US20110312299A1 - Methods and apparatuses facilitating synchronization of security configurations - Google Patents

Methods and apparatuses facilitating synchronization of security configurations Download PDF

Info

Publication number
US20110312299A1
US20110312299A1 US13/162,313 US201113162313A US2011312299A1 US 20110312299 A1 US20110312299 A1 US 20110312299A1 US 201113162313 A US201113162313 A US 201113162313A US 2011312299 A1 US2011312299 A1 US 2011312299A1
Authority
US
United States
Prior art keywords
access terminal
message
security
security parameters
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13/162,313
Other languages
English (en)
Inventor
Kiran KishanRao Patil
Suresh Sanka
Liangchi Hsu
Aziz Gholmieh
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Priority to US13/162,313 priority Critical patent/US20110312299A1/en
Priority to JP2013515563A priority patent/JP5462411B2/ja
Priority to ARP110102130A priority patent/AR082765A1/es
Priority to KR1020137001345A priority patent/KR101514579B1/ko
Priority to EP11728489.3A priority patent/EP2583497B1/en
Priority to MX2012014243A priority patent/MX2012014243A/es
Priority to AU2011268157A priority patent/AU2011268157B2/en
Priority to CN201180029087.XA priority patent/CN102948208B/zh
Priority to TW100121247A priority patent/TWI463856B/zh
Priority to ES11728489.3T priority patent/ES2549496T3/es
Priority to MYPI2012005019A priority patent/MY182668A/en
Priority to SG2012083416A priority patent/SG185542A1/en
Priority to PCT/US2011/040964 priority patent/WO2011160073A1/en
Priority to CN201610157207.9A priority patent/CN105682091B/zh
Priority to CA2799467A priority patent/CA2799467C/en
Priority to RU2013102262/07A priority patent/RU2523695C1/ru
Priority to BR112012032233-8A priority patent/BR112012032233B1/pt
Assigned to QUALCOMM INCORPORATED reassignment QUALCOMM INCORPORATED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: GHOLMIEH, AZIZ, HSU, LIANGCHI, PATIL, KIRAN KISHANRAO, SANKA, SURESH
Publication of US20110312299A1 publication Critical patent/US20110312299A1/en
Priority to IL223057A priority patent/IL223057A/en
Priority to ZA2013/00462A priority patent/ZA201300462B/en
Priority to IL226124A priority patent/IL226124A/en
Priority to HK13107430.8A priority patent/HK1180509A1/zh
Priority to JP2014004953A priority patent/JP2014116961A/ja
Priority to US14/970,211 priority patent/US9930530B2/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/108Source integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information

Definitions

  • Various features relate to wireless communication devices and systems, and more particularly to synchronizing security configurations between access terminals and network entities.
  • Security is an important feature of a wireless communication system.
  • Security in some wireless communication systems may conventionally comprise two features: the “Data Integrity” and “Ciphering”.
  • Data Integrity is the feature that ensures no rogue network will be able to send unnecessary signaling messages with the intent to cause, or actually causing any undesired effect in an ongoing call.
  • Ciphering is the feature that ensures all signaling and data messages are ciphered over the air interface to inhibit a third party from eavesdrop on the messages.
  • UMTS Universal Mobile Telecommunications System
  • Integrity protection may be implemented only on signaling radio bearers, whereas ciphering may be implemented on signaling as well as data radio bearers.
  • an access terminal typically negotiates with the wireless network to establish security parameters, such as encryption keys for use in encrypting (or ciphering) communications between the access terminal and the network components.
  • security parameters may be updated and/or changed occasionally to ensure secrecy of the data transmitted between the access terminal and the network components.
  • An example of a conventional method for initiating or updating security parameters between the access terminal and the wireless network generally includes the access terminal receiving a security mode command from the wireless network and updating its security parameters based on the received security mode command. After the access terminal updates its security parameters, and prior to implementing the new security parameters, the access terminal sends a security mode complete message to the wireless network. On receipt of the security mode complete message, the wireless network will begin using the new security parameters to protect any subsequent downlink messages sent to the access terminal.
  • the access terminal will not begin using the new security parameters to protect any uplink messages sent to the wireless network until an acknowledgement message is received from the wireless network in response to the security mode complete message sent by the access terminal.
  • the access terminal does not begin using the new security parameters for messages sent from the access terminal to the wireless network until the access terminal receives an acknowledgement from the wireless network that the security mode complete message was received and authenticated.
  • an access terminal may comprise a wireless communications interface coupled with a processing circuit.
  • the wireless communications interface may be adapted to facilitate wireless communications of the access terminal.
  • the processing circuit may be adapted to conduct a security mode procedure for reconfiguring security parameters of the access terminal. While the security mode procedure is ongoing, the processing circuit may initiate a mobility procedure. The processing circuit may also abort the security mode procedure and revert back to old security parameters as a result of initiating the mobility procedure.
  • a mobility update message may be sent by the processing circuit via the wireless communications interface, where the mobility update message includes a dedicated security status indicator adapted to indicate that the access terminal has reverted back to the old security parameters.
  • the processing circuit may be adapted to conduct a security mode procedure for reconfiguring security parameters of the access terminal. While the security mode procedure is ongoing, the processing circuit may initiate a mobility procedure, including sending a mobility update message. The processing circuit may also abort the security mode procedure and revert back to old security parameters as a result of initiating the mobility procedure. The processing circuit may receive a mobility update confirmation message in response to a mobility update message via the wireless communication interface. If unable to decode the mobility update confirmation message using the old security parameters, the processing circuit may switch to the new security parameters.
  • the processing circuit may be adapted to conduct a security mode procedure including sending a security mode complete message to an access network via the wireless communication interface.
  • the processing circuit may receive an acknowledgement message via the wireless communication interface.
  • the processing circuit can update to new security parameters, and send another acknowledgement message to the access network via the wireless communication interface, where the other acknowledgement message is adapted to indicate that the access terminal has updated to the new security parameters.
  • a security mode procedure may be conducted for reconfiguring security parameters of the access terminal.
  • a mobility procedure may be initiated while the security mode procedure is ongoing.
  • the security mode procedure may be aborted as a result of initiating the mobility update procedure and the access terminal may be reverted back to the old security parameters.
  • a mobility update message may be sent, where the mobility update message includes a dedicated status indicator adapted to indicate that the access terminal has reverted back to the old security parameters.
  • a security mode procedure may be conducted for reconfiguring security parameters of the access terminal.
  • a mobility procedure may be initiated while the security mode procedure is ongoing, including sending a mobility update message.
  • the security mode procedure may be aborted as a result of initiating the mobility update procedure and the access terminal may be reverted back to the old security parameters.
  • a mobility update confirmation message may be received in response to the mobility update message.
  • the access terminal may be switched to the new security parameters if the access terminal is unable to decode the mobility update confirmation message using the old security parameters.
  • such methods may include conducting a security mode procedure including sending a security mode complete message to an access network. In response to the security mode complete message, receiving an acknowledgement message.
  • the access terminal may be updated to new security parameters.
  • Another acknowledgement message may be sent to the access network, where the other acknowledgement message is adapted to indicate that the access terminal has updated to the new security parameters.
  • network entities adapted to facilitate synchronization of security parameters between access terminals and an access network.
  • Such network entities may comprise a communications interface coupled with a processing circuit.
  • the processing circuit may be adapted to receive a security mode complete message from an access terminal via the communications interface. In response to the security mode complete message, the processing circuit may update to new security parameters.
  • the processing circuit may further receive a mobility update message from the access terminal via the communications interface.
  • the mobility update message may include a dedicated security status indicator adapted to indicate that the access terminal has reverted back to old security parameters. In response to the received mobility update message, the processing circuit may revert back to the old security parameters.
  • the processing circuit may be adapted to receive a security mode complete message from an access terminal via the communications interface. In response to the security mode complete message, the processing circuit may update to new security parameters.
  • the processing circuit may receive a mobility update message from the access terminal, and may send a mobility update confirmation message to the access terminal in response to the mobility update message. If a response to the mobility update confirmation message is not received from the access terminal, the processing circuit may revert back to the old security parameters and may resend the mobility update confirmation message to the access terminal using the old security parameters to cipher the message.
  • the processing circuit may be adapted to receive a security mode complete message from an access terminal via the communications interface.
  • the processing circuit may send an acknowledgement message in response to the security mode complete message.
  • the processing circuit may receive another acknowledgement message from the access terminal indicating that the access terminal has updated to the new security parameters. In response to the other acknowledgement message, the processing circuit may update to the new security parameters.
  • a security mode complete message may be received from an access terminal
  • the network entity may be updated to new security parameters.
  • a mobility update message may be received from the access terminal, where the mobility update message includes a dedicated security status indicator adapted to indicate that the access terminal has reverted back to old security parameters.
  • the network entity may be reverted back to the old security parameters.
  • a security mode complete message may be received from an access terminal
  • the network entity may be updated to new security parameters.
  • a mobility update message may be received from the access terminal, and a mobility update confirmation message may be sent to the access terminal in response to the received mobility update message. If a response to the mobility update confirmation message is not received from the access terminal, the network entity may be reverted back to the old security parameters and the mobility update confirmation message may be resent to the access terminal using the old security parameters to cipher the mobility update confirmation message.
  • security mode complete message may be received from an access terminal.
  • An acknowledgement message may be sent in response to the security mode complete message.
  • Another acknowledgement message may be received from the access terminal indicating that the access terminal has updated to the new security parameters.
  • the network entity may be updated to the new security parameters.
  • FIG. 1 is a block diagram illustrating a network environment in which various features may be utilized according to at least one example.
  • FIG. 2 illustrates a typical key hierarchy that may be implemented within a typical wireless communication network.
  • FIG. 3 illustrates an exemplary protocol stack that may be implemented in a communication device operating in a packet-switched network.
  • FIG. 4 is a block diagram illustrating a network system in which the various security keys illustrated in FIGS. 2 and 3 may be generated.
  • FIG. 5 (comprising FIGS. 5A and 5B ) is a flow diagram illustrating an example of a security parameter synchronization operation in which an access terminal indicates to the access network that the security mode procedure was aborted at the access terminal.
  • FIG. 6 is a flow diagram illustrating an example of a security parameter synchronization operation by an access terminal when the security parameters at the access network are updated and the security parameters at the access terminal are not updated.
  • FIG. 7 is a flow diagram illustrating an example of a security parameter synchronization operation of an access terminal, access network and core network to facilitate updating of the security parameters at the access network only after the security parameters are updated at the access terminal.
  • FIG. 8 is a flow diagram illustrating an example of a security parameter synchronization operation by an access network when the security parameters of the access network are updated and security parameters of the access terminal are not.
  • FIG. 9 is a block diagram illustrating select components of an access terminal according to at least one embodiment.
  • FIG. 10 is a flow diagram illustrating an example of a method operational in an access terminal for indicating to an access network when the access terminal has reverted to old security parameters.
  • FIG. 11 is a flow diagram illustrating an example of a method operational in an access terminal for determining a status of the security parameters at an access network for communicating with the access terminal.
  • FIG. 12 is a flow diagram illustrating an example of a method operational in an access terminal for indicating to an access network when the access terminal has updated to new security parameters.
  • FIG. 13 is a block diagram illustrating select components of a network entity according to at least one embodiment.
  • FIG. 14 is a flow diagram illustrating an example of a method operational in a network entity for determining that an access terminal has reverted to old security parameters.
  • FIG. 15 is a flow diagram illustrating an example of a method operational in a network entity for determining that an access terminal has reverted to old security parameters.
  • FIG. 16 is a flow diagram illustrating an example of a method operational in a network entity for updating from old security parameters to new security parameters after the access terminal has updated to the new security parameters.
  • an “access terminal” may include user equipment and/or subscriber devices, such as mobile phones, pagers, wireless modems, personal digital assistants, personal information managers (PIMs), personal media players, palmtop computers, laptop computers, and/or other mobile communication/computing devices which communicate, at least partially, through a wireless or cellular network.
  • subscriber devices such as mobile phones, pagers, wireless modems, personal digital assistants, personal information managers (PIMs), personal media players, palmtop computers, laptop computers, and/or other mobile communication/computing devices which communicate, at least partially, through a wireless or cellular network.
  • an access terminal may indicate to a network entity that the access terminal has reverted back to old security parameters.
  • the access terminal may send an indicator with a mobility update message to inform the network entity of the reversion.
  • the access terminal may send a message to the network entity to inform the network entity that the access terminal has successfully updated to the new security parameters.
  • an access terminal may determine that a network entity has updated to the new security parameters and may accordingly update its own security parameters. For example, after aborting a security mode procedure for updating to new security parameters, the access terminal may determine that it is unable to decode a message received from the network entity. In response to the failure to decode, the access terminal may update to the new security parameters and attempt to decode the received message using the new security parameters. If the access terminal is successful in decoding the received message with the new security parameters, the access terminal can continue using the new security parameters.
  • a network entity may determine that an access terminal has reverted back to old security parameters and may accordingly revert its own security parameters. For example, after updating to new security parameters, the network entity may send a message to the access terminal that is ciphered according to the new security parameters. If the network entity fails to receive a response to the sent message, the network entity may revert back to the old security parameters and send the message using the old security parameters to cipher the message. If the network entity receives a response to the sent message using the old security parameters, the network entity can continue using the old security parameters.
  • FIG. 1 is a block diagram illustrating a network environment in which various features may be utilized according to at least one example.
  • An access terminal 102 may be adapted to wirelessly communicate with an access network 104 , which is communicatively coupled to a core network 106 .
  • the access network 104 includes radio equipment adapted to enable access terminals 102 to access the network, while the core network 106 includes switching and routing capabilities for connecting to either a circuit-switched network (e.g., Public Switched Telephone Network (PTSN)/Integrated Services Digital Network (ISDN) 108 ) or to a packet-switched network (e.g., internet 110 ).
  • the core network 106 further facilitates mobility and subscriber location management and authentication services.
  • the core network 106 may be a Universal Mobile Telecommunications System (UMTS)-compatible network or a Global System for Mobile communication (GSM)-compatible network.
  • UMTS Universal Mobile Telecommunications System
  • GSM Global System for Mobile communication
  • the access network 104 may include one or more access nodes 112 (e.g., base station, node B, etc.) and a radio network controller (RNC) 114 .
  • Each access node 112 is typically associated with a cell, or sector, comprising a geographical area of reception and transmission coverage. Cells, or sectors, can overlap with each other.
  • the radio network controller (RNC) 114 may be adapted to control the access nodes 112 that are communicatively connected to it.
  • the radio network controller (RNC) 114 may further be adapted to carry out radio resource management, some of the mobility management functions, and may be the point where encryption is performed before user data is sent to and from the access terminal 102 .
  • the radio network controller (RNC) 114 is communicatively coupled to the core network 106 via a serving General Packet Radio Service (GPRS) support node (SGSN) 116 for packet-switched calls and via a mobile switching center (MSC) 118 , which may include a visitor location register (VLR), for circuit-switched calls.
  • GPRS General Packet Radio Service
  • MSC mobile switching center
  • a home location register (HLR) and an Authentication Center (AuC) 120 may serve to authenticate access terminals prior to providing communication services via the core network 106 .
  • HLR home location register
  • AuC Authentication Center
  • the core network 106 may also include a mobile management entity (MME) performs bearer activation/deactivation of access terminals, assists in authenticating access terminals, and/or perform access terminal tracking and/or paging procedures (including retransmissions) for the access terminals coupled to the core network.
  • MME mobile management entity
  • the access terminal 102 When an access terminal 102 attempts to connect to the access network 104 , the access terminal 102 is initially authenticated in order to verify the identity of the access terminal 102 . The access terminal 102 also authenticates the network to verify that it is connected to an access network 104 that it is authorized to use. Negotiation typically ensues between the access terminal 102 and the access network 104 and/or core network 106 to establish security parameters, such as encryption keys for use in encrypting communications between the access terminal 102 and the network components (e.g., access network 104 and/or core network 106 ). Such security parameters may be updated and/or changed occasionally to ensure secrecy of the data transmitted between the access terminal 102 and the network components.
  • security parameters such as encryption keys for use in encrypting communications between the access terminal 102 and the network components (e.g., access network 104 and/or core network 106 ).
  • security parameters may be updated and/or changed occasionally to ensure secrecy of the data transmitted between the access terminal 102 and the network components.
  • FIG. 2 illustrates a typical key hierarchy 200 that may be implemented to establish the security parameters (e.g., encryption keys) for use in encrypting communications between the access terminal 102 and the network components (e.g., access network 104 and/or core network 106 ).
  • a Universal Subscriber Identity Module USIM
  • HLR/AuC 120 in FIG. 1 an Authentication Center
  • IK integrity key
  • the cipher key (CK) 204 and integrity key (IK) 206 may then be used by the communication device and the core network 106 (e.g., a Home Location Register (HLR)) to generate an Access Security Management Entity key K_ASME 208 .
  • the security activation of an access terminal 102 may be accomplished through an Authentication and Key Agreement procedure (AKA), Non-Access Stratum (NAS) Security Mode Configuration (NAS SMC) procedure and Access Stratum (AS) Security mode Configuration (AS SMC) procedure.
  • AKA Authentication and Key Agreement procedure
  • NAS Non-Access Stratum
  • NAS SMC Access Stratum
  • AS Access Stratum Security mode Configuration
  • AKA is used to derive the key K_ASME 208 , which is then used as a base key for the calculation of NAS (Non-Access Stratum) keys 210 and 212 and AS (Access Stratum) keys 214 , 216 , 218 , and 220 .
  • the access terminal 102 and the core network 106 may then use the K_ASME 208 to generate one or more of these security keys.
  • Packet-switched networks may be structured in multiple hierarchical protocol layers, where the lower protocol layers provide services to the upper layers and each layer is responsible for different tasks.
  • FIG. 3 illustrates an exemplary protocol stack that may be implemented in a communication device operating in a packet-switched network.
  • the protocol stack 302 includes a Physical (PHY) Layer 304 , a Media Access Control (MAC) Layer 306 , a Radio Link Control (RLC) Layer 308 , a Packet Data Convergence Protocol (PDCP) Layer 310 , a Radio Resource Control (RRC) Layer 312 , a Non-Access Stratum (NAS) Layer 314 , and an Application (APP) Layer 316 .
  • PHY Physical
  • MAC Media Access Control
  • RLC Radio Link Control
  • PDCP Packet Data Convergence Protocol
  • RRC Radio Resource Control
  • NAS Non-Access Stratum
  • APP Application
  • the layers below the NAS Layer 314 are often referred to as the Access Stratum (AS) Layer 318 .
  • the RLC Layer 308 may include one or more channels 320 .
  • the RRC Layer 312 may implement various monitoring modes for the access terminal, including connected state and idle state.
  • the Non-Access Stratum (NAS) Layer 314 may maintain the communication device's mobility management context, packet data context and/or its IP addresses. Note that other layers may be present in the protocol stack 302 (e.g., above, below, and/or in between the illustrated layers), but have been omitted for the purpose of illustration.
  • radio/session bearers 322 may be established, for example at the RRC Layer 312 and/or NAS Layer 314 . Consequently, the NAS Layer 314 may be used by an access terminal 102 and the core network 106 to generate the security keys K_NAS-enc 210 and K_NAS-int 212 shown in FIG. 2 . Similarly, the RRC Layer 312 may be used by the access terminal 102 and the access network 104 (e.g., RNC 114 ) to generate the Access Stratum (AS) security keys K_UP-enc 216 , K_RRC-enc 218 , and K_RRC-int 220 .
  • AS Access Stratum
  • K_UP-enc 216 K_RRC-enc 218 , and K_RRC-int 220 may be generated at the RRC Layer 312 , these keys may be used by the PDCP Layer 310 to secure signalling and/or user/data communications.
  • the key K_UP-enc 216 may be used by the PDCP Layer 310 to secure for user/data plane (UP) communications
  • the keys K_RRC-enc 218 , and K_RRC-int 220 may be used to secure signalling (i.e., control) communications at the PDCP Layer 310 .
  • RRC Radio Resource Control
  • FIG. 4 is a block diagram illustrating a network system in which the various security keys illustrated in FIGS. 2 and 3 may be generated.
  • an access terminal 402 may implement a communication stack that includes various layers (e.g., APP, NAS, RRC, RLC, MAC, and PHY).
  • An access network 404 may provide wireless connectivity to the access terminal 402 so that it may communicate with the network.
  • An authentication center (AuC) 406 and the access terminal 402 may both know or have access to a root key (K) which can be used to generate or obtain a cipher key (CK) and/or an integrity key (IK).
  • K root key
  • CK cipher key
  • IK integrity key
  • the access terminal 402 and/or a home location register (HLR) 408 may then use the cipher key (CK) and/or integrity key (IK) to generate an Access Security Management Entity key K_ASME.
  • K_ASME key the access terminal 402 and a mobility management entity (MME) 410 may then generate the keys K_NAS-enc and K_NAS-int.
  • MME 410 may also generate an access network-specific key K_eNB/NH.
  • this access network-specific key K_eNB/NH the access terminal 402 and access network 404 may generate the keys K_UP-enc and K_RRC-enc and K_RRC-int.
  • the access terminal 102 is typically adapted to change between cells (e.g., access nodes 112 ) to which it is actively connected. For example, as an access terminal 102 travels through a geographic area, different cells (e.g., access nodes 112 ) may provide better connectivity (e.g., stronger signal). The access terminal 102 may accordingly switch from one cell (e.g., access node 112 ) to another cell (e.g., access node 112 ).
  • cells e.g., access nodes 112
  • the access terminal 102 may accordingly switch from one cell (e.g., access node 112 ) to another cell (e.g., access node 112 ).
  • such mobility of an access terminal 102 requiring changes from one cell (e.g., access node 112 ) to another cell (e.g., access node 112 ) may result in cancellation of any ongoing update of security parameters (e.g., update to Access Stratum security parameters K_UP-enc, K_RRC-enc and/or K_RRC-int).
  • security parameters e.g., update to Access Stratum security parameters K_UP-enc, K_RRC-enc and/or K_RRC-int.
  • a mobility procedure may be initiated, resulting in a cancellation of an ongoing security mode procedure.
  • a mobility procedure may include a cell reselection, Radio Link Control (RLC) unrecoverable error, out of service issue, etc.
  • RLC Radio Link Control
  • some non-limiting examples of mobility update messages that may be sent as part of a mobility procedure can include a cell reselection message, a radio link control (RLC) unrecoverable error message, an
  • the access terminal 102 when the access terminal 102 initiates a mobility procedure (e.g., reselection of an access node 112 ) after the access network 104 has updated to new security parameters, the access terminal 102 may be adapted to send an indication to the access network 104 informing the access network 104 that the access terminal 102 has reverted back to the old security parameters.
  • the access terminal 102 may include an indication with the mobility update message sent to the access network 104 .
  • the access network 104 may be adapted to switch back to the old security parameters when the access terminal 102 fails to respond to a mobility update confirmation message from the access network 104 that is encrypted according to the new security parameters. That is, after the access network 104 has sent a mobility update confirmation message to the access terminal 102 a specific number of times without receiving a response from the access terminal 102 , the access network 104 may revert back to the old security parameters and send the mobility update confirmation message encrypted according to the old security parameters. If the access terminal 102 then responds to the mobility update confirmation message that is encrypted according to the old security parameters, then the access network 104 knows that the update of security parameters was not successful and the access network 104 continues using the old security parameters.
  • the access network 104 may be adapted to update the security parameters only after receiving an additional acknowledgement message from the access terminal 102 . That is, after a mobility update confirmation message is sent from the access network 104 to the access terminal 102 , the access network 104 may await another acknowledgement message from the access terminal 102 before the access network 104 updates the security parameters. In this manner, if the access terminal 102 has aborted the update of the security parameters, the access network 104 will not unknowingly update its security parameters prematurely.
  • the access terminal 102 may be adapted to identify its failure to decode a mobility update confirmation message from the access network 104 after it is sent a specific number of times. If the access terminal 102 is unable to decode the message after the specific number of times, the access terminal 102 may be adapted to switch to the new security parameters and attempt to decode the mobility update confirmation message using the new parameters. If the access terminal 102 is successful in decoding the mobility update confirmation message using the new parameters, then the access terminal 102 can continue from that point forward to use the new security parameters in communicating with the access network 104 .
  • FIG. 5 (comprising FIGS. 5A and 5B ) is a flow diagram illustrating an example of a security parameter synchronization operation by an access network when the security parameters of the access network are updated and security parameters of the access terminal are not.
  • AS Access Stratum
  • FIGS. 6-8 are directed to implementations involving an Access Stratum (AS) security mode procedure for initiating and updating the Access Stratum security parameters
  • the features described herein may be implemented in other security mode procedures, such as Non-Access Stratum (NAS) security mode procedures.
  • the access terminal 102 , access network 104 and core network 106 of FIG. 1 are used for illustrative purposes.
  • the access terminal 102 may establish a radio resource control (RRC) connection 502 with the access network 104 .
  • the message transmitted from the access terminal 102 to the access network 104 when the radio resource control (RRC) connection is established may include the access terminal's security capability information.
  • the access terminal security capability information is adapted to inform the access network 104 about the ciphering (or encryption) algorithms and the integrity algorithms that are supported by the access terminal 102 .
  • the security capability information may also optionally include a classmark message indicating the GSM security algorithms supported by the access terminal 102 (e.g., GSM classmarks 2 and 3 ) and/or START values for the circuit-switched service domain and the packet-switched service domain.
  • the information from the radio resource control (RRC) connection establishment message may be stored 504 at the access network 104 .
  • the access terminal 102 may then send an initial direct transfer message 506 to the core network 106 .
  • the initial direct transfer message 506 may include, among other information, a user identity and a key set identifier (KSI) allocated by the circuit-switched service domain or the packet-switched service domain at the last authentication for this core network 106 .
  • the initial direct transfer message may comprise a layer 3 (L3) message, such as a location update request, a CM service request, a routing area update request, an attach request, a paging response or other L3 message.
  • L3 layer 3
  • the initial direct transfer message may be sent, for example to a visitor location register (VLR) for the circuit-switched service domain of the core network 106 or a GPRS support node (SGSN) for the packet-switched service domain of the core network 106 .
  • VLR visitor location register
  • SGSN GPRS support node
  • Authentication of the access terminal 102 and generation of new security keys may be performed between the access terminal 102 and the core network 106 using an authentication and key agreement (AKA) procedure 508 .
  • AKA authentication and key agreement
  • a new key set identifier KAI may optionally be allocated.
  • the new security keys e.g., integrity key (IK) and ciphering key (CK) can be employed to calculate Access Stratum (AS) keys.
  • the core network 106 can decide which ciphering algorithm and integrity algorithm are to be used in order of preference at 510 .
  • the core network 106 can then send an Access Stratum (AS) security mode command message 512 to the access network 104 .
  • the Access Stratum (AS) security mode command message 512 can be sent according to a radio access network application part (RANAP) protocol, and can be directed to the radio network controller (RNC) of the access network 104 .
  • RANAP radio access network application part
  • RNC radio network controller
  • This security mode command message 512 may include a list of allowed integrity algorithms in order of preference, and the integrity key (IK) to be used. If ciphering is to be initiated, the security mode command message 512 may also include a list of allowed ciphering algorithms in order of preference, and the ciphering key (CK) to be used. If authentication and key agreement (AKA) has been performed, this will be indicated to the access network 104 so the START values will be reset when new keys are initiated for use.
  • IK integrity key
  • CK ciphering key
  • the access network 104 decides which algorithms (e.g., integrity algorithm, ciphering algorithm) to use, generates a random value RAND, and starts integrity protection at 514 .
  • the access network 104 can then generate a radio resource control (RRC) message 516 comprising an Access Stratum (AS) security mode command message, and sends the message to the access terminal 102 .
  • RRC radio resource control
  • AS Access Stratum
  • the AS security mode command message 516 may include the access terminal's 102 security capability, the integrity algorithm and random value RAND to be used. If ciphering is to be started, the message 516 may also include the ciphering algorithm to be used. Additional information may also be included.
  • the network can indicate which key set is to be used.
  • the access network 104 Before sending the AS security mode command message 516 to the access terminal 102 , the access network 104 generates a message authentication code for integrity (MAC-I) and attaches this information to the AS security mode command message 516 .
  • MAC-I message authentication code for integrity
  • the access terminal 102 receives the AS security mode command message, verifies that the security capability is the same as that sent in the radio resource control (RRC) connection establishment message and verifies the message by comparing the MAC-I with a generated XMAC-I at 518 .
  • the access terminal 102 can compute XMAC-I on the message received by using at least the indicated integrity algorithm and the received random value RAND parameter. If all checks are successful, then the access terminal 102 sends an Access Stratum (AS) security mode complete message 520 including a MAC-I. If the checks were not successful then a security mode reject message would have been sent.
  • RRC radio resource control
  • the access network 104 When the access network 104 receives the AS security mode complete message, it verifies the integrity of the message by generating XMAC-I and comparing it with MAC-I included with the AS security mode complete message 522 .
  • An AS security mode complete message 524 is sent from the access network 104 to the core network 106 as a radio access network application part (RANAP) message indicating the algorithms selected for integrity and ciphering.
  • RANAP radio access network application part
  • An acknowledgement message 526 is sent from the access network 104 to the access terminal 102 to acknowledge receipt of the AS security mode complete message.
  • the acknowledgement message 526 may comprise an L2 acknowledgement.
  • the AS security mode complete message (e.g., 520 ) from the access terminal 102 to the access network 104 starts the downlink integrity protection, i.e., subsequent downlink messages sent to the access terminal 102 are integrity protected using the new security parameters.
  • the uplink integrity protection does not begin until the access terminal 102 receives the acknowledgement message at step 526 from the access network 104 , whereupon the access terminal 102 updates its security parameters at step 528 .
  • the access terminal 102 does not begin using the new Access Stratum (AS) security parameters for messages sent from the access terminal 102 to the access network 104 until the access terminal 102 receives an acknowledgement from the access network 104 that the Access Stratum (AS) security mode complete message was received and authenticated.
  • AS Access Stratum
  • the access terminal 102 is typically adapted to abort the Access Stratum (AS) security mode procedure when a mobility procedure is initiated, such as when a mobility update message is sent from the access terminal 102 to the access network 104 . Consequently, the access terminal 102 may initiate a mobility procedure, including generating and sending a mobility update message 530 after the Access Stratum (AS) security mode complete message 520 is sent to the access network 104 , and before receiving the acknowledgement 526 and/or updating the access terminal security parameters. As a result of initiated the mobility procedure, the access terminal 102 aborts the security mode procedure and reverts to the old Access Stratum (AS) security parameters 528 .
  • AS Access Stratum
  • the access terminal 102 may receive an acknowledgement 526 after the mobility procedure is initiated, but the access terminal 102 has aborted the Access Stratum (AS) security mode procedure and has not, therefore, updated to the new Access Stratum (AS) security parameters, unbeknownst to the access network 104 .
  • AS Access Stratum
  • the mobility update message 530 includes an indicator that informs the access network 104 that the access terminal 102 has aborted the AS security mode procedure and has reverted to the old AS security parameters.
  • the indicator can comprise a new information element (IE) in the mobility update message.
  • the indicator may comprise one or more bits of the mobility update message.
  • the access network 104 Upon receipt of the mobility update message including the indicator, the access network 104 reverts back to the old Access Stratum (AS) security parameters 532 . The access network 104 may then generate and send a mobility update confirmation message 534 to the access terminal 102 that is ciphered using the old AS security parameters.
  • AS Access Stratum
  • the access terminal 102 may be adapted to adjust to the new security parameters when it appears to the access terminal 102 that the access network 104 is operating with the new security parameters while the access terminal 102 is operating with the old security parameters.
  • FIG. 6 is a flow diagram illustrating an example of a security parameter synchronization operation by an access terminal when the security parameters at the access network are updated and the security parameters at the access terminal are not. The steps shown in FIG. 6 correspond to steps following all the steps described and shown in relation to FIG. 5A . That is, FIG. 6 is intended to show the steps that follow after the steps of FIG. 5A are completed.
  • the access terminal 102 verifies the security capability is the same as that sent in the radio resource control (RRC) connection establishment message, computes XMAC-I and verifies the integrity of the AS security mode command message by comparing the received MAC-I with the generated XMAC-I 602 . If all checks are successful, then the access terminal 102 sends an Access Stratum (AS) security mode complete message 604 including a MAC-I. If the checks were not successful then an Access Stratum (AS) security mode reject message would have been sent.
  • the access network 104 receives the AS security mode complete message, it verifies the integrity of the message at step 606 , and sends an AS security mode complete message 608 to the core network 106 indicating the selected encryption and integrity algorithms.
  • the access network 104 may update to the new Access Stratum (AS) security parameters while the access terminal 102 fails to update to the new AS security parameters. For example, after sending the AS security mode complete message 604 to the access network 104 , and before receiving an acknowledgement and/or updating the Access Stratum (AS) security parameters, the access terminal 102 may begin a mobility procedure in which the access terminal 102 generates and sends a mobility update message 610 to the access network 104 . In response to initiating the mobility procedure, the access terminal 102 aborts the security mode procedure and reverts to the old Access Stratum (AS) security parameters 612 .
  • AS Access Stratum
  • the access terminal 102 may receive an acknowledgement message 614 after initiating the mobility procedure, but the access terminal 102 will have already aborted the Access Stratum (AS) security mode procedure and does not, therefore, updated to the new Access Stratum (AS) security parameters, unbeknownst to the access network 104 .
  • AS Access Stratum
  • the mobility update message sent at step 610 is typically not encrypted, resulting in the access network 104 being able to receive and process the mobility update message even when the access terminal 102 is operating with the old Access Stratum (AS) security parameters.
  • the access network 104 receives the mobility update message 610 and responds with a mobility update confirmation 616 that is ciphered with the new AS security parameters and is, therefore, not decodable by the access terminal 102 using the old AS security parameters.
  • the access network 104 fails to receive a response to the mobility update confirmation message, the access network 104 resends the mobility update confirmation.
  • the access terminal 102 may be adapted to keep track of the number of times that it receives and fails to decode the mobility update confirmation message. After a predetermined number of tries (N), the access terminal 102 may switch to the new AS security parameters 618 . After switching to the new AS security parameters, the access terminal 102 can attempt to decode the mobility update confirmation message using the new AS security parameters. If successful, the access terminal 102 will continue to use the new AS security parameters from that point forward.
  • the access network 104 may be adapted to complete the security mode procedure and update its security parameters only after receiving a final acknowledgement message from the access terminal 102 .
  • FIG. 7 is a flow diagram illustrating an example of a security parameter synchronization operation of an access terminal 102 , access network 104 and core network 106 to facilitate updating of the security parameters at the access network 104 only after the security parameters are updated at the access terminal 102 .
  • the steps shown in FIG. 7 correspond to steps following all the steps described and shown in relation to FIG. 5A . That is, FIG. 7 is intended to show the steps that follow after the steps of FIG. 5A are completed.
  • the access terminal 102 verifies the security capability is the same as that sent in the radio resource control (RRC) connection establishment message, computes XMAC-I and verifies the integrity of the message by comparing the received MAC-I with the generated XMAC-I 702 . If all checks are successful, then the access terminal 102 sends an Access Stratum (AS) security mode complete message 704 including a MAC-I. If the checks were not successful then an AS security mode reject message would have been sent.
  • the access network 104 receives AS security mode complete message, it verifies the integrity of the message at step 706 , and sends an AS security mode complete message 708 to the core network 106 indicating the selected encryption and integrity algorithms.
  • the access network 104 does not complete the AS security mode procedure upon receipt and verification of an AS security mode complete message. That is, the access network 104 is adapted to not update to the new AS security parameters upon receipt and verification of the AS security mode complete message 704 . Instead, the access network 104 sends an acknowledgement message 710 to the access terminal 102 .
  • the acknowledgement message 710 may comprise an L2 acknowledgement message.
  • the access terminal 102 updates to the new AS security parameters 712 .
  • the access terminal 102 can send an acknowledgement message 714 to the access network 104 .
  • the access terminal 102 may send an L3 acknowledgement message to the access network 104 to indicate that it has updated to the new AS security parameters.
  • the access network 104 then updates to the new AS security parameters 716 in response to receipt of the acknowledgement message 714 from the access terminal 102 .
  • the access terminal 102 if the access terminal 102 aborts the Access Stratum (AS) security mode procedure (e.g., initiates a mobility procedure) after sending the AS security mode complete message 704 to the access network 104 , but before updating to the new security parameters, the access network 104 will not receive the acknowledgement 714 and will not update to the new AS security parameters. In other words, if the access terminal 102 aborts the AS security mode procedure before completion of the procedure (e.g., before updating to the new AS security parameters), then the acknowledgment message 714 will not be sent and the access network 104 will not be updated to the new AS security parameters.
  • AS Access Stratum
  • the access network 104 may be adapted to revert back to the old security parameters when it appears to the access network 104 that the access terminal 102 is operating with the old security parameters while the access network 104 is operating with the new security parameters.
  • FIG. 8 is a flow diagram illustrating an example of a security parameter synchronization operation by an access network when the security parameters of the access network are updated and the security parameters of the access terminal are not. The steps shown in FIG. 8 correspond to steps following all the steps described and shown in relation to FIG. 5A . That is, FIG. 8 is intended to show the steps that follow after the steps of FIG. 5A are completed.
  • the access terminal 102 verifies the security capability is the same as that sent in the RRC connection establishment message, computes XMAC-I, and verifies the integrity of the AS security mode command message by comparing the received MAC-I with the generated XMAC-I 802 . If all checks are successful, then the access terminal 102 sends an Access Stratum (AS) security mode complete message 804 including a MAC-I. If the checks were not successful then an AS security mode reject message would have been sent. When access network 104 receives this AS security mode complete message 804 , it verifies the integrity of the message 806 , and sends an AS security mode complete message 808 to the core network 106 indicating the selected encryption and integrity algorithms.
  • AS Access Stratum
  • the access network 104 may update to the new AS security parameters while the access terminal 102 fails to update to the new AS security parameters. For example, after sending the AS security mode complete message 804 to the access network 104 , and before receiving an acknowledgement and/or updating the access terminal to the new AS security parameters, the access terminal 102 may initiate a mobility procedure, including generating and sending a mobility update message 810 . As a result of initiating the mobility procedure, the access terminal 102 aborts the AS security mode procedure and reverts to the old AS security parameters 812 . The access terminal 102 may receive an acknowledgement message 814 after initiating the mobility procedure, but the access terminal 102 will have already aborted the AS security mode procedure and will not, therefore, update to the new AS security parameters, unbeknownst to the access network 104 .
  • the mobility update message 810 is conventionally not encrypted, so that the access network 104 can receive and process the mobility update message 810 even when the access terminal 102 is operating with the old AS security parameters.
  • the access network 104 sends a mobility update confirmation message 816 , that message 816 is ciphered with the new AS security parameters and will, therefore, not be decodable by the access terminal 102 .
  • the access network 104 may be adapted to send the mobility update confirmation 816 one or more times. After the access network 104 has sent the message to the access terminal 102 a specified number of times without receiving a response from the access terminal 102 , the access network can be adapted to revert back to the old AS security parameters 518 and re-send the mobility update confirmation message 820 using the old AS security parameters. If the access network 104 receives a response to the mobility update confirmation message sent using the old AS security parameters, then the access network 104 can continue using the old AS security parameters.
  • FIG. 9 is a block diagram illustrating select components of an access terminal 900 according to at least one embodiment.
  • the access terminal 900 generally includes a processing circuit 902 coupled to a storage medium 904 and a wireless communications interface 906 .
  • the processing circuit 902 is arranged to obtain, process and/or send data, control data access and storage, issue commands, and control other desired operations.
  • the processing circuit 902 may comprise circuitry configured to implement desired programming provided by appropriate media in at least one embodiment.
  • the processing circuit 902 may be implemented as one or more of a processor, a controller, a plurality of processors and/or other structure configured to execute executable instructions including, for example, software and/or firmware instructions, and/or hardware circuitry.
  • Embodiments of the processing circuit 902 may include a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic component, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein.
  • a general purpose processor may be a microprocessor but, in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine.
  • a processor may also be implemented as a combination of computing components, such as a combination of a DSP and a microprocessor, a number of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
  • DSP digital signal processor
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • a general purpose processor may be a microprocessor but, in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine.
  • a processor may also be implemented as
  • the processing circuit 902 can include a security parameters indication and/or determination module 908 .
  • the security parameters indication and/or determination module 908 can comprise circuitry and/or programming adapted to perform security parameters indication procedures and/or security parameters determination procedures.
  • the storage medium 904 may represent one or more devices for storing programming and/or data, such as processor executable code or instructions (e.g., software, firmware), electronic data, databases, or other digital information.
  • the storage medium 904 may be any available media that can be accessed by a general purpose or special purpose processor.
  • the storage medium 904 may include read-only memory (e.g., ROM, EPROM, EEPROM), random access memory (RAM), magnetic disk storage mediums, optical storage mediums, flash memory devices, and/or other non-transitory computer-readable mediums for storing information.
  • the storage medium 904 may be coupled to the processing circuit 902 such that the processing circuit 902 can read information from, and write information to, the storage medium 904 .
  • the storage medium 904 may be integral to the processing circuit 902 .
  • the storage medium 904 can include security parameters indication operations and/or security parameters determination operations 910 , according to one or more embodiments.
  • the security parameters indication operations and/or security parameters determination operations 910 can be implemented by the processing circuit 902 in, for example, the security parameters indication and/or determination module 908 .
  • security parameters indication operations may comprise operations that can be implemented by the processing circuit 902 to indicate a status of the access terminal's 900 security parameters to an access network, such as by including an indicator in a mobility update message that the access terminal 900 has reverted to old security parameters and/or sending a message indicating that the access terminal 900 has successfully updated to the new security parameters.
  • security parameters determination operations may comprise operations that can be implemented by the processing circuit 902 to determine a status of the security parameters at an access network for communicating with the access terminal 900 , such as by determining its failure to decode a mobility update confirmation message received from the access network.
  • the communications interface 906 is configured to facilitate wireless communications of the access terminal 900 .
  • the communications interface 906 may be configured to communicate information bi-directionally with respect to an access network and/or other access terminals.
  • the communications circuit 906 may be coupled to an antenna (not shown) and may include wireless transceiver circuitry, including at least one transmitter 912 and/or at least one receiver 914 (e.g., one or more transmitter/receiver chains).
  • the processing circuit 902 may be adapted to perform any or all of the processes, functions, steps and/or routines related to the various access terminals described herein above with reference to FIGS. 1-8 (e.g., access terminal 102 and/or 402 ).
  • the term “adapted” in relation to the processing circuit 902 may refer to the processing circuit 902 being one or more of configured, employed, implemented, or programmed to perform a particular process, function, step and/or routine according to various features described herein.
  • FIG. 10 is a flow diagram illustrating an example of a method operational in an access terminal, such as access terminal 900 , for indicating to an access network when the access terminal has reverted to old security parameters.
  • an access terminal 900 may conduct a security mode procedure at step 1002 .
  • the processing circuit 902 may communicate with an access network via the communications interface 906 to conduct the security mode procedure.
  • the processing circuit 902 can generate and send a security mode complete message to the access network.
  • the security mode procedure may comprise an Access Stratum (AS) security mode procedure, where the processing circuit 902 generates and sends an Access Stratum (AS) security mode complete message.
  • the processing circuit 902 may send such an AS security mode complete message using a radio resource control (RRC) layer of the protocol stack to communicate with the access network.
  • RRC radio resource control
  • a mobility procedure may be initiated while the security mode procedure is still active.
  • the processing circuit 902 may initiate a mobility procedure. Examples of mobility procedure may include cell reselection, radio link control (RLC) unrecoverable errors, the access terminal being out of service, etc.
  • RLC radio link control
  • the access terminal 900 In response to initiating a mobility procedure prior to updating its security parameters (e.g., prior to receiving an acknowledgement of the security mode complete message or prior to updating in response to the acknowledgement), the access terminal 900 aborts the ongoing security mode procedure and reverts back to the old security parameters at step 1006 .
  • the processing circuit 902 may abort the active security mode procedure and revert back to employing the old security parameters (e.g., the old Access Stratum (AS) security parameters) in response to initiating the mobility procedure.
  • AS Access Stratum
  • the access terminal 900 can generate and send a mobility update message to the access network.
  • the mobility update message includes an indicator adapted to inform the access network that the access terminal 900 has reverted back to the old security parameters.
  • the processing circuit 902 can be adapted to generate a mobility update message including an information element (IE) that indicates that the access terminal 900 has reverted back to the old security parameters by aborting the ongoing security mode procedure.
  • IE information element
  • the security parameters indication and/or determination module 908 can comprise a security parameters indication module that is adapted to execute security parameters indication operations 910 stored in the storage medium 904 to generate the mobility update message with the information element (IE) comprising a dedicated security status indicator adapted to indicate that the access terminal 900 has reverted by the old security parameters.
  • IE information element
  • the processing circuit 902 can send the generated mobility update message including the indicator to the access network via the communications interface 906 .
  • the mobility update message may be sent by the processing circuit 902 as a radio resource control (RRC) message at the radio resource control (RRC) layer of the protocol stack.
  • RRC radio resource control
  • the mobility update message sent by the processing circuit 902 may not be ciphered (i.e., may be unencrypted) so that the access network can receive and process the message without a knowledge of the security parameters actively implemented by the access terminal 900 .
  • the mobility update message can comprise any message resulting from mobility of the access terminal 900 such as, for example, a cell reselection message, a radio link control (RLC) unrecoverable error message, an out of service message, etc.
  • RLC radio link control
  • the access terminal 900 may receive, in response to the mobility update message, a mobility update confirmation message that is ciphered according to the old security parameters.
  • the processing circuit 902 may receive a mobility update confirmation message via the communications interface 906 .
  • the received mobility update confirmation message is ciphered according to the old security parameters and can be decoded by the processing circuit 902 employing the old security parameters according to an agreed-on algorithm.
  • FIG. 11 is a flow diagram illustrating an example of a method operational in an access terminal, such as access terminal 900 , for determining a status of the security parameters at an access network for communicating with the access terminal.
  • an access terminal 900 may conduct a security mode procedure at step 1102 .
  • the processing circuit 902 may communicate with an access network via the communications interface 906 to conduct the security mode procedure.
  • the processing circuit 902 can generate and send a security mode complete message to the access network.
  • the processing circuit 902 may send the security mode complete message as a radio resource control (RRC) message to the access network.
  • RRC radio resource control
  • a mobility update procedure may be initiated while the security mode procedure is still active.
  • the processing circuit 902 may initiate a mobility procedure. Examples of mobility procedures may include cell reselection, radio link control (RLC) unrecoverable errors, the access terminal being out of service, etc.
  • RLC radio link control
  • the access terminal 900 sends a mobility update message to the access network.
  • the access terminal 900 In response to initiating a mobility procedure, and before updating its security parameters (e.g., prior to receiving an L2 acknowledgement or prior to updating in response to the L2 acknowledgement), the access terminal 900 aborts the ongoing security mode procedure and reverts back to the old security parameters at step 1106 .
  • the processing circuit 902 may abort the active security mode procedure and revert back to employing the old security parameters as a result of initiating the mobility procedure.
  • the access terminal 900 receives a mobility update confirmation message from the access network at step 1108 .
  • the processing circuit 902 can receive a mobility update confirmation message via the communications interface 906 .
  • the processing circuit 902 attempts to decode the mobility update confirmation message using the old security parameters.
  • the processing circuit 902 may include a security parameters determination module 908 adapted to execute security parameters determination operations 910 stored in the storage medium 904 . If the processing circuit 902 is able to decode the mobility update confirmation message, then the access terminal sends a response message to the access network at step 1112 . In this case, the response message would be ciphered using the old security parameters.
  • processing circuit 902 may switch to the new security parameters at step 1114 and may attempt to decode the mobility update confirmation message using the new security parameters.
  • the processing circuit 902 e.g., the security parameters determination module 908
  • the processing circuit 902 If the processing circuit 902 is successful in decoding the mobility update confirmation message using the new security parameters, then the processing circuit 902 can be adapted to continue using the new security parameters at step 1118 . The processing circuit 902 may then send a response message to the access network via the communications interface 906 using the new security parameters at step 1112 . If the processing circuit 902 is unsuccessful in decoding the mobility update confirmation message using the new security parameters, then the call may fail.
  • FIG. 12 is a flow diagram illustrating an example of a method operational in an access terminal, such as access terminal 900 , for indicating to an access network when the access terminal has updated to new security parameters.
  • an access terminal 900 conducting a security mode procedure may generate and send a security mode complete message to the access network at step 1202 .
  • the processing circuit 902 e.g., a security parameters indication module 908
  • the processing circuit 902 may send the security mode complete message as a radio resource control (RRC) message to the access network.
  • RRC radio resource control
  • the processing circuit 902 can receive via the communications interface 906 an acknowledgement message from the access network.
  • the acknowledgement message is received in response to the security mode complete message and may comprise an L2 transmission.
  • the acknowledgement message may indicate to the processing circuit 902 that the security mode complete message was successfully received by the access network.
  • the processing circuit 902 updates the security parameters of the access terminal 900 to the new security parameters at step 1206 .
  • the processing circuit 902 sends an indication to the access network at step 908 to inform the access network that the access terminal 900 has successfully updated to the new security parameters.
  • the processing circuit 902 e.g., the security parameters indication module 908
  • the processing circuit 902 can generate and send an L3 acknowledgement message to the access network via the communications interface 906 to indicate that the access terminal 900 has successfully updated to the new security parameters.
  • FIG. 13 is a block diagram illustrating select components of a network entity 1300 according to at least one embodiment.
  • the network entity 1300 may comprise a radio network controller (RNC) of an access network, such as RNC 114 in FIG. 1 .
  • RNC radio network controller
  • the network entity 1300 generally includes a processing circuit 1302 coupled to a storage medium 1304 and a communications interface 1306 .
  • the processing circuit 1302 is arranged to obtain, process and/or send data, control data access and storage, issue commands, and control other desired operations.
  • the processing circuit 1302 may comprise circuitry configured to implement desired programming provided by appropriate media in at least one embodiment.
  • the processing circuit 1302 may be implemented as one or more of a processor, a controller, a plurality of processors and/or other structure configured to execute executable instructions including, for example, software and/or firmware instructions, and/or hardware circuitry.
  • Embodiments of the processing circuit 1302 may include a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic component, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein.
  • a general purpose processor may be a microprocessor but, in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine.
  • a processor may also be implemented as a combination of computing components, such as a combination of a DSP and a microprocessor, a number of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
  • DSP digital signal processor
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • a general purpose processor may be a microprocessor but, in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine.
  • a processor may also be implemented as
  • the processing circuit 1302 can include a security parameters revert and/or update module 1308 .
  • the security parameters revert and/or update module 1308 can comprise circuitry and/or programming adapted to perform procedures for reverting to old security parameters and/or procedures for updating to new security parameters, according to various implementations.
  • the storage medium 1304 may represent one or more devices for storing programming and/or data, such as processor executable code or instructions (e.g., software, firmware), electronic data, databases, or other digital information.
  • the storage medium 1304 may be any available media that can be accessed by a general purpose or special purpose processor.
  • the storage medium 1304 may include read-only memory (e.g., ROM, EPROM, EEPROM), random access memory (RAM), magnetic disk storage mediums, optical storage mediums, flash memory devices, and/or other non-transitory computer-readable mediums for storing information.
  • the storage medium 1304 may be coupled to the processing circuit 1302 such that the processing circuit 1302 can read information from, and write information to, the storage medium 1304 . In the alternative, the storage medium 1304 may be integral to the processing circuit 1302 .
  • the storage medium 1304 can include security parameters revert and/or update operations 1310 , according to one or more embodiments.
  • the security parameters revert and/or update operations 1310 can be implemented by the processing circuit 1302 in, for example, the security parameters revert and/or update module 1308 .
  • security parameters revert operations may comprise operations that can be implemented by the processing circuit 1302 to determine whether to revert to old security parameters and to carry out the reversion back to the old security parameters.
  • security parameters update operations may comprise operations that can be implemented by the processing circuit 1302 to update the security parameters.
  • the communications interface 1306 is configured to facilitate wireless communications of the network entity 1300 .
  • the communications interface 1306 may be configured to communicate information bi-directionally with respect to one or more access terminals and/or other network entities.
  • the communications circuit 1306 may be coupled to an antenna (not shown) and may include wireless transceiver circuitry, including at least one transmitter 1312 and/or at least one receiver 1314 (e.g., one or more transmitter/receiver chains).
  • the processing circuit 1302 may be adapted to perform any or all of the processes, functions, steps and/or routines related to one or more of the various network entities described herein above with reference to FIGS. 1-8 (e.g., an entity of access network 104 , such as access node 112 and/or radio network controller (RNC) 114 , or an entity of core network 106 , such as serving GPRS support node (SGSN) 116 and/or mobile switching center (MSC) 118 ).
  • RNC radio network controller
  • core network 106 such as serving GPRS support node (SGSN) 116 and/or mobile switching center (MSC) 118
  • SGSN serving GPRS support node
  • MSC mobile switching center
  • the term “adapted” in relation to the processing circuit 1302 may refer to the processing circuit 1302 being one or more of configured, employed, implemented, or programmed to perform a particular process, function, step and/or routine according to various features described herein.
  • FIG. 14 is a flow diagram illustrating an example of a method operational in a network entity, such as network entity 1300 , for determining that an access terminal has reverted to old security parameters.
  • a network entity 1300 may receive a security mode complete message from an access terminal at step 1402 .
  • the processing circuit 1302 may receive a security mode complete message via the communications interface 1306 .
  • the security mode complete message may comprise an Access Stratum (AS) security mode complete message.
  • the AS security mode complete message can be received via the communications interface 1306 at a radio resource control (RRC) layer of the protocol stack.
  • RRC radio resource control
  • the network entity 1300 may update to new security parameters for communications between the network entity 1300 and the access terminal at step 1404 .
  • the processing circuit 1302 can be adapted to update the security parameters associated with the access terminal to new security parameters in response to receiving the security mode complete message.
  • the security mode complete message comprises an AS security mode complete message
  • the new security parameters can comprise new Access Stratum (AS) security parameters.
  • the processing circuit 1302 can be adapted to retain the old security parameters for a specified period of time after updating to the new security parameters. For example, the processing circuit 1302 may store the old security parameters in the storage medium 1304 for a period of time (e.g., until a communication is received from the access terminal employing the new security parameters).
  • the network entity 1300 may receive a mobility update message from the access terminal, where the mobility update message includes a dedicated security status indicator adapted to indicate to the network entity 1300 that the access terminal has reverted back to the old security parameters.
  • the processing circuit 1302 may receive the mobility update message via the communications interface 1306 .
  • the mobility update message may be received as a radio resource control (RRC) message.
  • RRC radio resource control
  • the mobility update message is not ciphered, and can be read by the processing circuit 1302 without decoding the message first.
  • the mobility update message may comprise a message sent by the access terminal for mobility reasons.
  • the mobility update message may comprise a cell reselection message, a radio link control (RLC) unrecoverable error message, an out of service message, etc.
  • RLC radio link control
  • the dedicated status indicator included with the mobility update message may comprise an information element (IE) adapted to indicate that the access terminal has reverted back to the old security parameters.
  • the dedicated status indicator included with the mobility update message may comprise one or more bits adapted to indicate that the access terminal has reverted back to the old security parameters.
  • the network entity 1300 reverts back to the old security parameters.
  • the processing circuit 1302 may revert back to the old security parameters in response to the received mobility update message including the dedicated security status indicator.
  • the security parameters revert and/or update module 1308 may execute the security parameters revert and/or update operations 1310 on receipt of the dedicated security status indicator informing the network entity 1300 that the access terminal has reverted back to the old security parameters.
  • the security parameters revert and/or update module 1308 may retain an association between the access terminal and the old security parameters to be able to replace the new security parameters with the previous (or old) security parameters. In this manner, the processing circuit 1302 can employ the old security parameters for subsequent communications with the access terminal.
  • the network entity 1300 may send a mobility update confirmation message to the access terminal at step 1410 to acknowledge receipt of the mobility update message.
  • the mobility update confirmation message may be ciphered according to the old security parameters.
  • the processing circuit 1302 may generate a mobility update confirmation message and may cipher the mobility update confirmation message according to the old security parameters. The processing circuit 1302 may then send the ciphered mobility update confirmation message to the access terminal via the communications interface 1306 .
  • FIG. 15 is a flow diagram illustrating an example of a method operational in a network entity, such as network entity 1300 , for determining that an access terminal has reverted to old security parameters.
  • a network entity 1300 may receive a security mode complete message from an access terminal at step 1502 .
  • the processing circuit 1302 may receive a security mode complete message via the communications interface 1306 .
  • the network entity 1300 may update to new security parameters for communications between the network entity 1300 and the access terminal at step 1504 .
  • the processing circuit 1302 can be adapted to update the security parameters associated with the access terminal to new security parameters in response to receiving the security mode complete message.
  • the processing circuit 1302 can be adapted to retain the old security parameters for a specified period of time after updating to the new security parameters.
  • the processing circuit 1302 may store the old security parameters in the storage medium 1304 for a period of time (e.g., until a communication is received from the access terminal employing the new security parameters).
  • the network entity 1300 may receive a mobility update message from the access terminal.
  • the processing circuit 1302 may receive the mobility update message via the communications interface 1306 .
  • the mobility update message may be received as a radio resource control (RRC) message.
  • RRC radio resource control
  • the mobility update message is not ciphered, and can be read by the processing circuit 1302 without decoding the message first.
  • the network entity 1300 In response to the received mobility update message, the network entity 1300 generates and sends a mobility update confirmation message at step 1508 .
  • the processing circuit 1302 can generate a mobility update confirmation message and may cipher the message according to the new security parameters. The processing circuit 1302 can then send the ciphered mobility update confirmation message via the communications interface 1306 to the access terminal.
  • the network entity 1300 determines whether a response to the mobility update confirmation message has been received from the access terminal. For example, the processing circuit 1302 may monitor communications received via the communications interface 1306 for a response to the mobility update confirmation message. In at least some implementations, the security parameters revert and/or update operations 1310 may cause the security parameters revert and/or update module 1308 to monitor for the received response. If a response is received, the processing circuit 1302 can continue using the new security parameters.
  • the security parameters revert and/or update module 1308 may revert back to the old security parameters at step 1512 to determine whether the access terminal is employing the old security parameters.
  • the processing circuit 1302 e.g., the security parameters revert and/or update operations 1310
  • the processing circuit 1302 may be adapted to resend the mobility update confirmation message after a failure to receive a response, and await another response to the resent mobility update confirmation message. If no response is received after a predetermined number of times sending the mobility update confirmation message, the processing circuit 1302 (e.g., the security parameters revert and/or update operations 1310 ) may be adapted to revert back to the old security parameters to determine whether the access terminal is employing the old security parameters.
  • the network entity 1300 generates and sends another mobility update confirmation message at step 1514 .
  • the processing circuit 1302 can generate a mobility update confirmation message and may cipher the message. Unlike the previous mobility update confirmation messages ciphered according to the new security parameters, this mobility update confirmation message is ciphered according to the old security parameters. The processing circuit 1302 can then send the ciphered mobility update confirmation message via the communications interface 1306 to the access terminal.
  • the network entity 1300 determines whether a response to the mobility update confirmation message ciphered according to the old security parameters has been received from the access terminal. For example, the processing circuit 1302 may monitor communications received via the communications interface 1306 for a response to the mobility update confirmation message. If a response is received to the mobility update confirmation message ciphered according to the old security parameters, the security parameters revert and/or update module 1308 may determine that the access terminal has reverted back to the old security parameters, and can cause the network entity 1300 to continue using the old security parameters at step 1518 . If no response is received to the mobility update confirmation message ciphered according to the old security parameters, the processing circuit 1302 may cause the call to fail with the access terminal
  • FIG. 16 is a flow diagram illustrating an example of a method operational in a network entity, such as network entity 1300 , for updating from old security parameters to new security parameters after the access terminal has updated to the new security parameters.
  • a network entity 1300 may receive a security mode complete message from an access terminal at step 1602 .
  • the processing circuit 1302 may receive a security mode complete message via the communications interface 1306 .
  • the network entity 1300 sends an acknowledgement message to the access terminal at step 1604 .
  • the acknowledgement message may comprise an L2 transmission adapted to indicate to the access terminal that the security mode complete message was successfully received and verified by the network entity.
  • the processing circuit 1302 may generate and send the acknowledgement message to the access terminal via the communications interface 1306 .
  • the network entity 1300 receives an acknowledgement message from the access terminal.
  • the received acknowledgement message may comprise an L3 acknowledgement message adapted to indicate that the access terminal has successfully updated to the new security parameters.
  • the processing circuit 1302 e.g., the security parameters revert and/or update module 1308
  • the network entity 1300 can update to the new security parameters for communications between the network entity 1300 and the access terminal at step 1608 .
  • the processing circuit 1302 e.g., the security parameters revert and/or update module 1308
  • the processing circuit 1302 can then employ the new security parameters for subsequent communications with the access terminal.
  • FIGS. 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 , 11 , 12 , 13 , 14 , 15 and/or 16 may be rearranged and/or combined into a single component, step, feature or function or embodied in several components, steps, or functions. Additional elements, components, steps, and/or functions may also be added without departing from the present disclosure.
  • the apparatus, devices, and/or components illustrated in FIGS. 1 , 4 , 9 and/or 13 may be configured to perform one or more of the methods, features, or steps described with reference to FIGS. 2 , 3 , 5 , 6 , 7 , 8 , 10 , 11 , 12 , 14 , 15 , and/or 16 .
  • the novel algorithms described herein may also be efficiently implemented in software and/or embedded in hardware.
  • a process is terminated when its operations are completed.
  • a process may correspond to a method, a function, a procedure, a subroutine, a subprogram, etc.
  • a process corresponds to a function
  • its termination corresponds to a return of the function to the calling function or the main function.
  • embodiments may be implemented by hardware, software, firmware, middleware, microcode, or any combination thereof.
  • the program code or code segments to perform the necessary tasks may be stored in a machine-readable medium such as a storage medium or other storage(s).
  • a processor may perform the necessary tasks.
  • a code segment may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program statements.
  • a code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
  • machine-readable medium may include, but are not limited to portable or fixed storage devices, optical storage devices, and various other non-transitory mediums capable of storing, containing or carrying instruction(s) and/or data.
  • various methods described herein may be partially or fully implemented by instructions and/or data that may be stored in a “machine-readable medium”, “computer-readable medium”, and/or “processor-readable medium” and executed by one or more processors, machines and/or devices.
  • a software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of non-transitory storage medium known in the art.
  • a storage medium may be coupled to the processor such that the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
US13/162,313 2010-06-18 2011-06-16 Methods and apparatuses facilitating synchronization of security configurations Abandoned US20110312299A1 (en)

Priority Applications (23)

Application Number Priority Date Filing Date Title
US13/162,313 US20110312299A1 (en) 2010-06-18 2011-06-16 Methods and apparatuses facilitating synchronization of security configurations
SG2012083416A SG185542A1 (en) 2010-06-18 2011-06-17 Methods and apparatuses facilitating synchronization of security configurations
CA2799467A CA2799467C (en) 2010-06-18 2011-06-17 Methods and apparatuses facilitating synchronization of security configurations
CN201610157207.9A CN105682091B (zh) 2010-06-18 2011-06-17 促成安全性配置的同步的方法和装置
EP11728489.3A EP2583497B1 (en) 2010-06-18 2011-06-17 Methods and apparatuses facilitating synchronization of security configurations
ARP110102130A AR082765A1 (es) 2010-06-18 2011-06-17 Metodos y aparatos que facilitan la sincronizacion de las configuraciones de seguridad
AU2011268157A AU2011268157B2 (en) 2010-06-18 2011-06-17 Methods and apparatuses facilitating synchronization of security configurations
CN201180029087.XA CN102948208B (zh) 2010-06-18 2011-06-17 促成安全性配置的同步的方法和装置
RU2013102262/07A RU2523695C1 (ru) 2010-06-18 2011-06-17 Способы и устройства, обеспечивающие синхронизацию конфигураций безопасности
ES11728489.3T ES2549496T3 (es) 2010-06-18 2011-06-17 Procedimientos y aparatos que facilitan la sincronización de configuraciones de seguridad
MYPI2012005019A MY182668A (en) 2010-06-18 2011-06-17 Methods and apparatuses facilitating synchronization of security configurations
JP2013515563A JP5462411B2 (ja) 2010-06-18 2011-06-17 セキュリティ設定の同期を支援する方法および装置
PCT/US2011/040964 WO2011160073A1 (en) 2010-06-18 2011-06-17 Methods and apparatuses facilitating synchronization of security configurations
KR1020137001345A KR101514579B1 (ko) 2010-06-18 2011-06-17 보안 구성들의 동기화를 용이하게 하는 방법들 및 장치들
MX2012014243A MX2012014243A (es) 2010-06-18 2011-06-17 Metodos y aparatos que facilitan la sincronizacion de configuraciones de seguridad.
TW100121247A TWI463856B (zh) 2010-06-18 2011-06-17 促進安全性配置的同步的方法和裝置
BR112012032233-8A BR112012032233B1 (pt) 2010-06-18 2011-06-17 métodos e aparelhos para facilitar a sincronização de configurações de segurança
IL223057A IL223057A (en) 2010-06-18 2012-11-15 Methods and devices allow synchronization of security configurations
ZA2013/00462A ZA201300462B (en) 2010-06-18 2013-01-17 Methods and apparatuses facilitating synchronization of security configurations
IL226124A IL226124A (en) 2010-06-18 2013-05-02 Methods and Devices for Enabling Synchronization of Security Configurations
HK13107430.8A HK1180509A1 (zh) 2010-06-18 2013-06-25 促成安全性配置的同步的方法和裝置
JP2014004953A JP2014116961A (ja) 2010-06-18 2014-01-15 セキュリティ設定の同期を支援する方法および装置
US14/970,211 US9930530B2 (en) 2010-06-18 2015-12-15 Methods and apparatuses facilitating synchronization of security configurations

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US35646410P 2010-06-18 2010-06-18
US13/162,313 US20110312299A1 (en) 2010-06-18 2011-06-16 Methods and apparatuses facilitating synchronization of security configurations

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US14/970,211 Continuation US9930530B2 (en) 2010-06-18 2015-12-15 Methods and apparatuses facilitating synchronization of security configurations

Publications (1)

Publication Number Publication Date
US20110312299A1 true US20110312299A1 (en) 2011-12-22

Family

ID=44627626

Family Applications (2)

Application Number Title Priority Date Filing Date
US13/162,313 Abandoned US20110312299A1 (en) 2010-06-18 2011-06-16 Methods and apparatuses facilitating synchronization of security configurations
US14/970,211 Active 2031-08-30 US9930530B2 (en) 2010-06-18 2015-12-15 Methods and apparatuses facilitating synchronization of security configurations

Family Applications After (1)

Application Number Title Priority Date Filing Date
US14/970,211 Active 2031-08-30 US9930530B2 (en) 2010-06-18 2015-12-15 Methods and apparatuses facilitating synchronization of security configurations

Country Status (20)

Country Link
US (2) US20110312299A1 (ja)
EP (1) EP2583497B1 (ja)
JP (2) JP5462411B2 (ja)
KR (1) KR101514579B1 (ja)
CN (2) CN105682091B (ja)
AR (1) AR082765A1 (ja)
AU (1) AU2011268157B2 (ja)
BR (1) BR112012032233B1 (ja)
CA (1) CA2799467C (ja)
ES (1) ES2549496T3 (ja)
HK (1) HK1180509A1 (ja)
IL (2) IL223057A (ja)
MX (1) MX2012014243A (ja)
MY (1) MY182668A (ja)
RU (1) RU2523695C1 (ja)
SG (1) SG185542A1 (ja)
TW (1) TWI463856B (ja)
UA (1) UA105438C2 (ja)
WO (1) WO2011160073A1 (ja)
ZA (1) ZA201300462B (ja)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120033815A1 (en) * 2007-12-05 2012-02-09 Richard Lee-Chee Kuo Method of handling security key change and related communication device
US20140321282A1 (en) * 2011-12-08 2014-10-30 Interdigital Patent Holdings, Inc. High-rate dual-band cellular communications
US20150082444A1 (en) * 2013-09-13 2015-03-19 Nvidia Corporation Security mode configuration procedures in wireless devices
US20160134434A1 (en) * 2014-11-06 2016-05-12 Honeywell Technologies Sarl Methods and devices for communicating over a building management system network
US20160157101A1 (en) * 2014-11-28 2016-06-02 Samsung Electronics Co., Ltd. Apparatus and method for controlling security mode in wireless communication system
US20170026832A1 (en) * 2015-07-22 2017-01-26 Samsung Electronics Co., Ltd. User equipment in mobile communication system and control method thereof
US9686680B2 (en) * 2011-12-27 2017-06-20 Huawei Technologies Co., Ltd. Method and apparatus for security communication of carrier aggregation between base stations
US9930530B2 (en) 2010-06-18 2018-03-27 Qualcomm Incorporated Methods and apparatuses facilitating synchronization of security configurations
US20180270668A1 (en) * 2017-03-17 2018-09-20 Alcatel-Lucent Usa Inc. System and method for dynamic activation and deactivation of user plane integrity in wireless networks
US20180359642A1 (en) * 2015-11-02 2018-12-13 Telefonaktiebolaget Lm Ericsson (Publ) Wireless communications
RU2688251C1 (ru) * 2015-10-05 2019-05-21 Телефонактиеболагет Лм Эрикссон (Пабл) Беспроводная связь
US20190260717A1 (en) * 2015-12-23 2019-08-22 Qualcomm Incorporated Stateless access stratum security for cellular internet of things
EP3541105A4 (en) * 2017-05-05 2019-11-20 Huawei Technologies Co., Ltd. COMMUNICATION METHOD AND ASSOCIATED DEVICE
CN110612729A (zh) * 2017-05-05 2019-12-24 华为技术有限公司 锚密钥生成方法、设备以及系统
US11558745B2 (en) 2017-01-30 2023-01-17 Telefonaktiebolaget Lm Ericsson (Publ) Methods for integrity protection of user plane data
US11659382B2 (en) 2017-03-17 2023-05-23 Telefonaktiebolaget Lm Ericsson (Publ) Security solution for switching on and off security for up data between UE and RAN in 5G

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2480127B (en) * 2011-04-01 2012-05-16 Renesas Mobile Corp Method, apparatus and computer program product for security configuration coordination during a cell update procedure
US8417220B2 (en) 2011-04-01 2013-04-09 Renesas Mobile Corporation Method, apparatus and computer program product for security configuration coordination during a cell update procedure
ES2817850T3 (es) 2011-04-01 2021-04-08 Xiaomi H K Ltd Método, aparato y producto de programa informático para la coordinación de configuración de seguridad durante un procedimiento de actualización de celdas
US9338136B2 (en) * 2013-12-05 2016-05-10 Alcatel Lucent Security key generation for simultaneous multiple cell connections for mobile device
CN107079293A (zh) * 2015-04-08 2017-08-18 华为技术有限公司 一种gprs系统密钥增强的方法、sgsn设备、ue、hlr/hss及gprs系统
US20170019921A1 (en) * 2015-07-16 2017-01-19 Qualcomm Incorporated Ue recovery mechanism during hs-scch decode failure
US10028307B2 (en) 2016-01-13 2018-07-17 Qualcomm Incorporated Configurable access stratum security
US10667126B2 (en) 2017-10-02 2020-05-26 Telefonaktiebolaget Lm Ericsson (Publ) Access stratum security in a wireless communication system
CN110167080A (zh) * 2018-02-13 2019-08-23 中兴通讯股份有限公司 订阅信息更新的方法及装置
WO2019159788A1 (en) 2018-02-16 2019-08-22 Nec Corporation Integrity protection for user plane data in 5g network
JP7126007B2 (ja) * 2018-06-26 2022-08-25 ノキア テクノロジーズ オーユー ルーティング識別子を動的に更新する方法および装置

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080285494A1 (en) * 2007-05-16 2008-11-20 Samsung Electronics Co.; Ltd Mobile station designed to skip sensitivity measurement of neighboring cell when specific condition is satisfied and power management process thereof
US20090154408A1 (en) * 2006-01-04 2009-06-18 Kyeong-In Jeong Method and apparatus for transmitting sip data of idle mode ue in a mobile communication system
US20120275340A1 (en) * 2010-01-28 2012-11-01 Mcgann Tom Method and arrangement for managing security reconfiguration in a cellular communication system

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020157024A1 (en) * 2001-04-06 2002-10-24 Aki Yokote Intelligent security association management server for mobile IP networks
US7020455B2 (en) 2001-11-28 2006-03-28 Telefonaktiebolaget L M Ericsson (Publ) Security reconfiguration in a universal mobile telecommunications system
CN100403673C (zh) * 2002-12-26 2008-07-16 成都卫士通信息产业股份有限公司 基于保密通信的无缝换钥技术
US7233671B2 (en) 2003-02-13 2007-06-19 Innovative Sonic Limited Method for storing a security start value in a wireless communications system
CN100591005C (zh) * 2004-01-17 2010-02-17 神州亿品科技有限公司 无线局域网中组密钥的协商及更新方法
CN101030849B (zh) * 2006-03-01 2010-10-27 华为技术有限公司 多基站间实现组播密钥同步的方法及系统
US8948393B2 (en) 2006-04-28 2015-02-03 Qualcomm Incorporated Uninterrupted transmission during a change in ciphering configuration
DE102006038037A1 (de) 2006-08-14 2008-02-21 Siemens Ag Verfahren und System zum Bereitstellen eines zugangsspezifischen Schlüssels
GB0619499D0 (en) 2006-10-03 2006-11-08 Lucent Technologies Inc Encrypted data in a wireless telecommunications system
CN101690357B (zh) 2006-11-01 2012-12-19 Lg电子株式会社 在无线通信系统中发送和接收下行链路数据的方法
WO2008115447A2 (en) 2007-03-15 2008-09-25 Interdigital Technology Corporation Methods and apparatus to facilitate security context transfer, rohc and pdcp sn context reinitialization during handover
US7817595B2 (en) * 2007-05-17 2010-10-19 Htc Corporation Communication system, user device thereof and synchronization method thereof
JP4394730B1 (ja) * 2008-06-27 2010-01-06 株式会社エヌ・ティ・ティ・ドコモ 移動通信方法及び移動局
KR101475349B1 (ko) 2008-11-03 2014-12-23 삼성전자주식회사 이동 통신 시스템에서 단말 보안 능력 관련 보안 관리 방안및 장치
US8494451B2 (en) * 2009-01-30 2013-07-23 Nokia Corporation Method, apparatus and computer program product for providing ciphering problem recovery for unacknowledged mode radio bearer
US20110312299A1 (en) 2010-06-18 2011-12-22 Qualcomm Incorporated Methods and apparatuses facilitating synchronization of security configurations

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090154408A1 (en) * 2006-01-04 2009-06-18 Kyeong-In Jeong Method and apparatus for transmitting sip data of idle mode ue in a mobile communication system
US20080285494A1 (en) * 2007-05-16 2008-11-20 Samsung Electronics Co.; Ltd Mobile station designed to skip sensitivity measurement of neighboring cell when specific condition is satisfied and power management process thereof
US20120275340A1 (en) * 2010-01-28 2012-11-01 Mcgann Tom Method and arrangement for managing security reconfiguration in a cellular communication system

Cited By (40)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120033815A1 (en) * 2007-12-05 2012-02-09 Richard Lee-Chee Kuo Method of handling security key change and related communication device
US8472628B2 (en) * 2007-12-05 2013-06-25 Innovative Sonic Limited Method of handling security key change and related communication device
US9930530B2 (en) 2010-06-18 2018-03-27 Qualcomm Incorporated Methods and apparatuses facilitating synchronization of security configurations
US20140321282A1 (en) * 2011-12-08 2014-10-30 Interdigital Patent Holdings, Inc. High-rate dual-band cellular communications
US10412582B2 (en) 2011-12-27 2019-09-10 Huawei Technologies Co., Ltd. Method and apparatus for security communication of carrier aggregation between base stations
US9686680B2 (en) * 2011-12-27 2017-06-20 Huawei Technologies Co., Ltd. Method and apparatus for security communication of carrier aggregation between base stations
US20150082444A1 (en) * 2013-09-13 2015-03-19 Nvidia Corporation Security mode configuration procedures in wireless devices
US9179309B2 (en) * 2013-09-13 2015-11-03 Nvidia Corporation Security mode configuration procedures in wireless devices
US20160134434A1 (en) * 2014-11-06 2016-05-12 Honeywell Technologies Sarl Methods and devices for communicating over a building management system network
US10187222B2 (en) * 2014-11-06 2019-01-22 Honeywell Technologies Sarl Methods and devices for communicating over a building management system network
US20170353862A1 (en) * 2014-11-28 2017-12-07 Samsung Electronics Co, Ltd Apparatus and method for controlling security mode in wireless communication system
US20160157101A1 (en) * 2014-11-28 2016-06-02 Samsung Electronics Co., Ltd. Apparatus and method for controlling security mode in wireless communication system
US9749868B2 (en) * 2014-11-28 2017-08-29 Samsung Electronics Co., Ltd Apparatus and method for controlling security mode in wireless communication system
US9955354B2 (en) * 2014-11-28 2018-04-24 Samsung Electronics Co., Ltd Apparatus and method for controlling security mode in wireless communication system
US20170026832A1 (en) * 2015-07-22 2017-01-26 Samsung Electronics Co., Ltd. User equipment in mobile communication system and control method thereof
US9913140B2 (en) * 2015-07-22 2018-03-06 Samsung Electronics Co., Ltd User equipment in mobile communication system and control method thereof
US10555177B2 (en) 2015-10-05 2020-02-04 Telefonaktiebolaget Lm Ericsson (Publ) Method of operation of a terminal device in a cellular communications network
RU2688251C1 (ru) * 2015-10-05 2019-05-21 Телефонактиеболагет Лм Эрикссон (Пабл) Беспроводная связь
US20220377557A1 (en) * 2015-11-02 2022-11-24 Telefonaktiebolaget Lm Ericsson (Publ) Wireless communications
US20180359642A1 (en) * 2015-11-02 2018-12-13 Telefonaktiebolaget Lm Ericsson (Publ) Wireless communications
US11374941B2 (en) * 2015-11-02 2022-06-28 Telefonaktiebolaget Lm Ericsson (Publ) Wireless communications
US20190260717A1 (en) * 2015-12-23 2019-08-22 Qualcomm Incorporated Stateless access stratum security for cellular internet of things
US10637835B2 (en) * 2015-12-23 2020-04-28 Qualcomm Incorporated Stateless access stratum security for Cellular Internet of Things
US11558745B2 (en) 2017-01-30 2023-01-17 Telefonaktiebolaget Lm Ericsson (Publ) Methods for integrity protection of user plane data
CN110915249A (zh) * 2017-03-17 2020-03-24 诺基亚美国公司 用于无线网络中的用户平面完整性的动态激活和去激活的系统和方法
US10123210B2 (en) * 2017-03-17 2018-11-06 Nokia Of America Corporation System and method for dynamic activation and deactivation of user plane integrity in wireless networks
US11985496B2 (en) 2017-03-17 2024-05-14 Telefonaktiebolaget Lm Ericsson (Publ) Security solution for switching on and off security for up data between UE and RAN in 5G
US11659382B2 (en) 2017-03-17 2023-05-23 Telefonaktiebolaget Lm Ericsson (Publ) Security solution for switching on and off security for up data between UE and RAN in 5G
US11637871B2 (en) 2017-03-17 2023-04-25 Nokia Of America Corporation System and method for dynamic activation and deactivation of user plane integrity in wireless networks
US20180270668A1 (en) * 2017-03-17 2018-09-20 Alcatel-Lucent Usa Inc. System and method for dynamic activation and deactivation of user plane integrity in wireless networks
US10798578B2 (en) 2017-05-05 2020-10-06 Huawei Technologies Co., Ltd. Communication method and related apparatus
US11012855B2 (en) * 2017-05-05 2021-05-18 Huawei Technologies Co., Ltd. Anchor key generation method, device, and system
US11272360B2 (en) 2017-05-05 2022-03-08 Huawei Technologies Co., Ltd. Communication method and related apparatus
EP3541105A4 (en) * 2017-05-05 2019-11-20 Huawei Technologies Co., Ltd. COMMUNICATION METHOD AND ASSOCIATED DEVICE
KR102245688B1 (ko) * 2017-05-05 2021-04-27 후아웨이 테크놀러지 컴퍼니 리미티드 키 생성 방법, 사용자 장비, 장치, 컴퓨터 판독가능 저장 매체, 및 통신 시스템
US10966083B2 (en) 2017-05-05 2021-03-30 Huawei Technologies Co., Ltd. Anchor key generation method, device, and system
KR20200003108A (ko) * 2017-05-05 2020-01-08 후아웨이 테크놀러지 컴퍼니 리미티드 키 생성 방법, 사용자 장비, 장치, 컴퓨터 판독가능 저장 매체, 및 통신 시스템
US10798579B2 (en) 2017-05-05 2020-10-06 Huawei Technologies Co., Ltd Communication method and related apparatus
US11924629B2 (en) 2017-05-05 2024-03-05 Huawei Technologies Co., Ltd. Anchor key generation method, device, and system
CN110612729A (zh) * 2017-05-05 2019-12-24 华为技术有限公司 锚密钥生成方法、设备以及系统

Also Published As

Publication number Publication date
JP2013535147A (ja) 2013-09-09
AU2011268157B2 (en) 2014-02-06
MY182668A (en) 2021-01-28
CN105682091B (zh) 2019-08-27
WO2011160073A1 (en) 2011-12-22
IL223057A (en) 2016-07-31
KR101514579B1 (ko) 2015-04-22
JP2014116961A (ja) 2014-06-26
CN105682091A (zh) 2016-06-15
TWI463856B (zh) 2014-12-01
AU2011268157A1 (en) 2012-12-06
MX2012014243A (es) 2013-01-28
IL223057A0 (en) 2013-02-03
CA2799467C (en) 2020-03-31
SG185542A1 (en) 2012-12-28
EP2583497B1 (en) 2015-08-26
ZA201300462B (en) 2018-12-19
CA2799467A1 (en) 2011-12-22
JP5462411B2 (ja) 2014-04-02
ES2549496T3 (es) 2015-10-28
US9930530B2 (en) 2018-03-27
IL226124A (en) 2016-05-31
AR082765A1 (es) 2013-01-09
CN102948208B (zh) 2016-03-30
IL226124A0 (en) 2013-06-27
CN102948208A (zh) 2013-02-27
HK1180509A1 (zh) 2013-10-18
US20160105800A1 (en) 2016-04-14
KR20130054317A (ko) 2013-05-24
RU2013102262A (ru) 2014-07-27
TW201208329A (en) 2012-02-16
BR112012032233B1 (pt) 2021-03-02
RU2523695C1 (ru) 2014-07-20
BR112012032233A2 (pt) 2016-11-22
UA105438C2 (uk) 2014-05-12
EP2583497A1 (en) 2013-04-24

Similar Documents

Publication Publication Date Title
US9930530B2 (en) Methods and apparatuses facilitating synchronization of security configurations
US11863982B2 (en) Subscriber identity privacy protection against fake base stations
US11653199B2 (en) Multi-RAT access stratum security
CN110945886B (zh) 无线通信网络中检测漫游活动的反引导的方法和系统
US11297492B2 (en) Subscriber identity privacy protection and network key management
KR101554396B1 (ko) 통신 시스템들에서 가입자 인증과 디바이스 인증을 바인딩하는 방법 및 장치
ES2882071T3 (es) Nodo de red para uso en una red de comunicación, dispositivo de comunicación y métodos de operación del mismo
KR20040073247A (ko) 무선 통신 시스템에 보안 스타트 값을 저장하는 방법
CN110830996B (zh) 一种密钥更新方法、网络设备及终端
CN115884187A (zh) 消息传输方法及通信装置

Legal Events

Date Code Title Description
AS Assignment

Owner name: QUALCOMM INCORPORATED, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:PATIL, KIRAN KISHANRAO;SANKA, SURESH;HSU, LIANGCHI;AND OTHERS;SIGNING DATES FROM 20110620 TO 20110713;REEL/FRAME:026612/0529

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION