CN102379137A - Processing method, device and system for message integrity protection checking failure - Google Patents
Processing method, device and system for message integrity protection checking failure Download PDFInfo
- Publication number
- CN102379137A CN102379137A CN2009801198784A CN200980119878A CN102379137A CN 102379137 A CN102379137 A CN 102379137A CN 2009801198784 A CN2009801198784 A CN 2009801198784A CN 200980119878 A CN200980119878 A CN 200980119878A CN 102379137 A CN102379137 A CN 102379137A
- Authority
- CN
- China
- Prior art keywords
- message
- recipient
- integrity protection
- response
- timer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
- H04W12/106—Packet or message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
A processing method, device and system. In which, a processing method includes that the receiving party of the message sends a request to the communication opposite party when the integrity protection checking performed by it for the message is failure, the request is used to identify the cause for the integrity protection checking failure; and the receiving party of the message performs the processing for the message integrity protection checking failure according to receiving the response to the request from the communication opposite party or not in the first preset period of time.
Description
A kind of processing method, equipment and systems technology field to message integrity protection inspection failure
The present invention relates to communication technical field, more particularly to processing method, equipment and the system to message integrity protection inspection failure.Background of invention
Long Term Evolution(Long Term Evolution, LTE) system to the signaling message of chain of command need carry out integrity protection, to ensure the security of idle port communication.For example, evolution base station(ENodeB, eNB) to send messages to user equipment(User Equipment, UE) when, MAC-I values will be generated, and place it in the head of the message and be sent to UE;Accordingly, UE is received after the message, and MAC-I values are generated using with eNB identicals method and parameter, and it is compared with the MAC-I values received, if identical, integrity protection inspection passes through, and otherwise integrity protection inspection fails.
The reason for integrity protection inspection fails be probably:
1st, person Attacker under attack attack.For example, Attacker has distorted the content of idle message, or message is inserted during eNB and UE communication.
2nd, the security parameter step-out during eNB and UE communication.For example, occurring COUNT step-outs(HFN step-outs i.e. therein).
3rd, the other reasonses of non-above-mentioned reason.
In the prior art; UE as message recipient when; if subjected to the integrity protection inspection that the frequent attack of attacker can constantly have the message received fails, and just re-established whenever occurring inspection failure UE, then UE will be re-established frequently.The content of the invention
The embodiment of the present invention provides a kind of processing method, equipment and system to message integrity protection inspection failure.
The embodiment of the present invention provides a kind of processing method to message integrity protection inspection failure, including:When integrity protection inspection of the recipient of message to the message fails, Correspondent Node is sent a request to, the request is used to recognize the reason for integrity protection inspection fails;
The recipient of the message carries out the processing to message integrity protection inspection failure according to response of the Correspondent Node to the request whether is received in the first preset period of time.
The embodiment of the present invention also provides a kind of equipment, including:
Transmit-Receive Unit, the message for receiving Correspondent Node transmission;
Inspection unit, the message for being received for the Transmit-Receive Unit carries out integrity protection inspection;The Transmit-Receive Unit is additionally operable to send a request to the Correspondent Node in the integrity protection inspection failure that inspection unit is carried out for the message and receives the response that the Correspondent Node is sent; wherein, it is described to ask to be used to recognize the reason for integrity protection inspection fails;
Processing unit, the response for whether receiving the Correspondent Node in the first preset period of time according to the Transmit-Receive Unit carries out the processing to message integrity protection inspection failure.
The embodiment of the present invention also provides a kind of communication system, including equipment provided in an embodiment of the present invention and the Correspondent Node with the equipment communication.
Message receiver in the embodiment of the present invention to Correspondent Node request by recognizing the reason for integrity protection inspection fails; and according to whether the response for receiving Correspondent Node carries out the processing to message integrity protection inspection failure; customer service disruption of the recipient of message in existing LTE system caused by integrity protection inspection failure is frequently re-established is can solve the problem that, so as to improve system effectiveness and communication quality.Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, the required accompanying drawing used in embodiment or description of the prior art will be briefly described below, apparently, drawings in the following description are only some embodiments of the present invention, for those of ordinary skill in the art, on the premise of not paying creative work, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is the method schematic diagram that the embodiment of the present invention one is provided;
Fig. 2 is the method schematic diagram that the embodiment of the present invention two is provided;
Fig. 3 is the method schematic diagram that the embodiment of the present invention three is provided;
Fig. 4 is the user equipment schematic diagram that the embodiment of the present invention five is provided;
Fig. 5 is the communication system schematic diagram that the embodiment of the present invention six is provided.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.Based on the embodiment in the present invention, the every other embodiment that those of ordinary skill in the art are obtained under the premise of creative work is not made belongs to the scope of protection of the invention.
In the prior art, integrity protection inspection of the recipient of message to certain message fails, and is easily caused the reduction of communication quality.For example; UE as message recipient when; if subjected to the integrity protection inspection that the frequent attack of attacker can constantly have the message received fails; and just re-established whenever occurring inspection failure UE; so UE will be re-established frequently; so as to cause customer service to interrupt, proper communication can not be carried out by even resulting in user.The embodiment of the present invention provides a kind of processing method, equipment and system to message integrity protection inspection failure; the recipient of message is directed to its response condition asked by Correspondent Node; identification causes the reason for integrity protection inspection fails; above mentioned problem of the prior art is can solve the problem that, it is described in detail below.
As shown in figure 1, the embodiment of the present invention one provides a kind of processing method to message integrity protection inspection failure, it is adaptable to occur the scene of integrity protection inspection failure.In the present embodiment, when the integrity protection inspection of the recipient of message to the message fails, Correspondent Node is sent a request to, the request is used to recognize the reason for integrity protection inspection fails.Then, the recipient of the message carries out the processing to message integrity protection inspection failure according to response of the Correspondent Node to the request whether is received in the first preset period of time.
The reason for reception direction Correspondent Node request identification integrity protection inspection of message fails in the present embodiment; the processing to message integrity protection inspection failure is carried out again; can solve the problem that UE in existing LTE system as message recipient when; customer service disruption caused by integrity protection inspection failure is frequently re-established, so as to improve system effectiveness and communication quality.
In the present embodiment, recipient and the Correspondent Node of message are to establish two entities that RRC is connected by normal flow, for example, UE and eNB by setting up or re-establishing process and set up connection.Specifically, UE receives the message A1 of eNB transmissions and carries out integrity protection inspection, if the integrity protection inspection fails, UE performs the scheme of the present embodiment offer as message A1 recipient, and its Correspondent Node is eNB.And for example, eNB receives the message B1 of UE transmissions and carries out integrity protection inspection,
If the integrity protection inspection fails, eNB performs the scheme of the present embodiment offer as message B 1 recipient, and its Correspondent Node is UE.
The method # texts that two to four pairs of embodiments one are provided by the following examples are further illustrated.
As shown in Fig. 2 the embodiment of the present invention two provides a kind of processing method to message integrity protection inspection failure, wherein, UE and eNB have set up connection, and receive the message A2 of eNB transmissions.The present embodiment comprises the following steps:
201 :UE carries out integrity protection inspection for message A2, and its result is failure(Check failure).
Optionally, UE Lost abandon the A2 message.
202:UE is sent for the request for recognizing the reason for integrity protection inspection fails to eNB.
The request can constitute a message or single request message with other message contents.For example the request includes the ID or other signs of the request message, and ID or other signs here are used to indicate the reason for messages use fails for request identification integrity protection inspection.
203:ENB is received after request, and the response for the request is sent into UE.
204:UE receives the response, then UE is without re-establishing or entering Idle state(IDLE ) .In this step, UE receives the response, you can the reason for knowing inspection failure is not security parameter step-out, identifies that security parameter step-out does not occur in other words, namely:Itself and Correspondent Node eNB RRC layers can carry out proper communication, and the integrity protection checks that failure A2 is not that Correspondent Node eNB is sent in other words, without being re-established with eNB or entering Idle state.
For example, responses of the UE by receiving eNB knows that the reason for eNB confirms to check failure is person under attack attack, therefore without being re-established or entering Idle state.
Optionally, if UE is in above-mentioned 201 step and non-Lost abandons the A2 message, UE can with this step Lost abandon the A2 message.
Optionally, UE is before the response is received, other message may also be received and integrity protection inspection fails, because UE has sent request and starts waiting for eNB response, to avoid intensive transmission from asking, UE is without using the inspection of these above-mentioned message, unsuccessfully as the trigger condition for sending request, i.e. UE will not send the request for recognizing the reason for checking failure to eNB again after to the failure of these above-mentioned message inspections.Further, UE can abandon these message in the response Hou Lost for receiving eNB, or check that unsuccessfully Shi abandons these message Jiu Lost, without when receiving the response.
Optionally; UE is in the second preset period of time after receiving the response; if the integrity protection inspection carried out for some or some message received fails; then UE is without as the trigger condition for sending request; and Zhi Shi Lost abandon this or these message; to avoid intensive transmission request and wait-for-response, so as to improve treatment effeciency.It will be appreciated by those skilled in the art that, the second preset period of time here can be realized by timer or other time sets, for example:Timer T2, the T2 that UE is set using itself duration could be arranged to the second preset period of time, and UE starts the T2 when it is determined that receiving eNB response.It is direct to abandon the Xiao Xi Lost without recognizing the reason for it checks failure by sending request if UE fails for other message inspections before the time-out of Τ 2.For example, UE can be during the Τ 2 be run, by the inspection failure attribution of message in the reason for non-security parameter step-out, such as attack from attacker, enters and Lost abandons the message.Optionally, Τ 2 duration can be set longer by UE, or be adjusted so as on the basis of the duration set it is longer, further to reduce the density that it sends request.Τ 2 duration can also be set shorter by UE, or be adjusted so as on the basis of the duration set it is shorter, further to improve the accuracy for the reason for its determination inspection fails.
UE in the present embodiment after the request is sent by etc. Correspondent Node eNB to be received response, before eNB response is received, if other trigger conditions re-established are met, UE can initiate to re-establish, and terminate the method flow of the present embodiment offer.
In the present embodiment, the recipient UE of message will not can solve the problem that UE is frequently re-established, the problem of customer service is interrupted due to checking failure in the prior art using the inspection of message unsuccessfully as the trigger condition re-established.Further, the recipient UE of message can be by setting timer to avoid intensive transmission request and wait-for-response, it is possible to increase system effectiveness.In addition, the present embodiment is only illustrated by taking the integrity protection inspection failure of downstream message between UE and eNB as an example, the present embodiment applies also for the scene of the integrity protection inspection failure of upstream message between UE and eNB, under the scene, eNB as message recipient, when the inspection carried out for the message that its Correspondent Node UE is sent fails, it can send for the request for recognizing the reason for integrity protection inspection fails to UE, and according to whether the response for receiving the UE carries out the processing to message integrity protection inspection failure, so as to when avoiding eNB as message receiver, frequently trigger UE due to checking failure and re-established, or frequently triggering UE enters Idle state, thus eNB will not cause customer service to interrupt due to checking failure.
It is preferred that, as shown in figure 3, the embodiment of the present invention three provides a kind of processing method to message integrity protection inspection failure, wherein, UE and eNB have set up connection, and receive the message A3 of eNB transmissions.The present embodiment comprises the following steps:
301 :UE fails for message A3 integrity protection inspection, then UE starts timer T3.Certainly, UE can be using its internal setting or independently of the timer outside UE or other time sets without influenceing the realization of the present invention, the duration of the Τ 3(That is the first preset period of time)It can voluntarily be set, or be configured by UE according to the other information of Correspondent Node eNB instruction or offer by UE, can also further adjusted after duration is set.It is preferred that, T3 duration can be arranged on hundred Milliseconds(Such as 200 milliseconds), second level can also be arranged on(Such as two seconds).Wherein, the duration of hundred Milliseconds is provided with beneficial to rapid identification in the scene for causing to check failure in security parameter step-out and handled, faster raising communication quality and efficiency;The duration of second level, which is set, is more suitable for the busy scene of system.For example, UE can set T2 duration according to eNB instruction, but UE detect system it is busy when, can increase original duration, that is, wait the longer time to determine not receive eNB response.
Optionally, UE Lost abandon the A3 message.
302-303:It is identical with the 202-203 in embodiment two, repeat no more.
UE in the present embodiment carries out the processing to message integrity protection inspection failure according to the response that eNB transmissions whether are received before T3 time-out.Processing when receiving response below by way of 304 couples of UE is illustrated, and processing when 305 couples of UE do not receive response is illustrated.
304 (not shown in figure):UE receives the response of eNB transmissions before T3 time-out, and UE stops T3, and UE is determined without re-establishing or entering Idle state..
In this step, UE receives the response between the T3 runtimes, you can the reason for knowing inspection failure is not security parameter step-out, identifies that security parameter step-out does not occur in other words, namely:Itself and Correspondent Node eNB rrc layer can carry out proper communication, and the integrity protection checks that failure A3 is not that Correspondent Node eNB is sent in other words, without being re-established with eNB or entering Idle state.
Optionally, if UE is in above-mentioned 301 step and non-Lost abandons the A3 message, UE can with this step Lost abandon the A3 message.
Optionally, UE is before the response is received, other message may also be received and integrity protection inspection fails, UE to these message inspections when failing, without sending the request for recognizing the reason for checking failure to eNB again, but eNB is continued waiting for having sent the response of request, to avoid intensive transmission from asking, improve treatment effeciency.Further, UE can abandon these message in the response Hou Lost for receiving eNB, or abandon these message checking failure Shi Jiu Lost, without when receiving the mouth to should.
Optionally; it is similar with embodiment two; if UE receives the response of eNB transmissions; then in the second preset period of time of UE after receiving the response; if the integrity protection inspection carried out for some or some message received fails, UE is without as the trigger condition for sending request, and Zhi Shi Lost abandon this or these message; to avoid intensive transmission request and wait-for-response, so as to improve treatment effeciency.For example, UE starts timer T4, the T4 when a length of second preset period of time when receiving the response, setting and the adjustment of the duration can be found in the description as described in T2 in embodiment two, and here is omitted.
305:Before T3 time-out, UE does not receive the response of eNB transmissions, and UE initiations re-establish process with eNB's, or enter Idle state.
Optionally, if UE is in above-mentioned 301 step and non-Lost abandons the A3 message, UE can with this step Lost abandon the A3 message.
In this step, UE does not receive the response of eNB transmissions during T3 is run, you can the reason for knowing inspection failure is security parameter step-out, and the generation security parameter step-out between Correspondent Node eNB is identified in other words, namely:Itself and Correspondent Node eNB rrc layer can not carry out proper communication, or the integrity protection checks that failure A3 is sent by Correspondent Node eNB, therefore by being re-established with eNB to realize proper communication, or enter Idle state.
It is preferred that, asked to avoid sending to eNB repeatedly in the UE short time, above-mentioned timer T4 duration is set to second level or minute level.The duration of the T4 and T3 duration do not have positive connection, but the difference of each timer duration is applied to the different demands of UE.For example, when T4 duration is significantly greater than T3 duration, UE can significantly reduce the number of times of requesting query;When T4 duration and T3 duration are more or less the same, the accuracy rate for the message that UE Dui Suo Lost are abandoned is higher.
UE in the present embodiment after the request is sent by etc. Correspondent Node eNB to be received response, before eNB response is received, if other trigger conditions re-established are met, UE can initiate to re-establish, and terminate the method flow of the present embodiment offer.
In the present embodiment, the recipient UE of message will not can solve the problem that UE is frequently re-established, the problem of customer service is interrupted due to checking failure in the prior art using the inspection of message unsuccessfully as the trigger condition re-established.In addition, using the present embodiment, when the recipient UE of message can occur security parameter step-out on a direction of certain signaling bear and cause to check failure, recover security parameter in time synchronous, its communication for proceeding the direction on the signaling bear with eNB is ensure that, or is released in time
Put resource.Further, the recipient UE of message can be by setting timer to avoid intensive transmission request and wait-for-response, it is possible to increase system effectiveness.
In the other embodiment of the present invention, UE receives the response of eNB transmissions before T3 time-out, does not stop T3, but judge again until T3 is overtime(Determine in other words)The response is received, i.e., without being re-established with eNB or entering Idle state.Optionally, UE is waited until after T3 time-out, it is determined that the reason for checking failure is He/Huo Lost abandon A3 message.In addition, UE can also start timer T4 when T3 is overtime, a length of second preset period of time at that time, and Lost abandons between the T4 runtimes other message receive and integrity protection inspection failure, without sending request.Optionally, before UE judgements receive the response, other message is also received and integrity protection inspection fails; then UE can be after judging to receive the response; that is T3 time-out Shi , Lost abandon these message, and request is sent again without the inspection failure due to these message.Certainly, UE can also abandon these message checking the Shi that fails Jiu Lost, without when T3 time-out.UE to these above-mentioned message inspections when failing; without sending the request for recognizing the reason for checking failure to eNB again; but eNB is continued waiting for having sent the response of request; then UE can be with a T3 when a length of process cycle; i.e. after the first preset period of time after request is sent due to the integrity protection inspection of message failure; carry out again to message integrity protection inspection failure processing, can avoid due to recur integrity protection inspection failure caused by it is intensive send request and wait mouth to should.
Whether the UE involved by the various embodiments described above receives eNB response, refers to whether UE rrc layer receives the response.Received as UE PDCP layers but because integrity protection inspection is unsuccessfully not provided to the message of rrc layer, UE, which is considered as, does not receive the message.Specifically; eNB is received after the request of UE transmissions; it can send and UE is responded to the request; UE PDCP layers will receive the response and carry out integrity protection inspection; only check successfully; the response can just be supplied to UE rrc layer by UE PDCP layers, and UE rrc layer receives the situation that the response is " UE receives the response of eNB transmissions " in the various embodiments described above.If inspection of the UE PDCP layers to the response fails, the response will not be supplied to UE rrc layer, UE rrc layer can not receive the situation that the response is " UE does not receive the response of eNB transmissions " in the various embodiments described above.Further, above-mentioned eNB can carry out integrity protection to the response of transmission, and UE carries out integrity protection inspection to the response;Accordingly, UE can carry out integrity protection to the request of transmission, and eNB carries out integrity protection inspection to the request.The inspection method that above-mentioned integrity protection and integrity protection inspection for asking and responding can be provided using prior art is achieved, and here is omitted.Similar, whether eNB connects in subsequent embodiment
UE response is received, refers to whether eNB rrc layer receives the response.Further, the response that the request and UE that eNB is sent are sent can carry out integrity protection inspection, and here is omitted.
Above-described embodiment three is only illustrated by taking the integrity protection inspection failure of downstream message between UE and eNB as an example; the present embodiment applies also for the scene of the integrity protection inspection failure of upstream message between UE and eNB; under the scene; eNB as message recipient; when the inspection carried out for the message that its Correspondent Node UE is sent fails; UE can be sent a request to, and the processing to message integrity protection inspection failure is carried out according to the response of the UE.For example, the embodiment of the present invention four provides a kind of processing method to message integrity protection inspection failure, it is adaptable to the scene of the integrity protection inspection failure of upstream message between UE and eNB.The present embodiment is repeated no more with the similar part of above-described embodiment three, and only both differences of explanation here are:ENB in the present embodiment does not receive the response that UE is asked it in timer T4 durations, and eNB will notify UE to initiate to re-establish process or enter Idle state.For example, eNB is sent for the notification message for re-establishing process for triggering UE to UE, with RRC connection release message
(RCConnectionRelease) exemplified by, the reason for message package is containing failure is checked(For example integrity protection inspection fails), then UE is received will initiate to re-establish process after the message.
In the present embodiment, the recipient eNB of message will not unsuccessfully regard the inspection of message as the trigger condition re-established, can avoid in the prior art eNB due to check failure and frequently trigger UE and re-established, or frequently triggering UE enters I Idle state, so that solve eNB causes the problem of customer service is interrupted due to checking failure.Further, the recipient eNB of message can be by setting timer to avoid intensive transmission request and wait-for-response, it is possible to increase system effectiveness.In the present embodiment; after the recipient eNB of message sends the first preset period of time after request due to generation integrity protection inspection failure; the processing to message integrity protection inspection failure is carried out again, and intensive send is asked and wait-for-response caused by can avoiding due to recurring integrity protection inspection failure.
The request that the various embodiments described above are only sent with the recipient of message is used to recognize the reason for integrity protection inspection fails; it is described in other words exemplified by the scene for recognizing integrity protection inspection failure; in fact, the request purposes description can be incomplete same with the various embodiments described above and have no effect on the realization of the embodiment of the present invention.For example, the request can be used to identify whether occur security parameter step-out, either can the rrc layer for inquiry and Correspondent Node carry out proper communication or check whether failure is what Correspondent Node was sent for inquiring about the integrity protection.When the purposes of the request describes different, those skilled in the art can realize the object of the invention according to the associated description of above-described embodiment, and here is omitted.
As shown in figure 4, the embodiment of the present invention five provides a kind of equipment, the equipment is implemented for the processing method to message integrity protection inspection failure of the various embodiments described above offer.The equipment includes such as lower unit:
Transmit-Receive Unit, the message A5 for receiving Correspondent Node transmission;
Inspection unit, the message A5 for being received for Transmit-Receive Unit carries out integrity protection inspection;Transmit-Receive Unit is additionally operable to send a request to Correspondent Node in the integrity protection inspection failure that inspection unit is carried out for the message, and receives the response that Correspondent Node is sent, and the request is used to recognize the reason for integrity protection inspection fails;
Processing unit, the response for whether receiving Correspondent Node in the first preset period of time according to Transmit-Receive Unit carries out the processing to message integrity protection inspection failure.
Further; the equipment can be for user equipment or among user equipment; above-mentioned processing unit is used for when Transmit-Receive Unit does not receive the response of Correspondent Node in the first preset time; initiation is re-established; either enter Idle state or determine the reason for integrity protection inspection of above-mentioned message fails.The equipment can also be network side equipment; such as eNB; or among network side equipment; above-mentioned processing unit is used for when Transmit-Receive Unit does not receive the response of Correspondent Node in the first preset time; triggering user equipment initiates to re-establish; either triggering user equipment enters Idle state or determines the reason for integrity protection inspection of above-mentioned message fails.
Optionally; processing unit is additionally operable to when Transmit-Receive Unit receives the response of Correspondent Node in the first preset period of time or in the inspection failure that inspection unit is carried out for the message; Lost abandons message A5, is used to recognize that the reason for integrity protection inspection fails is asked without sending again.
Optionally, processing unit is additionally operable to when Transmit-Receive Unit receives the response of Correspondent Node in the first preset period of time or when the inspection that inspection unit is carried out in the first preset period of time for other message that Transmit-Receive Unit is received fails; Lost abandons other above-mentioned message, and the processing unit will not send request due to the inspection failure of message occurring in the first preset period of time.
Optionally, the equipment also includes timer T6, and a length of above-mentioned first preset time during the T6, the T6 starts in the inspection failure that the inspection unit is carried out for the message.Further, stop when the T6 can receive the response of Correspondent Node in Transmit-Receive Unit.
Optionally; the request that Transmit-Receive Unit is sent in the present embodiment is used to recognize the reason for integrity protection inspection fails; in other words for recognizing the scene that integrity protection inspection fails; in other words for identifying whether occur security parameter step-out, processing unit is additionally operable to when Transmit-Receive Unit does not connect before T6 time-out
When receiving the response of Correspondent Node, it is determined that the reason for checking failure is security parameter step-out;Processing unit is additionally operable to when Transmit-Receive Unit receives the response of Correspondent Node before T6 time-out, it is determined that the reason for checking failure is non-security parameter step-out.
Optionally, the request that Transmit-Receive Unit is sent in the present embodiment is used to inquire about and can the RRC layers of Correspondent Node carry out proper communication, processing unit is additionally operable to when Transmit-Receive Unit does not receive the response of Correspondent Node before T6 time-out, it is determined that can not carry out proper communication with the rrc layer of Correspondent Node;Processing unit is additionally operable to when Transmit-Receive Unit receives the response of Correspondent Node before T6 time-out, it is determined that can carry out proper communication with the rrc layer of Correspondent Node.
Optionally; the request that Transmit-Receive Unit is sent in the present embodiment is used to inquire about whether integrity protection inspection failure A5 is what Correspondent Node was sent; processing unit is additionally operable to when Transmit-Receive Unit does not receive the response of Correspondent Node before T6 time-out, and it is that Correspondent Node is sent to determine message A5;Processing unit is additionally operable to when Transmit-Receive Unit receives the response of Correspondent Node before T6 time-out, and it is not that Correspondent Node is sent to determine message A5.
Further, the equipment also includes timer T7, and a length of second preset time during the T7, the T7 starts in T6 time-out or stopping.Processing unit is additionally operable to, and Lost abandons inspection unit and checks failure during T7 is run, and the processing unit will not be again sent for recognizing that integrity protection inspection is asked due to failing failing in the inspection that message occurs during T7 is run.
The equipment that the present embodiment is provided will not can solve the problem that the recipient of message in the prior art is frequently re-established, the problem of customer service is interrupted due to checking failure using the inspection of message unsuccessfully as the triggering re-established.In addition, when the equipment that the present embodiment is provided can occur security parameter step-out on a direction of certain signaling bear and cause to check failure, recover security parameter in time synchronous, ensure that its communication for proceeding the direction on the signaling bear with Correspondent Node, or discharge resource in time.Further, the equipment can be by setting timer to avoid intensive transmission request and wait-for-response, it is possible to increase system effectiveness.
As shown in figure 5, the embodiment of the present invention six provides a kind of communication system, including such as the equipment and Correspondent Node of the offer of the embodiment of the present invention five.Wherein, Correspondent Node is implemented for the processing method to message integrity protection inspection failure of the various embodiments described above offer.Specifically, the Correspondent Node is used to receive the request that the equipment of the offer of the embodiment of the present invention five is sent, and send response.Service disconnection will not be produced due to frequently being re-established between two communication equipments in the system, and resource can be discharged in time, improve communication quality, while improving resource utilization.
One of ordinary skill in the art will appreciate that realizing that all or part of step in above-described embodiment method can be by program to instruct the hardware of correlation to complete, described program can be stored in a computer read/write memory medium, described storage medium, such as:ROM/RAM, magnetic disc, CD etc..
The embodiment of the present invention is described in detail above, embodiment used herein is set forth to the present invention, the explanation of above example is only intended to the system and method for helping to understand the present invention;Simultaneously for those of ordinary skill in the art, according to the thought of the present invention, it will change in specific embodiments and applications, in summary, this specification content should not be construed as limiting the invention.
Claims (13)
- Claim1st, a kind of processing method to message integrity protection inspection failure, it is characterised in that methods described includes:When integrity protection inspection of the recipient of message to the message fails, Correspondent Node is sent a request to, the request is used to recognize the reason for integrity protection inspection fails;The recipient of the message carries out the processing to message integrity protection inspection failure according to response of the Correspondent Node to the request whether is received in the first preset period of time.2nd, according to the method described in claim 1, it is characterised in thatWhen integrity protection inspection of the recipient of the message to the message fails, methods described also includes:The recipient of the message starts first timer, when a length of first preset period of time of the first timer;Whether the recipient of the message in the first preset period of time according to response of the Correspondent Node to the request is received, and carrying out the processing to message integrity protection inspection failure includes:If the recipient of the message does not receive the response in first timer duration, the recipient of the message initiates to re-establish or enter Idle state;Wherein, the recipient of the message is user equipment (UE).3rd, according to the method described in claim 1, it is characterised in thatWhen integrity protection inspection of the recipient of the message to the message fails, methods described also includes:The recipient of the message starts first timer, when a length of first preset period of time of the first timer;Whether the recipient of the message in the first preset period of time according to response of the Correspondent Node to the request is received, and carrying out the processing to message integrity protection inspection failure includes:If the recipient of the message does not receive the response in first timer duration, the recipient of the message triggers re-establishing process or notifying the Correspondent Node to enter Idle state for the Correspondent Node;Wherein, the recipient of the message is evolution base station eNB.4th, according to the method in claim 2 or 3; it is characterized in that; whether the recipient of the message in the first preset period of time according to response of the Correspondent Node to the request is received, and carrying out the processing to message integrity protection inspection failure also includes:If the recipient of the message does not receive the response in first timer duration, the reason for recipient of the message determines the inspection failure is security parameter step-out. 5th, according to the method described in claim 1, it is characterised in that when integrity protection inspection of the recipient of the message to the message fails, methods described also includes:The recipient of the message starts first timer, when a length of first preset period of time of the first timer;Whether the recipient of the message in the first preset period of time according to response of the Correspondent Node to the request is received, and carrying out the processing to message integrity protection inspection failure includes:If the recipient of the message receives the response in first timer duration, do not initiate to re-establish or enter Idle state;Wherein, the recipient of the message is user equipment (UE);Or, if the recipient of the message receives the response in first timer duration, user equipment is not triggered and is re-established and entered Idle state;Wherein, the recipient of the message is evolution base station eNB.6th, method according to claim 5; it is characterized in that; whether the recipient of the message in the first preset period of time according to response of the Correspondent Node to the request is received, and carrying out the processing to message integrity protection inspection failure also includes:If the recipient of the message receives the response in first timer duration, the reason for recipient of the message determines the inspection failure is non-security parameter step-out.7th, the method according to any one of claim 2 to 6, it is characterised in that methods described also includes:The recipient of the message is during the first timer is run, and the integrity protection inspection in the event of message fails, and does not send again for recognizing that the reason for integrity protection inspection fails is asked.8th, the method according to claim 2 to 7, it is characterised in that methods described also includes:When the first timer time-out or stopping, the recipient of the message starts second timer;Wherein, the first timer stops when the recipient of message receives the response;The recipient of the message is during the second timer is run, and the integrity protection inspection in the event of message fails, and does not send again for recognizing that the reason for integrity protection inspection fails is asked.9th, a kind of equipment, it is characterised in that the equipment includes:Transmit-Receive Unit, the message for receiving Correspondent Node transmission;Inspection unit, the message for being received for the Transmit-Receive Unit carries out integrity protection inspection;The Transmit-Receive Unit is additionally operable to send a request to the Correspondent Node in the integrity protection inspection failure that inspection unit is carried out for the message and receives the response that the Correspondent Node is sent; wherein, it is described to ask to be used to recognize the reason for integrity protection inspection fails; Processing unit, the response for whether receiving the Correspondent Node in the first preset period of time according to the Transmit-Receive Unit carries out the processing to message integrity protection inspection failure.10th, equipment according to claim 9, it is characterised in thatThe equipment is for user equipment or among user equipment;The processing unit is used for when the Transmit-Receive Unit does not receive the response of the Correspondent Node in the first preset time, initiates to re-establish, and either enters Idle state or determines the reason for integrity protection inspection of the message fails.11st, equipment according to claim 9, it is characterised in thatThe equipment is network side equipment, or among network side equipment;The processing unit is used for when the Transmit-Receive Unit does not receive the response of the Correspondent Node in the first preset time; triggering user equipment initiates to re-establish; either triggering user equipment enters Idle state or determines the reason for integrity protection inspection of the message fails.12nd, the equipment according to any one of claim 9 to 11, it is characterised in that the equipment also includes:First timer, a length of first preset time at that time, the first timer starts in the inspection failure that the inspection unit is carried out for the message.13rd, equipment according to claim 12, it is characterised in that the equipment also includes:Second timer, starts in first timer time-out or stopping;Wherein, the first timer stops when the Transmit-Receive Unit receives the response;The processing unit is additionally operable to, during the second timer is run, and is not sent again for recognizing that the reason for integrity protection inspection fails is asked.14th, a kind of communication system, it is characterised in that including the equipment as described in any one of claim 9 to 13 and the Correspondent Node with the equipment communication.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2009/071363 WO2010121408A1 (en) | 2009-04-20 | 2009-04-20 | Processing method, device and system for message integrity protection checking failure |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102379137A true CN102379137A (en) | 2012-03-14 |
CN102379137B CN102379137B (en) | 2015-09-09 |
Family
ID=43010655
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200980119878.4A Active CN102379137B (en) | 2009-04-20 | 2009-04-20 | A kind of processing method to message integrity protection inspection failure, equipment and system |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN102379137B (en) |
WO (1) | WO2010121408A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106937317A (en) * | 2015-12-31 | 2017-07-07 | 联发科技股份有限公司 | Communicator and the restoration methods of safe mode command failure |
WO2019183852A1 (en) * | 2018-03-28 | 2019-10-03 | 北京小米移动软件有限公司 | Information reporting method and apparatus, user equipment and computer-readable storage medium |
CN111315039A (en) * | 2018-12-24 | 2020-06-19 | 维沃移动通信有限公司 | Integrity protection failure processing method and terminal |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111316584A (en) | 2017-11-09 | 2020-06-19 | Oppo广东移动通信有限公司 | Method and device for retransmitting data |
CN110636507A (en) * | 2018-06-21 | 2019-12-31 | 华为技术有限公司 | Communication method and device |
WO2020084191A1 (en) * | 2018-10-24 | 2020-04-30 | Nokia Technologies Oy | Cell-group indication from pdcp upon integrity-verification failure |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101039314A (en) * | 2006-03-16 | 2007-09-19 | 华为技术有限公司 | Method for realizing safety warranty in evolution accessing network |
CN101047978A (en) * | 2006-03-27 | 2007-10-03 | 华为技术有限公司 | Method for updating key in user's set |
WO2008025288A1 (en) * | 2006-08-24 | 2008-03-06 | Huawei Technologies Co., Ltd. | A method and terminal for controlling connection reconstructing in lte system |
CN101374321A (en) * | 2007-08-22 | 2009-02-25 | 华为技术有限公司 | Processing method and system for switching evolvement network |
-
2009
- 2009-04-20 CN CN200980119878.4A patent/CN102379137B/en active Active
- 2009-04-20 WO PCT/CN2009/071363 patent/WO2010121408A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101039314A (en) * | 2006-03-16 | 2007-09-19 | 华为技术有限公司 | Method for realizing safety warranty in evolution accessing network |
CN101047978A (en) * | 2006-03-27 | 2007-10-03 | 华为技术有限公司 | Method for updating key in user's set |
WO2008025288A1 (en) * | 2006-08-24 | 2008-03-06 | Huawei Technologies Co., Ltd. | A method and terminal for controlling connection reconstructing in lte system |
CN101374321A (en) * | 2007-08-22 | 2009-02-25 | 华为技术有限公司 | Processing method and system for switching evolvement network |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106937317A (en) * | 2015-12-31 | 2017-07-07 | 联发科技股份有限公司 | Communicator and the restoration methods of safe mode command failure |
CN106937317B (en) * | 2015-12-31 | 2021-02-05 | 联发科技股份有限公司 | Communication device and method for recovering safety mode command failure |
WO2019183852A1 (en) * | 2018-03-28 | 2019-10-03 | 北京小米移动软件有限公司 | Information reporting method and apparatus, user equipment and computer-readable storage medium |
US11877155B2 (en) | 2018-03-28 | 2024-01-16 | Beijing Xiaomi Mobile Software Co., Ltd. | Method of performing integrity verification on downlink data of DRB and reporting information, user equipment and computer readable storage medium |
CN111315039A (en) * | 2018-12-24 | 2020-06-19 | 维沃移动通信有限公司 | Integrity protection failure processing method and terminal |
CN111315039B (en) * | 2018-12-24 | 2023-02-24 | 维沃移动通信有限公司 | Integrity protection failure processing method and terminal |
Also Published As
Publication number | Publication date |
---|---|
WO2010121408A1 (en) | 2010-10-28 |
CN102379137B (en) | 2015-09-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4926216B2 (en) | Method and communication apparatus for processing uplink grant | |
JP4976440B2 (en) | Method and communication device for re-establishing connection | |
CN102379137A (en) | Processing method, device and system for message integrity protection checking failure | |
JP5185997B2 (en) | Techniques for handling radio link failures in communication networks | |
CN101932068B (en) | Realize the mthods, systems and devices of machine-to-machine service | |
CN103458386B (en) | A kind of method and device of data transmission | |
CN110831260B (en) | RRC connection recovery processing method and device and terminal | |
CN104469827B (en) | A kind of processing method and processing device of Radio Link Failure | |
WO2012110002A1 (en) | Method and device for access control | |
WO2019213822A1 (en) | Method and apparatus for suspending rrc connection, and computer storage medium | |
CN102123452B (en) | Resource management method and equipment | |
WO2011076106A1 (en) | Method, system and device for triggering reporting scheduling information | |
WO2011130990A1 (en) | Method, system and device for rejecting reestablishment of radio resource connection during base station handover | |
WO2019096236A1 (en) | Connection control method and apparatus, and service processing method and apparatus | |
JP2010035246A (en) | Methof of mobile station security mode | |
WO2008154843A1 (en) | Method and equipment for relocation | |
WO2011109997A1 (en) | Method, device and system for optimizing network based on intelligent terminal | |
CN102651902B (en) | Non-Access Stratum (NAS) can not transmit the processing method of instruction and base station, MME equipment | |
CN103118415B (en) | The processing method of a kind of service request and device | |
CN101754397A (en) | Abnormity handling method, system and apparatus after failure of establishing initial context | |
CN1866957B (en) | Method for detecting service chain circuit between access terminal and access network | |
CN108924904B (en) | Uplink data transmission method, device and equipment | |
WO2015196789A1 (en) | Method and device for concurrent service processing | |
WO2008006281A1 (en) | A METHOD, DEVICE AND MOBILE SWITCH CENTER FOR INFORMING USER WHEN CALL FAILs | |
CN102781018B (en) | Single-pass detecting method, device and RNC (Radio Network Controller) |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20230109 Address after: Changan town in Guangdong province Dongguan 523860 usha Beach Road No. 18 Patentee after: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS Corp.,Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd. |