CN117135707A - Method and apparatus for local ID allocation for implementing relay communication between user equipments - Google Patents

Method and apparatus for local ID allocation for implementing relay communication between user equipments Download PDF

Info

Publication number
CN117135707A
CN117135707A CN202310611267.3A CN202310611267A CN117135707A CN 117135707 A CN117135707 A CN 117135707A CN 202310611267 A CN202310611267 A CN 202310611267A CN 117135707 A CN117135707 A CN 117135707A
Authority
CN
China
Prior art keywords
layer
user device
message
link
procedure
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310611267.3A
Other languages
Chinese (zh)
Inventor
潘立德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Asus Technology Licensing Inc
Original Assignee
Asus Technology Licensing Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Asus Technology Licensing Inc filed Critical Asus Technology Licensing Inc
Publication of CN117135707A publication Critical patent/CN117135707A/en
Pending legal-status Critical Current

Links

Abstract

Methods and apparatus for local ID allocation for implementing relay communications between user devices are disclosed. In one embodiment, a third user device receives a first PC5-S message from a first user device for initiating a procedure to establish a first layer 2 link between the first user device and the third user device. The third user device also transmits a second PC5-S message to the first user device for establishing a first security context between the first user device and the third user device in the procedure for establishing the first layer 2 link. The third user device further receives a third PC5-S message from the first user device for completing the establishment of the first security context in the procedure for establishing the first layer 2 link. In addition, the third user device transmits a fourth PC5-S message to the first user device for completing the procedure of establishing the first layer 2 link, wherein the fourth PC5-S message contains the layer 2 identification of the second user device.

Description

Method and apparatus for local ID allocation for implementing relay communication between user equipments
Technical Field
The present disclosure relates generally to wireless communication networks, and more particularly to a method and apparatus for local ID allocation for implementing relay communication between UEs in a wireless communication system.
Background
With the rapid increase in demand for large amounts of data to and from mobile communication devices, conventional mobile voice communication networks evolve into networks that communicate with internet protocol (Internet Protocol, IP) data packets. This IP data packet communication may provide voice over IP, multimedia, multicast, and on-demand communication services for users of mobile communication devices.
An exemplary network structure is an evolved universal terrestrial radio access network (Evolved Universal Terrestrial Radio Access Network, E-UTRAN). The E-UTRAN system may provide high data throughput for implementing the above-described IP-bearing voice and multimedia services. Currently, the 3GPP standards organization is discussing new next generation (e.g., 5G) radio technologies. Thus, current bodies of changing 3GPP standards are currently being submitted and considered to evolve and ultimately determine the 3GPP standards.
Disclosure of Invention
Methods and apparatus for supporting a third User Equipment (UE) are disclosed. In one embodiment, a third UE receives a first PC5-S message from a first UE for initiating a procedure to establish a first layer 2 link between the first UE and the third UE. The third UE also transmits a second PC5-S message to the first UE for establishing a first security context between the first UE and the third UE in the procedure of establishing the first layer 2 link. The third UE further receives a third PC5-S message from the first UE for completing the establishment of the first security context in the procedure for establishing the first layer 2 link. In addition, the third UE transmits a fourth PC5-S message to the first UE for completing the procedure of establishing the first layer 2 link, wherein the fourth PC5-S message contains the layer 2 identity of the second UE.
Drawings
Fig. 1 shows a diagram of a wireless communication system according to one example embodiment.
Fig. 2 is a block diagram of a transmitter system (also referred to as an access network) and a receiver system (also referred to as a user equipment or UE) according to an example embodiment.
Fig. 3 is a functional block diagram of a communication system according to an exemplary embodiment.
FIG. 4 is a functional block diagram of the program code of FIG. 3 according to one exemplary embodiment.
Fig. 5 is a reproduction of fig. 5.2.1.4-1 of 3GPP TS 23.287V17.0.0.
Fig. 6 is a reproduction of fig. 6.3.2.1-1 of 3GPP TS 23.304V17.2.1.
Fig. 7 is a reproduction of fig. 6.3.2.1-2 of 3GPP TS 23.304V17.2.1.
Fig. 8 is a reproduction of fig. 6.4.3.1-1 of 3GPP TS 23.304V17.2.1.
Fig. 9 is a reproduction of fig. 7.2.2.2.1 of 3GPP TS 24.554V17.0.0.
Fig. 10 is a reproduction of fig. 7.2.10.2.1 of 3GPP TS 24.554V17.0.0.
Fig. 11 is a reproduction of table 10.3.1.1.1 of 3GPP TS 24.554V17.0.0.
Fig. 12 is a reproduction of table 10.3.2.1.1 of 3GPP TS 24.554V17.0.0.
Fig. 13 is a reproduction of table 10.3.13.1.1 of 3GPP TS 24.554V17.0.0.
Fig. 14 is a reproduction of table 10.3.14.1.1 of 3GPP TS 24.554V17.0.0.
Fig. 15 is a reproduction of fig. 5.8.9.1.1-1 of 3GPP TS 38.331V17.0.0.
Fig. 16 is a reproduction of fig. 5.1-1 of 3GPP TR 38.386V17.0.0.
Fig. 17 is a reproduction of fig. 5.5.1-1 of 3GPP TR 38.386V17.0.0.
Fig. 18 is a reproduction of fig. 5.5.1-2 of 3GPP TR 38.386V17.0.0.
Fig. 19 is a reproduction of fig. 5.1.1-1 of 3gpp TS 23.700-33V0.2.0.
Fig. 20 is a reproduction of fig. 6.13.2-1 of 3gpp TS 23.700-33V0.2.0.
FIG. 21 is a flowchart in accordance with an exemplary embodiment.
FIG. 22 is a flowchart in accordance with an exemplary embodiment.
FIG. 23 is a flowchart in accordance with an exemplary embodiment.
FIG. 24 is a flowchart in accordance with an exemplary embodiment.
Detailed Description
The exemplary wireless communication systems and apparatus described below employ wireless communication systems that support broadcast services. Wireless communication systems are widely deployed to provide various types of communication such as voice, data, and so on. These systems may be based on code division multiple access (code division multiple access, CDMA), time division multiple access (time division multiple access, TDMA), orthogonal frequency division multiple access (orthogonal frequency division multiple access, OFDMA), 3GPP long term evolution (Long Term Evolution, LTE) wireless access, 3GPP long term evolution advanced (Long Term Evolution Advanced, LTE-a), 3GPP2 ultra mobile broadband (Ultra Mobile Broadband, UMB), wiMax, 3GPP New Radio (New Radio, NR), or some other modulation technique.
In particular, the exemplary wireless communication systems and devices described below may be designed to support one or more standards, such as those provided by an association named "third generation partnership project" herein referred to as 3GPP, including: TS 23.287V17.1.0, "architecture enhancements (version 17) for 5G systems (5 GS) to support Internet of vehicles (V2X) services"; TS 23.304V17.2.1, "proximity-based services (ProSe) (release 17) in 5G system (5 GS)"; TS 24.554V17.0.0, "proximity services (ProSe) in 5G system (5 GS) protocol aspects; stage 3 (version 17) "; TS 38.331V17.0.0, "Radio Resource Control (RRC) protocol specification (release 17)"; TS 38.323V17.0.0, "Packet Data Convergence Protocol (PDCP) specification (release 17)"; TR 38.836V17.0.0, "study on NR side link relay; (version 17) "; and TR 23.700-33V0.2.0, "study of system enhancements for proximity-based services (ProSe) in 5G systems (5 GS); stage 2; (version 18) ". The standards and documents listed above are hereby expressly incorporated by reference in their entirety.
Fig. 1 shows a multiple access wireless communication system according to one embodiment of the invention. AN access network 100 (AN) includes multiple antenna groups, one including 104 and 106, another including 108 and 110, and yet another including 112 and 114. In fig. 1, only two antennas are shown for each antenna group, however, more or fewer antennas may be utilized for each antenna group. An access terminal 116 (AT) is in communication with antennas 112 and 114, where antennas 112 and 114 transmit information to access terminal 116 over forward link 120 and receive information from access terminal 116 over reverse link 118. An Access Terminal (AT) 122 is in communication with antennas 106 and 108, where antennas 106 and 108 transmit information to Access Terminal (AT) 122 over forward link 126 and receive information from Access Terminal (AT) 122 over reverse link 124. In an FDD system, communication links 118, 120, 124 and 126 may use different frequency for communication. For example, forward link 120 may use a different frequency than that used by reverse link 118.
The antennas of each group and/or the area in which they are designed to communicate are often referred to as a sector of the access network. In an embodiment, antenna groups each are designed to communicate to access terminals in a sector of the areas covered by access network 100.
In communication over forward links 120 and 126, the transmit antennas of access network 100 may utilize beamforming in order to improve signal-to-noise ratio of forward links for the different access terminals 116 and 122. And, the access network using beamforming to transmit to access terminals scattered randomly through its coverage causes less interference to access terminals in neighboring cells than an access network transmitting through a single antenna to all its access terminals.
AN Access Network (AN) may be a fixed station or base station used for communicating with the terminals and may also be referred to as AN access point, a Node B, a base station, AN enhanced base station, AN evolved Node B (eNB), a network Node, a network, or some other terminology. An Access Terminal (AT) may also be referred to as a User Equipment (UE), a wireless communication device, a terminal, an access terminal, or some other terminology.
Fig. 2 is a simplified block diagram of an embodiment of a transmitter system 210 (also referred to as an access network) and a receiver system 250 (also referred to as an Access Terminal (AT) or User Equipment (UE)) in a MIMO system 200. At the transmitter system 210, traffic data for a number of data streams is provided from a data source 212 to a Transmit (TX) data processor 214.
In one embodiment, each data stream is transmitted through a respective transmit antenna. TX data processor 214 formats, codes, and interleaves the traffic data for each data stream based on a particular coding scheme selected for that data stream to provide coded data.
The coded data for each data stream may be multiplexed with pilot data using OFDM techniques. The pilot data is typically a known data pattern that is processed in a known manner and may be used at the receiver system to estimate the channel response. The multiplexed pilot and coded data for each data stream is then modulated (i.e., symbol mapped) based on a particular modulation scheme (e.g., BPSK, QPSK, M-PSK or M-QAM) selected for that data stream to provide modulation symbols. The data rate, coding, and modulation for each data stream may be determined by instructions performed by processor 230.
The modulation symbols for all data streams are then provided to a TX MIMO processor 220, which may further process the modulation symbols (e.g., for OFDM). TX MIMO processor 220 then applies N T Providing the modulated symbol streams to N T Transmitters (TMTR) 222a through 222t. In certain embodiments, TX MIMO processor 220 applies beamforming weights to the symbols of the data streams and to the antenna from which the symbol is being transmitted.
Each transmitter 222 receives and processes a respective symbol stream to provide one or more analog signals, and further conditions (e.g., amplifies, filters, and upconverts) the analog signals to provide a modulated signal suitable for transmission over the MIMO channel. Then respectively from N T The antennas 224a through 224t transmit N from the transmitters 222a through 222t T And modulated signals.
At the receiver system 250, the signal is represented by N R Each antenna 252 a-252 r receives the transmitted modulated signals and provides the received signal from each antenna 252 to a respective receiver (RCVR) 254 a-254 r. Each receiver 254 conditions (e.g., filters, amplifies, and downconverts) a respective received signal, digitizes the conditioned signal to provide samples, and further processes the samples to provide a corresponding "received" symbol stream.
RX data processor 260 then proceeds to process the data from N based on a particular receiver R The N is received and processed by a plurality of receivers 254 R Providing N by receiving symbol streams T The "detected" symbol streams. RX dataProcessor 260 then demodulates, deinterleaves, and decodes each detected symbol stream to recover the traffic data for the data stream. The processing by RX data processor 260 is complementary to that performed by TX MIMO processor 220 and TX data processor 214 at transmitter system 210.
The processor 270 periodically determines which pre-coding matrix to use (discussed below). Processor 270 formulates a reverse link message comprising a matrix index portion and a rank value portion.
The reverse link message may comprise various types of information regarding the communication link and/or the received data stream. The reverse link message is then processed by a TX data processor 238, which also receives traffic data for a number of data streams from a data source 236, modulated by a modulator 280, conditioned by transmitters 254a through 254r, and transmitted back to transmitter system 210.
At transmitter system 210, the modulated signals from receiver system 250 are received by antennas 224, conditioned by receivers 222, demodulated by a demodulator 240, and processed by a RX data processor 242 to extract the reverse link message transmitted by receiver system 250. Processor 230 then determines which pre-coding matrix to use to determine the beamforming weights and then processes the extracted message.
Turning to fig. 3, this figure shows an alternative simplified functional block diagram of a communication device according to one embodiment of the present invention. As shown in fig. 3, a communication device 300 in a wireless communication system may be utilized for implementing UEs (or ATs) 116 and 122 in fig. 1 or base station (or AN) 100 in fig. 1, and the wireless communication system is preferably AN NR system. The communication device 300 may include an input device 302, an output device 304, a control circuit 306, a central processing unit (central processing unit, CPU) 308, a memory 310, program code 312, and a transceiver 314. The control circuit 306 executes the program code 312 in the memory 310 via the CPU 308, thereby controlling the operation of the communication device 300. The communication device 300 may receive signals input by a user through an input device 302 (e.g., a keyboard or keypad) and may output images and sounds through an output device 304 (e.g., a display or speaker). The transceiver 314 is used to receive and transmit wireless signals, pass the received signals to the control circuit 306, and wirelessly output signals generated by the control circuit 306. The AN 100 of fig. 1 may also be implemented with a communication device 300 in a wireless communication system.
Fig. 4 is a simplified block diagram of the program code 312 shown in fig. 3 according to one embodiment of the invention. In this embodiment, program code 312 includes an application layer 400, a layer 3 portion 402, and a layer 2 portion 404, and is coupled to a layer 1 portion 406. Layer 3 portion 402 generally performs radio resource control. Layer 2 portion 404 typically performs link control. Layer 1 portion 406 typically performs physical connections.
3GPP TS 23.287 describes the following:
5.2.1.4 unicast mode communication over PC5 reference point
The NR-based PC5 reference point supports only unicast communication modes. Fig. 5.2.1.4-1 shows an example of a PC5 unicast link.
Fig. 5.2.1.4-1 entitled "example of PC5 unicast link" of 3GPP TS 23.287V17.0.0 is reproduced as fig. 5]
3GPP TS 23.304 introduces the following procedures related to unicast link communication:
5.8.2 identifier for 5G ProSe direct communication
5.8.2.1 overview
Each UE has one or more layer 2 IDs for 5G ProSe direct communication over PC5 reference points, consisting of:
-source layer 2ID; and
-destination layer 2ID.
The source and destination layer 2 IDs are contained in layer 2 frames sent on the layer 2 link of the PC5 reference point identifying the layer 2 source and destination of these frames. The source layer 2ID is always self-assigned by the UE initiating the corresponding layer 2 frame.
The selection of source and destination layer 2 IDs by the UE depends on the communication mode of 5G ProSe direct communication over the PC5 reference point for this layer 2 link as described in clauses 5.8.2.2, 5.8.2.3 and 5.8.2.4. The source layer 2ID may be different between different communication modes.
[…]
5.8.2.4 identifier for unicast mode 5G ProSe direct communication
For unicast mode 5G ProSe direct communication through PC5 reference point, the destination layer 2ID used depends on the communicating peer. The layer 2ID of the communicating peer identified by the application layer ID of the peer may be discovered during the establishment of the PC5 unicast link or directly communicated via a previous ProSe, e.g. known to the UE to an existing or previous unicast link to the same application layer ID or obtained from a 5G ProSe direct discovery procedure. The initial signaling for establishing the PC5 unicast link may use a known layer 2ID of the communication peer, or a preset destination layer 2ID associated with a ProSe service (i.e., proSe identifier) configured for PC5 unicast link establishment, as specified in clause 5.1.3.1. As specified in clause 6.4.3, during the PC5 unicast link setup procedure, the layer 2ID is exchanged and applied for future communication between two UEs.
Since ProSe application layer does not use layer 2ID, ue maintains mapping between application layer ID and source layer 2ID for PC5 unicast link. This allows changing the source layer 2ID without interrupting ProSe application.
When the application layer ID changes, the source layer 2ID of the PC5 unicast link should change if the link is used for 5G ProSe communication with the changed application layer ID.
Updating the new identifier of the source UE to the peer UE for the established unicast link may cause the peer UE to change its layer 2ID and optionally IP address/prefix (if IP communication is generally used as defined in clause 6.4.3.2) based on the privacy configuration as specified in clause 5.1.3.1.
[…]
6.3.2 procedure for direct discovery of 5G ProSe by PC5 reference point
6.3.2.1 overview
The PC5 communication channel is used to carry discovery messages on PC5, and discovery messages on PC5 are distinguished from other PC5 messages by the AS layer.
Support both model a and model B discovery as defined in TS 23.303[3 ]:
model a uses a single discovery protocol message (notification).
Model B uses two discovery protocol messages (request and response).
Depicted in fig. 6.3.2.1-1 is a procedure for 5G ProSe direct discovery using model a.
FIG. 6.3.2.1-1 entitled "5G ProSe direct discovery Using model A" of 3GPP TS 23.304V17.2.1 is reproduced as FIG. 6]
1. The notification UE sends a notification message. The notification message may contain the type of discovery message, proSe application code or ProSe restricted code, security protection element, [ metadata information ]. The application layer metadata information may be included as metadata in the notification message.
The destination layer 2ID and the source layer 2ID for sending the notification message are specified in clause 5.8.1.2 and clause 5.8.1.3.
The listening UE determines a destination layer 2ID for signaling reception. As specified in clause 5.8.1.2, the UE is configured with the destination layer 2ID.
Depicted in fig. 6.3.2.1-2 is a procedure for 5G ProSe direct discovery using model B.
FIG. 6.3.2.1-2 entitled "5G ProSe direct discovery Using model B" of 3GPP TS 23.304V17.2.1 is reproduced as FIG. 7]
1. The discoverer UE sends a request message. The request message may contain the type of discovery message, proSe query code, security protection element.
The destination layer 2ID and the source layer 2ID for transmitting the request message are specified in terms 5.8.1.2 and 5.8.1.3.
How the discoveree UE determines the destination layer 2ID for signaling reception is specified in clause 5.8.1.2.
2. The discoveree UE that matches the request message responds to the discoveree UE with a response message. The response message may contain the type of discovery message, proSe response code, security protection element, [ metadata information ]. The application layer metadata information may be included as metadata in the response message.
The source layer 2ID for transmitting the response message is specified in clause 5.8.1.3. The destination layer 2ID is set to the source layer 2ID of the received request message.
Note that: the details of the security protection element will be defined by the SA WG 3.
[…]
6.4.3 unicast mode 5G ProSe direct communication
6.4.3.1 layer 2 link establishment through PC5 reference point
In order to perform unicast mode of ProSe direct communication through the PC5 reference point, the UE is configured with related information as described in clause 5.1.3.
Fig. 6.4.3.1-1 shows a layer 2 link setup procedure for ProSe direct communication in unicast mode through PC5 reference point.
[3GPP TS 23.304V17.2.1, FIG. 6.4.3.1-1 entitled "layer 2 Link setup procedure" is reproduced as FIG. 8]
1. As specified in clause 5.8.2.4, the UE determines the destination layer 2ID for signaling reception for PC5 unicast link establishment.
The ProSe application layer in ue-1 provides application information for PC5 unicast communication. The application information includes ProSe service information, an application layer ID of the UE. The application information may include an application layer ID of the target UE.
The ProSe application layer in UE-1 may provide ProSe application requirements for this unicast communication. As specified in clause 5.6.1, UE-1 determines PC5 QoS parameters and PFI.
If the UE-1 decides to reuse the existing PC5 unicast link as specified in clause 5.3.4, then the UE triggers the layer 2 link modification procedure as specified in clause 6.4.3.4.
Ue-1 sends a direct communication request message to initiate a unicast layer 2 link setup procedure. The direct communication request message includes:
-source user information: the application layer ID of the UE (i.e., the application layer ID of UE-1) is initiated.
-if in step 2 the ProSe application layer provides the application layer ID of the target UE, the following information is contained:
-target user information: the application layer ID of the target UE (i.e., the application layer ID of UE-2).
ProSe service information: information about ProSe identifier requesting layer 2 link setup.
-security information: information for establishing security.
Note 1: the security information and the necessary protection for the source and target user information are defined by the SA WG 3.
The source layer 2ID and destination layer 2ID for sending the direct communication request message are determined as specified in clauses 5.8.2.1 and 5.8.2.4. The destination layer 2ID may be a broadcast or unicast layer 2ID. When using the unicast layer 2ID, the target user information should be included in the direct communication request message.
The UE-1 transmits a direct communication request message via the PC5 broadcast or unicast using the source layer 2ID and the destination layer 2ID.
4. The security of UE-1 is established as follows:
4a. If the target user information is included in the direct communication request message, the target UE (i.e., UE-2) responds by establishing security with UE-1.
4b. If the target user information is not included in the direct communication request message, the UE interested in ProSe service notified through PC5 unicast link usage with UE-1 responds by establishing security with UE-1.
And (2) injection: signaling for security procedures is defined by the SA WG 3.
When security protection is enabled, UE-1 sends the following information to the target UE:
-if IP communication is used:
-IP address configuration: for IP communications, this link requires an IP address configuration, and it indicates one of the following values:
- "DHCPv4 server", i.e. acting as DHCPv4 server if only the IPv4 address allocation mechanism is supported by the initiating UE; or (b)
"IPv6 router", i.e. acting as IPv6 router if only the IPv6 address allocation mechanism is supported by the initiating UE; or (b)
- "DHCPv4 server and IPv6 router", if both IPv4 and IPv6 address allocation mechanisms are supported by the initiating UE; or (b)
"not supporting address assignment", if neither IPv4 nor IPv6 address assignment mechanisms are supported by the initiating UE.
-link local IPv6 address: if UE-1 does not support the IPv6 IP address assignment mechanism, i.e., IP address configuration indicates "does not support address assignment," then link local IPv6 addresses are formed locally based on RFC 4862[17 ].
QoS information: information about PC5 QoS flows. For each PC5 QoS flow, PFI and corresponding PC5 QoS parameters (i.e., PQI and conditionally other parameters, such as MFBR/GFBR, etc.) and optionally an associated ProSe identifier.
-optional PC5 QoS rules.
The source layer 2ID for the security setup procedure is determined as specified in clauses 5.8.2.1 and 5.8.2.4. The destination layer 2ID is set to the source layer 2ID of the received direct communication request message.
Upon receiving the security setup procedure message, UE-1 obtains the layer 2ID of the peer UE for future communications for signaling and data traffic for this unicast link.
5. The target UE that has successfully established security with UE-1 sends a direct communication accept message to UE-1:
(UE-oriented layer 2 link establishment) if the direct communication request message contains target user information, then the target UE (i.e., UE-2) responds with a direct communication accept message if the application layer ID for UE-2 matches.
(layer 2 link establishment towards ProSe service) if the target user information is not included in the direct communication request message, UEs interested in using the notified ProSe service (UE-2 and UE-4 in fig. 6.4.3.1-1) respond to the request by sending a direct communication accept message.
The direct communication accept message includes:
-source user information: an application layer ID of the UE transmitting the direct communication accept message.
QoS information: information about PC5 QoS flows. For each PC5 QoS flow, the PFI requested by UE-1 and the corresponding PC5 QoS parameters (i.e., PQI and, conditionally, other parameters such as MFBR/GFBR) and optionally the associated ProSe identifier.
-optional PC5 QoS rules.
-if IP communication is used:
-IP address configuration: for IP communications, this link requires an IP address configuration, and it indicates one of the following values:
- "DHCPv4 server", i.e. acting as DHCPv4 server if only the IPv4 address allocation mechanism is supported by the target UE; or (b)
"IPv6 router", i.e. acting as IPv6 router if only the IPv6 address allocation mechanism is supported by the target UE; or (b)
- "DHCPv4 server and IPv6 router", if both IPv4 and IPv6 address allocation mechanisms are supported by the target UE; or (b)
"not supporting address assignment", if neither IPv4 nor IPv6 address assignment mechanisms are supported by the target UE.
-link local IPv6 address: if the target UE does not support the IPv6 IP address assignment mechanism, i.e., the IP address configuration indicates "does not support address assignment," and UE-1 contains a link local IPv6 address in the direct communication request message, then the link local IPv6 address is formed locally based on RFC 4862[17 ]. The target UE should contain a non-conflicting link local IPv6 address.
If two UEs (i.e., the initiating UE and the target UE) are selected to use the link-local IPv6 address, then the two UEs will deactivate the dual address detection defined in RFC 4862[17 ].
And (3) injection: when the initiating UE or the target UE indicates support for IPv6 routing, the corresponding address configuration procedure will take place after the layer 2 link is established and the link local IPv6 address is ignored.
The ProSe layer of the UE that establishes the PC5 unicast link passes the PC5 link identifier assigned for the unicast link and PC5 unicast link related information down to the AS layer. The PC5 unicast link related information contains layer 2ID information (i.e., source layer 2ID and destination layer 2 ID). This enables the AS layer to maintain PC5 link identifiers and PC5 unicast link related information.
6. ProSe data is transmitted over the established unicast link as follows:
the PC5 link identifier and PFI are provided to the AS layer along with ProSe data.
In addition, layer 2ID information (i.e., source layer 2ID and destination layer 2 ID) is optionally provided to the AS layer.
And (4) injection: layer 2ID information is provided to the AS layer by the UE implementation.
UE-1 transmits ProSe data using the source layer 2ID (i.e., layer 2ID of UE-1 for this unicast link) and the destination layer 2ID (i.e., layer 2ID of peer UE for this unicast link).
And (5) injection: the PC5 unicast link is bi-directional, so peer UEs of UE-1 can send ProSe data to UE-1 over the unicast link with UE-1.
3GPP 24.554 introduces the following procedures related to unicast link communication:
7.2.2 5G ProSe direct link establishment procedure
7.2.2.1 overview
Depending on the type of 5G ProSe direct link setup procedure (i.e. UE-oriented layer 2 link setup or ProSe service-oriented layer 2 link setup in 3gpp TS 23.304[2 ]), the 5G ProSe direct link setup procedure is used to establish a 5G ProSe direct link between two UEs or to establish multiple 5G ProSe direct links. The UE that sends the request message is referred to as the "initiating UE" and the other UE is referred to as the "target UE". If the request message does not indicate a particular target UE (i.e., the target user information is not included in the request message) and the multiple target UEs are interested in the ProSe application indicated in the request message, the initiating UE should process the corresponding response messages received from those target UEs. The maximum number of 5G ProSe direct links established in the UE at a time should not exceed the implementation specific maximum number of 5G ProSe direct links established.
Note that: the recommended maximum number of 5G ProSe direct links established is 8.
When the 5G ProSe direct link setup procedure for the 5G ProSe layer 3 remote UE is successfully completed, and if there is a PDU session established for relaying the traffic of the remote UE, the 5G ProSe layer 3UE to the relay UE of the network should perform the remote UE reporting procedure as specified in 3GPP TS 24.501[11.
After the 5G ProSe direct link setup procedure for the 5G ProSe layer 2 remote UE is successfully completed, and after a request is obtained from the 5G ProSe layer 2 remote UE through the lower layer, the relay UE of the 5G ProSe layer 2UE to the network should inform the lower layer to perform the service request procedure as specified in 3GPP TS 24.501[11 in 5GMM-IDLE mode.
The editor annotates: any possible changes to the 5G ProSe direct link setup procedure (e.g. adding new IEs or changing existing IEs) are to be investigated further due to the security requirements of the 5G ProSe layer 2UE to network relay or the 5G ProSe layer 3UE to network relay.
7.2.2.2 initiating a 5G ProSe direct link setup procedure by an initiating UE
The initiating UE should satisfy the following preconditions before initiating this procedure:
a) A request from an upper layer to transmit a packet for ProSe application through PC 5;
b) The communication mode is a unicast mode (e.g., preconfigured or indicated by upper layers as specified in clause 5.2.4);
c) The link layer identifier for the initiating UE (i.e., the layer 2ID for unicast communication) is available (e.g., preconfigured or self-assigned) and is not used by other existing 5G ProSe direct links within the initiating UE;
d) The link layer identifier for the destination UE (i.e., the unicast layer 2ID or broadcast layer 2ID of the target UE) may be used to initiate the UE (e.g., preconfigured, obtained as specified in clause 5.2 or known via prior ProSe direct communication);
note 1: in the case where different ProSe applications map to different preset destination layer 2 IDs, when the initiating UE wishes to establish a single unicast link that is available for more than one ProSe identifier, the UE may select any one of the preset destination layer 2 IDs for unicast initial signaling.
e) The originating UE is authorized to serve 5G ProSe direct communication in the PLMN through PC5 in NR-PC5, has valid authorization for 5G ProSe direct communication through PC5 in NR-PC5 when not served by NG-RAN, or is authorized to use 5G ProSe UE to relay UE of the network. The UE considers it not to be served by the NG-RAN if the following conditions are met:
1) Not served by NG-RAN for ProSe direct communication over PC 5;
2) In the limited service state as specified in 3GPP TS 23.122[14], if the reason that the UE is in the limited service state is one of the following;
i) The UE cannot find a suitable cell in the selected PLMN as specified in 3GPP TS 38.304[15 ];
ii) the UE receives a registration reject message or service reject message with 5GMM cause #11 "PLMN not allowed" as specified in 3GPP TS 24.501[11 ]; or (b)
iii) The UE receives a registration rejection message or a service rejection message with 5GMM cause #7 "no 5GS service allowed" as specified in 3GPP TS 24.501[11 ]; or (b)
3) In the limited service state specified in 3GPP TS 23.122[14] for reasons other than i), ii) or iii) above, and in a geographical area where the UE is provided with "non-operator managed" radio parameters as specified in clause 5.2;
f) There is no existing 5G ProSe direct link for a pair of equal application layer IDs or there is an existing 5G ProSe direct link for a pair of equal application layer IDs, and:
1) The network layer protocol of the existing 5G ProSe direct link is not the same as the network layer protocol required by the upper layer in initiating UE for the ProSe application;
2) The security policies corresponding to ProSe identifiers (signaling security policies or user plane security policies) are not compatible with the security policies of existing 5G ProSe direct links; or (b)
3) In case the 5G ProSe direct link setup procedure is used for direct communication between a remote UE and a UE-to-network relay UE, the existing 5G ProSe direct link for the peer UE is set up with a different RSC or without RSC;
g) The number of established 5G ProSe direct links is less than the implementation specific maximum number of established 5G ProSe direct links allowed in the UE at a time; and
h) The timer T5088 is not associated with the link layer identifier of the destination UE or the timer T5088 associated with the link layer identifier of the destination UE has expired or stopped.
After receiving service data or requests from upper layers, the initiating UE should derive the PC5 QoS parameters and assign PQFI for establishing the PC5 QoS flow as specified in clause 7.2.7.
To initiate the 5G ProSe direct link setup procedure, the initiating UE will generate a ProSe direct link setup request message. Initiating UE:
a) Source user information including an application layer ID set as an originating UE received from an upper layer;
b) If the 5G ProSe direct link setup procedure is not used for 5G ProSe direct communication between the remote UE and the UE-to-network relay UE, then the ProSe identifier received from the upper layer will be included;
c) If received from an upper layer, the target user information will contain the application layer ID set to the target UE, or if the destination layer 2ID is the unicast layer 2ID of the target UE, the target user information will contain the identity of the relay UE set to the 5G ProSe UE to the network obtained during the relay discovery procedure of the 5G ProSe UE to the network;
d) The key establishment information container will be included if the UE PC5 unicast signaling integrity protection policy is set to "require signaling integrity protection" or "preferred signaling integrity protection", and may be included if the UE PC5 unicast signaling integrity protection policy is set to "do not require signaling integrity protection";
and (2) injection: the key establishment information container is provided by an upper layer.
e) If the UE PC5 unicast signaling integrity protection policy is set to "need signaling integrity protection" or "preferred signaling integrity protection", then set the nonce_1 containing the 128-bit random value generated by the initiating UE for the purpose of session key establishment over this 5G ProSe direct link;
f) A list of algorithms whose UE security capabilities should be contained, indicating that the initiating UE is supporting the secure establishment of this 5G ProSe direct link;
g) If the UE PC5 unicast signaling integrity protection policy is set to "need signaling integrity protection" or "preferred signaling integrity protection", then it should be included as 3GPP TS 33.503[34]Designated by the originating UESelected K NRP-sess The 8 most significant bits (most significant bit, MSB) of the ID;
h) If the originating UE has an existing K for the target UE NRP Then may contain K NRP ID;
i) Its UE PC5 unicast signaling security policy should be included. In the case where different ProSe applications map to different PC5 unicast signaling security policies, when an initiating UE wishes to establish a single unicast link that is available to more than one ProSe application, each of those ProSe applications' signaling security policies will be compatible, e.g. "no signaling integrity protection required" and "signaling integrity protection required" incompatible. In case the 5G ProSe direct link setup procedure is used for direct communication between the 5G ProSe layer 3 remote UE and the 5G ProSe layer 3UE to relay UE of the network, the signaling integrity protection policy will be set to "signaling integrity protection required";
j) If the 5G ProSe direct link setup procedure is used for direct communication between the 5G ProSe remote UE and the 5G ProSe UE to relay UE of the network, then a relay service code IE set to the relay service code of the target relay UE will be included; and
h) The UE identity IE that contains the sui set to the initiating UE will be contained in the following cases:
1) The 5G ProSe direct link setup procedure is used for direct communication between the 5G ProSe layer 3 remote UE and the 5G ProSe layer 3UE to relay UE of the network; and
2) Security for 5G ProSe layer 3 relay uses security procedures on the control plane as specified in 3GPP TS 33.503[34.
The editor annotates: how the UE determines whether the security for the 5G ProSe layer 3 relay uses the security procedure on the control plane or the security procedure on the user plane is to be further investigated, as specified in 3GPP TS 33.503[34.
After generating the ProSe direct link setup request message, the initiating UE passes this message along with the layer 2ID of the initiating UE for unicast communication to the lower layer for transmission, and:
a) Destination layer 2ID for unicast initial signaling; or (b)
b) A destination layer 2ID set to the source layer 2ID of the relay UE of the selected 5G ProSe UE to network during the relay discovery procedure of the 5G ProSe UE to network as defined in clause 8.2.1;
and starts timer T5080.
When timer T5080 is running, the UE should not send a new ProSe direct link setup request message to the same target UE identified by the same application layer ID. If the target user information IE is not included in the ProSe direct link setup request message (i.e., a ProSe application oriented 5G ProSe direct link setup procedure), the initiating UE will process multiple ProSe direct link setup accept messages (if present) received from different target UEs for the establishment of multiple 5G ProSe direct links before timer T5080 expires.
And (3) injection: to ensure successful 5G ProSe direct link establishment, T5080 should be set to a value greater than the sum of T5089 and T5092.
Fig. 7.2.2.2.1 entitled "UE-oriented 5G ProSe direct link setup procedure" of 3GPP TS 24.554V17.0.0 is reproduced as fig. 9]
[…]
7.2.2.3 5G ProSe direct link establishment procedure accepted by target UE
Upon receiving the ProSe direct link setup request message, if the target UE accepts the request, the target UE will uniquely assign a PC5 link identifier, yielding a 5G ProSe direct link context.
If the ProSe direct link setup request message is not used for 5G ProSe direct communication between the remote UE and the UE-to-network relay UE, the target UE assigns a layer 2ID for this 5G ProSe direct link. The newly assigned layer 2ID replaces the target layer 2ID as received on the ProSe direct link setup request message. The target UE then stores this assigned layer 2ID and the source layer 2ID used in the transmission of this message provided by the lower layer in the 5G ProSe direct link context.
The target UE may initiate a 5G ProSe direct link authentication procedure as specified in clause 7.2.12 and will initiate a 5G ProSe direct link security mode control procedure as specified in clause 7.2.10.
Note 1: in case the layer 2ID of the target UE has been used in the previous 5G ProSe direct link with the same peer, it is possible for the target UE to reuse the layer 2ID of the target UE used in the transmission of the ProSe direct link setup request message provided by the lower layer.
If:
a) The target user information IE is contained in the ProSe direct link setup request message and this IE contains the application layer ID of the target UE; or (b)
b) The target user information IE is not included in the ProSe direct link setup request message and the target UE is interested in ProSe applications identified by the ProSe identifier IE in the ProSe direct link setup request message;
then the target UE should:
a) ProSe-based K contained in direct link establishment request message NRP ID identifies existing K NRP The method comprises the steps of carrying out a first treatment on the surface of the Or (b)
b) If K NRP The ID is not included in the ProSe direct link setup request message, and the target UE does not have K for inclusion in the ProSe direct link setup request message NRP Existing K of ID NRP Or the target UE wishes to derive a new K NRP Then a new K is derived NRP . This may require performing one or more 5G ProSe direct link authentication procedures as specified in clause 7.2.12.
And (2) injection: how many times the 5G ProSe direct link authentication procedure needs to be performed to derive a new K NRP Depending on the authentication method used.
In the identification of the existing K NRP Or derive a new K NRP The target UE will then initiate the 5G ProSe direct link security mode control procedure as specified in clause 7.2.10.
After the successful completion of the 5G ProSe direct link security mode control procedure, the target UE checks in case of IP communication if there is at least one public IP address configuration option supported by both the originating UE and the target UE in order to determine if the ProSe direct link setup request message is acceptable.
Before sending the ProSe direct link setup accept message to the remote UE, the target UE acting as a relay UE for the 5G ProSe layer 3UE to the network will inform the lower layer to initiate the UE requested PDU session setup procedure as specified in 3GPP TS 24.501[11] in the following cases:
1) A PDU session for relaying the service associated with the RSC has not been established; or (b)
2) A PDU session for relaying the service associated with the RSC has been established, but the PDU session type is unstructured.
If the target UE accepts the 5G ProSe direct link setup procedure, the target UE will generate a ProSe direct link setup accept message. Target UE:
a) Source user information including an application layer ID set as a target UE received from an upper layer;
b) If the target UE does not act as a relay UE for the 5G ProSe layer 2UE to the network, then the PQFI, corresponding PC5 QoS parameters, and optionally the ProSe identifier accepted by the target UE will be included;
c) If the target UE does not act as a relay UE for the 5G ProSe layer 2UE to the network, PC5 QoS rules may be included;
d) If IP communication is used and the target UE does not act as a relay UE for the 5G ProSe layer 2UE to the network, then the IP address configuration IE will be contained set to one of the following values:
1) "DHCPv4 server", if only the IPv4 address allocation mechanism is supported by the target UE, i.e., acts as DHCPv4 server; or (b)
2) "IPv6 router" that acts as an IPv6 router if only the IPv6 address allocation mechanism is supported by the target UE; or (b)
3) "DHCPv4 server and IPv6 router", if both IPv4 and IPv6 address allocation mechanisms are supported by the target UE; or (b)
4) "does not support address allocation", if both IPv4 and IPv6 address allocation mechanisms are not supported by the target UE and the target UE does not act as a relay UE for the 5G ProSe layer 3UE to the network;
note that: if the Ethernet or unstructured data element type is used for communication, the UE does not contain an IP address configuration IE nor a link-local IPv6 address IE.
e) If the IP address configuration IE is set to "not supporting address assignment", the received ProSe direct link security mode complete message contains a link local IPv6 address IE and the target UE does not act as a 5G ProSe layer 2UE to network relay UE nor as a 5G ProSe layer 3 relay UE, then it will contain a link local IPv6 address IE formed locally based on IETF RFC 4862[16 ]; and
f) The configuration of UE PC5 unicast user plane security protection based on agreed user plane security policies should be included, as specified in 3GPP TS 33.503[34.
After generating the ProSe direct link setup accept message, the target UE passes this message along with the layer 2ID of the initiating UE for unicast communication and the layer 2ID of the target UE for unicast communication to the lower layer for transmission and will start timer T5090 when at least one of the ProSe identifiers of the 5G ProSe direct link meets the privacy requirement as specified in clause 5.2.
After sending the ProSe direct link setup accept message, the target UE provides the following information to the lower layer along with the layer 2ID, which enables the lower layer to handle the incoming PC5 signaling or traffic data:
a) A PC5 link identifier self-assigned for this 5G ProSe direct link;
b) PQFI and its corresponding PC5 QoS parameters (if available); and
c) Activation indication (if applicable) of PC5 unicast user plane security protection for 5G ProSe direct link.
If the target UE accepts the 5G ProSe direct link setup request and establishes a 5G ProSe direct link not for 5G ProSe direct communication between the 5G ProSe remote UE and the 5G ProSe UE to network relay UE, the target UE may perform PC5 QoS flow setup over the 5G ProSe direct link as specified in clause 7.2.7. If a 5G ProSe direct link is established for 5G ProSe direct communication between the 5G ProSe layer 3 remote UE and the 5G ProSe layer 3UE to relay UE of the network, the target UE may perform the establishment of PC5 QoS flows over the 5G ProSe direct link as specified in clause 8.2.6.
7.2.2.4 completing 5G ProSe direct link setup procedure by initiating UE
If the target user information IE is contained in the ProSe direct link setup request message, the initiating UE will stop timer T5080 after receiving the ProSe direct link setup accept message. If the target user information IE is not included in the ProSe direct link setup request message, the initiating UE may keep timer T5080 running and continue to process multiple response messages from multiple target UEs (i.e., proSe direct link setup accept messages).
For each of the received ProSe direct link setup accept messages, the initiating UE will uniquely assign a PC5 link identifier and generate a 5G ProSe direct link context for each of the 5G ProSe direct links. Next, the originating UE stores the source layer 2ID and the destination layer 2ID used in the transmission of this message provided by the lower layer in the 5G ProSe direct link context to complete the establishment of the 5G ProSe direct link with the target UE. From this time on, the initiating UE should use the established link for ProSe direct communication over PC5 and additional PC5 signaling messages to reach the target UE.
After receiving the ProSe direct link setup accept message, the initiating UE will delete the old security context it has for the target UE and provide the following information to the lower layer along with the layer 2ID, which enables the lower layer to process the incoming PC5 signaling or traffic data:
a) A PC5 link identifier self-assigned for this 5G ProSe direct link;
b) PQFI and its corresponding PC5 QoS parameters (if available); and
c) Activation indication (if applicable) of PC5 unicast user plane security protection for 5G ProSe direct link.
If at least one of the ProSe identifiers of the 5G ProSe direct link meets the privacy requirement as specified in clause 5.2, the initiating UE will start a timer T5090.
In addition, the initiating UE may perform PC5 QoS flow establishment over the 5G ProSe direct link as specified in clause 7.2.7.
After expiration of timer T5080, if the ProSe direct link setup request message does not contain the target user information IE and the initiating UE receives at least one ProSe direct link setup accept message, then the 5G ProSe direct link setup procedure is treated by the UE implementation as complete or restarting timer T5080.
[…]
7.2.10 5G ProSe direct link security mode control procedure
7.2.10.1 overview
The 5G ProSe direct link security mode control procedure is used to establish security between two UEs during a 5G ProSe direct link setup procedure or a 5G ProSe direct link key update procedure. If the UE PC5 signaling integrity protection is not activated, security is not established. After successful completion of the 5G ProSe direct link security mode control procedure, the selected security algorithm and key are used for integrity protection and encrypt all PC5 signaling messages exchanged over this 5G ProSe direct link between UEs, and the security context can be used to protect all PC5 user plane data exchanged over this 5G ProSe direct link between UEs. The UE that sends the ProSe direct link security mode command message is referred to as the "initiating UE" and the other UE is referred to as the "target UE".
The editor annotates: any possible changes to the 5G ProSe direct link security mode control procedure due to the security requirements of the 5G ProSe layer 2UE to network relay and the 5G ProSe layer 3UE to network relay are to be further investigated and await SA3 conclusion.
7.2.10.2 initiating 5G ProSe direct link security mode control procedure by initiating UE
The initiating UE will meet the following preconditions before initiating the 5G ProSe direct link security mode control procedure:
a) The target UE has initiated the 5G ProSe direct link setup procedure towards the initiating UE by sending ProSe direct link setup request message:
1) ProSe direct link setup request message:
i) A target user information IE containing an application layer ID of the initiating UE; or (b)
ii) no target user information IE is contained and the initiating UE is interested in ProSe services identified in ProSe direct link setup request message by ProSe identifier; and
2) Initiating UE:
i) Has been based on K contained in the ProSe direct link setup request message NRP ID identifies the existing K NRP Or derive a new K NRP The method comprises the steps of carrying out a first treatment on the surface of the Or (b)
ii) has decided not to activate security protection based on its UE 5G ProSe direct signalling security policy and the target UE's 5G ProSe direct signalling security policy; or (b)
b) The target UE has initiated the 5G ProSe direct link key update procedure towards the initiating UE by sending ProSe direct link key update request message:
1) If the target UE has included a reauthentication indication in the ProSe direct link key update request message, then the initiating UE has derived a new K NRP
If the initiating UE has derived a new K NRP Then the initiating UE will generate K NRP 2 MSBs of ID to ensure the resulting K NRP The ID is unique in the initiating UE.
The initiating UE should select the security algorithm according to its UE 5G ProSe direct signaling security policy and the target UE's 5G ProSe direct signaling security policy. If the 5G ProSe direct link security mode control procedure is triggered during the 5G ProSe direct link setup procedure, the initiating UE should not select the null integrity protection algorithm if the 5G ProSe direct signaling integrity protection policy of the initiating UE or the target UE is set to "signaling integrity protection required". If the 5G ProSe direct link security mode control procedure is triggered during the 5G ProSe direct link key update procedure, then the initiating UE:
a) If the integrity protection algorithm currently used for the 5G ProSe direct link is different from the null integrity protection algorithm, the null integrity protection algorithm should not be selected;
b) If the current encryption protection algorithm for the 5G ProSe direct link is different from the null encryption protection algorithm, the null encryption protection algorithm should not be selected;
c) If the currently in-use integrity protection algorithm is a null integrity protection algorithm, a null integrity protection algorithm should be selected; and
d) If the currently in-use encryption protection algorithm is a null encryption protection algorithm, then the null encryption protection algorithm should be selected.
Next, the initiating UE will:
a) Generating a 128 bit nonce_2 value;
b) K received from ProSe direct link setup request message NRP Deriving K from Nonce_2 and Nonce_1 NRP-sess For example 3GPP TS 33.536[37]Is specified in (a);
c) From K NRP-sess And the selected security algorithm derives an NR PC5 encryption key NRPEK and an NR PC5 integrity key NRPIK, e.g. 3GPP TS 33.536[37]Is specified in (a), and
d) A ProSe direct link security mode command message is generated. In this message, the initiating UE:
1) If a new K has been derived at the initiating UE NRP And is used for generating K NRP The authentication method of (1) needs to send information to complete the 5G ProSe direct link authentication procedure, then the key establishment information container IE is included;
note that: the key establishment information container is provided by an upper layer.
2) If a new K has been derived at the initiating UE NRP Then will contain K NRP MSB of ID IE;
3) If the selected integrity protection algorithm is not a null integrity protection algorithm, then for the purpose of session key establishment over this 5G ProSe direct link, the nonce_2IE set to a 128-bit random value generated by the initiating UE will be included;
4) Will contain the selected security algorithm;
5) The method comprises the steps that the ProSe direct link establishment request message or the ProSe direct link key update request message contains UE security capability received from target UE;
6) The method comprises the steps that a ProSe direct link establishment request message contains a UE 5GProSe direct signaling security policy received from a target UE; and
7) If the selected integrity protection algorithm is not a null integrity protection algorithm, then it will be included as 3GPP TS 33.536[37]K designated by initiating UE selection NRP-sess LSB of ID.
If the 5G ProSe is activatedThe security of the access link, then the initiating UE will receive the K from the ProSe direct link setup request message or ProSe direct link key update request message NRP-sess MSB of ID and K contained in ProSe direct link security mode command message NRP-sess LSB of ID forms K NRP-sess An ID. The initiating UE will use K NRP-sess ID to identify the new security context.
After generating the ProSe direct link security mode command message, the initiating UE will send this message along with the layer 2ID of the initiating UE for 5G ProSe direct communication and layer 2ID, NRPIK, NRPEK (if applicable), K, of the target UE for 5G ProSe direct communication NRP-sess ID. As TS 33.536[37 ]]A selected security algorithm specified in (a); the activation indication (if applicable) of the 5G ProSe direct signaling security protection for the 5G ProSe direct link with the new security context is passed along to the lower layer for transmission and a timer T5089 is started. When the timer T5089 is running, the initiating UE will not send a new ProSe direct link security mode command message to the same target UE.
And (3) injection: proSe direct link security mode command messages are protected (and unencrypted) at the lower layer using new security context integrity.
If the 5G ProSe direct link security mode control procedure is triggered during the 5G ProSe direct link key update procedure, the initiating UE provides an activation indication (if applicable) for 5G ProSe direct user plane security protection of the 5G ProSe direct link with the new security context to the lower layer along with the layer 2ID of the initiating UE for 5G ProSe direct communication and the layer 2ID of the target UE for 5G ProSe direct communication.
Fig. 7.2.10.2.1 entitled "5G ProSe direct link security mode control procedure" of 3GPP TS 24.554 V17.0.0 is reproduced as fig. 10]
7.2.10.3 5G ProSe direct link security mode control procedure accepted by target UE
After receiving the ProSe direct link security mode command message, if the layer 2ID of the newly assigned initiating UE is included and if the 5G ProSe direct link authentication procedure has not been performed, the target UE will replace the layer 2ID of the original initiating UE with the layer 2ID of the newly assigned initiating UE for 5G ProSe direct communication. The target UE will check the selected security algorithm IE contained in the ProSe direct link security mode command message. If the "null integrity algorithm" is contained in the selected security algorithm IE, then the security of this 5G ProSe direct link is not activated. If the "null encryption algorithm" and the integrity algorithm other than the "null integrity algorithm" are contained in the selected algorithm IE, then signaling ciphering protection is not activated. If the target UE's 5G ProSe direct signaling integrity protection policy is set to "signaling integrity protection required", the target UE will verify that the selected security algorithm IE in the ProSe direct link security mode command message does not contain a null integrity protection algorithm. If the selected integrity protection algorithm is not a null integrity protection algorithm, the target UE will:
a) K received from ProSe direct link security mode command message NRP Deriving K from Nonce_1 and Nonce_2 NRP-sess For example 3GPP TS 33.536[37]Is specified in (a); and
b) From K NRP-sess And a selected integrity algorithm to derive NRPIK, e.g. 3GPP TS 33.536[37]As specified in (a).
If deriving K NRP-sess And the selected encryption protection algorithm is not a null encryption protection algorithm, then the target UE will be from K NRP-sess And a selected encryption algorithm to derive NRPEK, e.g. 3GPP TS 33.536[37]As specified in (a).
The target UE will determine whether the ProSe direct link security mode command message is acceptable by:
a) If the 5G ProSe direct signaling integrity protection strategy of the target UE is set to 'signaling integrity protection is needed', checking that the selected security algorithm in the ProSe direct link security mode command message does not contain a null integrity protection algorithm;
b) If the selected integrity protection algorithm is not a null integrity protection algorithm, then the lower layer is required to verify the integrity of the ProSe direct link security mode command message using NRPIK and the selected integrity protection algorithm;
c) Checking that the received UE security capability has not been altered compared to the value sent by the target UE to the initiating UE in the ProSe direct link setup request message or ProSe direct link key update request message;
d) If the 5G ProSe direct link security mode control procedure is triggered during the 5G ProSe direct link setup procedure,
1) Checking that the received UE 5G ProSe direct signaling security policy has not been altered compared to the value sent by the target UE to the initiating UE in the ProSe direct link setup request message; and
2) Checking K contained in ProSe direct link security mode command message NRP-sess The LSBs of the IDs are not set to the same values as those received from another UE in response to the ProSe direct link setup request message of the target UE; and
e) If the 5G ProSe direct link security mode control procedure is triggered during the 5G ProSe direct link key update procedure and the integrity protection algorithm currently used for the 5G ProSe direct link is different from the null integrity protection algorithm, then the selected security algorithm in the check ProSe direct link security mode command message does not include the null integrity protection algorithm.
If the target UE does not contain K in the ProSe direct link setup request message NRP ID, then the target UE includes a reauthentication indication in ProSe direct link key update request message, or initiates UE selection to derive a new K NRP Target UE should be as 3GPP TS 33.536[37]Is specified to export K NRP . The target UE should select K NRP 2 LSBs of ID to ensure the resulting K NRP The ID will be unique in the target UE. The target UE shall receive K NRP MSB of ID and K selected by the same NRP LSB of ID forms K NRP ID, and should be in contact with K NRP Storing the complete K together NRP ID。
If the target UE accepts the ProSe direct link security mode command message, the target UE should generate a ProSe direct link security mode complete message. In this message, the target UE:
a) If the direct communication is not for 5G ProSe direct communication between the 5G ProSe layer 2 remote UE and the 5G ProSe layer 2UE to relay UE of the network, then PQFI and corresponding PC5 QoS parameters will be included;
b) If IP communication is used and the 5G ProSe direct link security mode control procedure is triggered during the 5G ProSe direct link setup procedure, then the IP address configuration IE will be included set to one of the following values:
1) "IPv6 router" if IPv6 address assignment mechanism is supported by the target UE, i.e., acts as IPv6 router; or (b)
2) "not supporting address assignment" if the IPv6 address assignment mechanism is not supported by the target UE;
c) If IP communication is used, the IP address configuration IE is set to "not support address allocation" and triggers the 5G ProSe direct link security mode control procedure during the 5G ProSe direct link setup procedure, then it will contain a link local IPv6 address IE formed locally based on IETF RFC 4862[25 ];
d) If a new K is derived NRP Then will contain K NRP 2 LSBs of ID; and
e) If the 5G ProSe direct link security mode control procedure is triggered during the 5G ProSe direct link setup procedure, then its UE 5G ProSe direct user plane security policy for this 5G ProSe direct link will be included. In the case where different ProSe services map to different 5G ProSe direct user plane security policies, when more than one ProSe identifier is included in a ProSe direct link setup request message, each of those ProSe services' user plane security policies will be compatible, e.g. "no user plane integrity protection required" and "user plane integrity protection required" incompatible.
If the selected integrity protection algorithm is not a null integrity protection algorithm, the target UE will send the K from the ProSe direct link setup request message or the ProSe direct link key update request message NRP-sess MSB of ID and received K in ProSe direct link security mode command message NRP-sess LSB of ID forms K NRP-sess An ID. The target UE will use K NRP-sess ID to identify the new security context.
After generating the ProSe direct link security mode complete message, the target UE communicates this message along with the message for 5G ProSe direct talk Layer 2ID of the target UE of the message and layer 2ID, NRPIK, NRPEK (if applicable), K of the initiating UE for 5G ProSe direct communication NRP-sess ID. As 3GPP TS 33.536[37]Together with an activation indication (if applicable) for 5G ProSe direct signaling security protection for a 5G ProSe direct link with a new security context, is passed to the lower layer for transmission.
Note that: proSe direct link security mode complete messages and other 5G ProSe direct signaling messages are protected and encrypted (if applicable) at the lower layer using the new security context integrity.
If the 5G ProSe direct link security mode control procedure is triggered during the 5G ProSe direct link key update procedure, the target UE provides an activation indication (if applicable) for 5G ProSe direct user plane security protection of the 5G ProSe direct link with the new security context to the lower layer along with the layer 2ID of the initiating UE for 5G ProSe direct communication and the layer 2ID of the target UE for 5G ProSe direct communication.
7.2.10.4 completing 5G ProSe direct link security mode control procedure by initiating UE
Upon receiving the ProSe direct link security mode complete message, the initiating UE will stop timer T5089. If the selected integrity protection algorithm is not a null integrity protection algorithm, the UE verifies the integrity of the ProSe direct link security mode complete message. If the integrity check passes, the initiating UE should then continue to trigger the procedure of the 5G ProSe direct link security mode control procedure. If the selected integrity protection algorithm is a null integrity protection algorithm, the UE continues the procedure without checking for integrity protection.
After receiving the ProSe direct link security mode complete message, the initiating UE will delete the old security context it has for the target UE.
[…]
10.3.1ProSe direct Link setup request
10.3.1.1 message definition
This message is sent by one UE to another peer UE to establish a direct link. See table 10.3.1.1.1.
Message type: proSe direct link establishment request
Significance: dual-purpose
The direction is: UE to peer UE
[ Table 10.3.1.1.1 entitled "ProSe direct Link setup request message content" of 3GPP TS 24.554V17.0.0 is reproduced as FIG. 11]
10.3.2prose direct link establishment acceptance
10.3.2.1 message definition
This message is sent by one UE to another peer UE to accept the received ProSe direct link setup request message. See table 10.3.2.1.1.
Message type: proSe direct link establishment acceptance
Significance: dual-purpose
The direction is: UE to peer UE
[ Table 10.3.2.1.1 entitled "ProSe direct Link establishment accepted message content" of 3GPP TS 24.554V17.0.0 is reproduced as FIG. 12]
10.3.13prose direct link security mode command
10.3.13.1 message definition
This message is sent by one UE to another peer UE when the 5G ProSe direct link security mode control procedure is initiated. See table 10.3.13.1.1.
Message type: proSe direct link security mode command
Significance: dual-purpose
The direction is: UE to peer UE
Table 10.3.13.1.1 entitled "ProSe direct Link Security mode Command message content" of 3GPP TS 24.554V17.0.0 is reproduced as FIG. 13
10.3.14prose direct link security mode completion
10.3.14.1 message definition
This message is sent by one UE to another peer UE in response to the ProSe direct link security mode command message. See table 10.3.14.1.1.
Message type: proSe direct link security mode completion
Significance: dual-purpose
The direction is: UE to peer UE
Table 10.3.14.1.1 entitled "ProSe direct Link Security mode completion message content" of 3GPP TS 24.554V17.0.0 is reproduced as FIG. 14
3GPP TS 38.331 introduces the following:
5.8.9.1 side link RRC reconfiguration
5.8.9.1.1 overview
[3GPP TS 38.331V17.0.0, FIG. 5.8.9.1.1-1 entitled "side Link RRC Reconfiguration successful" is reproduced as FIG. 15]
[…]
The purpose of this procedure is to modify the PC5-RRC connection, e.g. to set up/modify/release the side link DRB, (re) configure NR side link measurements and reports, (re) configure side link CSI reference signal resources and CSI reporting delay bounds.
The UE may initiate a side link RRC reconfiguration procedure and perform the operations in clause 5.8.9.1.2 on the corresponding PC5-RRC connection in the following cases:
Releasing the sidelink DRB associated with the peer UE as specified in clause 5.8.9.1a.1;
-establishing a sidelink DRB associated with the peer UE as specified in clause 5.8.9.1a.2;
-modifying parameters contained in the SLRB-Config of the sidelink DRB associated with the peer UE as specified in clause 5.8.9.1a.2;
-releasing the PC5 relay RLC channel for the L2U 2N relay UE and the remote UE as specified in clause 5.8.9.7.1;
-establishing a PC5 relay RLC channel for the L2U 2N relay UE and the remote UE as specified in clause 5.8.9.7.2;
-modifying parameters contained in the SL-RLC-ChannelConfig-PC5 for the PC5 relay RLC channel of the L2U 2N relay UE and the remote UE, as specified in clause 5.8.9.7.2;
- (re) configuring peer UEs to perform NR sidelink measurements and reporting.
- (re) configuring side link CSI reference signal resources and CSI reporting latency bounds;
- (re) configuring the peer UE to perform side link DRX.
In rrc_connected, the UE applies the NR side link communication parameters provided in rrcrecon configuration (if present). In rrc_idle or rrc_inactive, the UE applies NR side link communication parameters provided in the system information (if present). For other cases, the UE applies NR side link communication parameters provided in the sidlinkpreconfignr (if present). When the UE performs a state transition between the above three cases, after acquiring the new configuration, the UE applies NR side link communication parameters provided in the new state. The UE continues to apply the NR side link communication parameters provided in the old state before acquiring the new configuration.
3GPP TS 38.323 describes the following:
5.8 encryption and decryption
The ciphering function includes both ciphering and decrypting and is performed in PDCP if configured. The ciphered data units are the data portion of the MAC-I (see clause 6.3.4) and PDCP data PDU (see clause 6.3.3), except for the SDAP header and the SDAP control PDU (if included in the PDCP SDU). Ciphering is not applicable to PDCP control PDUs.
[…]
For NR side link communication, the ciphering algorithm and key to be used by the PDCP entity are configured by the upper layer as specified in TS 24.587[16] and the ciphering method is to be applied as specified in TS 33.536[14 ].
For NR side link communication, the encryption function is activated by the upper layer for side link SRB (except SL-SRB 0) and/or side link DRB for the PC5 unicast link, as specified in TS 38.331[3 ]. When security is activated for the sidelink SRB, the ciphering function will apply to all PDCP data PDUs belonging to the sidelink SRB of the PC5 unicast link (except for carrying direct Security mode Command messages, as specified in TS 33.536[14 ]). When security is activated for the sidelink DRB, the ciphering function will be applied to all PDCP data PDUs belonging to the sidelink DRB of the PC5 unicast link.
For NR side link communications, the encryption and decryption functions as specified in TS 33.536[14] apply KEY (NRPEK), COUNT, BEARER (LSB 5 bit of LCID as specified in TS 38.321[4 ]), and DIRECTION (the value of which will be set as specified in TS 33.536[14 ]) as inputs.
Encryption and decryption are not applied to the side link SRB4.
The 3GPP TR 38.836 introduces the following:
3.1 terminology
[…]
inter-UE relay: relay architecture in which a relay UE relays traffic between a first remote UE (i.e., source UE) and a second remote UE (i.e., destination UE).
[…]
5 inter-UE relay based on side links
5.1 scenarios, assumptions and requirements
inter-UE relay achieves coverage extension and power saving for side link transmission between two side link UEs. The coverage scenarios considered in this study are as follows:
1) All UEs (source UE, relay UE, destination UE) are within coverage.
2) All UEs (source UE, relay UE, destination UE) are out of coverage.
3) Local coverage, wherein at least one of the UEs involved in the relay (source UE, relay UE, destination UE) is in coverage and at least one of the UEs involved in the relay is out of coverage.
RAN2 will strive to find a common solution for both in-coverage and out-of-coverage situations. For inter-UE relay, scenarios are supported where the UE may be within coverage of different cells.
Fig. 5.1-1 shows a scenario considered for inter-UE relay. In fig. 5.1-1, coverage implies that the source/destination UE and/or inter-UE relay UE is in coverage and has access to the network on Uu.
Fig. 5.1-1 entitled "context for inter-UE relay (where coverage status is not shown)" of [3GPP TR 38.386V17.0.0 is reproduced as fig. 16]
An NR-side link is assumed with respect to PC5 between a remote UE and an inter-UE relay.
cross-RAT configuration/control of source UE, inter-UE relay and destination UE is not considered, i.e. eNB/ng-eNB does not control/configure NR source UE, destination UE or inter-UE relay UE. For inter-UE relay, the study focused on unicast data traffic between source UE and destination UE.
It is not within the scope of this study to configure/schedule UEs (source UE, destination UE or inter-UE relay UE) to perform NR side link communication through SN.
For inter-UE relay, it is assumed that a remote UE has an active end-to-end connection via only a single relay UE at a given time.
Once the PC5 link is established between the source UE, the inter-UE relay, and the destination UE, data relay between the source UE and the destination UE may occur.
No restrictions are assumed regarding the RRC state of any UE involved in the inter-UE relay.
During mobility of this version, the requirement of service continuity is only for UE-to-network relay and not for inter-UE relay.
[…]
5.5 layer 2 Relay
5.5.1 architecture and protocol stack
For the L2 inter-UE relay architecture, the protocol stack is similar to the L2 UE to network relay except for the fact that the termination point is two remote UEs. The protocol stacks for the user plane and control plane of the L2 inter-UE relay architecture are depicted in fig. 5.5.1-1 and fig. 5.5.1-2.
An adaptation layer is supported on a second PC5 link (i.e., a PC5 link between the relay UE and the destination UE) for L2 inter-UE relay. For inter-L2 UE relay, the adaptation layer is placed on the RLC sublayer for CP and UP on the second PC5 link. The side links SDAP/PDCP and RRC terminate between the two remote UEs, while RLC, MAC and PHY terminate in each PC5 link.
Fig. 5.5.1-1 entitled "user plane protocol stack for inter-L2 UE relay" of 3GPP TR 38.386V17.0.0 is reproduced as fig. 17]
Fig. 5.5.1-2 entitled "control plane protocol stack for inter-L2 UE relay" of 3GPP TR 38.386V17.0.0 is reproduced as fig. 18]
For the first hop of the inter-L2 UE relay:
the first hop PC5 adaptation layer between the remote UE SL radio bearer and the first hop PC5 RLC channel supports the N:1 mapping for relaying.
-supporting an adaptation layer on a first PC5 hop between the source remote UE and the relay UE to identify traffic destined for different destination remote UEs.
For the second hop of the inter-L2 UE relay:
the second hop PC5 adaptation layer may be used to support bearer mapping between an incoming RLC channel on a first PC5 hop and an outgoing RLC channel on a second PC5 hop at the relay UE.
The PC5 adaptation layer supports N:1 bearer mapping between a plurality of incoming PC5 RLC channels on a first PC5 hop and one outgoing PC5 RLC channel on a second PC5 hop and supports remote UE identity functionality.
For inter-L2 UE relay:
the identification information of the remote UE end-to-end radio bearer is contained in the adaptation layer in the first and second PC5 hops.
In addition, the identification information of the source remote UE and/or the identification information of the destination remote UE is a candidate information to be included in the adaptation layer, which will be decided in the WI phase.
3GPP TS 23.700-33 introduces the following:
5.1 Critical problem #1: supporting inter-UE relay
5.1.1 general description
This critical issue is desirous to support single hop inter-UE relay for unicast as illustrated in fig. 5.1.1-1, including supporting in-coverage and out-of-coverage operation of source UE, target UE, and inter-UE relay.
[ FIG. 5.1.1-1 entitled "example scenario supporting inter-UE Relay" of 3GPP TS 23.700-33V0.2.0 is reproduced as FIG. 19]
Among the possible solutions at least the following need to be studied:
How to find inter-UE relays and (re) select neighboring inter-UE relay UEs.
Whether the network can control inter-UE relay operation and how the inter-UE relay operation can be controlled, at least including how:
inter-UE relay is authorized, e.g. UE is authorized as inter-UE relay.
-authorizing the source/target UE to use inter-UE relay.
-establishing policies and parameters for inter-UE relay services.
How to establish a connection between a source UE and a target UE via an inter-UE relay.
How to provide an end-to-end QoS framework to meet QoS requirements (e.g., data rate, reliability, latency).
How to enhance the system architecture to provide security/privacy protection for relay connections.
How to provide a mechanism for path change in case of e.g. inter-UE relay change, including reducing communication disruption and meeting QoS requirements.
Whether and how to determine whether the source, target and relay UE support layer 2 inter-UE relay or layer 3 inter-UE relay or both and how to ensure that the source, target and relay UE all use the same type of relay.
Note 1: the solution should consider forward compatibility in the latter version for supporting more than one hop.
And (2) injection: coordination with the RAN WG is required in order to participate in the NG-RAN.
And (3) injection: coordination with the SA WG3 is required for security/privacy protection aspects.
And (4) injection: this KI covers both layer 2 and layer 3 inter-UE relay scenarios.
[…]
6.13 solution #13: inter-layer 2UE relay
6.13.1 describes
6.13.1.1 overview
Using the solution described in this clause, inter-UE relaying is authorized to relay messages between two UEs over the PC5 interface via authorization and provisioning.
inter-UE relay enables a source UE and a target UE to establish end-to-end (E2E) PC5 unicast communications.
The inter-UE relay listens for direct communication request messages from surrounding UEs and if the specified application matches one of the applications from its provisioned relay policies/parameters, the inter-UE relay broadcasts it as a relay application by adding a relay indication (e.g., relay ID) to the message.
The target UE receives the broadcast direct communication request message with the relay indication.
A secure "extended" (end-to-end) PC5 link is set up between the source UE and the target UE via inter-UE relay. The source/target UE sends and receives messages through inter-UE relay, however, the security association and extended PC5 unicast link are established end-to-end between the source UE and the target UE. In addition to the direct communication request message, the inter-UE relay transparently forwards the message without being able to read, modify its content or replay the message. Since the DCR is always sent unprotected, the inter-UE relay modifies the message to include a relay indication (e.g., relay ID). Upon detecting a relay indication contained in the received message, the source/target UE detects that link establishment is being performed by inter-UE relay.
The source/target UE uses a unique link with an inter-UE relay (i.e., a PC5 unicast link) to send messages to its peer UE via this particular inter-UE relay. The inter-UE relay receives the E2E PC5 message over this PC5 unicast link and forwards the message between the source UE and the target UE using an adaptation layer containing information identifying the particular source and/or target UE. The inter-UE relay uses the relay-specific identifier to replace the identifier specified in the message header to "quarantine" the PC5 unicast links, i.e., use a different identifier on each PC5 unicast link.
Note 1: additional security related parameters and procedures may be required for protecting relay messages using the adaptation layer. Its definition needs to be coordinated with the SA WG 3.
To implement a single step for both the direct and indirect link establishment procedure, the source UE (i.e., UE 1) sends a DCR message without an adaptation header. The target UE (i.e., UE 2) may receive the DCR message directly from the source UE and establish a direct unicast link with the source UE. Also, the inter-UE relay may receive DCR messages and add an adaptation header before forwarding the messages. Another target UE (i.e., UE 3) may receive the DCR message via an inter-UE relay and establish an indirect unicast link with the source UE.
And (2) injection: details about the identification information of the source UE and/or the target UE specified in the adaptation header will be defined in cooperation with the RAN WG2 during the normalization phase.
Link management (i.e., keep-alive, link modification, link identifier update, and link release) is supported through the extended PC5 link. Due to the security association of the extended PC5 link between E2E peer UEs, all messages sent on the extended PC5 link containing link management (i.e., PC 5-S) messages may be handled by only these two UEs. When transmitting over an E2E PC5 link, no modification of keep-alive, link modification and link release procedures are required. Modifications are contemplated for supporting link identifier updating procedures related to extended PC5 links and are specified in another work product.
The PC5 unicast link used by the source/target UE to send E2E messages via inter-specific UE relay also serves as a management link, i.e., manages the extended link (e.g., for QoS adaptation or privacy procedures). The management link is protected and does not utilize the adaptation layer between the source/target UE and the inter-UE relay.
6.13.1.2 control and user plane protocol stack
The control and user plane protocol stacks are based on the architectural reference model described in annex a.
6.13.2 procedure
Connection establishment via L2 inter-UE relay is done after the discovery procedure (i.e. using discovery messages as defined in clause 6.3 of 23.304[3 ]), i.e. model a/B, or using an integrated discovery procedure (i.e. using a link establishment procedure as defined in clause 6.4.3.1 of TS 23.304[3 ]).
If the discovery procedure is run prior to link establishment, the source UE determines an inter-UE relay layer 2ID to be used to reach the target UE, while the target UE layer 2ID may be discovered and maintained at the inter-UE relay or at the source UE or may not be maintained. In the latter case, broadcast layer 2 is used when sending DCR messages towards the target UE. In this case, the target user information field is used to identify the target UE.
If an integrated discovery mechanism is used, the source UE sends a DCR message to the broadcast layer 2ID and the inter-UE relay forwards the message using the same value.
Fig. 6.13.2-1 shows unicast link establishment through a PC5 reference point via layer 2 inter-UE relay.
Fig. 6.13.2-1 entitled "connection establishment procedure via layer 2 inter-UE relay" of 3gpp TS 23.700-33V0.2.0 is reproduced as fig. 20]
Inter-ue relay registers with the network and specifies its relay capability. The inter-UE relay is provided with relay policy parameters from the network.
1. The target UE (i.e., UE2, UE3, and UE 4) determines a destination layer 2ID (i.e., broadcast layer 2 ID) for signaling reception for PC5 unicast link establishment as specified in clause 6.4.3.1 of TS 23.304[3 ].
2. On the source UE (i.e., UE 1), the application layer provides application information to the ProSe layer for PC5 unicast communication. The application information includes ProSe service information, an application layer ID of the source UE, and may include an application layer ID of the target UE, as specified in TS 23.304[3] clause 6.4.3.1.
The ProSe layer triggers the link setup procedure by sending a direct communication request (Direct Communication Request, DCR) message containing:
-source user information: the application layer ID of the UE (i.e., the application layer ID of UE 1) is initiated.
-if in step 2 the ProSe application layer provides the application layer ID of the target UE, the following information is contained:
-target user information: the application layer ID of the target UE (i.e., the application layer ID of UE 2).
ProSe service information: information about ProSe identifier requesting layer 2 link setup.
-security information: information for establishing security.
The message is sent using the source layer 2ID and the broadcast layer 2ID, or the discovered inter-UE relay layer 2ID, assigned by the source UE itself as the destination, and includes other parameters related to the provided application, as specified in TS 23.304[3] clause 6.4.3.1. The message may include the target UE layer 2ID if learned during a previous discovery procedure.
The DCR message is sent without an adaptation layer header. This DCR message may be used for direct and/or indirect link establishment. The target UE receiving the DCR directly from UE1 may continue the link setup procedure as usual.
Inter-ue relay receives the direct communication request message and verifies if it is configured to relay this application, i.e. it compares the notification ProSe service information with its setup relay policy/parameters.
The inter-UE relay forwards the direct communication request message by using its own layer 2ID as the source L2 ID and designates the target UE layer 2ID as the destination as specified in the received DCR message or as learned during the previous discovery procedure, or uses the broadcast layer 2ID. The inter-UE relay adds an adaptation header containing information identifying UE 1. The inter-UE relay additionally contains its unique relay ID and relay specific security information. The inter-UE relay maintains the association of UE1 security information as specified in the DCR message with its relay specific security information as specified in the forwarded DCR message.
Note that: inter-UE relay processes DCR messages in ProSe layer. Any subsequent E2E messages (i.e., PC5-S and data) are forwarded based on the UE identifier information specified in the adaptation header.
4. The target UE (i.e., UE 3) receives the DCR message via the inter-UE relay. UE3 is interested in the application of the notification, so it triggers a PC5 unicast link establishment with the inter-UE relay if this link has not yet been established between UE3 and this inter-UE relay.
UE3 may receive multiple DCR messages via inter-UE relay and even directly from UE 1. UE3 may select an inter-UE relay based on locally configured rules. UE3 establishes a PC5 unicast link with only the selected inter-UE relay.
UE3 continues the E2E link setup procedure by initiating a security procedure (i.e., PC5 authentication and/or PC5 direct security mode procedure) via the selected inter-UE relay (i.e., through the direct PC5 link to the inter-UE relay). UE3 adds an adaptation header including information identifying UE1 and UE3 security information as received by the DCR message and may include a UE3 identifier. UE3 associates the security information received on the DCR message with its UE3 security information to generate a security context for the extended link. UE3 contains the relay ID in the first protected message sent to UE1.
The inter-UE relay forwards a message from UE3 to UE1 containing relay specific information in the adaptation header identifying UE 3. The inter-UE relay also specifies relay-specific security information associated with UE3 and UE1 security information as received by the DCR message, and may ultimately include information identifying UE1 and associated with the DCR message (e.g., a UE1 layer 2ID used by UE1 when sending the DCR message). The inter-UE relay has its layer 2ID as the source and UE1 layer 2ID as the destination. The inter-UE relay maintains an association of UE3 security information as specified in the message received from UE3 and relay specific security information associated with UE 3.
6. Upon receiving this first message from UE3 via the inter-UE relay, UE1 extracts the relay ID and verifies whether a PC5 unicast link has been established between UE1 and this inter-UE relay. If not already present, UE1 triggers the PC5 unicast link setup procedure before proceeding with the security procedure of step 5.UE 1 tracks the security information specified by the received message (i.e., the security information associated with UE 3) and uses the security information to generate a security context for the extended link.
7. Once the E2E link security setup procedure is completed, UE3 completes the E2E link setup procedure via inter-UE relay by sending a DCA message to UE 1.
Ue1 receives the DCA message. An "extended" unicast link is established between UE1 and UE3 via inter-UE relay. The extended link may be end-to-end protected, i.e. a security association is created between UE1 and UE 3.
UE1 and UE3 exchange E2E data via inter-UE relay using an adaptation header. The inter-UE relay replaces the field specified in the adaptation header with a relay specific identifier, as specified above before forwarding the E2E message.
The editor annotates: the needs and details of E2E authentication and E2E security procedures will be studied by SA WG 3.
The editor annotates: the details of the adaptation between the two PC5 interfaces are confirmed by the RAN WG 2.
[…]
According to 3gpp TS 23.287 and TS 23.304, a UE (e.g., UE 1) may perform a PC5 unicast link establishment procedure (e.g., layer 2 link establishment) with a peer UE (e.g., UE 2) for establishing a layer 2 link or unicast link between the two UEs. Basically, the peer UE's layer 2 identity/Identifier (ID) identified by its application layer ID may be discovered via discovery messages during establishment of the PC5 unicast link or communicated via a previous side link, e.g., known to the UE to an existing or previous unicast link to the same application layer ID, or obtained from an application layer service notification. The initial signaling for establishing the PC5 unicast link (i.e., direct communication request) may use a known layer 2ID of the peer UE or a preset destination layer 2ID associated with a Proximity-based Service (ProSe) Service/application configured for PC5 unicast link establishment. During the PC5 unicast link setup procedure, the layer 2 IDs of the two UEs are exchanged and used for future communication between the two UEs. In addition, according to 3gpp TS 24.554, the two UEs will exchange security information with each other during PC5 unicast link establishment, such that the two UEs use negotiated security algorithms and/or keys to protect the content of traffic (including, for example, PC5-S signaling, PC5-RRC signaling, and/or PC5 user plane data) sent over the PC5 unicast link.
According to 3gpp TR 23.700-33, inter-UE relay will be supported in side link communication, which means that one or more relay UEs may be used to support data communication between two UEs in case the two UEs cannot communicate directly with each other. For privacy, the traffic content communicated between two UEs cannot be read or known by the relay UE. Thus, it is speculated that the security context for protecting the user plane (session traffic sent on the Side Link (SL) data radio bearer (Data Radio Bearer, DRB)) on both UEs should be isolated from the security context established between the relay UE and each of the two UEs. It is also speculated that some PC5-S signaling not related to the relay UE (i.e. these PC5-S signaling sent on the SL SRB may be exchanged between UE1 and UE 2) may also be protected by establishing a security context for protecting user plane traffic.
On the other hand, some PC5-S signaling and/or PC5-RRC signaling may be protected by a security context established between the relay UE and each of the two UEs. For example, UE1 and the relay UE may establish a first security context for protecting some PC5-S signaling and/or PC5-RRC signaling for controlling or maintaining a first leg in inter-UE relay communications, while UE2 and the relay UE may establish a second security context for protecting some PC5-S signaling and/or PC5-RRC signaling for controlling or maintaining a second leg in inter-UE relay communications.
To support inter-UE relay, in 3gpp TR 38.836, an adaptation layer for forwarding side-link packets between a source remote UE and a destination remote UE via a relay UE may be supported over a first-hop PC5 link (i.e., a PC5 link between the relay UE and the source remote UE) and a second-hop PC5 link (i.e., a PC5 link between the relay UE and the destination remote UE) for L2 inter-UE relay. For L2 inter-UE relay, the adaptation layer is placed on the radio link Control (Radio Link Control, RLC) sub-layer of both the Control Plane (CP) and the User Plane (UP) on the first/second hop PC5 link. The side link service data adaptation protocol (Service Data Adaptation Protocol, SDAP)/packet data convergence protocol (Packet Data Convergence Protocol, PDCP) and radio resource control (Radio Resource Control, RRC) terminate between two remote UEs, while RLC, medium access control (Medium Access Control, MAC) and Physical (PHY) terminate in each PC5 link. An adaptation layer protocol data unit (Protocol Data Unit, PDU) sent from the source remote UE to the relay UE (over the first hop) may contain bearer information for the destination remote UE to identify traffic belonging to a particular SL signaling/data radio bearer. The adaptation layer PDU sent from the source remote UE to the relay UE (via the first hop) may also contain UE information for the relay UE to identify traffic targeted to the particular destination remote UE. In addition, the adaptation layer PDU sent from the relay UE to the destination remote UE (over the second hop) may contain bearer information for the destination remote UE to identify traffic belonging to a particular SL signaling/data radio bearer. The adaptation layer PDU sent from the relay UE to the destination remote UE (over the second hop) may also contain UE information for the destination remote UE to identify traffic targeted to the particular source remote UE.
The bearer information and the UE information may be included in a header of the adaptation layer PDU. Possibly, the UE information in the adaptation layer header may be a local UE ID different from the layer 2ID (L2 ID) or upper layer ID of the remote UE. In general, the length of the local UE ID is shorter than the length of the L2ID, and the L2ID and the local UE ID are used for side link communication by an Access Stratum (AS) layer. Thus, association alignment between the U2U relay UE, the source remote UE, and the destination remote UE with the local UE ID and the L2ID may be required. It should be noted that the adaptation layer is placed under the PDCP layer, which means that the content of the adaptation layer header is not ciphered and is readable for other UEs, since the ciphering function is performed in the PDCP layer as specified in 3gpp TS 38.323.
According to figure 6.13.2-1 in solution #13 of 3gpp TR 23.700-33 (which has been reproduced as figure 20 of the present application) and its related statements, an inter-UE (UE-to-UE, U2U) relay UE may enable a source remote UE (i.e., UE1 in figure 6.13.2-1 of 3gpp TR 23.700-33) and a destination remote UE (i.e., UE3 in figure 6.13.2-1 of 3gpp TR 23.700-33) to establish end-to-end (E2E) PC5 unicast communication via the U2U relay UE. UE1 may send a first direct communication request (Direct Communication Request, DCR) message. The first DCR message may be sent without an adaptation layer header. After receiving the first DCR message from UE1, the U2U relay UE may send a second DCR message. According to the statement in step 3 in fig. 6.13.2-1 of 3gpp TR 23.700-33 (which has been reproduced as fig. 20 of the present application), the U2U relay UE adds an adaptation header containing information identifying UE1 (i.e., the local UE ID of UE 1), and according to the statement in step 5 in fig. 6.13.2-1 of 3gpp TR 23.700-33, UE3 adds an adaptation header containing information identifying UE 1. In general, when an upper layer has a packet for transmission, the packet is delivered to a lower layer for transmission along with a source L2ID (of a UE that sent the packet) and a destination L2ID (of a UE that received the packet). Since the security mode command message in step 5 belongs to UE1, (ProSe layer of) UE3 needs to provide the L2ID of UE1 and the local UE ID of UE1 to the AS layer of UE3 for configuring the association between the L2ID of UE1 and the local UE ID of UE1 for use of the adaptation layer before initiating step 5. Accordingly, it is presumed that the L2ID of UE1 may be included in the second DCR message sent to UE 3.
According to 3gpp TS 24.554, the direct communication request message is not sent with security protection. This means that the local UE ID of UE1 and the second DCR message containing the L2ID of UE1 in the header of the adaptation layer PDU containing the second DCR message are not encrypted, such that the association between the L2ID of UE1 and the local UE ID of UE1 is exposed. Given the explicit association between the local UE ID and the L2ID, a hacker will track a particular UE with a particular L2ID using the particular local UE ID in the header of the adaptation layer PDU. To avoid such security issues, the method for establishing an association between the local UE ID and the L2ID may also take this security issue into account. Fig. 1 may illustrate a flow of steps in a procedure for establishing a layer 2 link for U2U relay communications while considering local UE ID assignments.
In fig. 21, each PC5-S signaling is sent with a tag such as < SRC, DST: L2IDx, L2IDy >, which generally means that the PC5-S signaling is sent via a side link frame with L2IDx as source layer 2ID and L2IDy as destination layer 2ID, where L2IDx is the L2ID of the UE sending the side link frame and L2IDy is the L2ID of the UE receiving the side link frame. L2ID1 may be assigned by UE 1. L2ID2 'and L2ID2 may be assigned by UE2, where L2ID2' may be used for side link discovery and L2ID2 may be used for side link communication (including transmitting PC5-S signaling and/or data traffic). L2ID3 'and L2ID3 may be assigned by UE3, where L2ID3' may be used for side link discovery and L2ID3 may be used for side link communication (including transmitting PC5-S signaling and/or data traffic). When UE2 and UE3 establish a layer 2 link, UE2 and UE3 may establish a security context for this layer 2 link (by exchanging a security mode command message and a security mode complete message between the two UEs). The security context may be used for security protection of control plane data (e.g., PC5-S signaling, PC5-RRC signaling) and user plane data communicated over this layer 2 link.
According to 3gpp TS 24.554, the direct communication request message and the security mode command message are not transmitted with security protection; and starting from the security mode complete message, the following PC5-S signaling (e.g., direct communication accept message, etc.) and PC5-RRC message are sent with security protection. Therefore, UE3 preferably includes/provides the L2ID (i.e., L2ID 1) of UE1 in the protected PC5-S signaling (i.e., security mode complete message) sent to UE 2. And then UE3 and UE2 may initiate a procedure for local UE ID allocation. UE3 may configure UE2 with a local UE ID (e.g., localID 1) and L2ID1 (by using, for example, a PC5-RRC message, rrcrecon configuration sidelink, etc.) for identifying UE 1. Alternatively, since UE2 knows L2ID1 in the protected PC5-S signaling, UE2 can assign LocalID1 and configure UE3 with LocalID1 and L2ID1 (by using, for example, PC5-RRC messages, rrcrecon configuration sidelink, etc.). Given LocalID1, UE2 may include it in a header of an adaptation layer PDU for the following side link communications (e.g., sending/receiving security mode commands for UE2 to UE1 via UE3, security mode completion for UE1 to UE2, direct communication acceptance for UE2 to UE1, E2E PC5-RRC message, E2E user plane data and/or the like).
Similarly, UE3 generally preferably includes/provides the L2ID (i.e., L2ID 2) of UE2 in the protected PC5-S signaling (i.e., direct communication accept message) sent to UE 1. And then UE3 and UE1 may initiate a procedure for local UE ID allocation. UE3 may configure UE1 with a local UE ID (e.g., localID 2) and L2ID2 (by using, for example, a PC5-RRC message, rrcrecon configuration sidelink, etc.) for identifying UE 2. Alternatively, since UE1 knows L2ID2 in the protected PC5-S signaling, UE1 can assign LocalID2 and configure UE3 with LocalID2 and L2ID2 (by using, for example, PC5-RRC messages, rrcrecon configuration sidelink, etc.). Given LocalID2, UE1 may include it in a header of an adaptation layer PDU for the following side link communications (e.g., sending/receiving security mode commands for UE1 by UE2, security mode completion for UE2 by UE1, direct communication acceptance for UE1 by UE2, E2E PC5-RRC message, E2E user plane data and/or the like via UE 3).
Fig. 22 is a flow chart 2200 illustrating an exemplary third UE. In step 2205, the third UE receives a first PC5-S message from the first UE for initiating a procedure to establish a first layer 2 link between the first UE and the third UE. In step 2210, the third UE transmits a second PC5-S message to the first UE for establishing a first security context between the first UE and the third UE in the procedure of establishing the first layer 2 link. In step 2215, the third UE receives a third PC5-S message from the first UE for completing the establishment of the first security context in the procedure of establishing the first layer 2 link. In step 2220, the third UE transmits a fourth PC5-S message to the first UE for completing the procedure of establishing the first layer 2 link, wherein the fourth PC5-S message contains a layer 2identity (l 2 id) of the second UE.
In one embodiment, in response to receiving the first PC5-S message, the third UE may transmit a fifth PC5-S message to the second UE for initiating a procedure to establish a second layer 2 link between the second UE and the third UE. Further, the third UE may receive a sixth PC5-S message from the second UE for establishing a second security context between the second UE and the third UE in the procedure of establishing the second layer 2 link. The first PC5-S message may contain an upper layer identity or an application layer identity of the second UE. The sixth PC5-S message may be received by using the layer 2 identity of the third UE as the destination L2ID and the L2ID of the second UE as the source L2 ID.
In one embodiment, the first UE may be a source remote UE, the second UE may be a target remote UE, and/or the third UE may be an inter-UE relay UE. The first PC5-S message may contain an upper layer/application layer identification of the second UE.
In one embodiment, the third UE may transmit a seventh PC5-S message to the second UE for completing the establishment of the second security context in the procedure for establishing the second layer 2 link, wherein the seventh PC5-S message includes the layer 2 identity of the first UE. The third UE may receive an eighth PC5-S message from the second UE for completing the procedure of establishing the second layer 2 link.
In one embodiment, a third UE may transmit a first PC5-RRC message to the first UE, wherein the first PC5-RRC message includes a layer 2 identity of the second UE and a second local UE ID of the second UE. The third UE may transmit a second PC5-RRC message to the second UE, wherein the second PC5-RRC message includes the layer 2 identity of the first UE and the first local UE ID of the first UE. The third UE may receive a first PC5-RRC message from the first UE, wherein the first PC5-RRC message includes a layer 2 identity of the second UE and a second local UE ID of the second UE. The third UE may receive a second PC5-RRC message from the second UE, wherein the second PC5-RRC message includes the layer 2 identity of the first UE and the first local UE ID of the first UE.
In one embodiment, the fourth PC5-S message may be sent to the first UE by using the layer 2 identity of the third UE as the source L2ID and the layer 2 identity of the first UE as the destination L2 ID. The seventh PC5-S message may be transmitted to the second UE by using the layer 2 identity of the third UE as the source L2ID and the layer 2 identity of the second UE as the destination L2 ID.
In one embodiment, the first/fifth PC5-S message may be a direct communication request message or a direct link establishment request message, and the fourth/eighth PC5-S message may be a direct communication accept message or a direct link establishment accept message. The second/sixth PC5-S message may be a secure mode command message or a direct link secure mode command message, and the third/seventh PC5-S message may be a secure mode complete message or a direct link secure mode complete message.
Referring back to fig. 3 and 4, in one exemplary embodiment of the third UE. The third UE 300 includes program code 312 stored in the memory 310. CPU 308 may execute program code 312 to enable a third UE to (i) receive a first PC5-S message from a first UE for initiating a procedure to establish a first layer 2 link between the first UE and the third UE; (ii) Transmitting a second PC5-S message to the first UE for establishing a first security context between the first UE and a third UE in a procedure for establishing the first layer 2 link; (iii) Receiving a third PC5-S message from the first UE for completing establishment of the first security context in a procedure for establishing the first layer 2 link; and (iv) transmitting a fourth PC5-S message to the first UE for completing the procedure of establishing the first layer 2 link, wherein the fourth PC5-S message contains the layer 2 identity of the second UE. Further, the CPU 308 may execute the program code 312 to perform all of the above-described acts and steps or other acts and steps described herein.
Fig. 23 is a flow chart 2300 illustrating an exemplary third UE. In step 2305, the third UE receives a first PC5-S message from the first UE for initiating a procedure to establish a first layer 2 link between the first UE and the third UE. In step 2310, in response to receiving the first PC5-S message, the third UE initiates a procedure to establish a second layer 2 link between the second UE and the third UE, wherein the third UE transmits a layer 2 identification (L2 ID) of the first UE to the second UE in the procedure to establish the second layer 2 link.
In one embodiment, the third UE may transmit a second PC5-S message to the second UE for requesting establishment of the second layer 2 link in the procedure for establishing the second layer 2 link. The third UE may receive a third PC5-S message from the second UE for establishing a second security context between the second UE and the third UE in the procedure of establishing the second layer 2 link. The third UE may transmit a fourth PC5-S message to the second UE for completing the establishment of the second security context in the procedure for establishing the second layer 2 link. The third UE may receive a fifth PC5-S message from the second UE for completing the procedure of establishing the second layer 2 link.
In one embodiment, the first PC5-S message may contain an upper layer identity or an application layer identity of the second UE. The first PC5-S message may be received by using the first layer 2 identity of the third UE as the destination L2ID and the layer 2 identity of the first UE as the source L2 ID. The second PC5-S message may be sent by using the layer 2 identity of the third UE as the source L2ID and the layer 2 identity or public address of the second UE as the destination L2 ID.
In one embodiment, the layer 2 identity of the first UE may be included in the second PC5-S message or the fourth PC5-S message. The method of claim 5, wherein the first UE is a source remote UE. The second UE may be a target remote UE. The third UE may be an inter-UE relay UE.
Referring back to fig. 3 and 4, in one exemplary embodiment of the third UE. The third UE 300 includes program code 312 stored in the memory 310. CPU 308 may execute program code 312 to enable a third UE to (i) receive a first PC5-S message from a first UE for initiating a procedure to establish a first layer 2 link between the first UE and the third UE; and (ii) in response to receiving the first PC5-S message, initiate a procedure to establish a second layer 2 link between the second UE and a third UE, wherein the third UE transmits a layer 2 identity of the first UE to the second UE in the procedure to establish the second layer 2 link. Further, the CPU 308 may execute the program code 312 to perform all of the above-described acts and steps or other acts and steps described herein.
Fig. 24 is a flowchart 2400 illustrating an exemplary third UE. In step 2405, the third UE transmits a first PC5-S message to the second UE for initiating a procedure to establish a second layer 2 link between the second UE and the third UE. In step 2410, the third UE receives a second PC5-S message from the second UE for establishing a second security context between the second UE and the third UE in the procedure of establishing the second layer 2 link. In step 2415, the third UE transmits a third PC5-S message to the second UE for completing establishment of the second security context in the procedure for establishing the second layer 2 link, wherein the third PC5-S message includes the layer 2 identity of the first UE. In step 2420, the third UE receives a fourth PC5-S message from the second UE for completing the procedure for establishing the second layer 2 link.
In one embodiment, the first PC5-S message may include an upper layer/application layer identification of the first UE.
In one embodiment, the third UE may receive a fifth PC5-S message from the first UE for initiating a procedure to establish a first layer 2 link between the first UE and the third UE. The third UE may transmit a sixth PC5-S message to the first UE for establishing a first security context between the first UE and the third UE in the procedure of establishing the first layer 2 link. The third UE may receive a seventh PC5-S message from the first UE for completing the establishment of the first security context in the procedure of establishing the first layer 2 link. The third UE may transmit an eighth PC5-S message to the first UE for completing the procedure of establishing the first layer 2 link, wherein the eighth PC5-S message includes the layer 2 identity of the second UE.
In one embodiment, a third UE may transmit a first PC5-RRC message to the first UE, wherein the first PC5-RRC message includes a layer 2 identity of the second UE and a second local UE ID of the second UE. The third UE may transmit a second PC5-RRC message to the second UE, wherein the second PC5-RRC message includes the layer 2 identity of the first UE and the first local UE ID of the first UE. The third UE may receive a first PC5-RRC message from the first UE, wherein the first PC5-RRC message includes a layer 2 identity of the second UE and a second local UE ID of the second UE. The third UE may receive a second PC5-RRC message from the second UE, wherein the second PC5-RRC message includes the layer 2 identity of the first UE and the first local UE ID of the first UE.
In one embodiment, the third PC5-S message may be sent to the second UE by using the layer 2 identity of the third UE as the source L2ID and the layer 2 identity of the second UE as the destination L2 ID. An eighth PC5-S message may be sent to the first UE by using the layer 2 identity of the third UE as the source L2ID and the layer 2 identity of the first UE as the destination L2 ID.
In one embodiment, the first/fifth PC5-S message may be a direct communication request message or a direct link establishment request message, and the fourth/eighth PC5-S message may be a direct communication accept message or a direct link establishment accept message. The second/sixth PC5-S message may be a secure mode command message or a direct link secure mode command message, and the third/seventh PC5-S message may be a secure mode complete message or a direct link secure mode complete message. The first UE may be a source remote UE, the second UE may be a destination remote UE, and the third UE may be an inter-UE relay UE.
Referring back to fig. 3 and 4, in one exemplary embodiment of the third UE. The third UE 300 includes program code 312 stored in the memory 310. CPU 308 may execute program code 312 to enable a third UE to (i) transmit a first PC5-S message to a second UE for initiating a procedure to establish a second layer 2 link between the second UE and the third UE; (ii) Receiving a second PC5-S message from the second UE for establishing a second security context between the second UE and a third UE in a procedure for establishing a second layer 2 link; (iii) Transmitting a third PC5-S message to the second UE for completing establishment of the second security context in a procedure for establishing the second layer 2 link, wherein the third PC5-S message contains the layer 2 identity of the first UE; and (iv) receiving a fourth PC5-S message from the second UE for completing the procedure of establishing the second layer 2 link. Further, the CPU 308 may execute the program code 312 to perform all of the above-described acts and steps or other acts and steps described herein.
Various aspects of the disclosure have been described above. It should be understood that the teachings herein may be embodied in a wide variety of forms and that any specific structure, function, or both being disclosed herein is merely representative. Based on the teachings herein one skilled in the art should appreciate that an aspect disclosed herein may be implemented independently of any other aspects and that two or more of these aspects may be combined in various ways. For example, an apparatus may be implemented or a method practiced using any number of the aspects set forth herein. In addition, such apparatus may be implemented or such method may be practiced using other structure, functionality, or structure and functionality in addition to or other than one or more of the aspects set forth herein. As an example of some of the above concepts, in some aspects, parallel channels may be established based on pulse repetition frequencies. In some aspects, parallel channels may be established based on pulse positions or offsets. In some aspects, parallel channels may be established based on a hop sequence. In some aspects, parallel channels may be established based on pulse repetition frequency, pulse position or offset, and time hopping sequence.
Those of skill in the art would understand that information and signals may be represented using any of a variety of different technologies and techniques. For example, data, instructions, commands, information, signals, bits, symbols, and chips that may be referenced throughout the above description may be represented by voltages, currents, electromagnetic waves, magnetic fields or particles, optical fields or particles, or any combination thereof.
Those of skill would further appreciate that the various illustrative logical blocks, modules, processors, means, circuits, and algorithm steps described in connection with the aspects disclosed herein may be implemented as electronic hardware (e.g., digital implementations, analog implementations, or combinations of both, which may be designed using source coding or some other technique), various forms of program or design code incorporating instructions (which may be referred to herein as "software" or a "software module" for convenience), or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
Additionally, the various illustrative logical blocks, modules, and circuits described in connection with the aspects disclosed herein may be implemented within or performed by an integrated circuit ("IC"), an access terminal, or an access point. An IC may comprise a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, electrical components, optical components, mechanical components, or any combination thereof designed to perform the functions described herein, and may execute code or instructions that reside within the IC, outside the IC, or both. The general purpose processor may be a microprocessor; but, in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
It should be understood that any particular order or hierarchy of steps in any disclosed process is an example of an example approach. It should be understood that the particular order or hierarchy of steps in the process may be rearranged based on design preferences while remaining within the scope of the present disclosure. The accompanying method claims present elements of the various steps in a sample order, and are not meant to be limited to the specific order or hierarchy presented.
The steps of a method or algorithm described in connection with the aspects disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. Software modules (e.g., containing executable instructions and associated data) and other data may reside in data storage such as RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of computer-readable storage medium known in the art. An example storage medium may be coupled to a machine, such as a computer/processor (which may be referred to herein as a "processor" for convenience), such that the processor can read information (e.g., code) from, and write information to, the storage medium. An example storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC. The ASIC may reside in a user equipment. In the alternative, the processor and the storage medium may reside as discrete components in a user device. Furthermore, in some aspects, any suitable computer program product may comprise a computer-readable medium comprising code relating to one or more of the aspects of the present disclosure. In some aspects, the computer program product may include packaging material.
While the application has been described in connection with various aspects, it will be understood that the application is capable of further modifications. This disclosure is intended to cover any variations, uses, or adaptations of the application following, in general, the principles of the application and including such departures from the present disclosure as come within known and customary practice within the art to which the application pertains.
Cross Reference to Related Applications
The present application claims the benefit of U.S. provisional patent application Ser. Nos. 63/346,462 and 63/346,473 filed 5/27 of 2022, the entire disclosures of which are incorporated herein by reference in their entirety.

Claims (18)

1. A method for a third user device, comprising:
the third user device receiving a first PC5-S message from a first user device for initiating a procedure to establish a first layer 2 link between the first user device and the third user device;
the third user device transmitting a second PC5-S message to the first user device for establishing a first security context between the first user device and the third user device in the procedure for establishing the first layer 2 link;
The third user device receiving a third PC5-S message from the first user device for completing the establishment of the first security context in the procedure for establishing the first layer 2 link; and
the third user device transmits a fourth PC5-S message to the first user device for completing the procedure of establishing the first layer 2 link, wherein the fourth PC5-S message contains a layer 2 identification of a second user device.
2. The method according to claim 1, characterized in that it comprises:
in response to receiving the first PC5-S message, the third user device transmits a fifth PC5-S message to the second user device for initiating a procedure to establish a second layer 2 link between the second user device and the third user device; and
the third user device receives a sixth PC5-S message from the second user device for establishing a second security context between the second user device and the third user device in the procedure for establishing the second layer 2 link.
3. Method according to claim 2, characterized in that the first PC5-S message contains an upper layer identity or an application layer identity of the second user equipment and/or the sixth PC5-S message is received by using the layer 2 identity of the third user equipment as destination layer 2 identity and the layer 2 identity of the second user equipment as source layer 2 identity.
4. The method of claim 1, wherein the first user device is a source remote user device, the second user device is a target remote user device, and the third user device is an inter-user device relay user device.
5. A third user device, comprising:
a control circuit;
a processor mounted in the control circuit; and
a memory mounted in the control circuit and operatively coupled to the processor;
wherein the processor is configured to execute the program code stored in the memory to:
receiving a first PC5-S message from a first user equipment for initiating a procedure to establish a first layer 2 link between the first user equipment and the third user equipment;
transmitting a second PC5-S message to the first user equipment for establishing a first security context between the first user equipment and the third user equipment in the procedure for establishing the first layer 2 link;
receiving a third PC5-S message from the first user equipment for completing the establishment of the first security context in the procedure for establishing the first layer 2 link; and
Transmitting a fourth PC5-S message to said first user equipment for completing said procedure of establishing said first layer 2 link, wherein said fourth PC5-S message contains a layer 2 identification of a second user equipment.
6. The third user device of claim 5, wherein the processor is further configured to execute program code stored in the memory to:
transmitting a fifth PC5-S message to the second user device for initiating a procedure to establish a second layer 2 link between the second user device and the third user device in response to receiving the first PC5-S message; and
a sixth PC5-S message is received from the second user equipment for establishing a second security context between the second user equipment and the third user equipment in the procedure for establishing the second layer 2 link.
7. A third user device according to claim 6, characterized in that the first PC5-S message contains an upper layer identification or an application layer identification of the second user device and/or the sixth PC5-S message is received by using the layer 2 identification of the third user device as destination layer 2 identification and the layer 2 identification of the second user device as source layer 2 identification.
8. The third user device of claim 5, wherein the first user device is a source remote user device, the second user device is a target remote user device, and the third user device is an inter-user device relay user device.
9. A method for a third user device, comprising:
the third user device receiving a first PC5-S message from a first user device for initiating a procedure to establish a first layer 2 link between the first user device and the third user device; and
in response to receiving the first PC5-S message, the third user device initiates a procedure to establish a second layer 2 link between a second user device and the third user device, wherein the third user device sends a layer 2 identification of the first user device to the second user device in the procedure to establish the second layer 2 link.
10. The method according to claim 9, comprising:
said third user device transmitting a second PC5-S message to said second user device for requesting establishment of said second layer 2 link in said procedure for establishing said second layer 2 link;
The third user device receiving a third PC5-S message from the second user device for establishing a second security context between the second user device and the third user device in the procedure for establishing the second layer 2 link;
said third user device transmitting a fourth PC5-S message to said second user device for completing the establishment of said second security context in said procedure of establishing said second layer 2 link; and
the third user device receives a fifth PC5-S message from the second user device for completing the procedure of establishing the second layer 2 link.
11. The method according to claim 10, characterized in that the first PC5-S message contains an upper layer identity or an application layer identity of the second user equipment, the first PC5-S message is received by using a first layer 2 identity of the third user equipment as destination layer 2 identity and the layer 2 identity of the first user equipment as source layer 2 identity, and/or the second PC5-S message is sent by using a layer 2 identity of the third user equipment as source layer 2 identity and a layer 2 identity or a public address of the second user equipment as destination layer 2 identity.
12. The method of claim 10, wherein the layer 2 identity of the first user device is contained in the second PC5-S message or the fourth PC5-S message.
13. The method of claim 9, wherein the first user device is a source remote user device, the second user device is a target remote user device, and the third user device is an inter-user device relay user device.
14. A third user device, comprising:
a control circuit;
a processor mounted in the control circuit; and
a memory mounted in the control circuit and operatively coupled to the processor;
wherein the processor is configured to execute the program code stored in the memory to:
receiving a first PC5-S message from a first user equipment for initiating a procedure to establish a first layer 2 link between the first user equipment and the third user equipment; and
in response to receiving the first PC5-S message, initiating a procedure to establish a second layer 2 link between a second user device and the third user device, wherein the third user device sends a layer 2 identification of the first user device to the second user device in the procedure to establish the second layer 2 link.
15. The third user device of claim 14, wherein the processor is further configured to execute program code stored in the memory to:
transmitting a second PC5-S message to the second user equipment for requesting establishment of the second layer 2 link in the procedure for establishing the second layer 2 link;
receiving a third PC5-S message from the second user equipment for establishing a second security context between the second user equipment and the third user equipment in the procedure for establishing the second layer 2 link;
transmitting a fourth PC5-S message to the second user equipment for completing the establishment of the second security context in the procedure for establishing the second layer 2 link; and
a fifth PC5-S message is received from the second user equipment for completing the procedure of establishing the second layer 2 link.
16. A third user device according to claim 15, characterized in that the first PC5-S message contains an upper layer identity or an application layer identity of the second user device, the first PC5-S message being received by using a first layer 2 identity of the third user device as destination layer 2 identity and the layer 2 identity of the first user device as source layer 2 identity, and/or the second PC5-S message being sent by using a layer 2 identity of the third user device as source layer 2 identity and a layer 2 identity or a public address of the second user device as destination layer 2 identity.
17. The third user device of claim 15, wherein the layer 2 identification of the first user device is contained in the second PC5-S message or the fourth PC5-S message.
18. The third user device of claim 14, wherein the first user device is a source remote user device, the second user device is a target remote user device, and the third user device is an inter-user device relay user device.
CN202310611267.3A 2022-05-27 2023-05-26 Method and apparatus for local ID allocation for implementing relay communication between user equipments Pending CN117135707A (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US202263346473P 2022-05-27 2022-05-27
US63/346,462 2022-05-27
US63/346,473 2022-05-27

Publications (1)

Publication Number Publication Date
CN117135707A true CN117135707A (en) 2023-11-28

Family

ID=88849839

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310611267.3A Pending CN117135707A (en) 2022-05-27 2023-05-26 Method and apparatus for local ID allocation for implementing relay communication between user equipments

Country Status (1)

Country Link
CN (1) CN117135707A (en)

Similar Documents

Publication Publication Date Title
CN113891292B (en) Method and apparatus for establishing side link radio bearers for inter-UE relay communication in a wireless communication system
CN114257970B (en) Method and apparatus for supporting user equipment to network relay communication in wireless communication system
KR102518336B1 (en) Method and apparatus for supporting ue-to-network relay communication in a wireless communication system
EP1884061A1 (en) Means and method for ciphering and transmitting data in integrated networks
TWI721923B (en) Method and apparatus for releasing sidelink radio bearer in a wireless communication system
EP3829260B1 (en) Method and apparatus for sidelink signaling radio bearer (srb) establishment in a wireless communication system
US20210400745A1 (en) Method and apparatus for performing a pc5 unicast link establishment procedure in a wireless communication system
CN113271573A (en) Method and apparatus for handling invalid RRC reconfiguration messages for sidelink communications
CN115379591A (en) Method and device for user equipment to network relay communication in wireless communication
US20230007455A1 (en) Method and apparatus for receiving pc5 signaling (pc5-s) messages in a wireless communication system
CN116406024A (en) Method and apparatus for connecting with another remote user equipment via a relay user equipment
US20230389094A1 (en) Method and apparatus for realizing local id allocation for ue-to-ue relay communication in a wireless communication system
CN117135707A (en) Method and apparatus for local ID allocation for implementing relay communication between user equipments
US20230007447A1 (en) Method and apparatus for transmitting pc5-s messages in a wireless communication system
US11723093B1 (en) Method and apparatus for a relay user equipment (UE) supporting connection with another remote UE in a wireless communication system
US20230217346A1 (en) Method and apparatus for a relay ue supporting connection with another remote ue in a wireless communication system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination