CN101005489A - Method for protecting mobile communication system network safety - Google Patents
Method for protecting mobile communication system network safety Download PDFInfo
- Publication number
- CN101005489A CN101005489A CN 200610001656 CN200610001656A CN101005489A CN 101005489 A CN101005489 A CN 101005489A CN 200610001656 CN200610001656 CN 200610001656 CN 200610001656 A CN200610001656 A CN 200610001656A CN 101005489 A CN101005489 A CN 101005489A
- Authority
- CN
- China
- Prior art keywords
- key
- node
- ran
- ikran
- protection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The method comprises: by providing security protection for access layer, non-access layer and application layer, and by providing the inter-domain protection for the interval between the access layer node and the non access node and the interval between non-access layer node and the application layer node, a security protection mechanism build with combination of hierarchical structure and gradually jumping structure is formed in 3GPP evolution network. By the invention, when user passes through an un-trusted radio network, the radio network is not capable of decrypting the user's data, and also is not capable of forging a legal signaling to transmit to user.
Description
Technical field
The present invention relates to the network communications technology field, be specifically related to a kind of method of protecting mobile communication system network safety.
Background technology
Along with the sharp increase of IP-based business and flow, the access technology in the 3GPP system can not adapt to this variation gradually.With it accordingly, access technologies such as WLAN (broadband LAN), WiMax begin to rise, and the 3GPP network has been caused direct threat.
In order to guarantee the competitiveness of 3GPP system in following 10 years, 3GPP begins to consider the Long Term Evolution problem to the 3GPP network access technique, especially the packet-switch technology that realizes in the 3GPP system is strengthened, so that the 3GPP connecting system is all maintaining the leading position aspect performance and the cost.The network evolution of 3GPP comprises the minimizing time delay, improves user data rate, improves power system capacity and aspects such as coverage rate, minimizing operator cost.In addition, because IP-based 3GPP business may be provided by different access technologies, therefore, in the network evolution process,, also be an important aspect to supporting seamless mobility Study on Mechanism between different access networks.
For the target of the network evolution that reaches 3GPP effectively, the inner thought that has proposed to simplify the RAN structure of 3GPP RAN group.In simple terms, be exactly with the RNC knot removal, have only node of ENodeB among the RAN.Like this, carry out on the entity that the encryption finished of RNC node and integrity protection function just need be put into other.
For the safeguard protection of 3GPP evolvement network, should consider the protection of user plane and the protection of signaling plane.Should provide Confidentiality protection for user plane, and, should provide integrity protection to all RRC signalings at least for signaling plane.In addition, also need to carry out Confidentiality protection for some signalings that relate to user identity.
At present, also do not protect the method for 3GPP evolvement network safety, there is safety problem in the 3GPP evolvement network.
Summary of the invention
The objective of the invention is to; a kind of method of protecting mobile communication system network safety is provided; by in the 3GPP evolvement network, adopting safeguard protection between layering structure and territory,, efficiently solve the safety problem that exists in the 3GPP evolvement network for the 3GPP evolvement network provides comprehensive safety assurance.
For achieving the above object, a kind of method of protecting mobile communication system network safety provided by the invention comprises:
A, mobile communication system is divided into Non-Access Stratum, UE and application between Access Layer, UE and the evolution core net E-CN between user equipment (UE) and the evolution wireless access network E-RAN application layer between the network is provided;
B, provide safeguard protection respectively for Access Layer, Non-Access Stratum and application layer; and between evolution wireless access network and the evolution core net, evolution core net and use between the net safeguard protection between the territory is provided respectively, to carry out safeguard protection to mobile communication system network.
Among the described step b:
The safeguard protection that provides for Access Layer comprises: for transmitting the safeguard protection that RAN signaling and user data provide between UE and the E-RAN;
The safeguard protection that provides for Non-Access Stratum comprises: for transmitting the safeguard protection that CN signaling and user data provide between UE and the E-CN.
Described safeguard protection comprises: integrity protection and/or Confidentiality protection.
Described step b also comprises: for wireless access network, core net and application net provide safeguard protection in the territory.
Among the described step b between the territory/territory in safeguard protection comprise: safe transmission layer protocol TLS, the Internet protocol security IPsec.
For providing the step of safeguard protection, Non-Access Stratum comprises among the described step b:
B1, UE set up and being connected of E-CN by E-RAN;
Obtain to share key master key by authentication process between B2, UE and the E-CN;
B3, UE and E-CN derive ciphering key Kcn and IKcn by sharing key master key;
B4, UE and E-CN are that the signaling of transmitting between UE and the E-CN is carried out integrity protection according to ciphering key Kcn and Ikcn, and are that the user data that transmits between UE and the E-CN carries out Confidentiality protection.
Described step B3 comprises:
UE and E-CN are by sharing key master key, indicate the character string that generates Key Tpe, the identity of UE, deriving ciphering key Kcn and Ikcn.
Described step B4 also comprises:
UE and E-CN are that the signaling of transmitting between UE and the E-CN is carried out Confidentiality protection according to ciphering key Kcn and IKcn; And/or
UE and E-CN are that the user data that transmits between UE and the E-CN carries out integrity protection according to ciphering key Kcn and IKcn.
For providing the step of safeguard protection, Access Layer comprises among the described step b:
B1, UE set up and being connected of E-CN by E-RAN;
Obtain to share key master key by authentication process between b2, UE and the E-CN;
B3, UE and E-CN derive key RK by sharing key master key, and E-CN transfers to E-RAN with key RK;
B4, UE and E-RAN finish authentication between UE and the E-RAN according to key RK.
Described step B1 or b1 comprise:
UE is initiating access network request or access service request or position updating request or UE when striding that node switches among the E-CN, by being connected of E-RAN foundation and E-CN.
Described step b3 comprises:
B31, UE and E-CN derive key RK by shared key master key, the character string that indicates the generation Key Tpe, the identity of UE, the identity of RAN, and E-CN transfers to E-RAN with key RK; Or
B32, UE and E-CN derive key RK by the identity of shared key master key, the character string that indicates the generation Key Tpe, UE, the identity of RAN and the numerical value of assurance RK freshness, and E-CN transfers to E-RAN with key RK.
Described step b32 comprises:
E-CN derives key RK by the identity of shared key master key, the character string that indicates the generation Key Tpe, UE, the identity of RAN and the numerical value of assurance RK freshness;
E-CN will guarantee that the numerical value of RK freshness and RK transfer to E-RAN, and will guarantee that by E-RAN the numerical value of RK freshness transfers to UE;
UE after receiving the numerical value that guarantees the RK freshness, by share key master key, indicate the character string that generates Key Tpe, the numerical value of the assurance RK freshness of the identity of the identity of UE, RAN and its reception derives key RK.
Described step b4 comprises:
B41, UE and E-RAN as wildcard, and adopt key RK based on the authentication mechanism of wildcard and finish authentication between UE and the E-RAN; Perhaps
B42, UE and E-RAN utilize key RK that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection, to finish the authentication between UE and the E-RAN; Perhaps
B43, UE and E-RAN derive key Ikran according to key RK, and utilize key Ikran that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection, finish the authentication between UE and the E-RAN.
Described step b43 comprises:
E-RAN derives key Ikran by the numerical value of key RK and assurance key Ikran freshness, and will guarantee that the numerical value of key Ikran freshness transfers to UE;
UE derives key Ikran according to the numerical value of the assurance key Ikran freshness of key RK and its reception;
UE and E-RAN utilize key Ikran that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection, finish the authentication between UE and the E-RAN.
Described step b4 also comprises:
B44, UE and E-RAN derive ciphering key kran according to key RK, and utilize ciphering key kran that signaling and/or the user data that transmits between UE and the E-RAN carried out Confidentiality protection.
Described step b44 comprises:
E-RAN derives ciphering key kran by the numerical value of key RK and assurance ciphering key kran freshness, and will guarantee that the numerical value of ciphering key kran freshness transfers to UE;
UE derives ciphering key kran according to the numerical value of the assurance ciphering key kran freshness of key RK and its reception;
UE and E-RAN utilize ciphering key kran that signaling and/or the user data that transmits between UE and the E-RAN carried out Confidentiality protection.
Set UE generation area Domain Ar inner switch and UE and E-RAN between only adopt key RK to finish authentication between UE and the E-RAN, wherein, region D omain Ar is the control area of node Ar among the E-RAN, key RK is stored among the node Ar;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
UE and node Ar finish authentication between UE and the E-RAN according to the key RK of its storage.
Setting UE switches to from region D omain Ar and only adopts key RK to finish authentication between UE and the E-RAN between region D omain Br and UE and the E-RAN, wherein, region D omain Ar is the control area of node Ar among the E-RAN, region D omain Br is the control area of Node B r among the E-RAN, and node Ar and Node B r are arranged in the control area of the same node Gc of E-CN, key RK is stored among node Ar and the node Gc, and key master key is stored on the node Gc;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
Node Ar transfers to Node B r according to safety protecting mechanism in the E-RAN territory with the RK of its storage, and Node B r finishes authentication between UE and the E-RAN according to the RK of its reception and UE; Or
Node Gc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with the RK of its storage, and Node B r finishes authentication between UE and the E-RAN according to the RK of its reception and UE; Or
The key RK that node Gc and UE derive and make new advances according to key master key; described node Gc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with described new key RK, and Node B r finishes authentication between UE and the E-RAN according to the RK of its reception and UE.
Setting UE switches to from region D omain Ar and only adopts key RK to finish authentication between UE and the E-RAN between region D omain Br and UE and the E-RAN, wherein, region D omain Ar is the control area of node Ar among the E-RAN, region D omain Br is the control area of Node B r among the E-RAN, and node Ar is arranged in the control area of E-CN node Gc, Node B r is arranged in the control area of E-CN node Fc, key RK is stored among node Ar and the node Gc, and key master key is stored on the node Gc;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
Node Gc transfers to node Fc according to safety protecting mechanism in the E-CN territory with the RK of its storage, node Fc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with the RK of its reception, and Node B r finishes authentication between UE and the E-RAN according to the RK of its reception and UE; Or
Node Gc transfers to node Fc according to safety protecting mechanism in the E-CN territory with the key master key of its storage; the key RK that node Fc and UE derive and make new advances according to key master key; described node Fc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with described new key RK, and Node B r finishes authentication between UE and the E-RAN according to the RK of its reception and UE.
Setting between the inner switching of UE generation area DomainAr and UE and the E-RAN adopts key Ikran and/or Ckran that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection and/or Confidentiality protection, wherein, region D omain Ar is the control area of node Ar among the E-RAN, and key RK, IKran and/or CKran are stored among the Ar;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
UE and node Ar carry out integrity protection and/or Confidentiality protection according to the key Ikran and/or the Ckran of its storage to signaling and/or the user data that transmits between UE and the E-RAN respectively.
Setting UE switches to from region D omain Ar and adopts key Ikran and/or Ckran that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection and/or Confidentiality protection between region D omain Br and UE and the E-RAN, wherein, region D omain Ar is the control area of node Ar among the E-RAN, region D omain Br is the control area of Node B r among the E-RAN, and node Ar and Node B r are arranged in the control area of the same node Gc of E-CN, key Ikran and/or Ckran, RK are stored among the node Ar, and master key is stored among the Gc;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
Node Ar transfers to Node B r according to safety protecting mechanism in the E-RAN territory with the Ikran and/or the Ckran of its storage, and Node B r carries out integrity protection and/or Confidentiality protection according to the Ikran and/or the Ckran of its reception to signaling and/or the user data that transmits between UE and the E-RAN; Or
Node Ar transfers to Node B r according to safety protecting mechanism in the E-RAN territory with the RK of its storage, key Ikran and/or Ckran that Node B r and UE derive and make new advances according to described RK, Node B r and UE carry out integrity protection and/or Confidentiality protection according to described new key Ikran and/or Ckran to signaling and/or the user data that transmits between UE and the E-RAN; Or
Node Gc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with the RK of its storage, key Ikran and/or Ckran that Node B r and UE derive and make new advances according to described RK, Node B r and UE carry out integrity protection and/or Confidentiality protection according to described new key Ikran and/or Ckran to signaling and/or the user data that transmits between UE and the E-RAN; Or
The key RK that node Gc and UE derive and make new advances according to key master key; node Gc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with described new key RK; key Ikran and/or Ckran that Node B r and UE derive and make new advances according to described new RK, Node B r and UE carry out integrity protection and/or Confidentiality protection according to described new key Ikran and/or Ckran to signaling and/or the user data that transmits between UE and the E-RAN.
Set UE and switch to region D omain Cr from region D omain Ar, and adopt key Ikran and/or Ckran that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection and/or Confidentiality protection between UE and the E-RAN, wherein, region D omain Ar is the control area of node Ar among the E-RAN, region D omain Cr is the control area of node Cr among the E-RAN, and node Ar is arranged in the control area of E-CN node Gc, node Cr is arranged in the control area of E-CN node Fc, key Ikran and/or Ckran, RK is stored among the node Ar, and master key is stored among the node Gc;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
Node Gc transfers to node Fc according to safety protecting mechanism in the E-CN territory with the RK of its storage, node Fc transfers to node Cr according to safety protecting mechanism between the territory between E-RAN and the E-CN with the RK of its reception, key Ikran and/or Ckran that node Cr and UE derive and make new advances according to described RK, Node B r and UE carry out integrity protection and/or Confidentiality protection according to described new key Ikran and/or Ckran to signaling and/or the user data that transmits between UE and the E-RAN; Or
Node Gc transfers to node Fc according to safety protecting mechanism in the E-CN territory with the key master key of its storage; the key RK that node Fc and UE derive and make new advances according to key master key; described node Fc transfers to node Cr according to safety protecting mechanism between the territory between E-RAN and the E-CN with described new key RK; key Ikran and/or Ckran that node Cr and UE derive and make new advances according to described new RK, Node B r and UE carry out integrity protection and/or Confidentiality protection according to described new key Ikran and/or Ckran to signaling and/or the user data that transmits between UE and the E-RAN.
Description by technique scheme as can be known, the present invention is by being Access Layer, Non-Access Stratum and application layer provide safeguard protection, and be between the node and the node in the Non-Access Stratum in the Access Layer, provide between the territory between node in the Non-Access Stratum and the node in the application layer and protect, in the 3GPP evolvement network, formed the safety protecting mechanism that layering structure combines with the hop-by-hop framework, make user data the time through mistrustful wireless access network, wireless access network can't be decrypted user data, and, make wireless access network can't forge legal signaling and send to the user, improved the fail safe of mobile communication system greatly, reduced the trust demand between wireless access network and the core net, thereby, efficiently solve the safety problem that exists in the 3GPP evolvement network for the 3GPP evolvement network provides comprehensive safety assurance; Thereby realized improving the purpose of 3GPP evolvement network fail safe by technical scheme provided by the invention.
Description of drawings
Fig. 1 is the safe framework schematic diagram of the mobile communication system of the embodiment of the invention;
Fig. 2 is the safeguard protection schematic diagram one of the mobile communication system of the embodiment of the invention;
Fig. 3 is the safeguard protection schematic diagram two of the mobile communication system of the embodiment of the invention.
Embodiment
Core of the present invention is: mobile communication system is divided into application layer between Non-Access Stratum, UE and the application server between Access Layer, UE and the evolution core net E-CN between user equipment (UE) and the evolution wireless access network E-RAN; for Access Layer, Non-Access Stratum and application layer provide safeguard protection respectively; and between evolution wireless access network and the evolution core net, evolution core net and use between the net safeguard protection between the territory is provided respectively, to carry out safeguard protection to mobile communication system network.
Based on core concept of the present invention technical scheme provided by the invention is further described below.
The safe framework of network entity in the mobile communication system that the present invention relates to and mobile communication system as shown in Figure 1.Among Fig. 1, mobile communication system is made up of following four parts:
A) UE (User Equipment, subscriber equipment): the user visits the miscellaneous service that mobile communication system provides by UE access mobile communication system.These business can be provided by operator, also can be provided by the third party.
B) E-RAN (Evolved Radio access network, evolution wireless access network): the RAB that is used to communicate by letter between responsible generation and maintenance customer's equipment and the E-CN, realize the communication between E-CN and the UE.
C) E-CN (Evolved Core network, evolution core net): the basic platform that all communication services are provided for the user.
D) application provides network: for the user provides miscellaneous service.
The security architecture of mobile communication system has adopted the mode that protection combines between layer architecture, territory among the present invention; protection combines and can realize hop-by-hop safeguard protection mode between the network node between layering structure and territory, thereby guarantees the safety between the arbitrary node in the mobile communication system.The safe framework of mobile communication system of the present invention is divided into three layers:
1, Access Layer safety: be meant the safeguard protection between UE and the E-RAN, comprise the authentication between UE and the E-RAN, RAN signaling mutual between UE and the E-RAN is protected the user data protection of transmitting etc. between UE and E-RAN-.
2, Non-Access Stratum safety: be meant the safeguard protection between UE and the E-CN, comprise the authentication between UE and the E-CN, CN signaling mutual between UE and the E-RAN is protected, the user data protection of transmitting between UE and E-CN.
3, application layer security: in general, different application has different security mechanisms, and still, the basis of these security mechanisms can be divided into two kinds: a kind of mechanism of sharing key that is based on, another is based on the mechanism of certificate.Application layer security in the mobile communications network of the present invention need provide a kind of mechanism, and this mechanism can make the user and use provides the application server in the network to negotiate wildcard or can issue certificate to user and application server.Application layer security among the present invention can adopt GAA (GeneralAuthentication Architecture, generic authentication architecture).
In mobile communication system; iff providing the layering protection still can't be for mobile communication system provides comprehensive safeguard protection, the present invention also need between E-RAN and the E-CN, E-CN and the safeguard protection that all provides between the application server of application between the territory is provided.In addition, also can optionally realize the safety protecting mechanism in the territory in the inside of E-RAN, the inside of E-CN according to the demand of safeguard protection.In the typical territory and the security mechanism between the territory TLS (safe transmission layer protocol), IPsec (the Internet protocol security) etc. are arranged.
Security protection technology scheme provided by the invention mainly comprises following 4 steps:
UE and E-CN must know the full detail of derivation ciphering key Kcn and IKcn, and the full detail of ciphering key Kcn and IKcn if UE and E-CN do not know to derive can obtain the full detail of derivation ciphering key Kcn and IKcn by the mode of information interaction.
UE also needs to derive key RK according to the identity of master key and E-RAN and other necessary information as indicating the character string that generates Key Tpe, the identity of UE, the identity of RAN etc.UE and E-CN must obtain the required full detail of RK of deriving, and the required full detail of RK if UE and E-CN do not know to derive can obtain by the mode of information interaction.
For guaranteeing the freshness of RK, in the process of derivation key RK, can increase the numerical value that guarantees the RK freshness, if UE does not know this numerical value, then E-CN can transfer to UE by E-RAN with this numerical value, like this, UE can derive key RK according to the numerical value of its assurance RK freshness that receives.E-CN can transfer to UE by E-RAN together with numerical value and the RK that guarantees the RK freshness, and E-RAN can guarantee integrality in the transmission course of this numerical value by RK.
The mode of utilizing RK that interactive signaling between UE and the E-RAN is carried out integrity protection mainly contains two kinds: a kind of is directly to utilize RK that signaling is carried out integrity protection; another is that UE and E-RAN derive IKran according to RK, and utilizes IKran to realize integrity protection to the signaling of transmitting between UE and the E-RAN.Certainly, IKran also can be utilized for the user data that transmits between UE and the E-RAN integrity protection optionally is provided.
For guaranteeing the freshness of IKran, in the process of derivation key IKran, can increase the numerical value that guarantees the IKran freshness, if UE does not know this numerical value, then E-RAN can transfer to UE with this numerical value, like this, UE can derive key IKran according to the numerical value of its assurance IKran freshness that receives.E-RAN can guarantee integrality in the transmission course of this numerical value by key RK.
If the user data that transmits between interactive signaling and UE and the E-RAN between UE and the E-RAN has the encipherment protection demand; UE and E-RAN can derive CKran according to RK, and utilize CKran to realize Confidentiality protection to signaling between UE and the E-RAN and user data.
UE and E-RAN must know the full detail of derivation ciphering key Kran and IKran, if ignorant words can be obtained the full detail of derivation ciphering key Kran and IKran by the mode of information interaction.
For guaranteeing the freshness of ciphering key Kran, in the process of derivation ciphering key Kran, can increase the numerical value that guarantees the CKran freshness, if UE does not know this numerical value, then E-RAN can transfer to UE with this numerical value, like this, UE can derive ciphering key Kran according to the numerical value of its assurance CKran freshness that receives.E-RAN can guarantee integrality in the transmission course of this numerical value by key RK.
When UE switches; the present invention still needs to realize the fail safe protection of mobile communication system; like this; node after the switching needs corresponding secret key to realize the fail safe protection of mobile communication system equally; the key that node after the switching needs can come from the node before switching, also can be by re-authenticating acquisition.After below UE being switched, the safety protection method of mobile communication system describes.
Setting UE and E-RAN only uses RK that the integrity protection of signaling and user data is provided; and RK is stored on the node Ar among the E-RAN; the control area of node Ar is Domain Ar; the control area of Node B r is Domain Br; CKcn, IKcn and master key are stored on the node Gc among the E-CN, and the control area of Gc is Area Gc.The safety protection method of mobile communication system mainly comprises following a, b, three kinds of situations of c:
A) when the switching of Domain Ar intra-zone took place UE, RK need not transmit in network, and node Ar and UE all carry out the fail safe protection according to RK to signaling and the user data that transmits between them, and be concrete as the description among the above-mentioned embodiment.
B) when the switching of Domain Ar between Domain Br takes place UE, there are following three kinds of methods to transmit RK.Above-mentioned Node B r is the node that the position is equal to node Ar, and Node B r is positioned at Area Gc, and key RK is stored among the node Ar.
First method is: node Ar is transferred to Br with its storage, original RK from Ar, and the fail safe in the RK transmission course is guaranteed by the security mechanism of E-RAN inside.
Second method is: node Gc is transferred to Br with its storage, original RK from Gc, and the fail safe in the RK transmission course is guaranteed by the security mechanism between E-RAN and the E-CN.
The third method is: by the RK that Gc and UE derive and make new advances according to the identity of master key and new Br simultaneously, Gc sends to Br with new RK, and the fail safe in the RK transmission course is guaranteed by the security mechanism between E-RAN and the E-CN.
Node B r is after having obtained RK, and UE all carries out the fail safe protection according to RK to the signaling transmitted between them and user data together, the description among the concrete as above-mentioned embodiment.
C) when the switching of Domain Ar between Domain Cr takes place UE, there are following three kinds of methods to transmit RK.Above-mentioned node Cr is the node that the position is equal to node Ar, and node Cr is positioned at another one Area Fc, and node Fc is the core net node that is in par with node Gc.
First method is: node Gc is transferred to node Fc with its storage, original RK, then, by node Fc its RK that receives is transferred to node Cr.Here, the fail safe in the RK transmission course by in the E-CN territory between the territory between security mechanism, E-RAN and the E-CN security mechanism guarantee.
Second method is: node Gc sends to node Fc with master key, the RK that node Fc and UE derive and make new advances according to the identity of masterkey and Cr, and node Fc sends to node Cr with new RK.Here, the fail safe in the RK transmission course by in the E-CN territory between the territory between security mechanism, E-RAN and the E-CN security mechanism guarantee.
The third method is: node Fc and UE generate new master key by authentication, ciphering key Kcn and IKcn that node Fc and UE utilize this new shared key master key to derive and make new advances.The key RK that node Fc and UE derive and make new advances according to identity and other the necessary information of shared key master key and E-RAN, the RK that node Fc will newly derive is transferred to node Cr.The process of transmission RK is protected by safety protecting mechanism between the territory between E-RAN and the E-CN.Step 1 is to the description of step 4 among specific implementation process in the method three such as the above-mentioned embodiment.
By the description of above-mentioned three kinds of methods, node Cr is after having obtained RK, and UE all carries out the fail safe protection according to RK to the signaling transmitted between them and user data together, the description among the concrete as above-mentioned embodiment.
When UE initiates position updating request; be that UE is when striding the change in location of Area Gc under Idle (free time) state; must re-execute authentication process and generate new key set; that is to say; when UE initiates position updating request, need to adopt the step of describing in the foregoing description 1 to realize the fail safe protection of mobile communication system of the present invention to the process of step 4.
Setting UE and E-RAN uses RK, IKran and CKran that the integrity protection of signaling and user data is provided; and RK, IKran and CKran are stored on the node Ar among the E-RAN; the control area of node Ar is Domain Ar; the control area of Node B r is Domain Br; CKcn, IKcn and master key are stored on the node Gc among the E-CN, and the control area of Gc is Area Gc.The safety protection method of mobile communication system mainly comprises following A, B, three kinds of situations of C:
A) when the switching of Domain Ar intra-zone took place UE, key need not transmit in network.Node Ar and UE all carry out the fail safe protection according to CKran and IKran to signaling and the user data that transmits between them.Concrete description as above-mentioned embodiment.
B) when the switching of Domain Ar between Domain Br takes place UE, there are following four kinds of methods to transmit RK.Above-mentioned Node B r is the node that the position is equal to node Ar, and Node B r is positioned at Area Gc.
First method is: node Ar is transferred to Node B r with its storage, original CKran and IKran, and the fail safe in CKran and the Ikran transmission course is guaranteed by the security mechanism of E-RAN territory portion.
Second method is: node Ar is transferred to Node B r with its storage, original RK, and the fail safe in the RK transmission course is guaranteed by the security mechanism in the E-RAN territory.CKran and IKran that Node B r and UE derive and make new advances according to RK.
The third method is: node Gc is transferred to Node B r with its storage, original RK, and the fail safe in the RK transmission course is protected by security mechanism between the territory between E-RAN and the E-CN.CKran and IKran that Node B r and UE derive and make new advances according to RK.
The 4th kind of method is: the RK that node Gc and UE derive and make new advances according to identity and other the necessary information of master key and Node B r simultaneously; node Gc sends to Node B r with new RK, and the fail safe in the new RK transmission course is protected by security mechanism between the territory between E-RAN and the E-CN.CKran and IKran that Node B r and UE derive and make new advances according to new RK.
By the description of above-mentioned four kinds of methods, Node B r is after having obtained CKran and IKran, and UE all carries out the fail safe protection according to CKran and IKran to signaling and the user data that transmits between them together, the description among the concrete as above-mentioned embodiment.
C) when the switching of Domain Ar between Domain Cr takes place UE, there are following three kinds of methods to transmit RK.Above-mentioned node Cr is the node that the position is equal to node Ar, and node Cr is positioned at another one Area Fc, and node Fc is the core net node that is in par with node Gc.
First method is: node Gc is transferred to node Fc with its storage, original RK, and the fail safe in the RK transmission course guarantees by security mechanism in the E-CN territory, then, by node Fc the RK of its reception is transferred to node Cr.CKran and IKran that node Cr and UE derive and make new advances according to RK.
Second method is: node Gc sends to node Fc with its storage, original master key; fail safe in the masterkey transmission course is protected by security mechanism in the E-CN territory; the RK that node Fc and UE derive and make new advances according to identity and other the necessary information of masterkey and Cr, node Fc sends to node Cr with new RK.CKran and IKran that node Cr and UE derive and make new advances according to new RK.
The third method is: node Fc and UE generate new master key by authentication, ciphering key Kcn and IKcn that node Fc and UE utilize this new shared key master key to derive and make new advances.The key RK that node Fc and UE derive and make new advances according to identity and other the necessary information of shared key master key and E-RAN, the RK that node Fc will newly derive is transferred to node Cr, CKran and Ikran that node Cr and UE derive and make new advances according to new RK.The process of transmission RK is protected by safety protecting mechanism between the territory between E-RAN and the E-CN.
By the description of above-mentioned three kinds of methods, node Cr is after having obtained CKran and Ikran, and UE all carries out the fail safe protection according to CKran and Ikran to signaling and the user data that transmits between them together, the description among the concrete as above-mentioned embodiment.
When UE initiates position updating request; be that UE is when striding the change in location of Area Gc under Idle (free time) state; must re-execute authentication process and generate new key set; that is to say; when UE initiates position updating request, need to adopt the step of describing in the foregoing description 1 to realize the fail safe protection of mobile communication system of the present invention to the process of step 4.
Describe below in conjunction with two specific embodiments of accompanying drawing technical scheme of the present invention.
Embodiment one, and Non-Access Stratum provides the Confidentiality protection and the integrity protection of CN signaling, and the Confidentiality protection of user data.Access Layer provides the integrity protection of RAN signaling, and the Confidentiality protection of RAN signaling and the Confidentiality protection of user data are not provided.Access Layer utilizes RK to finish the authentication of Access Layer.
Among Fig. 1, carry out authentication at step 1, UE and E-CN by the EAP agreement, authenticating result generates a shared key master key.
To step 2, UE and E-CN master key is deduced, calculate ciphering key Kcn and IKcn.The parameter that calculates CKcn and IKcn should comprise master key, indicate the character string that generates Key Tpe, the identity of UE etc., as CKcn=SHA-256 (master key; " CN Encryption Key "; UEidentity; ); IKcn=SHA-256 (master key; " Integrity Key "; UE identity; ).
CKcn and IKcn are utilized between UE and the E-CN interactive signaling integrity protection and optional Confidentiality protection are provided, for the user data that transmits between UE and the E-CN provides Confidentiality protection.
To step 3, E-CN master key is deduced, calculate key RK.The parameter that calculates RK should comprise master key, indicate the character string that generates Key Tpe, the identity of UE, the identity of RAN, a numerical value that guarantees the RK freshness etc.As RK=SHA-256 (master key; " RAN Key "; UE identity; RAN identity; FRESH; ).The FRESH value will be delivered to UE so that UE can calculate RK.
To step 4, E-CN FRESH value and RK are transferred to E-RAN, the safe transmission of RK is protected by security mechanism between the territory between E-RAN and the E-CN.
To step 5, E-RAN the FRESH value is passed to UE, this message need utilize RK that integrity protection is provided.UE deduces mater key according to the FRESH value, calculates RK.Utilize RK that this message is carried out the correctness that integrity checking guarantees FRESH.
RK is utilized for RAN signaling mutual between UE and the E-RAN integrity protection is provided, and still, does not provide the Confidentiality protection of RAN signaling.Interactive authentication between UE and the E-RAN is finished by the integrality of checking the RAN signaling.Because user data is protected at Non-Access Stratum, therefore, can not provide the Confidentiality protection of user data at Access Layer.
In the present embodiment, if RK is positioned on the node ENodeB near the user of Access Network, CKcn and IKcn and master key are arranged on the node M ME/UPE (mobility management apparatus/user plane equipment) that core net approaches Access Network most, and then the transmission course of safe context can be following several situations:
1, when the switching between the UE generation ENodeB, can RK be passed to target ENodeB, guarantee the safety of RK transmission by the security mechanism of E-RAN inside by source ENodeB; Also can generate new RK according to the identity of master key and target ENodeB respectively by UE and MME/UPE, MME/UPE sends to target ENodeB with new RK, guarantees the safety that new RK transmits by security mechanism between the territory between E-RAN and the E-CN.
2, when UE strides the switching of MME/UPE, can RK be passed to target ENodeB via target MME/UPE by source MME/UPE, security mechanism and the security mechanism between E-RAN and the E-CN by E-CN inside guarantee the safety that RK transmits, and source MME/UPE passes to target MME/UPE with CKcn and IKcn simultaneously.
Also can be by source MME/UPE with master key, CKcn and IKcn pass to target MME/UPE, are guaranteed the safety of master key, CKcn and IKcn transmission by the security mechanism of E-CN inside.Target MME/UPE and UE generate new RK according to the identity of master key and target ENodeB respectively, and target MME/UPE gives target ENodeB with new RK, guarantee the safety that new RK transmits by the security mechanism between E-RAN and the E-CN.
Also can master key be passed to target MME/UPE, guarantee the safety of master key transmission by the security mechanism of E-CN inside by source MME/UPE.CKcn and IKcn that target MME/UPE and UE derive and make new advances according to masterkey respectively.New CKcn and IKcn may be identical with IKcn with original C Kcn, and if this is the case, UE does not need to deduce and obtains new CKcn and IKcn so, only are that target MME/UPE derives according to master key and obtains CKcn and IKcn.Target MME/UPE and UE generate new RK according to the identity of master key and target ENodeB respectively, and target MME/UPE sends to target ENodeB with new RK, guarantee the safety that new RK transmits by the security mechanism between E-RAN and the E-CN.
Also can carry out verification process and generate new master key, generate new CKcn, IKcn and RK according to new master key by target MME/UPE and UE.New RK is sent to target ENodeB.
3, when the UE occurrence positions upgrades, UE and E-CN need re-execute authentication process and generate new master key, CKcn, IKcn and RK.
In the present embodiment, if the position of each key storage changes, then carry out the transmission of key with reference to above-mentioned transmittance process.
Embodiment two, and Non-Access Stratum provides the Confidentiality protection and the integrity protection of CN signaling, the Confidentiality protection of user data.Access Layer provides the integrity protection and the Confidentiality protection of RAN signaling, and the Confidentiality protection of user data also is provided.Access Layer utilizes RK or RK to deduce the authentication that the IKran that obtains finishes Access Layer.
Among Fig. 3, carry out authentication at step 1, UE and E-CN by the EAP agreement, authenticating result generates a shared key master key.
To step 2, UE and E-CN master key is deduced, calculate ciphering key Kcn and IKcn.The parameter that calculates CKcn and IKcn should comprise master key, indicate the character string that generates Key Tpe, the identity of UE etc.As: CKcn=SHA-256 (master key; " CN Encryption Key "; UEidentity; ); IKcn=SHA-256 (master key; " Integrity Key "; UE identity; ).
CKcn and IKcn are utilized between UE and the E-CN interactive signaling integrity protection and optional Confidentiality protection are provided, for the user data that transmits between UE and the E-CN provides Confidentiality protection.
To step 3, UE and E-CN master key is deduced, calculate key RK.The parameter that calculates RK should comprise master key, indicate the character string that generates Key Tpe, the identity of UE, the identity of RAN etc.As RK=SHA-256 (master key; " RAN Key "; UE identity; RANidentity; ).
To step 4, E-CN RK is transferred to E-RAN, the safe transmission of RK is protected by the security mechanism between E-RAN and the E-CN.
There are two kinds to step 5, UE and E-RAN according to the method that RK deduces CKran and IKran.A kind of be UE and E-RAN with RK as wildcard, carry out and realize interactive authentication based on the authentication mechanism of wildcard, the result of interactive authentication generates CKran and IKran.
Another method is that E-RAN generates a random number FRESH, and RK deduced obtains CKran and IKran.The parameter of deducing CKran and IKran should comprise RK, indicate the character string that generates Key Tpe, the identity of UE etc.As CKran=SHA-256 (RK, " Cipher Key of RAN ", UE identity, FRESH), IKran=SHA-256 (RK, " Integrity Key of RAN ", UE identity, FRESH).E-RAN sends to UE with FRESH, and this message utilizes IKran to carry out integrity protection.UE calculates IKran according to FRESH, utilizes IKran to check that the integrality of this message guarantees the correct of FRESH value.The integrity protection that UE and E-RAN utilize IKran to provide is realized the authentication between UE and the E-RAN.
CKran and IKran are utilized between UE and the E-RAN interactive signaling and carry out integrity protection and Confidentiality protection, and CKran and IKran also can come to carry out Confidentiality protection and integrity protection for the user data that transmits between UE and the E-RAN according to user's wish.
In the present embodiment, if RK, CKran and IKran are positioned on the node ENodeB near the user of Access Network, CKcn and IKcn and master key are arranged on the node M ME/UPE that core net approaches Access Network most, and then the transmission course of safe context is as follows:
1. when the switching between the UE generation ENodeB, can CKran and IKran be passed to target ENodeB, guarantee the safety of CKran and IKran transmission by the security mechanism of E-RAN inside by source ENodeB.
Also can RK be passed to target ENodeB by source NodeB, UE and target ENodeB regenerate CKran and IKran according to top method at the 5th.Security mechanism by E-RAN inside guarantees the safety that RK transmits.
Also can generate new RK according to the identity of master key and target ENodeB respectively by UE and MME/UPE, MME/UPE sends to target ENodeB with new RK, and target ENodeB and UE generate new CKran and IKran according to RK.Guarantee the safety that new RK transmits by the security mechanism between E-RAN and the E-CN.
2. when UE strides the switching of MME/UPE, can RK be passed to target ENodeB via target MME/UPE by source MME/UPE, target ENodeB and UE generate new CKran and IKran according to RK.Security mechanism and the security mechanism between E-RAN and the E-CN by E-CN inside guarantee the safety that RK transmits.Source MME/UPE passes to target MME/UPE with CKcn and IKcn simultaneously.
Also can source MME/UPE with master key, CKcn and IKcn pass to target MME/UPE, guarantee the safety that master key, CKcn and IKcn transmit by the security mechanism of E-CN inside.Target MME/UPE and UE generate new RK according to the identity of master key and target ENodeB respectively, and target MME/UPE sends to target ENodeB with new RK, and target ENodeB and UE generate new CKran and IKran according to RK.Guarantee the safety that new RK transmits by the security mechanism between E-RAN and the E-CN.
Also can master key be passed to target MME/UPE, guarantee the safety of master key transmission by the security mechanism of E-CN inside by source MME/UPE.CKcn and IKcn that target MME/UPE and UE derive and make new advances according to masterkey respectively.New CKcn and IKcn may be identical with IKcn with original C Kcn, and if this is the case, UE does not need to deduce and obtains new CKcn and IKcn so, only are that target MME/UPE derives according to master key and obtains CKcn and IKcn.Target MME/UPE and UE generate new RK according to the identity of master key and target ENodeB respectively, and target MME/UPE sends to target ENodeB with new RK, and target ENodeB and UE generate new CKran and IKran according to RK.Guarantee the safety that new RK transmits by the security mechanism between E-RAN and the E-CN.
Also can carry out verification process and generate new master key, generate new CKcn, IKcn and RK according to new master key by target MME/UPE and UE.New RK is sent to target ENodeB.
3. when the UE occurrence positions upgrades, when promptly UE strode the position change of MME/UPE under the idle state, UE and E-CN need re-execute authentication process and generate new master key, CKcn, IKcn, RK, CKran and IKran.
In the present embodiment, if the position of each key storage changes, then carry out the transmission of key with reference to above-mentioned transmittance process.
Though described the present invention by embodiment, those of ordinary skills know, the present invention has many distortion and variation and do not break away from spirit of the present invention, and the claim of application documents of the present invention comprises these distortion and variation.
Claims (22)
1, a kind of method of protecting mobile communication system network safety is characterized in that, comprising:
A, mobile communication system is divided into Non-Access Stratum, UE and application between Access Layer, UE and the evolution core net E-CN between user equipment (UE) and the evolution wireless access network E-RAN application layer between the network is provided;
B, provide safeguard protection respectively for Access Layer, Non-Access Stratum and application layer; and between evolution wireless access network and the evolution core net, evolution core net and use between the net safeguard protection between the territory is provided respectively, to carry out safeguard protection to mobile communication system network.
2, a kind of method of protecting mobile communication system network safety as claimed in claim 1 is characterized in that, among the described step b:
The safeguard protection that provides for Access Layer comprises: for transmitting the safeguard protection that RAN signaling and user data provide between UE and the E-RAN;
The safeguard protection that provides for Non-Access Stratum comprises: for transmitting the safeguard protection that CN signaling and user data provide between UE and the E-CN.
3, a kind of method of protecting mobile communication system network safety as claimed in claim 1 is characterized in that described safeguard protection comprises: integrity protection and/or Confidentiality protection.
4, a kind of method of protecting mobile communication system network safety as claimed in claim 1 is characterized in that described step b also comprises: for wireless access network, core net and application net provide safeguard protection in the territory.
5, as claim 1 or 4 described a kind of methods of protecting mobile communication system network safety, it is characterized in that, among the described step b between the territory/territory in safeguard protection comprise: safe transmission layer protocol TLS, the Internet protocol security IPsec.
6, a kind of method of protecting mobile communication system network safety as claimed in claim 1 is characterized in that, comprises for Non-Access Stratum provides the step of safeguard protection among the described step b:
B1, UE set up and being connected of E-CN by E-RAN;
Obtain to share key master key by authentication process between B2, UE and the E-CN;
B3, UE and E-CN derive ciphering key Kcn and IKcn by sharing key master key;
B4, UE and E-CN are that the signaling of transmitting between UE and the E-CN is carried out integrity protection according to ciphering key Kcn and Ikcn, and are that the user data that transmits between UE and the E-CN carries out Confidentiality protection.
7, a kind of method of protecting mobile communication system network safety as claimed in claim 6 is characterized in that described step B3 comprises:
UE and E-CN are by sharing key master key, indicate the character string that generates Key Tpe, the identity of UE, deriving ciphering key Kcn and Ikcn.
8, a kind of method of protecting mobile communication system network safety as claimed in claim 6 is characterized in that described step B4 also comprises:
UE and E-CN are that the signaling of transmitting between UE and the E-CN is carried out Confidentiality protection according to ciphering key Kcn and IKcn; And/or
UE and E-CN are that the user data that transmits between UE and the E-CN carries out integrity protection according to ciphering key Kcn and IKcn.
9, a kind of method of protecting mobile communication system network safety as claimed in claim 1 is characterized in that, comprises for Access Layer provides the step of safeguard protection among the described step b:
B1, UE set up and being connected of E-CN by E-RAN;
Obtain to share key master key by authentication process between b2, UE and the E-CN;
B3, UE and E-CN derive key RK by sharing key master key, and E-CN transfers to E-RAN with key RK;
B4, UE and E-RAN finish authentication between UE and the E-RAN according to key RK.
10, as claim 6 or 9 described a kind of methods of protecting mobile communication system network safety, it is characterized in that described step B1 or b1 comprise:
UE is initiating access network request or access service request or position updating request or UE when striding that node switches among the E-CN, by being connected of E-RAN foundation and E-CN.
11, a kind of method of protecting mobile communication system network safety as claimed in claim 9 is characterized in that described step b3 comprises:
B31, UE and E-CN derive key RK by shared key master key, the character string that indicates the generation Key Tpe, the identity of UE, the identity of RAN, and E-CN transfers to E-RAN with key RK; Or
B32, UE and E-CN derive key RK by the identity of shared key master key, the character string that indicates the generation Key Tpe, UE, the identity of RAN and the numerical value of assurance RK freshness, and E-CN transfers to E-RAN with key RK.
12, a kind of method of protecting mobile communication system network safety as claimed in claim 11 is characterized in that described step b32 comprises:
E-CN derives key RK by the identity of shared key master key, the character string that indicates the generation Key Tpe, UE, the identity of RAN and the numerical value of assurance RK freshness;
E-CN will guarantee that the numerical value of RK freshness and RK transfer to E-RAN, and will guarantee that by E-RAN the numerical value of RK freshness transfers to UE;
UE after receiving the numerical value that guarantees the RK freshness, by share key master key, indicate the character string that generates Key Tpe, the numerical value of the assurance RK freshness of the identity of the identity of UE, RAN and its reception derives key RK.
13, a kind of method of protecting mobile communication system network safety as claimed in claim 9 is characterized in that described step b4 comprises:
B41, UE and E-RAN as wildcard, and adopt key RK based on the authentication mechanism of wildcard and finish authentication between UE and the E-RAN; Perhaps
B42, UE and E-RAN utilize key RK that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection, to finish just recognizing between UE and the E-RAN; Perhaps
B43, UE and E-RAN derive key Ikran according to key RK, and utilize key Ikran that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection, finish the authentication between UE and the E-RAN.
14, a kind of method of protecting mobile communication system network safety as claimed in claim 13 is characterized in that described step b43 comprises:
E-RAN derives key Ikran by the numerical value of key RK and assurance key Ikran freshness, and will guarantee that the numerical value of key Ikran freshness transfers to UE;
UE derives key Ikran according to the numerical value of the assurance key Ikran freshness of key RK and its reception;
UE and E-RAN utilize key Ikran that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection, finish the authentication between UE and the E-RAN.
15, a kind of method of protecting mobile communication system network safety as claimed in claim 13 is characterized in that described step b4 also comprises:
B44, UE and E-RAN derive ciphering key kran according to key RK, and utilize ciphering key kran that signaling and/or the user data that transmits between UE and the E-RAN carried out Confidentiality protection.
16, a kind of method of protecting mobile communication system network safety as claimed in claim 15 is characterized in that described step b44 comprises:
E-RAN derives ciphering key kran by the numerical value of key RK and assurance ciphering key kran freshness, and will guarantee that the numerical value of ciphering key kran freshness transfers to UE;
UE derives ciphering key kran according to the numerical value of the assurance ciphering key kran freshness of key RK and its reception;
UE and E-RAN utilize ciphering key kran that signaling and/or the user data that transmits between UE and the E-RAN carried out Confidentiality protection.
17, as claim 9,11,12,13,14,15 or 16 described a kind of methods of protecting mobile communication system network safety, it is characterized in that:
Set UE generation area Domain Ar inner switch and UE and E-RAN between only adopt key RK to finish authentication between UE and the E-RAN, wherein, region D omain Ar is the control area of node Ar among the E-RAN, key RK is stored among the node Ar;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
UE and node Ar finish authentication between UE and the E-RAN according to the key RK of its storage.
18, as claim 9,11,12,13,14,15 or 16 described a kind of methods of protecting mobile communication system network safety, it is characterized in that:
Setting UE switches to from region D omain Ar and only adopts key RK to finish authentication between UE and the E-RAN between region D omain Br and UE and the E-RAN, wherein, region D omainAr is the control area of node Ar among the E-RAN, region D omain Br is the control area of Node B r among the E-RAN, and node Ar and Node B r are arranged in the control area of the same node Gc of E-CN, key RK is stored among node Ar and the node Gc, and key master key is stored on the node Gc;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
Node Ar transfers to Node B r according to safety protecting mechanism in the E-RAN territory with the RK of its storage, and Node B r finishes authentication between UE and the E-RAN according to the RK of its reception and UE; Or
Node Gc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with the RK of its storage, and Node B r finishes authentication between UE and the E-RAN according to the RK of its reception and UE; Or
The key RK that node Gc and UE derive and make new advances according to key master key; described node Gc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with described new key RK, and Node B r finishes authentication between UE and the E-RAN according to the RK of its reception and UE.
19, as claim 9,11,12,13,14,15 or 16 described a kind of methods of protecting mobile communication system network safety, it is characterized in that:
Setting UE switches to from region D omain Ar and only adopts key RK to finish authentication between UE and the E-RAN between region D omain Br and UE and the E-RAN, wherein, region D omain Ar is the control area of node Ar among the E-RAN, region D omain Br is the control area of Node B r among the E-RAN, and node Ar is arranged in the control area of E-CN node Gc, Node B r is arranged in the control area of E-CN node Fc, key RK is stored among node Ar and the node Gc, and key master key is stored on the node Gc;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
Node Gc transfers to node Fc according to safety protecting mechanism in the E-CN territory with the RK of its storage, node Fc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with the RK of its reception, and Node B r finishes authentication between UE and the E-RAN according to the RK of its reception and UE; Or
Node Gc transfers to node Fc according to safety protecting mechanism in the E-CN territory with the key master key of its storage; the key RK that node Fc and UE derive and make new advances according to key master key; described node Fc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with described new key RK, and Node B r finishes authentication between UE and the E-RAN according to the RK of its reception and UE.
20, as claim 13,14,15 or 16 described a kind of methods of protecting mobile communication system network safety, it is characterized in that:
Setting between the inner switching of UE generation area Domain Ar and UE and the E-RAN adopts key Ikran and/or Ckran that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection and/or Confidentiality protection, wherein, region D omain Ar is the control area of node Ar among the E-RAN, and key RK, IKran and/or CKran are stored among the Ar;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
UE and node Ar carry out integrity protection and/or Confidentiality protection according to the key Ikran and/or the Ckran of its storage to signaling and/or the user data that transmits between UE and the E-RAN respectively.
21, as claim 13,14,15 or 16 described a kind of methods of protecting mobile communication system network safety, it is characterized in that:
Setting UE switches to from region D omain Ar and adopts key Ikran and/or Ckran that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection and/or Confidentiality protection between region D omain Br and UE and the E-RAN, wherein, region D omain Ar is the control area of node Ar among the E-RAN, region D omain Br is the control area of Node B r among the E-RAN, and node Ar and Node B r are arranged in the control area of the same node Gc of E-CN, key Ikran and/or Ckran, RK are stored among the node Ar, and master key is stored among the Gc;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
Node Ar transfers to Node B r according to safety protecting mechanism in the E-RAN territory with the Ikran and/or the Ckran of its storage, and Node B r carries out integrity protection and/or Confidentiality protection according to the Ikran and/or the Ckran of its reception to signaling and/or the user data that transmits between UE and the E-RAN; Or
Node Ar transfers to Node B r according to safety protecting mechanism in the E-RAN territory with the RK of its storage, key Ikran and/or Ckran that Node B r and UE derive and make new advances according to described RK, Node B r and UE carry out integrity protection and/or Confidentiality protection according to described new key Ikran and/or Ckran to signaling and/or the user data that transmits between UE and the E-RAN; Or
Node Gc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with the RK of its storage, key Ikran and/or Ckran that Node B r and UE derive and make new advances according to described RK, Node B r and UE carry out integrity protection and/or Confidentiality protection according to described new key Ikran and/or Ckran to signaling and/or the user data that transmits between UE and the E-RAN; Or
The key RK that node Gc and UE derive and make new advances according to key master key; node Gc transfers to Node B r according to safety protecting mechanism between the territory between E-RAN and the E-CN with described new key RK; key Ikran and/or Ckran that Node B r and UE derive and make new advances according to described new RK, Node B r and UE carry out integrity protection and/or Confidentiality protection according to described new key Ikran and/or Ckran to signaling and/or the user data that transmits between UE and the E-RAN.
22, as claim 13,14,15 or 16 described a kind of methods of protecting mobile communication system network safety, it is characterized in that:
Set UE and switch to region D omain Cr from region D omain Ar, and adopt key Ikran and/or Ckran that signaling and/or the user data that transmits between UE and the E-RAN carried out integrity protection and/or Confidentiality protection between UE and the E-RAN, wherein, region D omain Ar is the control area of node Ar among the E-RAN, region D omain Cr is the control area of node Cr among the E-RAN, and node Ar is arranged in the control area of E-CN node Gc, node Cr is arranged in the control area of E-CN node Fc, key Ikran and/or Ckran, RK is stored among the node Ar, and master key is stored among the node Gc;
For providing the step of safeguard protection, Access Layer comprises among the described step b:
Node Gc transfers to node Fc according to safety protecting mechanism in the E-CN territory with the RK of its storage, node Fc transfers to node Cr according to safety protecting mechanism between the territory between E-RAN and the E-CN with the RK of its reception, key Ikran and/or Ckran that node Cr and UE derive and make new advances according to described RK, Node B r and UE carry out integrity protection and/or Confidentiality protection according to described new key Ikran and/or Ckran to signaling and/or the user data that transmits between UE and the E-RAN; Or
Node Gc transfers to node Fc according to safety protecting mechanism in the E-CN territory with the key master key of its storage; the key RK that node Fc and UE derive and make new advances according to key master key; described node Fc transfers to node Cr according to safety protecting mechanism between the territory between E-RAN and the E-CN with described new key RK; key Ikran and/or Ckran that node Cr and UE derive and make new advances according to described new RK, Node B r and UE carry out integrity protection and/or Confidentiality protection according to described new key Ikran and/or Ckran to signaling and/or the user data that transmits between UE and the E-RAN.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200610001656 CN101005489A (en) | 2006-01-20 | 2006-01-20 | Method for protecting mobile communication system network safety |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200610001656 CN101005489A (en) | 2006-01-20 | 2006-01-20 | Method for protecting mobile communication system network safety |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101005489A true CN101005489A (en) | 2007-07-25 |
Family
ID=38704353
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200610001656 Pending CN101005489A (en) | 2006-01-20 | 2006-01-20 | Method for protecting mobile communication system network safety |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101005489A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008138273A1 (en) * | 2007-05-15 | 2008-11-20 | Huawei Technologies Co., Ltd. | Method for performing security negotiation during handoff between different wireless access technology and device thereof |
| CN101252772B (en) * | 2008-03-21 | 2012-04-25 | 华为技术有限公司 | Method for enhancing wireless communication system security and wireless network equipment |
| CN102685820A (en) * | 2008-10-31 | 2012-09-19 | 宏达国际电子股份有限公司 | A method of handling an inter rat handover in wireless communication system and a related communication device |
| CN102823282A (en) * | 2010-01-04 | 2012-12-12 | 电子部品研究院 | Key authentication method for binary CDMA |
| CN110249584A (en) * | 2017-01-27 | 2019-09-17 | 三星电子株式会社 | For providing the method for End-to-End Security by signaling plane in task critical data communication system |
| CN111936993A (en) * | 2018-02-16 | 2020-11-13 | 瑞典爱立信有限公司 | Securing messages communicated between core network domains |
-
2006
- 2006-01-20 CN CN 200610001656 patent/CN101005489A/en active Pending
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9578496B2 (en) | 2007-05-15 | 2017-02-21 | Huawei Technologies Co., Ltd. | Method and user equipment for negotiating security during handover between different radio access technologies |
| US10869235B2 (en) | 2007-05-15 | 2020-12-15 | Huawei Technologies Co., Ltd. | Method and apparatus for negotiating security during handover between different radio access technologies |
| WO2008138273A1 (en) * | 2007-05-15 | 2008-11-20 | Huawei Technologies Co., Ltd. | Method for performing security negotiation during handoff between different wireless access technology and device thereof |
| US8611949B2 (en) | 2007-05-15 | 2013-12-17 | Huawei Technologies Co., Ltd. | Method and apparatus for negotiating security during handover between different radio access technologies |
| US9686678B2 (en) | 2007-05-15 | 2017-06-20 | Huawei Technologies Co., Ltd. | Method and apparatus for negotiating security during handover between different radio access technologies |
| US10299116B2 (en) | 2007-05-15 | 2019-05-21 | Huawei Technologies Co., Ltd. | Method and apparatus for negotiating security during handover between different radio access technologies |
| CN101252772B (en) * | 2008-03-21 | 2012-04-25 | 华为技术有限公司 | Method for enhancing wireless communication system security and wireless network equipment |
| CN102685820B (en) * | 2008-10-31 | 2015-03-25 | 宏达国际电子股份有限公司 | A method of handling an inter rat handover in wireless communication system and a related communication device |
| CN102685820A (en) * | 2008-10-31 | 2012-09-19 | 宏达国际电子股份有限公司 | A method of handling an inter rat handover in wireless communication system and a related communication device |
| US9232452B2 (en) | 2008-10-31 | 2016-01-05 | Htc Corporation | Method of handling an inter rat handover in wireless communication system and related communication device |
| CN102823282B (en) * | 2010-01-04 | 2015-07-22 | 电子部品研究院 | Key authentication method for binary CDMA |
| CN102823282A (en) * | 2010-01-04 | 2012-12-12 | 电子部品研究院 | Key authentication method for binary CDMA |
| CN110249584A (en) * | 2017-01-27 | 2019-09-17 | 三星电子株式会社 | For providing the method for End-to-End Security by signaling plane in task critical data communication system |
| US11316678B2 (en) | 2017-01-27 | 2022-04-26 | Samsung Electronics Co., Ltd. | Method for providing end-to-end security over signaling plane in mission critical data communication system |
| US11770247B2 (en) | 2017-01-27 | 2023-09-26 | Samsung Electronics Co., Ltd. | Method for providing end-to-end security over signaling plane in mission critical data communication system |
| CN111936993A (en) * | 2018-02-16 | 2020-11-13 | 瑞典爱立信有限公司 | Securing messages communicated between core network domains |
| CN111936993B (en) * | 2018-02-16 | 2024-05-03 | 瑞典爱立信有限公司 | Protecting messages communicated between core network domains |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100550725C (en) | The method of a kind of user and application server negotiating about cipher key shared | |
| CN101578893B (en) | Method and apparatus for base station self configuration | |
| JP5597676B2 (en) | Key material exchange | |
| CN101083839B (en) | Cipher key processing method for switching among different mobile access systems | |
| CN100584116C (en) | Method for creating and distributing cryptographic keys in a mobile radio system, and corresponding mobile radio system | |
| CN101969638B (en) | Method for protecting international mobile subscriber identity (IMSI) in mobile communication | |
| CN101094065B (en) | Method and system for distributing cipher key in wireless communication network | |
| CN101720539A (en) | Key refresh sae/lte system | |
| CN108683510A (en) | A kind of user identity update method of encrypted transmission | |
| CN102823282A (en) | Key authentication method for binary CDMA | |
| WO2014041806A1 (en) | Key management in machine type communication system | |
| WO2012031510A1 (en) | Method and system for implementing synchronous binding of security key | |
| US20110002465A1 (en) | Integrated handover authenticating method for next generation network (ngn) with wireless access technologies and mobile ip based mobility control | |
| Harn et al. | On the security of wireless network access with enhancements | |
| CN101005489A (en) | Method for protecting mobile communication system network safety | |
| CN102932790A (en) | Mobile-communication-network-based security authentication method of Internet of Things | |
| CN101860863A (en) | Enhanced encryption and integrity protection method | |
| CN101938741A (en) | Method, system and device for mutual authentication | |
| CN101483870A (en) | Cross-platform mobile communication security system implementing method | |
| CN106992866A (en) | It is a kind of based on wireless network access methods of the NFC without certificate verification | |
| CN108495311B (en) | Safe switching method of high-speed train target base station based on relay station assistance | |
| CN101800982A (en) | Method for enhancing fast handover authentication security of wireless local land area | |
| CN101568107B (en) | Bill distribution device, fast authentication device, access point and method thereof | |
| CN106714153B (en) | Key distribution, generation and reception method and related device | |
| CN101848464B (en) | Method, device and system for implementing network security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |