CN110381554B

CN110381554B - Communication method, device, system and computer storage medium

Info

Publication number: CN110381554B
Application number: CN201910695690.XA
Authority: CN
Inventors: 晋英豪; 耿婷婷
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2018-06-21
Filing date: 2018-08-10
Publication date: 2021-04-09
Anticipated expiration: 2038-08-10
Also published as: WO2019242756A1; CN110381554A

Abstract

The embodiment of the application discloses a communication method and device, and relates to the technical field of communication. The terminal and the access network equipment can use the consistent security verification parameters to successfully realize the security verification in the process of the RNAU. The method can comprise the following steps: sending a first message to access network equipment, wherein the first message is used for requesting to recover Radio Resource Control (RRC) connection or requesting to update a radio access network notification area (RNAU); receiving a second message from the access network device, the second message including first information, the first information relating to the security verification parameters; and determining a security verification parameter according to the first information.

Description

Communication method, device, system and computer storage medium

The present application claims priority of chinese patent application with application number 201810646904.X entitled "communication method and apparatus" filed in 2018 on 21/06/21/2018, the entire contents of which are incorporated herein by reference.

Technical Field

The present application relates to the field of communications technologies, and in particular, to a communication method and apparatus.

Background

In a fifth Generation (5th Generation, 5G) system, a terminal may not notify a Network side if moving inside a Radio Access Network based notification Area (RNA) in a Radio Resource Control (RRC) deactivated state; if the terminal moves out of the RNA, the Network side is notified, for example, the terminal moves out of the RNA, and a Radio Access Network based notification Area Update (RNAU) is performed to notify the Network side.

When the terminal performs RNAU in the RRC deactivated state, a Message sent by the terminal to the base station to request recovery of RRC connection or request performing of RNAU carries security parameters generated based on the security verification parameters, such as an Integrity Message Authentication Code (MAC-I) or a short MAC-I (short MAC-I), which is a part of the Integrity MAC-I, for example, the lower 16 bits of the MAC-I. After receiving the security parameters, the base station verifies the security parameters by using the security verification parameters stored inside. Under the condition that the security verification parameters stored in the base station are consistent with input parameters (security verification parameters) of the security parameters carried in the messages requesting to recover RRC connection or requesting to perform RNAU, the security verification is successful; otherwise, the security check fails.

When the terminal carries out the RNAU for multiple times in the RRC deactivation state, the security verification parameters distributed to the terminal by the new service base station are acquired through a random access process every time the terminal requests the new service base station to recover the RRC connection or requests to carry out the RNAU; meanwhile, the terminal can also store security verification parameters distributed to the terminal by the anchor base station. In this way, the terminal can obtain a plurality of security verification parameters respectively allocated to the terminal by the plurality of base stations and the security verification parameter allocated to the terminal by the anchor base station in the plurality of RNAUs. When the terminal initiates the RNAU process again, the security verification parameters used this time need to be determined from the above security verification parameters to generate security parameters for carrying in the message requesting to recover the RRC connection or requesting to perform the RNAU. Only if the input parameter (security verification parameter) of the security parameter carried in the message requesting to recover the RRC connection or requesting to perform the RNAU is consistent with the security verification parameter used by the access network device for security verification, the security verification can be successful, and then the RNAU is successfully performed. How to determine the security verification parameters becomes an urgent problem to be solved in the RNAU.

Disclosure of Invention

The embodiment of the application provides a communication method, a communication device and a communication system, which can enable a terminal and an access network device to use consistent security verification parameters to successfully realize security verification in an RNAU process.

In order to achieve the above purpose, the embodiment of the present application adopts the following technical solutions:

in a first aspect, the present application provides a communication method and apparatus.

In one possible design, the method may include: sending a first message to the access network equipment, and receiving a second message from the access network equipment; the first message is used for requesting to recover RRC connection or requesting to perform RNAU, the second message comprises first information, the first information is related to security verification parameters, and the security verification parameters comprise: C-RNTI; and determining a security verification parameter according to the first information. In the method, the terminal determines whether the anchor access network equipment is replaced at the network side according to the indication of the access network equipment in the process of the RNAU so as to determine the security verification parameters, thus ensuring that the input parameters of the security parameters carried in the message of requesting to recover RRC connection or requesting to perform the RNAU are consistent with the security verification parameters stored by the access network equipment, and successfully realizing the security verification in the process of the RNAU.

In one possible design, the first information indicates whether the security verification parameter needs to be replaced, and the method for determining the security verification parameter according to the first information includes: determining whether the security verification parameters need to be replaced according to whether the first information is received; alternatively, it is determined whether the security verification parameter needs to be replaced according to the content of the first information. In this implementation manner, the terminal determines whether the security verification parameter needs to be changed according to the indication of the access network device, and realizes that the input parameter of the security parameter carried in the message requesting to recover the RRC connection or request to perform the RNAU is consistent with the security verification parameter stored by the access network device.

In one possible design, the first information represents security verification parameters, and the method of determining the security verification parameters based on the first information includes: determining a security verification parameter according to whether the first information is received; alternatively, the security verification parameter is determined from the content of the first information. In this implementation manner, the terminal determines the used security verification parameters according to the indication of the access network device, and the input parameters of the security parameters carried in the message requesting to recover the RRC connection or requesting to perform the RNAU are consistent with the security verification parameters stored by the access network device.

In one possible design, the security verification parameters further include: the physical layer cell identity PCI.

In one possible design, the second message includes an RRC release message or an RRC reject message or an RRC connection release message or an RRC connection reject message.

In a possible design, the first message is sent to the access network device in a first state, where the first state is that the context of the terminal is simultaneously reserved on the terminal and the access network side under the condition that the terminal and the access network side may not maintain uplink synchronization.

Correspondingly, the application also provides a communication device, and the device can realize the communication method of the first aspect. For example, the apparatus may be a terminal or a chip applied in the terminal, and may also be other apparatuses capable of implementing the communication method, and the method may be implemented by software, hardware, or by executing corresponding software through hardware.

In one possible design, the apparatus may include a processor and a memory. The processor is configured to enable the apparatus to perform the corresponding functions in the method of the first aspect. The memory is for coupling to the processor and holds the necessary program instructions and data for the device. In addition, the device can also comprise a communication interface for supporting the communication between the device and other devices. The communication interface may be a transceiver or a transceiver circuit.

In one possible design, the apparatus may include: the device comprises a sending module, a receiving module and a determining module. The sending module is used for sending a first message to the access network equipment, wherein the first message is used for requesting to recover RRC connection or requesting to update the RNAU in a notification area of the radio access network; the receiving module is configured to receive a second message from the access network device, where the second message includes first information, and the first information is related to a security authentication parameter, where the security authentication parameter includes: a cell radio network temporary identifier C-RNTI; the determining module is used for determining the security verification parameters according to the first information.

In one possible design, the first information indicates whether the security verification parameter needs to be replaced, and the determining module is specifically configured to determine whether the security verification parameter needs to be replaced according to whether the first information is received; alternatively, it is determined whether the security verification parameter needs to be replaced according to the content of the first information.

In one possible design, the first information represents a security verification parameter, and the determining module is specifically configured to determine the security verification parameter according to whether the first information is received; alternatively, the security verification parameter is determined from the content of the first information.

In a possible design, the sending module is specifically configured to send the first message to the access network device in a first state, where the first state is that the context of the terminal is simultaneously reserved on the terminal and the access network side under the condition that the terminal and the access network side may not maintain uplink synchronization.

The definition of the security verification parameter and the second message may refer to the method description, which is not described herein.

In a second aspect, the present application provides a communication method and apparatus.

In one possible design, the method may include: the method comprises the steps that first access network equipment receives a first message from a terminal in a first state, wherein the first message is used for requesting to recover Radio Resource Control (RRC) connection or requesting to update a radio access network notification area (RNAU), and the first state is that under the condition that the terminal and an access network side can not keep uplink synchronization, the context of the terminal is simultaneously reserved on the terminal and the access network side; and the first access network equipment sends a second message to the terminal.

In one possible design, the second message includes first information, the first information is related to security verification parameters, and the security verification parameters include: and the cell radio network temporary identifier C-RNTI. In the method, in the process of the RNAU, the new service access network equipment of the terminal sends indication information to the terminal to indicate whether anchor access network equipment is replaced on a network side or not and help the terminal to determine the security verification parameters, so that the input parameters of the security parameters carried in the message of requesting to recover RRC connection or requesting to perform the RNAU can be ensured to be consistent with the security verification parameters stored by the access network equipment, and the security verification in the process of the RNAU is successfully realized.

In one possible design, the first information indicates whether the security verification parameter needs to be replaced; alternatively, the first information represents a security verification parameter.

In one possible design, a first access network device sends a first request message to a second access network device, wherein the second access network device is an anchor access network device of a terminal, and the first request message is used for the first access network device to request the second access network device to acquire a terminal context; the first request message comprises first indication information, and the first indication information is used for indicating that the terminal requests an RNAU or requests to recover RRC connection or carries out uplink data transmission or uplink signaling transmission; and the first access network equipment receives the first feedback message from the second access network equipment, and the first access network equipment determines whether to perform terminal context transfer according to the first feedback message. In this implementation, the new serving access network device determines whether to perform context transfer of the terminal according to the message sent by the anchor access network device, so as to send indication information to the terminal to indicate whether the network side has replaced the anchor access network device.

In one possible design, the first request message is a request message for obtaining a context of the terminal, and the first feedback message is a feedback message for obtaining the context of the terminal.

In one possible design, the first request message includes a security verification parameter assigned by the first access network device to the terminal.

In a possible design, after the first access network device sends the second message to the terminal, if it is determined that the second message is not correctly received by the terminal, the first access network device sends failure indication information to the second access network device, where the failure indication information is used to indicate that the second message is not correctly received by the terminal. In this way, the second access network device can know whether the terminal correctly receives the second message.

In one possible design, the first feedback message includes a security verification parameter allocated by the second access network device to the terminal.

In a possible design, the first access network device determines whether to perform the context transfer of the terminal according to second indication information in the first feedback message, where the second indication information is used to indicate whether to perform the context transfer of the terminal.

In a possible design, the first access network device determines whether to perform context transfer of the terminal according to whether the first feedback message includes data radio bearer DRB configuration information corresponding to the terminal. In this implementation, if the anchor access network device determines not to replace the anchor access network device, the feedback message sent to the new serving access network device does not include the DRB configuration information.

In a possible design, the first access network device determines not to perform context transfer of the terminal after learning that the obtaining of the context of the terminal fails according to the first feedback message.

In one possible design, after the first access network device receives the first feedback message from the second access network device, the first access network device receives a PDCP data packet from the second access network device, where the PDCP data packet is a PDCP data packet corresponding to the terminal, and a third message included in the PDCP data packet corresponding to the terminal is the same as the second message. In the implementation mode, the anchor access network device generates related signaling in an RRC layer, and a PDCP layer generates a PDCP data packet and sends the PDCP data packet to the new service access network device through a third message; after the new service access network equipment receives the PDCP data packet, the PDCP layer is not required to process the received PDCP data packet; and the PDCP data packet is directly transmitted to the terminal through the second message. Therefore, the result of the RNAU process of the terminal and the configuration information of the network side to the terminal can be notified through the second message, and the RNAU is successfully realized.

In one possible design, before the first access network device receives the PDCP data packets from the second access network device, the first access network device sends address information to the second access network device, where the address information is used by the second access network device to send the PDCP data packets to the first access network device. In this implementation, the new serving access network device informs the anchor access network device of the destination address of the PDCP data packet to be sent.

Correspondingly, the application also provides a communication device, and the device can realize the communication method of the second aspect. For example, the apparatus may be an access network device or a chip applied in the access network device, and may also be other apparatuses capable of implementing the communication method, where the method may be implemented by software, hardware, or by executing corresponding software through hardware.

In one possible design, the apparatus may include a processor and a memory. The processor is configured to enable the apparatus to perform the corresponding functions of the method of the second aspect. The memory is for coupling to the processor and holds the necessary program instructions and data for the device. In addition, the device can also comprise a communication interface for supporting the communication between the device and other devices. The communication interface may be a transceiver or a transceiver circuit.

In one possible design, the apparatus may include: the device comprises a receiving module and a sending module. The receiving module is used for receiving a first message from a terminal in a first state, wherein the first message is used for requesting to recover RRC connection or requesting to update an RNAU (radio access network notification area), and the first state is that under the condition that the terminal and an access network side can not keep uplink synchronization, the context of the terminal is simultaneously reserved on the terminal and the access network side; the sending module is used for sending the second message to the terminal.

In one possible design, the second message includes first information, the first information is related to security verification parameters, and the security verification parameters include: and the cell radio network temporary identifier C-RNTI.

In one possible design, the apparatus may further include a determination module. The sending module is further configured to send a first request message to a second access network device, where the second access network device is an anchor access network device of the terminal, and the first request message is used for the first access network device to request the second access network device to obtain a context of the terminal; the terminal comprises first indication information, wherein the first indication information is used for indicating that the terminal requests an RNAU or requests to recover RRC connection or carries out uplink data transmission or uplink signaling transmission; the receiving module is further configured to receive a first feedback message from the second access network device; the determining module is used for determining whether to perform the context transfer of the terminal according to the first feedback message.

In one possible design, the determining module is further configured to determine whether the second message is correctly received by the terminal; if the determining module determines that the second message is not correctly received by the terminal, the sending module is further configured to send failure indication information to the second access network device, where the failure indication information is used to indicate that the second message is not correctly received by the terminal.

In a possible design, the determining module is specifically configured to determine whether to perform the context transfer of the terminal according to second indication information in the first feedback message, where the second indication information is used to indicate whether to perform the context transfer of the terminal.

In a possible design, the determining module is specifically configured to determine whether to perform context transfer of the terminal according to whether the first feedback message includes data radio bearer DRB configuration information corresponding to the terminal.

In a possible design, the determining module is specifically configured to determine not to perform context transfer of the terminal after learning that obtaining the context of the terminal fails according to the first feedback message.

In one possible design, the receiving module is further configured to receive a PDCP data packet from the second access network device, where the PDCP data packet is a PDCP data packet corresponding to the terminal, and a third message included in the PDCP data packet corresponding to the terminal is the same as the second message.

In one possible design, the sending module is further configured to send address information to the second access network device, where the address information is used for the second access network device to send the PDCP data packet to the first access network device.

In a third aspect, the present application provides a communication method and apparatus.

In one possible design, the method may include: the method comprises the steps that a second access network device receives a first request message from a first access network device, the first access network device is a new service access network device of a terminal, the second access network device is an anchor access network device of the terminal, the first request message is used for the first access network device to request the second access network device to acquire a terminal context, the first request message comprises first indication information, the first indication information is used for indicating that the terminal requests an RNAU or requests to recover RRC connection or performs uplink data transmission or performs uplink signaling transmission, and the first state is that the terminal context is simultaneously reserved on the terminal and the access network side under the condition that the terminal and the access network side can not keep uplink synchronization; and the second access network equipment sends a first feedback message to the first access network equipment, wherein the first feedback message is used for the first access network equipment to determine whether to perform terminal context transfer. In the method, the anchor access network device determines whether to replace the anchor access network device, and notifies the new service access network device, so that the new service access network device can notify the terminal network side whether to replace the anchor access network device. Therefore, the terminal can select the security verification parameters consistent with the access network equipment according to whether the anchor access network equipment is replaced on the network side to generate the security parameters, and the security verification is successfully carried out.

In one possible design, the first request message is a request message for acquiring a context of the terminal; the first feedback message is a message for acquiring context feedback of the terminal.

In one possible design, if the second access network device determines to replace the anchor access network device, the first feedback message includes a security verification parameter assigned by the second access network device to the terminal.

In a possible design, the first feedback message is used by the first access network device to determine whether to perform the context transfer of the terminal according to second indication information in the first feedback message, where the second indication information is used to indicate whether to perform the context transfer of the terminal.

In a possible design, the first feedback message is used by the first access network device to determine whether to perform context transfer of the terminal according to whether the first feedback message includes DRB configuration information corresponding to the terminal. In this implementation, if the anchor access network device determines not to replace the anchor access network device, the feedback message sent to the new serving access network device does not include the DRB configuration information.

In a possible design, the first feedback message is used for determining that the terminal context transfer is not performed after the first access network device learns that the terminal context acquisition has failed according to the first feedback message.

In a possible design, after the second access network device sends the first feedback message to the first access network device, the second access network device receives address information from the first access network device, where the address information is used for the second access network device to send a PDCP data packet corresponding to the terminal to the first access network device; the second access network device sends PDCP data packets to the first access network device. In the implementation mode, the anchor access network device generates related signaling in an RRC layer, and a PDCP layer generates a PDCP data packet and sends the PDCP data packet to the new service access network device through a third message; after the new service access network equipment receives the PDCP data packet, the PDCP layer is not required to process the received PDCP data packet; and the PDCP data packet is directly transmitted to the terminal through the second message. Therefore, the new service access network equipment can inform the result of the terminal RNAU process and the configuration information of the network side to the terminal through the second message, and successfully realize the RNAU.

In one possible design, the first request message further includes: and the first access network equipment distributes security verification parameters for the terminal.

In one possible design, the second access network device receives failure indication information from the first access network device, where the failure indication information is used to indicate that the second message is not correctly received by the terminal, and the second message is sent to the terminal by the first access network device; and the second access network equipment updates the stored security verification parameters into the security verification parameters distributed to the terminal by the second access network equipment. In this way, after the terminal fails to receive the second message, the second access network device may use the security verification parameter allocated to the terminal by the second access network device as the security verification parameter for performing the security verification in the next RNAU, and the security verification parameter is consistent with the security verification parameter reported by the terminal, thereby ensuring that the security verification is successfully performed in the next RNAU.

Correspondingly, the application also provides a communication device, and the device can implement the communication method of the third aspect. For example, the apparatus may be an access network device or a chip applied in the access network device, and may also be other apparatuses capable of implementing the communication method, where the method may be implemented by software, hardware, or by executing corresponding software through hardware.

In one possible design, the apparatus may include a processor and a memory. The processor is configured to enable the apparatus to perform the corresponding functions of the method of the third aspect. The memory is for coupling to the processor and holds the necessary program instructions and data for the device. In addition, the device can also comprise a communication interface for supporting the communication between the device and other devices. The communication interface may be a transceiver or a transceiver circuit.

In one possible design, the apparatus may include: the device comprises a receiving module and a sending module. The receiving module is used for receiving a first request message from a first access network device, the first access network device is a new service access network device of a terminal, a second access network device is an anchor access network device of the terminal, the first request message is used for the first access network device to request the second access network device to acquire a terminal context, the first request message comprises first indication information, the first indication information is used for indicating that the terminal requests an RNAU or requests to recover RRC connection or performs uplink data transmission or performs uplink signaling transmission, and the first state is that the terminal context is simultaneously reserved on the terminal and the access network side under the condition that the terminal and the access network side can not keep uplink synchronization; the sending module is configured to send a first feedback message to the first access network device, where the first feedback message is used by the first access network device to determine whether to perform the context transfer of the terminal.

In a possible design, the first feedback message is used by the first access network device to determine whether to perform context transfer of the terminal according to whether the first feedback message includes DRB configuration information corresponding to the terminal.

In a possible design, the receiving module is further configured to receive address information from the first access network device, where the address information is used for the second access network device to send a PDCP data packet corresponding to the terminal to the first access network device. The sending module is further configured to send the PDCP data packet to the first access network device.

In one possible design, the receiving module is further configured to receive failure indication information from the first access network device, where the failure indication information is used to indicate that the second message is not correctly received by the terminal, and the second message is sent to the terminal by the first access network device; the receiving module is further configured to update the stored security verification parameter to a security verification parameter allocated to the terminal by the second access network device.

In a fourth aspect, the present application provides a communication method and apparatus.

In one possible design, the method may include: sending a first message to access network equipment, wherein the first message is used for requesting to recover RRC connection or requesting to perform RNAU; the access network device is a new service access network device of the terminal, the first message includes a security parameter, the security parameter is generated by using a security verification parameter as an input parameter, and the security verification parameter includes: a cell radio network temporary identifier C-RNTI; the safety verification parameters are distributed to the terminal by the service access network equipment in the last RNAU process of the access network equipment by the terminal; a second message is received from the access network device, the second message being a response message to the first message.

Correspondingly, the present application also provides a communication device, which can implement the communication method described in the fourth aspect. For example, the apparatus may be a terminal or a chip applied in the terminal, and may also be other apparatuses capable of implementing the communication method, and the method may be implemented by software, hardware, or by executing corresponding software through hardware.

In one possible design, the apparatus may include a processor and a memory. The processor is configured to enable the apparatus to perform the corresponding functions of the method of the fourth aspect. The memory is for coupling to the processor and holds the necessary program instructions and data for the device. In addition, the device can also comprise a communication interface for supporting the communication between the device and other devices. The communication interface may be a transceiver or a transceiver circuit.

In one possible design, the apparatus may include: the device comprises a sending module and a receiving module. The sending module is used for sending a first message to the access network equipment, wherein the first message is used for requesting to recover RRC connection or requesting to perform RNAU; the access network device is a new service access network device of the terminal, the first message includes a security parameter, the security parameter is generated by using a security verification parameter as an input parameter, and the security verification parameter includes: a cell radio network temporary identifier C-RNTI; the safety verification parameters are distributed to the terminal by the service access network equipment in the last RNAU process of the access network equipment by the terminal; the receiving module is used for receiving a second message from the access network equipment, wherein the second message is a response message of the first message.

In a fifth aspect, the present application provides a communication method and apparatus.

In one possible design, the method may include: sending a first message to access network equipment, wherein the first message is used for requesting to recover RRC connection or requesting to perform RNAU; the access network device is a new service access network device of the terminal, the first message includes a security parameter, the security parameter is generated by using a security verification parameter as an input parameter, and the security verification parameter includes: a cell radio network temporary identifier C-RNTI; the security verification parameters are distributed to the terminal by the anchor access network equipment in the last RNAU process of the RNAU process performed by the access network equipment by the terminal; a second message is received from the access network device, the second message being a response message to the first message.

Correspondingly, the application also provides a communication device, and the device can realize the communication method of the fifth aspect. For example, the apparatus may be a terminal or a chip applied in the terminal, and may also be other apparatuses capable of implementing the communication method, and the method may be implemented by software, hardware, or by executing corresponding software through hardware.

In one possible design, the apparatus may include a processor and a memory. The processor is configured to enable the apparatus to perform the corresponding functions of the method of the fifth aspect. The memory is for coupling to the processor and holds the necessary program instructions and data for the device. In addition, the device can also comprise a communication interface for supporting the communication between the device and other devices. The communication interface may be a transceiver or a transceiver circuit.

In one possible design, the apparatus may include: the device comprises a sending module and a receiving module. The sending module is used for sending a first message to the access network equipment, wherein the first message is used for requesting to recover RRC connection or requesting to perform RNAU; the access network device is a new service access network device of the terminal, the first message includes a security parameter, the security parameter is generated by using a security verification parameter as an input parameter, and the security verification parameter includes: a cell radio network temporary identifier C-RNTI; the security verification parameters are distributed to the terminal by the anchor access network equipment in the last RNAU process of the RNAU process performed by the access network equipment by the terminal; the receiving module is used for receiving a second message from the access network equipment, wherein the second message is a response message of the first message.

The present application also provides a computer-readable storage medium having stored therein instructions, which when run on a computer, cause the computer to perform the method of any of the above aspects.

The present application also provides a computer program product comprising instructions which, when run on a computer, cause the computer to perform the method of any of the above aspects.

The present application further provides a chip system, which includes a processor and a memory, and is configured to implement the method according to any one of the above aspects.

The present application provides a communication system comprising the above-mentioned apparatus for implementing the method of the first aspect, the above-mentioned apparatus for implementing the method of the second aspect, and the above-mentioned apparatus for implementing the method of the third aspect.

Any one of the above-provided apparatuses, computer storage media, computer program products, chip systems, or communication systems is configured to execute the above-provided corresponding methods, and therefore, the beneficial effects that can be achieved by the apparatuses, the computer storage media, the computer program products, the chip systems, or the communication systems can refer to the beneficial effects of the corresponding schemes in the above-provided corresponding methods, and are not described herein again.

Drawings

Fig. 1 is a first schematic diagram of a system architecture to which the technical solution provided by the embodiment of the present application is applied;

fig. 2 is a second schematic diagram of a system architecture to which the technical solution provided by the embodiment of the present application is applied;

fig. 3 is a third schematic diagram of a system architecture to which the technical solution provided by the embodiment of the present application is applied;

fig. 4 is a schematic diagram of a communication method according to an embodiment of the present application;

fig. 4-1 is a schematic diagram of a communication method according to an embodiment of the present application;

fig. 5 is a first schematic structural diagram of a communication device according to an embodiment of the present disclosure;

fig. 6 is a second schematic structural diagram of a communication device according to an embodiment of the present application;

fig. 7 is a third schematic structural diagram of a communication device according to an embodiment of the present application;

fig. 8 is a fourth schematic structural diagram of a communication device according to an embodiment of the present application;

fig. 9 is a schematic structural diagram of a communication device according to an embodiment of the present application;

fig. 10 is a sixth schematic structural diagram of a communication device according to an embodiment of the present application.

Detailed Description

The following describes in detail a communication method, an apparatus, and a system provided in an embodiment of the present application with reference to the drawings.

The technical scheme provided by the application can be applied to various communication systems, such as a 5G New Radio (NR) system, a future evolution system or a plurality of communication fusion systems and the like. A variety of application scenarios may be included, for example, scenarios such as Machine to Machine (M2M), D2M, macro and micro Communication, enhanced Mobile internet (eMBB), Ultra high reliability and Ultra Low Latency Communication (URLLC), and mass internet of things Communication (mtc), which may include but are not limited to: a communication scenario between the UE and the UE, a communication scenario between the network device and the network device, a communication scenario between the network device and the UE, and the like.

The technical solution provided in the embodiment of the present application may be applied to a system architecture as shown in fig. 1, where the communication system may include an access network 100 and a terminal 200.

The access network 100 includes an access network device 101, an access network device 102, and an access network device 103.

The access network device is mainly used to provide access services for the terminal 200, such as implementing functions of radio physical control, resource scheduling and radio resource management, radio access control, and mobility management. The Access Network device may be a Radio Access Network (RAN) device, such as a base station (NodeB, NB), AN evolved node b (eNB), or a 5G-AN/5G-RAN node, where the 5G-AN/5G-RAN node may be: an access node, a next generation base station (gNB), a Transmission Receive Point (TRP), a Transmission Point (TP), or some other access node. Specifically, the access network device corresponds to a service coverage area, and a terminal entering the service coverage area can communicate with the access network device through a wireless signal so as to receive the wireless access service provided by the access network device. The access network device 101, the access network device 102, and the access network device 103 may be the same type of access network device, for example, the access network device 101, the access network device 102, and the access network device 103 are all gnbs; the access network device 101, the access network device 102, and the access network device 103 may also be different types of access network devices, for example, the access network device 101 and the access network device 102 are gnbs, and the access network device 103 is an eNB; this is not limited in this application.

The access network devices may establish a connection therebetween, and the terminal 200 may be connected to the access network device 101, the access network device 102, or the access network device 103 through a wireless air interface.

Terminal 200 can be an access terminal, User Equipment (UE) unit, UE station, mobile station, remote terminal, mobile device, UE terminal, wireless communication device, UE agent, or UE device, and the like. An access terminal may be a cellular telephone, a cordless telephone, a Session Initiation Protocol (SIP) phone, a Wireless Local Loop (WLL) station, a Personal Digital Assistant (PDA), a handheld device with wireless communication capabilities, a computing device or other processing device connected to a wireless modem, a vehicle mounted device, a wearable device, a terminal in a 5G network or a terminal in a future evolved PLMN network, etc.

It should be noted that the system architecture shown in fig. 1 is only for example and is not used to limit the technical solution of the present application. It should be understood by those skilled in the art that in the specific implementation process, other devices, such as a core network device, may also be included in the system architecture, and the number of access network devices and terminals may also be configured according to specific needs.

The communication method and the communication device provided by the embodiment of the application can be applied to a terminal, and the terminal comprises a hardware layer, an operating system layer running on the hardware layer and an application layer running on the operating system layer. The hardware layer includes hardware such as a Central Processing Unit (CPU), a Memory Management Unit (MMU), and a Memory (also referred to as a main Memory). The operating system may be any one or more computer operating systems that implement business processing through processes (processes), such as a Linux operating system, a Unix operating system, an Android operating system, an iOS operating system, or a windows operating system. The application layer comprises applications such as a browser, an address list, word processing software, instant messaging software and the like. In the embodiment of the present application, a specific structure of an execution main body of a communication method is not particularly limited in the embodiment of the present application, as long as the communication method according to the embodiment of the present application can perform communication by running a program recorded with a code of the communication method according to the embodiment of the present application, for example, the execution main body of the communication method provided in the embodiment of the present application may be a terminal, or a functional module in the terminal that can call the program and execute the program, or a communication device applied to the terminal, for example, a chip, and the present application is not limited thereto.

In one example, the protocol stack architecture and functions of a conventional base station are divided into two parts, one part is called a Central Unit (CU), and the other part is called a Distributed Unit (DU), and the actual deployment manner of the CU and the DU is flexible, for example, CU parts of a plurality of base stations are integrated together to form a functional entity with a larger scale. Fig. 2 is a schematic diagram of a network architecture according to an embodiment of the present application. As shown in fig. 2, the network architecture includes an access network (RAN, for example) device and a terminal. The RAN device includes a baseband device and a radio frequency device, where the baseband device may be implemented by one node or by multiple nodes, and the radio frequency device may be implemented independently by being pulled away from the baseband device, may also be integrated in the baseband device, or may be partially pulled away and partially integrated in the baseband device. For example, the gNB includes a baseband device and a Radio frequency device, where the Radio frequency device may be arranged in a Remote manner with respect to the baseband device (e.g., a Radio Remote Unit (RRU) is arranged with respect to a baseband processing Unit (BBU)), and the RAN apparatus is implemented by a node, and the node is configured to implement functions of Protocol layers such as Radio Resource Control (RRC), Packet Data Convergence Protocol (PDCP), Radio Link Control (RLC), Media Access Control (MAC), and the like. As another example, in an evolved structure, a baseband device may include a Centralized Unit (CU) and a Distributed Unit (DU), and a plurality of DUs may be centrally controlled by one CU. As shown in fig. 2, the CU and the DU may be divided according to protocol layers of the radio network, for example, functions of PDCP and above protocol layers are provided in the CU, and functions of RLC and MAC and the like are provided in the DU.

This division of the protocol layers is only an example, and it is also possible to divide the protocol layers at other protocol layers, for example, at the RLC layer, and the functions of the RLC layer and the protocol layers above are set in the CU, and the functions of the protocol layers below the RLC layer are set in the DU; alternatively, the functions are divided into some protocol layers, for example, a part of the functions of the RLC layer and the functions of the protocol layers above the RLC layer are provided in the CU, and the remaining functions of the RLC layer and the functions of the protocol layers below the RLC layer are provided in the DU. In addition, the processing time may be divided in other manners, for example, by time delay, a function that needs to satisfy the time delay requirement for processing is provided in the DU, and a function that does not need to satisfy the time delay requirement is provided in the CU.

In addition, the radio frequency device may be pulled away, not placed in the DU, or integrated in the DU, or partially pulled away and partially integrated in the DU, which is not limited herein.

In addition, please refer to fig. 3, in contrast to the architecture shown in fig. 2, the Control Plane (CP) and the User Plane (UP) of the CU may be separated and implemented by being divided into different entities, i.e., a Control Plane CU entity (CU-CP entity) and a User Plane CU entity (CU-UP entity), respectively.

In the above network architecture, the signaling/data generated by the CU may be transmitted to the terminal through the DU, or the signaling/data generated by the terminal may be transmitted to the CU through the DU. The DU may pass through the protocol layer encapsulation directly to the terminal or CU without parsing the signaling/data. In the following embodiments, if transmission of such signaling/data between the DU and the terminal is involved, the transmission or reception of the signaling/data by the DU includes such a scenario. For example, the signaling of the RRC or PDCP layer is finally processed into the signaling/data of the physical layer (PHY) to be transmitted to the terminal, or converted from the received signaling/data of the PHY layer. Under this architecture, the signaling/data of the RRC or PDCP layer can also be considered to be transmitted by the DU, or by the DU and the radio frequency.

In the above embodiment, the CU is divided into network devices in the RAN, and furthermore, the CU may also be divided into network devices in the core network, which is not limited herein. The network architectures shown in fig. 2 and 3 may be applied to a 5G communication system, which may also share one or more components or resources with the LTE system.

The apparatus in the following embodiments of the present application may be located in a terminal or an access network device according to the implemented functions. When the above structure of CU-DU is adopted, the access network device may be a CU node, or a DU node, or a RAN device including the functions of the CU node and the DU node. For example, the access network device 101, the access network device 102, and the access network device 103 in fig. 1 may be respectively one CU node or one DU node in fig. 2 or fig. 3, or RAN devices including CU node and DU node functions.

In this application, the communication method may be executed by an access network device and a terminal, or may be an apparatus, such as a chip, applied to the access network device and the terminal, or another apparatus for implementing the communication method. The access network device and the terminal are used to perform the above communication method.

The following explains some of the terms referred to in this application:

1. first state

The first state has the following characteristics: under the condition that the terminal and the access network side can not keep uplink synchronization, the context of the terminal is simultaneously reserved on the terminal and the access network side.

It is understood that when the terminal transitions from the first state to the RRC connected state, there is no need to reactivate the link between the anchor base station and the core network control plane network element, for example, the NG2 link. Illustratively, the first state may be a state newly defined in 5G — RRC deactivated state.

It should be noted that, in the embodiment of the present application, the first state is taken as an example of an RRC deactivation state for illustration, and in actual use, the first state may also have other names, which is not limited in the present application. The first state is different from the RRC active state and the RRC idle state.

2. Security verification parameters

When the terminal performs the RNAU in the RRC deactivated state, the message requesting to recover the RRC connection or requesting to perform the RNAU carries security parameters, such as MAC-I or short MAC-I. The security parameters are generated by using the security verification parameters as input parameters, namely the input parameters of the security parameters are the security verification parameters. After the access network equipment receives the security parameters, if the security verification parameters stored at the access network equipment side are determined to be consistent with the input parameters of the security parameters received from the terminal, the security verification is successful; otherwise, the security check fails. For example, the input parameters (i.e., the security verification parameters) of the security parameter MAC-I may include a Cell Radio Network Temporary Identifier (C-RNTI), and may further include at least one of a Physical Cell Identity (PCI) and a target Cell Identity (T-Cell Id). And after the terminal generates the MAC-I according to the C-RNTI, the PCI and the T-Cell ID, the MAC-I is carried in a message requesting to recover RRC connection or requesting to perform RNAU. After the access network equipment receives the MAC-I, the C-RNTI, the PCI and the T-Cell ID corresponding to the received MAC-I and the C-RNTI, the PCI and the T-Cell ID stored by the access network equipment are respectively checked, and if the input parameters of the received MAC-I are consistent with the C-RNTI, the PCI and the T-Cell ID stored by the access network equipment, the security check is successful.

3、RNA

A RAN-based Notification Area (RNA) may be composed of one cell or a plurality of cells. The multiple cells may belong to one access network device or multiple access network devices. The access network devices in one RNA may be the same type of access network device or different types of access network devices, for example, the access network devices in one RNA may all be gnbs, and the access network devices in one RNA may also include an eNB and a gNB.

When the terminal in the RRC deactivated state moves inside the RNA, the terminal may not notify the network side, and only perform mobility based on the terminal, such as cell reselection; when the terminal moves to a cell other than the RNA, the terminal needs to inform the network side to perform a location update operation, such as RNAU.

4. Anchor access network equipment and new service access network equipment

The anchor access network device is an access network device that retains a context of a terminal, and a control plane link of the terminal is provided between the anchor access network device and a core network (for example, when the core network needs to send a signaling to the terminal in the RRC deactivated state, a signaling packet is sent to the anchor access network device), for example, the anchor access network device may be an access network device (last serving node) that serves the terminal last time. The new service access network device is relative to the anchor access network device, and refers to an access network device in which the terminal keeps downlink synchronization with the terminal or the cell of the access network device keeps synchronization with the terminal in the moving process after the terminal enters the first state; the terminal receives the broadcast signal from the new serving access network device and may receive signaling from the new serving access network device over the air interface.

The term "plurality" herein means two or more. The terms "first" and "second" herein are used to distinguish between different objects, and are not used to describe a particular order of objects. For example, the first indication information and the second indication information are only used for distinguishing different indication information, and the sequence order of the indication information is not limited. The term "and/or" herein is merely an association describing an associated object, meaning that three relationships may exist, e.g., a and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone.

In the embodiments of the present application, words such as "exemplary" or "for example" are used to mean serving as an example, instance, or illustration. Any embodiment or design described herein as "exemplary" or "e.g.," is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, use of the word "exemplary" or "such as" is intended to present concepts related in a concrete fashion.

When the RRC deactivated terminal performs RNAU, in some cases, the terminal does not actually move out of RNA, e.g., the RRC deactivated terminal performs periodic RNAU. In case the terminal does not remove the RNA, no context transfer between the new serving access network device and the anchor access network device may take place in order to reduce the signaling overhead. In some cases, in the RNAU process, the terminal changes the anchor access network device, for example, the location of the cell of the new service access network device to which the terminal belongs and the location of the cell of the anchor access network device are far from each other and are greater than a preset threshold value, the anchor access network device of the terminal determines the new service access network device of the terminal as the new anchor access network device of the terminal, and the original anchor access network device transfers the context of the terminal to the new anchor access network device.

Illustratively, the terminal 200 in fig. 1 accesses the network through the access network device 101, the access network device 101 is an anchor access network device of the terminal 200, and the access network device 101 allocates a C-RNTI, such as C-RNTI1, to the terminal 200. In the access network device 101, the terminal 200 transitions from the RRC connected state to the RRC deactivated state. The terminal 200 moves to the access network device 102, requests the access network device 102 to recover the RRC connection or requests RNAU, and the access network device 102 allocates a C-RNTI, such as C-RNTI2, to the terminal 200. The terminal 200 acquires two C-RNTIs, namely C-RNTI1 and C-RNTI 2. The terminal 200 initiates the RNAU again, and requests the access network device 103 to recover the RRC connection or to perform the RNAU. The message that the terminal 200 requests the access network device 103 to recover the RRC connection or request RNAU includes MAC-I (or short MAC-I), where the MAC-I (or short MAC-I) is generated by using the C-RNTI as an input parameter, and the terminal 200 needs to select one of the C-RNTI1 and the C-RNTI 2.

If the terminal 200 moves to the access network device 102, the anchor access network device is not replaced (no terminal context transfer is performed), and the anchor access network device is the access network device 101. After the access network device 103 receives the message requesting to recover the RRC connection or request to perform RNAU sent by the terminal 200, the MAC-I (or short MAC-I) in the message is transmitted to the anchor access network device, which is the access network device 101 to perform security check. If the MAC-I (or short MAC-I) carried in the message requesting to recover the RRC connection or request to perform the RNAU sent by the terminal 200 to the access network device 103 is generated based on the C-RNTI2 allocated to the terminal 200 by the access network device 102, after receiving the MAC-I (or short MAC-I), the access network device 103 sends the MAC-I (or short MAC-I) to the anchor access network device (access network device 101) for security check. The C-RNTI of the terminal 200 stored by the access network device 101 is C-RNTI1, and if the C-RNTI stored by the access network device 101 is not consistent with the C-RNTI corresponding to the MAC-I (or short MAC-I) carried in the message requesting to restore the RRC connection or requesting to perform the RNAU, the security check fails.

If the terminal 200 moves to the access network device 102, the anchor access network device is replaced (the terminal context transfer is performed), and the anchor access network device is replaced with the access network device 102. After the access network device 103 receives the message requesting to recover the RRC connection or request to perform RNAU sent by the terminal 200, the MAC-I (or short MAC-I) in the message is transmitted to the access network device 102 for security check. If the MAC-I (or short MAC-I) carried in the message requesting to recover the RRC connection or request to perform the RNAU sent by the terminal 200 to the access network device 103 is generated based on the C-RNTI1 allocated to the terminal 200 by the access network device 101, after receiving the MAC-I (or short MAC-I), the access network device 103 sends the MAC-I (or short MAC-I) to the anchor access network device (access network device 102) for security check. The C-RNTI of the terminal 200 stored by the access network device 102 is C-RNTI2, and if the C-RNTI stored by the access network device 102 is not consistent with the C-RNTI corresponding to the MAC-I (or short MAC-I) carried in the message requesting to restore the RRC connection or requesting to perform the RNAU, the security check fails.

It can be seen that, if the terminal 200 does not know whether the anchor access network device is replaced in the RNAU (the terminal context transfer is performed), when the RNAU is performed again, the security verification parameter corresponding to the security parameter sent to the access network device may be inconsistent with the security verification parameter stored by the anchor access network device, resulting in a failure of security verification.

The first embodiment is as follows:

the embodiment of the present application provides a communication method, which may be applied to the communication system shown in fig. 1, where a terminal selects a security verification parameter according to an instruction of an access network device, and it is ensured that a security verification parameter corresponding to a security parameter sent by the terminal to the access network device is consistent with a security verification parameter used by the access network device for security verification. As shown in fig. 4, the method may include S101-S113:

s101, the terminal and the first access network equipment perform a random access process.

Illustratively, the terminal is the terminal 200 in fig. 1, the terminal 200 is in an RRC deactivated state, the anchor access network device of the terminal 200 is the access network device 101 in fig. 1, and the terminal obtains a security verification parameter allocated to the terminal by the anchor access network device, taking C-RNTI as an example, such as C-RNTI 1. Then, the terminal 200 moves to the first access network device and initiates an RNAU; the first access network device is a new serving access network device of the terminal RNAU, for example, the first access network device is the access network device 102 in fig. 1.

Optionally, in this embodiment of the present application, the random access procedure performed by the terminal and the first access network device may include two steps: (1) the terminal sends a random access preamble to the access network equipment; (2) and the access network equipment sends a random access response message to the terminal. Through the random access process, the terminal obtains the security verification parameters, such as the C-RNTI2, allocated to the terminal by the first access network device.

It should be noted that, in the embodiment of the present application, the security verification parameter is taken as C-RNTI for example, and in practical application, the security verification parameter may be any parameter for performing security verification. For example, the security verification parameters include C-RNTI and Physical Cell Identity (PCI). This is not limited in this application.

S102, the terminal sends a first message to the first access network device.

Specifically, the terminal sends a first message to the first access network device, where the first message is used to request to recover RRC connection, or request to perform RNAU, or request to perform uplink data transmission, or request to perform uplink signaling transmission. Illustratively, the terminal 200 sends a first message to the access network device 102, requesting to recover the RRC connection, or requesting to perform an RNAU, or requesting to perform uplink data transmission, or requesting to perform uplink signaling transmission. In one implementation, the first message may be an RRC recovery Request (RRC Resume Request) message or an RRC Connection recovery Request (RRC Connection Resume Request) message. The first message comprises a security parameter, such as MAC-I or short MAC-I, wherein the security parameter is generated by taking a security verification parameter as an input parameter. Illustratively, the RRC recovery request message sent by the terminal 200 to the access network device 102 includes a short MAC-I, where the short MAC-I is generated by using the C-RNTI1 as an input parameter. For example, C-RNTI1 may be assigned by access network device 101 to terminal 200 during a request by terminal 200 for random access with an anchor access network device (access network device 101 in fig. 1).

In one implementation, the RRC recovery request message (or RRC connection recovery request message) includes a first cause value, where the first cause value is used to indicate a reason for initiating the RRC recovery request message (or RRC connection recovery request message). Illustratively, if the terminal determines that the RRC recovery request message is sent to the first access network device due to a request to perform a periodic RNAU, the first cause value is the RNAU.

S103, the first access network equipment receives a first message sent by the terminal.

S104, the first access network equipment sends a first request message to the second access network equipment.

The second access network device is an anchor access network device of the terminal, and exemplarily, the second access network device is the access network device 101 in fig. 1.

The first access network equipment sends a first request message to the second access network equipment, wherein the first request message is used for the first access network equipment to request the second access network equipment to acquire a terminal context; illustratively, the first Request message is a Retrieve UE Context Request (Retrieve UE Context Request) message.

In one implementation, the first request message includes first indication information, where the first indication information is used to indicate that the terminal requests the RNAU or requests to recover the RRC connection or requests to perform uplink data transmission or request to perform uplink signaling transmission. In one implementation, the first indication information indicates that the terminal has requested a periodic RNAU.

In one implementation, the first request message includes identification information of the current serving cell. And the second access network equipment judges whether the context of the terminal can not be transferred or not according to the first indication information and the identification information of the current service cell.

The request message for obtaining the terminal context further includes security parameters received by the first access network device from the terminal, where the security parameters are used for the second access network device to perform security verification on the terminal, that is, to verify the validity of the terminal.

S105, the second access network device receives the first request message sent by the first access network device.

Specifically, the second access network device determines, according to the first indication information in the first request message, that the terminal requests the RNAU or requests to recover the RRC connection or requests to perform uplink data transmission or requests to perform uplink signaling transmission.

And the second access network equipment carries out security verification according to the security parameters in the first request message. Illustratively, the security verification parameter corresponding to the security parameter in the first request message received by the access network device 101 from the access network device 102 is C-RNTI1, the security verification parameter of the terminal 200 stored by the access network device 101 is C-RNTI1, and the two are consistent and the security check is successful.

Further, the second access network device determines whether to perform a terminal context transfer. It should be noted that, in the present application, performing context transfer of a terminal may also be expressed as replacing an anchor access network device or performing a path transfer process, and the three may be replaced with each other.

In one implementation, the terminal context transfer is determined not to be performed if the second access network device determines that the current procedure is a periodic RNAU procedure. In one implementation, in a case that the second access network device determines that the current process is a periodic RNAU process, the second access network device determines whether to perform context transfer of the terminal according to a distance between a cell that the terminal requests to move to the second access network device and a cell that the terminal anchor point is at the anchor access network device. If the distance between the cell of the second access network device and the cell of the anchor access network device of the terminal anchor point is larger than a preset threshold value, the second access network device determines to transfer the context of the terminal; otherwise, the second access network equipment determines not to perform the terminal context transfer. Illustratively, the target cell for the terminal 200 to request the periodic RNAU is a cell 1 of the first access network device (access network device 102), and the cell that the terminal 200 anchors at the anchor access network device is a cell 2 of the second access network device (access network device 101); if the distance between the cell 1 of the access network device 102 and the cell 2 of the access network device 101 is greater than a preset threshold value, the second access network device determines to replace the anchor access network device, determines the first access network device as a new anchor access network device of the terminal, and performs context transfer of the terminal, and the original anchor access network device (the second access network device) transfers the context of the terminal to the new anchor access network device (the first access network device). If the distance between the cell 1 of the access network device 102 and the cell 2 of the access network device 101 is smaller than or equal to the preset threshold value, the second access network device determines not to replace the anchor access network device, and does not perform context transfer of the terminal.

The manner of determining, by the second access network device, whether the current procedure is the periodic RNAU procedure may include: the first indication information terminal requests the periodic RNAU, and the second access network equipment determines whether the current process is the periodic RNAU process according to the first indication information. Or the second access network equipment determines whether the process is a periodic RNAU process according to the first indication information and the identification information of the current serving cell; for example, the first indication information indicates that the terminal has requested an RNAU, and the second access network device determines that the RNA that was most recently allocated to the terminal includes the current serving cell according to the identification information of the current serving cell, and then determines that the process is a periodic RNAU process.

S106, the second access network equipment sends a first feedback message to the first access network equipment.

Specifically, the first feedback message may be used for the first access network device to determine whether to perform the terminal context transfer. Illustratively, the first feedback message may be a Retrieve UE Context Response (Retrieve UE Context Response) message or a Retrieve UE Context Failure (Retrieve UE Context Failure) message.

In an implementation manner, the second access network device sends a Retrieve UE Context Response (Retrieve UE Context Response) message to the first access network device, where the Retrieve UE Context Response message includes second indication information, and the second indication information is used to indicate whether to perform terminal Context transfer, or to indicate whether to replace the anchor access network device, or to indicate whether to perform a path transfer process, or to indicate whether an RRC signaling needs to be transferred from the second access network device to the first access network device. Illustratively, the second access network device sends a response message for acquiring the terminal context to the first access network device, wherein the response message includes second indication information, and if the second indication information is 0, the second access network device indicates that the terminal context transfer is not performed; if the second indication information is 1, indicating that the context transfer of the terminal is carried out; or the second indication information is true (true) and indicates that the terminal context transfer is not performed, and the second indication information is false (false) and indicates that the terminal context transfer is performed; or the second indication information is null (that is, the second indication information is not included in the acquisition terminal context response message), which indicates that the terminal context transfer is performed.

In one implementation manner, the second access network device sends a Retrieve UE Context Response (Retrieve UE Context Response) message to the first access network device, where the Retrieve UE Context Response message includes Radio Bearer (RB) information corresponding to the terminal. And the first access network equipment determines whether to transfer the terminal context according to whether the Radio Bearer information in the acquired terminal context response message includes Data Radio Bearer (DRB) configuration information corresponding to the terminal. Or, the first access network device determines whether to perform the context transfer of the terminal according to whether the Radio Bearer information in the obtained terminal context response message only includes Signaling Radio Bearer (SRB) 1 configuration information corresponding to the terminal. For example, if the radio bearer information included in the acquisition terminal context response message includes only the SRB1 configuration information and does not include the DRB configuration information, it indicates that the terminal context transfer is not performed; and if the acquired terminal context response message includes the SRB1 configuration information of the terminal and includes the DRB configuration information of the terminal, indicating that the terminal context transfer is performed.

In one implementation, the SRB1 configuration information included in the get terminal context response message may include at least one of: the second access network device performs RLC layer configuration for the terminal, MAC layer configuration for the terminal, PHY layer configuration for the terminal, and logical channel configuration for the terminal. The SRB1 configuration information is SRB1 configuration information of the terminal, and is used to notify the first access network device of SRB1 configuration information currently reserved on the terminal side, so that the first access network device configures SRB1 configuration information consistent with the SRB1 configuration information reserved on the terminal side.

In an implementation manner, the second access network device sends a terminal Context Failure (Retrieve UE Context Failure) message to the first access network device, where the terminal Context Failure message is used to indicate that terminal Context transfer is not performed. Illustratively, the acquisition terminal context failure message includes a second cause value, and the second cause value indicates that the terminal context transfer is not performed. Illustratively, the terminal context acquisition failure message includes third indication information, and the third indication information indicates that the terminal context transfer is not performed.

In an implementation manner, the obtaining of the terminal context response message may further include a PDCP data packet, where the PDCP data packet is a PDCP data packet corresponding to the terminal. In one implementation, the second access network device generates an RRC message at an RRC layer, and performs processing, such as security ciphering and integrity protection, at a PDCP layer of the second access network device to generate PDCP data packets. After obtaining the PDCP data packet, the first access network device may process the PDCP data packet only in the RLC layer, the MAC layer, and the PHY layer.

It should be noted that, if the acquiring terminal context response message includes the PDCP data packet, the embodiment of the present application may not include S108 to S111. The specific implementation manner may be determined according to actual situations, and is not limited in the present application.

S107, the first access network device receives the first feedback message sent by the second access network device.

And the first access network equipment determines whether to transfer the terminal context according to the first feedback message.

In one implementation, if it is determined that the context transfer of the terminal is performed, the first access network device determines that the terminal enters an RRC connected state, or an RRC deactivated state or an RRC idle state, and generates a corresponding RRC message to send to the terminal.

In one implementation, if it is determined that the context transfer of the terminal is not performed and the first feedback message sent by the second access network device to the first access network device does not include a PDCP data packet, the first access network device determines to set the terminal in an RRC deactivated state and sends an RRC connection reject message to the terminal.

In addition, S108 to S111 are optional steps below.

S108, the first access network device sends the address information to the second access network device.

Specifically, the address information is used for the second access network device to send the PDCP data packet corresponding to the terminal to the first access network device. Illustratively, the address information is a transport layer address, or a tunnel port identifier, or both the transport layer address and the tunnel port identifier. In one implementation, the first access network device sends Address information to the second access network device through a Forwarding Address Indication (Forwarding Indication) message.

S109, the second access network equipment receives the address information sent by the first access network equipment.

S110, the second access network equipment sends a PDCP data packet corresponding to the terminal to the first access network equipment.

And the second access network equipment sends the PDCP data packet corresponding to the terminal to the first access network equipment according to the address information. In one implementation, the PDCP data packet is a PDCP packet of a third message, and the third message is an RRC message. Illustratively, the second access network device generates the third message at the RRC layer, and the second access network device processes the third message at the PDCP layer of the second access network device, generating a PDCP data packet. The third message comprises first information, and the first information is related to the security verification parameters.

S111, the first access network equipment receives the PDCP data packet corresponding to the terminal.

In one implementation, the second access network device generates signaling at the RRC layer, and performs processing, such as security ciphering and integrity protection, at the PDCP layer of the second access network device to generate PDCP data packets. Illustratively, the second access network device generates the third message at the RRC layer, and the second access network device processes the third message at the PDCP layer of the second access network device, generating a PDCP data packet. After receiving the PDCP packet, the first access network device may process the PDCP packet only at the RLC layer, the MAC layer, and the PHY layer.

And S112, the first access network equipment sends a second message to the terminal.

In one implementation, after receiving the PDCP data packet corresponding to the terminal, the first access network device directly performs processing on and below the RLC layer without parsing, and sends the RLC data packet to the terminal device, that is, sends the second message to the terminal device. For example, the second message may include an RRC Release (RRC Release) message or an RRC Reject (RRC Reject) message or an RRC Connection Release (RRC Connection Release) message or an RRC Connection Reject (RRC Connection Reject) message. In one implementation manner, a PDCP data packet corresponding to the terminal received by the first access network device includes a third message, and the first access network device does not perform RRC layer analysis on the PDCP data packet, directly performs processing on and below an RLC layer, and sends the RLC data packet to the terminal device, that is, sends a second message to the terminal device; and the third message and the second message included in the PDCP data packet corresponding to the terminal are the same.

The second message includes first information, the first information relating to a security verification parameter. The first information is related to the security verification parameter, that is, the first information is used to instruct the terminal to determine the security verification parameter, and for example, the first information may indicate whether the security verification parameter needs to be replaced, or the first information indicates the security verification parameter, or the first information indicates an indication (e.g., deactivation state RNTI, (Inactive RNTI, I-RNTI)) that the second access network device is allocated for the terminal in the first state. The terminal can determine whether the anchor access network equipment is replaced in the RNAU according to the first information, namely whether the context transfer of the terminal is performed; thus, when the RNAU is determined to be initiated again, the RRC connection is requested to be recovered or the input parameters (security verification parameters) of the security parameters carried in the message of the RNAU are requested to be performed.

In one implementation, if the first access network device does not receive the PDCP data packet corresponding to the terminal sent by the second access network device, (e.g., the context response message of the terminal does not include the PDCP data packet corresponding to the terminal), the second message may be an RRC reject message or an RRC connection reject message, which is used to indicate whether the terminal changes the anchor access network device in the current RNAU; wherein the RRC reject message or the RRC connection reject message does not include the PDCP data packet corresponding to the terminal. For example, if the RRC reject message or the RRC connection reject message includes the waiting time, the terminal considers that the periodic RNAU has failed due to congestion, and thus the terminal may reinitiate the RRC connection recovery request after the waiting time is expired; if the RRC message does not comprise the waiting time, the terminal considers that the periodic RNAU is successful, but the network side does not replace the anchor access network equipment, so the terminal continues to be kept in an RRC deactivation state. In another example, the RRC reject message or the RRC connection reject message carries fourth indication information, and the terminal determines whether to update the security verification parameter according to the fourth indication information. Illustratively, the fourth indication information indicates whether the anchor access network device is replaced, or indicates whether a context transfer of the terminal is performed, or indicates whether a security verification parameter needs to be replaced. For example, the terminal may determine whether to replace the anchor access network device by setting the waiting time in the RRC reject message or the RRC connection reject message, for example, if the waiting time included in the RRC reject message or the RRC connection reject message is the same as the period of the periodic RNAU, the terminal considers that the periodic RNAU is successful, but the network side does not replace the anchor access network device, so the terminal continues to be maintained in the RRC deactivated state; otherwise, the terminal considers that the periodic RNAU fails due to congestion, so the terminal can reinitiate the RRC connection recovery request after the waiting time is overtime; for another example, if the waiting time included in the RRC reject message or the RRC connection reject message is set to 0, the terminal considers that the periodic RNAU is successful, but the network side does not change the anchor access network device, so the terminal continues to remain in the RRC deactivated state; otherwise, the terminal considers that the periodic RNAU fails due to congestion, so the terminal can reinitiate the RRC connection recovery request after the waiting time is overtime; for another example, if the waiting time included in the RRC reject message or the RRC connection reject message is set to infinity, the terminal considers that the periodic RNAU is successful, but the network side does not change the anchor access network device, and thus the terminal continues to remain in the RRC deactivated state; otherwise, the terminal considers that the periodic RNAU fails due to congestion, and thus the terminal re-initiates the RRC connection recovery request after the waiting time is expired.

And S113, the terminal receives the second message sent by the first access network equipment.

In one implementation manner, the terminal determines whether the anchor access network device is replaced in the current RNAU according to the first information in the second message, that is, whether the first access network device and the second access network device perform the terminal context transfer.

In one implementation, the first information indicates whether the security verification parameter needs to be replaced. And the terminal determines whether the security verification parameters need to be replaced according to whether the first information is received. Illustratively, if the terminal determines that the first information in the second message is empty, it is determined that the first access network device and the second access network device do not perform the terminal context transfer, and the security authentication parameter is not replaced. The terminal reserves the C-RNTI1 allocated by the anchor access network device (second access network device), and when the RNAU is initiated again, the terminal requests to recover RRC connection or requests to perform MAC-I (or short MAC-I) input parameters carried in the message of the RNAU to be C-RNTI 1. And if the terminal determines that the first information in the second message is not empty, determining that the first access network equipment and the second access network equipment perform terminal context transfer, and replacing the security verification parameters. And the terminal replaces the stored C-RNTI with the C-RNTI2 allocated by the new service access network equipment (first access network equipment), and when the RNAU is initiated again, the terminal requests to recover RRC connection or requests to perform MAC-I (or short MAC-I) input parameters carried in the message of the RNAU to be C-RNTI 2. It should be noted that, here, the first information is null, which indicates that the first access network device and the second access network device do not perform the terminal context transfer and do not change the security authentication parameter, but in practical applications, the first information may also be null, which indicates that the first access network device and the second access network device perform the terminal context transfer and change the security authentication parameter, or adopt other indication methods, which is not limited in this embodiment of the application.

In one implementation, the first information indicates whether the security verification parameter needs to be replaced. And the terminal determines the security verification parameters according to the content of the first information. Illustratively, the first information is 0, which indicates that the first access network device and the second access network device do not perform the terminal context transfer and do not change the security authentication parameter. The terminal reserves the C-RNTI1 allocated by the anchor access network device (second access network device), and when the RNAU is initiated again, the terminal requests to recover RRC connection or requests to perform MAC-I (or short MAC-I) input parameters carried in the message of the RNAU to be C-RNTI 1. The first information is 1, which indicates that the first access network device and the second access network device perform terminal context transfer, and replace the security verification parameter. And the terminal replaces the stored C-RNTI with the C-RNTI2 allocated by the new service access network equipment (first access network equipment), and when the RNAU is initiated again, the terminal requests to recover RRC connection or requests to perform MAC-I (or short MAC-I) input parameters carried in the message of the RNAU to be C-RNTI 2. It should be noted that, here, the first information is 0, which indicates that the first access network device and the second access network device do not perform the terminal context transfer and do not change the security authentication parameter, and in practical applications, the first information may also be 0, which indicates that the first access network device and the second access network device perform the terminal context transfer and change the security authentication parameter, or indicate whether the terminal context transfer is performed by using other numerical values, which is not limited in this embodiment of the application.

In one implementation, the first information represents security verification parameters. And the terminal determines the security verification parameters according to whether the first information is received. Illustratively, if the terminal determines that the first information in the second message is empty, it is determined that the first access network device and the second access network device perform terminal context transfer, and when the terminal initiates the RNAU again, the terminal generates a security parameter by using the C-RNTI2 allocated by the new serving access network device (the first access network device), and requests to recover the RRC connection or requests to perform an input parameter of the MAC-I (or short MAC-I) carried in the message of the RNAU is C-RNTI 2. If the terminal determines that the first information in the second message is not null, for example, the first information is C-RNTI1 allocated to the anchor access network device (second access network device), it is determined that the first access network device and the second access network device do not perform context transfer, when the terminal initiates the RNAU again, the terminal generates security parameters by using C-RNTI1 allocated to the anchor access network device (second access network device), and requests to recover the RRC connection or requests to perform MAC-I (or short MAC-I) input parameters carried in the message of the RNAU are C-RNTI 1. That is, when the terminal initiates the RNAU again, the terminal requests to recover the RRC connection or requests to perform the C-RNTI value of the first information for the input parameter of the MAC-I (or short MAC-I) carried in the message of the RNAU. It should be noted that, the first information effective value is taken as an example of the C-RNTI allocated to the second access network device, and in practical applications, the first information effective value may also be taken as the C-RNTI allocated to the first access network device, or other representation methods may be adopted, which is not limited in this embodiment of the present application.

In one implementation, the first information represents security verification parameters. The terminal determines the security verification parameter according to the content of the first information, for example, when the terminal initiates the RNAU again, the terminal requests to recover the RRC connection or requests to perform input parameters of MAC-I (or short MAC-I) carried in the message of the RNAU to adopt the C-RNTI value of the first information. Illustratively, the first information is C-RNTI2 allocated to the new serving access network device (first access network device), which indicates that the first access network device and the second access network device perform context transfer, and when the terminal initiates the RNAU again, the terminal generates security parameters by using C-RNTI2 allocated to the new serving access network device (first access network device), and requests to recover the RRC connection or requests to perform MAC-I (or short MAC-I) input parameters carried in a message of the RNAU are C-RNTI 2. The first information is C-RNTI1 allocated by anchor access network equipment (second access network equipment), which indicates that the first access network equipment and the second access network equipment do not perform terminal context transfer, and when the terminal initiates the RNAU again, the terminal generates security parameters by using C-RNTI1 allocated by the anchor access network equipment (second access network equipment), and requests to recover RRC connection or requests to perform input parameters of MAC-I (or short MAC-I) carried in a message of the RNAU, wherein the input parameters are C-RNTI 1. Note that, the first information is described here as C-RNTI1 or C-RNTI2, but the first information may be other values in practical application, and the present embodiment is not limited thereto.

In an implementation manner, the first information indicates that the second access network device is an identifier I-RNTI allocated to the terminal in the first state, if the I-RNTI included in the second message is the same as the I-RNTI currently reserved by the terminal, it indicates that the first access network device and the second access network device do not perform context transfer, and when the terminal initiates the RNAU again, the terminal generates the security parameter by using the C-RNTI1 allocated by the anchor access network device (the second access network device). And if the I-RNTI included in the second message is different from the I-RNTI currently reserved by the terminal, the terminal context transfer between the first access network equipment and the second access network equipment is represented, when the terminal initiates the RNAU again, the C-RNTI2 allocated by the new service access network equipment (the first access network equipment) is adopted to generate a security parameter, and the input parameter of the MAC-I (or short MAC-I) carried in the message requesting to recover the RRC connection or requesting to perform the RNAU is C-RNTI 2.

In the foregoing various implementation manners, the first access network device indicates, to the terminal, whether the first access network device and the second access network device perform the terminal context transfer through the first information. And if the terminal determines that the first access network equipment and the second access network equipment perform the terminal context transfer, when the RNAU is initiated again, requesting to recover the RRC connection or requesting to perform the input parameters (security verification parameters) of the security parameters carried in the message of the RNAU as the security verification parameters allocated to the terminal by the new service access network equipment. And if the terminal determines that the first access network equipment and the second access network equipment do not perform the terminal context transfer, when the RNAU is initiated again, requesting to recover the RRC connection or requesting to perform the input parameters (security verification parameters) of the security parameters carried in the RNAU message as the security verification parameters allocated to the terminal by the anchor access network equipment.

Illustratively, the terminal 200 moves to the access network device 102 through the RNAU, and after a preset period, the terminal 200 initiates the RNAU again. The terminal 200 sends a first message to the access network device 103 to request recovery of RRC connection or request RNAU, where an input parameter of a security parameter carried in the first message sent to the access network device 103 is a security verification parameter determined by the terminal according to the first information received in S113. For example, the terminal 200 determines that the terminal context transfer is not performed in the process of moving from the access network device 101 to the access network device 102, and the anchor access network device of the terminal 200 is the access network device 101; an input parameter of a security parameter carried in a first message sent by the terminal 200 to the access network device 103 is a security verification parameter C-RNTI1 allocated to an anchor access network device (access network device 101); after receiving the security parameters in the first message, the access network device 103 sends the security parameters reported by the terminal 200 to an anchor access network device (access network device 101); the access network device 101 performs security check, and determines that the input parameter C-RNTI1 of the security parameter reported by the terminal 200 is consistent with the security verification parameter C-RNTI1 stored in the access network device 101, and the security check is successful. For example, the terminal 200 determines that the terminal context transfer is performed in the process of moving from the access network device 101 to the access network device 102, and the anchor access network device of the terminal 200 is replaced with the access network device 102; an input parameter of the security parameter carried in the first message sent by the terminal 200 to the access network device 103 is a security verification parameter C-RNTI2 allocated to the new serving access network device (a new anchor access network device, i.e., the access network device 102); after receiving the security parameters in the first message, the access network device 103 sends the security parameters reported by the terminal 200 to a new anchor access network device (access network device 102); the access network equipment 102 performs security check, and determines that the input parameter C-RNTI2 of the security parameter reported by the terminal 200 is consistent with the security verification parameter C-RNTI2 stored in the access network equipment 102, and the security check is successful.

According to the communication method provided by the embodiment of the application, in each RNAU process, the new service access network equipment sends the indication information to the terminal to indicate whether the terminal context transfer is performed in the RNAU at this time, namely whether the anchor access network equipment is replaced. And the terminal determines to request to recover RRC connection or request to carry out input parameters of the safety parameters carried in the RNAU message in the process of initiating the RNAU again according to the indication information. If the anchor access network equipment is not replaced in the RNAU, initiating the input parameters of the safety parameters carried in the message requesting to recover RRC connection or requesting to perform RNAU again as the safety verification parameters distributed by the anchor access network equipment for the terminal; if the anchor access network equipment is replaced in the current RNAU, initiating the security verification parameters again in the RNAU, wherein the input parameters of the security parameters carried in the message requesting to recover RRC connection or requesting to perform RNAU are the security verification parameters allocated to the terminal by the new anchor access network equipment (namely the new service access network equipment in the process of the current RNAU). And ensuring that the input parameters (security verification parameters) of the security parameters reported by the terminal in the RNAU are consistent with the security verification parameters used by the access network equipment for security verification, and successfully realizing the security verification.

Example two:

in the second embodiment, an interaction flow among the terminal device, the first access network device, and the second access network device is similar to the interaction flow among the terminal device, the first access network device, and the second access network device in the first embodiment, and the embodiment of the present application is not illustrated in the drawings. The method of the second embodiment is different from the method of the first embodiment mainly in that the implementation manners of S104, S105, S112, and S113 may be different, and are herein denoted as S104 ', S105', S112 ', and S113'.

In S104', the first request message sent by the first access network device to the second access network device may further include a security verification parameter allocated by the first access network device to the terminal. For example, the first request message sent by the access network device 102 to the access network device 101 includes the C-RNTI2 allocated by the access network device 102 to the terminal 200.

In S105', after the second access network device receives the first request message sent by the first access network device, the second access network device may further store the security verification parameter, which is carried in the first request message and is allocated to the terminal by the first access network device. For the next time the terminal performs security verification of the RRC connection recovery procedure or the RNAU procedure.

S112', the first access network device sends a second message to the terminal.

The difference from S112 in the first embodiment is: in a possible implementation manner, in this embodiment, the second message in S112' may not include the first information.

It should be noted that, in one possible implementation, S112' may also be the same as S112 in the first embodiment, which is not limited in this application.

S113', the terminal receives the second message sent by the first access network device.

The difference from S113 in the first embodiment is: and when the second message does not comprise the first information, the terminal receives the second message sent by the first access network equipment and determines that the state of the terminal is an RRC (radio resource control) deactivation state. And in the process that the terminal initiates the RNAU again, requesting to recover RRC connection or requesting to carry out input parameters of the safety parameters carried in the RNAU message, namely the safety verification parameters obtained from the new service access network equipment in the random access process in the RNAU. For example, the anchor access network device of terminal 200 in fig. 1 is access network device 101, and the C-RNTI allocated for terminal 200 is C-RNTI 1; in the random access process in the RNAU, the C-RNTI allocated to the terminal 200 by the new service access network equipment (access network equipment 102) is C-RNTI 2; the terminal 200 initiates the RNAU again, and sends a request to resume RRC connection to the access network device 103 or a request to perform MAC-I (or short MAC-I) input parameter carried in the message of the RNAU is the C-RNTI2 acquired from the access network device 102 in the random access process in the current RNAU. If the terminal does not replace the anchor access network device in the RNAU performed by the access network device 102, after receiving the security parameter in the first message, the access network device 103 sends the security parameter reported by the terminal 200 to the anchor access network device (the access network device 101); the access network equipment 101 performs security verification; in S205, the anchor access network device (access network device 101) stores the security verification parameter C-RNTI2 allocated to the terminal 200 by the new serving access network device (access network device 102) carried in the first request message, and determines that the input parameter C-RNTI2 of the security parameter reported by the terminal 200 is consistent with the security verification parameter C-RNTI2 stored in the access network device 101, so that the security verification is successful. If the terminal replaces the anchor access network device in the RNAU performed by the access network device 102, the new anchor access network device is the access network device 102; after receiving the security parameters in the first message, the access network device 103 sends the security parameters reported by the terminal 200 to a new anchor access network device (access network device 102); the access network equipment 102 performs security check, and determines that the input parameter C-RNTI2 of the security parameter reported by the terminal 200 is consistent with the security verification parameter C-RNTI2 stored in the access network equipment 102, and the security check is successful.

It should be noted that, in one possible implementation manner, S113' may also be the same as S113 in the first embodiment, and this is not limited in this application.

According to the communication method provided by the embodiment of the application, in each RNAU process, the new service access network equipment sends the security verification parameters distributed for the terminal to the anchor point access network equipment. And in the process that the terminal initiates the RNAU again, the terminal requests to recover RRC connection or requests to carry out input parameters of the security parameters carried in the RNAU message as security verification parameters allocated to the terminal by the new service access network equipment. No matter whether the anchor access network equipment is replaced in the current RNAU, the input parameter (security verification parameter) of the security parameter, which is required to recover the RRC connection or carried in the message of the RNAU, and the security verification parameter, which is used for the security verification by the access network equipment, in the RNAU are both the security verification parameter allocated to the terminal by the new service access network equipment in the current RNAU. And ensuring that the input parameters (security verification parameters) of the security parameters reported by the terminal in the RNAU are consistent with the security verification parameters used by the access network equipment for security verification, and successfully realizing the security verification.

Further, in the second embodiment S112 ', after the first access network device sends the second message to the terminal, due to the air interface channel condition or the air interface congestion, the second message sent by the first access network device to the terminal may not be received by the terminal, that is, the terminal does not perform S113'. If the terminal does not receive the second message in the current RNAU, when the RNAU is initiated again, the input parameter of the safety parameter carried in the message requesting to recover RRC connection or requesting to carry out RNAU is the safety verification parameter distributed for the terminal by the anchor point access network equipment in the current RNAU; in S105', the second access network device stores the security verification parameter allocated by the first access network device to the terminal, and is used to initiate security verification of the RNAU again, so that the security verification parameter used by the access network device for security verification is the security verification parameter allocated by the new serving access network device to the terminal in the current RNAU, and thus, when the RNAU is initiated again, the input parameter (security verification parameter) of the security parameter reported by the terminal is inconsistent with the security verification parameter used by the access network device for security verification, which may cause security verification failure.

Further, in the communication method provided in the second embodiment of the present application, in the RNAU, if the access network device determines that the second message is not correctly received by the terminal, it is determined that the RNAU process fails, and when the terminal initiates the RNAU process again, a security verification parameter allocated to the terminal by the anchor access network device in the RNAU is used for security verification, so that it can be ensured that an input parameter (security verification parameter) of the security parameter reported by the terminal in the RNAU again is consistent with a security verification parameter used by the access network device for security verification. In conjunction with fig. 4, as shown in fig. 4-1, the method may further include S114-S116:

and S114, the first access network equipment determines whether the second message is correctly received by the terminal.

After the first access network device sends the second message to the terminal, the first access network device may further determine whether the second message is correctly received by the terminal.

In an implementation manner, after the first access network device sends the second message to the terminal, a waiting timer may be started, and if the first access network device receives a fourth message sent by the terminal before the waiting timer expires, for example, receives an ack (acknowledgement) of an RLC sent by the terminal, it is determined that the second message is correctly received by the terminal; and if the first access network equipment does not receive the fourth message sent by the terminal after the undetermined timers are overtime, determining that the second message is not correctly received by the terminal. Wherein the fourth message is used to indicate that the second message is correctly received by the terminal. Illustratively, the second message includes an RRC Release (RRC Release) message or an RRC Reject (RRC Reject) message or an RRC Connection Release (RRC Connection Release) message or an RRC Connection Reject (RRC Connection Reject) message, and accordingly, the fourth message may include an RRC Release acknowledgement (RRC Release acknowledgement) message or an RRC Reject acknowledgement (RRC Reject acknowledgement) message or an RRC Connection Release acknowledgement (RRC Connection Reject acknowledgement) message or an RRC Connection Reject acknowledgement (RRC Connection Reject acknowledgement) message.

If it is determined that the second message is not correctly received by the terminal, S115 is performed.

S115, the first access network device sends failure indication information to the second access network device.

And if the first access network equipment determines that the second message is not correctly received by the terminal, sending failure indication information to the second access network equipment, wherein the failure indication information is used for indicating that the second message is not correctly received by the terminal.

For example, the failure indication information may be information included in a message in the prior art, for example, the failure indication information is carried in a message specified by the current standard to indicate that the second message is not correctly received by the terminal; alternatively, the failure indication information may be a newly defined message, where the newly defined message is used to indicate that the second message is not correctly received by the terminal, for example, the message type information may indicate that the second message is not correctly received by the terminal; the embodiment of the present invention does not limit this.

And S116, the second access network equipment receives the failure indication information.

After the second access network device receives the failure indication information from the first access network device, the second access network device saves the security verification parameters allocated by the second access network device for the terminal to perform security verification in the RRC connection recovery process or the RNAU process next time. Exemplarily, in S105', after the second access network device receives the first request message sent by the first access network device, the second access network device stores the security verification parameter, which is carried in the first request message and is allocated to the terminal by the first access network device; then, in S116, the second access network device receives the failure indication information, determines that the RRC connection recovery process or the RNAU process requested by the terminal fails, and updates the stored security verification parameter allocated to the terminal by the first access network device to the security verification parameter allocated to the terminal by the second access network device, so that the second access network device can perform security verification on the RRC connection recovery process or the RNAU process next time. In the communication method, in each RNAU process, if the new service access network equipment determines that the second message is not correctly received by the terminal, the anchor access network equipment is instructed to use the security verification parameters distributed to the terminal by the anchor access network equipment for the security verification of the next RNAU; in the process that the terminal initiates the RNAU again, requesting to recover RRC connection or requesting to carry out input parameters of safety parameters carried in the RNAU message as safety verification parameters distributed to the terminal by the anchor access network equipment; in this way, in the second initiation of the RNAU, the input parameter (security verification parameter) of the security parameter, which is carried in the message requesting to recover the RRC connection or requesting to perform the RNAU, and the security verification parameter used by the access network device for security verification are both security verification parameters allocated to the terminal by the anchor access network device in the RNAU, so that the input parameter (security verification parameter) of the security parameter reported by the terminal in the RNAU is consistent with the security verification parameter used by the access network device for security verification, and the security verification is successfully performed.

Further, in one implementation, if the terminal determines that the second message is not received correctly after sending the first message to the first access network device, the priority of the first access network device may be reduced in a next reselection process. For example, the reselection priority may be reduced for frequencies corresponding to a cell served by the first access network device or a cell served by the first access network device. In this way, the probability of repeated failure of the reselection process may be reduced, for example, reselection to a fake base station may be avoided.

Next, the communication method and the beneficial effects provided by the second embodiment are introduced in combination with the application scenario.

Illustratively, the terminal is the terminal 200 in fig. 1, the anchor access network device of the terminal 200 is the access network device 101 in fig. 1, and the access network device 102 in fig. 1 is a pseudo base station.

In a first phase, the terminal 200 sends a first message (e.g., an RRC recovery request message) to the access network device 102. The first access network device of this time RNAU is the access network device 102. Thereafter, the terminal 200 receives a second message (e.g., an RRC release message) sent by the access network device 102, where the second message includes the waiting timer information. Thus, the terminal 200 may resend the first message to the access network device 102 after waiting for a period of time, e.g., after waiting for the timer to expire. Illustratively, in the first phase, the terminal 200 does not replace the anchor access network device.

In the second stage, after the access network device 102 (pseudo base station) receives the first message sent by the terminal 200, the access network device 102 may be pseudo-configured as a terminal, and send the first message to an access network device (for example, the access network device 103 in fig. 1) as a terminal access network, at this time, the first access network device of the current RNAU is the access network device 103, and the second access network device (anchor access network device) is the access network device 101. According to the communication method provided in the second embodiment, in S105', after the second access network device (the access network device 101 in fig. 1) receives the first request message sent by the first access network device (the access network device 103), the access network device 101 may store the security verification parameter, which is carried in the first request message and is allocated to the terminal by the first access network device (the access network device 103). And at S112', the first access network device (access network device 103) sends a second message to the terminal (access network device 102). If the access network device 103 does not receive the fourth message sent by the terminal (access network device 102) after the waiting timer expires, it is determined that the second message is not correctly received by the terminal (access network device 102). The first access network device (access network device 103) sends failure indication information to the second access network device (access network device 101), and after the access network device 101 receives the failure indication information, the security verification parameters allocated by the second access network device (access network device 101) to the terminal (access network device 102) are stored, so that the security verification parameters are used for the security verification of the next RRC connection recovery process or the RNAU process by the terminal (access network device 102).

In this way, in the process of performing the RNAU by the terminal (access network device 102) the next time, the input parameter (security verification parameter) requesting to recover the RRC connection or requesting to perform the security parameter carried in the message of the RNAU and the security verification parameter used by the access network device for security verification are both the security verification parameter allocated to the terminal by the anchor access network device in the RNAU this time. And ensuring that the input parameters (security verification parameters) of the security parameters reported by the terminal in the RNAU are consistent with the security verification parameters used by the access network equipment for security verification, and successfully realizing the security verification.

Example three:

in the third embodiment, an interaction flow among the terminal device, the first access network device, and the second access network device is similar to the interaction flow among the terminal device, the first access network device, and the second access network device in the first embodiment, and no additional illustration is provided in the embodiments of the present application. The main differences between the third embodiment and the first embodiment are as follows: the implementation of S106, S107, S112 and S113 may be different, here denoted as S106 ', S107', S112 "and S113".

If the second access network device determines to replace the anchor access network device in S105, the context transfer of the terminal is performed. In S106', the first feedback message sent by the second access network device to the first access network device may further include a security verification parameter allocated by the second access network device to the terminal. For example, the first feedback message sent by the second access network device (access network device 101) to the first access network device (access network device 102) further includes the C-RNTI1 allocated by the access network device 101 to the terminal 200.

In S107', after the first access network device receives the first feedback message sent by the second access network device, the first access network device may further store the security verification parameter, which is carried in the first feedback message and is allocated to the terminal by the second access network device.

And S112', the first access network equipment sends a second message to the terminal.

S112 ″ is the same as S112' in the second embodiment, and is not described herein again.

And S113' the terminal receives the second message sent by the first access network equipment.

The difference from S113 in the first embodiment is: and when the second message does not comprise the first information, the terminal receives the second message sent by the first access network equipment and determines that the state of the terminal is an RRC (radio resource control) deactivation state. And in the process that the terminal initiates the RNAU again, requesting to recover RRC connection or requesting to carry out input parameters of the safety parameters carried in the RNAU message as safety verification parameters distributed to the terminal by the anchor point access network equipment in the RNAU. For example, the anchor access network device of terminal 200 in fig. 1 is access network device 101, and the C-RNTI allocated for terminal 200 is C-RNTI 1; in the random access process in the RNAU, the C-RNTI allocated to the terminal 200 by the new service access network equipment (access network equipment 102) is C-RNTI 2; the terminal 200 initiates the RNAU again, and sends a request to resume RRC connection to the access network device 103 or requests to perform MAC-I (or short MAC-I) input parameters carried in the message of the RNAU as C-RNTI and C-RNTI1 allocated to the terminal 200 by the anchor access network device (access network device 101). If the anchor access network device is not replaced in the current RNAU, after receiving the security parameters in the first message, the access network device 103 sends the security parameters reported by the terminal 200 to the anchor access network device (access network device 101); the access network device 101 performs security check, and determines that the input parameter C-RNTI1 of the security parameter reported by the terminal 200 is consistent with the security verification parameter C-RNTI1 stored in the access network device 101, and the security check is successful. If the anchor access network equipment is replaced in the RNAU, the new anchor access network equipment is the access network equipment 102; after receiving the security parameters in the first message, the access network device 103 sends the security parameters reported by the terminal 200 to a new anchor access network device (access network device 102); in S307, the new anchor access network device (access network device 102) stores the security verification parameter C-RNTI1 allocated to the terminal 200 by the anchor access network device (access network device 101) carried in the first feedback message, and determines that the input parameter C-RNTI1 of the security parameter reported by the terminal 200 is consistent with the security verification parameter C-RNTI1 stored by the access network device 102, so that the security check is successful.

It should be noted that, in one possible implementation manner, S113 ″ may also be the same as S113 in the first embodiment, and this is not limited in this application.

According to the communication method provided by the embodiment of the application, in each RNAU process, if the anchor access network equipment is replaced, the anchor access network equipment sends the security verification parameters distributed for the terminal to the new service access network equipment. And in the process that the terminal initiates the RNAU again, requesting to recover RRC connection or requesting to carry out input parameters of the safety parameters carried in the RNAU message as safety verification parameters distributed to the terminal by the anchor access network equipment. Whether the anchor access network equipment is replaced in the current RNAU or not, the input parameter (security verification parameter) of the security parameter, which is required to recover RRC connection or carried in the message of the RNAU, and the security verification parameter, which is used for the security verification by the access network equipment, in the RNAU are both the security verification parameter allocated to the terminal by the anchor access network equipment in the current RNAU. And ensuring that the input parameters (security verification parameters) of the security parameters reported by the terminal in the RNAU are consistent with the security verification parameters used by the access network equipment for security verification, and successfully realizing the security verification.

The above-mentioned scheme provided by the embodiment of the present application is introduced mainly from the perspective of interaction between an access network device and a terminal. It is understood that the access network equipment and the terminal, in order to implement the above-mentioned functions, include corresponding hardware structures and/or software modules for performing the respective functions. Those of skill in the art would readily appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as hardware or combinations of hardware and computer software. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

In the embodiment of the present application, the access network device and the terminal may be divided into the functional modules according to the above method example, for example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. It should be noted that, in the embodiment of the present application, the division of the module is schematic, and is only one logic function division, and there may be another division manner in actual implementation. The following description will be given taking the example of dividing each functional module corresponding to each function.

Fig. 5 is a schematic structural diagram of an apparatus 500 provided in the embodiment of the present application, where the apparatus 500 may be a terminal, and is capable of implementing a function of the terminal in the method provided in the embodiment of the present application; the apparatus 500 may also be an apparatus capable of supporting the terminal to implement the functions of the terminal in the method provided in the embodiment of the present application. The apparatus 500 may be a hardware structure, a software module, or a hardware structure plus a software module. The apparatus 500 may be implemented by a system-on-chip. In the embodiment of the present application, the chip system may be composed of a chip, and may also include a chip and other discrete devices. As shown in fig. 5, the apparatus 500 includes a sending module 501, a receiving module 502, and a determining module 503.

A sending module 501, configured to send a first message to an access network device, where the first message is used to request to recover RRC connection or request to perform radio access network notification area update RNAU, and the access network device is a new serving access network device of the terminal.

A receiving module 502, configured to receive a second message from the access network device, where the second message includes first information, and the first information is related to a security verification parameter, where the security verification parameter includes: and the cell radio network temporary identifier C-RNTI.

A determining module 503, configured to determine the security verification parameter according to the first information.

It should be noted that all relevant contents of each step involved in the above method embodiments may be cited in the functional description of the corresponding functional module, for example, the sending module 501 may be at least used for executing S102 in fig. 4, and/or executing other steps described in this application. The receiving module 502 may be configured to perform at least S113 in fig. 4, and/or perform other steps described herein. The determining module 503 may be at least configured to perform S113 in fig. 4 and/or perform other steps described in this application, which are not described herein again.

Fig. 6 is a schematic structural diagram of an apparatus 600 provided in this embodiment, where the apparatus 600 may be an access network device and can implement the function of a first access network device in the method provided in this embodiment; the apparatus 600 may also be an apparatus capable of supporting an access network device to implement the function of the first access network device in the method provided in the embodiment of the present application. The apparatus 600 may be a hardware structure, a software module, or a hardware structure plus a software module. As shown in fig. 6, the apparatus 600 includes a receiving module 601 and a transmitting module 602.

A receiving module 601, configured to receive a first message from a terminal, where the first message is used to request to recover an RRC connection or request to perform radio access network notification area update RNAU, and the first access network device is a new serving access network device of the terminal.

A sending module 602, configured to send the second message to the terminal.

In one implementation, the second message includes first information, the first information is related to a security verification parameter, and the security verification parameter includes: and the cell radio network temporary identifier C-RNTI.

In one implementation, the apparatus 600 may further include a determining module 603, and the determining module 603 is configured to determine whether to perform the terminal context transfer according to the first feedback message.

It should be noted that all relevant contents of each step related to the above method embodiment may be cited to the functional description of the corresponding functional module, for example, the receiving module 601 may be at least used for executing S103, S107, and S111 in fig. 4 and fig. 4-1, or used for executing S103, S107', and S111 in fig. 4 and fig. 4-1, and/or executing other steps described in this application. The sending module 602 may be configured to perform at least S104, S108, and S112 in fig. 4 and 4-1 and S115 in fig. 4-1, or may be configured to perform S104 ', S108, and S112' (or S112 ") in fig. 4 and 4-1 and S115 in fig. 4-1, and/or perform other steps described herein. The determining module 603 may be at least configured to perform S114 in fig. 4-1 and/or perform other steps described in this application, which are not described herein again.

Fig. 7 is a schematic structural diagram of an apparatus 700 provided in this embodiment, where the apparatus 700 may be an access network device and can implement the function of a second access network device in the method provided in this embodiment; the apparatus 700 may also be an apparatus capable of supporting an access network device to implement the function of the second access network device in the method provided by the embodiment of the present application. The apparatus 700 may be a hardware structure, a software module, or a hardware structure plus a software module. As shown in fig. 7, the apparatus 700 includes a receiving module 701 and a transmitting module 702.

A receiving module 701, configured to receive a first request message from a first access network device, where the first access network device is a new serving access network device of a terminal, the second access network device is an anchor access network device of the terminal, the first request message is used for the first access network device to request the second access network device to acquire a context of the terminal, the first request message includes first indication information, and the first indication information is used to indicate that the terminal requests an RNAU or requests to resume an RRC connection or perform uplink data transmission or perform uplink signaling transmission.

A sending module 702, configured to send a first feedback message to the first access network device, where the first feedback message is used for the first access network device to determine whether to perform the context transfer of the terminal.

It should be noted that all relevant contents of each step related to the above method embodiment may be cited to the functional description of the corresponding functional module, for example, the receiving module 701 may be at least used for executing S105 and S109 in fig. 4 and 4-1 and S116 in fig. 4-1, or used for executing S105' and S109 in fig. 4 and 4-1 and S116 in fig. 4-1, and/or executing other steps described in this application. The sending module 702 may be configured to at least perform S106 and S110 in fig. 4 and fig. 4-1, or perform S106' and S110 in fig. 4 and fig. 4-1, and/or perform other steps described in this application, which are not described herein again.

Fig. 8 is a schematic structural diagram of an apparatus 800 provided in this embodiment of the present application, where the apparatus 800 may be a terminal, and is capable of implementing a function of the terminal in the method provided in this embodiment of the present application; the apparatus 800 may also be an apparatus capable of supporting the terminal to implement the functions of the terminal in the method provided in the embodiment of the present application. The apparatus 800 may be a hardware structure, a software module, or a hardware structure plus a software module. The apparatus 800 may be implemented by a system-on-chip. In the embodiment of the present application, the chip system may be composed of a chip, and may also include a chip and other discrete devices. As shown in fig. 8, the apparatus 800 includes a transmitting module 801 and a receiving module 802.

A sending module 801, configured to send a first message to an access network device, where the first message is used to request to recover an RRC connection or request to perform an RNAU; the access network device is a new service access network device of the terminal, the first message includes a security parameter, the security parameter is generated by using a security verification parameter as an input parameter, and the security verification parameter includes: a cell radio network temporary identifier C-RNTI; the security verification parameters are distributed to the terminal by the service access network equipment in the last RNAU process of the RNAU process performed by the access network equipment by the terminal.

A receiving module 802, configured to receive a second message from the access network device, where the second message is a response message of the first message.

It should be noted that all relevant contents of each step involved in the above method embodiments may be cited in the functional description of the corresponding functional module, for example, the sending module 801 may be at least used for executing S102 in fig. 4 and/or executing other steps described in this application. The receiving module 802 may be at least configured to perform S113' in fig. 1 and/or perform other steps described in this application, which are not described herein again.

Fig. 9 is a schematic structural diagram of an apparatus 900 provided in this embodiment of the present application, where the apparatus 900 may be a terminal and is capable of implementing a function of the terminal in the method provided in this embodiment of the present application; the apparatus 900 may also be an apparatus capable of supporting a terminal to implement the functions of the terminal in the method provided in the embodiment of the present application. The apparatus 900 may be a hardware structure, a software module, or a hardware structure plus a software module. The apparatus 900 may be implemented by a system-on-chip. In the embodiment of the present application, the chip system may be composed of a chip, and may also include a chip and other discrete devices. As shown in fig. 9, the apparatus 900 includes a transmitting module 901 and a receiving module 902.

A sending module 901, configured to send a first message to an access network device, where the first message is used to request to recover an RRC connection or request to perform an RNAU; the access network device is a new service access network device of the terminal, the first message includes a security parameter, the security parameter is generated by using a security verification parameter as an input parameter, and the security verification parameter includes: a cell radio network temporary identifier C-RNTI; the security verification parameters are distributed to the terminal by the anchor access network device in the last RNAU process of the access network device in the RNAU process.

A receiving module 902, configured to receive a second message from the access network device, where the second message is a response message of the first message.

It should be noted that all relevant contents of each step related to the above method embodiment may be cited to the functional description of the corresponding functional module, for example, the sending module 901 may be at least used for executing S102 in fig. 4 and 4-1 and/or executing other steps described in this application. The receiving module 902 may be at least configured to perform S113 ″ in fig. 4 and fig. 4-1, and/or perform other steps described in this application, which are not described herein again.

In the present embodiment, the apparatus 500, the apparatus 600, the apparatus 700, the apparatus 800, or the apparatus 900 may be presented in a form of dividing each functional module in an integrated manner. A "module" herein may refer to a particular ASIC, a circuit, a processor and a memory device executing one or more software or firmware programs, an integrated logic circuit, and/or other components that can provide the described functionality.

In a simple embodiment, the apparatus 500, 600, 700, 800 or 900 may take the form shown in fig. 10.

As shown in fig. 10, the apparatus 1000 may include at least one processor 1001, communication lines 1002, and at least one communication interface 1004, and optionally, memory 1003. The processor 1001, the memory 1003, and the communication interface 1004 may be connected to each other via a communication line 1002.

Processor 1001 may be a Central Processing Unit (CPU), an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits configured to implement embodiments of the present Application, such as: one or more Digital Signal Processors (DSPs), or one or more Field Programmable Gate Arrays (FPGAs).

Communication link 1002 may include a path for communicating information between the aforementioned components.

The communication interface 1004, for communicating with other devices or communication networks, may use any transceiver-like device.

The Memory 1003 may be a Read-Only Memory (ROM) or other type of static storage device that can store static information and instructions, a Random Access Memory (RAM) or other type of dynamic storage device that can store information and instructions, an Electrically Erasable Programmable Read-Only Memory (EEPROM), a Compact Disc Read-Only Memory (CD-ROM) or other optical Disc storage, optical Disc storage (including Compact Disc, laser Disc, optical Disc, digital versatile Disc, blu-ray Disc, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to include or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to such. In a possible design, the memory 1003 may exist separately from the processor 1001, that is, the memory 1003 may be a memory external to the processor 1001, in which case the memory 1003 may be connected to the processor 1001 through a communication line 1002, and is used for storing execution instructions or application program codes, and the processor 1001 controls the execution to implement the communication method provided by the above-mentioned embodiments of the present application. In yet another possible design, the memory 1003 may be integrated with the processor 1001, that is, the memory 1003 may be an internal memory of the processor 1001, and may be used for temporarily storing some data and instruction information, for example, the memory 1003 is a cache.

As one implementation, the processor 1001 may include one or more CPUs, such as CPU0 and CPU1 in fig. 10. As another implementation, the communications apparatus 1000 may include multiple processors, such as the processor 1001 and the processor 1007 in fig. 10. As yet another implementable manner, the communications apparatus 1000 can also include an output device 1005 and an input device 1006.

It should be noted that the communication apparatus 1000 may be a general-purpose device or a special-purpose device. For example, the communication apparatus 1000 may be a desktop computer, a portable computer, a web server, a PDA, a mobile phone, a tablet computer, a wireless terminal, an embedded device, or a device having a similar structure as in fig. 10. The embodiment of the present application does not limit the type of the communication apparatus 1000.

It should be noted that, in a specific implementation process, the apparatus 1000 may also include other hardware devices, which are not listed herein.

In an example of the present application, the determining module 503 in fig. 5 may be implemented by the processor 1001, and the sending module 501 and the receiving module 502 in fig. 5, or the receiving module 601 and the sending module 602 in fig. 6, or the receiving module 701 and the sending module 702 in fig. 7, or the sending module 801 and the receiving module 802 in fig. 8, or the sending module 901 and the receiving module 902 in fig. 9 may be implemented by the communication interface 1004.

Since the apparatus provided in the embodiment of the present application can be used to execute the above communication method, the technical effects obtained by the apparatus can refer to the above method embodiment, and are not described herein again.

It will be apparent to those skilled in the art that all or part of the steps of the above method may be performed by hardware associated with program instructions, and the program may be stored in a computer readable storage medium such as ROM, RAM, optical disk, etc.

The embodiment of the present application also provides a storage medium, which may include a memory 1003.

For the explanation and beneficial effects of the related content in any one of the above-mentioned apparatuses, reference may be made to the corresponding method embodiments provided above, and details are not repeated here.

In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented using a software program, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. The procedures or functions described in accordance with the embodiments of the present application are all or partially generated upon loading and execution of computer program instructions on a computer. The computer may be a general purpose computer, a special purpose computer, a computer network, a network appliance, a user device, or other programmable apparatus. The computer instructions may be stored on a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website, computer, server, or data center to another website, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or can comprise one or more data storage devices, such as a server, a data center, etc., that can be integrated with the medium. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., Digital Video Disk (DVD)), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.

While the present application has been described in connection with various embodiments, other variations to the disclosed embodiments can be understood and effected by those skilled in the art in practicing the claimed application, from a review of the drawings, the disclosure, and the appended claims. In the claims, the word "comprising" does not exclude other elements or steps, and the word "a" or "an" does not exclude a plurality. A single processor or other unit may fulfill the functions of several items recited in the claims. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Although the present application has been described in conjunction with specific features and embodiments thereof, it will be evident that various modifications and combinations can be made thereto without departing from the spirit and scope of the application. Accordingly, the specification and figures are merely exemplary of the present application as defined in the appended claims and are intended to cover any and all modifications, variations, combinations, or equivalents within the scope of the present application. It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.

Claims

1. A method of communication, comprising:

the method comprises the steps that a first access network device receives a first message from a terminal in a Radio Resource Control (RRC) deactivation state, wherein the first message is used for requesting to recover RRC connection or requesting to update a radio access network notification area (RNAU);

the first access network equipment sends a first request message to second access network equipment, wherein the first request message comprises a cell radio network temporary identifier (C-RNTI) allocated to the terminal by the first access network equipment, and the second access network equipment reserves the context of the terminal and is connected with a control plane of the terminal between core networks;

and the first access network equipment receives a feedback message from the second access network equipment, wherein the feedback message indicates that context transfer is not performed, and under the condition that the context transfer is not performed, the C-RNTI is used for security verification of the terminal in the second access network equipment in the next RRC connection recovery process or the RNAU process.

2. The method of claim 1, wherein the first request message further comprises a physical cell identity.

3. The method according to claim 1 or 2, wherein the first request message is a get terminal context request message, and the get terminal context request message further includes first indication information, and the first indication information is used for indicating that the terminal requests the RNAU or requests to resume the RRC connection.

4. The method of claim 1, wherein the feedback message is a Retrieve UE Context Failure message for acquiring a terminal Context Failure.

5. A method of communication, comprising:

the method comprises the steps that a second access network device receives a first request message from a first access network device, wherein the first request message comprises a cell radio network temporary identifier (C-RNTI) distributed for a terminal by the first access network device, and the second access network device is an access network device which reserves the context of the terminal and has a control plane link with a core network;

the second access network equipment sends a feedback message to the first access network equipment, wherein the feedback message indicates that context transfer is not performed;

and the second access network equipment stores the C-RNTI, and under the condition of not transferring the context, the stored C-RNTI is used for the security verification of the second access network equipment on the terminal in the next radio resource control RRC connection recovery process or the radio access network notification area RNAU updating process.

6. The method of claim 5, wherein the first request message further comprises a physical cell identity.

7. The method according to claim 5 or 6, wherein the first request message is a get terminal context request message, and the get terminal context request message further includes first indication information, and the first indication information is used for indicating that the terminal requests the RNAU or requests to resume the RRC connection.

8. The method of claim 5, further comprising:

the feedback message is a Retrieve UE Context Failure message for acquiring the Context Failure of the terminal.

9. An apparatus for application to a first access network device, comprising:

the method comprises the steps of receiving a first message from a terminal in a Radio Resource Control (RRC) deactivation state, wherein the first message is used for requesting to recover RRC connection or requesting to perform radio access network notification area update (RNAU);

a unit configured to send a first request message to a second access network device, where the first request message includes a cell radio network temporary identifier C-RNTI allocated by the first access network device to the terminal, and the second access network device is an access network device that retains a context of the terminal and has a control plane link with a core network of the terminal;

and a unit configured to receive a feedback message from the second access network device, where the feedback message indicates that no context transfer is performed, and in the case of no context transfer, the C-RNTI is used for security verification of the terminal in the second access network device in a next RRC connection recovery procedure or an RNAU procedure.

10. The apparatus of claim 9, wherein the first request message further comprises a physical cell identity.

11. The apparatus according to claim 9 or 10, wherein the first request message is a get terminal context request message, and the get terminal context request message further includes first indication information, and the first indication information is used to indicate that the terminal has requested the RNAU or requested to resume the RRC connection.

12. The apparatus of claim 9, wherein the feedback message is a Retrieve UE Context Failure message.

13. An apparatus applied to a second access network device, wherein the second access network device is an access network device that maintains a context of a terminal and has a control plane link with a core network of the terminal, the apparatus comprising:

the method includes the steps that a first request message is received from first access network equipment, and the first request message comprises a cell radio network temporary identifier C-RNTI allocated to a terminal by the first access network equipment;

means for sending a feedback message to the first access network device, wherein the feedback message indicates that no context transfer is to occur;

and a unit for storing the C-RNTI, wherein the stored C-RNTI is used for the next radio resource control RRC connection recovery process or a radio access network notification area update RNAU process under the condition that context transfer is not performed, and the second access network equipment verifies the security of the terminal.

14. The apparatus of claim 13, wherein the first request message further comprises a physical cell identity.

15. The apparatus according to claim 13 or 14, wherein the first request message is a get terminal context request message, and the get terminal context request message further includes first indication information, and the first indication information is used to indicate that the terminal has requested the RNAU or requested to resume the RRC connection.

16. The apparatus of claim 13, wherein the feedback message is a Retrieve UE Context Failure message.

17. A communication system, comprising a first access network device and a second access network device, wherein the first access network device comprises the apparatus of any of claims 9-12, and the second access network device comprises the apparatus of any of claims 13-16.

18. A computer storage medium having a computer program stored thereon, wherein the program, when executed, implements a communication method according to any one of claims 1-4 or a communication method according to any one of claims 5-8.