CN111641582B - Safety protection method and device - Google Patents

Safety protection method and device Download PDF

Info

Publication number
CN111641582B
CN111641582B CN201910157638.9A CN201910157638A CN111641582B CN 111641582 B CN111641582 B CN 111641582B CN 201910157638 A CN201910157638 A CN 201910157638A CN 111641582 B CN111641582 B CN 111641582B
Authority
CN
China
Prior art keywords
session
user plane
plane security
security policy
wireless access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910157638.9A
Other languages
Chinese (zh)
Other versions
CN111641582A (en
Inventor
吴�荣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201910157638.9A priority Critical patent/CN111641582B/en
Priority to PCT/CN2020/077250 priority patent/WO2020177632A1/en
Publication of CN111641582A publication Critical patent/CN111641582A/en
Application granted granted Critical
Publication of CN111641582B publication Critical patent/CN111641582B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/22Arrangements for detecting or preventing errors in the information received using redundant apparatus to increase reliability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/02Arrangements for optimising operational condition

Abstract

The embodiment of the application provides a security protection method and a security protection device, which are used for solving the problems caused by different user plane security policies of different sessions. The method comprises the following steps: the first wireless access equipment determines whether to update the user plane security of the first session, if the user plane security policy of the first session is determined to be updated, a first notification message is sent to the terminal to notify the terminal to update the user plane security policies of the first session and the second session, the terminal receives the first notification message and updates the user plane security policies of the first session and the second session, the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session, and meanwhile, the first wireless access equipment or the terminal sends a message for updating the user plane security policy of the second session to the second wireless access equipment, so that the second wireless access equipment updates the user plane security policy of the second session to be the same as the user plane security policy of the first session.

Description

Safety protection method and device
Technical Field
The present application relates to the field of communications technologies, and in particular, to a security protection method and apparatus.
Background
In the existing mobile communication architecture, in order to improve the reliability of data transmission, a terminal may establish two or more transmission channels with a network side, and transmit the same data on the two or more established transmission channels, so as to ensure the reliability of data transmission. For example, one way to improve the transmission reliability of ultra-reliable and low-latency communication (URLLC) data is: and copying the URLLC data, and transmitting the copied URLLC data through the other transmission channel, so that the other transmission channel normally transmits under the condition of ensuring that one transmission channel fails to transmit to a certain extent, and the reliability of the URLLC data transmission is ensured.
In the process of performing redundant transmission on data, in order to ensure the security of data transmission, the terminal and the base station may perform protection (e.g., confidentiality protection and/or integrity protection) on the transmitted data based on a user plane security policy. For example, the core network device may determine a user plane security policy, and issue the user plane security policy to the base station, and after receiving the user plane security policy, the base station determines a protection mode when transmitting over the air interface between the base station and the terminal, and informs the terminal of the protection mode, so that the base station and the terminal transmit user plane data in the same protection mode. For example, the terminal performs data protection operation (e.g., confidentiality protection and/or integrity protection) on the user plane data sent to the network, and the base station performs corresponding security operation (e.g., decryption and/or integrity verification) after receiving the protected data. The base station performs data protection operation (such as confidentiality protection and/or integrity protection) on user plane data sent to the terminal, and the terminal performs corresponding security operation (such as decryption and/or integrity verification) after receiving the protected data.
However, in real applications, there is a scenario where: two or more transmission channels are arranged between the terminal and the network to transmit the same data, and if the user plane security policies corresponding to the transmission channels are different, the data results obtained by the receiving end (terminal or network) after judgment are possibly inconsistent, so that the security and reliability of data transmission are influenced.
Disclosure of Invention
The embodiment of the application provides a security protection method and a security protection device, which are used for solving the problems caused by different user plane security policies of different sessions.
In order to achieve the above purpose, the embodiments of the present application provide the following technical solutions:
in a first aspect, an embodiment of the present application provides a security protection method, including: the terminal receives a first notification message which is sent by first wireless access equipment and used for notifying the terminal that the user plane security policies of a first session and a second session are updated, and updates the user plane security policies of the first session and the user plane security policies of the second session according to the first notification message; and the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session.
Alternatively, the first notification message may be used to notify that the user plane security policy of the first session or the second session is updated. In addition, the session in each embodiment of the present application may be replaced with a bearer included in the session or a Data Radio Bearer (DRB), that is, in the embodiment of the present application, the session may be used as a granularity to update the user plane security policy of the session, so as to ensure that the user plane security policies of different sessions are consistent; or, the DRB may be used as the granularity to update the user plane security policy of the DRB, so as to ensure that the user plane security policies of different DRBs are consistent and not limited. In the following and in the detailed description, the security protection method provided in the embodiment of the present application is described only with the session as the granularity, and the method provided in the embodiment of the present application may be referred to in the process of performing security protection with the bearer as the granularity.
Based on the method in the first aspect, in a case that the user plane security policy of one session is updated, the terminal may be notified of an event that the user plane security policy of the session is updated, so that the terminal updates the user plane security policy of the session, and updates the user plane security policies of other sessions having the same user plane security policy as the session (e.g., other sessions transmitting the same user plane security policy as the session, etc.), so that the user plane security policies of multiple sessions always remain consistent.
In a possible design, with reference to the first aspect, the receiving, by the terminal, a first notification message sent by the first radio access device includes: the terminal receives an RRC connection reconfiguration message sent by first wireless access equipment; wherein the RRC connection reconfiguration message comprises a first notification message. Based on the possible design, the terminal can receive the first notification message issued by the first radio access device through the RRC connection reconfiguration procedure, and update the user plane security policy of the session by means of the existing procedure, thereby reducing signaling overhead.
In one possible design, in combination with the first aspect or any one of the possible designs of the first aspect, the method further comprises: a terminal receives a session release request sent by first wireless access equipment; the terminal releases the first session and the second session according to the session release request. Alternatively, the session release request may also release the first session or the second session for the requesting terminal, so that the terminal may be notified to release multiple sessions having the same user plane security policy as the session without requiring security protection of the session.
In a second aspect, the present application provides a communication device, which may be a terminal or a chip or a system on a chip in a terminal, and may implement the functions performed by the terminal in the above aspects or possible designs, where the functions may be implemented by hardware or by hardware executing corresponding software. The hardware or software comprises one or more modules corresponding to the functions. Such as: the communication apparatus may include: a receiving unit, an updating unit;
a receiving unit, configured to receive a first notification message sent by a first radio access device; wherein the first notification message is used for notifying the communication device that the user plane security policies of the first session and the second session are updated;
an updating unit, configured to update the user plane security policy of the first session and the user plane security policy of the second session according to the first notification message received by the receiving unit; and the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session.
The specific implementation manner of the communication device may refer to the behavior function of the terminal in the security protection method provided by the first aspect or any one of the possible designs of the first aspect, and details are not repeated here. Thus, the communication device provided may achieve the same advantageous effects as the first aspect or any one of the possible designs of the first aspect.
In a third aspect, a communication apparatus is provided, including: a processor and a memory; the memory is configured to store computer executable instructions, and when the communication apparatus is running, the processor executes the computer executable instructions stored in the memory to enable the communication apparatus to perform the security protection method according to the first aspect or any one of the possible designs of the first aspect.
In a fourth aspect, a computer-readable storage medium is provided, the computer-readable storage medium being a non-volatile readable storage medium. The computer-readable storage medium has stored therein instructions that, when executed on a computer, enable the computer to perform the security protection method of the first aspect or any one of the possible designs of the above aspect.
In a fifth aspect, there is provided a computer program product comprising instructions which, when run on a computer, cause the computer to perform the method of the first aspect described above or any one of the possible designs of the above aspects.
In a sixth aspect, a chip system is provided, where the chip system includes a processor and a communication interface, and is configured to enable the chip system to implement the functions recited in the foregoing aspects, for example, the processor receives, through the communication interface, a first notification message sent by a first radio access device, and used to notify the communication apparatus that a user plane security policy of a first session and a second session is updated; updating the user plane security policy of the first session and the user plane security policy of the second session according to the first notification message; and the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session. In one possible design, the system-on-chip further includes a memory for storing program instructions and data necessary for the communication device. The chip system may be constituted by a chip, or may include a chip and other discrete devices.
For technical effects brought by any design manner in the third aspect to the sixth aspect, reference may be made to the technical effects brought by the first aspect or any possible design manner in the first aspect, and details are not repeated.
In a seventh aspect, an embodiment of the present application provides a security protection method, including: the first wireless access equipment determines whether the user plane security policy of the first session needs to be updated or not, and when the first wireless access equipment determines that the user plane security policy of the first session needs to be updated, the first wireless access equipment sends a first notification message for notifying the terminal that the user plane security policies of the first session and the second session are updated, so that the terminal updates the user plane security policies of the first session and the second session, and the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session; meanwhile, the first wireless access equipment sends a user plane security policy for informing the second wireless access equipment to update the second session to the second wireless access equipment, so that the second wireless access equipment updates the user plane security policy of the second session, and the updated user plane security policy of the second session is the same as the updated user plane security policy of the first session.
Based on the method of the seventh aspect, after determining that the user plane security policy of the first session needs to be updated, the first wireless access device notifies the terminal to update the user plane security policies of the first session and the second session, and notifies the second wireless access device to update the user plane security policy of the second session, so that the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session.
In a possible design, with reference to the seventh aspect, the determining, by the first radio access device, whether the user plane security policy of the first session needs to be updated includes: and the first wireless access equipment receives the updating information, and when the updating information is used for indicating that the user plane security policy of the first session is updated, the first wireless access equipment determines that the user plane security policy of the first session needs to be updated according to the updating information. Based on the possible design, the first wireless access device can determine that the user plane security policy of the first session needs to be updated under the indication of the core network element, and the decision of the first wireless access device is not needed, so that the computational complexity and the power consumption of the first wireless access device are reduced.
In a possible design, with reference to the seventh aspect, the determining, by the first radio access device, whether the user plane security policy of the first session needs to be updated includes: the first wireless access equipment determines whether the user plane security policy of the first session needs to be updated according to one or more information of the load state of the first wireless access equipment, the configuration condition of the first wireless access equipment and the currently supported transmission data rate of the first wireless access equipment. Based on the possible design, the first wireless access device can determine whether the user plane security policy of the first session needs to be updated according to the self condition, without interaction between the first wireless access device and a core network element, and determine whether the user plane security policy of the first session needs to be updated under the indication of the core network element, thereby reducing signaling overhead.
In another possible design, with reference to the seventh aspect or any possible design of the seventh aspect, the sending, by the first radio access device, the first notification message to the terminal includes: the first wireless access equipment sends RRC connection reconfiguration information to the terminal; wherein the RRC connection reconfiguration message comprises a first notification message. Based on the possible design, the first radio access device can send the first notification message to the terminal by means of the existing RRC connection reconfiguration process, and no additional interactive signaling is needed, so that the signaling overhead is reduced.
In another possible design, with reference to the seventh aspect or any one of the possible designs of the seventh aspect, the method further includes: the first wireless access equipment determines that the first wireless access equipment does not support the safety protection of the data transmitted in the first session, reports an error indication for indicating that the first wireless access equipment does not support the safety protection of the data transmitted in the first session, and sends a session release request to the terminal; the session release request is used for requesting the terminal to release the first session and the second session. Based on the possible design, under the condition that the first wireless access device does not support the security protection of the session, the terminal is informed to release a plurality of sessions having the same user plane security policy as the session, and an error indication is reported to the core network element, so that the core network element takes corresponding measures according to the error indication to ensure the normal transmission of data.
In an eighth aspect, the present application provides a communication apparatus, which may be a first radio access device or a chip or a system on a chip in the first radio access device, and may implement the functions performed by the first radio access device in the above aspects or various possible designs, where the functions may be implemented by hardware or by hardware executing corresponding software. The hardware or software comprises one or more modules corresponding to the functions. Such as: the communication apparatus may include: a determining unit, a transmitting unit;
a determining unit, configured to determine whether a user plane security policy of the first session needs to be updated;
a sending unit, configured to send a first notification message to a terminal when the determining unit determines that the user plane security policy of the first session needs to be updated; the first notification message is used for notifying the terminal that the user plane security policies of the first session and the second session are updated; and sending a second notification message to the second wireless access device; wherein the second notification message is used to notify the second wireless access device to update the user plane security policy of the second session.
The specific implementation manner of the communication apparatus may refer to the seventh aspect or a behavior function of the first radio access device in the security protection method provided by any possible design of the seventh aspect, and details are not repeated here. Therefore, the communication device provided can achieve the same advantageous effects as any one of the possible designs of the seventh aspect or the seventh aspect.
In a ninth aspect, there is provided a communication apparatus comprising: a processor and a memory; the memory is configured to store computer-executable instructions, and when the communication apparatus is running, the processor executes the computer-executable instructions stored in the memory, so as to enable the communication apparatus to perform the security protection method according to any one of the possible designs of the seventh aspect or the seventh aspect.
In a tenth aspect, a computer-readable storage medium is provided, which may be a non-volatile readable storage medium. The computer-readable storage medium has stored therein instructions that, when executed on a computer, enable the computer to perform the security protection method of the seventh aspect or any one of the above possible designs.
In an eleventh aspect, there is provided a computer program product comprising instructions which, when run on a computer, enable the computer to perform the method of the seventh aspect described above or any one of the above possible designs of the aspects.
In a twelfth aspect, a chip system is provided, which includes a processor and a communication interface, and is configured to enable the chip system to implement the functions of the above aspects, for example, the processor determines whether a user plane security policy of a first session needs to be updated, when it is determined that the user plane security policy of the first session needs to be updated, sends a first notification message to a terminal through the communication interface, the first notification message notifying the terminal that the user plane security policies of the first session and a second session are updated, and sends a second notification message to a second wireless access device, the second notification message notifying the second wireless access device that the user plane security policy of the second session is updated. In one possible design, the system-on-chip further includes a memory for storing program instructions and data necessary for the communication device. The chip system may be constituted by a chip, or may include a chip and other discrete devices.
For technical effects brought by any design manner of the ninth aspect to the twelfth aspect, reference may be made to the seventh aspect or any possible design manner of the seventh aspect, and details are not repeated.
In a thirteenth aspect, an embodiment of the present application provides a security protection method, including: the first network element determines whether the user plane security policy of the first session needs to be updated; the first network element sends update information; wherein the update information is used for indicating that the user plane security policy of the first session and/or the second session is updated.
The first network element may be a mobility management network element or a session management network element.
Based on the thirteenth aspect, the core network element may determine whether the user plane security policy of the first session needs to be updated, and issue the update information, so that the terminal or the wireless access device updates the user plane security policies of the first session and the second session according to the update information issued by the core network element.
In one possible design, in combination with the thirteenth aspect, the determining, by the first network element, whether the user plane security policy of the first session needs to be updated includes: the first network element determines whether to update the user plane security policy of the first session according to any one or more of the following information: the method comprises the steps of load of a network side, operator configuration, rate requirement of a data network, rate requirement of a unified data management network element, rate requirement of a policy control function, triggering of an application function, load state of first wireless access equipment and configuration situation of the first wireless access equipment.
Based on the possible design, the first network element may determine whether the user plane security policy of the first session needs to be updated according to information such as network side load, rate requirement, and wireless access device condition.
In a fourteenth aspect, the present application provides a communication apparatus, which may be the first radio access device or a chip or a system on a chip in the first radio access device, and the communication apparatus may implement the functions performed by the first radio access device in the above aspects or various possible designs, where the functions may be implemented by hardware or by hardware executing corresponding software. The hardware or software comprises one or more modules corresponding to the functions. Such as: the communication apparatus may include: a determining unit, a transmitting unit;
a determining unit, configured to determine whether a user plane security policy of the first session needs to be updated;
a transmitting unit for transmitting the update information; wherein the update information is used for indicating that the user plane security policy of the first session and/or the second session is updated.
For a specific implementation manner of the communication apparatus, reference may be made to the behavior function of the first network element in the security protection method provided by any one of the possible designs of the thirteenth aspect or the thirteenth aspect, and details are not repeated here. Therefore, the communication device provided can achieve the same advantageous effects as any one of the possible designs of the thirteenth aspect or the thirteenth aspect.
In a fifteenth aspect, a communication device is provided, comprising: a processor and a memory; the memory is used for storing computer-executable instructions, and when the communication device runs, the processor executes the computer-executable instructions stored by the memory, so that the communication device executes the security protection method according to any one of the possible designs of the thirteenth aspect or the thirteenth aspect.
In a sixteenth aspect, there is provided a computer-readable storage medium having stored therein instructions, which, when run on a computer, cause the computer to perform the security protection method of the thirteenth aspect or any one of the above possible designs.
A seventeenth aspect provides a computer program product comprising instructions that, when run on a computer, cause the computer to perform the method of the thirteenth aspect or any one of the possible designs of the aspects.
In an eighteenth aspect, a chip system is provided, where the chip system includes a processor and a communication interface, and is used to support the chip system to implement the functions recited in the above aspects, for example, the processor determines whether a user plane security policy of a first session needs to be updated, and sends update information; wherein the update information is used for indicating that the user plane security policy of the first session and/or the second session is updated. In one possible design, the system-on-chip further includes a memory for storing program instructions and data necessary for the communication device. The chip system may be constituted by a chip, or may include a chip and other discrete devices.
For technical effects brought by any design manner of the fifteenth aspect to the eighteenth aspect, reference may be made to the technical effects brought by any possible design of the thirteenth aspect or the thirteenth aspect, and details are not repeated.
In a nineteenth aspect, the present application provides a safety protection system comprising: a terminal according to the second to sixth aspects, a first radio access device according to the eighth to twelfth aspects, and a first network element according to the fourteenth to eighteenth aspects.
Drawings
Fig. 1 is a schematic diagram of a communication system framework provided in an embodiment of the present application;
fig. 2 is a schematic diagram illustrating a communication device according to an embodiment of the present disclosure;
fig. 3 is a flowchart of a security protection method according to an embodiment of the present application;
fig. 4 is a flowchart of another security protection method provided in the embodiment of the present application;
fig. 5 is a flowchart of another security protection method provided in an embodiment of the present application;
fig. 6 is a flowchart of another security protection method provided in an embodiment of the present application;
fig. 7 is a flowchart of another security protection method provided in an embodiment of the present application;
fig. 8 is a flowchart of another security protection method provided in an embodiment of the present application;
fig. 9 is a flowchart of another security protection method provided in an embodiment of the present application;
fig. 10 is a schematic diagram illustrating a communication device 100 according to an embodiment of the present disclosure;
fig. 11 is a schematic diagram illustrating a communication device 110 according to an embodiment of the present disclosure;
fig. 12 is a schematic diagram illustrating a communication device 120 according to an embodiment of the present disclosure;
fig. 13 is a schematic composition diagram of a security protection system according to an embodiment of the present application.
Detailed Description
First, in order to facilitate understanding of the embodiments of the present application, terms related to the embodiments of the present application are described:
user plane security policy (user plane security policy): also called user plane security enforcement information (user plane security information), is a security indication (security indication), such as: an indication may be provided for user plane security protection. The user plane security policy is mainly used for specifying whether data transmitted on a transmission channel needs encryption and/or integrity protection, and may also be used for specifying the length of an encrypted key (for example, specifying the length of an encrypted key to be 256bits in confidentiality protection and/or the length of a protected key to be 256bits in integrity protection), the time for updating the key, and the like.
In the embodiment of the present application, there may be the following three user plane security policies: required, preferred, not required. Wherein required indicates that data transmitted on the session needs to be protected, preferred indicates that data transmitted on the session tends to be protected, and not need to be protected.
The user plane security policy may correspond to one or more transmission channels, and is used to characterize whether data transmitted on one or more transmission channels needs to be protected, and the user plane security policies of different transmission channels may be the same or different, without limitation. In the embodiment of the present application, only the case that the user plane security policies of a plurality of different transmission channels required by the system need to be kept consistent is described.
A transmission channel: may refer to a data connection between a terminal and a serving network, such as: it may refer to a transmission link that a terminal accesses to a Data Network (DN) through a wireless access device and a user plane network element. For example, a transmission channel may refer to a session or a Data Radio Bearer (DRB) included in the session or a bearer (bearer) for transmitting user plane data between a terminal and a service network. Wherein, in the fifth generation (5)thgeneration, 5G) communication system, a session may be referred to as a Protocol Data Unit (PDU) session. In the fourth generation (4)thgeneration, 4G) communication system, a session may be an evolved packet system bearer (EPS bearer) or may be another bearer for transmitting user plane data. It should be noted that, as communication technologies develop, in a future communication system, a session may have another name, and the embodiment of the present application is not limited thereto.
One session may include one or more DRBs, the user plane security policies of different DRBs included in the same session may be the same or different, and the user plane security policies of DRBs included in different sessions may also be the same or different, without limitation. In each embodiment of the application, the session can be taken as the granularity, and the user plane security policy of the session is updated so as to ensure that the user plane security policies of different sessions are consistent; or updating the user plane security policy of the DRB by using the DRB included in the session as the granularity, so as to ensure that the user plane security policies of different DRBs are consistent; and updating the user plane security policy of the Bearer to ensure that the user plane security policies of different bearers are consistent without limitation. The security protection method provided by the embodiment of the present application is described below with only sessions as granularity, and reference may be made to the method provided by the embodiment of the present application for a process of security protection with DRBs and bearers as granularity.
The technical solution in the embodiments of the present application is described below with reference to the drawings in the embodiments of the present application.
The security protection method provided by the embodiment of the application can be applied to a fourth generation 4G communication system, such as: long Term Evolution (LTE) system, which can also be applied to 5G communication system, such as: new Radio (NR) systems, or other systems, without limitation. The following describes a security protection method provided in an embodiment of the present application, by taking the communication system shown in fig. 1 as an example.
As shown in fig. 1, the communication system may include: a terminal, a plurality of wireless access devices (e.g., wireless access device 1, wireless access device 2, wireless access device 3, etc. in fig. 1), a plurality of user plane network elements (e.g., user plane network element 1, user plane network element 2, user plane network element 3, etc. in fig. 1), a core network, and a Data Network (DN). The core network may include a mobility management network element, a plurality of session management network elements, a unified data management network element, a policy control network element, and the like.
The terminal in fig. 1 may be referred to as a User Equipment (UE) or a terminal equipment (terminal device), and the terminal may include, but is not limited to, a cellular phone, a cordless phone, a Session Initiation Protocol (SIP) phone, a smart phone, a Wireless Local Loop (WLL) station, a Personal Digital Assistant (PDA), a vehicle-mounted terminal, a mobile phone (mobile phone), a tablet computer or a computer with a wireless transmitting and receiving function, a smart gas station, a smart signal lamp, and the like, and/or other devices capable of communicating with a wireless access device. In this embodiment of the application, the apparatus for implementing the function of the terminal device may be the terminal device, or may be an apparatus capable of supporting the terminal device to implement the function, such as a chip system, without limitation. The following describes a technical solution provided in an embodiment of the present application, by taking only an example that a device for implementing a function of a terminal device is the terminal device.
In the system shown in fig. 1, a terminal may access one or more wireless access devices, access a DN through one or more sessions, different sessions may transmit the same data, and user plane security policies of different sessions may be the same. In this embodiment, a session may refer to a transmission channel through which a terminal may access a DN through a wireless access device and a user plane network element. For example, as shown in fig. 1, a terminal may access a DN through a session 1 (terminal- > radio access equipment 1- > user plane network element 1), a DN through a session 2 (terminal- > radio access equipment 2- > user plane network element 2), and a DN through a session 3 (terminal- > radio access equipment 3- > user plane network element 3).
The wireless access device in fig. 1 is mainly used to implement functions such as physical layer function, resource scheduling and management, access control of a terminal, and mobility management, and the wireless access device may establish a communication link with a user plane network element, and transmit data between the terminal and a service network through the communication link. Different wireless access devices can be connected with different user plane network elements, and also can be connected with the same user plane network element, that is, two or two wireless access devices are accessed to the same user plane network element, without limitation. For example, the wireless access device may be AN Access Network (AN)/Radio Access Network (RAN), and may be composed of a plurality of AN/RAN nodes, where the AN/RAN nodes may be: an access node (AP), a base station (nodeB, NB), an evolved nodeB (eNB)/4G LTE base station, a next generation base station (NR nodeB, gNB), or a 5G base station, an enhanced next generation base station (enhanced gbb, en-gbb), a next generation evolved nodeB (ng-eNB), a transmission point (TRP), a Transmission Point (TP), or some other access node, etc. The functional modules in the wireless access device can be separated, such as: a radio access device may comprise a Central Unit (CU) and one or more Distributed Units (DU).
In this embodiment of the present application, the apparatus for implementing the function of the wireless access device may be a wireless access device, or may be an apparatus capable of supporting the wireless access device to implement the function in the wireless access device. For example: the wireless access device may be a CU in a base station, or may be an independently deployed base station, without limitation. When the multiple wireless access devices accessed by the terminal are independently deployed in the system shown in fig. 1, the multiple wireless access devices accessed by the terminal may include a master wireless access device and a slave wireless access device, and the master wireless access device and the slave wireless access device may access the same user plane network element or different user plane network elements, without limitation. The primary wireless access device may refer to a wireless access device directly interacting with a core network element (e.g., a mobility management network element) in a wireless access device to which the terminal is accessed, and the secondary wireless access device may refer to a wireless access device interacting with the core network element (e.g., a mobility management network element) through the primary wireless access device in the wireless access device to which the terminal is accessed. For example, the terminal may access the base station 1 and the base station 2 simultaneously, where if the base station 1 directly interacts with the mobility management network element, the base station 1 may be a main base station, and the base station 2 may be an auxiliary base station.
The user plane network element in fig. 1 may be a user plane gateway (user plane gateway), a Serving Gateway (SGW), or a Packet Gateway (PGW) in a 4G communication system, or may be a User Plane Function (UPF) in a 5G communication system. The user plane network element can be used as an anchor point on a user plane transmission logic channel, and is mainly used for completing functions of routing forwarding and the like of user plane data, such as: a channel (i.e. a user plane transmission logic channel) is established between the network node and the terminal, and the channel forwards a data packet between the terminal and the DN and is responsible for filtering data messages of the terminal, transmitting/forwarding data, controlling rate, generating charging information and the like.
The DN in fig. 1 may include network devices (such as a server or a router), and is mainly used to provide multiple data service services for the terminal.
The mobility management network element in fig. 1 may be an access and mobility management function (AMF), and is mainly used to manage the movement of the terminal. Illustratively, the mobility management element may communicate with the session management element via a serving interface or a next generation (next generation) interface.
The session management network element in fig. 1 may be a Session Management Function (SMF) session management network element, and may be configured to implement functions of session establishment, session release, session modification, and the like. A session management network element may be configured to manage one or more user plane network elements, and may also correspondingly manage a user plane network element. For example, as shown in fig. 1, a session management network element 1 may be configured to manage a user plane network element 1 and a user plane network element 2, and is configured to implement functions of establishing, releasing, and changing a session 1 (terminal- > radio access device 1- > user plane network element 1) and a session 2 (terminal- > radio access device 2- > user plane network element 2); the session management network element 2 may be configured to manage the user plane network element 3, and is configured to implement functions of establishing, releasing, and changing the session 3 (terminal- > radio access device 3- > user plane network element 3).
The policy control network element in fig. 1 may be a Policy Control Function (PCF). The policy control network element may support a unified policy framework to manage network behavior, may provide policy rules to the control plane network element and enable the control plane network element to use the policy rules, and may obtain policy information and decisions related to subscription information.
The unified data management network element in fig. 1 may be a Unified Data Management (UDM), and the unified data management may be used to store and manage data of a terminal, an application server, and other network devices. For example, for the subscription data of the end user, the unified data management network element may include a logic module, and the logic module may be configured to store the subscription data of the end user, such as: may be a Universal Data Repository (UDR) module in a 5G communication system.
In the system shown in fig. 1, in a case that the system requires that the user plane security policies of a plurality of different sessions are the same, especially when the system requires that the plurality of different sessions perform redundant transmission, that is, when the plurality of different sessions transmit the same user plane data, in order to ensure that the user plane security policies of the different sessions are the same, when determining that the user plane security policy of a certain session is updated, the wireless access device may notify the terminal that the user plane security policy of the session is updated, so that the terminal updates the user plane security policy of the session according to the received notification message; meanwhile, the wireless access equipment can inform other wireless access equipment to update the user plane security policy of the session established by the other wireless access equipment, so that the user plane security policies of different sessions are kept consistent and meet the system requirements. Specifically, the process can be described with reference to the embodiments corresponding to the methods shown in fig. 3 to 6.
It should be noted that fig. 1 is only an exemplary architecture diagram, and besides the functional units shown in fig. 1, the communication system may further include a management network element, an operation and management (O & M) network element, other network elements, and the like, which is not limited in this embodiment. In addition, the number of the network elements, the name of each network element, and the name of each parameter in the system shown in fig. 1 are only one example, and the embodiment of the present application does not limit the number of the network elements, the name of the network elements, and the name of each parameter, and the name of the network elements and the name of each parameter may also be other names.
In a specific implementation, the terminal, the radio access equipment, the session management network element, and the like and the mobility management network element in fig. 1 may include the components shown in fig. 2. Fig. 2 is a schematic composition diagram of a communication device 200 according to an embodiment of the present application, where the communication device 200 is used to implement the security protection method according to the embodiment of the present application. As shown in fig. 2, the communication device 200 includes at least one processor 201, a communication line 202, and at least one communication interface 203; further, a memory 204 may also be included. The processor 201, the memory 204 and the communication interface 203 may be connected by a communication line 202. In the embodiments of the present application, at least one of the two or more may be one, two, three or more, and the embodiments of the present application are not limited.
In the embodiment of the present application, the processor 201 may be a Central Processing Unit (CPU), a Network Processor (NP), a Digital Signal Processor (DSP), a microprocessor, a microcontroller, a Programmable Logic Device (PLD), or any combination thereof. The processor may also be any other means having a processing function such as a circuit, device or software module.
In the present embodiment, the communication line 202 may include a path for communicating information between components included in the communication device.
In this embodiment, the communication interface 203 is used for communicating with other devices or communication networks (e.g., ethernet, Radio Access Network (RAN), Wireless Local Area Networks (WLAN), etc.). The communication interface 203 may be a module, a circuit, a transceiver, or any device capable of enabling communication.
In the present embodiment, the memory 204 may be a read-only memory (ROM) or other types of static storage devices that can store static information and/or instructions, a Random Access Memory (RAM) or other types of dynamic storage devices that can store information and/or instructions, an electrically erasable programmable read-only memory (EEPROM), a compact disc read-only memory (CD-ROM) or other optical disk storage, optical disk storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), a magnetic disk storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited thereto.
In one possible design, the memory 204 may exist separately from the processor 201, i.e., the memory 204 may be a memory external to the processor 201, in which case the memory 204 may be connected to the processor 201 via the communication line 202 for storing instructions or program code. The processor 201, when calling and executing the instructions or program codes stored in the memory 204, can implement the security protection method provided by the following embodiments of the present application. In yet another possible design, the memory 204 may also be integrated with the processor 201, that is, the memory 204 may be an internal memory of the processor 201, for example, the memory 204 is a cache memory, and may be used for temporarily storing some data and/or instruction information, and the like.
As one implementation, the processor 201 may include one or more CPUs, such as CPU0 and CPU1 of FIG. 2. As another implementation, the communications apparatus 200 may include multiple processors, such as the processor 201 and the processor 207 of fig. 2. As yet another implementable manner, the communications apparatus 200 can further include an output device 205 and an input device 206. Illustratively, the input device 206 may be a keyboard, mouse, microphone, joystick, or the like, and the output device 205 may be a display screen, speaker (spaker), or the like.
It should be noted that the communication apparatus 200 may be a general-purpose device or a special-purpose device. For example, the communication apparatus 200 may be a desktop computer, a portable computer, a web server, a PDA, a mobile phone, a tablet computer, a wireless terminal, an embedded device, a system-on-a-chip, or a device having a similar structure as in fig. 2. The embodiment of the present application does not limit the type of the communication apparatus 200. In the embodiment of the present application, the chip system may be composed of a chip, and may also include a chip and other discrete devices.
The following describes a security protection method provided by the embodiment of the present application with reference to the system shown in fig. 1. Each device mentioned in the following method embodiments may have a component shown in fig. 2, and is not described again. In addition, in the following embodiments of the present application, names of messages interacted between network elements or names of parameters in the messages are only an example, and other names may also be used in a specific implementation. In addition, the terms "first" and "second" and the like in the embodiments of the present application are used to distinguish different objects, and are not used to describe a specific order of the objects, and the embodiments of the present application do not limit the attributes of the different objects represented by the "first" and "second".
Before the following embodiments are performed, the terminal has established multiple sessions, such as: the terminal has established two or more sessions, and the system requires that the user plane security policy of these sessions must be the same, and these sessions can be used for transmitting the same data (or user plane data) or for transmitting different data, without limitation. Each session may be uniquely identified by a session identifier (session ID), a correspondence relationship exists between the session ID and a user plane security policy of the session, and the terminal and the first wireless access device may obtain the correspondence relationship. The security protection method provided in the embodiment of the present application is described below by taking an example in which a terminal establishes two sessions, and a system requires that user plane security policies of the two sessions are the same, and similarly, when a terminal establishes more than two sessions, a processing procedure of the terminal may refer to the description in the embodiment of the present application.
Fig. 3 is a security protection method provided in an embodiment of the present application, and as shown in fig. 3, the method may include:
step 301: the first radio access equipment determines whether the user plane security policy of the first session needs to be updated, and if the first radio access equipment determines that the user plane security policy of the first session needs to be updated, steps 302 to 305 are executed.
The first radio access device may be a device directly interacting with a core network element (e.g., a mobility management network element) in a radio access device to which the terminal accesses, such as: the first wireless access device may be the wireless access device 1 in fig. 1. Or, the first radio access device may also be a device that does not directly interact with the mobility management network element in the radio access device to which the terminal accesses, such as: may be a device interacting with the mobility management network element via other radio access devices. For example, the first radio access device may also be, without limitation, radio access device 2 or radio access device 3 in fig. 1.
The first session may be an established transmission channel between the terminal and the network, and the transmission channel may pass through the first wireless access device. For example, taking the first radio access device as the radio access device 1 as an example, the first session may be an established transmission channel of the terminal- > access network device 1- > user plane network element 1- > DN.
In embodiments of the present application, updating the user plane security policy of the first session may refer to: the user plane security policy of the first session is updated from a first policy to a second policy, the first policy is different from the second policy, and the first policy and the second policy may be any one of three policies, namely required policy, preferred policy and not needed policy.
In one example, the first wireless access device determining whether to update the user plane security policy for the first session may include: the first wireless access equipment receives update information from a mobility management network element, wherein the update information can be used for indicating whether the user plane security policy of the first session and/or the second session is updated, and when the update information is used for indicating that the user plane security policy of the first session and/or the second session is updated, the first wireless access equipment determines that the user plane security policy of the first session needs to be updated according to the update information.
When the update information is used to indicate that the user plane security policy of the first session is updated, in a possible design, the update information may include an identifier (session ID) of the first session, and may further include the new user plane security policy of the first session, an update indication, and other information. The update indication may be an identifier that may be used to identify whether the user plane security policy of the first session needs to be updated. Such as: the identifier may be a binary bit number of 0 or 1, where "0" indicates that the first session does not need to be updated and "1" indicates that the first session needs to be updated. For example, when the update information received by the first wireless access device includes session 1 and identifier "1", the first wireless access device may determine that the user plane security policy of session 1 needs to be updated according to the update information, and replace the user plane security policy of the old first session with the user plane security policy included in the update information. In this possible design, the update information may include other information that may be used to determine the user plane security policy for the first session, such as: other information may include, but is not limited to, a slice ID, a maximum supported data transfer rate supported by the terminal for integrity protection, a data rate expected by the DN network for the first session, etc.
In yet another possible design, the update information may include an identification of the first session (session ID), an update indication, and other information. As mentioned above, the update indication may be used to identify whether the user plane security policy of the first session needs to be updated, and other information included in the update information may be used to determine the user plane security policy of the first session, such as: other information may include, but is not limited to, a slice ID, a maximum supported data transfer rate supported by the terminal for integrity protection, a data rate expected by the DN network for the first session, etc. If the update information received by the first wireless access device includes the ID of the first session and the update indication, but does not include the user plane security policy of the new first session, and the update indication indicates that the user plane policy of the first session needs to be updated, the first wireless access device may determine the user plane security policy of the new first session according to the slice ID, the maximum supported data transmission rate supported by the terminal for integrity protection, the data rate expected by the DN network for the first session, the data rate that can be currently supported by the first wireless access device, the local configuration, the local policy, and the like.
In this example, the mobility management network element may determine whether the user plane security policy of the first session needs to be updated, and send update information to the first radio access device according to the determination result; or, the session management network element determines whether the user plane security policy of the first session needs to be updated, and sends update information to the mobility management network element according to the determination result, and the mobility management network element forwards the update information to the first wireless access device after receiving the update information; the session management network element may be a network element that establishes a first session for the terminal. For example, as shown in fig. 1, a session management network element 1 establishes a session 1 (terminal- > access network device 1- > user plane network element 1- > DN) for a terminal, after the session management network element establishes the session 1, it may determine whether a user plane security policy of a first session needs to be updated, send update information to a mobility management network element according to a determination result, and after receiving the update information, the mobility management network element forwards the received update information to the wireless access device 1.
In this example, the mobility management element or the session management element may determine whether the user plane security policy of the first session needs to be updated based on one or more of the following information: the method comprises the following steps of data flow condition counted by a network side, operator configuration or policy, DN expected or acceptable rate requirement, rate requirement of a unified data management network element, rate requirement of a policy control function, trigger of an application function, load state of first wireless access equipment, configuration condition of the first wireless access equipment, current supported transmission data rate of the first wireless access equipment, current supported user plane data transmission rate of a terminal, maximum supported user plane data transmission rate of the terminal and supported rate requirement of slicing.
It should be noted that, in this example, the first wireless access device needs to determine whether the user plane security policy of the first session needs to be updated by interacting with the session management network element, and therefore, in this example, the first wireless access device must be a device that directly interacts with the mobility management network element, that is, a primary wireless access device of the terminal. For example, the first radio access apparatus is the radio access apparatus 1 in fig. 1. In addition, in this example, the first wireless access device may also determine the user plane security policy of the updated first session according to the update information, wherein, if the user plane security policy of the first session issued by the session management network element to the first wireless access device is preferred, the first radio access equipment can self-judge whether the data protection needs to be opened or not by the information such as self configuration, namely, the user plane security policy of the first session is automatically determined to be required or not needed or activated or deactivated or the like, wherein, if the user plane security policy of the first session is activated, it indicates that the data transmitted in the first session can be encrypted and/or integrity protected, and if the user plane security policy of the first session and the user plane security policy are deactivated, it means that the data transmitted on the first session cannot be cryptographically and/or integrity protected.
In yet another example, the determining, by the first wireless access device, whether the user plane security policy of the first session needs to be updated may include: the first wireless access equipment determines whether to need to update the user plane security policy of the first session according to one or more of the current load state of the first wireless access equipment, the configuration condition of the first wireless access equipment, local configuration, self policy, slice information and the user plane data transmission rate currently supported by the first wireless access equipment.
The current load state of the first radio access device may include, but is not limited to, a state reached by whether the radio resource usage of the first radio access device has failed to satisfy the terminal access, the number of terminals connected to the first radio access device, and the like. The configuration status and local configuration of the first radio access device may refer to a special configuration of the user plane security policy in a specific area, such as no security is opened. The user plane data transmission rate currently supported by the first radio access equipment may be a downlink user plane data rate supporting the first radio access equipment to the terminal. The self-policy may be a decision based on the current state of the first radio access device, such as turning off integrity protection to enter a power saving state.
It should be noted that, in another example, the first radio access device may be another access device, such as radio access device 2 or radio access device 3 in fig. 1, without limitation.
For example, assume that session 1 established by the terminal is: the terminal- > the wireless access device 1- > the user plane network element 1- > DN, the current user plane security policy of the session 1 is required, and subsequently, as the number of terminals that are hung down by the wireless access device 1 increases, the load of the wireless access device 1 increases, which may cause the wireless access device 1 to fail to perform integrity protection on data transmitted on the session 1, at this time, the wireless access device 1 may determine to update the user plane security policy of the session 1, and the updated user plane security policy of the session 1 is not needed.
Step 302: the first wireless access equipment sends a first notification message to the terminal.
The first notification message may be used to notify the terminal that the user plane security policies of the first session and the second session are updated; alternatively, the first notification message may be used to notify the terminal that the user plane security policy of the first session is updated, or the first notification message may be used to notify the terminal that the user plane security policy of the second session is updated.
Taking the first notification message for notifying the terminal that the user plane security policy of the first session is updated as an example, the first notification message may include one or more of an ID of the first session, an updated user plane security policy of the first session, an ID of a DRB included in the first session, and indication information, where the indication information may be used to indicate that the user plane security policy of the first session is updated. For example, the first notification information may include an ID of the first session and an updated user plane security policy of the first session, or the first notification message may include the ID of the first session, the indication information, and the updated user plane security policy of the first session; or, the first notification message may include an ID of a DRB included in the first session and an updated user plane security policy of the first session; alternatively, the first notification message may include the ID of the DRB included in the first session, the indication information, and the updated user plane security policy of the first session, or the first notification message may include the ID of the first session, the IDs of all DRBs included in the first session, the indication information, and the updated user plane security policy of the first session, and so on, without limitation.
Illustratively, the first radio access device may transmit a Radio Resource Control (RRC) connection reconfiguration message (alternatively referred to as an RRC reconfiguration message) to the terminal. The RRC connection reconfiguration message may include, but is not limited to, the first notification message, and may also include other messages, without limitation.
Step 303: and the terminal receives the first notification message and updates the user plane security policy of the first session and the user plane security policy of the second session according to the first notification message.
And the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session.
In one example, the first notification message may include an ID of the first session, and the updated user plane security policy of the first session, and the updating, by the terminal, the user plane security policy of the first session and the user plane security policy of the second session according to the first notification message may include: the terminal acquires a user plane security policy of a first session before updating according to the ID of the first session, compares the user plane security policy of the first session before updating with the received user plane security policy of the first session, determines that the user plane security policy of the first session is updated if the user plane security policy of the first session before updating is different from the received user plane security policy of the first session, replaces the acquired user plane security policy of the first session before updating with the received user plane security policy of the first session, finds a second session which requires the same user plane security policy as the first session, and updates the user plane security policy of the second session to be the same as the user plane security policy of the first session. Such as: a second session for redundant data transfer with the first session may be found and the user plane security policy of the second session for redundant data transfer with the first session is updated to be the same as the user plane security policy of the first session.
In yet another example, the first notification message may include an ID of the first session, the indication information, and an updated user plane security policy of the first session, and the updating, by the terminal, the user plane security policy of the first session and the user plane security policy of the second session according to the first notification message may include: the terminal determines that the user plane security policy of the first session is updated according to the ID and the indication information of the first session, acquires the user plane security policy of the first session before updating, replaces the acquired user plane security policy of the first session with the user plane security policy of the first session included in the first notification message, acquires the user plane security policy of the second session before updating, and updates the acquired user plane security policy of the second session to be the same as the user plane security policy of the first session. Such as: a second session for redundant data transfer with the first session may be found and the user plane security policy of the second session for redundant data transfer with the first session is updated to be the same as the user plane security policy of the first session.
In yet another example, the first notification message may include the first session ID, IDs of all DRBs included in the first session, and an updated user plane security policy of the first session, and the updating, by the terminal, the user plane security policy of the first session and the user plane security policy of the second session according to the first notification message may include: the terminal acquires user plane security policies of all DRBs of a first session before updating according to the ID of the first session and the IDs of all DRBs included in the first session, replaces the acquired user plane security policies of all DRBs of the first session with the received user plane security policies of the first session, acquires the user plane security policies of all DRBs of a second session before updating, and updates the acquired user plane security policies of all DRBs of the second session to be the same as the user plane security policies of the first session. Such as: a second session for redundant data transfer with the first session may be found and the user plane security policies of all DRBs included in the second session for redundant data transfer with the first session are updated to be the same as the user plane security policies of the first session.
For example, assuming that the terminal acquires the user plane security policies of the current session 1 and session 2 as required, if the user plane security policy included in the first notification message sent by the first radio access device to the terminal is preferred, after receiving the first notification message, the terminal may update the user plane security policies of the session 1 and session 2 to: predicted.
Step 304: and the first wireless access equipment sends a second notification message to the second wireless access equipment.
Wherein the second wireless access device may be a wireless access device on the second session.
The second notification message may be used to notify the second wireless access device to update the user plane security policy of the second session, and the second notification message may include an ID of the second session and the updated user plane security policy of the second session.
Illustratively, the first wireless access device has a correspondence relationship among an ID of the first session, an ID of the session having the same user plane security policy as the first session, information of the wireless access device corresponding to the ID of the session having the same user plane security policy as the first session, and an ID of the session having the same user plane security policy as the first session (e.g., a session for redundant data transmission with the first session). When the user plane policy of the first session is updated, the first wireless access device may obtain information of the second wireless access device according to the correspondence, and send a second notification message to the second wireless access device according to the information of the second wireless access device. Wherein the information of the second wireless access device can be used to identify the second wireless access device, such as: the information of the second wireless access device may be, without limitation, an Internet Protocol (IP) address of the second wireless access device or a Media Access Control (MAC) address of the second wireless access device, a cell ID, and other identifiers (such as an Application Protocol Identity (APID) on an Xn port) that can be found to the second wireless access device.
For example, as shown in fig. 1, in a case where the system requires that the user plane security policy of session 1 (terminal- > radio access device 1- > user plane network element 1- > DN) and session 2 (terminal- > radio access device 2- > user plane network element 2- > DN) are the same, if the user plane security policy of session 1 is updated, radio access device 1 needs to send a notification message to radio access device 2 to notify radio access device 2 to update the user plane security policy of session 2, or notify radio access device 1 that the user plane security policy of session 1 is updated.
Step 305: and the second wireless access equipment receives the second notification message and updates the user plane security policy of the second session according to the second notification message.
In one example, the second notification message is used to notify the second wireless access device to update the user plane security policy of the second session, and the updating, by the second wireless access device, the user plane security policy of the second session according to the second notification message may include: and the second wireless access equipment acquires the user plane security policy of the second session according to the ID of the second session, and replaces the acquired user plane security policy of the second session with the user plane security policy included in the second notification message.
In the method shown in fig. 3, the terminal may establish an RRC connection with the second radio access device, or may not establish an RRC connection with the second radio access device, which is not limited.
In a possible design, when an RRC connection is established between the terminal and the second radio access device, the above step 304 and step 305 may not be performed, and the step 304 and step 305 may be replaced with the following steps: and after receiving the notification message sent by the terminal, the second wireless access equipment updates the user plane security policy of the second session according to the received notification message. In this way, instead of notifying the second wireless access device to update the user plane security policy of the second session through the first wireless access device, the second wireless access device may be notified to update the user plane security policy of the second session through the terminal.
In yet another possible design, when an RRC connection is established between the terminal and the second radio access device, in step 302, the first radio access device may send a first notification message to the terminal for notifying the terminal to update the user plane security policy of the first session, so that the terminal updates the user plane security policy of the first session only according to the first notification message sent by the first radio access device. After the second wireless access device performs step 305, the second wireless access device may send a third notification message to the terminal for notifying the terminal to update the user plane security policy of the second session, so that the terminal updates the user plane security policy of the second session according to the third notification message sent by the second wireless access device. The second radio access device may also carry the third notification message in an RRC connection reconfiguration message and send the RRC connection reconfiguration message to the terminal.
In another possible design, if the second radio access device supports only partial RRC signaling but does not establish a complete RRC connection with the terminal, the first radio access device may send a first notification message to the terminal for notifying the terminal to update the user plane security policy of the first session in step 302, so that the terminal updates the user plane security policy of the first session only according to the first notification message sent by the first radio access device. After the second radio access device executes step 305, the second radio access device may send, to the first radio access device, a third notification message for notifying the terminal to update the user plane security policy of the second session, where the third notification message may be a New Radio (NR) RRC message, and the first radio access device receives the third notification message and forwards the third notification message to the terminal, so that the terminal updates the user plane security policy of the second session according to the third notification message sent by the second radio access device; alternatively, the steps 304 and 305 may not be executed, and the steps 304 and 305 may be replaced by the following steps: the terminal sends a notification message for notifying the second wireless access equipment to update the user plane security policy of the second session to the first wireless access equipment, and the first wireless access equipment receives the notification message sent by the terminal and forwards the received notification message to the second wireless access equipment, so that the second wireless access equipment updates the user plane security policy of the second session according to the notification message forwarded by the first wireless access equipment. In this way, the second wireless access device can communicate with the terminal through the first wireless access device, and update the user plane security policy of the second session with the assistance of the first wireless access device.
It should be noted that, in the embodiment of the present application, the sending order of the first notification message and the second notification message is not limited, the first notification message and the second notification message may be sent successively according to the process shown in fig. 3, or step 304 to step 305 may be executed first, and then step 302 to step 303 may be executed, which is not limited. If the second radio access device determines or completes the update of the user plane security policy of the second session first, after the second radio access device completes the update of the user plane security policy of the second session, the second radio access device may send, to the first radio access device, an NR RRC message for notifying the terminal to update the user plane security policy of the second session, and the first radio access device receives the NR RRC message, forwards the NR RRC message to the terminal, so as to notify the terminal to update the user plane security policy of the second session.
Based on the method shown in fig. 3, when the first wireless access device determines that the user plane security policy of the first session needs to be updated, the first wireless access device sends a notification message to the terminal to notify the terminal to update the user plane security policies of the first session and the second session, and notifies the second wireless access device to update the user plane security policy of the second session, so that the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session, thereby ensuring that the user plane security policies of different sessions are the same, and avoiding the problem that the security of data transmission cannot be ensured due to the different user plane security policies of different sessions. Specifically, for two sessions performing redundant data transmission, it is more necessary to use the method shown in fig. 3 to ensure that the user plane security policies of the two sessions are the same.
In another embodiment, the method shown in fig. 3 may further update the user plane security policy of the first session and the user plane security policy of the second session through an RRC connection reestablishment procedure between the terminal and the first radio access device, so that the updated user plane security policy of the first session and the updated user plane security policy of the second session are updated, and the updated user plane security policy of the first session and the updated user plane security policy of the second session are updated. In the following, with reference to fig. 4, the scheme is described by taking an example that the terminal has already established a first session (terminal- > first radio access device- > user plane network element- > DN) and a second session (terminal- > first radio access device- > user plane network element- > DN), and a user plane security policy of the first session is the same as a user plane security policy of the second session.
Fig. 4 is a flowchart of another security protection method provided in an embodiment of the present application, and as shown in fig. 4, the method includes:
step 401: the terminal determines whether the user plane security policy of the first session needs to be updated; if the terminal determines that the user plane security policy of the first session needs to be updated, step 402-step 406 are executed.
In one example, the determining, by the terminal, whether the user plane security policy of the first session needs to be updated may include: the first wireless access equipment determines whether the user plane security policy of the first session needs to be updated or not, if the first wireless access equipment determines that the user plane security policy of the first session needs to be updated, the first wireless access equipment sends a first notification message to the terminal, the terminal receives the notification message, and the user plane security policy of the first session is determined to be updated according to the notification message.
In this example, the determination of whether the user plane security policy of the first session needs to be updated by the first radio access device is the same as that in step 301, and the description of the first notification message is the same as that of the first communication described in step 302, which is not described again.
In yet another example, the terminal itself may determine whether the user plane security policy of the first session needs to be updated. Such as: the terminal may determine whether the user plane security policy of the first session needs to be updated according to information such as a maximum data transmission rate supported by the terminal, a bandwidth currently available to the terminal, a data rate currently available to the terminal, a configuration of the terminal, a configuration or policy of an operator, and the like.
In another example, the terminal initiates a session establishment procedure for establishing the second session, and in the process of establishing the second session, if the terminal finds that the user plane security policy of the second session included in the session establishment response received by the terminal is different from the user plane security policy of the first session, the terminal determines that the user plane security policy of the first session needs to be updated, so that the updated user plane security policy of the first session is the same as the user plane security policy of the second session. The details of the session establishment procedure may refer to the prior art, and are not described again.
Step 402: the terminal sends an RRC connection reestablishment request to the first radio access equipment.
The RRC connection reestablishment request may be an RRC connection reestablishment request, an RRC reconfiguration, or a request message with another name, such as: it may also be named first request, etc., without limitation.
The RRC connection reestablishment request may be used to request the first radio access device to reallocate the user plane security policy of the first session to the terminal. The RRC connection reestablishment request may include an ID of the first session, a reason for reestablishment, an identifier of the terminal, and the like, where the reason for reestablishment may be a reason for RRC reconfiguration failure and the like.
Step 403: the first wireless access equipment receives an RRC connection reestablishment request sent by the terminal and sends an RRC connection reestablishment message to the terminal.
The RRC connection reestablishment message may be an RRC connection reestablishment, or may be a message with another name, which is not limited.
The RRC connection reestablishment message may include a first session user plane security policy newly allocated to the terminal by the first radio access device, and may further include a user plane security policy of a second session newly allocated to the terminal by the first radio access device. The user plane security policy of the reallocated first session is the same as the user plane security policy of the reallocated second session.
It should be noted that, because the first session may include (or correspond to) one or more DRBs, and the second session may include (or correspond to) one or more DRBs, the RRC connection reestablishment message may further include a user plane security policy of a DRB included in the first session that is newly allocated to the terminal by the first radio access device, and may also include a user plane security policy of a DRB included in the second session that is newly allocated to the terminal by the first radio access device; wherein, the user plane security policy of the DRB included in the first session is the same as the user plane security policy of the DRB included in the second session.
Step 404: and the terminal receives the RRC connection reestablishment message sent by the first wireless access equipment and sends an RRC connection reestablishment completion message to the first wireless access equipment.
The RRC connection reestablishment completion message may be an RRC connection reestablishment complete, an RRC reconfiguration complete, or a message with another name, such as: may be a response to the RRC connection reestablishment request, etc., without limitation.
The RRC connection reestablishment complete message may be used to instruct the terminal to complete the updating of the user plane security policy of the first session and the updating of the user plane security policy of the second session, where the updated user plane security policy of the first session is the same as the user plane security policy of the second session.
Step 405: and the first wireless access equipment sends the reconfigured user plane security policy of the second session to the second wireless access equipment.
Step 406: and the second wireless access equipment receives the reconfigured user plane security policy of the second session sent by the first wireless access equipment and updates the user plane security policy of the second session.
And the updated user plane security policy of the second session is the same as the updated user plane security policy of the first session. For example, the second wireless access device may use the user plane security policy sent by the first wireless access device as the user plane security policy for the second session.
In the method shown in fig. 4, the terminal may establish an RRC connection with the second radio access device, or may not establish an RRC connection with the second radio access device, which is not limited. When an RRC connection is established between the terminal and the second radio access device, in a possible design, in step 403, the first radio access device only sends the user plane security policy of the first session newly allocated to the terminal, and at the same time, the terminal sends an RRC connection reestablishment request for requesting the second radio access device to reallocate the user plane security policy of the second session to the terminal to the second radio access device through the RRC connection reestablishment procedure, and the second radio access device receives the RRC connection reestablishment request and sends the user plane security policy of the second session newly allocated to the terminal after step 406 is executed.
Based on the method shown in fig. 4, when the first radio access device determines that the user plane security policy of the first session needs to be updated, the first radio access device sends a notification message to the terminal to notify the terminal that the user plane security policy of the first session is updated, and triggers the terminal to initiate an RRC connection reestablishment procedure, and obtains the user plane security policy of the first session and the user plane security policy of the second session that are newly allocated to the terminal by the radio access device through the RRC reestablishment procedure, and at the same time, the first radio access device may send the reconfigured user plane security policy of the second session to the second radio access device, so that the second radio access device updates the user plane security policy of the second session, and the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session, and thus, it is possible to ensure that the user plane security policies of different sessions are the same, the problem that the security of data transmission cannot be ensured due to different user plane security strategies of different sessions is solved. Specifically, for two sessions performing redundant data transmission, it is more necessary to use the method shown in fig. 4 to ensure that the user plane security policies of the two sessions are the same.
In another embodiment, the method shown in fig. 4 may further delete an original session and establish a plurality of new sessions through the session reestablishment process, so that the user plane security policies of the newly established sessions are the same. In conjunction with fig. 5, the following takes the terminal to establish two sessions: session 1 and session 2, and the system requires the user plane security policy of session 1 to be the same as the user plane security policy of session 2.
Fig. 5 is a flowchart of another security protection method provided in an embodiment of the present application, and as shown in fig. 5, the method includes:
step 501: the terminal determines whether the user plane security policy of the session 1 needs to be updated; if the terminal determines that the user plane security policy of session 1 needs to be updated, it indicates that the user plane security policy of session 1 will not be consistent with the user plane security policy of session 2, and step 502-step 506 are executed.
The manner in which the terminal determines whether the user plane security policy of session 1 needs to be updated in step 501 may refer to the manner in which the terminal determines whether the user plane security policy of the first session needs to be updated in step 401, which is not described again.
Step 502: the terminal releases session 1 and session 2.
The terminal can obtain session 2 (for example, session for transmitting the same data as session 1) which is required by the system to have the same user plane security policy as session 1, and interact with the network element of the core network through the wireless access device to release session 1 and session 2. Specifically, the process of releasing the session may refer to the prior art, and is not described in detail.
Step 503: the terminal sends a PDU session establishment request (PDU session establishment request) to the mobility management network element.
Wherein the PDU session establishment request is for requesting establishment of the first session and/or the second session. It should be noted that the PDU session establishment request may be named by other names, which is not limited.
Step 504: the mobility management network element receives the PDU session establishment request and sends a session management context request to the session management network element.
The session management up-down request may be used to request the session management network element to establish the first session and/or the second session. The session management context request may be a PDU session _ create SM context request, and may have other names, which are not limited.
Step 505: and the session management network element receives the session management context request and determines the user plane security policy of the first session and/or the user plane security policy of the second session.
In step 505, in the process that the session management network element determines the user plane security policy of the first session and the user plane security policy of the second session, if the session management network element finds that the user plane security policy of the first session is different from the user plane security policy of the second session, the user plane security policies of the first session and the second session may be modified to be the same, that is, the session management network element may issue the same user plane security policy to the first session and the second session (specifically, two sessions of redundant transmission). Particularly, in the case that the first session and the second session are separately established, if the session management network element finds, when the second session is established, that the user plane security policy of the second session is different from the user plane security policy of the first session (particularly for two sessions performing redundant transmission) which needs to keep the same user plane security policy, the session management network element may actively modify the user plane security policy of the second session to be the same as the user plane security policy of the first session. Meanwhile, in addition to determining the user plane security policies of the first session and the second session, the session management network element may also select the user plane network element of the first session and the user plane network element of the second session and perform other actions, and specific details thereof may refer to the prior art and are not described again.
Step 506: the session management network element sends an N1N2 message to the mobility management network element.
The N1N2 message may be a message between the session management network element and the mobility management network element, the embodiment of the present application does not limit the naming of the N1N2 message, and the N1N2 message may also be named as a message with another name, for example, the N1N2 message may also be replaced with Nsmf _ pdusesion _ CreateSMContext Response, and the like, without limitation.
The N1N2 message may include the user plane security policy of the first session and/or the user plane security policy of the second session sent by the second wireless access device.
Step 507: and the mobility management network element receives the N1N2 message and sends a session request (session request) of the N2PDU to the first wireless access equipment.
Wherein the N2PDU session request may include a user plane security policy of the three sessions and/or a user plane security policy of the second session sent by the second radio access equipment. It should be noted that the N2PDU session request may also be an NAS message or a message with other names, which is not limited.
Step 508: the first wireless access equipment receives the N2PDU session request, stores the user plane security policies of the first session and the second session, and sends a PDU session establishment response to the terminal.
Wherein, the PDU session setup response may be used to indicate that the first session and the second session of the terminal have been successfully established, and the user plane security policies of the first session and the second session are required to be the same. Illustratively, the PDU session setup response may include the user plane security policy for the three sessions and/or the user plane security policy for the second session sent by the second wireless access device.
Step 510: and the terminal receives the PDU session establishment response and stores the user plane security policy of the first session and/or the user plane security policy of the second session.
Step 511: the first wireless access equipment sends a signaling message to the second wireless access equipment.
The signaling message sent by the first radio access device to the second radio access device may be an auxiliary base station add/modify Request (SN Addition/Modification Request) message. The signaling message may include a user plane security policy for the second session or the first session.
Step 512: and the second wireless access equipment receives the signaling message and stores the user plane security policy of the second session.
Alternatively, in the method shown in fig. 5, step 511 and step 512 may not be executed, but step 510 is executed by the terminal in a case that the terminal establishes an RRC interface with the second radio access device, and the user plane security policy of the second session is sent to the second radio access device through the RRC interface.
Alternatively, in the method shown in fig. 5, step 505 may not be performed, that is, the session management network element may not determine the user plane security policy of the first session and the user plane security policy of the second session, but the first wireless access device determines the user plane security policy of the first session and the user plane security policy of the second session after receiving the N2PDU session request in step 508. In the process that the first wireless access device determines the user plane security policy of the first session and the user plane security policy of the second session, if the first wireless access device finds that the user plane security policy of the first session is different from the user plane security policy of the second session, the user plane security policies of the first session and the second session may be modified to be the same. Particularly, in the case that the first session and the second session are separately established, if the first wireless access device finds that the user plane security policy of the second session is different from the user plane security policy of the first session that the first wireless access device needs to keep the same user plane security policy when the second session is established (particularly for two sessions performing redundant transmission), the first wireless access device may actively modify the user plane security policy of the second session to be the same as the user plane security policy of the first session.
Based on the method shown in fig. 5, when the terminal determines that the user plane security policy of the first session needs to be updated, the terminal releases the original session, requests the core network element to re-establish a new session, and keeps the user plane security of the new session consistent during the session establishment process, so that the user plane security policies of different sessions can be guaranteed to be the same, and the problem that the security of data transmission cannot be guaranteed due to the fact that the user plane security policies of different sessions are different is avoided. Specifically, for two sessions performing redundant data transmission, it is more necessary to adopt the method shown in fig. 5 to ensure that the user plane security policies of the two sessions are the same.
In another scheme, a session management network element may trigger a session modification procedure to update the user plane security policy of the first session and the user plane security policy of the second session, so that the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session. With reference to fig. 6, the following describes the scheme by taking an example that a terminal has already established a first session (terminal- > first radio access device- > user plane network element- > DN) and a second session (terminal- > first radio access device- > user plane network element- > DN), a user plane security policy of the first session is the same as a user plane security policy of the second session, and a session management network element that manages the first session and the second session is the same session management network element; when the session management network element that manages the first session and the second session is a different session management network element, the execution process thereof can be as shown in fig. 6.
Fig. 6 is a flowchart of another security protection method provided in an embodiment of the present application, and as shown in fig. 6, the method includes:
step 601: the session management network element determines whether the user plane security policy of the first session needs to be updated, and if the session management network element determines that the user plane security policy of the first session needs to be updated, steps 602 to 607 are executed.
The session management network element may be a session management network element that establishes the first session and the second session for the terminal in fig. 1.
In an example, the session management network element may determine whether the user plane security policy of the first session needs to be updated by using the manner that the session management network element determines whether the user plane security policy of the first session is updated in step 301, which is not described in detail herein.
In yet another example, the session management network element receives indication information sent by the first radio access device, where the indication information may be used to indicate whether the user plane security policy of the first session is updated, and if the indication information is used to indicate that the user plane security policy of the first session is updated, the session management network element determines that the user plane security policy of the first session needs to be updated. The indication information may include an ID of the first session, an updated user plane security policy of the first session, or other parameters that may indicate the session management network element to find the corresponding identifier of the first session. For example, if the first radio access device finds that it cannot start the user plane integrity protection of the first session, the first radio access device needs to notify the session management network element to update the user plane security policy of the first session, for example, deactivate the user plane integrity protection of the first session, and set the user plane integrity protection policy of the first session to "not requested" or "deactivated".
The first radio access device may determine that the user plane security policy of the first session needs to be updated in the manner described in step 301, generate indication information according to the determination result, and send the indication information to the session management network element.
In another example, in the process of establishing the second session, if the session management network element finds that the user plane security policy of the second session being established is different from the user plane security policy of the established first session, the session management network element determines that the user plane security policy of the first session needs to be updated, so that the updated user plane security policy of the first session is the same as the user plane security policy of the second session. The details of the session establishment procedure may refer to the prior art, and are not described again.
Step 602: the session management network element sends a first message to the mobility management network element.
The first message may be an interactive message between the session management network element and the mobility management network element, such as: the message may be an N1N2 message, an Nsmf _ pdusesion _ CreateSMContext Response, or a message with another name, and the like, without limitation.
The first message may be used to notify the user plane security policy of the first session and/or the second session that an update has occurred. Taking the first message for notifying that the user plane security policy of the first session is updated as an example, the first message may include an ID of the first session or other information that may indicate the mobility management element/the first radio access device to find the corresponding identifier of the first session and the user plane security policy of the updated first session, and may further include other information, which is not limited.
Step 603: and the mobility management network element forwards the first message to the first wireless access equipment.
Step 604: and the first wireless access equipment receives the first message, updates the user plane security policy of the first session and sends a first notification message to the terminal.
The first notification message may be an RRC connection configuration message, or a message with another name, which is not limited. Specifically, the description of the first notification message may refer to that in step 302, and is not described again.
Step 605: and the terminal receives the first notification message and updates the user plane security policy of the first session and the user plane security policy of the second session according to the first notification message.
And the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session. Specifically, step 605 may refer to the description of step 303, which is not described again.
Step 606: and the first wireless access equipment sends a second notification message to the second wireless access equipment.
The second notification message may be an auxiliary base station add/modify Request (SN Addition/Modification Request) message or other signaling messages transmitted between the first radio access device and the second radio access device, which is not limited. Specifically, the description of the second notification message may be described in step 304, such as: the second notification message may include a user plane security policy for the second session, and the second notification message may be used to notify the second wireless access device to update the user plane security policy for the second session.
Step 607: and the second wireless access equipment receives the second notification message and updates the user plane security policy of the second session, so that the updated user plane security policy of the second session is the same as the updated user plane security policy of the first session.
Alternatively, in the method shown in fig. 6, step 606 and step 607 may not be executed, but in a case that the terminal and the second radio access device establish an RRC interface, the terminal executes step 605, and sends the updated user plane security policy of the second session to the second radio access device through the RRC interface, and instructs the second radio access device to update the user plane security policy of the second session to be the same as the user plane security of the first session.
Alternatively, in the method shown in fig. 6, in the case that the second wireless access device is in communication connection with the session management network element, step 606 and step 607 may not be executed, and instead, the session management network element notifies the second wireless access device of the updated user plane policy of the second session through the mobility management network element, and instructs the second wireless access device to update the user plane security policy of the second session to be the same as the user plane security of the first session. Specifically, the process may include:
and the session management network element sends a second message to the mobility management network element, wherein the second message can be used for notifying that the user plane security policy of the second session is updated. The second message may include an ID of the second session and an updated user plane security policy of the second session; and the mobility management network element receives the second message, forwards the second message to the second wireless access equipment, and the second wireless access equipment receives the second message and updates the user plane security policy of the second session so that the updated user plane security policy of the second session is the same as the updated user plane security policy of the first session.
It should be noted that, the method shown in fig. 6 is only described by taking the session management network element as an example to manage the first session and the second session, and it is to be understood that, when the session management network element that manages the second session is another network element besides the session management network element, the sending, by the session management network element, the second message to the mobility management network element may include: and the session management network element sends the second message to other session management network elements, and the other session management network elements forward the second message to the mobility management network element.
Based on the method shown in fig. 6, when the session management network element determines that the user plane security policy of the first session needs to be updated, the session management network element initiates a session modification process to modify the user plane security policy of the first session and the user plane security policy of the second session, so that the modified user plane security policy of the first session is the same as the modified user plane security policy of the second session, thereby ensuring that the user plane security policies of different sessions are the same, and avoiding the problem that the security of data transmission cannot be ensured due to the different user plane security policies of different sessions. In particular, for two sessions performing redundant data transmission, it is more necessary to adopt the method shown in fig. 6 to ensure that the user plane security policies of the two sessions are the same.
Fig. 6 only describes the security protection method provided in the embodiment of the present application by taking the user plane security policy of the session modification flow triggered by the session management network element to modify the session as an example, and in another feasible scheme, the user plane security policy of the session may also be modified by the session modification flow triggered by the terminal. In the following, with reference to fig. 7, the terminal has already established a first session (terminal- > first radio access device- > user plane network element- > DN) and a second session (terminal- > first radio access device- > user plane network element- > DN), where a user plane security policy of the first session is the same as a user plane security policy of the second session, and a session management network element that manages the first session and the second session is the same session management network element, which is described in this embodiment.
Fig. 7 is a flowchart of another security protection method provided in an embodiment of the present application, and as shown in fig. 7, the method includes:
step 701: the terminal determines whether the user plane security policy of the first session needs to be updated; and if the terminal determines that the user plane security policy of the first session needs to be updated, the user plane security of the first session is inconsistent with the user plane security of the second session, and the steps 702 to 710 are executed.
Step 701 may refer to step 401, and is not described again.
Step 702: the terminal sends a first session modification request and a second session modification request.
The first Session modification request may be a first PDU Session modification request, and the first Session modification request may be used to request the Session management network element to modify a user plane security policy of the first Session. The second Session modification request may be a second PDU Session modification request, and the second Session modification request may be used to request the Session management network element to modify a user plane security policy of the second Session.
Illustratively, the terminal may send the first session modification request and the second session modification request to the mobility management network element via the first radio access device.
Step 703: and the mobility management network element receives the first session modification request and the second session modification request and sends the first session context updating request and the second session context updating request to the session management network element.
The first Session context update request may be Nsmf _ PDU Session _ UpdateSMContext, and the first Session context update request may be used to request the Session management network element to modify a user plane security policy of the first Session. The second Session context update request may be a second Nsmf PDU Session update smcontext, and the second Session context update request may be for requesting the Session management network element to modify a user plane security policy for the second Session.
Step 704: the session management network element receives the first session context updating request and the second session context updating request, and modifies the user plane security policy of the first session and the user plane security policy of the second session according to the first session context updating request and the second session context updating request, so that the modified user plane security policy of the first session is the same as the modified user plane security policy of the second session; and simultaneously, the session management network element sends a first session context modification response and a second session context modification response to the mobility management network element.
The first session context modification Response may include a modified user plane security policy of the first session, and the first session context modification Response may be a first Response of Nsmf _ pdusesion _ UpdateSMContext. The second session modification Response may be a second Response of Nsmf _ pdusesion _ update smcontext, and the second session modification Response may include a modified user plane security policy of the second session.
Step 705: the mobility management network element sends a first N2 message to the first radio access device.
The first N2 message may be a first N2Session Request, and the first N2 message may include a modified user plane security policy of the first Session.
Step 706: the first wireless access device receives the first N2 message, updates the user plane security policy for the first session, and sends a first session modification response to the terminal.
The first Session Modification response may be a first PDU Session Modification Command/Ack, and the first Session Modification response may include a modified user plane security policy of the first Session.
Step 707: and the terminal receives the first session modification response and updates the user plane security policy of the first session.
Step 708: the mobility management network element sends a second N2 message to the second radio access device.
The second N2 message may be a second N2Session Request, and the second N2 message may include a modified user plane security policy of the second Session.
Step 709: the second wireless access device receives the second N2 message, updates the user plane security policy for the second session, and sends a second session modification response to the terminal.
The second Session Modification response may be a second PDU Session Modification Command/Ack, and the second Session Modification response may include a modified user plane security policy of the second Session.
Step 710: and the terminal receives the second session modification response and updates the user plane security policy of the second session.
It should be noted that, the method shown in fig. 7 is only described by taking the session management network element as an example to manage the first session and the second session, and it can be understood that when the session management network element that manages the second session is another network element than the session management network element, such as: when the network element is managed for the second session, the second session modification request may be used to request the second session management network element to modify the user plane security policy of the second session. The terminal may send a second session modification request through the mobility management network element of the second radio access device, and the mobility management network element may forward the second session modification request to the second session management network element, and the second session management network element modifies the user plane security policy of the second session and sends a second session modification response to the mobility management network element.
Based on the method shown in fig. 7, when the terminal determines that the user plane security policy of the first session needs to be updated, the session modification process is triggered, and the session management network element is requested to modify the user plane security policy of the first session and the user plane security policy of the second session, so that the modified user plane security policy of the first session is the same as the updated user plane security policy of the second session, and thus, the user plane security policies of different sessions can be guaranteed to be the same, and the problem that the security of data transmission cannot be guaranteed due to the fact that the user plane security policies of different sessions are different is avoided. In particular, for two sessions performing redundant data transmission, it is more necessary to adopt the method shown in fig. 7 to ensure that the user plane security policies of the two sessions are the same.
Fig. 7 illustrates a method provided in this embodiment by taking, as an example, a user plane security policy that a session management network element respectively notifies a first radio access device and a second radio access device to update a session, alternatively, in a scheme, a terminal may request to modify only one session, for example: and modifying the first session or the second session, updating the user plane security policy of one session after the first wireless access equipment receives the session modification response of the session management network element, and informing other wireless access equipment by the first wireless access equipment to update the user plane security policy of the other session, so that the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session. With reference to fig. 8, the following describes the scheme by taking an example that a terminal has already established a first session (terminal- > first radio access device- > user plane network element- > DN) and a second session (terminal- > first radio access device- > user plane network element- > DN), a user plane security policy of the first session is the same as a user plane security policy of the second session, a session management network element that manages the first session and the second session is the same session management network element, and the terminal requests to modify the first session.
Fig. 8 is a flowchart of another security protection method provided in an embodiment of the present application, and as shown in fig. 8, the method includes:
step 801: the terminal determines whether the user plane security policy of the first session needs to be updated; if the terminal determines that the user plane security policy of the first session needs to be updated, it indicates that the user plane security policy of the first session is inconsistent with the user plane security policy of the second session, and step 802-step 809 are executed.
Step 801 may refer to step 401, and is not described again.
Step 802: the terminal sends a first session modification request.
The first Session modification request may be a first PDU Session modification request, and the first Session modification request may be used to request the Session management network element to modify a user plane security policy of the first Session.
Illustratively, the terminal may send a first session modification request to the mobility management network element via the first radio access device.
Step 803: the mobility management network element receives the first session modification request and sends a first session context update request to the session management network element.
The first Session context update request may be Nsmf _ PDU Session _ UpdateSMContext, and the first Session context update request may be used to request the Session management network element to modify a user plane security policy of the first Session.
Step 804: and the session management network element receives the first session context updating request, modifies the user plane security policy of the first session according to the first session context updating request and sends a first session context modification response to the mobility management network element.
The first session context modification Response may include a modified user plane security policy of the first session, and the first session context modification Response may be a first Response of Nsmf _ pdusesion _ UpdateSMContext.
Step 805: the mobility management network element sends a first N2 message to the first radio access device.
The first N2 message may be a first N2Session Request, and the first N2 message may include a modified user plane security policy of the first Session.
Step 806: the first wireless access device receives the first N2 message, updates the user plane security policy for the first session, and sends a first notification message to the terminal.
The first notification message may be an RRC connection configuration message or an RRC configuration message or a message with other names, such as: may be a first session modification response, etc., without limitation. Specifically, the description of the first notification message may refer to that in step 302, and is not described again.
Step 807: and the terminal receives the first notification message and updates the user plane security policies of the first session and the second session, so that the updated user plane security policies of the first session and the second session are the same.
Step 807 can be referred to as step 303, and is not described again.
Step 808: and the first wireless access equipment sends a second notification message to the second wireless access equipment.
The second notification message may be an auxiliary base station add/modify Request (SN Addition/Modification Request) message or other signaling messages transmitted between the first radio access device and the second radio access device, which is not limited. Specifically, the description of the second notification message may be described in step 304, such as: the second notification message may include a user plane security policy for the second session, and the second notification message may be used to notify the second wireless access device to update the user plane security policy for the second session.
Step 809: and the second wireless access equipment receives the second notification message and updates the user plane security policy of the second session according to the second notification message.
Step 809 can be described with reference to step 305, and is not described again.
It should be noted that, the specific implementation process and the alternative process of steps 806 to 809 can be described with reference to fig. 3, and are not described in detail again. In addition, similar to the method shown in fig. 8, the terminal may also request only to modify the user plane security policy of the second session, and when the session management network element modifies the user plane security policy of the second session and notifies the first wireless access device of the modified user plane security policy of the second session, the first wireless access device may update the user plane security policy of the first session, notify the terminal to update the user plane security policies of the first session and the second session, and notify the second wireless access device to update the user plane security policy of the second session, which is not limited.
Based on the method shown in fig. 8, when the terminal determines that the user plane security policy of the first session needs to be updated, the session modification process is triggered, the session management network element is requested to modify the user plane security policy of the first session, and the modified user plane security policy of the first session is sent to the first wireless access device, and after learning that the user plane security policy of the first session is updated, the first wireless access device notifies the second wireless access device to update the user plane security policy of the second session, so that the updated user plane security policy of the second session is the same as the updated user plane security policy of the first session, and thus, the user plane security policies of different sessions can be guaranteed to be the same, and the problem that the security of data transmission cannot be guaranteed due to the fact that the user plane security policies of different sessions are different is avoided. In particular, for two sessions performing redundant data transmission, it is more necessary to adopt the method shown in fig. 8 to ensure that the user plane security policies of the two sessions are the same.
In some embodiments, in the case that the user plane security policy of the first session and the user plane security policy of the second session are preferred, the first wireless access device and the second wireless access device can automatically judge whether the first session and the second session need to open data protection, i.e. whether integrity protection and/or ciphering protection of the first session is activated, in which case the problem of different user plane security policies that the two radio access devices finally decide, may easily arise, and in order to solve this problem, the first wireless access device can inform the second wireless access device of the determined result after judging whether the data protection is needed to be started by itself, and the second wireless access equipment updates the user plane security policy of the second session according to the determination result of the first wireless access equipment, so that the updated user plane security policy of the second session is the same as the updated user plane security policy of the first session. In the following, with reference to fig. 9, a first session (terminal- > first radio access device- > user plane network element- > DN) and a second session (terminal- > first radio access device- > user plane network element- > DN) are already established by the terminal, and a user plane security policy of the first session is the same as a user plane security policy of the second session, for example, refer to preferred.
Fig. 9 is a further security protection method provided in an embodiment of the present application, and as shown in fig. 9, the method may include:
step 901: the first wireless access device sends a secondary base station addition/modification request to the second wireless access device.
The secondary base station add/modify Request may be an SN Addition/Modification Request, and the secondary base station add/modify Request may include a user plane security policy of the second session configured by the session management network element, such as: the user plane security policy of the second session may be preferred; the user plane security policy of the first session, which may also include the final decision of the first radio access device, is not limited.
For example, the determining, by the first wireless access device, the user plane security policy of the first session may include: if the user plane security policy of the first session issued by the session management network element to the first wireless access device is preferred, the first wireless access device may self-determine whether to start data protection or not by using information such as self-configuration, that is, self-determine whether the user plane security policy of the first session is required or not, or activated (activated) or deactivated (deactivated), and the like.
The first session management network element may send the user plane security policy "referred" of the first session to the first wireless access device in the process of establishing the first session for the terminal.
Step 902: and the second wireless access equipment receives the secondary base station adding/modifying request and determines the user plane security policy of the second session according to the secondary base station adding/modifying request.
For example, the second radio access device may determine the user plane security policy of the second session by itself according to the user plane security policy of the second session configured by the session management network element, or may directly determine the user plane security policy of the second session to be the same as the user plane security policy of the first session when the secondary base station addition/modification request includes the user plane security policy of the first session finally decided by the first radio access device.
Step 903: the second radio access equipment transmits a secondary base station addition/modification response to the first radio access equipment.
The secondary base station add/modify response may include a user plane security policy of the second session determined by the second radio access device, and the secondary base station add/modify response may be an SN Addition/Modification Request acknowledgement.
Step 904: the first radio access equipment receives the secondary base station adding/modifying response, if the user plane security policy of the second session included in the secondary base station adding/modifying response is different from the user plane security policy of the first session finally decided by the first radio access equipment, the first radio access equipment updates the user plane security policies of the first session and the second session to be the same, and executes step 905 to step 908.
The updating, by the first radio access device, the user plane security policies of the first session and the second session to be the same may include: the first radio access equipment updates the user plane security policy of the first session decided by the first radio access equipment to the user plane security policy of the second session included in the secondary base station adding/modifying response, or updates the user plane security policy of the second session included in the secondary base station adding/modifying response to be the same as the user plane security policy of the first session finally decided by the first radio access equipment, which is not limited.
For example, if the first wireless access device decides to turn on/activate integrity protection for the first session, but the second wireless access device decides to turn off or deactivate integrity protection for the second session, the first wireless access device may turn off or deactivate the user plane security policy for the first session; alternatively, if the first wireless access device decides to turn off integrity protection for the first session, but the second wireless access device decides to turn on/activate integrity protection for the second session, the first wireless access device may turn on/activate user plane security policy for the first session.
Step 905: and the first wireless access equipment sends an RRC connection reconfiguration message to the terminal.
The RRC connection configuration message may include the updated first session and/or the updated user plane security policy, and the RRC connection reconfiguration message may be: RRC Connection Reconfiguration (SN Counter, Selected algorithms).
Step 906: and the terminal receives the RRC connection reconfiguration message, reconfigures the user plane security policies of the first session and the second session according to the RRC connection reconfiguration message, and sends an RRC connection reconfiguration completion message to the first wireless access equipment.
The RRC Connection Reconfiguration Complete message may be an RRC Connection Reconfiguration Complete, and the RRC Connection Reconfiguration Complete message may be used to indicate that the user plane security policies of the first session and the second session are configured completely.
Step 907: and the first wireless access equipment sends the auxiliary base station configuration message to the second wireless access equipment.
The secondary base station configuration message may include the updated user plane security policy of the second session, and the secondary base station configuration message may be SN Reconfiguration.
Step 908: and the second wireless access equipment receives the configuration message of the auxiliary base station, updates the user plane security policy of the second session decided by the auxiliary base station, and enables the updated user plane security policy of the second session to be the same as the user plane security policy of the first session.
Further, if the second radio access device fails to reconfigure the user plane security policy of the second session, a failure notification is returned to the first radio access device to notify the first radio access device that the user plane security policy of the second session is reconfigured to fail. The failure notification may be an SN Reconfiguration Complete.
Based on the method shown in fig. 9, it can be ensured that the user plane security policies of different sessions finally decided are the same under the condition that the user plane security policy of the session is preferred, and the problem that the security of data transmission cannot be ensured due to the different user plane security policies of different sessions is avoided. In particular, for two sessions performing redundant data transmission, it is more necessary to adopt the method shown in fig. 9 to ensure that the user plane security policies of the two sessions are the same.
In some embodiments, after any of the methods shown in fig. 3 to 9 is executed, if the user plane security policy of the first session is required, but the first radio access device determines that it does not support security protection for data transmitted in the first session, the first radio access device may report an error indication to the mobility management network element; the error indication may be used to indicate that the first radio access device does not support security protection for data transmitted in the first session; specifically, if it is possible that the first radio access device cannot start integrity protection and/or ciphering protection due to the influence of the available data rate, it needs to send a reason for rejecting allocation of the user plane resource for the first session to the session management network element, and the first radio access device rejects establishment of the user plane resource for the first session. After receiving the error indication, the mobility management network element forwards the error indication to the session management network element that establishes the first session, and after receiving the error indication, the session management network element releases the first session, for example: the session management network element may delete the network resource allocated to the first session, and disconnect the connection between the wireless access device and the user plane network element in the first session, etc.; for example, the PDU session release request (PDU session release request) message is used for embodying, where the PDU release request may be triggered by the terminal or by the session management network element, and is not limited.
Meanwhile, the first radio access device sends a resource release notification related to the session to the terminal, where the session release request may include a session release request, such as a PDU session release command; the terminal receives the session release request sent by the first wireless access device, and releases the first session and the second session according to the session release request. Such as: the terminal may delete its allocated bearer resources for the first and second sessions, and so on.
The first wireless access device may determine that it does not support security protection for data transmitted in the first session according to its load condition, its current data transmission rate, and the like.
It should be noted that, if the session management network element that establishes the first session also establishes the second session, when the session management network element releases the first session, the session management network element may also release the second session, for example: deleting the network resource allocated to the second session, and disconnecting the connection between the radio access equipment and the user plane network element in the second session. And after the session management network element releases the first session and the second session, the session management network element may also establish a new session for the terminal, so that the terminal transmits data on the new session.
In some embodiments, in any of the methods illustrated in fig. 3-9, there may also be one of: the first wireless access device needs to change the user plane security policy of the first session to be different from the user plane security policy of the second session or cannot update the user plane security policy of the first session to be the same as the user plane security policy of the second session due to self-requirements and the like, so that the user plane security policies of the first session and the second session cannot be kept consistent. In this case, in order to ensure the security and reliability of data transmission, the first wireless access device may reply to the second wireless access device with an update failure message to indicate that the user plane security policy of the first session and the user plane security policy of the second session are different. Further optionally, the first radio access device may further notify the session management network element that the update of the user plane security policy of the first session fails, where the user plane security policies of the first session and the second session are different, so that the session management network element may take corresponding remedial measures, for example: modify the first session and the second session, or release the first session and the second session, establish a new session, and so on.
For example, in the method shown in fig. 9, if the first radio access device decides to turn on/activate integrity protection for the first session, the second radio access device decides to turn off or deactivate integrity protection for the second session, but the first wireless access equipment judges not to close or deactivate the user plane security policy of the first session in consideration of the reason that the security level is lowered due to the integrity protection of the first session being closed/deactivated, which may lead to different user plane security policies for the first session and the second session of the final decision, and the user plane security policies for the first session and the second session may not be consistent, and at this time, the first radio access device may reply to the second radio access device with an update failure message and notify the session management network element that the user plane security policy of the first session is failed to be updated, and the user plane security policies of the first session and the second session are different, and so on.
The above-mentioned scheme provided by the embodiment of the present application is introduced mainly from the perspective of interaction between network elements. It is to be understood that the terminal and user plane network elements described above contain corresponding hardware structures and/or software modules for performing the respective functions in order to implement the functions described above. Those of skill in the art would readily appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as hardware or combinations of hardware and computer software. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiment of the present application, the terminal and the user plane network element may be divided into functional modules according to the above method example, for example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. It should be noted that, in the embodiment of the present application, the division of the module is schematic, and is only one logic function division, and there may be another division manner in actual implementation.
Fig. 10 shows a block diagram of a communication device 100, the communication device 100 may be a terminal or a chip in the terminal or a system on a chip, and the communication device 100 may be used to execute the functions of the terminal involved in the above embodiments. As one implementation manner, the communication apparatus 100 shown in fig. 10 includes: receiving section 1001, updating section 1002;
a receiving unit 1001, configured to receive a first notification message sent by a first radio access device; wherein the first notification message is used to notify the communication device 100 that the user plane security policies of the first session and the second session are updated; for example, the receiving unit 1001 may support the communication device 100 to perform step 303.
An updating unit 1002, configured to update the user plane security policy of the first session and the user plane security policy of the second session according to the first notification message received by the receiving unit 1001; and the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session. For example, the updating unit 1002 may be configured to support the communication device 100 to perform step 303.
Further, as shown in fig. 10, the communication device 100 may further include a releasing unit 1003;
a receiving unit 1001, configured to receive a session release request sent by a first radio access device; wherein the session release request is for requesting the communication apparatus 100 to release the first session and the second session;
a releasing unit 1003, configured to release the first session and the second session according to the session release request.
It should be noted that all relevant contents of each step related to the above method embodiment may be referred to the functional description of the corresponding functional module, and are not described herein again. The communication device 100 according to the embodiment of the present application is configured to perform the function of the communication device 100 in the above-mentioned security protection method, so that the same effect as that of the above-mentioned security protection method can be achieved.
As still another implementation, the communication apparatus 100 shown in fig. 10 may include: a processing module and a communication module. The updating unit 1002 and the releasing unit 1003 may be integrated in a processing module, and the receiving unit 1001 may be integrated in a communication module. The processing module is used to control and manage the actions of the communication device 100, e.g., the processing module is used to support the communication device 100 to perform step 303, release the actions of the first session and the second session, and perform other processes of the techniques described herein. The communication module is used to support the communication apparatus 100 to perform the action of receiving the first notification message in step 303 and communicate with other network entities, for example, the communication with the functional module or the network entity shown in fig. 1. Further, the communication device 100 may also include a storage module for storing program codes and data of the communication device 100.
The processing module may be a processor or a controller. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. A processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, a DSP and a microprocessor, or the like. The communication module may be a transceiver circuit or a communication interface, etc. The storage module may be a memory. When the processing module is a processor, the communication module is a communication interface, and the storage module is a memory, the communication device 100 shown in fig. 10 may be the communication device 200 shown in fig. 2.
Fig. 11 shows a block diagram of a communication apparatus 110, where the communication apparatus 110 may be a first radio access device or a chip or a system on chip in the first radio access device. The communication device 110 may be used to perform the functions of the terminal referred to in the above embodiments. As one implementation manner, the communication device 110 shown in fig. 11 includes: determining section 1101 and transmitting section 1102.
A determining unit 1101, configured to determine whether a user plane security policy of the first session needs to be updated; for example, the determining unit 1101 may be used to support the communication device 110 to perform step 301.
A sending unit 1102, configured to send a first notification message to the terminal when the determining unit 1101 determines that the user plane security policy of the first session needs to be updated; the first notification message is used for notifying the terminal that the user plane security policies of the first session and the second session are updated; and sending a second notification message to the second wireless access device; wherein the second notification message is used to notify the second wireless access device to update the user plane security policy of the second session. For example, the sending unit 1102 may be configured to enable the communication device 110 to perform step 302.
Further, as shown in fig. 11, the communication device 110 may further include: a receiving unit 1103;
a receiving unit 1103 configured to receive update information;
the determining unit 1101 is specifically configured to, when the update information is used to indicate that the user plane security policy of the first session is updated, determine, according to the update information, the user plane security policy of the first session that needs to be updated.
It should be noted that all relevant contents of each step related to the above method embodiment may be referred to the functional description of the corresponding functional module, and are not described herein again. The communication device 110 provided in the embodiment of the present application is configured to execute the function of the communication device 110 in the above-mentioned security protection method, so that the same effect as that of the above-mentioned security protection method can be achieved.
As yet another implementation, the communication device 110 shown in fig. 11 may include: a processing module and a communication module. The processing module is integrated with a determination unit 1101; the communication module is integrated with a receiving unit 1103 and a transmitting unit 1102. The processing module is used to control and manage the actions of the communication device 110, for example, the processing module is used to support the communication device 110 to perform step 301 and other processes for performing the techniques described herein. The communication module is used to support the communication device 110 to perform step 302 and communicate with other network entities, such as the functional modules or network entities shown in fig. 1. Further, the communication device 110 may also include a storage module for storing program codes and data of the communication device 110.
The processing module may be a processor or a controller. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. A processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, a DSP and a microprocessor, or the like. The communication module may be a transceiver circuit or a communication interface, etc. The storage module may be a memory. When the processing module is a processor, the communication module is a communication interface, and the storage module is a memory, the communication device 110 shown in fig. 11 may be the communication device 200 shown in fig. 2.
Fig. 12 shows a structure diagram of a communication apparatus 120, where the communication apparatus 120 may be a session management network element/mobility management network element, or a chip or a system on chip in the session management network element/mobility management network element, and the communication apparatus 120 may be configured to perform the functions of the session management network element/mobility management network element in the foregoing embodiments. As one implementation manner, the communication device 120 shown in fig. 12 includes: determining unit 1201 and transmitting unit 1202.
A determining unit 1201, configured to determine whether a user plane security policy of the first session needs to be updated;
a sending unit 1202, configured to send update information; wherein the update information is used for indicating that the user plane security policy of the first session and/or the second session is updated.
It should be noted that all relevant contents of each step related to the above method embodiment may be referred to the functional description of the corresponding functional module, and are not described herein again. The communication device 120 provided in the embodiment of the present application is configured to execute the function of the communication device 120 in the above-mentioned security protection method, so that the same effect as that of the above-mentioned security protection method can be achieved.
As yet another implementation, the communication device 120 shown in fig. 12 may include: a processing module and a communication module. The processing module is integrated with a determination unit 1201; the communication module is integrated with a transmission unit 1202. The processing module is used to control and manage the actions of the communication device 120, e.g., the processing module is used to support the communication device 120 in determining whether the user plane security policy of the first session needs to be updated and other processes to perform the techniques described herein. The communication module is used to support the communication device 120 to perform the process of sending the update information and communicate with other network entities, such as the functional modules or the network entities shown in fig. 1. Further, the communication device 120 may also include a storage module for storing program codes and data of the communication device 120.
The processing module may be a processor or a controller. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. A processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, a DSP and a microprocessor, or the like. The communication module may be a transceiver circuit or a communication interface, etc. The storage module may be a memory. When the processing module is a processor, the communication module is a communication interface, and the storage module is a memory, the communication device 120 shown in fig. 12 may be the communication device 200 shown in fig. 2.
Fig. 13 shows a schematic composition diagram of a security protection system 13, as shown in fig. 13, the security protection system may include a terminal 130, a radio access device 131, a radio access device 132, a session management network element 133, a mobility management network element 134, and may further include a user plane network element and a DN; a first session may be established between the terminal 130, the radio access device 131 and the user plane network element, and a second session may be established between the terminal 130, the radio access device 132 and the user plane network element. It should be noted that fig. 13 is only an exemplary diagram, and the embodiment of the present application does not limit the network elements included in the system shown in fig. 13 and the number of the network elements.
Among other things, the wireless access device 131, having the functionality of the communication apparatus 110 shown in fig. 11, may be configured to determine whether to update the user plane security policy of the first session, and if it is determined to update the user plane security policy of the first session, send a first notification message to the terminal 130, notifying the terminal 130 to update the user plane security policies of the first session and the second session, and send a second notification message to the wireless access device 132, notifying the second wireless access device to update the user plane security policy of the second session.
The terminal 130 has the functions of the communication apparatus 100 shown in fig. 10, and may be configured to receive the first notification message, update the user plane security policies of the first session and the second session, and make the updated user plane security policy of the first session and the updated user plane security policy of the second session the same.
Wireless access device 132 may be configured to receive the second notification message and update the user plane security policy for the second session based on the second notification message.
For example, determining whether to update the user plane security policy for the first session by wireless access device 131 may include: the session management network element 133 or the mobility management network element 134 determines whether to update the user plane security policy of the first session, and if so, sends update information to the wireless access device 131, so that the wireless access device 131 determines whether to update the user plane security policy of the first session according to the update information.
It should be noted that all relevant contents of each step related to the above method embodiment may be referred to the functional description of the network element corresponding to the security protection system, and are not described herein again.
Based on the security protection system shown in fig. 13, in a case that the wireless access device 131 determines that the user plane security policy of the first session needs to be updated, the wireless access device 131 sends a notification message to the terminal 130 to notify the terminal 130 to update the user plane security policies of the first session and the second session, and the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session, so that the user plane security policies of different sessions can be guaranteed to be the same, and a problem that the security of data transmission cannot be guaranteed due to different user plane security policies of different sessions is avoided.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented using a software program, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. The procedures or functions described in accordance with the embodiments of the present application are all or partially generated upon loading and execution of computer program instructions on a computer. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored on a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website, computer, server, or data center to another website, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or can comprise one or more data storage devices, such as a server, a data center, etc., that can be integrated with the medium. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
While the present application has been described in connection with various embodiments, other variations to the disclosed embodiments can be understood and effected by those skilled in the art in practicing the claimed application, from a review of the drawings, the disclosure, and the appended claims. In the claims, the word "comprising" does not exclude other elements or steps, and the word "a" or "an" does not exclude a plurality. In the claims and in the description, "a and/or B" may denote three cases: a, or B, or A and B, without limitation. Furthermore, a single processor or other unit may fulfill the functions of several items recited in the claims. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.
Although the present application has been described in conjunction with specific features and embodiments thereof, it will be evident that various modifications and combinations can be made thereto without departing from the spirit and scope of the application. Accordingly, the specification and figures are merely exemplary of the present application as defined in the appended claims and are intended to cover any and all modifications, variations, combinations, or equivalents within the scope of the present application. It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.

Claims (20)

1. A method of security protection, the method comprising:
a terminal receives a first notification message sent by first wireless access equipment; the first notification message is used for notifying the terminal that the user plane security policies of the first session and the second session are updated;
the terminal updates the user plane security policy of the first session and the user plane security policy of the second session according to the first notification message; and the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session.
2. The method of claim 1, wherein the receiving, by the terminal, the first notification message sent by the first radio access device comprises:
the terminal receives a Radio Resource Control (RRC) connection reconfiguration message sent by the first radio access equipment; wherein the RRC connection reconfiguration message comprises the first notification message.
3. The method according to claim 1 or 2, characterized in that the method further comprises:
the terminal receives a session release request sent by the first wireless access equipment; wherein the session release request is used for requesting the terminal to release the first session and the second session;
and the terminal releases the first session and the second session according to the session release request.
4. A method of security protection, the method comprising:
the first wireless access equipment determines whether the user plane security policy of the first session needs to be updated;
when the first wireless access equipment determines that the user plane security policy of the first session needs to be updated, the first wireless access equipment sends a first notification message to a terminal; the first notification message is used for notifying the terminal that the user plane security policies of the first session and the second session are updated; and the number of the first and second groups,
the first wireless access equipment sends a second notification message to second wireless access equipment; wherein the second notification message is used to notify the second wireless access device to update the user plane security policy of the second session.
5. The method of claim 4, wherein the determining, by the first radio access device, whether the user plane security policy of the first session needs to be updated comprises:
the first wireless access equipment receives updating information;
and when the updating information is used for indicating that the user plane security policy of the first session is updated, the first wireless access equipment determines the user plane security policy of the first session to be updated according to the updating information.
6. The method of claim 4, wherein the determining, by the first radio access device, whether the user plane security policy of the first session needs to be updated comprises:
the first wireless access equipment determines whether the user plane security policy of the first session needs to be updated according to one or more information of the load state of the first wireless access equipment, the configuration condition of the first wireless access equipment and the currently supported transmission data rate of the first wireless access equipment.
7. The method according to any of claims 4-6, wherein the first radio access equipment sends a first notification message to the terminal, comprising:
the first wireless access equipment sends a Radio Resource Control (RRC) connection reconfiguration message to the terminal; wherein the RRC connection reconfiguration message comprises the first notification message.
8. The method according to any one of claims 4-7, further comprising:
the first wireless access equipment determines that the first wireless access equipment does not support the safety protection of the data transmitted on the first session;
the first wireless access equipment reports an error indication; wherein the error indication indicates that the first wireless access device does not support security protection for data transmitted on the first session; and the number of the first and second groups,
the first wireless access equipment sends a session release request to the terminal; wherein the session release request is used for requesting the terminal to release the first session and the second session.
9. A method of security protection, the method comprising:
the first network element determines whether the user plane security policy of the first session needs to be updated;
the first network element sends update information; wherein the update information is used for indicating that the user plane security policy of the first session and/or the second session is updated.
10. The method of claim 9, wherein the determining, by the first network element, whether the user plane security policy of the first session needs to be updated comprises:
the first network element determines whether to update the user plane security policy of the first session according to any one or more of the following information: the method comprises the steps of load of a network side, operator configuration, rate requirement of a data network, rate requirement of a unified data management network element, rate requirement of a policy control function, triggering of an application function, load state of first wireless access equipment and configuration condition of the first wireless access equipment.
11. A communication apparatus, characterized in that the communication apparatus comprises:
a receiving unit, configured to receive a first notification message sent by a first radio access device; wherein the first notification message is used for notifying the communication device that the user plane security policies of the first session and the second session are updated;
an updating unit, configured to update the user plane security policy of the first session and the user plane security policy of the second session according to the first notification message received by the receiving unit; and the updated user plane security policy of the first session is the same as the updated user plane security policy of the second session.
12. The communications apparatus according to claim 11, wherein the receiving unit is specifically configured to:
receiving a Radio Resource Control (RRC) connection reconfiguration message sent by the first radio access equipment; wherein the RRC connection reconfiguration message comprises the first notification message.
13. The communication device according to claim 11 or 12,
the receiving unit is further configured to receive a session release request sent by the first radio access device; wherein the session release request is for requesting the communication device to release the first session and the second session;
the communication apparatus further includes:
and the releasing unit is used for releasing the first session and the second session according to the session releasing request.
14. A communication apparatus, characterized in that the communication apparatus comprises:
a determining unit, configured to determine whether a user plane security policy of the first session needs to be updated;
a sending unit, configured to send a first notification message to a terminal when the determining unit determines that the user plane security policy of the first session needs to be updated; the first notification message is used for notifying the terminal that the user plane security policies of the first session and the second session are updated; and the number of the first and second groups,
sending a second notification message to the second wireless access device; wherein the second notification message is used to notify the second wireless access device to update the user plane security policy of the second session.
15. The communications device of claim 14, further comprising:
a receiving unit for receiving the update information;
the determining unit is specifically configured to determine, according to the update information, a user plane security policy that needs to be updated for the first session when the update information is used to indicate that the user plane security policy of the first session is updated.
16. The communications apparatus according to claim 14, wherein the determining unit is specifically configured to:
and determining whether the user plane security policy of the first session needs to be updated according to one or more information of the load state of the communication device, the configuration condition of the communication device and the transmission data rate currently supported by the communication device.
17. The communication device according to any of claims 14 to 16, wherein the sending unit is specifically configured to: sending a Radio Resource Control (RRC) connection reconfiguration message to the terminal; wherein the RRC connection reconfiguration message comprises the first notification message.
18. The communication device according to any one of claims 14 to 17,
the determining unit is further configured to determine that the determining unit does not support security protection for data transmitted in the first session;
the sending unit is also used for reporting an error indication; wherein the error indication indicates that the communication device does not support securing data transmitted on the first session; and the number of the first and second groups,
sending a session release request to the terminal; wherein the session release request is used for requesting the terminal to release the first session and the second session.
19. A communication apparatus, characterized in that the communication apparatus comprises:
a determining unit, configured to determine whether a user plane security policy of the first session needs to be updated;
a transmitting unit for transmitting the update information; wherein the update information is used for indicating that the user plane security policy of the first session and/or the second session is updated.
20. The communications device according to claim 19, wherein the determining unit is specifically configured to:
determining whether to update the user plane security policy for the first session based on any one or more of: the method comprises the steps of load of a network side, operator configuration, rate requirement of a data network, rate requirement of unified data management, rate requirement of a policy control function, triggering of an application function, load state of first wireless access equipment and configuration condition of the first wireless access equipment.
CN201910157638.9A 2019-03-01 2019-03-01 Safety protection method and device Active CN111641582B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201910157638.9A CN111641582B (en) 2019-03-01 2019-03-01 Safety protection method and device
PCT/CN2020/077250 WO2020177632A1 (en) 2019-03-01 2020-02-28 Security protection method and apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910157638.9A CN111641582B (en) 2019-03-01 2019-03-01 Safety protection method and device

Publications (2)

Publication Number Publication Date
CN111641582A CN111641582A (en) 2020-09-08
CN111641582B true CN111641582B (en) 2021-11-09

Family

ID=72330444

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910157638.9A Active CN111641582B (en) 2019-03-01 2019-03-01 Safety protection method and device

Country Status (2)

Country Link
CN (1) CN111641582B (en)
WO (1) WO2020177632A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111770498B (en) * 2019-04-01 2022-01-14 华为技术有限公司 Method for determining security protection mode, access network equipment and terminal
CN114915431A (en) * 2021-01-29 2022-08-16 中移(苏州)软件技术有限公司 State detection method, node, system and storage medium
CN115348685A (en) * 2021-05-12 2022-11-15 华为技术有限公司 Communication method and device
CN115885572A (en) * 2021-07-28 2023-03-31 北京小米移动软件有限公司 Communication method, device, user equipment, base station, core network equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103959829A (en) * 2013-11-01 2014-07-30 华为技术有限公司 Key processing method and device in double-connection mode
US9473534B2 (en) * 2014-06-02 2016-10-18 Blackberry Limited System and method for switching between messaging security policies
CN108293183A (en) * 2015-11-18 2018-07-17 上海诺基亚贝尔股份有限公司 Switching between E-UTRAN and WLAN
CN108347410A (en) * 2017-01-24 2018-07-31 华为技术有限公司 Safety implementation method, equipment and system
CN108632928A (en) * 2017-03-24 2018-10-09 华为技术有限公司 A kind of method and device of switching core net
CN109362108A (en) * 2017-09-30 2019-02-19 华为技术有限公司 A kind of methods, devices and systems of safeguard protection

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103888936B (en) * 2012-12-21 2018-09-21 华为技术有限公司 Cell optimization method and device
WO2018000867A1 (en) * 2016-07-01 2018-01-04 华为技术有限公司 Method and apparatus for configuring key and determining security policy
EP4132103A1 (en) * 2017-08-10 2023-02-08 IPLA Holdings Inc. Connected mode mobility in new radio
US10681072B2 (en) * 2017-08-31 2020-06-09 Blackberry Limited Method and system for user plane traffic characteristics and network security

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103959829A (en) * 2013-11-01 2014-07-30 华为技术有限公司 Key processing method and device in double-connection mode
US9473534B2 (en) * 2014-06-02 2016-10-18 Blackberry Limited System and method for switching between messaging security policies
CN108293183A (en) * 2015-11-18 2018-07-17 上海诺基亚贝尔股份有限公司 Switching between E-UTRAN and WLAN
CN108347410A (en) * 2017-01-24 2018-07-31 华为技术有限公司 Safety implementation method, equipment and system
CN108632928A (en) * 2017-03-24 2018-10-09 华为技术有限公司 A kind of method and device of switching core net
CN109362108A (en) * 2017-09-30 2019-02-19 华为技术有限公司 A kind of methods, devices and systems of safeguard protection

Also Published As

Publication number Publication date
CN111641582A (en) 2020-09-08
WO2020177632A1 (en) 2020-09-10

Similar Documents

Publication Publication Date Title
US11272360B2 (en) Communication method and related apparatus
US20230056728A1 (en) Communications Method and Apparatus
JP7187580B2 (en) Method, apparatus and system for session management
CN111641582B (en) Safety protection method and device
KR102221747B1 (en) Switching method and device
KR102066188B1 (en) How to establish a roaming connection
CN110912854B (en) Safety protection method, equipment and system
CN110049070B (en) Event notification method and related equipment
US20220060935A1 (en) Communications Method and Apparatus
KR20200004397A (en) FOSS control method and device
CN111107664B (en) Resource management method, session management function entity and equipment
CN110519809B (en) Method, network element, equipment, device, system and storage medium for managing PDU session
JP2021524689A (en) Communication method and communication device
US20230156527A1 (en) Communication method and apparatus
WO2019096306A1 (en) Request processing method, and corresponding entity
CN111586892B (en) Transmission method and device
WO2019174582A1 (en) Message transmission method and device
CN110431866B (en) Control plane connection management method and device
US20210345182A1 (en) Communication method and network device
CN111757312A (en) Session processing method and device
KR20190100307A (en) Context release method, device and system
CN114339948A (en) Communication method and communication device
CN117676741A (en) QoS information sending method, qoS information receiving method, qoS information sending device, qoS information receiving device, qoS information sending equipment and QoS information receiving medium
KR20230134540A (en) Communication methods and devices
CN115913904A (en) Data communication method, device and equipment based on stream control transmission protocol

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant