CN108432206B - 用于蜂窝物联网的无状态接入阶层安全性 - Google Patents

用于蜂窝物联网的无状态接入阶层安全性 Download PDF

Info

Publication number
CN108432206B
CN108432206B CN201680075922.6A CN201680075922A CN108432206B CN 108432206 B CN108432206 B CN 108432206B CN 201680075922 A CN201680075922 A CN 201680075922A CN 108432206 B CN108432206 B CN 108432206B
Authority
CN
China
Prior art keywords
key
integrity protection
ran node
small data
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201680075922.6A
Other languages
English (en)
Chinese (zh)
Other versions
CN108432206A (zh
Inventor
S·B·李
A·帕拉尼格朗德
A·E·艾斯科特
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN108432206A publication Critical patent/CN108432206A/zh
Application granted granted Critical
Publication of CN108432206B publication Critical patent/CN108432206B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0433Key management protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/16Gateway arrangements
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/18Network protocols supporting networked applications, e.g. including control of end-device applications over a network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Mobile Radio Communication Systems (AREA)
CN201680075922.6A 2015-12-23 2016-12-14 用于蜂窝物联网的无状态接入阶层安全性 Active CN108432206B (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201562387499P 2015-12-23 2015-12-23
US62/387,499 2015-12-23
US15/199,924 2016-06-30
US15/199,924 US10298549B2 (en) 2015-12-23 2016-06-30 Stateless access stratum security for cellular internet of things
PCT/US2016/066702 WO2017112491A2 (en) 2015-12-23 2016-12-14 Stateless access stratum security for cellular internet of things

Publications (2)

Publication Number Publication Date
CN108432206A CN108432206A (zh) 2018-08-21
CN108432206B true CN108432206B (zh) 2021-04-27

Family

ID=59088526

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201680075922.6A Active CN108432206B (zh) 2015-12-23 2016-12-14 用于蜂窝物联网的无状态接入阶层安全性

Country Status (7)

Country Link
US (2) US10298549B2 (https=)
EP (1) EP3395038B1 (https=)
JP (1) JP2019506779A (https=)
KR (1) KR102710873B1 (https=)
CN (1) CN108432206B (https=)
BR (1) BR112018012596A2 (https=)
WO (1) WO2017112491A2 (https=)

Families Citing this family (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3836586A1 (en) * 2015-04-22 2021-06-16 Convida Wireless, LLC Small data usage enablement in 3gpp networks
US10298549B2 (en) * 2015-12-23 2019-05-21 Qualcomm Incorporated Stateless access stratum security for cellular internet of things
RU2701703C1 (ru) * 2015-12-28 2019-09-30 Нек Корпорейшн Радиотерминал, радиостанция, узел базовой сети и способ связи в них
WO2017172912A1 (en) * 2016-03-29 2017-10-05 Alcatel-Lucent Usa Inc. Method and apparatus for clot device data transfer
US10433286B2 (en) * 2016-07-14 2019-10-01 Nokia Of America Corporation Layer 2 relay to support coverage and resource-constrained devices in wireless networks
US10271270B2 (en) * 2016-07-21 2019-04-23 Global Business Software Development Technologies, Inc. Reducing fraudulent activity associated with mobile networks
CN107666667B (zh) * 2016-07-29 2019-09-17 电信科学技术研究院 一种数据传输方法、第一设备及第二设备
CN108347416B (zh) * 2017-01-24 2021-06-29 华为技术有限公司 一种安全保护协商方法及网元
US11108755B2 (en) * 2017-03-30 2021-08-31 Convida Wireless, Llc Telecommunications apparatus and methods
EP3622736B1 (en) * 2017-05-08 2022-08-17 Telefonaktiebolaget LM Ericsson (Publ) Privacy key in a wireless communication system
US10841302B2 (en) * 2017-05-24 2020-11-17 Lg Electronics Inc. Method and apparatus for authenticating UE between heterogeneous networks in wireless communication system
DE102017008688A1 (de) * 2017-09-15 2019-03-21 Diehl Metering Systems Gmbh Verfahren zur Datenübertragung
CN109874127B (zh) * 2017-12-05 2022-05-17 中国电信股份有限公司 路由选择系统、方法、装置和计算机可读存储介质
CN109120409B (zh) * 2018-03-26 2021-05-28 泰山学院 一种用于物联网中安全通信的数字签名方法
US11877149B2 (en) * 2018-09-19 2024-01-16 Apple Inc. Protection of initial non-access stratum protocol message in 5G systems
EP3895400A1 (en) * 2018-12-11 2021-10-20 Sony Group Corporation Communications device, infrastructure equipment, core network equipment and methods
CN111432404B (zh) * 2019-01-09 2022-11-18 中兴通讯股份有限公司 信息处理方法及装置
US11431493B1 (en) * 2019-01-10 2022-08-30 Meta Platforms, Inc. Systems and methods for secure authentication
JP7317139B2 (ja) * 2019-04-02 2023-07-28 ノキア テクノロジーズ オサケユイチア ワイヤレス通信システムにおける制御プレーン上でのセルラー版モノのインターネット(ciot)データ転送のための方法および装置
TW202038675A (zh) * 2019-04-08 2020-10-16 新加坡商 聯發科技(新加坡)私人有限公司 從非接入層透明容器失敗恢復5g非接入層
US11228911B2 (en) * 2019-04-25 2022-01-18 Qualcomm Incorporated Physical layer security management
FR3106245B1 (fr) * 2020-01-09 2023-04-07 Sigfox Procédé d’émission et de réception d’un message comportant un identifiant chiffré du dispositif émetteur
WO2021160800A1 (en) * 2020-02-14 2021-08-19 Telefonaktiebolaget Lm Ericsson (Publ) Protecting capability information transfer in a wireless communication network
US11070982B1 (en) 2020-04-15 2021-07-20 T-Mobile Usa, Inc. Self-cleaning function for a network access node of a network
US11824881B2 (en) 2020-04-15 2023-11-21 T-Mobile Usa, Inc. On-demand security layer for a 5G wireless network
US11444980B2 (en) 2020-04-15 2022-09-13 T-Mobile Usa, Inc. On-demand wireless device centric security for a 5G wireless network
US11799878B2 (en) 2020-04-15 2023-10-24 T-Mobile Usa, Inc. On-demand software-defined security service orchestration for a 5G wireless network
US11115824B1 (en) 2020-05-14 2021-09-07 T-Mobile Usa, Inc. 5G cybersecurity protection system
US11206542B2 (en) 2020-05-14 2021-12-21 T-Mobile Usa, Inc. 5G cybersecurity protection system using personalized signatures
US11057774B1 (en) 2020-05-14 2021-07-06 T-Mobile Usa, Inc. Intelligent GNODEB cybersecurity protection system
CN113572801B (zh) * 2020-09-30 2022-08-12 中兴通讯股份有限公司 会话建立方法、装置、接入网设备及存储介质
CN112511549B (zh) * 2020-12-03 2023-03-31 珠海格力电器股份有限公司 一种数据传输方法、装置、设备和计算机可读存储介质
CN114143773A (zh) * 2021-11-23 2022-03-04 国网四川省电力公司南充供电公司 一种将终端接入apn专网的信息传输转发装置及方法
WO2023153972A1 (en) * 2022-02-09 2023-08-17 Telefonaktiebolaget Lm Ericsson (Publ) User equipment, network node and methods in a wireless communications network
CN117812584A (zh) * 2022-09-30 2024-04-02 华为技术有限公司 一种通信的方法和装置
GB2632465B (en) * 2023-08-10 2026-04-08 Nokia Technologies Oy Key generation for combined integrity and encryption algorithms
CN121079940A (zh) * 2024-04-03 2025-12-05 北京小米移动软件有限公司 信息处理方法、通信设备及存储介质
JP2025171779A (ja) * 2024-05-10 2025-11-20 Kddi株式会社 通信装置、通信方法及びコンピュータプログラム

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101656956A (zh) * 2008-08-22 2010-02-24 华为技术有限公司 一种接入3gpp网络的方法、系统和网关
CN101945387A (zh) * 2010-09-17 2011-01-12 中兴通讯股份有限公司 一种接入层密钥与设备的绑定方法和系统
US8660270B2 (en) * 2007-09-17 2014-02-25 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement in a telecommunication system
WO2014205697A1 (en) * 2013-06-26 2014-12-31 Nokia Corporation Methods and apparatus for generating keys in device-to-device communications
CN104322089A (zh) * 2012-05-23 2015-01-28 诺基亚公司 用于蜂窝网络的控制下的本地接入的密钥导出方法和设备
WO2015015714A1 (en) * 2013-07-31 2015-02-05 Nec Corporation Devices and method for mtc group key management

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8769611B2 (en) * 2007-05-31 2014-07-01 Qualcomm Incorporated Methods and apparatus for providing PMIP key hierarchy in wireless communication networks
EP2183697A4 (en) * 2007-06-18 2014-12-03 Ericsson Telefon Ab L M SECURITY FOR SOFTWARE-DEFINED WIRELESS DEVICES
CN101616408B (zh) 2008-06-23 2012-04-18 华为技术有限公司 密钥衍生方法、设备及系统
TWI410105B (zh) * 2008-12-01 2013-09-21 Inst Information Industry 無線網路架構之行動台、存取台、閘道裝置、基地台及其握手方法
CN102056159B (zh) * 2009-11-03 2014-04-02 华为技术有限公司 一种中继系统的安全密钥获取方法、装置
CN102143491B (zh) 2010-01-29 2013-10-09 华为技术有限公司 对mtc设备的认证方法、mtc网关及相关设备
US8850554B2 (en) 2010-02-17 2014-09-30 Nokia Corporation Method and apparatus for providing an authentication context-based session
US10051337B2 (en) * 2010-04-02 2018-08-14 Samsung Electronics Co., Ltd. Method and system for managing an encryption key for a broadcasting service
US20110312299A1 (en) * 2010-06-18 2011-12-22 Qualcomm Incorporated Methods and apparatuses facilitating synchronization of security configurations
KR20120067459A (ko) 2010-12-16 2012-06-26 삼성전자주식회사 서비스 제공업체와 이동망 사업자간의 기기간 단말별 서비스 인증 방법 및 장치
EP2847947B1 (en) * 2012-05-10 2020-12-23 Samsung Electronics Co., Ltd. Method and system for connectionless transmission during uplink and downlink of data packets
US10341859B2 (en) * 2012-10-19 2019-07-02 Nokia Technologies Oy Method and device of generating a key for device-to-device communication between a first user equipment and a second user equipment
CN104838679A (zh) * 2012-12-06 2015-08-12 日本电气株式会社 用于mtc的组认证和密钥管理
CN104854891A (zh) * 2012-12-06 2015-08-19 日本电气株式会社 用于从网络向ue发送密钥的mtc密钥管理
EP3087769A1 (en) * 2013-12-24 2016-11-02 Nec Corporation Apparatus, system and method for sce
WO2015166099A1 (en) * 2014-05-02 2015-11-05 Koninklijke Kpn N.V. Method and system for providing security from a radio access network
CN107637145B (zh) * 2015-06-11 2022-04-22 英特尔公司 蜂窝IoT网络架构
US10298549B2 (en) 2015-12-23 2019-05-21 Qualcomm Incorporated Stateless access stratum security for cellular internet of things

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8660270B2 (en) * 2007-09-17 2014-02-25 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement in a telecommunication system
CN101656956A (zh) * 2008-08-22 2010-02-24 华为技术有限公司 一种接入3gpp网络的方法、系统和网关
CN101945387A (zh) * 2010-09-17 2011-01-12 中兴通讯股份有限公司 一种接入层密钥与设备的绑定方法和系统
CN104322089A (zh) * 2012-05-23 2015-01-28 诺基亚公司 用于蜂窝网络的控制下的本地接入的密钥导出方法和设备
WO2014205697A1 (en) * 2013-06-26 2014-12-31 Nokia Corporation Methods and apparatus for generating keys in device-to-device communications
WO2015015714A1 (en) * 2013-07-31 2015-02-05 Nec Corporation Devices and method for mtc group key management

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"LS on new security work item for NB-IoT";Steve Babbage;《3GPP TSG SA WG3 (Security) Meeting #81》;20151113;全文 *
"Security aspects of connectionless Data Transmission";Samsung;《3GPP TSG SA WG3 (Security) Meeting #72》;20130712;第2.2节 *

Also Published As

Publication number Publication date
US10637835B2 (en) 2020-04-28
JP2019506779A (ja) 2019-03-07
WO2017112491A2 (en) 2017-06-29
US20170187691A1 (en) 2017-06-29
KR102710873B1 (ko) 2024-09-26
CN108432206A (zh) 2018-08-21
BR112018012596A2 (pt) 2018-12-04
EP3395038B1 (en) 2022-03-30
EP3395038A2 (en) 2018-10-31
US20190260717A1 (en) 2019-08-22
US10298549B2 (en) 2019-05-21
KR20180098251A (ko) 2018-09-03
WO2017112491A3 (en) 2017-08-03

Similar Documents

Publication Publication Date Title
CN108432206B (zh) 用于蜂窝物联网的无状态接入阶层安全性
TWI733675B (zh) 具有加密的客戶端設備上下文的網路架構和安全
CN113329006B (zh) 用于蜂窝物联网的网络安全架构
CN109417690B (zh) 核心网无连接小数据传递
CN107852600B (zh) 针对具有简化移动性过程的网络架构和安全的方法和装置
KR20180053373A (ko) 이동성 관리 엔티티 재배치를 수반하는 이동성 절차를 위한 장치 및 방법
TW201705780A (zh) 具有加密的網路可達性上下文的網路架構和安全

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant