CN107079023B - 用于下一代蜂窝网络的用户面安全 - Google Patents

用于下一代蜂窝网络的用户面安全 Download PDF

Info

Publication number
CN107079023B
CN107079023B CN201580058420.8A CN201580058420A CN107079023B CN 107079023 B CN107079023 B CN 107079023B CN 201580058420 A CN201580058420 A CN 201580058420A CN 107079023 B CN107079023 B CN 107079023B
Authority
CN
China
Prior art keywords
key
shared key
access node
shared
data traffic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201580058420.8A
Other languages
English (en)
Chinese (zh)
Other versions
CN107079023A (zh
Inventor
S·B·李
G·B·霍恩
A·帕拉尼恭德尔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN107079023A publication Critical patent/CN107079023A/zh
Application granted granted Critical
Publication of CN107079023B publication Critical patent/CN107079023B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
CN201580058420.8A 2014-10-29 2015-10-27 用于下一代蜂窝网络的用户面安全 Active CN107079023B (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201462072388P 2014-10-29 2014-10-29
US62/072,388 2014-10-29
US14/923,223 2015-10-26
US14/923,223 US10455414B2 (en) 2014-10-29 2015-10-26 User-plane security for next generation cellular networks
PCT/US2015/057640 WO2016069638A2 (en) 2014-10-29 2015-10-27 User-plane security for next generation cellular networks

Publications (2)

Publication Number Publication Date
CN107079023A CN107079023A (zh) 2017-08-18
CN107079023B true CN107079023B (zh) 2020-10-09

Family

ID=55854254

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201580058420.8A Active CN107079023B (zh) 2014-10-29 2015-10-27 用于下一代蜂窝网络的用户面安全

Country Status (6)

Country Link
US (1) US10455414B2 (enExample)
EP (2) EP3213481A2 (enExample)
JP (2) JP6903006B2 (enExample)
CN (1) CN107079023B (enExample)
TW (1) TWI672933B (enExample)
WO (1) WO2016069638A2 (enExample)

Families Citing this family (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9686675B2 (en) * 2015-03-30 2017-06-20 Netscout Systems Texas, Llc Systems, methods and devices for deriving subscriber and device identifiers in a communication network
EP3116187B1 (en) * 2015-07-09 2019-12-04 Nxp B.V. Methods for facilitating secure communication
US10412056B2 (en) * 2015-07-24 2019-09-10 Futurewei Technologies, Inc. Ultra dense network security architecture method
EP3145126B1 (en) * 2015-09-17 2024-10-23 Alcatel Lucent Apparatus, system and methods for native bridged communication in cellular access network
US10231123B2 (en) * 2015-12-07 2019-03-12 GM Global Technology Operations LLC Bluetooth low energy (BLE) communication between a mobile device and a vehicle
CN109155913B (zh) 2016-06-01 2021-05-18 华为技术有限公司 网络连接方法、安全节点的确定方法及装置
US10039146B2 (en) * 2016-07-14 2018-07-31 Sprint Communications Company L.P. General packet radio service tunneling protocol multiplexing
US10433163B2 (en) * 2016-09-19 2019-10-01 Qualcomm Incorporated Techniques for deriving security keys for a cellular network based on performance of an extensible authentication protocol (EAP) procedure
EP3567802A4 (en) * 2017-01-26 2019-12-25 Huawei Technologies Co., Ltd. METHOD, DEVICE AND SYSTEM FOR PROTECTING DATA
EP3574667B1 (en) * 2017-01-30 2021-02-24 Telefonaktiebolaget LM Ericsson (PUBL) Methods and apparatueses for security management before handover from 5g to 4g system
LU100072B1 (en) * 2017-02-13 2018-10-01 Networxinmotion Gmbh I G Intelligent node for extending a telecommunications network
US10123210B2 (en) * 2017-03-17 2018-11-06 Nokia Of America Corporation System and method for dynamic activation and deactivation of user plane integrity in wireless networks
WO2018183943A1 (en) * 2017-03-30 2018-10-04 Ncore Communications, Inc. Methods and apparatus for initializing a secure network connection
CN110493774B (zh) * 2017-05-06 2023-09-26 华为技术有限公司 密钥配置方法、装置以及系统
US11330428B2 (en) * 2017-05-08 2022-05-10 Telefonaktiebolaget Lm Ericsson (Publ) Privacy key in a wireless communication system
CN109362108B (zh) 2017-09-30 2019-11-01 华为技术有限公司 一种安全保护的方法、装置和系统
CN111357309B (zh) * 2017-11-16 2021-11-09 中兴通讯股份有限公司 用于执行数据完整性保护的方法和计算设备
CN108235300B (zh) * 2017-12-22 2020-05-22 中国科学院信息工程研究所 移动通信网络用户数据安全保护方法及系统
CN110035431A (zh) * 2018-01-12 2019-07-19 中国移动通信有限公司研究院 信息处理方法及装置、网络实体及存储介质
WO2019159290A1 (ja) * 2018-02-15 2019-08-22 富士通株式会社 通信装置、端末装置、無線通信システム及び鍵生成方法
US11652851B2 (en) 2018-04-06 2023-05-16 Nokia Technologies Oy Method and apparatus for network function messaging
CN110417708B (zh) * 2018-04-26 2021-04-20 上海华为技术有限公司 一种信息传输方法以及相关设备
US11038698B2 (en) * 2018-09-04 2021-06-15 International Business Machines Corporation Securing a path at a selected node
US10979902B2 (en) 2018-10-15 2021-04-13 Wipro Limited Method and system for securing user plane communication between user equipments and evolved NodeBs
US11310662B2 (en) * 2018-12-12 2022-04-19 Bank Of America Corporation System for 5G enabled rapid bandwidth deployment
WO2020150701A1 (en) * 2019-01-18 2020-07-23 Apple Inc. Evolved packet core (epc) solution for restricted local operator services (rlos) access using device authentication
CN112423272A (zh) * 2019-08-05 2021-02-26 华为技术有限公司 数据传输的方法和装置
CN113841366B (zh) * 2019-08-18 2023-01-13 华为技术有限公司 通信方法及装置
US11777935B2 (en) 2020-01-15 2023-10-03 Cisco Technology, Inc. Extending secondary authentication for fast roaming between service provider and enterprise network
US11778463B2 (en) 2020-03-31 2023-10-03 Cisco Technology, Inc. Techniques to generate wireless local area access network fast transition key material based on authentication to a private wireless wide area access network
US11765581B2 (en) 2020-03-31 2023-09-19 Cisco Technology, Inc. Bootstrapping fast transition (FT) keys on wireless local area access network nodes based on private wireless wide area access network information
US11706619B2 (en) 2020-03-31 2023-07-18 Cisco Technology, Inc. Techniques to facilitate fast roaming between a mobile network operator public wireless wide area access network and an enterprise private wireless wide area access network
CN113676898A (zh) * 2020-04-30 2021-11-19 华为技术有限公司 确定安全保护方法、系统及装置
US12307303B2 (en) 2021-04-09 2025-05-20 Oracle International Corporation Cloud edge device virtualization
CN115484595A (zh) * 2021-05-31 2022-12-16 华为技术有限公司 一种公私网业务的隔离方法、装置及系统
CN115701161A (zh) * 2021-07-31 2023-02-07 华为技术有限公司 建立安全传输通道的方法、确定密钥的方法及通信装置
US11902260B2 (en) * 2021-08-02 2024-02-13 Cisco Technology, Inc. Securing control/user plane traffic
CN116017427A (zh) * 2021-10-21 2023-04-25 华为技术有限公司 一种通信方法及装置
CN118176757A (zh) * 2021-11-03 2024-06-11 Oppo广东移动通信有限公司 一种连接建立及数据传输方法、装置、通信设备
US12184786B2 (en) * 2022-07-07 2024-12-31 Qualcomm Incorporated Physical layer security for user equipment to user equipment relays
GB202301467D0 (en) * 2023-02-01 2023-03-15 Nordic Semiconductor Asa Radio devices

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101039314A (zh) * 2006-03-16 2007-09-19 华为技术有限公司 一种在演进接入网络中实现安全性保证的方法
CN101299888A (zh) * 2008-06-16 2008-11-05 中兴通讯股份有限公司 密钥生成方法、切换方法、移动管理实体和用户设备
CN102137393A (zh) * 2010-12-28 2011-07-27 华为技术有限公司 一种端到端的加密方法及装置
WO2012024905A1 (zh) * 2010-08-25 2012-03-01 中兴通讯股份有限公司 一种移动通讯网中数据加解密方法、终端和ggsn
WO2014059657A1 (en) * 2012-10-19 2014-04-24 Nokia Corporation Method and device of generating a key for device-to-device communication between a first user equipment and a second user equipment

Family Cites Families (44)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7389412B2 (en) * 2001-08-10 2008-06-17 Interactive Technology Limited Of Hk System and method for secure network roaming
US7155526B2 (en) * 2002-06-19 2006-12-26 Azaire Networks, Inc. Method and system for transparently and securely interconnecting a WLAN radio access network into a GPRS/GSM core network
US8228917B2 (en) * 2005-04-26 2012-07-24 Qualcomm Incorporated Method and apparatus for ciphering and re-ordering packets in a wireless communication system
WO2007062689A1 (en) * 2005-12-01 2007-06-07 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for distributing keying information
CN101075865B (zh) 2006-05-16 2011-02-02 华为技术有限公司 一种用户面加密的启动方法
CN101094065B (zh) 2006-06-23 2011-09-28 华为技术有限公司 无线通信网络中的密钥分发方法和系统
FI20070157A0 (fi) 2007-02-23 2007-02-23 Nokia Corp Nopea päivityssanomien autentikointi avainderivaatiolla mobiileissa IP-järjestelmissä
US8769611B2 (en) * 2007-05-31 2014-07-01 Qualcomm Incorporated Methods and apparatus for providing PMIP key hierarchy in wireless communication networks
US9276909B2 (en) 2008-08-27 2016-03-01 Qualcomm Incorporated Integrity protection and/or ciphering for UE registration with a wireless network
EP2194686A1 (en) * 2008-12-03 2010-06-09 Panasonic Corporation Secure tunnel establishment upon attachment or handover to an access network
CN102090093B (zh) 2009-04-30 2013-04-17 华为技术有限公司 空口链路安全机制建立的方法、设备
US20100322189A1 (en) * 2009-06-19 2010-12-23 Telefonaktiebolaget L M Ericsson (Publ) Supporting optimized handover of a user equipment between dissimilar networks
KR101783699B1 (ko) * 2009-11-09 2017-10-10 삼성전자 주식회사 핸드오버 중에 단일 무선 영상 통화 연속성을 지원하는 방법 및 시스템
US8917625B2 (en) * 2009-11-10 2014-12-23 Broadcom Corporation Mapping quality of service (QOS) from a wireless network to a wired network
CN102143489A (zh) * 2010-02-01 2011-08-03 华为技术有限公司 中继节点的认证方法、装置及系统
US9084110B2 (en) * 2010-04-15 2015-07-14 Qualcomm Incorporated Apparatus and method for transitioning enhanced security context from a UTRAN/GERAN-based serving network to an E-UTRAN-based serving network
US8452957B2 (en) 2010-04-27 2013-05-28 Telefonaktiebolaget L M Ericsson (Publ) Method and nodes for providing secure access to cloud computing for mobile users
US20110305339A1 (en) * 2010-06-11 2011-12-15 Karl Norrman Key Establishment for Relay Node in a Wireless Communication System
US9385862B2 (en) 2010-06-16 2016-07-05 Qualcomm Incorporated Method and apparatus for binding subscriber authentication and device authentication in communication systems
US8839373B2 (en) * 2010-06-18 2014-09-16 Qualcomm Incorporated Method and apparatus for relay node management and authorization
US9572045B2 (en) * 2010-09-14 2017-02-14 Fujitsu Limited Method and system for activating a femto base station
US8885471B2 (en) * 2010-10-07 2014-11-11 Qualcomm Incorporated Methods and apparatus for providing uplink traffic differentiation support for ciphered tunnels
US10103887B2 (en) 2010-12-21 2018-10-16 Koninklijke Kpn N.V. Operator-assisted key establishment
US9521145B2 (en) 2011-10-17 2016-12-13 Mitel Mobility Inc. Methods and apparatuses to provide secure communication between an untrusted wireless access network and a trusted controlled network
GB2500720A (en) * 2012-03-30 2013-10-02 Nec Corp Providing security information to establish secure communications over a device-to-device (D2D) communication link
US8667368B2 (en) * 2012-05-04 2014-03-04 Winbond Electronics Corporation Method and apparatus for reading NAND flash memory
CN103428690B (zh) 2012-05-23 2016-09-07 华为技术有限公司 无线局域网络的安全建立方法及系统、设备
US9439214B2 (en) 2012-05-31 2016-09-06 Cisco Technology, Inc. Leveraging multiple access technologies simultaneously
US20150200942A1 (en) 2012-06-29 2015-07-16 Nec Corporation Update of security for group based feature in m2m
US20150229620A1 (en) * 2012-09-13 2015-08-13 Nec Corporation Key management in machine type communication system
EP2901766A2 (en) 2012-09-27 2015-08-05 Interdigital Patent Holdings, Inc. End-to-end architecture, api framework, discovery, and access in a virtualized network
US8873757B2 (en) 2012-10-19 2014-10-28 Qualcom Incorporated Methods and apparatus for providing network-assisted key agreement for D2D communications
US9119062B2 (en) 2012-10-19 2015-08-25 Qualcomm Incorporated Methods and apparatus for providing additional security for communication of sensitive information
WO2014088120A1 (en) 2012-12-06 2014-06-12 Nec Corporation Group authentication and key management for mtc
CN105027597B (zh) * 2013-01-17 2018-10-19 英特尔Ip公司 用于传递安全密钥信息的系统和方法
PT3490218T (pt) * 2013-01-30 2020-07-29 Ericsson Telefon Ab L M Geração de chave de segurança para conectividade dupla
KR102096895B1 (ko) * 2013-02-13 2020-04-03 삼성전자주식회사 무선 통신 시스템에서 기기간 직접 통신을 위한 초기 접속 방법 및 장치
EP2955897B1 (en) 2013-03-05 2018-08-01 Huawei Technologies Co., Ltd. Key interaction method and device
CN105103578A (zh) * 2013-04-05 2015-11-25 交互数字专利控股公司 安全端对端和组通信
EP2981147A4 (en) * 2013-04-22 2016-03-30 Huawei Tech Co Ltd METHOD AND DEVICE FOR ACCESSING A NETWORK AND NETWORK SYSTEM
CN105359563A (zh) * 2013-06-28 2016-02-24 日本电气株式会社 安全系统和进行安全通信的方法
CN105432058A (zh) * 2013-07-31 2016-03-23 日本电气株式会社 针对mtc组密钥管理的装置和方法
WO2015113197A1 (zh) 2014-01-28 2015-08-06 华为技术有限公司 一种加密数据的装置和方法
WO2016004397A1 (en) * 2014-07-03 2016-01-07 Huawei Technologies Co., Ltd. System and method for wireless network access protection and security architecture

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101039314A (zh) * 2006-03-16 2007-09-19 华为技术有限公司 一种在演进接入网络中实现安全性保证的方法
CN101299888A (zh) * 2008-06-16 2008-11-05 中兴通讯股份有限公司 密钥生成方法、切换方法、移动管理实体和用户设备
WO2012024905A1 (zh) * 2010-08-25 2012-03-01 中兴通讯股份有限公司 一种移动通讯网中数据加解密方法、终端和ggsn
CN102137393A (zh) * 2010-12-28 2011-07-27 华为技术有限公司 一种端到端的加密方法及装置
WO2014059657A1 (en) * 2012-10-19 2014-04-24 Nokia Corporation Method and device of generating a key for device-to-device communication between a first user equipment and a second user equipment

Also Published As

Publication number Publication date
WO2016069638A2 (en) 2016-05-06
US10455414B2 (en) 2019-10-22
EP3499840A1 (en) 2019-06-19
TWI672933B (zh) 2019-09-21
TW201624960A (zh) 2016-07-01
WO2016069638A3 (en) 2016-06-23
JP2020162128A (ja) 2020-10-01
EP3499840B1 (en) 2020-06-24
CN107079023A (zh) 2017-08-18
US20160127897A1 (en) 2016-05-05
JP6903006B2 (ja) 2021-07-14
EP3213481A2 (en) 2017-09-06
JP2017534204A (ja) 2017-11-16

Similar Documents

Publication Publication Date Title
CN107079023B (zh) 用于下一代蜂窝网络的用户面安全
CN113630773B (zh) 安全实现方法、设备以及系统
US11122405B2 (en) MTC key management for key derivation at both UE and network
CN107409133B (zh) 一种具有完全前向保密的认证与密钥协商的方法以及设备
CN102934470B (zh) 用于在通信系统中将订户认证与设备认证绑定的方法和装置
EP3216249B1 (en) Apparatuses and methods for wireless communication
US11799650B2 (en) Operator-assisted key establishment
US20110305339A1 (en) Key Establishment for Relay Node in a Wireless Communication System
US12063510B2 (en) Signalling storm mitigation in a secured radio access network
CN105376737B (zh) 机器到机器的蜂窝通信安全性
JP2018526869A (ja) 暗号化されたクライアントデバイスコンテキストを用いたネットワークアーキテクチャおよびセキュリティ
JP2013544471A (ja) 証明書検証およびチャネル結合
CN108377495A (zh) 一种数据传输方法、相关设备及系统
JP6123035B1 (ja) Twagとueとの間でのwlcpメッセージ交換の保護
WO2012024905A1 (zh) 一种移动通讯网中数据加解密方法、终端和ggsn
CN106465117B (zh) 一种终端接入通信网络的方法、装置及通信系统
CN120238862A (zh) 一种通信方法及装置
WO2017070973A1 (zh) 因特网协议安全性隧道建立方法,用户设备及基站
EP4097936A1 (en) Ipsec privacy protection
Southern et al. Wireless security: securing mobile UMTS communications from interoperation of GSM
van Noort et al. End-to-end security in lora and NB-IoT sensor networks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant