CN102404732B - Safe processing method for user switching in relay system and base station - Google Patents
Safe processing method for user switching in relay system and base station Download PDFInfo
- Publication number
- CN102404732B CN102404732B CN201010284889.2A CN201010284889A CN102404732B CN 102404732 B CN102404732 B CN 102404732B CN 201010284889 A CN201010284889 A CN 201010284889A CN 102404732 B CN102404732 B CN 102404732B
- Authority
- CN
- China
- Prior art keywords
- target cell
- community
- denb
- key
- ncc
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/0005—Control or signalling for completing the hand-off
- H04W36/0055—Transmission or use of information for re-establishing the radio link
- H04W36/0066—Transmission or use of information for re-establishing the radio link of control information between different types of networks in order to establish a new radio link in the target network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention discloses a safe processing method for user switching in a relay system and a base station. The method includes providing switched-in anchor evaluation base station DeNB to receive switching request news sent by a source relay node RN and aiming at user equipment (UE) for the source relay node RN, wherein the switching request news carries target region identification and rebuilding region identification, the DeNB respectively calculates secret keys for a target region and a rebuilding region, and the DeNB informs the base station occupied by the target region and the rebuilding region commonly of the secret key of the target region and the secret key of the rebuilding region. The system and the base station are suitable for user switching in the relay system.
Description
Technical field
The present invention relates to mobile communication technology field, security processing and base station when particularly user is switched in a kind of relay system.
Background technology
Along with popularizing of mobile communication, the safety problem in mobile communication is just receiving increasing concern, and people also have higher requirement to the information security in mobile communication.At present, at LTE (Long Term Evolution, Long Term Evolution) in system, as UE (User Equipment, subscriber equipment) by source eNB (Evolved NodeB, while evolution base station) switching to target eNB, between source eNB and target eNB and UE, can carry out corresponding safe handling, to guarantee the communication security between UE and target eNB.
Along with the develop rapidly of radio communication service, future network need to be supported with the layout designs of least cost the communication of blind spot area or hot zones to provide better covering or system throughput, has introduced relaying technique for this reason.Different from LTE system is, in relay system, introduced RN (Relay Node, via node), RN has the dual role of UE and eNB, on the one hand, the same with traditional UE, by DeNB (Donor Evolved NodeB, the anchor point evolution base station) access network of access is provided for it; On the other hand, serve as the function of eNB, for the UE in its coverage provides access service.
Identical with LTE system, in relay system, UE also has mobility demand, switches, or switches between different eNB, or switch between RN and eNB between different RN.
In realizing process of the present invention, inventor finds that in prior art, at least there are the following problems:
In relay system, when UE switches, between source node and destination node and UE, there is no corresponding safe handling, can not guarantee the communication security between UE and destination node.
Summary of the invention
Embodiments of the invention provide in a kind of relay system security processing and base station when user is switched, and can when UE switches, carry out safe handling, thereby guarantee the communication security between UE and target network node.
The technical scheme that the embodiment of the present invention adopts is:
Security processing when user is switched in relay system, comprising:
For source via node RN provides the anchor point evolution base station DeNB of access, receive the handover request message for user equipment (UE) that described source RN sends, described handover request message is carried Target Cell Identifier and is rebuild cell ID;
Described DeNB is described Target cell and rebuilds community computation key respectively;
Described DeNB is by Target cell described in the key notification of the key of described Target cell and described reconstruction community and rebuild common affiliated base station, community.
Security processing when user is switched in relay system, comprising:
For source RN provides the DeNB of access, receive the handover request message for UE that described source RN sends, described handover request message is carried Target Cell Identifier and is rebuild cell ID, and the key of the Target cell that calculates of described source RN and rebuild the key of community;
Described DeNB is by Target cell described in described handover request message informing and rebuild common affiliated base station, community.
Security processing when user is switched in relay system, comprising:
For source RN provides the DeNB of access, receive the handover request message for UE that described source RN sends, described handover request message is carried Target Cell Identifier and is rebuild cell ID;
The NCC value for described UE that described DeNB stores this locality and NH value are carried in described handover request message notifies described Target cell and reconstruction community common affiliated base station.
Security processing when user is switched in relay system, comprising:
Target BS receives described Target cell and rebuilds the security parameter of community, and wherein, described security parameter comprises key;
When described Target cell with when rebuilding community and not belonging to same node, described target BS is notified the node under described Target cell by the security parameter of described Target cell, by the security parameter of described reconstruction community, notifies the node under described reconstruction community.
A base station, comprising:
The first receiver module, the handover request message for UE sending for reception sources RN, described handover request message is carried Target Cell Identifier and is rebuild cell ID;
Computing module, is used to described Target cell and rebuilds community computation key respectively;
The first notification module, for the base station under Target cell described in the key notification of the key of described Target cell and described reconstruction community and reconstruction community is common.
A base station, comprising:
The second receiver module, the handover request message for UE sending for reception sources RN, described handover request message is carried Target Cell Identifier and is rebuild cell ID, and the key of the Target cell that calculates of described source RN and rebuild the key of community;
The second notification module, for the base station under Target cell described in described handover request message informing and reconstruction community is common.
A base station, comprising:
The 3rd receiver module, the handover request message for UE sending for receiving described source RN, described handover request message is carried Target Cell Identifier and is rebuild cell ID;
Third notice module, notifies described Target cell and reconstruction community affiliated base station jointly for the NCC value for described UE of this locality storage and NH value being carried to described handover request message.
A base station, comprising:
The 4th receiver module, for receiving the security parameter of described Target cell and reconstruction community, wherein, described security parameter comprises key;
The 4th notification module, for when described Target cell does not belong to same node with reconstruction community, by the security parameter of described Target cell, notify the node under described Target cell, by the security parameter of described reconstruction community, notify the node under described reconstruction community.
Security processing and base station when in embodiment of the present invention relay system, user is switched, for providing the DeNB of access, source RN receives the handover request message for UE that described source RN sends, for Target cell and the common affiliated base station of reconstruction community difference computation key notification target community and reconstruction community, or the key of the key of the Target cell that described RN is calculated and reconstruction community, or the base station under the NCC value for described UE of local storage and NH value notification target community and reconstruction community are common, target BS will comprise the security parameter difference notification target community of key and rebuild community.Compared with prior art, the embodiment of the present invention can be carried out key synchronization by DeNB when UE switches, thereby guarantees the communication security between UE and target network node.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, to the accompanying drawing of required use in embodiment or description of the Prior Art be briefly described below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skills, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
The method flow diagram that Fig. 1 provides for the embodiment of the present invention one;
The method flow diagram that Fig. 2 provides for the embodiment of the present invention two;
The method flow diagram that Fig. 3 provides for the embodiment of the present invention three;
The method flow diagram that Fig. 4 provides for the embodiment of the present invention four;
The method flow diagram that Fig. 5 provides for the embodiment of the present invention five;
The method flow diagram that Fig. 6 provides for the embodiment of the present invention six;
The method flow diagram that Fig. 7 provides for the embodiment of the present invention seven;
The method flow diagram that Fig. 8 provides for the embodiment of the present invention eight;
The method flow diagram that Fig. 9 provides for the embodiment of the present invention nine;
The method flow diagram that Figure 10 provides for the embodiment of the present invention ten;
The architecture of base station schematic diagram that Figure 11, Figure 12, Figure 13 provide for the embodiment of the present invention 11;
The architecture of base station schematic diagram that Figure 14 provides for the embodiment of the present invention 12;
The architecture of base station schematic diagram that Figure 15 provides for the embodiment of the present invention 13;
The architecture of base station schematic diagram that Figure 16, Figure 17 provide for the embodiment of the present invention 14.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, rather than whole embodiment.Embodiment based in the present invention, those of ordinary skills, not making all other embodiment that obtain under creative work prerequisite, belong to the scope of protection of the invention.
For making the advantage of technical solution of the present invention clearer, below in conjunction with drawings and Examples, the present invention is elaborated.
Embodiment mono-
The present embodiment provides in a kind of relay system security processing when user is switched, and as shown in Figure 1, described method comprises:
101, for source via node RN provides the anchor point evolution base station DeNB of access, receive the handover request message for user equipment (UE) that described source RN sends, described handover request message is carried Target Cell Identifier and is rebuild cell ID.
102, described DeNB is described Target cell and rebuilds community computation key respectively.
103, described DeNB is by the common affiliated base station in Target cell described in the key notification of the key of described Target cell and described reconstruction community and reconstruction community.
Security processing when user is switched in embodiment of the present invention relay system, for providing the DeNB of access, source RN receives the handover request message for UE that described source RN sends, for described Target cell and reconstruction community difference computation key, by the common affiliated base station in Target cell described in the key notification of the key of described Target cell and described reconstruction community and reconstruction community.Compared with prior art, the embodiment of the present invention can be carried out key synchronization by DeNB when UE switches, thereby guarantees the communication security between UE and target network node.
Embodiment bis-
The present embodiment provides in a kind of relay system security processing when user is switched, and as shown in Figure 2, described method comprises:
201, for providing the DeNB of access, source RN receives the handover request message for UE that described source RN sends, described handover request message is carried Target Cell Identifier and is rebuild cell ID, and the key of the Target cell that calculates of described source RN and rebuild the key of community.
202, described DeNB is by the common affiliated base station in Target cell described in described handover request message informing and reconstruction community.
Security processing when user is switched in embodiment of the present invention relay system, for providing the DeNB of access, source RN receives the handover request message for UE that described source RN sends, described handover request message is carried the key of Target cell and the key of reconstruction community that described source RN calculates, by the common affiliated base station in Target cell described in described handover request message informing and reconstruction community.Compared with prior art, the embodiment of the present invention can be carried out key synchronization by DeNB when UE switches, thereby guarantees the communication security between UE and target network node.
Embodiment tri-
The present embodiment provides in a kind of relay system security processing when user is switched, and as shown in Figure 3, described method comprises:
301, for source RN provides the DeNB of access, receive the handover request message for UE that described source RN sends, described handover request message is carried Target Cell Identifier and is rebuild cell ID.
302, the NCC value for described UE that described DeNB stores this locality and NH value are carried in described handover request message notifies described Target cell and reconstruction community common affiliated base station.
Security processing when user is switched in embodiment of the present invention relay system, for providing the DeNB of access, source RN receives the handover request message for UE that described source RN sends, the NCC value for described UE of this locality storage and NH value are carried at and in described handover request message, notify described Target cell and rebuild the base station of community under common, by described Target cell with rebuild the base station of community under common according to the NCC value for described UE and the key of the described Target cell of NH value calculating and the key of reconstruction community.Compared with prior art, the embodiment of the present invention can be carried out key synchronization by DeNB when UE switches, thereby guarantees the communication security between UE and target network node.
Embodiment tetra-
The present embodiment provides in a kind of relay system security processing when user is switched, and as shown in Figure 4, described method comprises:
401, target BS receives the security parameter of described Target cell and reconstruction community, and wherein, described security parameter comprises key.
402, when described Target cell with when rebuilding community and not belonging to same node, described target BS is notified the node under described Target cell by the security parameter of described Target cell, by the security parameter of described reconstruction community, notifies the node under described reconstruction community.
Wherein, described Target cell and rebuild community and do not belong to same node and specifically can comprise:
Described Target cell belongs to the RN under described target BS, and described reconstruction community belongs to described target BS;
Or
Described Target cell belongs to described target BS, and described reconstruction community belongs to the RN under described target BS;
Or
Described Target cell belongs to the RN under described target BS, and described reconstruction community belongs to the 2nd RN under described target BS;
Or
Described Target cell belongs to the RN under described target BS, and a described reconstruction community part belongs to the 2nd RN under described target BS, and another part belongs to described target BS;
Or
Described Target cell belongs to described target BS, and a described reconstruction community part belongs to described target BS, and another part belongs to the RN under described target BS.
Security processing when user is switched in embodiment of the present invention relay system, target BS receives described Target cell and rebuilds the security parameter of community, wherein, described security parameter comprises key, when described Target cell does not belong to same node with reconstruction community, described target BS is notified the node under described Target cell by the security parameter of described Target cell, by the security parameter of described reconstruction community, notifies the node under described reconstruction community.Compared with prior art, the embodiment of the present invention can be carried out the synchronous of security parameter when UE switches, thereby guarantees the communication security between UE and target network node.
Embodiment five
The present embodiment provides in a kind of relay system security processing when user is switched, in the present embodiment, UE switches to target DeNB by source RN, wherein, target DeNB provides the DeNB of access for this RN, the Target cell of switching and reconstruction community may be all target DeNB Xia communities, may Target cell be also target DeNB Xia communities, and rebuild community, are YuanRNXia communities.
Security processing when as shown in Figure 5, user is switched in described relay system comprises:
501, UE sends measurement report to source RN.
502, source RN carries out switch decision according to this measurement report, and select target community and reconstruction community, be respectively Target cell and each rebuilds community computation key KeNB*.
Key K eNB* calculates according to following formula (1):
KeNB*=KDF(KeNB/NH,PCI,DL-AERFCN) (1)
Wherein, KDF is the function of computation key KeNB*, and this KDF function comprises following input:
The key K eNB of the current use of source RN or NH (Next Hop, down hop) value;
The PCI (Physical Cell Identity, Physical Cell Identifier) of Target cell or reconstruction community;
The DL-AERFCN (Down-Link E-UTRA Absolute Radio Frequency Channel Number, the absolute wireless frequency number of channel of descending E-UTRA) of Target cell or reconstruction community.
503, source RN sends handover request message to target DeNB, the security algorithm that this message comprises security algorithm that source RN is used, the key of Target cell and corresponding NCC (Next-Hop Chain Counter, lower jumping chain counting) thereof, the key of respectively rebuilding community and corresponding NCC thereof and UE support.
Wherein, the security algorithm that described source RN is used and the key of respectively rebuilding community, for being switched to by source RN as UE after target DeNB failure, are used while switching to reconstruction community.
504, target DeNB receives handover request message by source RN, and cell ID and NCC that each key K eNB* is corresponding with it carry out associated preservation, and in the security algorithm of being supported by UE, select a security algorithm.
Particularly, target DeNB in total security algorithm, selects a security algorithm that priority is higher, as the security algorithm of target DeNB selection in the security algorithm that the security algorithm of oneself supporting and UE support.
Optionally, the key K eNB* that target DeNB also can not used source RN to calculate, but computation key KeNB* in the following way:
Mode 1: when the NCC value of preserving when target DeNB is upper is greater than the NCC value of carrying in the handover request message that target DeNB receives, while showing to preserve fresh NCC, NH value on target DeNB, the NH computation key KeNB* of target DeNB use preservation.
Mode 1: while not preserving fresh NCC, NH value on target DeNB, but in the handover request message that target DeNB receives, carry the key K eNB of the current use of source RN, target DeNB is used this key K eNB, utilizes formula (1) computation key KeNB*.
Optionally, if target DeNB determines as Target cell and rebuilds community computation key, and on target DeNB, preserve fresh NCC, NH value, target DeNB utilizes formula (1), using NH value, Target cell or rebuild the PCI of community and DL-AERFCN as input, calculate the key K eNB* of target DeNB; If target DeNB determines as Target cell and rebuilds on community computation key and target DeNB and do not preserve fresh NCC, NH value, target DeNB utilizes formula (1), using the current use of UE key K eNB*, Target cell or rebuild the PCI of community and DL-AERFCN as input, calculate the key K eNB* of target DeNB.
Optionally, if the key that target DeNB determines not calculate Target cell and rebuilds community, and the upper NCC value of preserving of target DeNB is greater than the NCC value of carrying in handover request message, and target DeNB sends to source RN by the NCC of preservation, NH value by switching request acknowledgement message subsequently.
Further, if there is the community of reconstruction to belong to other source RN under target DeNB, described method can also comprise:
The information such as security algorithm that target DeNB is used key corresponding to this reconstruction community and corresponding NCC thereof and source RN send to the RN under this reconstruction community.
505, target DeNB sends switching request acknowledgement message to source RN, and this message comprises the security algorithm that NCC that the key of Target cell is corresponding and target DeNB select.
506, source RN sends switching command message to UE, and this message comprises the security algorithm that NCC that the key of Target cell is corresponding and target DeNB select.
507, UE calculates the key of NH and UE according to described NCC.
Wherein, the key of UE calculates according to formula (1).
After this, UE can select according to the key of described UE and target DeNB security algorithm and target DeNB communicate.
508, UE sends handoff completion message to target DeNB.
Optionally, described method can also comprise:
509, target DeNB is to MME (Mobility Management Entity, Mobility Management Entity) transmit path modify request messages, and this message comprises the security algorithm of the UE support that source RN sends over.
510, MME is at local update NCC and NH.
511, MME revises request acknowledge message to target DeNB reverse-path, and this message comprises NCC and the NH after renewal.
512, target DeNB preserves NCC and the NH after described renewal.
Security processing when user is switched in embodiment of the present invention relay system, when UE switches to target DeNB by source RN, source RN sends handover request message to target DeNB, the switching request acknowledgement message that receiving target DeNB sends, and send switching command message to UE, described switching command message comprises the NCC of Target cell and each reconstruction community and the security algorithm that target DeNB selects, the security algorithm of being selected according to NCC and target DeNB by UE carry out key synchronization and security algorithm synchronous, thereby guarantee the communication security between UE and target DeNB.
Embodiment six
The present embodiment provides in a kind of relay system security processing when user is switched, and in the present embodiment, UE switches to target RN by source RN, and wherein, source RN and target RN are positioned under same DeNB.
Security processing when as shown in Figure 6, user is switched in described relay system comprises:
601, UE sends measurement report to source RN.
602, source RN carries out switch decision according to this measurement report, select target community and reconstruction community.
Optionally, source RN can be respectively Target cell and each rebuilds community computation key KeNB*, specifically can be referring to 502.
603, source RN sends handover request message to DeNB, and this message comprises the security algorithm of source RN use and the security algorithm that UE supports.
Optionally, if key K eNB* has been calculated in RNWei Target cell, source and each reconstruction community, in this message, also comprise key and corresponding NCC and key and the corresponding NCC thereof that respectively rebuilds community of Target cell.
604, DeNB receives the first handover request message by source RN, determines whether Target cell and rebuilds community computation key.
If do not comprise key and corresponding NCC and key and the corresponding NCC thereof that respectively rebuilds community of Target cell in this message, DeNB computation key KeNB* in the following way:
Mode 1: when the NCC value of preserving when DeNB is upper is greater than the NCC value of carrying in the handover request message that DeNB receives, while showing to preserve fresh NCC, NH value on DeNB, the NH computation key KeNB* of DeNB use preservation.
Mode 1: while not preserving fresh NCC, NH value on DeNB, but carry the key K eNB of the current use of source RN in the handover request message that DeNB receives, DeNB is used this key K eNB, utilizes formula (1) computation key KeNB*.
Optionally, if DeNB determines to be Target cell and reconstruction community computation key, and preserves fresh NCC, NH value on DeNB, DeNB utilizes formula (1), using NH value, Target cell or rebuild the PCI of community and DL-AERFCN as input, calculate the key K eNB* of DeNB; If DeNB determines as Target cell and rebuilds on community computation key and DeNB and do not preserve fresh NCC, NH value, DeNB utilizes formula (1), using the current use of UE key K eNB*, Target cell or rebuild the PCI of community and DL-AERFCN as input, calculate the key K eNB* of DeNB.
Optionally, if the key that DeNB determines not calculate Target cell and rebuilds community, and the NCC value of the upper preservation of DeNB is greater than the NCC value of carrying in handover request message, DeNB sends to source RN by the NCC of preservation, NH value by switching request acknowledgement message subsequently.
If this message comprises key and corresponding NCC and key and the corresponding NCC thereof that respectively rebuilds community of Target cell, DeNB does not calculate key K eNB*.
605, the key that DeNB preserves reconstruction community is, the security algorithm that the security algorithm that source RN is used and UE support, to target RN, send handover request message, this message comprises the key of Target cell, the security algorithm that UE supports, or, also comprise the information such as NCC, NH that DeNB adds.
Further, if there is the community of reconstruction to belong to other RN under DeNB, described method can also comprise:
The information such as security algorithm that DeNB is used key corresponding to this reconstruction community and corresponding NCC thereof and source RN send to the RN under this reconstruction community.
606, target RN receives handover request message by DeNB, if this message comprises fresh NCC and NH value:
Target RN calculates the key of Target cell according to fresh NH, and this key NCC corresponding with NH carried out to associated preservation;
Or
Target RN preserves fresh NCC and NH, and by the preservation associated with NCC of the key in this message.
Further, in the security algorithm that target RN is supported by UE, select a security algorithm.
607, target RN sends switching request acknowledgement message to DeNB, and this message comprises the security algorithm that NCC that the key of Target cell is corresponding and target RN select.
608, DeNB is transmitted to source RN by this switching request acknowledgement message.
609, source RN sends switching command message to UE, and this message comprises the security algorithm that NCC that the key of Target cell is corresponding and target RN select.
610, UE calculates the key of NH and UE according to described NCC.
Wherein, the key of UE calculates according to formula (1).
After this, UE can select according to the key of described UE and target RN security algorithm and target RN communicate.
611, UE sends handoff completion message to target RN.
Optionally, described method can also comprise:
612, target RN is to DeNB transmit path modify request messages, and this message comprises the security algorithm of the UE support that source RN sends over.
613, DeNB is transmitted to MME by this path modify request messages.
614, MME revises request acknowledge message to DeNB reverse-path, and this message comprises fresh NCC and NH.
615, DeNB revises request acknowledge message by this path and is transmitted to target RN.
Wherein, DeNB can be kept at this locality by NCC and NH in this message, does not send to target RN; Or DeNB is all transmitted to target RN by this message.
Optionally, can not carry out 612 and 615, only in 607 rear execution 613 and 614.
Security processing when user is switched in embodiment of the present invention relay system, when UE switches to target RN by source RN, source RN sends handover request message to target RN, the switching request acknowledgement message that receiving target RN sends, and send switching command message to UE, described switching command message comprises the NCC of Target cell and each reconstruction community and the security algorithm that target RN selects, the security algorithm of being selected according to NCC and target RN by UE carry out key synchronization and security algorithm synchronous, thereby guarantee the communication security between UE and target RN.
Embodiment seven
The present embodiment provides in a kind of relay system security processing when user is switched, and in the present embodiment, UE switches to target eNB by source RN; For source RN provides the DeNB of access and target eNB, be positioned under same MME, and have X2 interface between DeNB and target eNB, adopt X2 to switch.
Wherein, Target cell is target eNB Xia community, rebuilds community and comprises target eNB Xia community, or also comprise RNXia community under target eNB.
Security processing when as shown in Figure 7, user is switched in described relay system comprises:
701, UE sends measurement report to source RN.
702, source RN carries out switch decision according to this measurement report, select target community and reconstruction community.
Optionally, source RN can be respectively Target cell and each rebuilds community computation key KeNB*, specifically can be referring to 502.
703, source RN sends handover request message to DeNB, and this message comprises the security algorithm of source RN use and the security algorithm that UE supports.
Optionally, if key K eNB* has been calculated in RNWei Target cell, source and each reconstruction community, in this message, also comprise key and corresponding NCC and key and the corresponding NCC thereof that respectively rebuilds community of Target cell.
704, DeNB receives handover request message by source RN, determines whether Target cell and rebuilds community computation key.
Specifically can, with reference to 604, not repeat them here.
705, the key that DeNB preserves reconstruction community is, the security algorithm that the security algorithm that source RN is used and UE support, to target eNB, send handover request message, this message comprises the security algorithm that key corresponding to Target cell, UE support, or, also comprise the information such as NCC, NH that DeNB adds.
Further, if there is the community of reconstruction to belong to the RN under target eNB, described method can also comprise:
The information such as security algorithm that target eNB is used key corresponding to this reconstruction community and corresponding NCC thereof and source RN send to the RN under this reconstruction community.
706, target eNB receives handover request message by DeNB, if this message comprises fresh NCC and NH value:
Target eNB is calculated the key of Target cell according to fresh NH, and this key NCC corresponding with NH carried out to associated preservation;
Or
Target eNB is preserved fresh NCC and NH, and by the preservation associated with NCC of the key in this message.
Further, in the security algorithm that target eNB is supported by UE, select a security algorithm.
707, target eNB sends switching request acknowledgement message to DeNB, and this message comprises the security algorithm that NCC that the key of Target cell is corresponding and target eNB are selected.
708, DeNB is transmitted to source RN by this switching request acknowledgement message.
709, source RN sends switching command message to UE, and this message comprises the security algorithm that NCC that the key of Target cell is corresponding and target eNB are selected.
710, UE calculates the key of NH and UE according to described NCC.
Wherein, the key of UE calculates according to formula (1).
After this, UE can select according to the key of described UE and target eNB security algorithm and target eNB communicate.
711, UE sends handoff completion message to target eNB.
712, target eNB is to MME transmit path modify request messages, and this message comprises the security algorithm that UE supports.
713, MME revises request acknowledge message to target eNB reverse-path, and this message comprises fresh NCC and NH.
Security processing when user is switched in embodiment of the present invention relay system, when UE switches to target eNB by source RN, source RN sends handover request message to target eNB, the switching request acknowledgement message that receiving target eNB sends, and send switching command message to UE, described switching command message comprises the NCC of Target cell and each reconstruction community and the security algorithm that target eNB is selected, the security algorithm of being selected according to NCC and target eNB by UE carry out key synchronization and security algorithm synchronous, thereby guarantee the communication security between UE and target eNB.
Embodiment eight
The present embodiment provides in a kind of relay system security processing when user is switched, and in the present embodiment, UE switches to target eNB by source RN; For source RN provides the DeNB of access, be positioned under different MME from target eNB, between DeNB and target eNB, do not have X2 interface, adopt S1 to switch.
Wherein, Target cell is target eNB Xia community, rebuilds community and comprises target eNB Xia community, or also comprise RNXia community under target eNB.
Security processing when as shown in Figure 8, user is switched in described relay system comprises:
801, UE sends measurement report to source RN.
802, source RN carries out switch decision according to this measurement report, select target community and reconstruction community.
Optionally, source RN can be respectively Target cell and each rebuilds community computation key KeNB*, specifically can be referring to 502.
803, source RN sends handover request message to DeNB, and this message comprises the security algorithm of source RN use and the security algorithm that UE supports.
Optionally, if key K eNB* has been calculated in RNWei Target cell, source and each reconstruction community, in this message, also comprise key and corresponding NCC and key and the corresponding NCC thereof that respectively rebuilds community of Target cell.
804, DeNB receives handover request message by source RN, determines whether Target cell and rebuilds community computation key.
Specifically can, with reference to 604, not repeat them here.
805, DeNB is transmitted to source MME by handover request message.
806, source MME upgrades NCC and NH.
807, source MME sends S10 to target MME and forwards RELOCATION REQUEST message, this message comprises security algorithm that NCC after renewal and NH value, UE support, security algorithm, Kasme, the KSI that source RN is used, or also comprise key and the corresponding NCC thereof of the Target cell that DeNB calculates.
808, target MME sends handover request message to target eNB, and this message comprises security algorithm that NCC after renewal and NH value, UE support, the security algorithm that source RN is used, or also comprise the key of the Target cell that DeNB calculates and the NCC of correspondence thereof.
809, target eNB is by the key of Target cell and corresponding associated preservation of NCC thereof.
Optionally, if do not comprise key and the corresponding NCC thereof of the Target cell that DeNB calculates in this message, target eNB, according to the NH value after upgrading, is calculated the key of Target cell.
810, the security algorithm that target eNB is supported from UE, select a security algorithm, to target MME, send switching response message, this message comprises the security algorithm of target eNB selection and the NCC after renewal.
811, target MME sends S10 to source MME and forwards relocation response message, and this message comprises the security algorithm of target eNB selection and the NCC after renewal.
812, source MME sends switching request acknowledgement message to DeNB, and this message comprises the security algorithm of target eNB selection and the NCC after renewal.
813, DeNB sends switching request acknowledgement message to source RN, and this message comprises the security algorithm of target eNB selection and the NCC after renewal.
814, source RN sends switching command message to UE, and this message comprises the security algorithm of target eNB selection and the NCC after renewal.
815, UE calculates the key of NH and UE according to NCC, and the key of UE is carried out to associated preservation with NCC.
Wherein, the key of UE calculates according to formula (1).
After this, UE can select according to the key of described UE and target eNB security algorithm and target eNB communicate.
816, UE sends handoff completion message to target eNB.
817, target eNB sends handoff notification message to target MME.
Security processing when user is switched in embodiment of the present invention relay system, when UE switches to target eNB by source RN, source RN sends handover request message to target eNB, the switching request acknowledgement message that receiving target eNB sends, and send switching command message to UE, described switching command message comprises the NCC of Target cell and each reconstruction community and the security algorithm that target eNB is selected, the security algorithm of being selected according to NCC and target eNB by UE carry out key synchronization and security algorithm synchronous, thereby guarantee the communication security between UE and target eNB.
Embodiment nine
The present embodiment provides in a kind of relay system security processing when user is switched, and in the present embodiment, UE switches to target RN by source RN, and wherein, source RN and target RN lay respectively under different DeNB; For source RN provides the source DeNB of access and is positioned under same MME for target RN provides the target DeNB of access, between source DeNB and target DeNB, there is X2 interface, adopt X2 to switch.
Security processing when as shown in Figure 9, user is switched in described relay system comprises:
901, UE sends measurement report to source RN.
902, source RN carries out switch decision according to this measurement report, select target community and reconstruction community.
Optionally, source RN can be respectively Target cell and each rebuilds community computation key KeNB*, specifically can be referring to 502.
903, source RNXiang source DeNB sends handover request message, and this message comprises the security algorithm of source RN use and the security algorithm that UE supports.
Optionally, if key K eNB* has been calculated in RNWei Target cell, source and each reconstruction community, in this message, also comprise key and corresponding NCC and key and the corresponding NCC thereof that respectively rebuilds community of Target cell.
904, source DeNB receives handover request message by source RN, determines whether Target cell and rebuilds community computation key.
Specifically can, with reference to 604, not repeat them here.
905, the key that source DeNB preserves reconstruction community is, the security algorithm that the security algorithm that source RN is used and UE support, to target DeNB, send handover request message, this message comprises the key of Target cell, the security algorithm that UE supports, or, also comprise the information such as NCC, NH that source DeNB adds.
906, target DeNB will be transmitted to target RN to switching message.
907, target RN receives this handover request message by target DeNB, if this message comprises fresh NCC and NH value:
Target RN calculates the key of Target cell according to fresh NH, and this key NCC corresponding with NH carried out to associated preservation;
Or
Target RN preserves fresh NCC and NH, and by the preservation associated with NCC of the key in this message.
Further, in the security algorithm that target RN is supported by UE, select a security algorithm.
908, target RN sends switching request acknowledgement message to target DeNB, and this message comprises the security algorithm that NCC that the key of Target cell is corresponding and target RN select.
909, target DeNB is transmitted to source DeNB by this switching request acknowledgement message.
910, source DeNB is transmitted to source RN by this switching request acknowledgement message.
911, source RN sends switching command message to UE, and this message comprises the security algorithm that NCC that the key of Target cell is corresponding and target RN select.
912, UE calculates the key of NH and UE according to described NCC.
Wherein, the key of UE calculates according to formula (1).
After this, UE can select according to the key of described UE and target RN security algorithm and target RN communicate.
913, UE sends handoff completion message to target RN.
Optionally, described method can also comprise:
914, target RN is to target DeNB transmit path modify request messages.
915, target DeNB is transmitted to MME by this path modify request messages.
916, MME revises request acknowledge message to target DeNB reverse-path.
917, target DeNB revises request acknowledge message by this path and is transmitted to target RN.
Security processing when user is switched in embodiment of the present invention relay system, when UE switches to target RN by source RN, source RN sends handover request message to target RN, the switching request acknowledgement message that receiving target RN sends, and send switching command message to UE, described switching command message comprises the NCC of Target cell and each reconstruction community and the security algorithm that target RN selects, the security algorithm of being selected according to NCC and target RN by UE carry out key synchronization and security algorithm synchronous, thereby guarantee the communication security between UE and target RN.
Embodiment ten
The present embodiment provides in a kind of relay system security processing when user is switched, and in the present embodiment, UE switches to target RN by source RN, and wherein, source RN and target RN lay respectively under different DeNB; For source RN provides the source DeNB of access, be positioned under different MME from the target DeNB of access is provided for target RN, between source DeNB and target DeNB, do not have X2 interface, adopt S1 to switch.
Security processing when as shown in figure 10, user is switched in described relay system comprises:
1001, UE sends measurement report to source RN.
1002, source RN carries out switch decision according to this measurement report, select target community and reconstruction community.
Optionally, source RN can be respectively Target cell and each rebuilds community computation key KeNB*, specifically can be referring to 502.
1003, source RNXiang source DeNB sends handover request message, and this message comprises the security algorithm of source RN use and the security algorithm that UE supports.
Optionally, if key K eNB* has been calculated in RNWei Target cell, source and each reconstruction community, in this message, also comprise key and corresponding NCC and key and the corresponding NCC thereof that respectively rebuilds community of Target cell.
1004, source DeNB receives handover request message by source RN, determines whether Target cell and rebuilds community computation key.
Specifically can, with reference to 604, not repeat them here.
1005, source DeNB is transmitted to source MME by handover request message.
1006, source MME upgrades NCC and NH.
1007, source MME sends S10 to target MME and forwards RELOCATION REQUEST message, this message comprises security algorithm that NCC after renewal and NH value, UE support, security algorithm, Kasme, the KSI that source RN is used, or also comprise key and corresponding NCC and key and the corresponding NCC thereof that respectively rebuilds community of the Target cell that source DeNB calculates.
1008, target MME sends handover request message to target DeNB, this message comprises security algorithm that NCC after renewal and NH value, UE support, the security algorithm that source RN is used, or also comprise key and corresponding NCC and key and the corresponding NCC thereof that respectively rebuilds community of the Target cell that source DeNB calculates.
1009, target DeNB sends handover request message to target RN, this message comprises security algorithm that NCC after renewal and NH value, UE support, the security algorithm that source RN is used, or also comprise key and corresponding NCC and key and the corresponding NCC thereof that respectively rebuilds community of the Target cell that source DeNB calculates.
Optionally, target DeNB can also calculate the key K eNB* of Target cell and each reconstruction community.
Further, if there is the community of reconstruction to belong to other RN under target DeNB, described method can also comprise:
The information such as security algorithm that target DeNB is used key corresponding to this reconstruction community and corresponding NCC thereof and source RN send to the RN under this reconstruction community.
1010, target RN is by the key of Target cell and corresponding associated preservation of NCC thereof.
1011, the security algorithm that target RN supports from UE, select a security algorithm, to target DeNB, send switching response message, this message comprises the security algorithm of target RN selection and the NCC after renewal.
1012, target DeNB sends switching response message to target MME, and this message comprises the security algorithm of target RN selection and the NCC after renewal.
1013, target MME sends S10 to source MME and forwards reorientation message, and this message comprises the security algorithm of target RN selection and the NCC after renewal.
1014, source MMEXiang source DeNB sends switching request acknowledgement message, and this message comprises the security algorithm of target RN selection and the NCC after renewal.
1015, source DeNB sends switching request acknowledgement message to source RN, and this message comprises the security algorithm of target RN selection and the NCC after renewal.
1016, source RN sends switching command message to UE, and this message comprises the security algorithm of target RN selection and the NCC after renewal.
1017, UE calculates the key of NH and UE according to NCC, and the key of UE is carried out to associated preservation with NCC.
Wherein, the key of UE calculates according to formula (1).
After this, UE can select according to the key of described UE and target RN security algorithm and target RN communicate.
1018, UE sends handoff completion message to target RN.
Security processing when user is switched in embodiment of the present invention relay system, when UE switches to target RN by source RN, source RN sends handover request message to target RN, the switching request acknowledgement message that receiving target RN sends, and send switching command message to UE, described switching command message comprises the NCC of Target cell and each reconstruction community and the security algorithm that target RN selects, the security algorithm of being selected according to NCC and target RN by UE carry out key synchronization and security algorithm synchronous, thereby guarantee the communication security between UE and target RN.
Embodiment 11
The present embodiment provides a kind of base station, and as shown in figure 11, described base station comprises:
The first receiver module 1101, the handover request message for UE sending for reception sources RN, described handover request message is carried Target Cell Identifier and is rebuild cell ID;
The first notification module 1103, for the base station under Target cell described in the key notification of the key of described Target cell and described reconstruction community and reconstruction community is common.
The NCC value of also carrying described UE in the handover request message that further, described the first receiver module 1101 receives;
As shown in figure 12, described computing module 1102 can comprise:
The first comparing unit 11021, the NCC value sending over for NCC value and the described RN of more local storage;
The first computing unit 11022, while being greater than for the NCC value when the local storage of described DeNB the NCC value that described RN sends over, NH value corresponding to NCC of using local storage is described Target cell and reconstruction community difference computation key;
Or,
In the handover request message that described the first receiver module 1101 receives, also carry the lower jumping chain counting NCC value of described UE and the key of the current use of described source RN;
As shown in figure 13, described computing module 1102 can comprise:
The second comparing unit 11023, the NCC value sending over for NCC value and the described RN of more local storage;
The second computing unit 11024, while being less than or equal to the NCC value of the Target cell that described RN sends over for the NCC value when the local storage of described DeNB, the key that uses the current use of described source RN is that computation key is distinguished in described Target cell and reconstruction community.
Embodiment of the present invention base station, for providing the DeNB of access, source RN receives the handover request message for UE that described source RN sends, for described Target cell and reconstruction community difference computation key, by the common affiliated base station in Target cell described in the key notification of the key of described Target cell and described reconstruction community and reconstruction community.Compared with prior art, the embodiment of the present invention can be carried out key synchronization by DeNB when UE switches, thereby guarantees the communication security between UE and target network node.
Embodiment 12
The present embodiment provides a kind of base station, and as shown in figure 14, described base station comprises:
The second receiver module 1401, the handover request message for UE sending for reception sources RN, described handover request message is carried Target Cell Identifier and is rebuild cell ID, and the key of the Target cell that calculates of described source RN and rebuild the key of community;
The second notification module 1402, for the base station under Target cell described in described handover request message informing and reconstruction community is common.
Further, described the second notification module 1402, specifically for key and corresponding NCC and key and the corresponding NCC thereof that rebuilds community of described Target cell that the security capabilities information of described UE, described source RN are calculated, and the security algorithm that uses for described UE of described source RN is notified described Target cell and is rebuild the base station of community under common.
Further, described the second notification module 1402, specifically for the key of Target cell that described source RN is calculated and rebuild the key of community, the NCC value for described UE of the security capabilities information of described UE, security algorithm that described source RN is used for described UE and the local storage of described DeNB and NH value are notified described Target cell and rebuild affiliated base station jointly, community.
Embodiment of the present invention base station, for providing the DeNB of access, source RN receives the handover request message for UE that described source RN sends, described handover request message is carried the key of Target cell and the key of reconstruction community that described source RN calculates, by the common affiliated base station in Target cell described in described handover request message informing and reconstruction community.Compared with prior art, the embodiment of the present invention can be carried out key synchronization by DeNB when UE switches, thereby guarantees the communication security between UE and target network node.
Embodiment 13
The present embodiment provides a kind of base station, and as shown in figure 15, described base station comprises:
The 3rd receiver module 1501, the handover request message for UE sending for receiving described source RN, described handover request message is carried Target Cell Identifier and is rebuild cell ID;
Further, described third notice module 1502, specifically for by the security algorithm of the current use of described source RN, the security capabilities information of described UE, and the NCC value for described UE of the local storage of described DeNB and NH value are notified described Target cell and reconstruction community affiliated base station jointly.
Embodiment of the present invention base station, for providing the DeNB of access, source RN receives the handover request message for UE that described source RN sends, the NCC value for described UE of this locality storage and NH value are carried at and in described handover request message, notify described Target cell and rebuild the base station of community under common, by described Target cell with rebuild the base station of community under common according to the NCC value for described UE and the key of the described Target cell of NH value calculating and the key of reconstruction community.Compared with prior art, the embodiment of the present invention can be carried out key synchronization by DeNB when UE switches, thereby guarantees the communication security between UE and target network node.
Embodiment 14
The present embodiment provides a kind of base station, and as shown in figure 16, described base station comprises:
The 4th receiver module 1601, for receiving the security parameter of described Target cell and reconstruction community, wherein, described security parameter comprises key;
The 4th notification module 1602, for when described Target cell does not belong to same node with reconstruction community, by the security parameter of described Target cell, notify the node under described Target cell, by the security parameter of described reconstruction community, notify the node under described reconstruction community.
Further, when described reconstruction community belongs to described target BS, described the 4th notification module 1602, specifically for preserving the security parameter of described reconstruction community.
Further, as shown in figure 17, described the 4th receiver module 1601, the NCC and the NH value that also for receiving MME, issue;
Described base station can also comprise:
The 5th notification module 1604, for by described NCC and NH value notification target RN.
Embodiment of the present invention base station, target BS receives described Target cell and rebuilds the security parameter of community, wherein, described security parameter comprises key, when described Target cell does not belong to same node with reconstruction community, described target BS is notified the node under described Target cell by the security parameter of described Target cell, by the security parameter of described reconstruction community, notifies the node under described reconstruction community.Compared with prior art, the embodiment of the present invention can be carried out the synchronous of security parameter when UE switches, thereby guarantees the communication security between UE and target network node.
The above-mentioned embodiment of the method providing can be provided in the base station that the embodiment of the present invention provides.The user that security processing when user is switched in the relay system that the embodiment of the present invention provides and base station go in relay system is switched, but is not limited only to this.
One of ordinary skill in the art will appreciate that all or part of flow process realizing in above-described embodiment method, to come the hardware that instruction is relevant to complete by computer program, described program can be stored in a computer read/write memory medium, this program, when carrying out, can comprise as the flow process of the embodiment of above-mentioned each side method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) etc.
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited to this, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; the variation that can expect easily or replacement, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (23)
1. security processing when user is switched in relay system, is characterized in that, comprising:
For source via node RN provides the anchor point evolution base station DeNB of access, receive the handover request message for user equipment (UE) that described source RN sends, described handover request message is carried Target Cell Identifier and is rebuild cell ID;
Described DeNB is described Target cell and rebuilds community computation key respectively;
Described DeNB is by Target cell described in the key notification of the key of described Target cell and described reconstruction community and rebuild common affiliated base station, community.
2. method according to claim 1, is characterized in that,
In described handover request message, also carry the lower jumping chain counting NCC value of described UE, described DeNB be described Target cell and reconstruction community respectively computation key comprise:
The NCC value that the NCC value of the more local storage of described DeNB and described RN send over;
If the NCC value of the local storage of described DeNB is greater than the NCC value that described RN sends over, NH value corresponding to NCC that described DeNB is used this locality to store is described Target cell and rebuilds community computation key respectively;
Or,
In described handover request message, also carry the lower jumping chain counting NCC value of described UE and the key of the current use of described source RN, described DeNB be described Target cell and reconstruction community respectively computation key comprise:
The NCC value that the NCC value of the more local storage of described DeNB and described RN send over;
If the NCC value of the local storage of described DeNB is less than or equal to the NCC value that described RN sends over, it is described Target cell and reconstruction community difference computation key that described DeNB is used the key of the current use of described source RN.
3. security processing when user is switched in relay system, is characterized in that, comprising:
For source RN provides the DeNB of access, receive the handover request message for UE that described source RN sends, described handover request message is carried Target Cell Identifier and is rebuild cell ID, and the key of the Target cell that calculates of described source RN and rebuild the key of community;
Described DeNB is by Target cell described in described handover request message informing and rebuild common affiliated base station, community.
4. method according to claim 3, is characterized in that, described DeNB comprises the common affiliated base station in Target cell described in described handover request message informing and reconstruction community:
The key of the described Target cell that described DeNB calculates the security capabilities information of described UE, described source RN and corresponding NCC and key and the corresponding NCC thereof that rebuilds community, and the security algorithm that uses for described UE of described source RN is notified described Target cell and is rebuild the base station of community under common.
5. method according to claim 3, is characterized in that, described DeNB comprises the common affiliated base station in Target cell described in described handover request message informing and reconstruction community:
The key of the Target cell that described DeNB calculates described source RN and rebuild the key of community, the NCC value for described UE of the security capabilities information of described UE, security algorithm that described source RN is used for described UE and the local storage of described DeNB and NH value are notified described Target cell and rebuild affiliated base station jointly, community.
6. method according to claim 5, is characterized in that, also comprises:
The key of the described Target cell of the calculating of the NH value for described UE and the key of reconstruction community of the local storage of described DeNB used in the common affiliated base station in described Target cell and reconstruction community;
Or
The NCC value for described UE and the NH value of the local storage of described DeNB are stored in base station under described Target cell and reconstruction community are common.
7. security processing when user is switched in relay system, is characterized in that, comprising:
For source RN provides the DeNB of access, receive the handover request message for UE that described source RN sends, described handover request message is carried Target Cell Identifier and is rebuild cell ID;
The NCC value for described UE that described DeNB stores this locality and NH value are carried in described handover request message notifies described Target cell and reconstruction community common affiliated base station.
8. method according to claim 7, is characterized in that, the NCC value that described DeNB stores this locality and NH value are carried in described handover request message notifies the common affiliated base station in described Target cell and reconstruction community to comprise:
Described DeNB is the security algorithm of the current use of described source RN, the security capabilities information of described UE, and the NCC value for described UE of the local storage of described DeNB and NH value are notified described Target cell and reconstruction community affiliated base station jointly.
9. according to the method described in claim 7 or 8, it is characterized in that, also comprise:
Base station under described Target cell and reconstruction community are common is used the described Target cell of calculating of the NH value for described UE of the local storage of described DeNB and is rebuild the key of community;
Or
The NCC value for described UE and the NH value of the local storage of described DeNB are stored in base station under described Target cell and reconstruction community are common.
10. security processing when user is switched in relay system, is characterized in that, comprising:
Target BS receives described Target cell and rebuilds the security parameter of community, and wherein, described security parameter comprises key;
When described Target cell with when rebuilding community and not belonging to same node, described target BS is notified the node under described Target cell by the security parameter of described Target cell, by the security parameter of described reconstruction community, notifies the node under described reconstruction community.
11. methods according to claim 10, is characterized in that, described Target cell and reconstruction community do not belong to same node and comprise:
Described Target cell belongs to the RN under described target BS, and described reconstruction community belongs to described target BS;
Or
Described Target cell belongs to described target BS, and described reconstruction community belongs to the RN under described target BS;
Or
Described Target cell belongs to the RN under described target BS, and described reconstruction community belongs to the 2nd RN under described target BS;
Or
Described Target cell belongs to the RN under described target BS, and a described reconstruction community part belongs to the 2nd RN under described target BS, and another part belongs to described target BS;
Or
Described Target cell belongs to described target BS, and a described reconstruction community part belongs to described target BS, and another part belongs to the RN under described target BS.
12. methods according to claim 10, is characterized in that, when described reconstruction community belongs to described target BS, described target BS notifies the node under described reconstruction community to be specially the security parameter of described reconstruction community:
Described target BS is preserved the security parameter of described reconstruction community.
13. methods according to claim 10, is characterized in that, described method also comprises:
NCC and NH value that described target BS receiving mobility management entity MME issues;
Described target BS is kept at this locality by described NCC and NH value; And/or
Described target BS is by described NCC and NH value notification target RN.
14. 1 kinds of base stations, is characterized in that, comprising:
The first receiver module, the handover request message for UE sending for reception sources RN, described handover request message is carried Target Cell Identifier and is rebuild cell ID;
Computing module, is used to described Target cell and rebuilds community computation key respectively;
The first notification module, for the base station under Target cell described in the key notification of the key of described Target cell and described reconstruction community and reconstruction community is common.
15. base stations according to claim 14, is characterized in that, the NCC value of also carrying described UE in the handover request message that described the first receiver module receives;
Described computing module comprises:
The first comparing unit, the NCC value sending over for NCC value and the described RN of more local storage;
The first computing unit, while being greater than for the NCC value when the local storage of described DeNB the NCC value that described source RN sends over, NH value corresponding to NCC of using local storage is described Target cell and reconstruction community difference computation key;
Or,
In the handover request message that described the first receiver module receives, also carry the lower jumping chain counting NCC value of described UE and the key of the current use of described source RN;
Described computing module comprises:
The second comparing unit, the NCC value sending over for NCC value and the described RN of more local storage;
The second computing unit, while being less than or equal to the NCC value of the Target cell that described RN sends over for the NCC value when the local storage of described DeNB, the key that uses the current use of described source RN is that computation key is distinguished in described Target cell and reconstruction community.
16. 1 kinds of base stations, is characterized in that, comprising:
The second receiver module, the handover request message for UE sending for reception sources RN, described handover request message is carried Target Cell Identifier and is rebuild cell ID, and the key of the Target cell that calculates of described source RN and rebuild the key of community;
The second notification module, for the base station under Target cell described in described handover request message informing and reconstruction community is common.
17. base stations according to claim 16, it is characterized in that, described the second notification module, specifically for key and corresponding NCC and key and the corresponding NCC thereof that rebuilds community of described Target cell that the security capabilities information of described UE, described source RN are calculated, and the security algorithm that uses for described UE of described source RN is notified described Target cell and is rebuild the base station of community under common.
18. base stations according to claim 16, it is characterized in that, described the second notification module, specifically for the key of Target cell that described source RN is calculated and rebuild the key of community, the NCC value for described UE of the security capabilities information of described UE, security algorithm that described source RN is used for described UE and the local storage of described DeNB and NH value are notified described Target cell and rebuild affiliated base station jointly, community.
19. 1 kinds of base stations, is characterized in that, comprising:
The 3rd receiver module, the handover request message for UE sending for reception sources via node RN, described handover request message is carried Target Cell Identifier and is rebuild cell ID;
Third notice module, notifies described Target cell and reconstruction community affiliated base station jointly for the NCC value for described UE of this locality storage and NH value being carried to described handover request message.
20. base stations according to claim 19, it is characterized in that, described third notice module, specifically for by the security algorithm of the current use of described source RN, the security capabilities information of described UE, and the NCC value for described UE and the NH value that store described DeNB this locality are notified described Target cell and are rebuild common affiliated base station, community.
21. 1 kinds of base stations, is characterized in that, comprising:
The 4th receiver module, for receiving the security parameter of described Target cell and reconstruction community, wherein, described security parameter comprises key;
The 4th notification module, for when described Target cell does not belong to same node with reconstruction community, by the security parameter of described Target cell, notify the node under described Target cell, by the security parameter of described reconstruction community, notify the node under described reconstruction community.
22. base stations according to claim 21, is characterized in that, when described reconstruction community belongs to described target BS, described the 4th notification module, specifically for preserving the security parameter of described reconstruction community.
23. base stations according to claim 21, is characterized in that, described the 4th receiver module, the NCC and the NH value that also for receiving MME, issue;
Described base station also comprises:
Preserve module, for described NCC and NH value are kept to this locality; And/or
The 5th notification module, for by described NCC and NH value notification target RN.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010284889.2A CN102404732B (en) | 2010-09-17 | 2010-09-17 | Safe processing method for user switching in relay system and base station |
| PCT/CN2011/075354 WO2011147367A1 (en) | 2010-09-17 | 2011-06-03 | Safety processing method and base station during user handover in relay system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010284889.2A CN102404732B (en) | 2010-09-17 | 2010-09-17 | Safe processing method for user switching in relay system and base station |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102404732A CN102404732A (en) | 2012-04-04 |
| CN102404732B true CN102404732B (en) | 2014-04-02 |
Family
ID=45003346
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010284889.2A Active CN102404732B (en) | 2010-09-17 | 2010-09-17 | Safe processing method for user switching in relay system and base station |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN102404732B (en) |
| WO (1) | WO2011147367A1 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103327475B (en) * | 2012-03-21 | 2017-05-24 | 电信科学技术研究院 | Addressing method and addressing device for cell switch |
| CN106658492A (en) * | 2015-07-23 | 2017-05-10 | 中兴通讯股份有限公司 | Cipher key updating method and cipher key updating device |
| CN107027118A (en) * | 2016-02-02 | 2017-08-08 | 中国移动通信集团公司 | Inter-cell switch method and device, base station |
| CN115604770A (en) * | 2021-06-28 | 2023-01-13 | 大唐移动通信设备有限公司(Cn) | Switching method, device, network equipment and relay terminal |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101107806A (en) * | 2005-01-21 | 2008-01-16 | 三菱电机株式会社 | Key storage device, key storage method, and program |
| CN101299888A (en) * | 2008-06-16 | 2008-11-05 | 中兴通讯股份有限公司 | Cryptographic key generation method, switching method, mobile management entity and customer equipment |
| WO2009133865A1 (en) * | 2008-04-28 | 2009-11-05 | 株式会社エヌ・ティ・ティ・ドコモ | Handover method, radio base station, and mobile station |
| CN101779391A (en) * | 2007-08-12 | 2010-07-14 | Lg电子株式会社 | Handover method with link failure recovery, wireless device and base station for implementing such method |
-
2010
- 2010-09-17 CN CN201010284889.2A patent/CN102404732B/en active Active
-
2011
- 2011-06-03 WO PCT/CN2011/075354 patent/WO2011147367A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101107806A (en) * | 2005-01-21 | 2008-01-16 | 三菱电机株式会社 | Key storage device, key storage method, and program |
| CN101779391A (en) * | 2007-08-12 | 2010-07-14 | Lg电子株式会社 | Handover method with link failure recovery, wireless device and base station for implementing such method |
| WO2009133865A1 (en) * | 2008-04-28 | 2009-11-05 | 株式会社エヌ・ティ・ティ・ドコモ | Handover method, radio base station, and mobile station |
| CN101299888A (en) * | 2008-06-16 | 2008-11-05 | 中兴通讯股份有限公司 | Cryptographic key generation method, switching method, mobile management entity and customer equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102404732A (en) | 2012-04-04 |
| WO2011147367A1 (en) | 2011-12-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102238666B (en) | Multi-carrier switch processing method and system | |
| US9301231B2 (en) | Handover method and system in relay network, relay node, control base station and base station | |
| CN101810034B (en) | Method and system for notifying cell type based on lte | |
| CN102340772B (en) | Security processing method, device and system in conversion process | |
| CN110099417B (en) | Switching method, information interaction method, equipment and computer readable storage medium | |
| CN103188663B (en) | The safe communication method of carrier aggregation and equipment between base station | |
| CN103139854B (en) | Changing method, communicator and communication system | |
| CN103442397B (en) | The cooperation changing method based on subcarrier of LTE-A relay system | |
| CN102017674B (en) | Mobile communication method, radio base station, and mobile station | |
| CN102238668A (en) | Method for performing X2 handover by gateway | |
| CN102804826B (en) | For the enhancing key management of SRNS reorientation | |
| CN102215537A (en) | Switching method, evolved Node B (eNodeB) and home gateway | |
| EP2843994A1 (en) | Eplmn list configuring method, handover target plmn selecting method, mme and enb | |
| CN104025634A (en) | Method and apparatus for managing security keys for communication authentication with mobile station in wireless communication system | |
| CN102404732B (en) | Safe processing method for user switching in relay system and base station | |
| CN105230076A (en) | Mobile communication system | |
| CN103748922A (en) | A gateway device for handling ue context and a method thereof | |
| CN105532035B (en) | Path switching method, mobile anchor point and base station | |
| CN101998388A (en) | Interaction method and device for security information | |
| CN104604271A (en) | Communication method, network side device, and user equipment | |
| CN103686911B (en) | A kind of method and apparatus switched over | |
| CN102960051A (en) | A relay node, a donor radio base station and methods therein | |
| JP5397535B2 (en) | Wireless communication system, communication control method, mobility management apparatus, mobile terminal, and base station | |
| CN106162774A (en) | Across MeNB changing method, device and base station | |
| CN102104867B (en) | Method and device thereof for addressing core network node in switching process |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |