architecture should also be configured very flexibly, which may mean that the 5G mobile communication network should be designed to reduce security-related overhead in accommodating network slicing.

-5G mobile communication systems must not only be designed to provide new functions, but also to accommodate new verticals (industries).

It aims to accommodate a new business model of how mobile networks and communications should be provided.

In other words, a new trust model must be defined that takes into account various types of devices with different security requirements (eg, Unattended Machines, Sensors, Wearable Devices, Vehicles) and some important sectors (eg, Public Safety, eHealth, etc.). May mean.

5G must provide optimized multi-RAT operations. In case of Multi-RAT Access with different security mechanisms, this aims to reduce OTA signaling and delays required for authentication / Security Setup each time.

That is, when accessing different RATs up to 4G in the related art, even though the Core Network is the same, due to different authentication schemes and security setup mechanisms such as key handling, separate terminal authentication and security settings have been performed.

However, 5G Security must provide an effective Multi-RAT Security Architecture to reduce such redundancy.

Meanwhile, one of the issues recently discussed in relation to 5G network architecture is the adoption of the concept of network slicing in the new 5G New Core Network.

The 5G Core Network will evolve into a Service-Oriented structure, due to the fact that a fixed single type network structure will not satisfy the requirements of various services.

That is, it is not cost-effective to accommodate all services expected to be provided in 5G network in one fixed network structure, so that the physically fixed network structure is logical to accommodate the requirements of various services. The dominant proposal is that it is desirable to partition into network slices.

Accordingly, the present specification aims to provide a service-specific security configuration method for satisfying service-specific requirements for each core network slice in a next generation system (eg, 5G system).

The technical problems to be achieved in the present invention are not limited to the technical problems mentioned above, and other technical problems not mentioned above will be clearly understood by those skilled in the art from the following description. Could be.

Herein is a method for performing security configuration of a terminal in a wireless communication system, the method performed by a first network node having a common control function (Common Control Function), the terminal of the core network (core network) Performing an authentication procedure with the terminal to connect to one or more second network nodes; Generating a first security key according to a result of the authentication procedure; Generating at least one second security key corresponding to each of the one or more second network nodes using the generated first security key; And transmitting the generated at least one second security key to the one or more second network nodes, respectively.

Further, in the present specification, the one or more second network nodes each provide an individual service.

In addition, the method for performing a security configuration of the terminal herein further comprises the step of receiving a first message requesting a connection to the one or more second network nodes from a Radio Access Network (RAN) node It is characterized by.

In addition, in the present specification, the connection request to the one or more second network nodes is characterized in that the connection request by the terminal.

In addition, in the present specification, a second security key corresponding to a specific second network node is generated using the first security key and an identifier (ID) of the specific second network node.

In addition, the method proposed in the present specification comprises the steps of receiving a second message for a communication service request (communication service request) of the terminal from the RAN node; And transmitting the received second message to a second network node corresponding to the communication service request.

In the present specification, the second message is a hash value of a second security key corresponding to a second network node corresponding to the communication service request or security capability information of the terminal. It characterized in that it comprises at least one of.

In addition, the generated at least one second security key is characterized in that the security key associated with the signaling protection between the terminal and the one or more second network nodes. That is, a security key for signaling protection between the terminal and the one or more second network nodes may be generated from a second security key.

In addition, the first security key in the present specification is characterized in that the security key is defined in the K _ASME or the next generation system corresponding to the K _ASME of the LTE system.

In addition, the second network node is characterized in that the core network instance (Core Network Instance (CNI)).

In addition, the second security key is characterized in that the CNI-specific Key or CNI Seed Key.

In addition, the present specification is a device for setting the security of the terminal in a wireless communication system, the device, RF (Radio Frequency) unit for transmitting and receiving a radio signal; And a processor operatively coupled to the RF unit, the processor configured to perform an authentication procedure with the terminal to connect the terminal to one or more second network nodes of a core network. Perform; Generating a first security key according to a result of the authentication procedure; Generate at least one second security key corresponding to each of the one or more second network nodes using the generated first security key; And transmit the generated at least one second security key to the one or more second network nodes, respectively.

Further, the processor receives a first message requesting a connection from a Radio Access Network (RAN) node to the one or more second network nodes, and authenticates with the terminal based on the received first message. It characterized in that the control to perform.

In addition, the processor is configured to receive a second message for a communication service request of the terminal from the RAN node; And transmitting the received second message to a second network node corresponding to the communication service request.

In this specification, a network node (eg, C-CPF) having a common control function generates a security key for each CNI and sets security between the terminal and each CNI (Core Network Slice) through the CNI. There is an effect that security mechanisms that meet the service requirements can be applied.

Through this, the present specification can set different key hierarchy for each CNI providing actual service, isolation between CNIs, and various security settings according to service characteristics.

The effects obtainable in the present invention are not limited to the above-mentioned effects, and other effects not mentioned will be clearly understood by those skilled in the art from the following description. .

BRIEF DESCRIPTION OF THE DRAWINGS The accompanying drawings, included as part of the detailed description in order to provide a thorough understanding of the present invention, provide embodiments of the present invention and together with the description, describe the technical features of the present invention.

1 is a diagram illustrating an example of an EPS (Evolved Packet System) related to an LTE system to which the technical features of the present specification can be applied.

2 is a diagram illustrating a wireless communication system to which the technical features of the present specification can be applied.

3 is a block diagram illustrating an example of a functional split between an E-UTRAN and an EPC to which technical features of the present specification can be applied.

4A is a block diagram illustrating an example of a radio protocol architecture for a user plane to which technical features of the present specification can be applied.

4B is a block diagram illustrating an example of a radio protocol structure for a control plane to which technical features of the present specification can be applied.

5 is a diagram illustrating a security configuration method considering the entire network defined in the LTE (-A) system.

6 is a flowchart illustrating an example of an initial key activation procedure in an E-UTRAN.

7 is a flowchart illustrating an authentication and key setting procedure in initial access in an E-UTRAN.

8 is a diagram illustrating an example of a structure of a wireless communication system for supporting a next generation RAN to which the methods proposed herein may be applied.

9 is a diagram illustrating another example of a structure of a wireless communication system for supporting a next generation RAN to which the methods proposed in the specification can be applied.

10 to 12 are diagrams showing still another example of a structure of a wireless communication system for supporting a next generation RAN to which the methods proposed herein can be applied.

FIG. 13 is a diagram illustrating an example of a basic conceptual diagram of network slicing to which the method proposed in the specification can be applied.

FIG. 14 illustrates a diagram of sharing a common set of C-plane functions among a plurality of core network instances to which the method proposed in this specification may be applied.

15 is a flowchart illustrating an example of a terminal and CNI-specific security configuration method (service-specific security configuration method) proposed in the present specification.

FIG. 16 is a flowchart illustrating still another example of a service discriminating security setting method for each terminal and CNI proposed in the present specification.

17 is a flowchart illustrating still another example of a service discriminating security setting method for each terminal and CNI proposed in the present specification.

18 is a flowchart illustrating still another example of a service discriminating security setting method for each terminal and CNI proposed in the present specification.

19 is a flowchart illustrating still another example of a service discriminating security setting method for each terminal and CNI proposed in the present specification.

20 is a flowchart illustrating still another example of a service discriminating security setting method for each terminal and CNI proposed in the present specification.

FIG. 21 is a flowchart illustrating an example of a method for differentiating security setting for each terminal and service for each CNI proposed in the present specification.

FIG. 22 illustrates a block diagram of a wireless communication device to which the methods proposed in the specification can be applied.

Hereinafter, with reference to the accompanying drawings, preferred embodiments according to the present invention will be described in detail. The detailed description, which will be given below with reference to the accompanying drawings, is intended to explain exemplary embodiments of the present invention and is not intended to represent the only embodiments in which the present invention may be practiced. The following detailed description includes specific details in order to provide a thorough understanding of the present invention. However, one of ordinary skill in the art appreciates that the present invention may be practiced without these specific details.

In some instances, well-known structures and devices may be omitted or shown in block diagram form centering on the core functions of the structures and devices in order to avoid obscuring the concepts of the present invention.

In this specification, a base station has a meaning as a terminal node of a network that directly communicates with a terminal. The specific operation described as performed by the base station in this document may be performed by an upper node of the base station in some cases. That is, it is obvious that various operations performed for communication with a terminal in a network composed of a plurality of network nodes including a base station may be performed by the base station or other network nodes other than the base station. A 'base station (BS)' may be replaced by terms such as a fixed station, a Node B, an evolved-NodeB (eNB), a base transceiver system (BTS), an access point (AP), and the like. . In addition, a 'terminal' may be fixed or mobile, and may include a user equipment (UE), a mobile station (MS), a user terminal (UT), a mobile subscriber station (MSS), a subscriber station (SS), and an AMS ( Advanced Mobile Station (WT), Wireless Terminal (WT), Machine-Type Communication (MTC) device, Machine-to-Machine (M2M) device, Device-to-Device (D2D) device and the like can be replaced.

Hereinafter, downlink (DL) means communication from a base station to a terminal, and uplink (UL) means communication from a terminal to a base station. In downlink, a transmitter may be part of a base station, and a receiver may be part of a terminal.

In uplink, a transmitter may be part of a terminal and a receiver may be part of a base station.

Specific terms used in the following description are provided to help the understanding of the present invention, and the use of such specific terms may be changed to other forms without departing from the technical spirit of the present invention.

The following techniques are code division multiple access (CDMA), frequency division multiple access (FDMA), time division multiple access (TDMA), orthogonal frequency division multiple access (OFDMA), single carrier frequency division multiple access (SC-FDMA), and NOMA It can be used in various radio access systems such as non-orthogonal multiple access. CDMA may be implemented by radio technology such as universal terrestrial radio access (UTRA) or CDMA2000. TDMA may be implemented with wireless technologies such as global system for mobile communications (GSM) / general packet radio service (GPRS) / enhanced data rates for GSM evolution (EDGE). OFDMA may be implemented in a wireless technology such as IEEE 802.11 (Wi-Fi), IEEE 802.16 (WiMAX), IEEE 802-20, evolved UTRA (E-UTRA). UTRA is part of a universal mobile telecommunications system (UMTS). 3rd generation partnership project (3GPP) long term evolution (LTE) is a part of evolved UMTS (E-UMTS) using E-UTRA, and employs OFDMA in downlink and SC-FDMA in uplink. LTE-A (advanced) is the evolution of 3GPP LTE.

Embodiments of the present invention may be supported by standard documents disclosed in at least one of the wireless access systems IEEE 802, 3GPP and 3GPP2. That is, steps or parts which are not described to clearly reveal the technical spirit of the present invention among the embodiments of the present invention may be supported by the above documents. In addition, all the terms disclosed in the present document can be described by the standard document.

In order to clarify the description, the description will be mainly based on the 5G system, but the technical features of the present invention are not limited thereto, and of course, the present invention may also be applied to a 3GPP LTE / LTE-A system.

Before describing with reference to the drawings, in order to help the understanding of the present invention, terms used herein will be briefly defined.

APN (Access Point Name): The name of the access point managed by the network, which is provided to the UE. That is, the name (string) of the PDN. Based on the name of the access point, the corresponding PDN for the transmission and reception of data is determined.

MME, which stands for Mobility Management Entity, serves to control each entity in EPS to provide session and mobility for the UE.

Session: A session is a channel for data transmission. The unit may be a PDN, a bearer, or an IP flow unit.

The difference in each unit can be divided into the entire target network unit (APN or PDN unit), the QoS classification unit (Bearer unit), and the destination IP address unit as defined in 3GPP.

TIN: Temporary Identity used in Next update

P-TMSI: Packet Temporary Mobile Subscriber

TAU: Tracking Area Update

GBR: Guaranteed Bit Rate

GTP: GPRS Tunneling Protocol

TEID: Tunnel Endpoint ID

GUTI: Globally Unique Temporary Identity, UE identifier known to MME

1 is a diagram illustrating an example of an EPS (Evolved Packet System) related to an LTE system to which the present invention can be applied.

The LTE system aims to provide seamless Internet Protocol connectivity between the user equipment (UE) and the packet data network (PDN) without interfering with the end user's use of the application while the user is on the move. . The LTE system completes the evolution of radio access through the Evolved Universal Terrestrial Radio Access Network (E-UTRAN), which defines a radio protocol architecture between the user terminal and the base station, which is an Evolved Packet Core (EPC) network. It is also achieved through evolution in non-wireless terms by the inclusion of System Architecture Evolution (SAE). LTE and SAE include an Evolved Packet System (EPS).

The EPS uses the concept of EPS bearers to route IP traffic from the gateway to the user terminal in the PDN. A bearer is an IP packet flow having a specific Quality of Service (QoS) between the gateway and the user terminal. E-UTRAN and EPC both set up and release bearers required by the application.

EPC, also called CN (core network), controls the UE and manages the bearer's configuration.

As shown in FIG. 1, a node (logical or physical node) of an EPC of the SAE includes a mobility management entity (MME) 30, a PDN-GW or a PDN gateway (P-GW) 50, and an S-GW ( Serving Gateway (40), Policy and Charging Rules Function (PCRF) 60, Home Subscriber Server (HSS) 70, and the like.

The MME 30 is a control node that handles signaling between the UE and the CN. The protocol exchanged between the UE and the CN is known as the Non-Access Stratum (NAS) protocol. Examples of the functions supported by the MME 30 include functions related to bearer management operated by the session management layer in the NAS protocol, including network setup, management and release of bearers, network and It is manipulated by the connection layer or mobility management layer in the NAS protocol layer, including the establishment of connection and security between UEs.

The S-GW 40 serves as a local mobility anchor for data bearers when the UE moves between base stations (eNodeBs). All user IP packets are sent via the S-GW 40. The S-GW 40 may also temporarily downlink data while the UE is in an idle state known as the ECM-IDLE state and the MME initiates paging of the UE to re-establish the bearer. Maintain information about bearers when buffering. It also serves as a mobility anchor for inter-working with other 3GPP technologies such as General Packet Radio Service (GRPS) and Universal Mobile Telecommunications System (UMTS).

The P-GW 50 performs IP address assignment for the UE and performs flow-based charging in accordance with QoS enforcement and rules from the PCRF 60. The P-GW 50 performs QoS enforcement for GBR bearers (Guaranteed Bit Rate (GBR) bearers). It also serves as a mobility anchor for interworking with non-3GPP technologies such as CDMA2000 and WiMAX networks.

The PCRF 60 performs policy control decision-making and performs flow-based charging.

The HSS 70 is also called a home location register (HLR) and includes SAE subscription data including EPS-subscribed QoS profile and access control information for roaming. It also includes information about the PDN that the user accesses. This information may be maintained in the form of an Access Point Name (APN), which is a Domain Name system (DNS) -based label that identifies the PDN address that represents the access point or subscribed IP address for the PDN. Technique.

As shown in FIG. 1, various interfaces such as S1-U, S1-MME, S5 / S8, S11, S6a, Gx, Rx, and SG may be defined between EPS network elements.

2 shows a wireless communication system to which the present invention is applied.

This may also be called an Evolved-UMTS Terrestrial Radio Access Network (E-UTRAN), or Long Term Evolution (LTE) / LTE-A system.

The E-UTRAN includes a base station (BS) 20 that provides a control plane and a user plane to a user equipment (UE).

The base stations 20 may be connected to each other through an X2 interface. The base station 20 is connected to a Serving Gateway (S-GW) through a Mobility Management Entity (MME) and an S1-U through an Evolved Packet Core (EPC), more specifically, an S1-MME through an S1 interface.

EPC consists of MME, S-GW and Packet Data Network Gateway (P-GW). The MME has access information of the terminal or information on the capability of the terminal, and this information is mainly used for mobility management of the terminal. S-GW is a gateway having an E-UTRAN as an endpoint, and P-GW is a gateway having a PDN as an endpoint.

Layers of the Radio Interface Protocol between the terminal and the network are based on the lower three layers of the Open System Interconnection (OSI) reference model, which is widely known in communication systems. L2 (second layer), L3 (third layer) can be divided into, wherein the physical layer belonging to the first layer provides an information transfer service using a physical channel (Physical Channel), The RRC (Radio Resource Control) layer located in the third layer plays a role of controlling radio resources between the terminal and the network. To this end, the RRC layer exchanges an RRC message between the terminal and the base station.

3 is a block diagram illustrating an example of a functional split between an E-UTRAN and an EPC to which the present invention can be applied.

Referring to FIG. 3, hatched blocks represent radio protocol layers and empty blocks represent functional entities in the control plane.

The base station performs the following functions. (1) Radio resource management such as radio bearer control, radio admission control, connection mobility control, and dynamic resource allocation to a terminal RRM), (2) Internet Protocol (IP) header compression and encryption of user data streams, (3) routing of user plane data to S-GW, and (4) paging messages. Scheduling and transmission, (5) scheduling and transmission of broadcast information, and (6) measurement and measurement report setup for mobility and scheduling.

The MME performs the following functions. (1) distribution of paging messages to base stations, (2) Security Control, (3) Idle State Mobility Control, (4) SAE Bearer Control, (5) NAS ( Ciphering and Integrity Protection of Non-Access Stratum Signaling.

S-GW performs the following functions. (1) termination of user plane packets for paging, and (2) user plane switching to support terminal mobility.

4A illustrates an example of a radio protocol architecture for a user plane to which technical features of the present specification can be applied, and FIG. 4B illustrates a control plane to which technical features of the present specification can be applied. is a block diagram illustrating an example of a radio protocol structure for a plane).

The user plane is a protocol stack for user data transmission, and the control plane is a protocol stack for control signal transmission.

4A and 4B, a physical layer (PHY) layer provides an information transfer service to a higher layer using a physical channel. The physical layer is connected to the upper layer MAC (Medium Access Control) layer through a transport channel. Data is moved between the MAC layer and the physical layer through the transport channel. Transport channels are classified according to how and with what characteristics data is transmitted over the air interface.

Data moves between physical layers between physical layers, that is, between physical layers of a transmitter and a receiver. The physical channel may be modulated by an orthogonal frequency division multiplexing (OFDM) scheme and utilizes time and frequency as radio resources.

The function of the MAC layer is mapping between logical channels and transport channels and multiplexing / demultiplexing ('/') into transport blocks provided as physical channels on transport channels of MAC service data units (SDUs) belonging to the logical channels. Meaning includes both the concepts of 'or' and 'and'). The MAC layer provides a service to a Radio Link Control (RLC) layer through a logical channel.

Functions of the RLC layer include concatenation, segmentation, and reassembly of RLC SDUs. In order to guarantee the various Quality of Service (QoS) required by the radio bearer (RB), the RLC layer has a transparent mode (TM), an unacknowledged mode (UM), and an acknowledged mode (Acknowledged Mode). Three modes of operation (AM). AM RLC provides error correction through an automatic repeat request (ARQ).

The RRC (Radio Resource Control) layer is defined only in the control plane. The RRC layer is responsible for the control of logical channels, transport channels, and physical channels in connection with configuration, re-configuration, and release of radio bearers. RB means a logical path provided by the first layer (PHY layer) and the second layer (MAC layer, RLC layer, PDCP layer) for data transmission between the terminal and the network.

Functions of the Packet Data Convergence Protocol (PDCP) layer in the user plane include delivery of user data, header compression, and ciphering. The functionality of the Packet Data Convergence Protocol (PDCP) layer in the control plane includes the transmission of control plane data and encryption / integrity protection.

The establishment of the RB means a process of defining characteristics of a radio protocol layer and a channel to provide a specific service, and setting each specific parameter and operation method. RB can be further divided into SRB (Signaling RB) and DRB (Data RB). The SRB is used as a path for transmitting RRC messages in the control plane, and the DRB is used as a path for transmitting user data in the user plane.

If an RRC connection is established between the RRC layer of the UE and the RRC layer of the E-UTRAN, the UE is in an RRC connected state, otherwise it is in an RRC idle state.

The downlink transport channel for transmitting data from the network to the UE includes a broadcast channel (BCH) for transmitting system information and a downlink shared channel (SCH) for transmitting user traffic or control messages. Traffic or control messages of a downlink multicast or broadcast service may be transmitted through a downlink SCH or may be transmitted through a separate downlink multicast channel (MCH). Meanwhile, the uplink transport channel for transmitting data from the terminal to the network includes a random access channel (RACH) for transmitting an initial control message and an uplink shared channel (SCH) for transmitting user traffic or control messages.

Logical channels that are located above transport channels and are mapped to transport channels include Broadcast Control Channel (BCCH), Paging Control Channel (PCCH), Common Control Channel (CCCH), Multicast Control Channel (MCCH), and Multicast Traffic (MTCH). Channel).

The physical channel is composed of several OFDM symbols in the time domain and several sub-carriers in the frequency domain. One sub-frame consists of a plurality of OFDM symbols in the time domain. The RB is a resource allocation unit and includes a plurality of OFDM symbols and a plurality of subcarriers. In addition, each subframe may use specific subcarriers of specific OFDM symbols (eg, the first OFDM symbol) of the corresponding subframe for the physical downlink control channel (PDCCH), that is, the L1 / L2 control channel. Transmission Time Interval (TTI) is a unit time of subframe transmission.

Referring to FIG. 5, in the current LTE / LTE-A system, regardless of which service is provided to a terminal, authentication is performed simultaneously with access to a control entity (MME) of the Core Network, and as a result of the NAS / AS key is set to perform communication to receive the service.

That is, FIG. 6 illustrates an overall procedure of authenticating and setting a key for a corresponding user terminal when a user performs initial access in a 4G system (LTE (-A) system).

Referring to FIG. 6, after performing random access, the user terminal establishes an RRC connection with the base station through 1 to 3 procedures (RRC Connection Setup Request, RRC Connection Setup, and RRC Connection Setup Complete).

Thereafter, through the attach procedure to the MME, a key configuration for authentication and data / control signaling protection of the AS / NAS layer is performed.

FIG. 7 illustrates the authentication procedure performed in the network access procedure illustrated in FIG. 6 in more detail.

In FIG. 7, only parts necessary for initial access of the user terminal are displayed, and parts that may be selectively performed according to some circumstances are excluded.

Next, an example of a structure of a wireless communication system for supporting a next generation RAN to which the methods proposed herein may be applied will be described with reference to FIGS. 8 to 12.

The wireless communication system structure for supporting the next generation RAN may be expressed as a 'high level architecture'.

Next generation may be briefly expressed as “Next Gen”, and the next generation may collectively refer to a term for a future communication generation including 5G.

For convenience of explanation, the next generation will be referred to as “Next Gen”.

The structure of “Next Gen” to which the methods proposed herein can be applied supports new RAT (s), evolved LTE and non-3GPP access types, but not GERAN and UTRAN.

Examples of the non-3GPP access types may include WLAN access, fixed access, and the like.

In addition, the “Next Gen” structure supports an unified authentication framework for other access systems, and supports simultaneous connection with a plurality of terminals through a plurality of access technologies.

In addition, the “Next Gen” architecture allows for independent evolution of the core network and the RAN and minimizes access dependencies.

In addition, the “Next Gen” structure supports separation of control plane and user plane functions, and supports transmission of IP packets, non-IP PDUs, and Ethernet frames.

Referring to FIG. 8, the “Next Gen” structure may include a NextGen UE 810, a NextGen RAN 820, a NextGen Core 830, and a Data network 840.

Here, in the wireless communication system of “Next Gen”, the UE is a “NextGen UE” and the RAN defining a radio protocol structure between the UE and the base station is “NextGen RAN” to perform mobility control and IP packet flow management of the UE. Core network can be expressed as 'NextGen Core'.

For example, 'NextGen RAN' may correspond to E-UTRAN in LTE (-A) system, 'NextGen Core' may correspond to EPC in LTE (-A) system, and MME in LTE EPC Network entities that perform functions such as S-GW, P-GW, etc. may also be included in NextGen Core.

An NG1-C interface and an NG1-U interface exist between the NextGen RAN and the NextGen Core, and an NG-Gi interface exists between the NextGen Core and the Data Network.

Here, NG1-C represents a reference point for a control plane between NextGen RAN and NextGen Core, and NG1-U represents a reference point for a user plane between NextGen RAN and NextGen Core.

Although not illustrated in FIG. 8, the NG-NAS represents a reference point for a control plane between a NextGen UE and a NextGen Core.

In addition, NG-Gi represents a reference point between NextGen Core and Data network.

Here, the data network may be an operator external public network, a private data network, an intra-operator data network, or the like.

In particular, FIG. 9 subdivides the NextGen Core of FIG. 8 into a control plane (CP) function and a user plane (CP) function, and illustrates an interface between UE / AN / AF in detail.

Referring to FIG. 9, a flow-based QoS handling method will be described in more detail.

Referring to FIG. 9, a policy of Quality of Service (QoS) in a wireless communication system to which the present invention is applied may be stored and set in a CP (Control Plane) Function 531 for the following reasons.

Application in UP (User Plane) Function 532

Transmission from AN (Admission Control) 520 and UE 510 for QoS Application

As shown in FIG. 9, the CP functions and the UP functions are functions included in the NextGen CN (indicated by a dotted line), and may be implemented by one physical device or each other.

10 and 12 illustrate another example of a structure of a wireless communication system for supporting a next generation RAN to which the methods proposed herein may be applied.

That is, FIGS. 10 to 12 show examples of a wireless communication system structure for supporting a next generation RAN including a network slicing concept described generally herein.

Specifically, FIG. 10 shows control plane interfaces for network slicing having common and slice specific functions, FIG. 11 shows a core part including a network slicing concept, and FIG. 12 shows terminals allocated to Core NSI after attaching. The figure shown.

Referring to FIG. 11, the control plane of NextGen Core (or 5G Network Core) is divided into two types of Network Functions (NFs).

The two types of NFs may be Common Control Plane Network Function (CCNF) and Slice-specific Control Plane Network Functions (SCNF).

The CCNF may be represented by C-CPF or the like.

The CCNF is a set of basic control plane network functions to support common basic function operations among NSIs in NextGen Core.

In addition, the Core Network Slice may be represented as a Core Network Instance.

The assumption in FIG. 13 is that a particular Network Slice of a particular PLMN is not visible to any terminal connected via a Radio Interface.

Therefore, you need a function for Slice Routing and Selection.

This serves to connect the RB (Radio Bearer) of the terminal to the appropriate Core Network Instance.

In summary, the RAN is shown only to the terminal as RAT + PLMN, which Network Slice (Network Instance) is connected to the terminal is performed in the network, the terminal is not involved.

On the other hand, Slice Selection and Routing Function may be provided by the RAN, which is similar to NNSF (Network Node Selection Function), which is one of functions currently performed by a base station of a 4G system.

Slice Selection and Routing Functions can also be provided by the Core Network.

As mentioned above, 5G network architecture is expected to be configured to accommodate the concept of network slicing in the core network.

FIG. 14 shows an example of such a structure, and according to the architecture shown in FIG. 14, UEs are connected to CNIs for actual service through Common CPFs.

In other words, the concept of Network Slicing in 5G Core Network means that CNIs, which are logical networks optimized to provide respective services with different service requirements, must be provided with a security mechanism that matches the CNIs. Means.

Since 5G systems are aimed at Service Oriented Network, fixed-type authentication and security settings that do not consider service requirements at all as in 4G systems are obstacles in providing various services to be realized in 5G systems.

Therefore, 5G system should construct network slices to satisfy service-specific security requirements, not the concept of applying the same security mechanism to the entire network as in the prior art, and different security mechanisms must be provided for this.

Therefore, the method or technology proposed in the present specification is a network fragment or a network slice (network slice) through a 5G Core Network including a network slicing concept in order to efficiently provide new 5G (or next generation) services. It provides a differentiated security configuration method for each CNI to support a situation in which services are provided through core network instances (CNIs) per slice.

In other words, when the concept of Network Slicing is adopted in 5G Core Network to effectively provide new 5G services, CNIs needed to provide each service need to provide a security mechanism that reflects the requirements of the service. have.

That is, high reliability (Packet Error Rate <10-9) is required while satisfying low latency transmission requirements of 1 ms or less, such as remote control services such as medical, industrial, and robots, and smart car safety services. When the 5G Core Network has evolved into a structure in which each application is provided through a separate CNI for applications, the terminal may receive a plurality of services through a plurality of network slices (CNIs).

Therefore, the present specification provides a security configuration method that satisfies each service requirement for each CNI.

Hereinafter, the terminal and the CNI-specific security configuration methods proposed herein will be described in more detail through various embodiments.

제My 1 One 실시practice 예Yes

The first embodiment provides a method for C-CPF to create a security key for each CNI after authentication of the terminal and transfer the security key to the corresponding CNI, thereby performing security configuration between the terminal and each CNI.

That is, according to the first embodiment, a first security key (eg, generated as a result of performing an authentication procedure for network access while a common control function (C-CPF) that controls a network access of a terminal performs an access request of the terminal) Using a MME Base Key, a second security key (CNI Seed Key) for each CNI is generated and the generated second security key is transferred to the corresponding CNI.

For convenience, the first security key will be described as an MME Base Key and the second security key as a CNI Seed Key.

Thereafter, the CNI receiving the CNI Seed Key from the C-CPF checks the legality of the terminal and the CNI Seed Key through the received CNI Seed Key.

Thereafter, the CNI generates an additional security key to be used in the terminal and the RAN section from the CNI Seed Key.

In addition, the CNI and the terminal may coordinate various security attributes according to the service characteristics provided by the CNI.

As described above, the first embodiment provides a method for applying a security mechanism that meets the corresponding service requirements for each network slice (CNI) having different service requirements, and thus different for each CNI providing the actual service. Security key hierarchy can be set, and isolation between CNIs is possible, resulting in various security settings according to service characteristics.

In more detail with respect to the first embodiment, the common control function (Common Control Function) for controlling the network access of the terminal as a result of performing the authentication procedure for the network access, while performing the access request of the terminal Using the generated first security key, a second security key for each CNI is generated, and the generated second security key is transmitted to each CNI.

Here, the first security key may be expressed as an MME Base Key, and the like, and may be replaced with a key name defined in a future 5G system.

The CNI Network Key may be generated from the MME Base Key, and the CNI Network Key may be a security key for protecting signaling between the UE and 5G CNI.

The first security key may correspond to K _ASME used in the LTE system.

In addition, the second security key may be represented as a CNI Seed Key, CNI-specific Key, and the like.

The second security key may be a security key for protecting a service provided from a specific CNI.

Definitions and roles of the first security key and the second security key will be described in more detail in the following embodiments.

Receiving a second security key (eg, a CNI Seed Key) through a Common-Control Plane Function (C-CPF), the CNI checks whether the terminal and the second security key are legal through the second security key.

Thereafter, the CNI transfers the second security key (CNI Seed Key) to the RAN node to which the terminal accesses, causing the terminal and the RAN node to generate a security key of an AS interval, or from the CNI to the second. Receiving the security key, the C-CPF further uses an additional third to be used in the terminal and the RAN section from the second security key and the RAN Node RAT type information according to the RAT type (eg, New RAT, eLTE, WLAN, etc.) of the RAN node. The security key may be generated and transferred to the RAN node to which the terminal is connected.

The third security key may be a connection between the terminal and the RAN, that is, a security key associated with the AS, and a third security key may be generated from Equation 1 below from the second security key and the RAN Node RAT type information.

At the same time, each CNI and the terminal may coordinate (or exchange) various security attributes with the terminal according to the service characteristics provided by the corresponding CNI.

For example, the security attribute may be a size of a security key used for encryption and decryption, whether to apply an encryption / integrity algorithm according to service characteristics, and the like.

The procedure for checking whether or not the second security key (eg, CNI Seed Key) between the UE and the CNI is legal may be performed through a session establishment procedure of the UE.

That is, the CNI-specific security configuration method proposed in the present specification is to solve the inefficiency that does not satisfy the requirements of various services by performing the security configuration according to the service characteristics, unlike the security configuration method of the conventional LTE (4G) system .

Referring to FIG. 15, the wireless communication system may include a UE, a RAN node, an NSSF / CPSF, a C-CPF, and one or more CNIs (CPFs, UPFs) in order to perform a method for setting security for each UE and CNI.

As shown in FIG. 14, in the case of FIG. 15, it is assumed that a plurality of CNIs have a structure that shares common (or one) C-CPFs.

Here, network slice selection is performed through an application ID (IDentity), a service descriptor (eg, eMBB, CriC, mMTC) provided by the terminal, or a network (eg, HSS of an LTE system). ) May be performed through subscription information of the terminal, which is managed.

FIG. 15 illustrates an example of a service discriminating security setting procedure that operates in a 5G New Core Network in which the concept of network slicing illustrated in FIG. 14 is accommodated.

In addition, FIG. 15 assumes that only an interface between an HSS (or 5G New Core Network entity corresponding to the HSS) and a C-CPF (Common CPF) that stores subscription information of the terminal exists.

That is, the CNIs of FIG. 15 are not connected to the HSS, and the CNIs necessarily go through the C-CPF to obtain information maintained by the HSS.

Referring to FIG. 15, the terminal transmits a network connection request message to establish a connection to an operator network (CNI (s)) (S1501).

The network connection request message is transmitted to a Network Slice Selection Function (NNSF) / C-Plane Selection Function (CPSF) via the RAN Node (S1501).

If the terminal provides a specific CNI and information on the control plane function (CPF) of the CNI to the RAN node, the Network Connection Request message can be directly transmitted from the terminal to the CPF of the specific CNI.

Thereafter, the NNSF / CPSF determines the CNI to be accessed by the terminal and the CPF for the corresponding CNI according to the information included in the Network Connection Request message requested by the terminal (S1502).

In FIG. 15, it can be seen that the CNI included in the Network Connection Request message by the terminal is CNI # 1.

Thereafter, the NNSF / CPSF transfers information on the CPF (CPF-1) of the CNI # 1 to the RAN node (S1503).

Thereafter, the RAN node selects the CPF of the CNI according to the response from the NNSF / CPSF (S1504).

An example of the RAN node may be a base station, but is not limited thereto.

The RAN node transmits a network connection request message of the terminal to the C-CPF (C-CPF-1 in FIG. 15) (S1505), which is a request for connection to the CNI # 1 of the terminal.

The C-CPF performs authentication for connecting the terminal to the CNI-1, and as a result, generates the first security key (eg, MME Base Key) mentioned above (S1506).

The MME Base Key may be a K _ASME of a 4G (eg LTE) system or a unique key corresponding thereto.

Thereafter, the C-CPF generates the aforementioned second security key (eg, CNI-specific Key, CNI-1 Seed Key) from the MME Base Key (S1507).

In addition, the C-CPF may also generate a CNI-specific Key (e.g., CNI-2 Seed Key) for CNI-2 according to the subscription information of the terminal.

The CNI-2 Seed Key generation step may or may not be selectively performed.

The CNI-specific Key may also be referred to as a CNI Seed Key, and may be generated by the following equations (2) and (3).

The C-CPF delivers the CNI-specific Keys generated by

Equations

2 and 3 to the CPF of the corresponding CNI (S1508).

Thereafter, the terminal transmits a New service request message for a communication service (meaning service # 1 provided by CNI # 1) to the RAN node (S1509).

In step S1509, the UE knows the CNI of the service requested by the UE, and uses the ID of the corresponding CNI to perform CNI-specific Key (eg, CNI-1 Seed Key) through the same method as in

Equations

2 and 3 above. ) Can be created.

The new service request message for the communication service to the CNI-1 of the terminal may include a hash value for the CNI-1 seed key and security capability information of the terminal.

Here, the reason for including the hash value for the CNI-1 seed key in the new service request message may be to determine whether the terminal and the CNI-1 have the same CNI-1 seed key.

In addition, this procedure is necessary because an access section key for subsequent services is generated from the CNI-1 Seed Key.

Meanwhile, the reason for including the security capability information of the terminal in the new service request message is to coordinate information such as encryption / integrity or supportable key size between the terminal and CNI-1.

Thereafter, the RAN node forwards the new service request of the terminal to the C-CPF, and the C-CPF forwards the new service request to the CPF (CPF of CNI-1) corresponding to CNI-1 (S1510). .

Thereafter, after the successful session setup between the terminal and the CPF-1 is completed, the CPF-1 of the CNI-1 transfers a Session Response message to the C-CPF-1. The C-CPF 1 transfers the session response message to the RAN node (S1511).

The session response message includes information such as a hash value for the CNI-1 seed key calculated by CPF-1 (CPF-1) of CNI-1 and a security attribute applicable to UPF-1 of CNI-1. can do.

Here, the reason for including the hash value for the CNI-1 Seed Key (the example of the second security key mentioned above) is as described in step S1509, and the terminal and the CNI-1 have the same CNI-1 Seed Key. It is to check whether there is.

In addition, this procedure is necessary because a key of an access section for a subsequent service is generated from the CNI-1 Seed Key.

On the other hand, the reason for including the information related to the security attribute according to the service characteristics in the Session Response (Session Response) message informs the terminal (for example, the UE) the security settings that can be applied according to the service characteristics provided by the CNI-1 For sake.

The information related to the security attribute may also include information such as encryption and / or integrity algorithm or security key size that CNI-1 intends to apply to service provision according to the security capability received from the terminal.

Thereafter, the RAN node transmits the received Session Response to the terminal (S1512).

When the terminal and the specific CNI CPF (CPF-1) check the legality of the CNI Seed Key with each other through the session request / session response, the terminal and the specific CNI-CPF ( CPF-1) can generate keys to be used for service in the access section.

This may allow the CNI-CPF (CPF-1) to transmit a CNI-1 Seed Key to the RAN Node, so that the RAN Node and the UE generate separately from the received CNI-1 Seed Key. Alternatively, the C-CPF that receives the second security key from the CNI, according to the RAT type (eg, New RAT, eLTE, WLAN, etc.) of the RAN node, the terminal and the RAN interval from the second security key and the RAN Node RAT type information. By generating an additional third security key to be used in the RAN node to which the terminal is connected to the RAN node and the terminal can be generated separately from the received third security key.

Next, another example of a service discriminating security setting method for each terminal and each CNI will be described.

That is, FIG. 16 shows another example of a service discriminating security setting procedure proposed in the present specification according to the 5G New Core Network structure in which the concept of network slicing shown in FIG. 14 is accommodated.

In the case of FIG. 16, as shown in FIG. 15, it is assumed that only an interface between an HSS (or an entity of a 5G New Core Network corresponding to the HSS) and C-CPF (Common CPF) that stores subscription information of the UE exists.

That is, CNIs are not connected to the HSS, and the CNIs must go through C-CPF to obtain information maintained by the HSS.

Since operations S1602 to S1607 of FIG. 16 are the same as operations S1501 to S1507 of FIG. 15, a detailed description thereof will be described with reference to FIG. 15, and the following description will focus on the differences.

Referring to FIG. 16, after step S1607, the terminal transmits a New Service Request message for a communication service (in the case of FIG. 16, meaning service # 1 provided by CNI # 1) to the RAN node (S1608). .

In step S1608, the UE knows the CNI of the service requested by the UE, and uses the ID of the corresponding CNI in the same manner as defined in Equation 1 and Equation 2, and the aforementioned second security key (eg, CNI-specific Key or CNI-1 Seed Key) can be generated.

The New Service Request message may include a hash value for the CNI-1 Seed Key and security capability information of the terminal.

Here, the reason for including the hash value for the CNI-1 seed key in the New Service Request message is to check whether the terminal and the CNI-1 have the same CNI-1 seed key.

In addition, the procedure is necessary because an access interval key for subsequent services is generated from the CNI-1 Seed Key.

On the other hand, the reason why the security capability information of the terminal is included in the New Service Request message is to coordinate information such as encryption or integrity, or supportable key size, between the terminal and the CNI.

Thereafter, the RAN node selects the CPF (CPF-1) of the CNI-1 according to the information (CNI-1 ID, etc.) included in the received New Service Request message (S1609).

Thereafter, the RAN node transmits the communication service request of the terminal, that is, the New Service Request message to the CPF (CPF-1) of the CNI-1 (S1610).

Here, the communication service request of the terminal is first delivered to the C-CPF, the C-CPF adds a CNI-specific Key (eg, CNI-1 Seed Key) generated by the C-CPF for the CNI-1, and the Transmit to CPF (CPF of CNI-1) corresponding to CNI of Communication Service request.

Subsequently, after a successful session setup with the terminal and the CNI 1 is completed, the CPF (CPF-1) of the CNI-1 transmits a session response message to the C-CPF (S1611).

Thereafter, the C-CPF transmits or forwards the session response message to the RAN node (S1612). Here, the transmitted message may be expressed as a New Service Response message.

The session response message may include information such as a hash value for the CNI-1 seed key calculated by the CPF of the CNI-1 and a security attribute applicable to the CNI-1 UPF-1.

Here, the reason for including the hash value for the CNI-1 seed key is to check whether the terminal and the CNI-1 have the same CNI-1 seed key as described above, and why the procedure is necessary. This is because the key of the access section for subsequent services is generated from the CNI-1 Seed Key.

Meanwhile, the reason why the session response message includes information related to the security attribute according to the service characteristic is to inform the terminal of the security setting that can be applied according to the service characteristic provided by the CNI-1.

The security attribute may also include information such as encryption / integrity algorithm or key size that CNI-1 intends to apply to service provision according to the security capability received from the terminal.

Thereafter, the RAN node transmits the received Session Response message to the terminal (S1613).

The session response message transmitted to the terminal is represented as a New Service Response message in FIG. 16.

Subsequently, when the UE and the specific CNI CPF (CPF-1 of CNI-1) check the legality of the CNI Seed Key with each other through the session request and the session response, the As shown in FIG. 15, the terminal and the CNI-CPF 1 may generate keys to be actually used for a service in an access period.

This means that the CNI-CPF (CNI-CPF 1) transmits a CNI-1 Seed Key to the RAN Node, so that the RAN Node and the UE generate keys to be actually used in an Access section separately from the CNI-1 Seed Key. Can be. Alternatively, the C-CPF, which receives the CNI-1 Seed Key from the CNI, may be connected to the UE from the CNI-1 Seed Key and the RAN Node RAT type information according to the RAT type (eg, New RAT, eLTE, WLAN, etc.) of the RAN Node. By generating an additional third security key to be used in the RAN interval and transmitting it to the RAN node to which the terminal is connected, the RAN node and the terminal to generate keys to be actually used in the Access interval, respectively, from the received third security key. Can be.

제My 2 2 실시practice 예Yes

In the above-described first embodiment, the C-CPF generates a CNI Seed Key for each Network Slice (or for each CNI) for a UE that has completed authentication through C-CPF, and for each Network Slice in the corresponding Network Slice. Provides a method to set security settings in accordance with the service characteristics and requirements provided in consultation with the terminal.

According to the second embodiment, unlike the first embodiment, the C-CPF performs authentication with the terminal, and according to the subscription information of the authenticated terminal, the C-CPF sets security settings for the CNIs associated with the terminal. After executing it directly, it provides a way to transfer security settings for each CNI to the corresponding CNI.

That is, the second embodiment provides a method for setting security differentiated between the terminal and each CNI through the following two methods.

The C-CPF controlling the network access of the terminal performs a connection request of the terminal, and as a result of performing the authentication procedure for the network access of the terminal, firstly, (1) a first security key to be used by each CNIs (E.g., CNI Network Key) and second security key (e.g., CNI Seed Key) to each CNI.

Subsequently, each CNI-CPF protects signaling data between the UE and itself through a first CNI network key received from the C-CPF, and delivers a second security key (CNI -Seed Key) to the RAN node. The RAN node is configured to generate a key between the terminal and the access interval. Alternatively, the C-CPF, which receives the second security key from the CNI-CPF, may be connected to the terminal from the second security key and the RAN Node RAT type information according to the RAT type (eg, New RAT, eLTE, WLAN, etc.) of the RAN node. By generating a third security key to be used in the RAN interval and forwarding it to the RAN node to which the terminal accesses, so that the RAN node generates a key of the access interval from the terminal and the received third security key, respectively.

Here, the first security key (for example, CNI Network Key) means a key used for signaling protection between the terminal and the CNI.

The second security key (eg, CNI Seed Key) refers to a key generated by applying KDF to a base key and a network slice ID of a C-CPF corresponding to K _ASME of a 4G system.

Second, (2) the C-CPF generates a CNI-Specific Base Key using the CNI-Specific Master Key, and uses the CNI Network Keys (UE and CNI) to be used by each CNI from the generated CNI-Specific Base Key. Key used to protect signaling between devices) and CNI Seed Key are generated and delivered to each CNI.

Here, the CNI Network Key represents an example of another security key generated from the aforementioned first security key, and the CNI Seed Key is an example of the second security key mentioned above, and the CNI-Specific Base Key, COUNTER. Represents a key generated by applying KDF to an ID.

Here, the term KDF (Key Derivation Function) may be replaced by another term in a 5G system.

Subsequently, each CNI-CPF protects signaling data between the terminal and itself through the CNI network key, and transmits the CNI-Seed Key to the RAN node so that the RAN node generates a terminal and an access interval key. Alternatively, the C-CPF that receives the CNI-Seed Key from the CNI-CPF has a CNI-Seed Key and a RAN Node RAT type according to the RAT type (eg, New RAT, eLTE, WLAN, etc) of the RAN Node connected to the terminal. By generating an additional third security key to be used in the terminal and the RAN interval from the information and transmitting it to the RAN node to which the terminal is connected to cause the RAN node to generate an Access interval key from the terminal and the third security key.

Then, through the first or second method, each CNI-CPF and the terminal adjusts various security attributes according to the service characteristics provided by the corresponding CNI.

The methods described below assume a structure in which a plurality of CNIs share common CPFs, as shown in FIG.

Here, the network slice selection may be performed through an application ID provided by the terminal, a service descriptor (e.g., eMBB, CriC, mMTC), or the like, or subscription information of the terminal managed by the network.

Specifically, FIG. 17 performs C-CPF control-based authentication in a 5G New Core Network including the Network Slicing concept shown in FIG. 14, sets security for each CNI in the C-CPF, and then sets security as individual CNIs. An example of how to deliver.

In the case of FIG. 17, it is assumed that there is only an interface between the entity storing the subscription information of the terminal (meaning an entity of a 5G New Core Network corresponding to the HSS of the LTE system) and the C-CPF.

For convenience of understanding, the entity storing the subscription information of the terminal will be referred to as HSS.

That is, CNIs are not connected to the HSS, and the CNIs must go through the C-CPF (C-CPF-1) to obtain information maintained by the HSS.

Since steps S1701 to S1706 of FIG. 17 are the same as steps S1501 to S1506 of FIG. 15, a detailed description thereof will be described with reference to FIG. 15, and hereinafter, the description will be mainly focused on different parts.

In step S1706, the C-CPF-1 performs authentication for connecting the terminal to the C-CPF-1, and as a result generates a C-CPF Base Key (S1706).

Here, the C-CPF Base Key may be viewed as a K _ASME of a 4G system (or a key corresponding to the K _ASME generated in a 5G system).

In the case of Figure 17, it can be seen that the C-CPF Base Key is represented by a Master Key.

Thereafter, the C-CPF-1 generates a CNI-1 Network Key and a CNI-1 Seed Key using the C-CPF Base Key (S1707).

That is, the CNI-1 Network Key is generated through KDF (C-CPF Base Key, Algorithm ID, Algorithm Distinguisher), and the CNI-1 Seed Key is KDF (C-CPF Base Key, Network Slice 1 ID, etc.) Can be generated via

This assumes that C-CPF-1 is identified as having only CNI-1 associated with the service to which the UE subscribes through HSS.

That is, when the C-CPF-1 determines that there is a CNI (eg, CNI-2) associated with another service to which the UE is subscribed, the C-CPF-1 additionally corresponds to the corresponding CNI (CNI-2). We will generate the Salping Keys (CNI-2 Network Key and CNI-2 Seed Key).

Thereafter, the C-CPF-1 performs a procedure for setting the generated CNI-1 network key with the terminal (S1708).

Thereafter, the terminal protects the signaling data exchanged between itself and the CNI-1 CPF-1 using the CNI-1 Network Key.

Thereafter, the C-CPF-1 transfers the CNI-1 Network Key and the CNI-1 Seed Key to the CNI-1 CPF-1 (S1709).

The CNI-1 CPF-1 transfers the CNI-1 Seed Key received from the C-CPF-1 to the RAN Node (S1710), and uses the received CNI-1 Network Key to communicate between itself and the terminal. Protect the received signaling data.

Thereafter, the RAN node and the terminal generate a key to be used in an access section using the CNI-1 Seed Key (S1711).

Alternatively, the C-CPF, which receives the CNI-1 Seed Key from the CNI-1 CPF-1, according to the RAN Node RAT type (eg, New RAT, eLTE, WLAN, etc) to which the UE is connected, CNI-1 Seed Key And an additional third security key to be used in the terminal and the RAN section from the RAN Node RAT type information, and then transmitting the additional third security key to the RAN node to which the terminal is connected, thereby separately accessing the RAN node and the terminal from the received third security key. Generate key to be used in section.

Through this process, the security capability information of the terminal may be delivered to the RAN node.

In addition, in step S1710, information such as security attributes that may be applied in the CNI-1 UPF-1 received by the RAN node may be transmitted from the RAN node to the terminal.

The reason why such information is exchanged between the terminal and the RAN node is to inform the terminal of the security settings that can be applied according to the service characteristics provided by the CNI-1, so that the algorithm or the algorithm for encryption / integrity between the terminal and the CNI-1 CPF-1 can be applied. To adjust information such as key size.

That is, through the New Service Response transmission and reception procedure to be described later, information such as encryption / integrity algorithm or key size to be applied to service provision according to the security capability information received from the terminal by the RAN node (through step S1713). Can be delivered.

Thereafter, the terminal transmits a request for a communication service (meaning service # 1 provided by CNI # 1) to the RAN node (S1712).

In addition, the New Service Request is delivered to the CNI-1 CPF-1 via the C-CPF-1 by the RAN node (S1712).

After the successful session setup between the terminal and the CNI-1 is completed, the CNI-1 CPF transmits a Session Response to the C-CPF-1, and the C-CPF-1 delivers the Session Response to the RAN Node. (S1713).

The session response may include information related to a security attribute according to a service characteristic.

The reason is to inform the terminal of the security setting to be applied according to the service characteristics provided by the CNI-1.

Such a security attribute may include information such as encryption / integrity algorithm or key size to be applied to service provision according to the security capability received by the CNI-1 from the terminal.

Thereafter, the RAN node transmits the received Session Response to the terminal (S1713).

Since steps S1801 to S1808 of FIG. 18 are the same as steps S1701 to S1708 of FIG. 17, a detailed description thereof will be described with reference to FIG. 17, and hereinafter, the description will be mainly focused on parts having a difference.

That is, FIG. 18 illustrates another method of performing C-CPF control-based authentication and delivering security settings to individual CNIs after setting security for each CNI.

After step S1808, C-CPF-1 delivers the CNI-1 Seed Key to the RAN Node (S1809).

The C-CPF-1 protects signaling data exchanged between itself and the terminal through a CNI-1 network key.

Thereafter, the RAN node and the terminal generate a key to be used in an access section using the CNI-1 Seed Key (S1810).

In this process, the security capability information of the terminal may be delivered to the RAN node.

In addition, in step S1810 information such as security attributes that can be applied in the CNI-1 UPF-1 received by the RAN node may be transferred from the RAN node to the terminal.

As described above, the reason why such information is exchanged between the terminal and the RAN node is that encryption is performed between the terminal and the CNI-1 CPF-1 by informing the terminal of a security setting that can be applied according to a service characteristic provided by the CNI-1. To coordinate information such as algorithm for integrity or applicable key size.

That is, information such as encryption / integrity algorithm or key size to be applied to service provision according to the security capability received from the terminal by the RAN node is transmitted to the terminal through a new service response transmission / reception procedure (step S1813) to be described later. Can be.

Thereafter, when the RAN node completes setting the access interval key with the terminal, the RAN node notifies the C-CPF-1 through an access key setup complete indication (S1811).

Subsequently, when the C-CPF-1 receives from the RAN node that the access interval key setting with the terminal is completed, the C-CPF-1 receives the CNI-1 seed key and the CNI- used to set the access interval key. 1 Transfer the Network Key to CNI-1 CPF-1 (S1812).

Thereafter, the CNI-1 CPF-1 protects signaling data exchanged between itself and the terminal through the CNI-1 network key.

Since operations S1901 to S1906 of FIG. 19 are the same as operations S1701 to S1706 of FIG. 17, a detailed description thereof will be described with reference to FIG. 17, and hereinafter, the description will be mainly focused on parts having a difference.

After step S1906, C-CPF-1 generates a CNI-Specific Base Key through the CNI-Specific Master Key (S1907).

The CNI-Specific Master Key is a Key that is uniquely generated for each CNI of the terminal and transferred to the C-CPF-1 according to the subscription information of the terminal in the process of HSS authenticating a specific terminal at the request of the C-CPF-1. Means.

That is, the CNI-Specific Maser Key may mean a key corresponding to a key (e.g., KDF (Ki, CNI-ID, etc)) generated by applying KDF to Ki of a 4G system.

That is, the CNI-Specific Maser Key represents a Key generated by applying KDF to a Master Key corresponding to the Ki in a 5G system.

If this is expressed as an equation, for example, it can be defined as KDF (Master Key, CNI-ID, etc., unique to 5G System corresponding to Ki), and RAND, SQN, SN ID, etc. Can be considered.

The term for the KDF may be replaced with a term newly defined in a 5G system.

Then, the C-CPF-1 is a CNI-1 Network Key (= KDF (C-CPF Base Key, Algorithm ID, Algorithm Distinguisher) and CNI-1 Seed Key (= KDF (CNI) from the received CNI-Specific Base Key -Generate a specific base key, COUNTER, etc. (S1908).

Here, the COUNTER may mean a COUNTER corresponding to the NAS UPLINK COUNTER of the 4G system.

Also in this case, as in the procedure described with reference to FIG. 17, it is assumed that C-CPF-1 has identified that only CNI-1 associated with the service to which the UE is subscribed through HSS.

That is, when the C-CPF-1 determines that there is a CNI (eg, CNI-2) associated with another service to which the UE is subscribed, the C-CPF-1 further includes the above-described key for the corresponding CNI. Can generate CNI-2 Network Key and CNI-2 Seed Key.

Thereafter, the C-CPF-1 performs a procedure of setting the generated CNI-1 Network Key with the terminal.

Since the procedures after the operation S1908 (steps S1909 to S1914) are the same as the operations S1708 to S1713 of FIG. 17, a detailed description will be referred to FIG. 17.

Since steps S2001 to S2009 of FIG. 20 are the same as steps S1901 to S1909 of FIG. 19, the detailed description will be described with reference to FIG. 19, and hereinafter, the description will be mainly focused on parts having a difference.

After step S2009, C-CPF-1 delivers the CNI-1 Seed Key to the RAN Node (S2010).

Thereafter, the C-CPF-1 protects signaling data exchanged between itself and the terminal through the CNI-1 network key (S2011).

The RAN node and the terminal each generate a key to be used in an access period using the CNI-1 Seed Key.

In addition, information such as security attributes that may be applied in CNI-1 UPF-1 received by the RAN node in step S2010 may be transmitted from the RAN node to the terminal.

The reason why such information is exchanged between the terminal and the RAN node is because an algorithm for encryption / integrity between the terminal and the CNI-1 CPF-1 may be informed of a security setting that can be applied according to a service characteristic provided by the CNI-1. Or to adjust information such as applicable key size.

Thereafter, the RAN node informs the C-CPF-1 through the Access Key Setup Complete Indication when the access interval key setting with the terminal is completed (S2012).

Upon receiving the completion of the access section key setting with the terminal from the RAN node, the C-CPF-1 converts the CNI-1 seed key and the CNI-1 network key used to set the access section key to the CNI-1 CPF. Transfer (S2013).

Subsequently, the CNI-1 CPF receiving the CNI-1 protects the signaling data exchanged between itself and the terminal through the CNI-1 Network Key.

FIG. 21 is a view illustrating a method for setting security differentiated between services of a terminal and a CNI based on the operation of the C-CPF in the first embodiment of the present invention.

First, the first network node performs an authentication procedure with the terminal to connect the terminal to one or more second network nodes of the core network (S2101).

In this case, the performing of the authentication procedure with the terminal may include receiving a first message requesting a connection from the Radio Access Network (RAN) node to the one or more second network nodes. That is, the terminal may transmit the first message requesting only connection to the first network node, or transmit the first message requesting connection to the second network.

In addition, the connection request to the one or more second network nodes corresponds to the connection request by the terminal.

Here, the first network node is a network node having a common control function, and may be used in various terms such as C-CPF, Common Control Network Function (CCNF), and Authentication Function (AuF).

In addition, the one or more second network nodes each provide a separate service.

The second network node may be represented by a core network instance (CNI) or a core network slice.

Thereafter, the first network node generates a first security key according to a result of performing the authentication procedure (S2102).

The first security key may be a security key defined in a K _ASME of an LTE system or a next generation system (eg, 5G system) corresponding to the K _ASME .

Thereafter, the first network node generates at least one second security key corresponding to each of the one or more second network nodes using the generated first security key (S2103).

The generated at least one second security key may be a security key used to generate a security key associated with signaling protection between the terminal and the one or more second network nodes.

In addition, the second security key may be expressed as a CNI-specific Key or CNI Seed Key.

The second security key corresponding to the specific second network node is generated using the first security key and the identifier (ID) of the specific second network node. See Equation 2.

Thereafter, the first network node transmits the generated at least one second security key to the one or more second network nodes, respectively (S2104).

Thereafter, the first network node receives a second message for a communication service request of the terminal from the RAN node (S2105).

Thereafter, the first network node transmits the received second message to a second network node corresponding to the communication service request (S2106).

Here, the second message is at least one of a hash value of a second security key corresponding to a second network node corresponding to the communication service request or security capability information of the terminal. It may include.

본example 발명이Invention 적용될Apply 수Number 있는there is 장치Device 일반Normal

Referring to FIG. 22, a wireless communication system includes a base station 2210 and a plurality of terminals 2220 located in an area of a base station 2210.

The base station 2210 includes a processor 2211, a memory 2212, and an RF unit 2213. The processor 2211 implements the functions, processes, and / or methods proposed in FIGS. 1 to 21. Layers of the air interface protocol may be implemented by the processor 2211.

The memory 2212 is connected to the processor 2211 and stores various information for driving the processor 2211. The RF unit 2213 is connected to the processor 2211 and transmits and / or receives a radio signal.

The terminal 2220 includes a processor 2221, a memory 2222, and an RF unit 2223.

The processor 2221 implements the functions, processes, and / or methods proposed in FIGS. 1 to 21. Layers of the air interface protocol may be implemented by the processor 2221. The memory 2222 is connected to the processor 2221 and stores various information for driving the processor 2221. The RF unit 2223 is connected to the processor 2221 and transmits and / or receives a radio signal.

The

memories

2212 and 2222 may be inside or outside the

processors

2211 and 2221, and may be connected to the

processors

2211 and 2221 by various well-known means.

In addition, the base station 2210 and / or the terminal 2220 may have one antenna or multiple antennas.

The embodiments described above are the components and features of the present invention are combined in a predetermined form. Each component or feature is to be considered optional unless stated otherwise. Each component or feature may be embodied in a form that is not combined with other components or features. It is also possible to combine some of the components and / or features to form an embodiment of the invention. The order of the operations described in the embodiments of the present invention may be changed. Some components or features of one embodiment may be included in another embodiment or may be replaced with corresponding components or features of another embodiment. It is obvious that the claims may be combined to form embodiments by combining claims that do not have an explicit citation in the claims or as new claims by post-application correction.

Embodiments according to the present invention may be implemented by various means, for example, hardware, firmware, software, or a combination thereof. In the case of a hardware implementation, an embodiment of the present invention may include one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), FPGAs ( field programmable gate arrays), processors, controllers, microcontrollers, microprocessors, and the like.

In the case of implementation by firmware or software, an embodiment of the present invention may be implemented in the form of a module, procedure, function, etc. that performs the functions or operations described above. The software code may be stored in memory and driven by the processor. The memory may be located inside or outside the processor, and may exchange data with the processor by various known means.

It will be apparent to those skilled in the art that the present invention may be embodied in other specific forms without departing from the essential features of the present invention. Accordingly, the above detailed description should not be construed as limiting in all aspects and should be considered as illustrative. The scope of the invention should be determined by reasonable interpretation of the appended claims, and all changes within the equivalent scope of the invention are included in the scope of the invention.

In the wireless communication system of the present invention, a method for performing security setting of a terminal has been described with reference to an example applied to a 5G system, but it can be applied to various wireless communication systems such as a 3GPP LTE / LTE-A system.

Claims

In the method for performing the security setting of the terminal in a wireless communication system, the method performed by the first network node having a common control function (Common Control Function),
Performing an authentication procedure with the terminal to connect the terminal to one or more second network nodes of a core network;
Generating a first security key according to a result of performing the authentication procedure;
Generating at least one second security key corresponding to each of the one or more second network nodes using the generated first security key; And
Transmitting the generated at least one second security key to the one or more second network nodes, respectively.
The method of claim 1,
Wherein said one or more second network nodes each provide a separate service.
The method of claim 1,
Receiving a first message requesting a connection from a Radio Access Network (RAN) node to the one or more second network nodes.
The method of claim 3, wherein
The connection request to the one or more second network nodes is a connection request by the terminal.
The method of claim 1,
And a second security key corresponding to a particular second network node is generated using the first security key and an identifier (ID) of the particular second network node.
The method of claim 3, wherein
Receiving a second message for a communication service request of the terminal from the RAN node; And
Sending the received second message to a second network node corresponding to the communication service request.
The method of claim 6,
The second message includes at least one of a hash value of a second security key corresponding to a second network node corresponding to the communication service request or security capability information of the terminal. Characterized in that.
The method of claim 1,
The generated at least one second security key is a security key associated with signaling protection between the terminal and the one or more second network nodes.
The method of claim 1,
The first security key and wherein the security key to be defined in the next-generation system of the LTE system in the K ASME or the K ASME.
The method of claim 1,
And the second network node is a Core Network Instance (CNI).
The method of claim 1,
And the second security key is a security key for protecting a service provided from a specific CNI.
The method of claim 11,
And the second security key is a CNI-specific key or a CNI seed key.
An apparatus for setting security of a terminal in a wireless communication system, the apparatus comprising:
An RF unit for transmitting and receiving radio signals; And
A processor functionally connected with the RF unit, wherein the processor includes:
Perform an authentication procedure with the terminal to connect the terminal to one or more second network nodes of a core network;
Generate a first security key according to a result of performing the authentication procedure;
Generate at least one second security key corresponding to each of the one or more second network nodes using the generated first security key; And
And transmit the generated at least one second security key to each of the one or more second network nodes.
The processor of claim 13, wherein the processor comprises:
Receive a first message requesting a connection from a Radio Access Network (RAN) node to the one or more second network nodes,
And perform an authentication procedure with the terminal based on the received first message.
The method of claim 14, wherein the processor,
Receive a second message for a communication service request of the terminal from the RAN node; And
And send the received second message to a second network node corresponding to the communication service request.