CN102379137A - Processing method, device and system for message integrity protection checking failure - Google Patents

Processing method, device and system for message integrity protection checking failure Download PDF

Info

Publication number
CN102379137A
CN102379137A CN2009801198784A CN200980119878A CN102379137A CN 102379137 A CN102379137 A CN 102379137A CN 2009801198784 A CN2009801198784 A CN 2009801198784A CN 200980119878 A CN200980119878 A CN 200980119878A CN 102379137 A CN102379137 A CN 102379137A
Authority
CN
China
Prior art keywords
message
recipient
integrity protection
response
timer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2009801198784A
Other languages
Chinese (zh)
Other versions
CN102379137B (en
Inventor
张宏平
黄敏
郭轶
张爱琴
许怡娴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Oppo Mobile Telecommunications Corp Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN102379137A publication Critical patent/CN102379137A/en
Application granted granted Critical
Publication of CN102379137B publication Critical patent/CN102379137B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A processing method, device and system. In which, a processing method includes that the receiving party of the message sends a request to the communication opposite party when the integrity protection checking performed by it for the message is failure, the request is used to identify the cause for the integrity protection checking failure; and the receiving party of the message performs the processing for the message integrity protection checking failure according to receiving the response to the request from the communication opposite party or not in the first preset period of time.

Description

Processing method, device and system for message integrity protection checking failure
A kind of processing method, equipment and systems technology field to message integrity protection inspection failure
The present invention relates to communication technical field, more particularly to processing method, equipment and the system to message integrity protection inspection failure.Background of invention
Long Term Evolution(Long Term Evolution, LTE) system to the signaling message of chain of command need carry out integrity protection, to ensure the security of idle port communication.For example, evolution base station(ENodeB, eNB) to send messages to user equipment(User Equipment, UE) when, MAC-I values will be generated, and place it in the head of the message and be sent to UE;Accordingly, UE is received after the message, and MAC-I values are generated using with eNB identicals method and parameter, and it is compared with the MAC-I values received, if identical, integrity protection inspection passes through, and otherwise integrity protection inspection fails.
The reason for integrity protection inspection fails be probably:
1st, person Attacker under attack attack.For example, Attacker has distorted the content of idle message, or message is inserted during eNB and UE communication.
2nd, the security parameter step-out during eNB and UE communication.For example, occurring COUNT step-outs(HFN step-outs i.e. therein).
3rd, the other reasonses of non-above-mentioned reason.
In the prior art; UE as message recipient when; if subjected to the integrity protection inspection that the frequent attack of attacker can constantly have the message received fails, and just re-established whenever occurring inspection failure UE, then UE will be re-established frequently.The content of the invention
The embodiment of the present invention provides a kind of processing method, equipment and system to message integrity protection inspection failure.
The embodiment of the present invention provides a kind of processing method to message integrity protection inspection failure, including:When integrity protection inspection of the recipient of message to the message fails, Correspondent Node is sent a request to, the request is used to recognize the reason for integrity protection inspection fails; The recipient of the message carries out the processing to message integrity protection inspection failure according to response of the Correspondent Node to the request whether is received in the first preset period of time.
The embodiment of the present invention also provides a kind of equipment, including:
Transmit-Receive Unit, the message for receiving Correspondent Node transmission;
Inspection unit, the message for being received for the Transmit-Receive Unit carries out integrity protection inspection;The Transmit-Receive Unit is additionally operable to send a request to the Correspondent Node in the integrity protection inspection failure that inspection unit is carried out for the message and receives the response that the Correspondent Node is sent; wherein, it is described to ask to be used to recognize the reason for integrity protection inspection fails;
Processing unit, the response for whether receiving the Correspondent Node in the first preset period of time according to the Transmit-Receive Unit carries out the processing to message integrity protection inspection failure.
The embodiment of the present invention also provides a kind of communication system, including equipment provided in an embodiment of the present invention and the Correspondent Node with the equipment communication.
Message receiver in the embodiment of the present invention to Correspondent Node request by recognizing the reason for integrity protection inspection fails; and according to whether the response for receiving Correspondent Node carries out the processing to message integrity protection inspection failure; customer service disruption of the recipient of message in existing LTE system caused by integrity protection inspection failure is frequently re-established is can solve the problem that, so as to improve system effectiveness and communication quality.Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, the required accompanying drawing used in embodiment or description of the prior art will be briefly described below, apparently, drawings in the following description are only some embodiments of the present invention, for those of ordinary skill in the art, on the premise of not paying creative work, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is the method schematic diagram that the embodiment of the present invention one is provided;
Fig. 2 is the method schematic diagram that the embodiment of the present invention two is provided;
Fig. 3 is the method schematic diagram that the embodiment of the present invention three is provided;
Fig. 4 is the user equipment schematic diagram that the embodiment of the present invention five is provided;
Fig. 5 is the communication system schematic diagram that the embodiment of the present invention six is provided. Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.Based on the embodiment in the present invention, the every other embodiment that those of ordinary skill in the art are obtained under the premise of creative work is not made belongs to the scope of protection of the invention.
In the prior art, integrity protection inspection of the recipient of message to certain message fails, and is easily caused the reduction of communication quality.For example; UE as message recipient when; if subjected to the integrity protection inspection that the frequent attack of attacker can constantly have the message received fails; and just re-established whenever occurring inspection failure UE; so UE will be re-established frequently; so as to cause customer service to interrupt, proper communication can not be carried out by even resulting in user.The embodiment of the present invention provides a kind of processing method, equipment and system to message integrity protection inspection failure; the recipient of message is directed to its response condition asked by Correspondent Node; identification causes the reason for integrity protection inspection fails; above mentioned problem of the prior art is can solve the problem that, it is described in detail below.
As shown in figure 1, the embodiment of the present invention one provides a kind of processing method to message integrity protection inspection failure, it is adaptable to occur the scene of integrity protection inspection failure.In the present embodiment, when the integrity protection inspection of the recipient of message to the message fails, Correspondent Node is sent a request to, the request is used to recognize the reason for integrity protection inspection fails.Then, the recipient of the message carries out the processing to message integrity protection inspection failure according to response of the Correspondent Node to the request whether is received in the first preset period of time.
The reason for reception direction Correspondent Node request identification integrity protection inspection of message fails in the present embodiment; the processing to message integrity protection inspection failure is carried out again; can solve the problem that UE in existing LTE system as message recipient when; customer service disruption caused by integrity protection inspection failure is frequently re-established, so as to improve system effectiveness and communication quality.
In the present embodiment, recipient and the Correspondent Node of message are to establish two entities that RRC is connected by normal flow, for example, UE and eNB by setting up or re-establishing process and set up connection.Specifically, UE receives the message A1 of eNB transmissions and carries out integrity protection inspection, if the integrity protection inspection fails, UE performs the scheme of the present embodiment offer as message A1 recipient, and its Correspondent Node is eNB.And for example, eNB receives the message B1 of UE transmissions and carries out integrity protection inspection, If the integrity protection inspection fails, eNB performs the scheme of the present embodiment offer as message B 1 recipient, and its Correspondent Node is UE.
The method # texts that two to four pairs of embodiments one are provided by the following examples are further illustrated.
As shown in Fig. 2 the embodiment of the present invention two provides a kind of processing method to message integrity protection inspection failure, wherein, UE and eNB have set up connection, and receive the message A2 of eNB transmissions.The present embodiment comprises the following steps:
201 :UE carries out integrity protection inspection for message A2, and its result is failure(Check failure).
Optionally, UE Lost abandon the A2 message.
202:UE is sent for the request for recognizing the reason for integrity protection inspection fails to eNB.
The request can constitute a message or single request message with other message contents.For example the request includes the ID or other signs of the request message, and ID or other signs here are used to indicate the reason for messages use fails for request identification integrity protection inspection.
203:ENB is received after request, and the response for the request is sent into UE.
204:UE receives the response, then UE is without re-establishing or entering Idle state(IDLE ) .In this step, UE receives the response, you can the reason for knowing inspection failure is not security parameter step-out, identifies that security parameter step-out does not occur in other words, namely:Itself and Correspondent Node eNB RRC layers can carry out proper communication, and the integrity protection checks that failure A2 is not that Correspondent Node eNB is sent in other words, without being re-established with eNB or entering Idle state.
For example, responses of the UE by receiving eNB knows that the reason for eNB confirms to check failure is person under attack attack, therefore without being re-established or entering Idle state.
Optionally, if UE is in above-mentioned 201 step and non-Lost abandons the A2 message, UE can with this step Lost abandon the A2 message.
Optionally, UE is before the response is received, other message may also be received and integrity protection inspection fails, because UE has sent request and starts waiting for eNB response, to avoid intensive transmission from asking, UE is without using the inspection of these above-mentioned message, unsuccessfully as the trigger condition for sending request, i.e. UE will not send the request for recognizing the reason for checking failure to eNB again after to the failure of these above-mentioned message inspections.Further, UE can abandon these message in the response Hou Lost for receiving eNB, or check that unsuccessfully Shi abandons these message Jiu Lost, without when receiving the response. Optionally; UE is in the second preset period of time after receiving the response; if the integrity protection inspection carried out for some or some message received fails; then UE is without as the trigger condition for sending request; and Zhi Shi Lost abandon this or these message; to avoid intensive transmission request and wait-for-response, so as to improve treatment effeciency.It will be appreciated by those skilled in the art that, the second preset period of time here can be realized by timer or other time sets, for example:Timer T2, the T2 that UE is set using itself duration could be arranged to the second preset period of time, and UE starts the T2 when it is determined that receiving eNB response.It is direct to abandon the Xiao Xi Lost without recognizing the reason for it checks failure by sending request if UE fails for other message inspections before the time-out of Τ 2.For example, UE can be during the Τ 2 be run, by the inspection failure attribution of message in the reason for non-security parameter step-out, such as attack from attacker, enters and Lost abandons the message.Optionally, Τ 2 duration can be set longer by UE, or be adjusted so as on the basis of the duration set it is longer, further to reduce the density that it sends request.Τ 2 duration can also be set shorter by UE, or be adjusted so as on the basis of the duration set it is shorter, further to improve the accuracy for the reason for its determination inspection fails.
UE in the present embodiment after the request is sent by etc. Correspondent Node eNB to be received response, before eNB response is received, if other trigger conditions re-established are met, UE can initiate to re-establish, and terminate the method flow of the present embodiment offer.
In the present embodiment, the recipient UE of message will not can solve the problem that UE is frequently re-established, the problem of customer service is interrupted due to checking failure in the prior art using the inspection of message unsuccessfully as the trigger condition re-established.Further, the recipient UE of message can be by setting timer to avoid intensive transmission request and wait-for-response, it is possible to increase system effectiveness.In addition, the present embodiment is only illustrated by taking the integrity protection inspection failure of downstream message between UE and eNB as an example, the present embodiment applies also for the scene of the integrity protection inspection failure of upstream message between UE and eNB, under the scene, eNB as message recipient, when the inspection carried out for the message that its Correspondent Node UE is sent fails, it can send for the request for recognizing the reason for integrity protection inspection fails to UE, and according to whether the response for receiving the UE carries out the processing to message integrity protection inspection failure, so as to when avoiding eNB as message receiver, frequently trigger UE due to checking failure and re-established, or frequently triggering UE enters Idle state, thus eNB will not cause customer service to interrupt due to checking failure.
It is preferred that, as shown in figure 3, the embodiment of the present invention three provides a kind of processing method to message integrity protection inspection failure, wherein, UE and eNB have set up connection, and receive the message A3 of eNB transmissions.The present embodiment comprises the following steps: 301 :UE fails for message A3 integrity protection inspection, then UE starts timer T3.Certainly, UE can be using its internal setting or independently of the timer outside UE or other time sets without influenceing the realization of the present invention, the duration of the Τ 3(That is the first preset period of time)It can voluntarily be set, or be configured by UE according to the other information of Correspondent Node eNB instruction or offer by UE, can also further adjusted after duration is set.It is preferred that, T3 duration can be arranged on hundred Milliseconds(Such as 200 milliseconds), second level can also be arranged on(Such as two seconds).Wherein, the duration of hundred Milliseconds is provided with beneficial to rapid identification in the scene for causing to check failure in security parameter step-out and handled, faster raising communication quality and efficiency;The duration of second level, which is set, is more suitable for the busy scene of system.For example, UE can set T2 duration according to eNB instruction, but UE detect system it is busy when, can increase original duration, that is, wait the longer time to determine not receive eNB response.
Optionally, UE Lost abandon the A3 message.
302-303:It is identical with the 202-203 in embodiment two, repeat no more.
UE in the present embodiment carries out the processing to message integrity protection inspection failure according to the response that eNB transmissions whether are received before T3 time-out.Processing when receiving response below by way of 304 couples of UE is illustrated, and processing when 305 couples of UE do not receive response is illustrated.
304 (not shown in figure):UE receives the response of eNB transmissions before T3 time-out, and UE stops T3, and UE is determined without re-establishing or entering Idle state..
In this step, UE receives the response between the T3 runtimes, you can the reason for knowing inspection failure is not security parameter step-out, identifies that security parameter step-out does not occur in other words, namely:Itself and Correspondent Node eNB rrc layer can carry out proper communication, and the integrity protection checks that failure A3 is not that Correspondent Node eNB is sent in other words, without being re-established with eNB or entering Idle state.
Optionally, if UE is in above-mentioned 301 step and non-Lost abandons the A3 message, UE can with this step Lost abandon the A3 message.
Optionally, UE is before the response is received, other message may also be received and integrity protection inspection fails, UE to these message inspections when failing, without sending the request for recognizing the reason for checking failure to eNB again, but eNB is continued waiting for having sent the response of request, to avoid intensive transmission from asking, improve treatment effeciency.Further, UE can abandon these message in the response Hou Lost for receiving eNB, or abandon these message checking failure Shi Jiu Lost, without when receiving the mouth to should. Optionally; it is similar with embodiment two; if UE receives the response of eNB transmissions; then in the second preset period of time of UE after receiving the response; if the integrity protection inspection carried out for some or some message received fails, UE is without as the trigger condition for sending request, and Zhi Shi Lost abandon this or these message; to avoid intensive transmission request and wait-for-response, so as to improve treatment effeciency.For example, UE starts timer T4, the T4 when a length of second preset period of time when receiving the response, setting and the adjustment of the duration can be found in the description as described in T2 in embodiment two, and here is omitted.
305:Before T3 time-out, UE does not receive the response of eNB transmissions, and UE initiations re-establish process with eNB's, or enter Idle state.
Optionally, if UE is in above-mentioned 301 step and non-Lost abandons the A3 message, UE can with this step Lost abandon the A3 message.
In this step, UE does not receive the response of eNB transmissions during T3 is run, you can the reason for knowing inspection failure is security parameter step-out, and the generation security parameter step-out between Correspondent Node eNB is identified in other words, namely:Itself and Correspondent Node eNB rrc layer can not carry out proper communication, or the integrity protection checks that failure A3 is sent by Correspondent Node eNB, therefore by being re-established with eNB to realize proper communication, or enter Idle state.
It is preferred that, asked to avoid sending to eNB repeatedly in the UE short time, above-mentioned timer T4 duration is set to second level or minute level.The duration of the T4 and T3 duration do not have positive connection, but the difference of each timer duration is applied to the different demands of UE.For example, when T4 duration is significantly greater than T3 duration, UE can significantly reduce the number of times of requesting query;When T4 duration and T3 duration are more or less the same, the accuracy rate for the message that UE Dui Suo Lost are abandoned is higher.
UE in the present embodiment after the request is sent by etc. Correspondent Node eNB to be received response, before eNB response is received, if other trigger conditions re-established are met, UE can initiate to re-establish, and terminate the method flow of the present embodiment offer.
In the present embodiment, the recipient UE of message will not can solve the problem that UE is frequently re-established, the problem of customer service is interrupted due to checking failure in the prior art using the inspection of message unsuccessfully as the trigger condition re-established.In addition, using the present embodiment, when the recipient UE of message can occur security parameter step-out on a direction of certain signaling bear and cause to check failure, recover security parameter in time synchronous, its communication for proceeding the direction on the signaling bear with eNB is ensure that, or is released in time Put resource.Further, the recipient UE of message can be by setting timer to avoid intensive transmission request and wait-for-response, it is possible to increase system effectiveness.
In the other embodiment of the present invention, UE receives the response of eNB transmissions before T3 time-out, does not stop T3, but judge again until T3 is overtime(Determine in other words)The response is received, i.e., without being re-established with eNB or entering Idle state.Optionally, UE is waited until after T3 time-out, it is determined that the reason for checking failure is He/Huo Lost abandon A3 message.In addition, UE can also start timer T4 when T3 is overtime, a length of second preset period of time at that time, and Lost abandons between the T4 runtimes other message receive and integrity protection inspection failure, without sending request.Optionally, before UE judgements receive the response, other message is also received and integrity protection inspection fails; then UE can be after judging to receive the response; that is T3 time-out Shi , Lost abandon these message, and request is sent again without the inspection failure due to these message.Certainly, UE can also abandon these message checking the Shi that fails Jiu Lost, without when T3 time-out.UE to these above-mentioned message inspections when failing; without sending the request for recognizing the reason for checking failure to eNB again; but eNB is continued waiting for having sent the response of request; then UE can be with a T3 when a length of process cycle; i.e. after the first preset period of time after request is sent due to the integrity protection inspection of message failure; carry out again to message integrity protection inspection failure processing, can avoid due to recur integrity protection inspection failure caused by it is intensive send request and wait mouth to should.
Whether the UE involved by the various embodiments described above receives eNB response, refers to whether UE rrc layer receives the response.Received as UE PDCP layers but because integrity protection inspection is unsuccessfully not provided to the message of rrc layer, UE, which is considered as, does not receive the message.Specifically; eNB is received after the request of UE transmissions; it can send and UE is responded to the request; UE PDCP layers will receive the response and carry out integrity protection inspection; only check successfully; the response can just be supplied to UE rrc layer by UE PDCP layers, and UE rrc layer receives the situation that the response is " UE receives the response of eNB transmissions " in the various embodiments described above.If inspection of the UE PDCP layers to the response fails, the response will not be supplied to UE rrc layer, UE rrc layer can not receive the situation that the response is " UE does not receive the response of eNB transmissions " in the various embodiments described above.Further, above-mentioned eNB can carry out integrity protection to the response of transmission, and UE carries out integrity protection inspection to the response;Accordingly, UE can carry out integrity protection to the request of transmission, and eNB carries out integrity protection inspection to the request.The inspection method that above-mentioned integrity protection and integrity protection inspection for asking and responding can be provided using prior art is achieved, and here is omitted.Similar, whether eNB connects in subsequent embodiment UE response is received, refers to whether eNB rrc layer receives the response.Further, the response that the request and UE that eNB is sent are sent can carry out integrity protection inspection, and here is omitted.
Above-described embodiment three is only illustrated by taking the integrity protection inspection failure of downstream message between UE and eNB as an example; the present embodiment applies also for the scene of the integrity protection inspection failure of upstream message between UE and eNB; under the scene; eNB as message recipient; when the inspection carried out for the message that its Correspondent Node UE is sent fails; UE can be sent a request to, and the processing to message integrity protection inspection failure is carried out according to the response of the UE.For example, the embodiment of the present invention four provides a kind of processing method to message integrity protection inspection failure, it is adaptable to the scene of the integrity protection inspection failure of upstream message between UE and eNB.The present embodiment is repeated no more with the similar part of above-described embodiment three, and only both differences of explanation here are:ENB in the present embodiment does not receive the response that UE is asked it in timer T4 durations, and eNB will notify UE to initiate to re-establish process or enter Idle state.For example, eNB is sent for the notification message for re-establishing process for triggering UE to UE, with RRC connection release message
(RCConnectionRelease) exemplified by, the reason for message package is containing failure is checked(For example integrity protection inspection fails), then UE is received will initiate to re-establish process after the message.
In the present embodiment, the recipient eNB of message will not unsuccessfully regard the inspection of message as the trigger condition re-established, can avoid in the prior art eNB due to check failure and frequently trigger UE and re-established, or frequently triggering UE enters I Idle state, so that solve eNB causes the problem of customer service is interrupted due to checking failure.Further, the recipient eNB of message can be by setting timer to avoid intensive transmission request and wait-for-response, it is possible to increase system effectiveness.In the present embodiment; after the recipient eNB of message sends the first preset period of time after request due to generation integrity protection inspection failure; the processing to message integrity protection inspection failure is carried out again, and intensive send is asked and wait-for-response caused by can avoiding due to recurring integrity protection inspection failure.
The request that the various embodiments described above are only sent with the recipient of message is used to recognize the reason for integrity protection inspection fails; it is described in other words exemplified by the scene for recognizing integrity protection inspection failure; in fact, the request purposes description can be incomplete same with the various embodiments described above and have no effect on the realization of the embodiment of the present invention.For example, the request can be used to identify whether occur security parameter step-out, either can the rrc layer for inquiry and Correspondent Node carry out proper communication or check whether failure is what Correspondent Node was sent for inquiring about the integrity protection.When the purposes of the request describes different, those skilled in the art can realize the object of the invention according to the associated description of above-described embodiment, and here is omitted. As shown in figure 4, the embodiment of the present invention five provides a kind of equipment, the equipment is implemented for the processing method to message integrity protection inspection failure of the various embodiments described above offer.The equipment includes such as lower unit:
Transmit-Receive Unit, the message A5 for receiving Correspondent Node transmission;
Inspection unit, the message A5 for being received for Transmit-Receive Unit carries out integrity protection inspection;Transmit-Receive Unit is additionally operable to send a request to Correspondent Node in the integrity protection inspection failure that inspection unit is carried out for the message, and receives the response that Correspondent Node is sent, and the request is used to recognize the reason for integrity protection inspection fails;
Processing unit, the response for whether receiving Correspondent Node in the first preset period of time according to Transmit-Receive Unit carries out the processing to message integrity protection inspection failure.
Further; the equipment can be for user equipment or among user equipment; above-mentioned processing unit is used for when Transmit-Receive Unit does not receive the response of Correspondent Node in the first preset time; initiation is re-established; either enter Idle state or determine the reason for integrity protection inspection of above-mentioned message fails.The equipment can also be network side equipment; such as eNB; or among network side equipment; above-mentioned processing unit is used for when Transmit-Receive Unit does not receive the response of Correspondent Node in the first preset time; triggering user equipment initiates to re-establish; either triggering user equipment enters Idle state or determines the reason for integrity protection inspection of above-mentioned message fails.
Optionally; processing unit is additionally operable to when Transmit-Receive Unit receives the response of Correspondent Node in the first preset period of time or in the inspection failure that inspection unit is carried out for the message; Lost abandons message A5, is used to recognize that the reason for integrity protection inspection fails is asked without sending again.
Optionally, processing unit is additionally operable to when Transmit-Receive Unit receives the response of Correspondent Node in the first preset period of time or when the inspection that inspection unit is carried out in the first preset period of time for other message that Transmit-Receive Unit is received fails; Lost abandons other above-mentioned message, and the processing unit will not send request due to the inspection failure of message occurring in the first preset period of time.
Optionally, the equipment also includes timer T6, and a length of above-mentioned first preset time during the T6, the T6 starts in the inspection failure that the inspection unit is carried out for the message.Further, stop when the T6 can receive the response of Correspondent Node in Transmit-Receive Unit.
Optionally; the request that Transmit-Receive Unit is sent in the present embodiment is used to recognize the reason for integrity protection inspection fails; in other words for recognizing the scene that integrity protection inspection fails; in other words for identifying whether occur security parameter step-out, processing unit is additionally operable to when Transmit-Receive Unit does not connect before T6 time-out When receiving the response of Correspondent Node, it is determined that the reason for checking failure is security parameter step-out;Processing unit is additionally operable to when Transmit-Receive Unit receives the response of Correspondent Node before T6 time-out, it is determined that the reason for checking failure is non-security parameter step-out.
Optionally, the request that Transmit-Receive Unit is sent in the present embodiment is used to inquire about and can the RRC layers of Correspondent Node carry out proper communication, processing unit is additionally operable to when Transmit-Receive Unit does not receive the response of Correspondent Node before T6 time-out, it is determined that can not carry out proper communication with the rrc layer of Correspondent Node;Processing unit is additionally operable to when Transmit-Receive Unit receives the response of Correspondent Node before T6 time-out, it is determined that can carry out proper communication with the rrc layer of Correspondent Node.
Optionally; the request that Transmit-Receive Unit is sent in the present embodiment is used to inquire about whether integrity protection inspection failure A5 is what Correspondent Node was sent; processing unit is additionally operable to when Transmit-Receive Unit does not receive the response of Correspondent Node before T6 time-out, and it is that Correspondent Node is sent to determine message A5;Processing unit is additionally operable to when Transmit-Receive Unit receives the response of Correspondent Node before T6 time-out, and it is not that Correspondent Node is sent to determine message A5.
Further, the equipment also includes timer T7, and a length of second preset time during the T7, the T7 starts in T6 time-out or stopping.Processing unit is additionally operable to, and Lost abandons inspection unit and checks failure during T7 is run, and the processing unit will not be again sent for recognizing that integrity protection inspection is asked due to failing failing in the inspection that message occurs during T7 is run.
The equipment that the present embodiment is provided will not can solve the problem that the recipient of message in the prior art is frequently re-established, the problem of customer service is interrupted due to checking failure using the inspection of message unsuccessfully as the triggering re-established.In addition, when the equipment that the present embodiment is provided can occur security parameter step-out on a direction of certain signaling bear and cause to check failure, recover security parameter in time synchronous, ensure that its communication for proceeding the direction on the signaling bear with Correspondent Node, or discharge resource in time.Further, the equipment can be by setting timer to avoid intensive transmission request and wait-for-response, it is possible to increase system effectiveness.
As shown in figure 5, the embodiment of the present invention six provides a kind of communication system, including such as the equipment and Correspondent Node of the offer of the embodiment of the present invention five.Wherein, Correspondent Node is implemented for the processing method to message integrity protection inspection failure of the various embodiments described above offer.Specifically, the Correspondent Node is used to receive the request that the equipment of the offer of the embodiment of the present invention five is sent, and send response.Service disconnection will not be produced due to frequently being re-established between two communication equipments in the system, and resource can be discharged in time, improve communication quality, while improving resource utilization. One of ordinary skill in the art will appreciate that realizing that all or part of step in above-described embodiment method can be by program to instruct the hardware of correlation to complete, described program can be stored in a computer read/write memory medium, described storage medium, such as:ROM/RAM, magnetic disc, CD etc..
The embodiment of the present invention is described in detail above, embodiment used herein is set forth to the present invention, the explanation of above example is only intended to the system and method for helping to understand the present invention;Simultaneously for those of ordinary skill in the art, according to the thought of the present invention, it will change in specific embodiments and applications, in summary, this specification content should not be construed as limiting the invention.

Claims (13)

  1. Claim
    1st, a kind of processing method to message integrity protection inspection failure, it is characterised in that methods described includes:
    When integrity protection inspection of the recipient of message to the message fails, Correspondent Node is sent a request to, the request is used to recognize the reason for integrity protection inspection fails;
    The recipient of the message carries out the processing to message integrity protection inspection failure according to response of the Correspondent Node to the request whether is received in the first preset period of time.
    2nd, according to the method described in claim 1, it is characterised in that
    When integrity protection inspection of the recipient of the message to the message fails, methods described also includes:The recipient of the message starts first timer, when a length of first preset period of time of the first timer;
    Whether the recipient of the message in the first preset period of time according to response of the Correspondent Node to the request is received, and carrying out the processing to message integrity protection inspection failure includes:
    If the recipient of the message does not receive the response in first timer duration, the recipient of the message initiates to re-establish or enter Idle state;Wherein, the recipient of the message is user equipment (UE).
    3rd, according to the method described in claim 1, it is characterised in that
    When integrity protection inspection of the recipient of the message to the message fails, methods described also includes:The recipient of the message starts first timer, when a length of first preset period of time of the first timer;
    Whether the recipient of the message in the first preset period of time according to response of the Correspondent Node to the request is received, and carrying out the processing to message integrity protection inspection failure includes:
    If the recipient of the message does not receive the response in first timer duration, the recipient of the message triggers re-establishing process or notifying the Correspondent Node to enter Idle state for the Correspondent Node;Wherein, the recipient of the message is evolution base station eNB.
    4th, according to the method in claim 2 or 3; it is characterized in that; whether the recipient of the message in the first preset period of time according to response of the Correspondent Node to the request is received, and carrying out the processing to message integrity protection inspection failure also includes:
    If the recipient of the message does not receive the response in first timer duration, the reason for recipient of the message determines the inspection failure is security parameter step-out. 5th, according to the method described in claim 1, it is characterised in that when integrity protection inspection of the recipient of the message to the message fails, methods described also includes:The recipient of the message starts first timer, when a length of first preset period of time of the first timer;
    Whether the recipient of the message in the first preset period of time according to response of the Correspondent Node to the request is received, and carrying out the processing to message integrity protection inspection failure includes:
    If the recipient of the message receives the response in first timer duration, do not initiate to re-establish or enter Idle state;Wherein, the recipient of the message is user equipment (UE);Or, if the recipient of the message receives the response in first timer duration, user equipment is not triggered and is re-established and entered Idle state;Wherein, the recipient of the message is evolution base station eNB.
    6th, method according to claim 5; it is characterized in that; whether the recipient of the message in the first preset period of time according to response of the Correspondent Node to the request is received, and carrying out the processing to message integrity protection inspection failure also includes:
    If the recipient of the message receives the response in first timer duration, the reason for recipient of the message determines the inspection failure is non-security parameter step-out.
    7th, the method according to any one of claim 2 to 6, it is characterised in that methods described also includes:
    The recipient of the message is during the first timer is run, and the integrity protection inspection in the event of message fails, and does not send again for recognizing that the reason for integrity protection inspection fails is asked.
    8th, the method according to claim 2 to 7, it is characterised in that methods described also includes:When the first timer time-out or stopping, the recipient of the message starts second timer;Wherein, the first timer stops when the recipient of message receives the response;
    The recipient of the message is during the second timer is run, and the integrity protection inspection in the event of message fails, and does not send again for recognizing that the reason for integrity protection inspection fails is asked.
    9th, a kind of equipment, it is characterised in that the equipment includes:
    Transmit-Receive Unit, the message for receiving Correspondent Node transmission;
    Inspection unit, the message for being received for the Transmit-Receive Unit carries out integrity protection inspection;The Transmit-Receive Unit is additionally operable to send a request to the Correspondent Node in the integrity protection inspection failure that inspection unit is carried out for the message and receives the response that the Correspondent Node is sent; wherein, it is described to ask to be used to recognize the reason for integrity protection inspection fails; Processing unit, the response for whether receiving the Correspondent Node in the first preset period of time according to the Transmit-Receive Unit carries out the processing to message integrity protection inspection failure.
    10th, equipment according to claim 9, it is characterised in that
    The equipment is for user equipment or among user equipment;
    The processing unit is used for when the Transmit-Receive Unit does not receive the response of the Correspondent Node in the first preset time, initiates to re-establish, and either enters Idle state or determines the reason for integrity protection inspection of the message fails.
    11st, equipment according to claim 9, it is characterised in that
    The equipment is network side equipment, or among network side equipment;
    The processing unit is used for when the Transmit-Receive Unit does not receive the response of the Correspondent Node in the first preset time; triggering user equipment initiates to re-establish; either triggering user equipment enters Idle state or determines the reason for integrity protection inspection of the message fails.
    12nd, the equipment according to any one of claim 9 to 11, it is characterised in that the equipment also includes:
    First timer, a length of first preset time at that time, the first timer starts in the inspection failure that the inspection unit is carried out for the message.
    13rd, equipment according to claim 12, it is characterised in that the equipment also includes:Second timer, starts in first timer time-out or stopping;Wherein, the first timer stops when the Transmit-Receive Unit receives the response;
    The processing unit is additionally operable to, during the second timer is run, and is not sent again for recognizing that the reason for integrity protection inspection fails is asked.
    14th, a kind of communication system, it is characterised in that including the equipment as described in any one of claim 9 to 13 and the Correspondent Node with the equipment communication.
CN200980119878.4A 2009-04-20 2009-04-20 A kind of processing method to message integrity protection inspection failure, equipment and system Active CN102379137B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2009/071363 WO2010121408A1 (en) 2009-04-20 2009-04-20 Processing method, device and system for message integrity protection checking failure

Publications (2)

Publication Number Publication Date
CN102379137A true CN102379137A (en) 2012-03-14
CN102379137B CN102379137B (en) 2015-09-09

Family

ID=43010655

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200980119878.4A Active CN102379137B (en) 2009-04-20 2009-04-20 A kind of processing method to message integrity protection inspection failure, equipment and system

Country Status (2)

Country Link
CN (1) CN102379137B (en)
WO (1) WO2010121408A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106937317A (en) * 2015-12-31 2017-07-07 联发科技股份有限公司 Communicator and the restoration methods of safe mode command failure
WO2019183852A1 (en) * 2018-03-28 2019-10-03 北京小米移动软件有限公司 Information reporting method and apparatus, user equipment and computer-readable storage medium
CN111315039A (en) * 2018-12-24 2020-06-19 维沃移动通信有限公司 Integrity protection failure processing method and terminal

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111316584A (en) 2017-11-09 2020-06-19 Oppo广东移动通信有限公司 Method and device for retransmitting data
CN110636507A (en) * 2018-06-21 2019-12-31 华为技术有限公司 Communication method and device
WO2020084191A1 (en) * 2018-10-24 2020-04-30 Nokia Technologies Oy Cell-group indication from pdcp upon integrity-verification failure

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101039314A (en) * 2006-03-16 2007-09-19 华为技术有限公司 Method for realizing safety warranty in evolution accessing network
CN101047978A (en) * 2006-03-27 2007-10-03 华为技术有限公司 Method for updating key in user's set
WO2008025288A1 (en) * 2006-08-24 2008-03-06 Huawei Technologies Co., Ltd. A method and terminal for controlling connection reconstructing in lte system
CN101374321A (en) * 2007-08-22 2009-02-25 华为技术有限公司 Processing method and system for switching evolvement network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101039314A (en) * 2006-03-16 2007-09-19 华为技术有限公司 Method for realizing safety warranty in evolution accessing network
CN101047978A (en) * 2006-03-27 2007-10-03 华为技术有限公司 Method for updating key in user's set
WO2008025288A1 (en) * 2006-08-24 2008-03-06 Huawei Technologies Co., Ltd. A method and terminal for controlling connection reconstructing in lte system
CN101374321A (en) * 2007-08-22 2009-02-25 华为技术有限公司 Processing method and system for switching evolvement network

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106937317A (en) * 2015-12-31 2017-07-07 联发科技股份有限公司 Communicator and the restoration methods of safe mode command failure
CN106937317B (en) * 2015-12-31 2021-02-05 联发科技股份有限公司 Communication device and method for recovering safety mode command failure
WO2019183852A1 (en) * 2018-03-28 2019-10-03 北京小米移动软件有限公司 Information reporting method and apparatus, user equipment and computer-readable storage medium
US11877155B2 (en) 2018-03-28 2024-01-16 Beijing Xiaomi Mobile Software Co., Ltd. Method of performing integrity verification on downlink data of DRB and reporting information, user equipment and computer readable storage medium
CN111315039A (en) * 2018-12-24 2020-06-19 维沃移动通信有限公司 Integrity protection failure processing method and terminal
CN111315039B (en) * 2018-12-24 2023-02-24 维沃移动通信有限公司 Integrity protection failure processing method and terminal

Also Published As

Publication number Publication date
WO2010121408A1 (en) 2010-10-28
CN102379137B (en) 2015-09-09

Similar Documents

Publication Publication Date Title
JP4926216B2 (en) Method and communication apparatus for processing uplink grant
JP4976440B2 (en) Method and communication device for re-establishing connection
CN102379137A (en) Processing method, device and system for message integrity protection checking failure
JP5185997B2 (en) Techniques for handling radio link failures in communication networks
CN101932068B (en) Realize the mthods, systems and devices of machine-to-machine service
CN103458386B (en) A kind of method and device of data transmission
CN110831260B (en) RRC connection recovery processing method and device and terminal
CN104469827B (en) A kind of processing method and processing device of Radio Link Failure
WO2012110002A1 (en) Method and device for access control
WO2019213822A1 (en) Method and apparatus for suspending rrc connection, and computer storage medium
CN102123452B (en) Resource management method and equipment
WO2011076106A1 (en) Method, system and device for triggering reporting scheduling information
WO2011130990A1 (en) Method, system and device for rejecting reestablishment of radio resource connection during base station handover
WO2019096236A1 (en) Connection control method and apparatus, and service processing method and apparatus
JP2010035246A (en) Methof of mobile station security mode
WO2008154843A1 (en) Method and equipment for relocation
WO2011109997A1 (en) Method, device and system for optimizing network based on intelligent terminal
CN102651902B (en) Non-Access Stratum (NAS) can not transmit the processing method of instruction and base station, MME equipment
CN103118415B (en) The processing method of a kind of service request and device
CN101754397A (en) Abnormity handling method, system and apparatus after failure of establishing initial context
CN1866957B (en) Method for detecting service chain circuit between access terminal and access network
CN108924904B (en) Uplink data transmission method, device and equipment
WO2015196789A1 (en) Method and device for concurrent service processing
WO2008006281A1 (en) A METHOD, DEVICE AND MOBILE SWITCH CENTER FOR INFORMING USER WHEN CALL FAILs
CN102781018B (en) Single-pass detecting method, device and RNC (Radio Network Controller)

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20230109

Address after: Changan town in Guangdong province Dongguan 523860 usha Beach Road No. 18

Patentee after: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS Corp.,Ltd.

Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen

Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd.