CN115769615A - Computing service implementation for next generation cellular networks - Google Patents
Computing service implementation for next generation cellular networks Download PDFInfo
- Publication number
- CN115769615A CN115769615A CN202180047142.1A CN202180047142A CN115769615A CN 115769615 A CN115769615 A CN 115769615A CN 202180047142 A CN202180047142 A CN 202180047142A CN 115769615 A CN115769615 A CN 115769615A
- Authority
- CN
- China
- Prior art keywords
- network
- ran
- computing
- comp
- service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000001413 cellular effect Effects 0.000 title description 8
- 230000006870 function Effects 0.000 claims description 96
- 238000013475 authorization Methods 0.000 claims description 72
- 238000012545 processing Methods 0.000 claims description 43
- 238000004422 calculation algorithm Methods 0.000 claims description 40
- 230000015654 memory Effects 0.000 claims description 25
- 230000005540 biological transmission Effects 0.000 claims description 19
- 230000004044 response Effects 0.000 claims description 14
- 238000004364 calculation method Methods 0.000 claims description 13
- 230000004069 differentiation Effects 0.000 claims description 4
- 230000003213 activating effect Effects 0.000 claims description 3
- 238000004891 communication Methods 0.000 abstract description 40
- 238000000034 method Methods 0.000 description 161
- 238000007726 management method Methods 0.000 description 43
- 230000008569 process Effects 0.000 description 32
- 239000013256 coordination polymer Substances 0.000 description 25
- 230000011664 signaling Effects 0.000 description 22
- 238000005259 measurement Methods 0.000 description 10
- 238000013507 mapping Methods 0.000 description 8
- 238000013135 deep learning Methods 0.000 description 6
- 238000001514 detection method Methods 0.000 description 6
- 235000019527 sweetened beverage Nutrition 0.000 description 6
- 230000002776 aggregation Effects 0.000 description 5
- 238000004220 aggregation Methods 0.000 description 5
- 230000003993 interaction Effects 0.000 description 5
- IUVCFHHAEHNCFT-INIZCTEOSA-N 2-[(1s)-1-[4-amino-3-(3-fluoro-4-propan-2-yloxyphenyl)pyrazolo[3,4-d]pyrimidin-1-yl]ethyl]-6-fluoro-3-(3-fluorophenyl)chromen-4-one Chemical compound C1=C(F)C(OC(C)C)=CC=C1C(C1=C(N)N=CN=C11)=NN1[C@@H](C)C1=C(C=2C=C(F)C=CC=2)C(=O)C2=CC(F)=CC=C2O1 IUVCFHHAEHNCFT-INIZCTEOSA-N 0.000 description 4
- 230000004913 activation Effects 0.000 description 4
- 230000006978 adaptation Effects 0.000 description 4
- 238000013500 data storage Methods 0.000 description 4
- 230000002093 peripheral effect Effects 0.000 description 4
- 101150071746 Pbsn gene Proteins 0.000 description 3
- 238000004873 anchoring Methods 0.000 description 3
- 230000006399 behavior Effects 0.000 description 3
- 230000001427 coherent effect Effects 0.000 description 3
- 230000009977 dual effect Effects 0.000 description 3
- 230000006855 networking Effects 0.000 description 3
- 238000001228 spectrum Methods 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 101100172132 Mus musculus Eif3a gene Proteins 0.000 description 2
- MJSPPDCIDJQLRE-YUMQZZPRSA-N S-methionyl-L-thiocitrulline Chemical compound CSCC[C@@H](C(S/C(\N)=N/CCC[C@@H](C(O)=O)N)=O)N MJSPPDCIDJQLRE-YUMQZZPRSA-N 0.000 description 2
- 238000007792 addition Methods 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 239000000969 carrier Substances 0.000 description 2
- 230000010267 cellular communication Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 239000003795 chemical substances by application Substances 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 2
- 238000012937 correction Methods 0.000 description 2
- 125000004122 cyclic group Chemical group 0.000 description 2
- 238000007405 data analysis Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000001914 filtration Methods 0.000 description 2
- GVVPGTZRZFNKDS-JXMROGBWSA-N geranyl diphosphate Chemical compound CC(C)=CCC\C(C)=C\CO[P@](O)(=O)OP(O)(O)=O GVVPGTZRZFNKDS-JXMROGBWSA-N 0.000 description 2
- 230000010354 integration Effects 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 239000011159 matrix material Substances 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000010363 phase shift Effects 0.000 description 2
- 238000004705 quadratic configuration interaction calculation Methods 0.000 description 2
- 238000009877 rendering Methods 0.000 description 2
- 230000000153 supplemental effect Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- CSRZQMIRAZTJOY-UHFFFAOYSA-N trimethylsilyl iodide Substances C[Si](C)(C)I CSRZQMIRAZTJOY-UHFFFAOYSA-N 0.000 description 2
- 230000005641 tunneling Effects 0.000 description 2
- 102100022734 Acyl carrier protein, mitochondrial Human genes 0.000 description 1
- 102100035373 Cyclin-D-binding Myb-like transcription factor 1 Human genes 0.000 description 1
- MWRWFPQBGSZWNV-UHFFFAOYSA-N Dinitrosopentamethylenetetramine Chemical compound C1N2CN(N=O)CN1CN(N=O)C2 MWRWFPQBGSZWNV-UHFFFAOYSA-N 0.000 description 1
- 101000678845 Homo sapiens Acyl carrier protein, mitochondrial Proteins 0.000 description 1
- 101000804518 Homo sapiens Cyclin-D-binding Myb-like transcription factor 1 Proteins 0.000 description 1
- 101000741965 Homo sapiens Inactive tyrosine-protein kinase PRAG1 Proteins 0.000 description 1
- 101001056707 Homo sapiens Proepiregulin Proteins 0.000 description 1
- 101000684181 Homo sapiens Selenoprotein P Proteins 0.000 description 1
- 102100038659 Inactive tyrosine-protein kinase PRAG1 Human genes 0.000 description 1
- 102100025498 Proepiregulin Human genes 0.000 description 1
- 101000822633 Pseudomonas sp 3-succinoylsemialdehyde-pyridine dehydrogenase Proteins 0.000 description 1
- 102100023843 Selenoprotein P Human genes 0.000 description 1
- 102100040255 Tubulin-specific chaperone C Human genes 0.000 description 1
- 239000000654 additive Substances 0.000 description 1
- 230000000996 additive effect Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000008033 biological extinction Effects 0.000 description 1
- 230000003139 buffering effect Effects 0.000 description 1
- 229940112112 capex Drugs 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 230000009849 deactivation Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 208000028626 extracranial carotid artery aneurysm Diseases 0.000 description 1
- FEBLZLNTKCEFIT-VSXGLTOVSA-N fluocinolone acetonide Chemical compound C1([C@@H](F)C2)=CC(=O)C=C[C@]1(C)[C@]1(F)[C@@H]2[C@@H]2C[C@H]3OC(C)(C)O[C@@]3(C(=O)CO)[C@@]2(C)C[C@@H]1O FEBLZLNTKCEFIT-VSXGLTOVSA-N 0.000 description 1
- 230000007274 generation of a signal involved in cell-cell signaling Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- DJGAAPFSPWAYTJ-UHFFFAOYSA-M metamizole sodium Chemical compound [Na+].O=C1C(N(CS([O-])(=O)=O)C)=C(C)N(C)N1C1=CC=CC=C1 DJGAAPFSPWAYTJ-UHFFFAOYSA-M 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- OOXMVRVXLWBJKF-DUXPYHPUSA-N n-[3-[(e)-2-(5-nitrofuran-2-yl)ethenyl]-1,2,4-oxadiazol-5-yl]acetamide Chemical compound O1C(NC(=O)C)=NC(\C=C\C=2OC(=CC=2)[N+]([O-])=O)=N1 OOXMVRVXLWBJKF-DUXPYHPUSA-N 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 230000010287 polarization Effects 0.000 description 1
- 229940119265 sepp Drugs 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- WXBXVVIUZANZAU-CMDGGOBGSA-N trans-2-decenoic acid Chemical compound CCCCCCC\C=C\C(O)=O WXBXVVIUZANZAU-CMDGGOBGSA-N 0.000 description 1
- 108010093459 tubulin-specific chaperone C Proteins 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
- WDQKVWDSAIJUTF-GPENDAJRSA-N via protocol Chemical compound ClCCNP1(=O)OCCCN1CCCl.O([C@H]1C[C@@](O)(CC=2C(O)=C3C(=O)C=4C=CC=C(C=4C(=O)C3=C(O)C=21)OC)C(=O)CO)[C@H]1C[C@H](N)[C@H](O)[C@H](C)O1.C([C@H](C[C@]1(C(=O)OC)C=2C(=C3C([C@]45[C@H]([C@@]([C@H](OC(C)=O)[C@]6(CC)C=CCN([C@H]56)CC4)(O)C(=O)OC)N3C=O)=CC=2)OC)C[C@@](C2)(O)CC)N2CCC2=C1NC1=CC=CC=C21 WDQKVWDSAIJUTF-GPENDAJRSA-N 0.000 description 1
- 238000004846 x-ray emission Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/08—Access point devices
- H04W88/085—Access point devices with remote components
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
- H04W12/106—Packet or message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/18—Selecting a network or a communication service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W60/00—Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration
- H04W60/04—Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration using triggered events
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/20—Transfer of user or subscriber data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/18—Service support devices; Network management devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W92/00—Interfaces specially adapted for wireless communication networks
- H04W92/04—Interfaces between hierarchically different network devices
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Various embodiments may relate generally to the field of wireless communications. For example, some embodiments may relate to providing a solution for enabling support of computing services in scenarios where a network operator provides both computing services and connectivity services in a 5G network to end users, and in scenarios where computing services are provided by an ASP (application service provider), CSP (cloud service provider), or ECSP (edge computing service provider). Other embodiments may be described and/or claimed.
Description
Cross Reference to Related Applications
The present application claims U.S. provisional patent application No. 63/060,529, filed on 3/8/2020; and U.S. provisional patent application No. 63/060,543, filed on 3/8/2020.
Technical Field
Various embodiments may relate generally to the field of wireless communications. For example, some embodiments may relate to providing a solution for enabling support of computing services in scenarios where a network operator provides both computing and connectivity services in a 5G network to end users, and in scenarios where computing services are provided by an ASP (application service provider), CSP (cloud service provider) or ECSP (edge computing service provider). Other embodiments may be described and/or claimed.
Background
Currently, cloud/edge rendering based applications in cloud/edge networks use computing services provided by ASPs (application service providers). For example, an ASP is a computing service provider, while using connectivity services via a 5G network provided by the network operator.
In the past systems, a connection service of a Public Land Mobile Network (PLMN) or NPN (non-public network) is provided by a network operator, and a computing service may be provided by ASP, CSP (cloud service provider), or ECSP (edge computing service provider). In the latter two cases, the ASP uses the computing services provided by CSP or ECSP.
Drawings
The embodiments will be readily understood by the following detailed description in conjunction with the accompanying drawings. To facilitate this description, like reference numerals designate like structural elements. Embodiments are illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings.
Fig. 1 illustrates an example of an overall architecture for separating a gNB-CU-CP and a gNB-CU-UP, in accordance with various embodiments.
Fig. 2 illustrates an example of a reference RAN architecture that supports RAN computing functionality in accordance with various embodiments.
Fig. 3 illustrates an example of a proposed reference architecture and control/data plane signaling paths in accordance with various embodiments.
Fig. 4 illustrates an example of a key hierarchy for a KgNB-cf generated by Kamf, in accordance with various embodiments.
Fig. 5 illustrates an example of Comp SF security protection activation for multiple connections with a computing service, in accordance with various embodiments.
Fig. 6 shows an example of a first option (option 1) for securely providing a message flow for a RAN Comp CF according to various embodiments.
Fig. 7 shows an example of a second option (option 2) for securely providing a message flow for the RAN Comp CF according to various embodiments.
Fig. 8 illustrates an example of a relationship between master authentication and slice-specific authentication and authorization, in accordance with various embodiments.
Fig. 9 illustrates an example of a network slice specific authentication and authorization process in accordance with various embodiments.
Fig. 10 schematically illustrates a wireless network in accordance with various embodiments.
Fig. 11 schematically illustrates components of a wireless network in accordance with various embodiments.
Fig. 12 is a block diagram illustrating components capable of reading instructions from a machine-readable or computer-readable medium (e.g., a non-transitory machine-readable storage medium) and performing any one or more of the methodologies discussed herein, according to some example embodiments.
Fig. 13 depicts an example of a process for practicing various embodiments discussed herein.
FIG. 14 depicts another example of a process for practicing various embodiments.
FIG. 15 depicts another example of a process for practicing various embodiments.
Detailed Description
The following detailed description refers to the accompanying drawings. The same reference numbers may be used in different drawings to identify the same or similar elements. In the following description, for purposes of explanation and not limitation, specific details are set forth such as particular structures, architectures, interfaces, techniques, etc. in order to provide a thorough understanding of the various aspects of the various embodiments. However, it will be apparent to one having ordinary skill in the art having had the benefit of the present disclosure that the various aspects of the embodiments may be practiced in other examples that depart from these specific details. In certain instances, descriptions of well-known devices, circuits, and methods are omitted so as not to obscure the description of the various embodiments with unnecessary detail. For the purposes of this document, the phrases "A or B" and "A/B" mean (A), (B), or (A and B).
Various embodiments herein provide techniques for implementing computing services with security protection at RAN nodes in next generation networks. Further, embodiments provide techniques for supporting network slice based computing services in next generation cellular networks.
Implementing a computing service with security protection at a RAN node in a next generation cellular network
Among other things, embodiments of the present disclosure may consider at least the following two scenarios for computing services:
scene 1: network operators provide both computing services and connectivity services to end users in 5G networks, e.g., network operators also play the role of ASPs in their 5G networks. Applications may be presented to computing functions in the 5G network close to the user, for example enabling the computing functions at the RAN node, also referred to as RAN computing functions.
Scene 2: network operators and ASPs have Service Level Agreements (SLAs) for ASP/CSP/ECSP to provide computing services in the network operator's 5G network near the RAN computing functions of its end users.
To enable support of computing services for UEs at a 5G network, two issues need to be solved to support the above two scenarios:
problem 1: what is the RAN architecture that enables computing services
Problem 2: how 5G networks and UEs activate security protection for computing services
Embodiments of the present disclosure help provide solutions for enabling support for computing services in scenarios 1 and 2 described above, as described in more detail below.
Example 1: multi-connectivity for computing services
Example 2: secure key generation principles
Example 3: message flow for RAN Comp SF Security
Example 4: message flow for RAN Comp CF Security
===
TS 38.401:
6.1.2gNB-CU-CP and gNB-CU-UP separated overall architecture
FIG. 1 depicts an example of a separate overall architecture of gNB-CU-CP and gNB-CU-UP:
the gNB may comprise a gNB-CU-CP, a plurality of gNB-CU-UP and a plurality of gNB-DUs;
-the gNB-CU-CP is connected to the gNB-DU via the F1-C interface;
-the gNB-CU-UP is connected to the gNB-DU via the F1-U interface;
-the gNB-CU-UP is connected to the gNB-CU-CP via the E1 interface;
one gNB-DU is connected to only one gNB-CU-CP;
one gNB-CU-UP is connected to only one gNB-CU-CP;
note 1: for flexibility, the gNB-DU and/or gNB-CU-UP may be connected to multiple gNB-CU-CPs through appropriate implementations.
One gNB-DU may be connected to multiple gNB-CU-UP under control of the same gNB-CU-CP;
one gNB-CU-UP may be connected to multiple DUs under the control of the same gNB-CU-CP;
note 2: the connection between the gNB-CU-UP and the gNB-DU is established by the gNB-CU-CP using a bearer context management function.
Note 3: the gNB-CU-CP selects the appropriate gNB-CU-UP for the service requested by the UE. In case of multiple CU-UP, they belong to the same security domain as defined in TS 33.210.
Note 4: the Xn-U may support data forwarding within the gNB between the gNB-CU-UPs during intra-gNB-CU-CP handover.
===
Use cases and related service requirements for interactive games based on cloud/edge presentation have been addressed in TR 22.842, v.17.2.0,2019-12-20, where ASP provides computing services for UEs using 5G connectivity services via a 5G network in a cloud or edge data network. However, existing solutions and use cases may not support applications that require low latency for responsive interaction between an application server and an application client.
Embodiments of the present disclosure address these and other problems described below with respect to the following embodiments:
example 1: multi-connectivity for computing services
Example 2: secure key generation principles
Example 3: message flow for RAN Comp SF Security
Example 4: message flow for RAN Comp CF Security
Without these solutions, the packet delay budget required for the QoS of an application may never be met. Furthermore, embodiments of the present disclosure help provide a solution for provisioning new 5G services (e.g., computing services) at RAN nodes and for secure activation of computing services.
In the present disclosure, the following assumptions apply:
the 5G network implements computing services support for two use cases:
scenario 1: network operators provide both computing services and connectivity services to end users in 5G networks, e.g., network operators also play the role of ASPs in their 5G networks. Applications may be presented to computing functions in the 5G network close to the user, for example enabling the computing functions at the RAN node, also referred to as RAN computing functions.
Scenario 2: network operators and ASPs have Service Level Agreements (SLAs) for ASP/CSP/ECSP to provide computing services in the network operator's 5G network close to its end user's RAN computing functions.
The 5G network implements computing service support at the RAN node close to the UE.
the-gNB refers to the RAN node, and may be xNB designating future generations.
-5G is used for reference and may refer to any xG that designates a future generation.
Reference architecture:
the 5G network implements computing services support at the RAN node close to the UE through RAN computing functions (including one or more RAN Comp CF and RAN Comp SF with the following functions):
-a gbb-Comp-CP comprising an RRC stack:
omicron selecting a computation CF for a particular computing session shared by applications
C1 interface supporting interaction with gNB-CMP-CF
-gNB-CMP-CF (computational service control function):
omicron based on working set selection of calculated SF for a particular application
Managing computational context across multiple computational SFs
Support for computing task scheduling, control, orchestration, and the like
C1 interface supporting interaction with gNB-CU-CP
C2 interface supporting interaction with gNB-Comp-SF
-gNB-Comp-SF (compute service function):
performing a computing task of the application based on the working set information, which may be a new function dedicated to support computing services, or a CU-UP instance dedicated to support computing services.
ο
An example of a reference architecture of a RAN node is shown in fig. 2.
Example 1: multi-connectivity for computing services
As shown in fig. 3-part (a), which simplifies all items of the gNB/RAN functionality, e.g., CU-CP, CU-UP, DU, comp CF, comp SF, by skipping the gNB, this embodiment is proposed to implement support for the PDCP stack at the Comp SF with the following functionality:
support for a new interface with DUs, denoted C3, e.g. similar to F1-U
Support a new interface with the CU-CP, denoted C4, e.g. similar to E1,
for the UE:
support for DRB (data radio bearer) and CRB (computation radio bearer) for user plane communication data and computation related data, respectively
Support of RRC connections with CU-CP
Support new calculation control messages between UE and Comp CF, which interacts with RAN CU CP by piggybacking the messages in RRC messages via a new interface (denoted C1).
-supporting multiple connections, including one connection with a primary RAN node for communication related data traffic and one or more connections with a comp SF as a secondary RAN node for computing related data traffic.
In fig. 3, there may be one or more DUs. The DUs connected to the CU-CP may be the same as or different from the DUs connected to the Comp-SF.
Example 1.1: for control plane signalling
Following embodiment 1, control plane signaling for computing services is between CU-CP and Comp-CF via C1 interface by piggybacking the message in RRC message, as shown in fig. 3-part (C).
The C1 interface supports L3/L4 protocols, such as GTP, HTTP, SCTP, etc.
The CU-CP generates RRC security keys for RAN comp CF for RRC integrity and ciphering protection.
-supporting new SRB or CRB-C specific to RAN computation related signaling messages between UE and CU-CP.
Example 1.2: for user plane data
Following embodiment 1, the user plane data path between the DU and Comp-SF via the new interface (denoted C3).
The C3 interface and protocol is similar to the F1-U interface between CU-UP and DU.
The CU-CP generates RRC security keys for RAN comp SF for RRC integrity and ciphering protection.
Between UE and Comp SF, support new SRB or CRB-U specific to RAN computation related data services.
Example 1.2.1:
following embodiment 1.2, where Comp SF or Comp CF supports the RRC stack and provides a second RRC connection to a UE that already has a first RRC connection at the registered RAN node.
Example 2: secure key generation principles
Following embodiments 1.1 and 1.2, the RAN computation function supports security keys and security contexts for RAN Comp CF and RAN Comp SF, with the following principles:
-the security key is based on KgNB or KgNB-cf.
The oKgNB is a security key generated by the AMF for the RAN node for the communication service.
oKgNB-cf is a security key generated by the AMF for a computing service, the key hierarchy being as shown in FIG. 4.
Or alternatively
okgNB-cf is a security key generated by gNB based on KgNB for computing services.
Security for RAN Comp CF:
oCU-CP generates Kcf for RAN computer CF and sends it to RAN computer CF.
o further derives integrity and encryption keys.
Security for RAN Comp SF:
oCU-CP generates Ksf for RAN computer SF and sends it to RAN computer SF.
o further derives integrity and encryption keys.
Example 3: message flow for RAN Comp SF Security
Following embodiment 2, this embodiment provides a message flow for activating security protection at the RAN Comp SF for RAN computing sessions. Communications established between the UE and the RAN computation SF are protected at the PDCP layer using information (e.g., key counters and algorithms) stored in the RAN computation security context.
Message flow between CU-CP and Comp SF/UE for activating security in compute SF, as shown in FIG. 5:
step 1: the preconditions are as follows:
-the UE registers to the network and establishes an RRC connection.
CU-CP informs/selects Comp CF for computation offload.
The Comp-CF selects Comp-SF for the application working set that computes the offload request based on the UE.
Step 2-4, [ CU-CP- > SF ]: the CU-CP and RAN Comp SF negotiate a ciphering algorithm.
-step 2: the CU-CP or Comp CF sends a Comp SF add/modify request message including Ksf, UE security capabilities, computational security policy.
-step 4: the Comp SF sends an acknowledgement message including the selected algorithm and an indication that integrity and ciphering protection are to be used for the computing service.
The calculation key counter may be the same or different for both Comp CF and Comp SF.
-for the same calculation key counter, the security keys of Kcf and Ksf are updated simultaneously.
For different computational key counters, the security keys of Kcf and Ksf may be updated based on the corresponding computational security policies, respectively.
Upon receiving the RRC connection reconfiguration message, the UE derives a ciphering key from the Ksf (based on the key counter and the selected algorithm).
And 7: the CU-CP or Comp CF sends a Comp SF reconfiguration complete message to the Comp SF to confirm the multi-connection established in the UE.
Upon reception of the RRC connection reconfiguration complete message, the Comp SF derives the ciphering key from Ksf (based on the key counter and the selected algorithm).
Both UE and Comp SF activate security protection for calculating the ciphering and integrity of the related data messages.
Example 4: message flow for RAN Comp CF Security
Fig. 6 illustrates an example of Comp SF security protection activation for multiple connections with a computing service, in accordance with various embodiments. Following embodiment 3, for the security protection of the control plane signaling between the active UE and the RAN Comp CF, depending on the deployment of the Comp CF, there are the following options:
-option 1: comp CF and RAN CU-CP co-sited
Following embodiment 3, the following modifications can be applied to fig. 5, as shown in fig. 6 showing option 1.
CU-CP generates Kcf for RAN Comp CF and sends it to RAN Comp CF.
-option 2: comp CF co-sites with one or more Comp SFs managed by the Comp CF
Following example 3, the following additions are required in fig. 5, as shown in fig. 7 showing option 2.
Step 2: CU-CP sends Kcf to Comp CF, and computing the security policy includes computing a signaling policy. For computational data security, the CU-CP provides a container that includes Ksf, UE security capabilities, and computational data policy. The Comp CF forwards the container to the Comp SF.
Step 3: the Comp CF selects the algorithm for computing signaling security; the Comp SF selects the algorithm used to compute data security.
Step 4: the Comp CF replies to the CU-CP with the selected algorithm and information from the integrity and ciphering indications of both the Comp CF and the Comp SF.
Step 5: the CU-CP sends to the UE an RRC connection reconfiguration request message with information of the selected algorithm and indications for calculating integrity and ciphering of signaling and calculating data security.
Upon receiving the RRC connection reconfiguration message, the UE derives the ciphering keys from Kcf and Ksf (based on the respective key counters and selected algorithm).
Step 7: the CU-CP sends a Comp CF reconfiguration complete message to the Comp CF to confirm the multi-connection established in the UE. The Comp CF forwards the result to the Comp SF.
Upon reception of the RRC connection reconfiguration request message, comp CF and Comp SF derive the ciphering keys from Kcf and Ksf (based on the respective key counters and the selected algorithm).
The UE, comp CF and Comp SF activate security protection for ciphering and integrity of computation signaling and computation data messages.
Supporting network slice-based computing services in next generation cellular networks
As described above, in order to enable support of computing services for a UE at a 5G network, at least two issues need to be addressed to support the above two scenarios:
problem 1: how a 5G network enables a UE to use computing services at the 5G network; and
problem 2: how a 5G network authenticates a UE using an application requesting 5G computing services.
Embodiments of the present disclosure help provide the following solutions for enabling support of computing services in scenarios 1 and 2 described above.
Solution 1: implementing computing service support at RAN node
Solution 2: options to enable support for computing service slicing
Solution 3: subscription information related to computing services
Solution 4: authentication and authorization for network slice-specific or computing service slices
Solution 5: compute service slice specific authentication via RAN computing functionality
And authorization (replacement of solution 4)
===
TS 23.501,v.16.5.1,2020-08-03
5.15.2 identification and selection of network slices: S-NSSAI and NSSAI
5.15.2.1 general rule
S-NSSAI identifies network slices.
S-NSSAI consists of:
-slice/service type (SST), which refers to the expected network slice behavior in terms of features and services;
-a Slice Discriminator (SD) which is optional information to supplement slice/service type to discriminate multiple network slices of the same slice/service type.
S-NSSAI may have a standard value (e.g., such S-NSSAI consists of only SST with a standardized SST value, see clause 5.15.2.2, and no SD) or a non-standard value (e.g., such S-NSSAI consists of both SST and SD, or consists of only SST without a standardized SST value, and no SD). S-NSSAI with a non-standard value identifies a single network slice within the PLMN with which it is associated. S-NSSAI with a non-standard value should not be used by the UE in access stratum procedures in any PLMN other than the PLMN with which the S-NSSAI is associated.
The S-NSSAI in NSSP of the URSP rule (see TS 23.503, clause 6.6.2) and in the subscribed S-NSSAI (see clause 5.15.3) contains only HPLMN S-NSSAI values.
The S-NSSAI of the configured NSSAI, allowed NSSAI (see clause 5.15.4.1), requested NSSAI (see clause 5.15.5.2.1), rejected S-NSSAI contains only values from the serving PLMN. The serving PLMN may be a HPLMN or VPLMN.
The S-NSSAI in the PDU session setup contains a serving PLMN S-NSSAI value and may also contain the corresponding HPLMN S-NSSAI value to which the first value is mapped (see clause 5.15.5.3).
The optional mapping of serving PLMN S-NSSAI to HPLMN S-NSSAI comprises a serving PLMN S-NSSAI value and a corresponding mapped HPLMN S-NSSAI value.
NSSAI is a collection of S-NSSAIs.
The NSSAI may be a configured NSSAI, a requested NSSAI, or an allowed NSSAI.
Up to eight S-NSSAIs out of the allowed and requested NSSAIs sent in the signaling messages between the UE and the network.
The NSSAI of the request signalled by the UE to the network allows the network to select the serving AMF, network slice and network slice instance for the UE as described in clause 5.15.5.
5.15.2.2 standardized SST values
Standardized SST values provide a way to establish global interoperability for slicing so that PLMNs can more efficiently support roaming use cases for the most commonly used slicing/service types.
Standardized SSTs are in the following Table 5.15.2.2-1.
TABLE 5.15.2.2-1-normalized SST values
| Slice/service type | SST value | Characteristics of |
| |
1 | Suitable for processing 5G enhanced moving broadband slices. |
| |
2 | Adapted to handle ultra-reliable low timeSlicing of the communication. |
| |
3 | Suitable for processing large-scale IoT slices. |
| |
4 | Suitable for processing slices of V2X services. |
Note that: it is not necessary to support all standardized SST values in the PLMN. The services indicated in the table for each SST value may also be supported by other SSTs.
5.15.10: network slice specific authentication and authorization
The serving PLMN should perform network slice specific authentication and authorization for the S-NSSAI of the HPLMN compliant with it based on the subscription information. The UE should indicate in the registration request message in the UE 5GMM core network capability whether it supports this feature. If the UE does not support this feature, the AMF should not trigger the procedure for the UE and if the UE requests these S-NSSAIs subject to network slice specific authentication and authorization, they will be rejected for the PLMN.
If the UE is configured with an S-NSSAI that is subject to network slice-specific authentication and authorization, the UE stores an association between the S-NSSAI and corresponding credentials for network slice-specific authentication and authorization.
Note that: credentials for network slice-specific authentication and authorization and how they are provisioned in the UE are not specified.
To perform network slice specific authentication and authorization for S-NSSAI, AMF invokes the EAP-based network slice specific authorization procedure recorded in TS 23.502 clause 4.2.9 (see also TS 33.501) for S-NSSAI.
The AMF may invoke this procedure for the supported UEs at any time, for example, when:
ue registers with AMF and one of the S-NSSAIs of the HPLMN mapped to the S-NSSAI in the requested NSSAI is requiring network slice specific authentication and authorization (see in detail clause 5.15.5.2.1) and once the network slice specific authentication and authorization for S-NSSAI is successful, AMF can add it to the allowed NSSAI; or
b. The network slice specific AAAServer triggers UE re-authentication and re-authorization for S-NSSAI; or
Amf decides to initiate a network slice specific authentication and authorization procedure for a certain S-NSSAI that was previously authorized based on operator policy or subscription changes.
In case of re-authentication and re-authorization (b.and c.above), the following applies:
-if for each access type, the S-NSSAI that is requiring network slice specific authentication and authorization is included in the allowed NSSAIs, the AMF selects the access type to be used to perform the network slice specific authentication and authorization procedure based on the network policy.
-if the network slice specific authentication and authorization for some of the allowed NSSAIs is not successful, the AMF shall update the allowed NSSAIs per access type to the UE via the UE configuration update procedure.
If the network slice specific authentication and authorization fails for all S-NSSAIs in the allowed NSSAIs, the AMF should perform the network initiated deregistration procedure described in TS 23.502 clause 4.2.2.3.3 and should include a list of rejected S-NSSAIs in the explicit deregistration request message, each of them having an appropriate reject cause value.
After successful or unsuccessful UE network slice specific authentication and authorization, the UE context in the AMF should preserve the authentication and authorization status of the UE for the relevant specific S-NSSAI of the HPLMN, while the UE keeps RM-REGISTERED in the PLMN, so that the AMF and PLMN are not required to perform network slice specific authentication and authorization for the UE at every periodic registration update or mobility registration procedure.
The network slice specific AAA server may revoke authorization or challenge the UE's authentication and authorization at any time. When de-authorizing the S-NSSAI in the currently allowed NSSAI of the access type, the AMF shall provide the UE with the new allowed NSSAI and trigger the release of all PDU sessions associated with the S-NSSAI for that access type.
The AMF provides the UE 'S-NSSAI related GPSI to the AAA server to allow the AAA server to initiate a network slice specific authentication and authorization, or authorization revocation, process, where the UE' S current AMF needs to be recognized by the system so the UE authorization status can be queried or revoked.
Network slice specific authentication and authorization requires that the UE master authentication and authorization of SUPI has been successfully completed. If the SUPI authorization is revoked, then the network slice specific authorization is also revoked.
TS-33.501,v.16.3.0,2020-07-10
4.3 Security entity in 5G core network
The 5G system architecture introduces the following security entities in the 5G core network:
AUSF: an authentication server function;
ARPF: an authentication credential repository and processing functionality;
SIDF: a subscription identifier de-hiding function;
and (6) SEAF: a secure anchoring function.
Requirements for SEAF
The security anchor function (SEAF) provides authentication functions via the AMF in the service network. The SEAF should meet the following requirements:
the SEAF should support master authentication using SUCI.
Requirement for NSSAAF
The Network Slice Specific Authentication and Authorization Function (NSSAAF) should handle network slice specific authentication requests from the serving AMF.
NSSAAF is responsible for sending NSSAA requests to the appropriate AAA-S (AAA Server).
NSSAAF should support AAA-S triggered network slice specific re-authentication and re-authorization and slice specific authorization revocation and convert any AAA protocol into a service based format.
The NSSAAF should translate service-based messages from the serving AMF towards the AAA-P (AAA proxy)/AAA-S (AAA server) AAA protocol.
16.2 authorization for network slice Access
The clause specifies the relationship between the UE's primary authentication (as described in clause 6.1) and the authorization for network slice access (as described in TS 23.502).
The UE needs authorization from the home/serving PLMN to gain access to the network slice identified by S-NSSAI.
Authorized S-NSSAI (e.g., allowed S-NSSAI) should be granted to the UE only after the UE successfully completes the primary authentication.
At the end of the primary authentication, the AMF and the UE may receive a list of allowed S-NSSAIs to which the UE is authorized to access.
For some S-NSSAIs, additional Network Slice Specific Authentication and Authorization (NSSAA) is required.
This clause also specifies the prerequisites for the NSSAA procedure described in clause 16.3 with reference to fig. 8, fig. 8 shows an example of the relationship between master authentication and slice-specific authentication and authorization.
===
Use cases and related service requirements for cloud/edge rendering based interactive games have been addressed in TR 22.842, where an ASP provides computing services in a cloud or edge data network for UEs using 5G connectivity services via a 5G network.
However, existing solutions and use cases may not support applications that require low latency for responsive interaction between an application server and an application client.
Embodiments of the present disclosure help provide the following solutions:
solution 1: implementing computing service support at RAN node
Solution 2: options to enable support for computing service slicing
Solution 3: subscription information related to computing services
Solution 4: authentication and authorization for network slice-specific or computing service slices
Solution 5: compute service slice specific authentication and authorization via RAN compute function (alternative to solution 4)
In addition, embodiments of the present disclosure help meet the packet delay budget required for applying QoS. Furthermore, embodiments of the present disclosure help provide a solution for provisioning new 5G services (e.g., computing services).
In the present disclosure, the following assumptions apply:
the 5G network implements computing services support for two use cases:
o scene 1: network operators provide both computing services and connectivity services to end users in 5G networks, e.g., network operators also play the role of ASPs in their 5G networks. Applications may be presented to computing functions in the 5G network near the user, for example enabling the computing functions at the RAN node, also referred to as RAN computing functions.
o scene 2: network operators and ASPs have Service Level Agreements (SLAs) for ASP/CSP/ECSP to provide computing services in the network operator's 5G network near the RAN computing functions of its end users.
The 5G network enables computational service support at the RAN node close to the UE.
the-gNB refers to the RAN node, and may be xNB designating future generations.
-5G is used for reference and may refer to any xG that designates a future generation.
Reference architecture:
the 5G network implements computational services support at the RAN node close to the UE by RAN computational functions (including one or more RAN Comp CF and RAN Comp SF with the following functions:
-a gNB-CU-CP comprising an RRC stack:
o select comp CF for a particular computing session of application sharing
o support C1 interface interacting with gNB-Comp-CF
-gNB-Comp-CF (compute service control function):
o selecting comp SF for a particular application based on working set
o managing computational context across multiple Comp SFs
o support computing task scheduling, control, orchestration, and the like
o support C1 interface interacting with gNB-CU-CP
o support C2 interface interacting with gNB-Comp-SF
-gNB-Comp-SF (compute service function):
o performs the computing task of the application based on the working set information, which may be a new function dedicated to support computing services or a CU-UP instance dedicated to support computing services.
o
The reference architecture of the RAN node is shown in fig. 1 introduced above.
Solution 2: supporting computing services using network slices
For connectivity services provided by a network operator, the S-NSSAI consists of:
slice/service type (SST), which refers to the expected network slice behavior in terms of features and services, and may be a standardized value (eMBB, URLLC, MIoT, V2X) or a non-standardized value.
-a Slice Discriminator (SD) discriminating between multiple network slices for the same slice/service type.
Based on the reference architecture, the computing service slice may be designed with the following options:
option 1: defining new standardized values for SST for computing services in S-NSSAI
When SST is indicated for a computing service in S-NSSAI, sd may be further defined with the following information for scenario 1 and scenario 2:
-an identification of a network operator or ASP providing the computing service.
-one or more application IDs
Option 2: new optional IE, e.g. defining the type of computing service for RAN calculation in S-NSSAI
In this option, the S-NSSAI is defined with three IEs, including the service type of the SST, SD and computing Service (STCMP), where the SST and SD are used for the connectivity service provided by the 5G network operator.
To support scenario 1 and scenario 2, stcmp may be configured with an indication of a computing service provider, including a network operator (scenario 1) or an application provider (scenario 2).
Option 3: a new compute service slice is defined as C-NSSAI
In this option, C-NSSAI is used for computing services, which is different from S-NSSAI used for connectivity services.
C-NSSAI is defined as C-SST (service and slice type of computing service) and C-SD (service differentiation for computing services for a particular C-SST).
The C-SST may be defined based on the type of service provider used for the computing service, e.g. a network operator (scenario 1) or an application provider (scenario 2).
C-SD is an optional IE providing the UE with additional information for computing service slices. For example, a C-SD may include an application ID to be supported in a particular C-SST.
Solution 2.1:
following solution 2, for a compute service slice, the S-NSSAI (option 1/option 2) or C-NSSAI (option 3) includes an optional IE for indicating the protocol type of compute offload capability, e.g., PCI-E, vulkan, roCE, etc.
Solution 3: subscription information related to computing services
Following solution 1 and solution 2, the subscription information of the ue contains one or more subscribed slices of computing services, such as S-NSSAI (option 1/option 2 in solution 2) or C-NSSAI (option 3 in solution 2).
For each subscribed slice of computing services, the subscription information may additionally include:
-list of subscribed RAN-DNNs and default RAN-DNNs for RAN calculation
Option 1: scenario 2 is supported, defining default RAN-DNN values for RAN calculation
Option 2: scenario 3 is supported and a RAN-DNN value may be used to represent RAN computing services provided by ASP/CSP/ECSP
-an indication of whether the S-NSSAI is marked as a default subscribed computing service slice;
for example, for CIoT devices, the S-NSSAI used for RAN computation may be the default subscribed S-NSSAI or C-NSSAI. The CIoT device need not indicate S-NSSAI or C-NSSAI in the registration request message
-an indication whether the computing service slice is subject to computing slice-specific authentication and authorization and an associated AAA server address, similar to a network slice-specific authentication.
Solution 3.1:
following solution 3, the subscription information may additionally contain the protocol type of the computing offload capability for the associated S-NSSAI or C-NSSAI, e.g., PCI-E, vulkan, roCE, etc.
Solution 4: authentication and authorization for network slice-specific or computing service slices
Following solution 3, as part of the initial registration process, the AMF triggers network slice specific authentication and authorization using an AAA server (AAA-S), which may be hosted by an H-PLMN operator or application service provider (ASP, third party), based on subscription information for computing service slices, e.g. S-NSSAI or C-NSSAI, with the following principles for network slices for connectivity services indicated in TS33.501 clause 16.
The AMF performs the role of EAP authenticator and communicates with AAA-S via AUSF.
The AUSF assumes any AAA protocol that interworks with the AAA protocol supported by the AAA-S.
-if the AAA-S belongs to an ASP (third party), the NSSAA function contacts the AAA-S via the AAA-P. The NSSAA function and AAA-P may be co-sited.
This scheme supports both scenario 1 and scenario 2 for computing service slices.
Solution 4.1:
following solution 4, scenario 2,AAA-S for ASP to provide computing services at 5G network can be provided by ASPSlicing for its computing services。
ASP provides the network operator for computing services with address information of the AAA-S in the SLA, e.g. AAA-S ID, IP address and port number etc.
Based on SLA, the NSSAA function contacts the AAA-S via AAA-P, where the NSSAA function and AAA-P may co-site and the AAA-S replies the result of authentication to NSSAA via AAA-P.
Solution 4.2: reference is made to the SA3 33.501 procedure (AMF trigger) in clause 16
Following solution 4.2, for compute service slicing, compute slice specific authentication and authorization between the UE and the AAA server (AAA-S) uses a user ID (e.g., denoted NAI) and credentials that are different from the 3GPP subscription credentials (e.g., SUPI and credentials for PLMN access) and occur after the main authentication.
Fig. 9 illustrates an example of a network slice specific authentication and authorization process in accordance with various embodiments. The message flow for computing slice-specific authentication and authorization is based on the network slice-specific authentication and authorization process shown in TS33.501 clause 16.3 with the following additions/differences:
for computing slice authentication and authorization, the slice information may be S-NSSAI (solution 2, option 1, option 2) or C-NSSAI (solution 2, option 3) based on the options included in solution 2.
The EAP framework specified in RFC 3748 is used for compute slice specific authentication and authorization between UE and AAA server.
Solution 5: compute service slice specific authentication and authorization via RAN computing functionality
This solution provides an alternative to solution 4 for scenario 2.
Computing service slice specific authentication and authorization is initiated by the RAN Comp-CF sending an authentication request to the ASP/CSP/ECSP provided AAA-S as part of the computing session establishment procedure based on the UE context stored at the RAN node with information about allowed S-NSSAI or C-NSSAI.
Based on the reference architecture in fig. 1, the higher layer message flows are as follows:
-step 1: initial registration procedure
-step 2: when an application requiring computing services is started, a UE receiving an application request initiates by indicating the following informationRAN computing session establishment procedure:
o computing service slice information, such as allowed S-NSSAI or C-NSSAI.
The user ID of the computing service provided by the o-subscription ASP/CSP/ECSP is denoted, for example, as a Network Access Identifier (NAI).
-step 3: the registered RAN node selects the RAN Comp-CF based on the following information:
o-requested S-NSSAI or C-NSSAI
o stored RAN network configuration information.
-step 4: the RAN Comp-CF initiates the compute service slice specific authentication and authorization procedure by sending an authentication request to the AAA-S provided by the ASP/CSP/ECSP.
-step 5: based on the result of the authentication response,
o if successful, RAN Comp-CF selects RAN Comp-SF and returns successful results to the RAN node (e.g., CU-CP).
o if it fails, the RAN Comp-CF returns the authentication result and the reject cause to the RAN node (e.g., CU-CP).
Solution 5.1: computing session establishment procedure
Following solution 5, in a second step, the computing session establishment procedure may be supported in the following options:
-option 1: new or existing RRC messages are used.
-option 2: the PDU session setup procedure is used for SMF, including calculating the service indication and PDU session ID.
Based on the compute service indication, the SMF initiates a RAN compute session request message to a registered RAN node (e.g., CU-CP).
o when the RAN node receives the result of the RAN Comp session from the RAN Comp-CF, the RAN responds to the SMF and forwards a PDU session setup response message sent by the SMF to the UE.
-option 3: a new NAS procedure is used for the AMF.
Based on the computation service indication, the AMF initiates a RAN computation session request message to a registered RAN node (e.g., CU-CP).
o when the RAN node receives the result of the RAN Comp session from the RAN Comp-CF, the RAN responds to the AMF and forwards a new NAS response message to the UE indicating the result sent by the AMF.
Solution 5.2: computing service slice based options
Following solutions 5.1 and 5.2, based on the option of computing service slices, the following options provide a corresponding method in the RAN computing session establishment procedure:
for solution 2, option 1: the UE indicates one S-NSSAI for the computing service in the RAN computing session establishment request message, where one or more S-NSSAIs may also be provided with an indication of an association for the S-NSSAI for the computing service.
For solution 2, option 2: the UE indicates an S-NSSAI with an optional IE for the computing service in the RAN computing session setup request message, where one or more S-NSSAIs for the connectivity service may also be provided with an indication of an association for the S-NSSAI for the computing service.
For solution 2, option 3: the UE indicates a C-NSSAI for the computing service in a RAN computing session setup request message, where one or more S-NSSAIs may also be provided with an indication of an association for the C-NSSAI.
The connection service and the computing service are orthogonal services that may be supported via a one-to-one mapping, a one-to-many mapping, or a many-to-many mapping between the connection service slice and the computing service slice.
The following are example methods of associating compute slices and connected slices, but are not limited to:
method 1 (many-to-many): the RAN node (e.g., CU-CP) selects one RAN Comp-CF for each S-NSSAI of the connectivity service, e.g., each network slice for the connectivity service has a corresponding compute service slice.
Method 2 (one-to-many): the RAN node (e.g., CU-CP) selects one RAN Comp-CF for the indicated S-NSSAI for all S-NSSAIs of the connection service, and the RAN Comp-CF allocates a RAN Comp-SF for each network slice of the connection service.
Solution 5.3:
following solution 5, step 1, the initial registration procedure performs primary authentication using SUPI to enable support of computing services at the 5G network by means of the following additional steps:
-the UE indicating the configured/allowed S-NSSAI or C-NSSAI for the computing service in a registration request message.
The AMF provides the RAN node and the UE with allowed S-NSSAI (solution 2, option 1/2) or C-NSSAI (solution 2, option 3).
UE context is created with subscribed computing service information, e.g. allowed S-NSSAI list or C-NSSAI list (based on solution 2 option 1/option 2 or solution 2 option 3, respectively).
Solution 5.4:
next to solution 5.3, the ue also provides generic computation offload capability to the AMF in a registration request NAS message.
The AMF verifies the requested computational offloadability based on the subscription data. If the subscription is valid, AMF further checks the subscription for S-NSSAI or C-NSSAI requested for the computing service.
System and implementation
Fig. 10-11 illustrate various systems, devices, and components that can implement aspects of the disclosed embodiments.
Fig. 10 illustrates a network 1000 in accordance with various embodiments. Network 1000 may operate in a manner consistent with 3GPP technical specifications for LTE or 5G/NR systems. However, the example embodiments are not so limited, and the described embodiments may be applied to other networks, e.g., future 3GPP systems, etc., that benefit from the principles described herein.
In some embodiments, the network 1000 may include multiple UEs directly coupled to each other via a sidelink interface. The UE may be an M2M/D2D device that communicates using a physical sidelink channel (e.g., without limitation, PSBCH, PSDCH, PSSCH, PSCCH, PSFCH, etc.).
In some embodiments, the UE1002 may additionally communicate with the AP 1006 via an over-the-air connection. The AP 1006 may manage WLAN connections that may be used to offload some/all network traffic from the RAN 1004. The connection between the UE1002 and the AP 1006 may conform to any IEEE 802.11 protocol, where the AP 1006 may be wireless fidelity (WiFi)
A router. In some embodiments, UE1002, RAN 1004, and AP 1006 may utilize cellular-WLAN aggregation (e.g., LWA/LWIP). cellular-WLAN aggregation may involve the UE1002 being configured by the RAN 1004 to utilize cellular radio resources and WLAN resources.
In embodiments where the RAN 1004 includes multiple ANs, they may be coupled to each other via AN X2 interface (if the RAN 1004 is AN LTE RAN) or AN Xn interface (if the RAN 1004 is a 5G RAN). The X2/Xn interface (which may be separated into a control/user plane interface in some embodiments) may allow the AN to communicate information related to handover, data/context transfer, mobility, load management, interference coordination, etc.
The ANs of RAN 1004 may each manage one or more cells, groups of cells, component carriers, etc., to provide UE1002 with AN air interface for network access. The UE1002 may be simultaneously connected with multiple cells provided by the same or different ANs of the RAN 1004. For example, the UE1002 and the RAN 1004 may use carrier aggregation to allow the UE1002 to connect with multiple component carriers, each corresponding to a Pcell or Scell. In a dual connectivity scenario, the first AN may be a primary node providing the MCG and the second AN may be a secondary node providing the SCG. The first/second AN may be any combination of eNB, gNB, ng-eNB, etc.
The RAN 1004 may provide an air interface over licensed or unlicensed spectrum. To operate in unlicensed spectrum, the node may use LAA, eLAA and/or feLAA mechanisms with PCell/Scell based on CA technology. Prior to accessing the unlicensed spectrum, the node may perform a medium/carrier sensing operation based on, for example, a Listen Before Talk (LBT) protocol.
In a V2X scenario, the UE1002 or AN 1008 may be or act as AN RSU, which may refer to any traffic infrastructure entity for V2X communications. The RSU may be implemented in or by a suitable AN or a fixed (or relatively fixed) UE. An RSU implemented in or by: for a UE, it may be referred to as "UE-type RSU"; for an eNB, it may be referred to as an "eNB-type RSU"; for a gNB, it may be referred to as a "gNB-type RSU"; and the like. In one example, the RSU is a computing device coupled with radio frequency circuitry located at the curb side that provides connection support to passing vehicle UEs. The RSU may also include internal data storage circuitry for storing intersection map geometry, traffic statistics, media, and applications/software for sensing and controlling ongoing vehicle and pedestrian traffic. The RSU may provide very low latency communications required for high speed events (e.g., collision avoidance, traffic warnings, etc.). Additionally or alternatively, the RSU may provide other cellular/WLAN communication services. The components of the RSU may be enclosed in a weatherproof enclosure suitable for outdoor installation and may include a network interface controller for providing a wired connection (e.g., ethernet) to a traffic signal controller or backhaul network.
In some embodiments, the RAN 1004 may be an LTE RAN 1010 with an eNB (e.g., eNB 1012). The LTE RAN 1010 may provide an LTE air interface with the following characteristics: SCS at 15 kHz; a CP-OFDM waveform for DL and an SC-FDMA waveform for UL; a Turbo code for data and a TBCC for control; and the like. The LTE air interface may rely on CSI-RS for CSI acquisition and beam management; PDSCH/PDCCH DMRS for PDSCH/PDCCH demodulation; CRS for cell search and initial acquisition, channel quality measurement, and channel estimation for coherent demodulation/detection at the UE. The LTE air interface may operate on the sub-6GHz band.
In some embodiments, RAN 1004 may be NG-RAN1014 with a gNB (e.g., gNB 1016) or an NG-eNB (e.g., NG-eNB 1018). The gNB 1016 may connect with 5G-enabled UEs using a 5G NR interface. The gNB 1016 may be connected with the 5G core through an NG interface, which may include an N2 interface or an N3 interface. The NG-eNB 1018 may also be connected with the 5G core over the NG interface, but may be connected with the UE via the LTE air interface. The gNB 1016 and ng-eNB 1018 may be connected to each other via an Xn interface.
In some embodiments, the NG interface may be divided into two parts: an NG user plane (NG-U) interface that carries traffic data between nodes of the NG-RAN1014 and the UPF 1048 (e.g., an N3 interface); and NG control plane (NG-C) interface, which is a signaling interface (e.g., N2 interface) between the NG-RAN1014 and the nodes of the AMF 1044.
The NG-RAN1014 may provide a 5G-NR air interface with the following characteristics: variable SCS; CP-OFDM for DL, CP-OFDM for UL, and DFT-s-OFDM; polarization codes for control, repetition codes, simplex codes and Reed-Muller codes, and LDPC for data. Similar to the LTE air interface, the 5G-NR air interface may rely on CSI-RS, PDSCH/PDCCH DMRS. The 5G-NR air interface may not use CRS, but may use PBCH DMRS for PBCH demodulation; PTRS for phase tracking of PDSCH; and a tracking reference signal for time tracking. The 5G-NR air interface may operate over the FR1 band, which includes the sub-6GHz band, or the FR2 band, which includes the frequency band from 24.25GHz to 52.6 GHz. The 5G-NR air interface may include SSBs, which are regions of a downlink resource grid including PSS/SSS/PBCH.
In some embodiments, the 5G-NR air interface may utilize BWP for various purposes. For example, BWP may be used for dynamic adaptation of SCS. For example, the UE1002 may be configured with multiple BWPs, where each BWP configuration has a different SCS. When the BWP is indicated to the UE1002 to change, the SCS of the transmission also changes. Another example use case for BWP relates to power saving. In particular, the UE1002 may be configured with multiple BWPs with different amounts of frequency resources (e.g., PRBs) to support data transmission in different traffic load scenarios. BWPs containing a smaller number of PRBs may be used for data transmission with smaller traffic load while allowing power savings at the UE1002 and in some cases at the gNB 1016. BWPs containing a larger number of PRBs may be used in scenarios where the traffic load is higher.
The RAN 1004 is communicatively coupled to the CNs 1020, which include network elements to provide various functions to support data and telecommunications services for customers/subscribers (e.g., users of the UE 1002). The components of CN1020 may be implemented in one physical node or separate physical nodes. In some embodiments, NFV may be used to virtualize any or all functions provided by network elements of CN1020 onto physical computing/storage resources in servers, switches, and the like. Logical instances of CN1020 may be referred to as network slices, while logical instances of a portion of CN1020 may be referred to as network subslices.
In some embodiments, CN1020 may be LTE CN1022 (which may also be referred to as EPC). The LTE CN1022 may include an MME 1024, SGW1026, SGSN 1028, HSS 1030, PGW1032, and PCRF 1034, coupled to one another by an interface (or "reference point") as shown. The functions of the elements of LTE CN1022 may be briefly introduced as follows.
The MME 1024 may implement mobility management functions to track the current location of the UE1002 to facilitate paging, bearer activation/deactivation, handover, gateway selection, authentication, and so forth.
The SGW1026 may terminate the S1 interface towards the RAN and route data packets between the RAN and the LTE CN 1022. SGW1026 may be a local mobility anchor for inter-RAN node handovers and may also provide an anchor for inter-3 GPP mobility. Other responsibilities may include legal intercept, charging, and some policy enforcement.
The SGSN 1028 can track the location of the UE1002 and perform security functions and access control. Further, the SGSN 1028 may perform EPC inter-node signaling for mobility between different RAT networks; PDN and S-GW selection designated by MME 1024; MME selection for handover; and the like. An S3 reference point between the MME 1024 and the SGSN 1028 may enable user and bearer information exchange for inter-3 GPP network access mobility in the idle/active state.
The HSS 1030 may include a database for network users, including subscription-related information to support the processing of communication sessions by network entities. The HSS 1030 may provide support for routing/roaming, authentication, authorization, naming/addressing resolution, location dependency, etc. The S6a reference point between the HSS 1030 and the MME 1024 may enable the transfer of subscription and authentication data for authenticating/authorizing a user to access the LTE CN 1020.
PGW1032 may terminate the SGi interface towards a Data Network (DN) 1036 that may include an application/content server 1038. PGW1032 may route data packets between LTE CN1022 and data network 1036. PGW1032 may be coupled with SGW1026 through an S5 reference point to facilitate user plane tunneling and tunnel management. PGW1032 may also include a node (e.g., PCEF) for policy enforcement and charging data collection. Further, the SGi reference point between PGW1032 and data network 1036 may be an operator external public, private PDN or an operator internal packet data network (e.g., for provisioning IMS services). PGW1032 may be coupled with PCRF 1034 via a Gx reference point.
The PCRF 1034 is a policy and charging control element of the LTE CN 1022. The PCRF 1034 can be communicatively coupled to the app/content server 1038 to determine the appropriate QoS and charging parameters for the service flow. The PCRF 1032 may assign the associated rules to the PCEF with the appropriate TFTs and QCIs (via the Gx reference point).
In some embodiments, CN1020 may be 5GC 1040. The 5GC 1040 may include AUSF 1042, AMF 1044, SMF 1046, UPF 1048, NSSF1050, NEF1052, NRF 1054, PCF1056, UDM1058, and AF 1060, coupled to each other by an interface (or "reference point") as shown. The function of the elements of the 5GC 1040 can be briefly described as follows.
The AUSF 1042 may store data for authentication of the UE1002 and handle authentication related functions. AUSF 1042 may facilitate a common authentication framework for various access types. The AUSF 1042 may also exhibit a Nausf service based interface in addition to communicating with other elements of the 5GC 1040 through reference points as shown.
The AMF 1044 may allow other functions of the 5gc 1040 to communicate with the UE1002 and the RAN 1004 and subscribe to notifications regarding mobility events for the UE 1002. The AMF 1044 may be responsible for registration management (e.g., for registering the UE 1002), connection management, reachability management, mobility management, lawful interception of AMF related events, and access authentication and authorization. AMF 1044 may provide transport for SM messages between UE1002 and SMF 1046 and act as a transparent proxy for routing SM messages. The AMF 1044 may also provide transmission for SMS messages between the UE1002 and the SMSF. The AMF 1044 may interact with the AUSF 1042 and the UE1002 to perform various security anchoring and context management functions. Further, AMF 1044 may be a termination point of a RAN CP interface, which may include or be an N2 reference point between RAN 1004 and AMF 1044; the AMF 1044 may be the termination point of NAS (N1) signaling and perform NAS ciphering and integrity protection. The AMF 1044 may also support NAS signaling with the UE1002 over the N3 IWF interface.
The SMF 1046 may be responsible for SM (e.g., session establishment between UPF 1048 and AN 1008, tunnel management); UE IP address assignment and management (including optional authorization); selection and control of the UP function; configuring traffic control at UPF 1048 to route traffic to the correct destination; terminating the interface towards the policy control function; controlling a portion of policy enforcement, charging, and QoS; statutory interception (for SM events and interface to the LI system); terminate the SM portion of the NAS message; a downlink data notification; initiate AN-specific SM message sent over N2 to AN 1008 via AMF 1044; and determining an SSC pattern for the session. SM may refer to the management of PDU sessions, and a PDU session or "session" may refer to a PDU connection service that provides or enables the exchange of PDUs between the UE1002 and the data network 1036.
The UPF 1048 may serve as an anchor point for intra-RAT and inter-RAT mobility, an interconnected external PDU session point to the data network 1036, and a branch point to support multi-homed PDU sessions. The UPF 1048 may also perform packet routing and forwarding, perform packet inspection, perform user plane part of policy rules, lawful intercept packets (UP collection), perform traffic usage reporting, perform QoS processing of the user plane (e.g., packet filtering, gating, UL/DL rate enforcement), perform uplink traffic validation (e.g., SDF to QoS flow mapping), transport level packet marking in uplink and downlink, and perform downlink packet buffering and downlink data notification triggering. UPF 1048 may include an uplink classifier to support routing of traffic flows to the data network.
The NSSF1050 may select a set of network slice instances that serve the UE 1002. The NSSF1050 may also determine allowed NSSAIs and mappings to subscribed S-NSSAIs (if needed). NSSF1050 may also determine the set of AMFs to be used to serve UE1002, or determine a list of candidate AMFs based on a suitable configuration and possibly by querying NRF 1054. The selection of a set of network slice instances for the UE1002 may be triggered by the AMF 1044 registered by the UE1002 by interacting with the NSSF1050, which may result in a change in the AMF. NSSF1050 may interact with AMF 1044 via N22 reference points; and may communicate with another NSSF in the visited network via an N31 reference point (not shown). Further, NSSF1050 may expose an interface based on NSSF services.
NEF1052 may securely open services and capabilities that 3GPP network functions provide for third parties, internal openness/reopening, AF (e.g., AF 1060), edge computing or fog computing systems, and the like. In such embodiments, NEF1052 may authenticate, authorize, or restrict AF. NEF1052 may also convert information exchanged with AF 1060 and information exchanged with internal network functions. For example, the NEF1052 may translate between the AF service identifier and the internal 5GC information. NEF1052 may also receive information from other NFs based on the ability of the other NFs to open. This information may be stored as structured data at the NEF1052 or at the data store NF using a standardized interface. The stored information may then be newly released by the NEF1052 to other NFs and AFs, or used for other purposes (e.g., analysis). Further, NEF1052 may expose an interface based on the Nnef service.
The PCF1056 may provide policy rules to control plane functions to enforce them, and may also support a unified policy framework to manage network behavior. PCF1056 may also implement a front end to access subscription information related to policy decisions in the UDR of UDM 1058. In addition to communicating with functions through reference points as shown, PCF1056 also exhibits an Npcf service-based interface.
UDM1058 may process subscription related information to support processing of communication sessions by network entities and may store subscription data for UE 1002. For example, subscription data may be passed via an N8 reference point between UDM1058 and AMF 1044. UDM1058 may include two parts: front end and UDR are applied. The UDR may store subscription data and policy data for UDM1058 and PCF1056, and/or structured data (including PFD for application detection, application request information for multiple UEs 1002) for openness and application data for NEF 1052. An interface based on the Nudr service can be exposed by UDR 221 to allow UDM1058, PCF1056, and NEF1052 to access a particular set of stored data, as well as to read, update (e.g., add, modify), delete, and subscribe to notifications of relevant data changes in the UDR. The UDM may include a UDM-FE that is responsible for handling credentials, location management, subscription management, and the like. Several different front ends may serve the same user in different transactions. The UDM-FE accesses subscription information stored in the UDR and performs authentication credential processing, user identification processing, access authorization, registration/mobility management, and subscription management. In addition to communicating with other NFs through reference points as shown, UDM1058 may also expose a numm service based interface.
In some embodiments, the 5GC 1040 may enable edge calculation by selecting an operator/third party service to be geographically close to the point at which the UE1002 attaches to the network. This may reduce latency and load on the network. To provide an edge calculation implementation, the 5GC 1040 may select a UPF 1048 near the UE1002 and perform traffic steering from the UPF 1048 to the data network 1036 via the N6 interface. This may be based on UE subscription data, UE location and information provided by AF 1060. In this way, AF 1060 can affect UPF (re) selection and traffic routing. Based on the operator deployment, the network operator may allow AF 1060 to interact directly with the relevant NFs when AF 1060 is considered a trusted entity. Further, AF 1060 can expose interfaces based on Naf services.
Fig. 11 schematically illustrates a wireless network 1100 in accordance with various embodiments. The wireless network 1100 may include a UE1102 in wireless communication with AN 1104. The UE1102 and AN1104 may be similar to, and substantially interchangeable with, similarly-named components described elsewhere herein.
The UE1102 can be communicatively coupled with AN1104 via a connection 1106. Connection 1106 is shown as implementing a communicatively coupled air interface and may conform to a cellular communication protocol such as the LTE protocol or the 5G NR protocol operating at mmWave or sub-6GHz frequencies.
The UE1102 can include a host platform 1108 coupled to a modem platform 1110. Host platform 1108 may include application processing circuitry 1112, which may be coupled with protocol processing circuitry 1114 of modem platform 1110. The application processing circuitry 1112 may run various applications for outgoing/incoming application data for the UE 1102. The application processing circuitry 1112 may also implement one or more layers of operations to send and receive application data to and from a data network. These layer operations may include transport (e.g., UDP) and internet (e.g., IP) operations.
The protocol processing circuitry 1114 may implement one or more layers of operations to facilitate the transmission or reception of data over the connection 1106. Layer operations implemented by the protocol processing circuit 1114 may include, for example, MAC, RLC, PDCP, RRC, and NAS operations.
The modem platform 1110 may also include digital baseband circuitry 1116, which may implement one or more layer operations, which are "lower" layer operations in the network protocol stack that are performed by the protocol processing circuitry 1114. These operations may include, for example, PHY operations including one or more of the following: HARQ-ACK functionality, scrambling/descrambling, encoding/decoding, layer mapping/demapping, modulation symbol mapping, received symbol/bit metric determination, multi-antenna port precoding/decoding (which may include one or more of space-time, space-frequency, or spatial coding), reference signal generation/detection, preamble sequence generation and/or decoding, synchronization sequence generation/detection, control channel signal blind decoding, and other related functions.
The modem platform 1110 may also include transmit circuitry 1118, receive circuitry 1120, RF circuitry 1122, and an RF front end (RFFE) 1124, which may include or be connected to one or more antenna panels 1126. Briefly, the transmit circuit 1118 may include digital to analog converters, mixers, intermediate Frequency (IF) components, and the like; the receive circuit 1120 may include analog-to-digital converters, mixers, IF components, and the like; RF circuitry 1122 may include low noise amplifiers, power tracking components, and the like; RFFE 1124 may include filters (e.g., surface/bulk acoustic wave filters), switches, antenna tuners, beamforming components (e.g., phased array antenna components), and so forth. The selection and arrangement of components of transmit circuitry 1118, receive circuitry 1120, RF circuitry 1122, RFFE 1124, and antenna panel 1126 (generally referred to as "transmit/receive components") may be implementation-specific details such as whether the communication is TDM or FDM, at mmWave or sub-6GHz frequencies, etc. In some embodiments, the transmit/receive components may be arranged in multiple parallel transmit/receive chains, may be provided in the same or different chips/modules, and so on.
In some embodiments, the protocol processing circuitry 1114 may include one or more instances of control circuitry (not shown) to provide control functions for the transmit/receive components.
UE reception may be established by and via antenna panel 1126, RFFE 1124, RF circuitry 1122, receive circuitry 1120, digital baseband circuitry 1116, and protocol processing circuitry 1114. In some embodiments, the antenna panel 1126 may receive transmissions from the AN1104 via receive beamformed signals received by multiple antennas/antenna elements of one or more antenna panels 1126.
UE transmissions may be established through and via protocol processing circuitry 1114, digital baseband circuitry 1116, transmit circuitry 1118, RF circuitry 1122, RFFE 1124, and antenna panel 1126. In some embodiments, transmit components of UE 1104 may apply spatial filtering to data to be transmitted to form transmit beams transmitted by antenna elements of antenna panel 1126.
Similar to UE1102, an1104 may include a host platform 1128 coupled to a modem platform 1130. Host platform 1128 may include application processing circuitry 1132 coupled to protocol processing circuitry 1134 of modem platform 1130. The modem platform may also include digital baseband circuitry 1136, transmit circuitry 1138, receive circuitry 1140, RF circuitry 1142, RFFE circuitry 1144, and antenna panel 1146. The components of the AN1104 may be similar to, and substantially interchangeable with, similarly-named components of the UE 1102. In addition to performing data transmission/reception as described above, the components of AN 1108 may also perform various logical functions including, for example, RNC functions such as radio bearer management, uplink and downlink dynamic radio resource management, and data packet scheduling.
Fig. 12 is a block diagram illustrating components capable of reading instructions from a machine-readable or computer-readable medium (e.g., a non-transitory machine-readable storage medium) and performing any one or more of the methodologies discussed herein, according to some example embodiments. In particular, fig. 12 shows a graphical representation of hardware resources 1200, including one or more processors (or processor cores) 1210, one or more memory/storage devices 1220, and one or more communication resources 1230, each of which may be communicatively coupled via a bus 1240 or other interface circuitry. For embodiments that utilize node virtualization (e.g., NFV), hypervisor 1202 may be executed to provide an execution environment for one or more network slices/subslices to utilize hardware resources 1200.
Memory/storage device 1220 may include a main memory, a disk storage, or any suitable combination thereof. The memory/storage 1220 may include, but is not limited to, any type of volatile, non-volatile, or semi-volatile memory, such as Dynamic Random Access Memory (DRAM), static Random Access Memory (SRAM), erasable programmable read-only memory (EPROM), electrically erasable programmable read-only memory (EEPROM), flash memory, solid-state memory, and the like.
The communication resources 1230 may include interconnection or network interface controllers, components, or other suitable devices to communicate with one or more peripheral devices 1204 or one or more databases 1206 or other network elements via a network 1208. For example, communication resources 1230 may include wired communication components (e.g., for coupling via USB, ethernet, etc.), cellular communication components, NFC components, or the like,
(or low power consumption)
) A component,
Components and other communication components.
Example procedure
In some embodiments, the electronic devices, networks, systems, chips, or components, or portions or implementations thereof, of fig. 10-12 or some other figures herein may be configured to perform one or more processes, techniques, or methods, or portions thereof, as described herein. One such process is depicted in fig. 13. For example, process 1300 may include: at 1305, a first interface with a Distributed Unit (DU) is provided, wherein the first interface has a common protocol to interface between a centralized unit control plane (CU-CP) and the DU. The process further comprises: at 1310, a second interface is provided with a compute control function (Comp-CF). The process further comprises: at 1315, a Packet Data Convergence Protocol (PDCP) stack is supported at the Comp-SF and CU-UP. The process further comprises: at 1320, an encryption algorithm is negotiated with the CU-CP via the second interface based on the RRC security key.
Another such process is shown in fig. 14. In this example, process 1400 includes: at 1405, a Radio Resource Control (RRC) connection is established with a centralized unit control plane (CU-CP) or a computational control function (Comp-CF). The process further comprises: at 1410, an RRC message including integrity and ciphering information is received from the CU-CP or the Comp-CF. The process further comprises: at 1415, integrity and ciphering protection are activated based on the integrity and ciphering information.
Another such process is shown in fig. 15. In this example, process 1500 includes: at 1505, a registration request is encoded for transmission to an access and mobility management function (AMF) for accessing single network slice selection assistance information (S-NSSAI). The process further comprises: at 1510, an indication of a subscribed S-NSSAI is received, wherein the subscribed S-NSSAI includes an indication of: slice/service type (SST), slice Specifier (SD), and Radio Access Network (RAN) compute service types.
For one or more embodiments, at least one component illustrated in one or more of the foregoing figures may be configured to perform one or more operations, techniques, processes, and/or methods illustrated in the example section below. For example, the baseband circuitry described above in connection with one or more of the preceding figures may be configured to operate in accordance with one or more examples set forth below. As another example, circuitry associated with a UE, base station, network element, etc., described above in connection with one or more of the preceding figures, can be configured to operate in accordance with one or more examples set forth below in the examples section.
Examples of the invention
Example 1 may include a method for enabling support for a PDCP stack at a Comp SF that supports a first interface with DUs (denoted as C3, e.g., similar to F1-U) and a second interface with CU-CPs (denoted as C4, e.g., similar to E1).
Example 2 may include the method of example 1 or some other example herein, wherein the Comp SF processes computing services requested from UEs registered with the RAN CU-CP and supports multiple connections, including one connection with the first RAN node for communication-related data traffic and one or more connections with Comp SFs as other RAN nodes for computing-related data traffic.
Example 3 may include the method of example 2 or some other example herein, wherein the UE may receive the control signaling message from a Comp CF interfacing with the RAN CU-CP through a third interface (denoted as C1) by piggybacking the message in RRC.
Example 4 may include the method of example 3 or some other example herein, wherein the UE receives a DRB (data radio bearer) from the first RAN node for the communication-related data traffic and receives a CRB-U (computed radio bearer at the user plane) from the Comp SF for the computing-related data traffic.
Example 5 may include the method of example 3 or example 4 or some other example herein, wherein the UE receives a CRB-C (compute radio bearer at the control plane) from the Comp CF for computing the control signaling message.
Example 6 may include the method of example 3 or some other example herein, wherein the RAN calculating the security key for the CF and the RAN Comp SF is based on KgNB or KgNB-CF.
Example 7 may include the method of example 6 or some other example herein, wherein the KgNB is a security key generated by the AMF of the RAN node for the communication service.
Example 8 may include the method of example 6 or some other example herein, wherein KgNB-cf is a security key for the computing service generated by the AMF, or KgNB-cf is a security key for the computing service generated by the gNB based on KgNB.
Example 9 may include the method of example 7 or 8 or some other example herein, wherein the RAN CU-CP generates Kcf for the RAN Comp CF and sends it to the RAN Comp CF.
Example 10 may include the method of example 9 or some other example herein, wherein the Comp CF generates an integrity and ciphering key for computing security protection of the control signaling message.
Example 11 may include the method of example 7 or 8 or some other example herein, wherein the RAN CU-CP generates a Ksf for the RAN Comp SF and sends it to the RAN Compute SF directly or via the RAN Comp CF.
Example 12 may include the method of example 11 or some other example herein, wherein the Comp SF generates integrity and ciphering keys for security protection involving computing-related data traffic.
Example 13 may include the method of example 2 or some other example herein, wherein communications established between the UE and the RAN Comp SF are protected at the PDCP layer using information (e.g., key counters and algorithms) stored in the RAN computational security context.
Example 14 may include the method of example 13 or some other example herein, wherein the RAN CU-CP and the RAN Comp SF negotiate a ciphering algorithm, directly or via the Comp CF, by sending a Comp SF add/modify request message including Ksf, UE security capabilities, and a computational security policy.
Example 15 may include the method of example 14 or some other example herein, wherein the Comp SF selects a security algorithm and generates a security context, and sends a confirmation message to the RAN CU-CP including the selected algorithm and an indication to use integrity and ciphering protection for the computing service.
Example 16 may include the method of example 15 or some other example herein, wherein the CU-CP sends to the UE an RRC connection reconfiguration request message including information related to the RAN computing session (e.g., a compute key counter, a selected algorithm, and an indication to use integrity and ciphering protection for computing services).
Example 17 may include the method of example 16 or some other example herein, wherein the computational key counter may be the same or different for both Comp CF and Comp SF.
Example 18 may include the method of example 17 or some other example herein, wherein the security keys of Kcf and Ksf are updated simultaneously for the same compute key counter.
Example 19 may include the method of example 17 or some other example herein, wherein the security keys of Kcf and Ksf may be updated, respectively, for different computational key counters based on corresponding computational security policies.
Example 20 may include the method of example 16 or some other example herein, wherein the UE derives the ciphering key from Ksf (based on the key counter and a selected algorithm) upon receiving the RRC connection reconfiguration request message.
Example 21 may include the method of example 20 or some other example herein, wherein the UE replies to the CU-CP or Comp CF with an RRC Connection reconfiguration response message.
Example 22 may include the method of example 21 or some other example herein, wherein the CU-CP or the Comp CF sends a Comp SF reconfiguration complete message to the Comp SF to confirm the plurality of connections established in the UE.
Example 23 may include the method of example 22 or some other example herein, wherein the Comp SF derives a ciphering key from Ksf (based on a key counter and a selected algorithm) upon receiving the RRC connection reconfiguration request message.
Example 24 may include the method of example 23 or some other example herein, wherein both the UE and the Comp SF activate security protection for ciphering and integrity of the computation related data message.
Example 25 may include the method of example 13 or some other example herein, wherein the computational control connection established between the UE and the RAN Comp CF is protected by using information (e.g., key counters and algorithms) stored in the RAN computational security context.
Example 26 may include the methods of examples 25 and 14 or some other example herein, wherein the RAN CU-CP and the RAN Comp CF negotiate a ciphering algorithm by sending a Comp CF add/modify request message that includes the Kcf, the UE security capabilities, and the computational security policy.
Example 27 may include the method of example 15 or some other example herein, wherein the Comp CF selects a security algorithm and generates a security context, and sends a confirmation message to the RAN CU CP including the selected algorithm and an indication to use integrity and ciphering protection for the computing service.
Example 28 may include the methods of examples 27 and 16 or some other example herein, wherein the CU-CP sends to the UE an RRC connection reconfiguration request message including information related to the RAN computing session (e.g., a compute key counter for Comp CF and/or Comp SF, a selected algorithm for computing control signaling and computing data traffic, and an indication of a compute service using integrity and ciphering protection for computing control signaling and computing data traffic).
Example 29 includes a method comprising:
providing, by a compute service function (Comp-SF), a first interface with a Distributed Unit (DU);
providing, by the Comp-SF, a second interface with a compute control function (Comp-CF); and
a Packet Data Convergence Protocol (PDCP) stack is supported by the Comp-SF using a first interface and a second interface.
Example 30 includes the method of example 29 or some other example herein, wherein the first interface is to provide a user data plane path between the DU and the Comp-SF.
Example 31 includes the method of example 29 or some other example herein, wherein the first interface has a common protocol with an interface between a centralized unit control plane (CU-CP) and the DU.
Example 32 includes the method of example 29 or some other example herein, wherein the method further comprises: a Radio Resource Control (RRC) security key is received by the Comp-SF via the second interface.
Example 33 includes the method of example 32 or some other example herein, further comprising: the encryption algorithm is negotiated by the Comp-SF with the CU-CP via the second interface.
Example 34 includes the method of example 33 or some other example herein, further comprising: the security algorithm is selected and a security context is generated by Comp-SF based on RRC security keys.
Example 35 includes the method of example 34 or some other example herein, further comprising: an acknowledgement message comprising an indication of the selected security algorithm is sent by the Comp-SF to the CU-CP via the second interface.
Example 36 includes the method of example 29 or some other example herein, further comprising: the User Equipment (UE) is provided with an RRC stack and RRC connection by Comp-SF.
Example 37 includes the method of example 29 or some other example herein, further comprising:
receiving, by the Comp-SF, a reconfiguration complete message from the CU-CP through the second interface; and
integrity and ciphering protection is activated by the Comp-SF in response to receiving the reconfiguration complete message.
Example 38 includes a method comprising:
establishing a Radio Resource Control (RRC) connection with a centralized Unit control plane (CU-CP) or a computational control function (Comp-CF);
receiving an RRC message including integrity and ciphering information from the CU-CP or the Comp-CF; and
based on the integrity and ciphering information, integrity and ciphering protection is activated.
Example 39 includes the method of example 38 or some other example herein, wherein the RRC message includes one or more of: an indication of a key counter is computed, and an indication of a selected security algorithm.
Example 40 includes the method of example 39 or some other example herein, wherein the method further comprises: an encryption key is derived based on the calculation key counter and the selected security algorithm.
Example 41 includes the method of example 39 or some other example herein, further comprising: and sending the RRC connection reconfiguration response message to the CU-CP or the Comp-CF.
Example 42 includes the method of any one of examples 38-41 or some other example herein, wherein the method is performed by a User Equipment (UE) or a portion thereof.
[ solutions 1 and 2]
Example A1 may include a method for implementing computing service support at a RAN node proximate to a UE by a RAN computing function (comprising one or more RAN Comp CF and RAN Comp SF), in which a network operator provides both computing services and connectivity services in a 5G network to an end user, e.g., the network operator also plays the role of an ASP in its 5G network, or the network operator and ASP have a Service Level Agreement (SLA) for ASP/CSP/ECSP to provide computing services proximate to its end user's RAN computing function in the network operator's 5G network.
Example A2 may include [ solution 2 option 1] the method of example A1 or some other example herein, wherein, for a computing service provided by a network operator, the S-NSSAI consists of a slice/service type (SST) having a new value defined for the computing service and a Slice Discriminator (SD), the SD discriminating multiple network slices of the same slice/service type.
Example A3 may include [ solution 2 option 1] the method of example A2 or some other example herein, wherein the SD may include the following information: an identification of a network operator or ASP providing the computing service, and one or more application IDs.
Example A4 may include [ solution 2 option 2] the method of example A1 or some other example herein, wherein for the computing services provided by the network operator, in addition to the SST and SD for the connectivity services provided by the 5G network operator, a new optional IE is defined in the S-NSSAI, a Service Type (STCMP) for the computing services computed by the RAN.
Example A5 may include [ solution 2 option 3] the method of example A1 or some other example herein, wherein, for computing services provided by a network operator, the new computing service slice is defined as a C-NSSAI, which is different from an S-NSSAI for connectivity services, and is defined as a C-SST (service and slice type for computing services) and a C-SD (service differentiation for computing services for a particular C-SST).
Example A6 may include [ solution 2 option 3] the method of example A5 or some other example herein, wherein the C-SST may be defined based on a type of service provider used for the computing service (e.g., a network operator (scenario 1) or an application provider (scenario 2)), and the C-SD is an optional IE that provides the UE with additional information, including an application ID, for computing the service slice.
[ solution 3]: subscription information related to computing services
Example A7 may include the method of example A3 or A4 or A6 or some other example herein, wherein the subscription information of the UE contains one or more subscribed slices of computing services, e.g., S-NSSAI (option 1/option 2 in solution 2) or C-NSSAI (option 3 in solution 2).
Example A8 may include the method of example A7 or some other example herein, wherein the subscription information additionally includes, for each subscribed slice of the computing service: a list of subscribed RAN-DNNs and one default RAN-DNN for RAN calculation.
Example A9 may include the method of example A8 or some other example herein, wherein a default RAN-DNN value is defined for the RAN calculation.
Example a10 may include the method of example A8 or some other example herein, wherein the RAN-DNN value may be used to represent the RAN computing services provided by the ASP/CSP/ECSP.
Example a11 may include the method of example A7 or some other example herein, wherein the subscription information additionally includes an indication of whether the S-NSSAI is marked as a computing service slice of a default subscription.
Example a12 may include the method of example a11 or some other example herein, wherein the subscription information additionally contains an indication of whether the computing service slice is subject to computing slice-specific authentication and authorization and an associated AAA server address, similar to the network slice-specific authentication.
[ solution 4]: authentication and authorization for network slice-specific or computing service slices
Example a13 may include the method of example a11 or some other example herein, wherein the AMF triggers network slice specific authentication and authorization by an AAA server (AAA-S) as part of an initial registration procedure based on subscription information (e.g., S-NSSAI or C-NSSAI) for computing a service slice, the server may be hosted by an H-PLMN operator or an application service provider (ASP, third party), with the following principles for network slices for connectivity services indicated in TS33.501 clause 16.
Example a14 may include the method of example a12 or some other example herein, wherein the AMF performs a role of an EAP authenticator and communicates with the AAA-S via an AUSF that assumes any AAA protocol that interworks with an AAA protocol supported by the AAA-S.
Example a15 may include the method of example a14 or some other example herein, wherein the NSSAA function contacts the AAA-S via the AAA-P if the AAA-S belongs to an ASP (third party). The NSSAA function and AAA-P may be co-sited.
[ solution 4.1]
Example a16 may include the method of example a15 or some other example herein, wherein when the ASP provides the computing service at the 5G network, the AAA-S may be provided by the ASP for its computing service slice, and the ASP provides address information (e.g., AAA-S ID, IP address, port number, etc.) of the AAA-S in an SLA with the network operator for the computing service.
Example a17 may include the method of example a16 or some other example herein, wherein, based on the SLA, the NSSAA function contacts the AAA-S via the AAA-P, wherein the NSSAA function and the AAA-P may be co-sited, and the AAA-S replies to the NSSAA with a result of the authentication via the AAA-P.
[ solution 4.2] (AMF trigger)
Example a18 may include the method of example a17 or some other example herein, wherein for computing service slicing, the computing slice specific authentication and authorization between the UE and an AAA server (AAA-S) uses a user ID (e.g., denoted NAI) and credentials that are different from the 3GPP subscription credentials (e.g., SUPI and credentials for PLMN access) and occur after the main authentication.
Example a19 may include the method of example a18 or some other example herein, wherein the slice information may be S-NSSAI (solution 2, option 1, option 2) or C-NSSAI (solution 2, option 3) for computing slice authentication and authorization, and the EAP framework is for computing slice-specific authentication and authorization between the UE and the AAA server.
[ solution 5]: compute service slice specific authentication and authorization via RAN computing functionality
Example a20 may include the method of example a11 or some other example herein, wherein the computing service slice-specific authentication and authorization is initiated by the RAN Comp-CF sending an authentication request to an AAA-S provided by the ASP/CSP/ECSP as part of a computing session establishment procedure for an ASP providing the computing service based on a UE context of information stored at the RAN node about allowed S-NSSAIs or C-NSSAIs.
Example a21 may include the method of example a20 or some other example herein, wherein when the application requiring the computing service is launched, the UE receiving the application request initiates the RAN computing session establishment procedure by indicating: computing service slice information (e.g., allowed S-NSSAI or C-NSSAI), and a user ID (e.g., denoted as Network Access Identifier (NAI)) that subscribes to the computing service provided by the ASP/CSP/ECSP.
Example a22 may include the method of example a21 or some other example herein, wherein the registered RAN node selects the RAN Comp-CF based on: the requested S-NSSAI or C-NSSAI and stored RAN network configuration information.
Example a23 may include the method of example a22 or some other example herein, wherein the RAN Comp-CF initiates the computing service slice specific authentication and authorization procedure by sending an authentication request to an AAA-S provided by the ASP/CSP/ECSP.
Example a24 may include the method of example a23 or some other example herein, wherein based on a result of the authentication response, the RAN Comp-CF selects the RAN Comp-SF and, if the authentication is successful, returns a successful result to the RAN node (e.g., CU-CP), otherwise the RAN Comp-CF returns the authentication result and a reject reason to the RAN node (e.g., CU-CP).
Example X1 includes an apparatus of a compute service function (Comp-SF), comprising:
a memory for storing Radio Resource Control (RRC) security keys; and
processing circuitry, coupled with the memory, to:
providing a first interface with a Distributed Unit (DU), wherein the first interface has a common protocol with an interface between a centralized unit control plane (CU-CP) and the DU;
providing a second interface with a compute control function (Comp-CF);
supporting a Packet Data Convergence Protocol (PDCP) stack at the Comp-SF and CU-UP; and
negotiating an encryption algorithm with the CU-CP via the second interface based on the RRC security key.
Example X2 includes the apparatus of example X1 or some other example herein, wherein the processing circuitry is further to: an RRC security key is received via the second interface.
Example X3 includes the apparatus of example X1 or some other example herein, wherein the processing circuitry is further to: a security algorithm is selected based on the RRC security key and a security context is generated.
Example X4 includes the apparatus of example X3 or some other example herein, wherein the processing circuitry is further to: sending an acknowledgement message including an indication of the selected security algorithm to the CU-CP via the second interface.
Example X5 includes the apparatus of example X1 or some other example herein, wherein the processing circuitry is further to:
receiving a reconfiguration complete message from the CU-CP through the second interface; and
integrity and ciphering protection is activated in response to receiving the reconfiguration complete message.
Example X6 includes the apparatus of any one of examples X1-X5 or some other example herein, wherein the processing circuitry is further to: an RRC stack and an RRC connection are provided to a User Equipment (UE).
Example X7 includes one or more computer-readable media storing instructions that, when executed by one or more processors, cause a User Equipment (UE) to:
establishing a Radio Resource Control (RRC) connection with a centralized Unit control plane (CU-CP) or a computational control function (Comp-CF);
receiving an RRC message including integrity and ciphering information from the CU-CP or the Comp-CF; and
based on the integrity and ciphering information, integrity and ciphering protection is activated.
Example X8 includes the one or more computer-readable media of example X7 or some other example herein, wherein the RRC message includes one or more of: an indication of a key counter is computed, and an indication of a selected security algorithm.
Example X9 includes the one or more computer-readable media of example X8 or some other example herein, wherein the memory further stores instructions for causing the UE to derive the ciphering key based on the calculation key counter and the selected security algorithm.
Example X10 includes the one or more computer-readable media of example X8 or some other example herein, wherein the memory further stores instructions for causing the UE to send the RRC connection reconfiguration response message to the CU-CP or Comp-CF.
Example X11 includes one or more computer-readable media storing instructions that, when executed by one or more processors, cause a User Equipment (UE) to:
encoding a registration request for transmission to an access and mobility management function (AMF) for accessing single network slice selection assistance information (S-NSSAI); and
receiving an indication of a subscribed S-NSSAI, wherein the subscribed S-NSSAI comprises an indication of: slice/service type (SST), slice Specifier (SD), and Radio Access Network (RAN) compute service types.
Example X12 includes the one or more computer-readable media of example X11 or some other example herein, wherein the SD includes an indication of a network operator or Application Service Provider (ASP) to provide the computing service, or an indication of one or more application identifiers.
Example X13 includes the one or more computer-readable media of example X11 or some other example herein, wherein the subscribed S-NSSAI further comprises an indication of a type of service for the computing Service (STCMP).
Example X14 includes the one or more computer-readable media of example X11 or some other example herein, wherein the UE is further to receive an indication of computing network slice selection assistance information (C-NSSAI) associated with a computing service provided by a network operator.
Example X15 includes the one or more computer-readable media of example X14 or some other example herein, wherein the C-NSSAI comprises an indication of a computing service and a slice type (C-SST) and an indication of a computing service differentiation (C-SD) for the particular C-SST.
Example X16 includes the one or more computer-readable media of example X15 or some other example herein, wherein the C-SST is associated with a type of service provider of the computing service.
Example X17 includes the one or more computer-readable media of example X15 or some other example herein, wherein the C-SD includes an indication of the application identifier.
Example X18 includes the one or more computer-readable media of example X11 or some other example herein, wherein the UE stored subscription information comprises an indication of one or more subscribed slices of computing services.
Example X19 includes the one or more computer-readable media of example X18 or some other example herein, wherein the subscription information further includes an indication of a list of subscribed radio access network-data network names (RAN-DNNs).
Example X20 includes the one or more computer-readable media of example X19 or some other example herein, wherein the RAN-DNN list includes an indication of a default RAN-DNN for RAN computation.
Example X21 includes the one or more computer-readable media of example X19 or some other example herein, wherein the RAN-DNN list includes an indication of a RAN-DNN value to represent a computing service provided by an ASP, a Cloud Service Provider (CSP), or an Edge Computing Service Provider (ECSP).
Example X22 includes the one or more computer-readable media of example X18 or some other example herein, wherein the subscription information further includes an indication of whether the subscribed S-NSSAI is marked as a default subscribed computing service slice.
Example X23 includes the one or more computer-readable media of example X18 or some other example herein, wherein the subscription information further comprises an indication of whether the subscribed computing service slice is subject to computing slice-specific authentication and authorization.
Example Z01 may include an apparatus comprising means for performing one or more elements of a method described in or relating to any of examples 1-X23, or any other method or process described herein.
Example Z02 may include one or more non-transitory computer-readable media comprising instructions that, when executed by one or more processors of an electronic device, cause the electronic device to perform one or more elements of the methods described in or related to any of examples 1-X23, or any other method or process described herein.
Example Z03 may include an apparatus comprising logic, modules, or circuitry to perform one or more elements of a method described in or relating to any of examples 1-X23, or any other method or process described herein.
Example Z04 can include a method, technique, or process as described in or related to any of examples 1-X23, or a portion or section thereof.
Example Z05 may include an apparatus comprising: one or more processors and one or more computer-readable media comprising instructions that, when executed by the one or more processors, cause the one or more processors to perform the method, techniques, or processes described in or relating to any of examples 1-X23, or portions or sections thereof.
Example Z06 can include a signal as described in or related to any one of examples 1-X23, or a portion or section thereof.
Example Z07 may include a datagram, packet, frame, segment, protocol Data Unit (PDU), or message as described in or related to any of examples 1-X23, or portions or sections thereof, or otherwise described in this disclosure.
Example Z08 can include a signal encoded with data as described in any of examples 1-X23, or a portion or section thereof, or related to a threshold, or otherwise described in this disclosure.
Example Z09 can include a signal encoded with a datagram, packet, frame, segment, protocol Data Unit (PDU), or message as described in or relating to any of examples 1-X23, or portions or sections thereof, or otherwise described in this disclosure.
Example Z10 may include an electromagnetic signal carrying computer-readable instructions, wherein execution of the computer-readable instructions by one or more processors causes the one or more processors to perform any one of the methods, techniques, or processes described in or related to example 1-X23, or portions thereof.
Example Z11 may include a computer program comprising instructions, wherein execution of the program by a processing element causes the processing element to perform any one of the methods, techniques, or processes described in or related to any of examples 1-X23, or portions thereof.
Example Z12 may include a signal in a wireless network as shown and described herein.
Example Z13 may include a method of communicating in a wireless network as shown and described herein.
Example Z14 may include a system for providing wireless communication as shown and described herein.
Example Z15 may include a device to provide wireless communication as shown and described herein.
Any of the above examples can be combined with any other example (or combination of examples) unless explicitly stated otherwise. The foregoing description of one or more implementations provides illustration and description, but is not intended to be exhaustive or to limit the scope of the embodiments to the precise form disclosed. Modifications and variations are possible in light of the above teachings or may be acquired from practice of various embodiments.
Abbreviations
Unless used otherwise herein, the terms, definitions, and abbreviations may be consistent with the terms, definitions, and abbreviations defined in 3GPP tr21.905v16.0.0 (2019-06). For purposes of this document, the following abbreviations may apply to the examples and embodiments discussed herein.
3GPP third generation partnership project
4G fourth generation
5G fifth generation
5GC 5G core network
ACK acknowledgement
AF application function
AM acknowledged mode
AMBR aggregate maximum bit rate
AMF access and mobility management functionality
AN access network
ANR automatic neighbor relation
AP application protocol, antenna port and access point
API application programming interface
APN Access Point name
ARP allocation and retention priority
ARQ automatic repeat request
AS access layer
ASN.1 abstract syntax notation 1
AUSF authentication server function
AWGN additive white Gaussian noise
BAP backhaul adaptation protocol
BCH broadcast channel
BER bit error rate
BFD beam fault detection
BLER Block error Rate
BPSK binary phase shift keying
BRAS broadband remote access server
BSS service support system
BS base station
BSR buffer status reporting
BW Bandwidth
BWP partial bandwidth
C-RNTI cell radio network temporary identity
CA carrier aggregation and authentication mechanism
CAPEX capital expenditure
CBRA contention-based random access
CC component carrier, country code, secret state check sum
CCA clear channel assessment
CCE control channel elements
CCCH common control channel
CE coverage enhancement
CDM content distribution network
CDMA code division multiple access
CFRA contention-free random access
Group of CG cells
CI cell identity
CID cell ID (e.g., positioning method)
CIM common information model
CIR carrier to interference ratio
CK key
CM connection management, conditional enforcement
CMAS commercial mobile alert service
CMD command
CMS cloud management system
CO conditional options
CoMP coordinated multipoint
CORESET control resource set
COTS commercial spot
CP control plane, cyclic prefix, attachment point
CPD connection point descriptor
CPE customer premises equipment
CPICH common pilot channel
CQI channel quality indication
CPU CSI processing unit, CPU
C/R Command/response field, bits
CRAN cloud radio access network and cloud RAN
CRB common resource block
CRC cyclic redundancy check
CRI channel state information resource indication, CSI-RS resource indication
C-RNTI cell RNTI
CS circuit switching
CSAR cloud service archive
CSI channel state information
CSI-IM CSI interference measurement
CSI-RS CSI reference signal
CSI-RSRP CSI reference signal received power
CSI-RSRQ CSI reference signal reception quality
CSI-SINR CSI signal-to-interference-and-noise ratio
CSMA Carrier sense multiple Access
CSMA/CA with collision avoidance
CSS common search space, cell specific search space
CTS clear to Send
CW code word
CWS contention window size
D2D device to device
DC double connection, direct current
DCI downlink control information
DF deployment Style
DL downlink
DMTF distributed management task group
DPDK data plane development kit
DM-RS DMRS demodulation reference signal
DN data network
DRB data radio bearer
DRS discovery reference signal
DRX discontinuous reception
DSL domain specific language, digital subscriber line
DSLAM DSL access multiplexer
DwPTS downlink pilot time slot
E-LAN Ethernet LAN
E2E end-to-end
ECCA extended clear channel assessment, extended CCA
ECCE enhanced control channel element and enhanced CCE
ED energy detection
Enhanced data rates for EDGE GSM evolution (GSM evolution)
EGMF open control management function
EGPRS enhanced GPRS
EIR equipment identification register
eLAA enhanced authorization assisted access and enhanced LAA
EM element manager
eMB enhanced mobile broadband
EMS element management system
eNB evolution Node B, E-UTRAN Node B
EN-DC E-UTRA-NR double ligation
EPC evolved packet core
EPDCCH enhanced PDCCH, enhanced physical downlink control channel
EPRE energy per resource element
EPS evolution grouping system
EREG enhanced REG, enhanced resource element group
ETSI European Telecommunications standards institute
ETWS earthquake and tsunami early warning system
eUICC embedded UICC and embedded universal integrated circuit card
E-UTRA evolved UTRA
E-UTRAN evolved UTRAN
EV2X enhanced V2X
F1AP F1 application protocol
F1-C F control plane interface
F1-U F user plane interface
FACCH fast associated control channel
FACCH/F fast associated control channel/full rate
FACCH/H FAST ASSOCIATED CONTROL CHANNEL/HALF-RATE
FACH forward access channel
FAUSCH fast uplink signaling channel
FB function Block
FBI feedback information
FCC Federal communications Commission
FCCH frequency correction channel
FDD frequency division duplex
FDM frequency division multiplexing
FDMA frequency division multiple access
FE front end
FEC forward error correction
FFS further study
FFT fast Fourier transform
The feLAA further enhances the authorized assisted access and further enhances the LAA
FN frame number
FPGA field programmable gate array
FR frequency range
G-RNTI GERAN wireless network temporary identifier
GERAN GSM EDGE RAN, GSM EDGE radio access network
GGSN gateway GPRS support node
GLONASS GLOBAL' naya NAviggationinanya Sputnikovaya Sistema (English: global navigation satellite System)
gNB next generation NodeB
gNB-CU gNB centralized unit and next generation NodeB centralized unit
gNB-DU gNB distributed unit and next generation NodeB distributed unit
GNSS global navigation satellite system
GPRS
GSM Global System for Mobile communications, group Spial Mobile
GTP GPRS tunneling protocol
GTP-U GPRS user plane tunnel protocol
GTS (WUS-related) go to sleep signal
GUMMEI globally unique MME identifier
GUTI globally unique temporary UE identity
HARQ hybrid ARQ, hybrid automatic repeat request
HANDO HANDOVER
HFN superframe number
HHO hard handoff
HLR home location register
HN Home network
HO handover
HPLMN home public land mobile network
HSDPA high speed downlink packet access
HSN frequency hopping sequence number
HSPA high speed packet access
HSS home subscriber server
HSUPA high speed uplink packet access
HTTP hypertext transfer protocol
HTTPS HyperText transport Security protocol (HTTPS is http/1.1 over SSL, i.e. port 443)
I-Block information Block
ICCID IC card identification
IAB integrated access and backhaul
ICIC inter-cell interference coordination
ID identification, identifier
Inverse IDFT discrete Fourier transform
IE information element
IBE in-band transmission
Institute of IEEE (institute of Electrical and electronics Engineers)
IEI cell identifier
IEIDL cell identifier data length
IETF Internet engineering task force
IF infrastructure
IM interference measurement, intermodulation, IP multimedia
IMC IMS credentials
IMEI international mobile equipment identity
IMGI International Mobile group identity
IMPI IP multimedia private identity
IMPU IP multimedia public identity
IMS IP multimedia subsystem
IMSI international mobile subscriber identity
IoT Internet of things
IP internet protocol
Ipsec IP security, internet protocol security
IP-CAN IP-connection access network
IP-M IP multicast
IPv4 Internet protocol version 4
IPv6 internet protocol version 6
IR Infrared ray
IS synchronization
IRP integration reference point
ISDN integrated services digital network
ISIM IM service identity module
ISO International organization for standardization
ISP internet service provider
IWF interworking function
I-WLAN interworking WLAN
Convolutional code constraint length, USIM individual key
kB kilobyte (1000 bytes)
kbps kilobits per second
Kc Key
Ki personal user authentication key
KPI key performance indicator
KQI key quality indicator
KSI key set identifier
ksps kilosymbols per second
KVM kernel virtual machine
L1 layer 1 (physical layer)
L1-RSRP layer 1 reference signal received power
L2 layer 2 (data link layer)
L3 layer 3 (network layer)
LAA authorization assisted access
LAN local area network
LBT listen before talk
LCM lifecycle management
LCR low chip rate
LCS location services
LCID logical channel ID
LI layer indication
LLC logical link control, lower layer compatibility
LPLMN local PLMN
LPP LTE positioning protocol
LSB least significant bit
LTE Long term evolution
LWA LTE-WLAN aggregation
LWIP LTE/WLAN wireless level integration with IPsec tunnel
LTE Long term evolution
M2M machine to machine
MAC Medium Access control (protocol layer context)
MAC message authentication code (Security/encryption context)
MAC-A MAC for authentication and Key Agreement (TSG T WG3 context)
MAC-I MAC for data integrity of Signaling messages (TSG T WG3 context)
MANO management and orchestration
MBMS multimedia broadcast and multicast service
MBSFN multimedia broadcast multicast service single frequency network
MCC Mobile country code
MCG master cell group
MCOT maximum channel occupancy time
MCS modulation coding scheme
MDAF management data analysis function
MDAS management data analysis service
MDT minimization of drive tests
ME Mobile device
MeNB master eNB
MER false extinction ratio
MGL measurement gap length
MGRP measurement gap repetition period
MIB master information block, management information base
MIMO multiple input multiple output
MLC mobile location center
MM mobility management
MME mobility management entity
MN master node
MnS management service
MO measurement object and mobile station calling party
MPBCH MTC physical broadcast channel
MPDCCH MTC physical Downlink control channel
MPDSCH MTC physical Downlink shared channel
MPRACH MTC physical random access channel
MPUSCH MTC physical uplink shared channel
MPLS multiprotocol label switching
MS mobile station
MSB most significant bit
MSC mobile switching center
MSI minimum system information, MCH scheduling information
MSID mobile station identifier
MSIN mobile station identification number
MSISDN mobile subscriber ISDN number
Called and mobile terminal of MT mobile station
MTC machine type communication
mMTC massive MTC, massive machine type communication
MU-MIMO multiuser MIMO
MWUS MTC wake-up signal, MTC WUS
NACK negative acknowledgement
NAI network access identifier
NAS non-Access stratum, non-Access stratum level
NCT network connection topology
NC-JT non-coherent joint transmission
NEC network capability opening
NE-DC NR-E-UTRA Dual ligation
NEF network open function
NF network function
NFP network forwarding path
NFPD network forwarding path descriptor
NFV network function virtualization
NFVI NFV infrastructure
NFVO NFV orchestrator
NG next generation, next generation
NGEN-DC NG-RAN E-UTRA-NR dual connectivity
NM network manager
NMS network management system
N-PoP network point of presence
NMIB, N-MIB narrow band MIB
NPBCH narrowband physical broadcast channel
NPDCCH narrowband physical downlink control channel
NPDSCH narrowband physical downlink shared channel
NPRACH narrowband physical random access channel
NPUSCH narrowband physical uplink shared channel
NPSS narrow-band primary synchronization signal
NSSS narrowband auxiliary synchronization signal
NR New air interface, neighbor relation
NRF NF repository function
NRS narrowband reference signal
NS network service
NSA dependent mode of operation
NSD network service descriptor
NSR network service record
NSSAI network slice selection assistance information
S-NNSAI Single NSSAI
NSSF network slice selection function
NW network
NWUS narrow-band wake-up signal and narrow-band WUS
Non-zero power of NZP
O & M operation and maintenance
ODU2 optical channel data Unit-type 2
OFDM orthogonal frequency division multiplexing
OFDMA orthogonal frequency division multiple access
OOB out-of-band
OOS out of synchronization
OPEX operating expenses
OSI other system information
OSS operation support system
OTA over-the-air download
PAPR peak-to-average power ratio
PAR peak-to-average ratio
PBCH physical broadcast channel
PC power control, personal computer
PCC primary component carrier, primary CC
PCell primary cell
PCI physical cell ID, physical cell identity
PCEF policy and charging enforcement function
PCF policy control function
PCRF policy control and charging rules function
PDCP packet data convergence protocol, packet data convergence protocol layer
PDCCH physical downlink control channel
PDCP packet data convergence protocol
PDN packet data network, public data network
PDSCH physical downlink shared channel
PDU protocol data unit
PEI permanent device identifier
PFD packet flow description
P-GW PDN gateway
PHICH physical hybrid ARQ indicator channel
PHY physical layer
PLMN public land mobile network
PIN personal identification number
PM Performance measurement
PMI precoding matrix indication
PNF physical network function
PNFD physical network function descriptor
PNFR physical network function record
PTT over POC cellular
PP, PTP point-to-point
PPP point-to-point protocol
Physical RACH
PRB physical resource block
PRG physical resource block group
ProSe proximity services, proximity-based services
PRS positioning reference signal
PRR packet receiving radio
PS packet service
PSBCH physical side link broadcast channel
PSDCH physical sidelink downlink channel
PSCCH physical side link control channel
PSFCH physical sidelink feedback channel
PSSCH physical sidelink shared channel
PSCell Primary SCell
PSS primary synchronization signal
PSTN public switched telephone network
PT-RS phase tracking reference signal
PTT push-to-talk
PUCCH physical uplink control channel
PUSCH physical uplink shared channel
QAM quadrature amplitude modulation
QCI QoS class identifier
QCL quasi co-station
QFI QoS flow ID, qoS flow identifier
QoS quality of service
QPSK quadrature (quaternary) phase shift keying
QZSS quasi-zenith satellite system
RA-RNTI random access RNTI
RAB radio access bearer, random access burst
RACH random access channel
RADIUS remote authentication dial-in user service
RAN radio access network
RAND (random number for authentication)
RAR random access response
RAT radio access technology
RAU routing area update
RB resource Block, radio bearer
RBG resource block group
REG resource element group
Rel version
REQ request
RF radio frequency
RI rank indication
RIV resource indication value
RL wireless link
RLC radio link control, radio link control layer
RLC AM RLC acknowledged mode
RLC UM RLC unacknowledged mode
RLF radio link failure
RLM radio link monitoring
RLM-RS reference signals for RLM
RM registration management
RMC reference measurement channel
Remaining MSI and remaining minimum system information in RMSI
RN relay node
RNC radio network controller
RNL radio network layer
RNTI radio network temporary identifier
ROHC robust header compression
RRC radio resource control, radio resource control layer
RRM radio resource management
RS reference signal
RSRP reference signal received power
RSRQ reference signal received quality
RSSI received signal strength indication
RSU roadside unit
RSTD reference signal time difference
RTP real-time protocol
RTS ready to send
Round Trip Time (RTT)
Rx reception, receiver
S1AP S1 application protocol
S1-S1 of MME for control plane
S1-U S1 for user plane
S-GW service gateway
S-RNTI SRNC radio network temporary identifier
S-TMSI SAE temporary mobile station identifier
SA independent mode of operation
SAE System architecture evolution
SAP service access point
SAPD service access point descriptor
SAPI service access point identifier
SCC secondary component carrier and secondary CC
SCell secondary cell
SC-FDMA single carrier frequency division multiple access
SCG Secondary cell group
SCM security context management
SCS subcarrier spacing
SCTP stream control transmission protocol
SDAP service data adaptation protocol, service data adaptation protocol layer
SDL supplemental downlink
SDNF structured data storage network functionality
SDP session description protocol
SDSF structured data storage functionality
SDU service data unit
SEAF secure anchoring functionality
SeNB auxiliary eNB
SEPP secure edge protection proxy
SFI slot format indication
SFTD space frequency time diversity, SFN and frame timing difference
SFN system frame number or single frequency network
SgNB auxiliary gNB
SGSN serving GPRS support node
S-GW service gateway
SI system information
SI-RNTI System information RNTI
SIB system information block
SIM user identity module
SIP session initiation protocol
SiP system-in-package
SL side chain
SLA service level agreement
SM session management
SMF session management function
SMS short message service
SMSF SMS functionality
SMTC SSB-based measurement timing configuration
SN auxiliary node, sequence number
SoC system on chip
SON self-organizing network
SpCell special cell
SP-CSI-RNTI semi-permanent CSI RNTI
SPS semi-persistent scheduling
sPN sequence number
SR scheduling request
SRB signaling radio bearers
SRS sounding reference signal
SS synchronization signal
SSB SS block
SSBRI SSB resource indication
SSC session and service continuity
SS-RSRP synchronization signal based reference signal received power
SS-RSRQ synchronization signal based reference signal reception quality
SS-SINR synchronization signal based signal-to-interference-and-noise ratio
SSS secondary synchronization signal
SSSG search space set group
SSSIF search space set indication
SST slice/service type
SU-MIMO Single user MIMO
SUL supplemental uplink
TA timing advance, tracking area
TAC tracking area code
TAG timing advance group
TAU tracking area update
TB transport block
TBS transport block size
TBD pending
TCI transport configuration indication
TCP transport communication protocol
TDD time division duplex
TDM time division multiplexing
TDMA time division multiple access
TE terminal equipment
TEID tunnel endpoint identifier
TFT business flow template
TMSI temporary mobile subscriber identity
TNL transport network layer
TPC transmit power control
TPMI transmit precoding matrix indication
TR technical report
TRP, TRxP sending and receiving point
TRS tracking reference signal
TRx transceiver
TS technical Specification, technical Standard
TTI Transmission time Interval
Tx transmission, transmitter
U-RNTI UTRAN RADIO NETWORK TEMPORARY IDENTIFICATION
UART universal asynchronous receiver and transmitter
UCI uplink control information
UE user equipment
UDM unified data management
UDP user datagram protocol
UDR unified data repository
UDSF unstructured data storage network functionality
UICC universal integrated circuit card
UL uplink
UM unacknowledged mode
UML unified modeling language
UMTS universal mobile communication system
UP user plane
UPF user plane functionality
URI uniform resource identifier
URL uniform resource locator
URLLC ultra-reliability and low time delay
USB universal serial bus
USIM universal subscriber identity module
USS UE specific search space
UTRA UMTS terrestrial radio Access
UTRAN universal terrestrial radio access network
UwPTS uplink pilot time slot
V2I vehicle-to-infrastructure
V2P vehicle-to-pedestrian
V2V vehicle-to-vehicle
V2X vehicle to everything
VIM virtualization infrastructure manager
VL virtual links
VLAN virtual LAN, virtual LAN
VM virtual machine
VNF virtualized network function
VNFFG VNF forwarding graph
VNFFGD VNF Forwarding graph descriptors
VNFM VNF manager
VoIP voice over IP, voice over Internet protocol
VPLMN visited public land mobile network
VPN virtual private network
VRB virtual resource block
WiMAX worldwide interoperability for microwave access
WLAN wireless local area network
WMAN wireless metropolitan area network
WPAN wireless personal area network
X2-C X-control plane
X2-U X-user plane
XML extensible markup language
XRES expected user response
XOR exclusive OR
ZC Zadoff-Chu
ZP zero power
Term(s) for
For purposes of this document, the following terms and definitions apply to the examples and embodiments discussed herein.
The term "circuitry" as used herein refers to, is a part of, or includes the following hardware components: such as electronic circuits, logic circuits, processors (shared, dedicated, or group) and/or memories (shared, dedicated, or group), application Specific Integrated Circuits (ASICs), field Programmable Devices (FPDs) (e.g., field Programmable Gate Arrays (FPGAs), programmable Logic Devices (PLDs), complex PLDs (CPLDs), high-capacity PLDs (HCPLDs), structured ASICs, or programmable socs), digital Signal Processors (DSPs), etc., which are configured to provide the described functionality. In some embodiments, circuitry may execute one or more software or firmware programs to provide at least some of the described functionality. The term "circuitry" may also refer to a combination of one or more hardware elements and program code (or a combination of circuitry and program code for use in an electrical or electronic system) that operates to perform the function of the program code. In these embodiments, the combination of hardware elements and program code may be referred to as a particular type of circuitry.
The term "processor circuit" as used herein refers to, is part of, or includes circuitry capable of sequentially and automatically performing a series of arithmetic or logical operations, or recording, storing and/or transmitting digital data. The processing circuitry may include one or more processing cores to execute instructions and one or more memory structures to store program and data information. The term "processor circuit" may refer to one or more application processors, one or more baseband processors, physical Central Processing Units (CPUs), single-core processors, dual-core processors, tri-core processors, quad-core processors, and/or any other device capable of executing or otherwise operating computer-executable instructions (e.g., program code, software modules, and/or functional processes). The processing circuitry may include further hardware accelerators, which may be microprocessors, programmable processing devices, etc. The one or more hardware accelerators may include, for example, computer Vision (CV) and/or Deep Learning (DL) accelerators. The terms "application circuitry" and/or "baseband circuitry" may be considered synonyms for "processor circuitry" and may be referred to as "processor circuitry".
The term "interface circuit" as used herein refers to, is part of, or includes circuitry that enables the exchange of information between two or more components or devices. The term "interface circuit" may refer to one or more hardware interfaces, such as a bus, an I/O interface, a peripheral component interface, a network interface card, and the like.
The term "user equipment" or "UE" as used herein refers to a device having radio communication capabilities and may describe a remote user of network resources in a communication network. The terms "user equipment" or "UE" may be considered as synonyms for, and may refer to: a client, a mobile station, a mobile device, a mobile terminal, a user terminal, a mobile unit, a mobile station, a mobile user, a subscriber, a user, a remote station, an access agent, a user agent, a receiver, a radio device, a reconfigurable mobile device, etc. Furthermore, the terms "user equipment" or "UE" may include any type of wireless/wireline device or any computing device that incorporates a wireless communication interface.
The term "network element" as used herein refers to a physical or virtualized device and/or infrastructure for providing wired or wireless communication network services. The term "network element" may be considered as synonyms and/or denominated as the following terms: a networking computer, networking hardware, network device, network node, router, switch, hub, bridge, radio network controller, RAN device, RAN node, gateway, server, virtualized VNF, NFVI, etc.
The term "computer system" as used herein refers to any type of interconnected electronic devices, computer devices, or components thereof. Moreover, the terms "computer system" and/or "system" may refer to various components of a computer that are communicatively coupled to each other. Moreover, the terms "computer system" and/or "system" may refer to multiple computing devices and/or multiple computing systems communicatively coupled to one another and configured to share computing and/or networking resources.
The terms "appliance," "computer appliance," and the like as used herein refer to a computer device or computer system having program code (e.g., software or firmware) specially designed to provide specific computing resources. A "virtual appliance" is a virtual machine image to be implemented by a hypervisor-equipped device that virtualizes or emulates a computer appliance or is otherwise dedicated to providing specific computing resources.
The term "resource" as used herein refers to a physical or virtual device, a physical or virtual component within a computing environment, and/or a physical or virtual component within a particular device, such as a computer device, a mechanical device, memory space, processor/CPU time, processor/CPU usage, processor and accelerator load, hardware time or usage, power, input/output operations, port or network sockets, channel/link allocations, throughput, memory usage, storage, networks, databases and applications, workload units, and the like. "hardware resources" may refer to computing, storage, and/or network resources provided by physical hardware elements. "virtualized resources" may refer to computing, storage, and/or network resources provided by a virtualization infrastructure to an application, device, system, and the like. The term "network resource" or "communication resource" may refer to a resource accessible by a computer device/system via a communication network. The term "system resource" may refer to any kind of shared entity that provides a service, and may include computing and/or network resources. System resources may be viewed as a coherent set of functions, network data objects, or services that are accessible through a server, where the system resources reside on a single host or multiple hosts and are clearly identifiable.
The term "channel" as used herein refers to any transmission medium, whether tangible or intangible, for communicating data or data streams. The term "channel" may be synonymous with and/or equivalent to the following terms: "communication channel," "data communication channel," "transmission channel," "data transmission channel," "access channel," "data access channel," "link," "data link," "carrier," "radio frequency carrier," and/or any other similar term referring to a path or medium through which data is communicated. Further, the term "link" as used herein refers to a connection between two devices over a RAT for sending and receiving information.
The terms "instantiate," "instantiate," and the like as used herein refer to the creation of an instance. An "instance" also refers to a specific occurrence of an object, which can occur, for example, during execution of program code.
The terms "coupled," "communicatively coupled," and their derivatives are used herein. The term "coupled" may mean that two or more elements are in direct physical or electrical contact with each other, that two or more elements are in indirect contact with each other but yet still co-operate or interact with each other, and/or that one or more other elements are coupled or connected between the elements that are considered to be coupled to each other. The term "directly coupled" may mean that two or more elements are in direct contact with each other. The term "communicatively coupled" may mean that two or more elements may be in communication contact with each other, including by a wired or other interconnection, by a wireless communication channel or link, or the like.
The term "cell" refers to a structural element that contains one or more fields. The term "field" refers to the individual content of a cell, or a data element containing content.
The term "SMTC" refers to an SSB-based measurement timing configuration configured by an SSB-measurementtimingtconfiguration.
The term "SSB" refers to the SS/PBCH block.
The term "primary cell" refers to an MCG cell operating on a primary frequency in which a UE performs an initial connection establishment procedure or initiates a connection re-establishment procedure.
The term "primary SCG cell" refers to an SCG cell in which a UE performs random access when performing a synchronization reconfiguration procedure for DC operation.
The term "secondary Cell" refers to a Cell that provides additional radio resources over a particular Cell for a UE configured with CA.
The term "secondary cell group" refers to a subset of serving cells for a DC-configured UE that includes PSCell and zero or more secondary cells.
The term "serving cell" refers to a primary cell for a UE that is not configured with CA/DC in RRC _ CONNECTED, and only one serving cell includes the primary cell.
The term "serving cell" or "serving cells" refers to a set of cells including a special cell and all secondary cells for a UE configured with CA/in RRC _ CONNECTED.
The term "special cell" refers to the PCell of the MCG or the PSCell of the SCG for DC operation; otherwise, the term "special cell" refers to Pcell.
Claims (23)
1. An apparatus of computing service function (Comp-SF), comprising:
a memory for storing Radio Resource Control (RRC) security keys; and
processing circuitry, coupled with the memory, to:
providing a first interface with a Distributed Unit (DU), wherein the first interface has a common protocol with an interface between a centralized unit control plane (CU-CP) and the DU;
providing a second interface with a compute control function (Comp-CF);
supporting a Packet Data Convergence Protocol (PDCP) stack at the Comp-SF and the CU-UP; and
negotiating an encryption algorithm with the CU-CP via the second interface based on the RRC security key.
2. The apparatus of claim 1, wherein the processing circuit is further to:
receiving the RRC security key via the second interface.
3. The apparatus of claim 1, wherein the processing circuit is further to:
selecting a security algorithm based on the RRC security key and generating a security context.
4. The apparatus of claim 3, wherein the processing circuit is further to:
sending an acknowledgement message to the CU-CP via the second interface, the acknowledgement message including an indication of the selected security algorithm.
5. The apparatus of claim 1, wherein the processing circuit is further to:
receiving a reconfiguration complete message from the CU-CP via the second interface; and
activating integrity and ciphering protection in response to receiving the reconfiguration complete message.
6. The apparatus of any of claims 1-5, wherein the processing circuitry is further to:
an RRC stack and an RRC connection are provided to a User Equipment (UE).
7. One or more computer-readable media storing instructions that, when executed by one or more processors, cause a User Equipment (UE) to:
establishing a Radio Resource Control (RRC) connection with a centralized Unit control plane (CU-CP) or a computational control function (Comp-CF);
receiving an RRC message including integrity and ciphering information from the CU-CP or the Comp-CF; and
based on the integrity and ciphering information, integrity and ciphering protection is activated.
8. The one or more computer-readable media of claim 7, wherein the RRC message comprises one or more of: an indication of a key counter is computed, and an indication of a selected security algorithm.
9. The one or more computer-readable media of claim 8, wherein the memory further stores instructions for causing the UE to derive a ciphering key based on the calculated key counter and the selected security algorithm.
10. The one or more computer-readable media of claim 8, wherein the memory further stores instructions for causing the UE to send an RRC connection reconfiguration response message to the CU-CP or the Comp-CF.
11. One or more computer-readable media storing instructions that, when executed by one or more processors, cause a User Equipment (UE) to:
encoding a registration request for transmission to an access and mobility management function (AMF) for accessing single network slice selection assistance information (S-NSSAI); and
receiving an indication of a subscribed S-NSSAI, wherein the subscribed S-NSSAI comprises an indication of: slice/service type (SST), slice Specifier (SD), and Radio Access Network (RAN) compute service types.
12. The one or more computer-readable media of claim 11, wherein the SD comprises an indication of a network operator or Application Service Provider (ASP) providing computing services, or an indication of one or more application identifiers.
13. The one or more computer-readable media of claim 11, wherein the subscribed S-NSSAI further comprises an indication of a type of Service (STCMP) of a computing service.
14. The one or more computer-readable media of claim 11, wherein the UE further receives an indication of computing network slice selection assistance information (C-NSSAI) associated with a computing service provided by a network operator.
15. The one or more computer-readable media of claim 14, wherein the C-NSSAI comprises an indication of a computing service and slice type (C-SST) and an indication of a computing service differentiation (C-SD) for a particular C-SST.
16. The one or more computer-readable media of claim 15, wherein the C-SST is associated with a type of service provider for the computing service.
17. The one or more computer-readable media of claim 15, wherein the C-SD includes an indication of an application identifier.
18. The one or more computer-readable media of claim 11, wherein the UE stored subscription information includes an indication of one or more subscribed slices of computing services.
19. The one or more computer-readable media of claim 18, wherein the subscription information further comprises an indication of a list of subscribed radio access network-data network names (RAN-DNNs).
20. The one or more computer-readable media of claim 19, wherein the RAN-DNN list includes an indication of a default RAN-DNN for RAN calculations.
21. The one or more computer-readable media of claim 19, wherein the RAN-DNN list comprises an indication of a RAN-DNN value representing a computing service provided by an ASP, a Cloud Service Provider (CSP), or an Edge Computing Service Provider (ECSP).
22. The one or more computer-readable media of claim 18, wherein the subscription information further comprises an indication of whether the subscribed S-NSSAI is marked as a default subscribed computing service slice.
23. The one or more computer-readable media of claim 18, wherein the subscription information further comprises an indication of whether the subscribed computing service slice is subject to computing slice-specific authentication and authorization.
Applications Claiming Priority (5)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US202063060529P | 2020-08-03 | 2020-08-03 | |
| US202063060543P | 2020-08-03 | 2020-08-03 | |
| US63/060,529 | 2020-08-03 | ||
| US63/060,543 | 2020-08-03 | ||
| PCT/US2021/044048 WO2022031556A1 (en) | 2020-08-03 | 2021-07-30 | Computing service enablement for next generation cellular networks |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115769615A true CN115769615A (en) | 2023-03-07 |
Family
ID=80117672
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202180047142.1A Pending CN115769615A (en) | 2020-08-03 | 2021-07-30 | Computing service implementation for next generation cellular networks |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN115769615A (en) |
| WO (1) | WO2022031556A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2024146146A1 (en) * | 2023-08-18 | 2024-07-11 | Lenovo (Beijing) Limited | Computing service in networks |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023229316A1 (en) * | 2022-05-23 | 2023-11-30 | Samsung Electronics Co., Ltd. | Method and system for designing security protocol for 6g network architecture |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10142994B2 (en) * | 2016-04-18 | 2018-11-27 | Electronics And Telecommunications Research Institute | Communication method and apparatus using network slicing |
| WO2018009340A1 (en) * | 2016-07-05 | 2018-01-11 | Intel Corporation | Systems, methods and devices for control-user plane separation for 5g radio access networks |
| EP3570577B1 (en) * | 2017-06-17 | 2021-04-07 | LG Electronics Inc. -1- | Method and apparatus for supporting security for separation of cu-cp and cu-up in wireless communication system |
| US11057766B2 (en) * | 2018-11-01 | 2021-07-06 | Nokia Technologies Oy | Security management in disaggregated base station in communication system |
-
2021
- 2021-07-30 CN CN202180047142.1A patent/CN115769615A/en active Pending
- 2021-07-30 WO PCT/US2021/044048 patent/WO2022031556A1/en active Application Filing
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2024146146A1 (en) * | 2023-08-18 | 2024-07-11 | Lenovo (Beijing) Limited | Computing service in networks |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2022031556A1 (en) | 2022-02-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11902985B2 (en) | Default PDSCH beam setting and PDCCH prioritization for multi panel reception | |
| US20210243782A1 (en) | Methods of enhanced sps transmission and harq feedback | |
| US11784861B2 (en) | Channel access related enhancements to New Radio Unlicensed (NR-U) | |
| US11910433B2 (en) | Physical uplink shared channel (PUSCH) transmission scheduling for new radio (NR) | |
| JP2023531591A (en) | Extending Wireless Local Area Networks for Access Traffic Steering Switching Splitting | |
| US20220272706A1 (en) | Downlink control information (dci) based beam indication for wireless cellular network | |
| US20230037090A1 (en) | Per-panel power control operation for uplink in 5g systems | |
| US11985670B2 (en) | Mode-1 downlink control information transmission-reception for configured sidelink scheduling in NR V2X | |
| US20240155606A1 (en) | Enhanced multi-layer uplink transmission | |
| US20240163900A1 (en) | Single-dci-based physical uplink shared channel (pusch) transmission scheduling | |
| US20240187176A1 (en) | Sounding reference signal configuration for antenna switching and carrier switching | |
| US20240155503A1 (en) | Spatial relationship and power control configuration for uplink transmissions | |
| US20240007314A1 (en) | Converged charging for edge enabling resource usage and application context transfer | |
| CN115769615A (en) | Computing service implementation for next generation cellular networks | |
| US20230216639A1 (en) | Srs configuration and transmission in multi-dci multi-trp and carrier aggregation | |
| US20240236787A1 (en) | User equipment (ue) switching between networks using measurement gaps | |
| US20240237082A1 (en) | Using physical random access channel (prach) to identify multiple features and combinations of features | |
| US20240154883A1 (en) | Sixth generation (6g) system architecture and functions | |
| US20240188097A1 (en) | Default beam operations for uplink transmissions | |
| US20240178939A1 (en) | Techniques for multi-transmission-reception point (trp) based uplink channel transmission | |
| US20240146473A1 (en) | Enhanced frequency hopping for data transmissions | |
| CN117546422A (en) | Configuration and collision handling using multiple antenna panels for simultaneous uplink transmissions | |
| KR20230153401A (en) | Congestion control for remote direct memory access (RDMA) in next-generation cellular networks | |
| US20240236183A1 (en) | Remote direct memory access (rdma) support in cellular networks | |
| US20240235797A1 (en) | Transmission configuration indicator (tci) chain enhancements for new radio systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |