WO2012094958A1 - 一种安全隔离的方法和设备 - Google Patents

一种安全隔离的方法和设备 Download PDF

Info

Publication number
WO2012094958A1
WO2012094958A1 PCT/CN2012/070028 CN2012070028W WO2012094958A1 WO 2012094958 A1 WO2012094958 A1 WO 2012094958A1 CN 2012070028 W CN2012070028 W CN 2012070028W WO 2012094958 A1 WO2012094958 A1 WO 2012094958A1
Authority
WO
WIPO (PCT)
Prior art keywords
cell
information
request message
handover request
core network
Prior art date
Application number
PCT/CN2012/070028
Other languages
English (en)
French (fr)
Inventor
杨义
Original Assignee
大唐移动通信设备有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 大唐移动通信设备有限公司 filed Critical 大唐移动通信设备有限公司
Priority to EP12734180.8A priority Critical patent/EP2696613B1/en
Priority to US13/979,219 priority patent/US9906950B2/en
Publication of WO2012094958A1 publication Critical patent/WO2012094958A1/zh

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/0011Control or signalling for completing the hand-off for data sessions of end-to-end connection
    • H04W36/0033Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information
    • H04W36/0038Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information of security context information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/04Large scale networks; Deep hierarchical networks
    • H04W84/042Public Land Mobile systems, e.g. cellular systems
    • H04W84/047Public Land Mobile systems, e.g. cellular systems using dedicated repeater stations

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a method and apparatus for security isolation. Background technique
  • B3G Beyond Third Generation
  • LTE-A Long Term Evolution-Advanced
  • B3G/LTE-A systems can only be found in higher frequency bands (for example, above 3 GHz).
  • the higher the frequency band the faster the radio wave propagation is attenuated, and the shorter the transmission distance is.
  • RN Relay Node
  • the RN accesses the core network, the RN and the core network through a donor cell under the Donor Evolved Node B (donor base station). There is no direct wired interface between them; each RN can control one or more cells; the interface between the UE (User Equipment) and the RN is the Uu interface, and the interface between the RN and the DeNB is the Un interface.
  • Donor Evolved Node B Donor base station
  • the current S1 handover process is divided into a handover preparation, a handover execution, and a handover notification phase.
  • the handover preparation phase (steps 2 to 9 in FIG. 2) is initiated by the source eNB (Evolved Node B, evolved base station), and determines which target eNB to switch to; the source MME (Mobility Management Entity, mobility management entity) receives After the handover request (HO Required) sent by the source eNB, a new hop (Next Hop, next hop key) and an NCC (Next hop Chaining Counter) are sent to the target MME; the target MME will The received NH and NCC are sent to the target eNB for use in the handover request (HO Request).
  • the target eNB needs to transparently transmit the NCC to the source eNB through the core network in a transparent container.
  • the handover command (HO Command) message carries the handover command message (RRC (Radio Resource Control) connection reconfiguration message corresponding to the air interface) generated by the target eNB, and is forwarded by the source eNB to the UE; After the command message, the NCC is synchronized with the target eNB according to the NCC, and the key used by the air interface is further generated.
  • RRC Radio Resource Control
  • the X2 handover process is divided into the handover preparation, handover execution, and path conversion phases.
  • the uplink and downlink user data transmission path between the eNB and the SGW needs to be transferred to the target eNB, because the serving base station of the UE is transferred from the source eNB to the target eNB.
  • the target eNB initiates a path conversion process after the UE is handed over, and notifies the SGW of the information such as the downlink data transmission address by the MME, and the SGW notifies the eNB of the information such as the uplink data transmission address and the MME in the response message.
  • the MME generates a new key NH and assigns a label NCC to the target eNB in a Path Switch Request Acknowledge message. Since only the UE and the MME can calculate the NH and the eNB does not have the function of calculating the NH, the source eNB does not know the NH value sent by the MME to the target eNB; the target eNB and the UE calculate the key used by the air interface by using the NH, and the key is the source. The eNB cannot calculate it, thus achieving the purpose of security isolation.
  • the coverage of the DeNB is large. If the handover of the UE fails, the cell of the DeNB may be selected for reconstruction, or even other RNs.
  • the DeNB may forward the complete handover request message to the RRC reconstruction information when forwarding the handover request message to the target RN.
  • the handover request message includes RRC re-establishment information prepared by the source base station, a key NH sent by the MME to the target base station, and a corresponding counter NCC. At this point, the same pair of ⁇ NH, NCC ⁇ is sent to multiple target nodes (RN, DeNB).
  • Embodiments of the present invention provide a method and device for security isolation to implement isolation of a key.
  • an embodiment of the present invention provides a method for security isolation, the method comprising:
  • the relay device When the relay device receives the handover request message, if the handover request message includes the re-establishment information of the other cell, when the user equipment successfully switches to its own cell or successfully re-establishes its own cell, the relay device goes to the core.
  • the network device requests key information.
  • An embodiment of the present invention provides a method for security isolation.
  • the method includes: when a DeNB receives a handover request message, the DeNB parses the reconstruction information in the handover request message;
  • the DeNB requests the key information from the core network device.
  • An embodiment of the present invention provides a method for security isolation.
  • the method includes: when a core network device receives a message requesting key information, the core network device calculates key information, and sends the key information to the request. Node.
  • An embodiment of the present invention provides a relay device, including:
  • a receiving module configured to receive a handover request message
  • a processing module configured to: when the handover request message includes the re-establishment information of the other cell, and request the key information from the core network device when the user equipment successfully switches to the cell of the user or successfully re-establishes the cell to the cell, and receives the key information from the core network device; Key of the core network device Information.
  • An embodiment of the present invention provides a base station device, including:
  • a receiving module configured to receive a handover request message
  • a parsing module configured to parse the re-establishment information in the handover request message, where the re-establishment information includes the re-establishment information of the self-managed cell, and when the user equipment successfully re-establishes the cell to the core network,
  • the device requests key information; and receives key information from the core network device.
  • the embodiment of the invention provides a core network device, including:
  • a receiving module configured to receive a message requesting key information
  • a calculation module configured to calculate key information according to the message requesting the key information
  • a sending module configured to send the key information to the requesting node.
  • the present invention has at least the following advantages:
  • FIG. 1 is a network architecture diagram of an LTE-A system in which a RN is introduced in the prior art
  • FIG. 2 is a schematic diagram of a S1 handover process in the prior art
  • FIG. 3 is a schematic diagram of a X2 switching process in the prior art
  • FIG. 4 is a schematic flowchart of a method for security isolation according to Embodiment 1 of the present invention
  • FIG. 5 is a schematic diagram of an application scenario provided by Embodiment 2 of the present invention
  • FIG. 6 is a schematic diagram of a possible security parameter update process according to Embodiment 2 of the present invention.
  • FIG. 7 is a schematic diagram of an application scenario according to Embodiment 3 of the present invention.
  • FIG. 8 is a schematic diagram of an application scenario provided by Embodiment 4 of the present invention.
  • FIG. 9 is a schematic structural diagram of a relay device according to Embodiment 5 of the present invention.
  • FIG. 10 is a schematic structural diagram of a base station device according to Embodiment 6 of the present invention.
  • FIG. 11 is a schematic structural diagram of a core network device according to Embodiment 7 of the present invention. detailed description
  • a first embodiment of the present invention provides a method for security isolation.
  • the scenario applied by the method includes, but is not limited to, an SI handover process based on a relay scenario. If a handover request message is sent to multiple nodes (RN, DeNB), After the handover is successful or the re-establishment is successful, a new key message (such as an NH message) can be obtained through the Path Switch process or a new security parameter update process, so that key isolation can be implemented on the basis of improving the probability of UE handover success. Ensure the user's communication security. As shown in FIG. 4, the method includes the following steps:
  • Step 401 The relay device receives the handover request message. If the handover request message includes the re-establishment information of the other cell (that is, the RRC re-establishment information), when the user equipment successfully switches to its own cell or successfully re-establishes its own cell, step 402 is performed; if the handover request message does not include other cells If the user equipment successfully switches to its own cell or successfully reestablishes its own cell, step 403 is performed.
  • the handover request message includes the re-establishment information of the other cell (that is, the RRC re-establishment information)
  • the handover request message does not include other cells
  • step 403 is performed.
  • Step 402 The relay device requests key information (new key NH information) from a core network device (for example, an MME or the like). Thereafter, the relay device can receive key information from the core network device.
  • a core network device for example, an MME or the like.
  • the relay device may request key information from the core network device through the Path Switch process; or, the relay device may request the key information from the core network device through the security parameter update process (ie, the newly defined S1-AP process). .
  • Step 403 The relay device determines that the key information is not requested from the core network device.
  • the target cell information needs to be prepared.
  • the reconfiguration preparation information includes a key associated with the cell and an integrity check code.
  • the relay device may prepare to have the same eNB when preparing to reestablish the cell.
  • the cell reconstruction information of the identifier includes cell reconstruction information of the donor base station (DeNB) and reconstruction information of other RN cells under the DeNB.
  • the target cell is not the cell managed by itself, but the RRC reconstruction information includes the information of the self-managed cell, it is not considered as an abnormal situation; If information including a cell that is not managed by itself is included, it is not considered to be an abnormal situation.
  • the foregoing process is a process for the relay device, and the process for the DeNB side may further include: when the DeNB receives the handover request message, the DeNB parses the reconstruction information in the handover request message; The re-establishment information of the self-managed cell is saved, and the reconstruction information of the self-managed cell is saved.
  • the DeNB requests the key information from the core network device (through the Path Switch process or the security parameter update process). Request new key information from the core network device). Thereafter, the DeNB can receive key information from the core network device.
  • the handover request message is a handover request message from a relay device or a handover request message from a core network device.
  • the DeNB After receiving the handover request (Handover Request) message from the target MME, the DeNB parses at least the reconstruction information in the handover request message. If the information of the self-managed cell is included in the reconstruction information, at least the reconstruction information of the management cell is saved. If the reconstruction information contains reconstruction information of other relay devices managed by itself, the DeNB will cut The request message is sent to the relay device involved in the reconstruction information. Before the sending, the DeNB may delete the reconstruction information of the DeNB's own management cell carried in the handover request message. Further, after forwarding the handover request message to other RNs, when the UE successfully reestablishes its own cell, the DeNB requests new key information from the MME.
  • the DeNB After receiving the Handover Required message from the source relay device, the DeNB parses at least the reconstruction information in the handover request message, and if the information in the reconstruction information has its own management cell, at least the reconstruction information of the own cell is saved; After the UE successfully reestablishes its own cell, the DeNB requests new key information from the MME.
  • the processing procedure of the MME side of the core network device may further include: when the MME receives the message requesting the key information (received during the Path Switch process or received during the security parameter update process), the MME calculates the key information (NH, NCC, etc., and send the key information to the requesting node (relay device or DeNB).
  • the MME calculates a new NH, and the NCC is sent to the requesting node.
  • the MME determines that the SGW may not update the bearer information, that is, does not send a Modify Bearer Request to the SGW.
  • a second embodiment of the present invention provides a method for security isolation, as shown in FIG. 5, which is an application scenario of an eNB switching from an eNB to an RN.
  • the method includes the following steps:
  • the source eNB sends a handover request message to the source MME.
  • the source eNB cannot distinguish between the RN cell and the DeNB cell, and may prepare information of the cell of some RN under the DeNB when preparing the reconstruction information.
  • the source MME finds the target MME, and sends a Forward Relocation Request message; the target MME determines the target DeNB and sends a handover request message thereto.
  • the DeNB After receiving the handover request message from the target MME, the DeNB sends a handover request message to the target RN according to the target cell identifier (such as RN1 in FIG. 5).
  • the target cell identifier such as RN1 in FIG. 5
  • the DeNB parses at least the reconstruction information in the handover request message. If the information of the self-managed cell is included in the reconstruction information, at least the reconstruction information of the own cell is saved (for example, the handover request information is completely saved). If there is re-establishment information of other RN cells in the handover request message, the handover request message may be forwarded to the involved RN (such as RN2 in FIG. 5). Optionally, when the DeNB forwards the handover request message to the RN, the DeNB may also delete the reconstruction information of the self cell carried in the handover request message.
  • the DeNB may initiate a path switching process (Path Switch process), or initiate a newly defined S1-AP process (security parameter update process) to obtain The new key NH.
  • Path Switch process path switching process
  • S1-AP process security parameter update process
  • the RN1 may infer that the DeNB may send the same handover request message to other RNs), it is not considered to be an abnormal situation, and After the UE successfully switches to its own cell or successfully re-establishes its own cell after the handover fails, it initiates a path conversion process or initiates a newly defined S1-AP process to acquire a new key NH. If there is no reconstruction information of the own cell in the handover request message received by the RN1, the RN1 may not request the new key NH from the MME. Further, RN1 can use the newly obtained NH and NCC to generate a new K eNB * with the UE to implement key isolation.
  • a possible security parameter update process is shown in FIG. 6.
  • the newly defined S1-AP process is used by a base station (including eNB, RN, DeNB, HeNB, etc.) to obtain a new MME from the MME.
  • the NH and the NCC have the advantage of using the process only between the base station and the MME.
  • the information exchange between the MME and the SGW and the PGW is not involved, and the processing load of the core network can be saved.
  • the DeNB sends only the handover request message to the target RN1 in step (3), and does not send the message to the other RNs. At this time, if the UE successfully switches to the RN1 or reestablishes the cell to the RN1, RN1 does not need to acquire a new key from the MME.
  • the RN2 After the RN2 receives the handover request message, if the target cell is not the cell managed by itself, but the reconstruction information includes the information of the self-managed cell, it is not considered to be an abnormal situation. If the handover request message received by the RN2 is not the reconstruction information of the self cell, after the UE successfully reestablishes the cell to the cell, the path conversion process or the security parameter is initiated. The number update process, obtaining a new key ⁇ .
  • the MME checks whether the current cell or the current base station of the UE changes after receiving the path switching request. If there is no change, The Modify Bearer Request is not sent to the SGW, and a Path Switch Request Confirmation message is returned to the source node of the message. If the MME receives the security parameter update request message, it calculates a new NH, NCC, and returns it to the source node of the message.
  • the DeNB/RN1/RN2 uses the newly obtained NH and NCC to generate a new K eNB * with the UE to implement key isolation.
  • a third embodiment of the present invention provides a method for security isolation, as shown in FIG. 7, which is an application scenario of an eNB switching from an eNB to a DeNB, where the method includes the following steps:
  • the source eNB sends a handover request message to the source MME.
  • the source MME finds the target MME, and sends a forward relocation request message; the target MME determines the target DeNB, and sends a handover request message thereto.
  • the DeNB may forward the handover request message to the involved RN (such as RN1 and RN2 in FIG. 7) if there is reconstruction information of other RN cells in the handover request message.
  • the DeNB may delete the reconstruction signal of the self cell in the handover request message.
  • the RN After receiving the handover request message, the RN does not consider this to be an abnormal situation if the target cell is not the cell managed by itself but the information of the self-managed cell is included in the reconstruction information.
  • step (3) If the DeNB forwards the handover request message to the other RN in step (3), the path conversion process or security is initiated after the UE successfully switches to its own cell or successfully re-establishes its own cell after the handover fails. Parameter update process.
  • the MME After receiving the path switching request, the MME checks whether the current cell or the current base station of the UE changes. If there is no change, the MME does not send a Modify Bearer Request to the SGW, and returns a path conversion request confirmation to the DeNB. Message. If the MME receives the security parameter update request message, it calculates a new NH, NCC, and Return to the DeNB.
  • the DeNB uses the newly obtained NH and NCC to generate a new K eNB * with the UE to implement key isolation.
  • the RN can conclude that the DeNB may also send the same handover request to other RNs).
  • the MME After receiving the path switching request, the MME checks whether the current cell or the current base station of the UE changes. If there is no change, the MME does not send a modify bearer request to the SGW, and returns a path switch request acknowledgement message to the RN. If the MME receives the security parameter update request message, it calculates a new NH, NCC, and returns it to the RN.
  • the RN uses the newly obtained NH and NCC to generate a new K eNB * with the UE to implement key isolation.
  • a fourth embodiment of the present invention provides a method for security isolation. As shown in FIG. 8, the application scenario of the RN is switched from the RN to the eNB. The method includes the following steps:
  • the source RN prepares the reconstruction information
  • the information of the target eNB cell and the information of the same cell as the own eNB ID are prepared.
  • the information about the re-establishment of the cell with the same eNB ID as the source RN can be determined according to the measurement result reported by the UE.
  • the DeNB After receiving the handover request message from the RN, the DeNB sends the handover request message to the target MME.
  • the DeNB after receiving the handover request message from the RN, parses at least the reconstruction information (such as the Source To Target Transparent Container IE), and if at least the reconstruction information of the self-managed cell, the at least the reconstruction of the self-managed cell is saved. information.
  • the DeNB may delete the RRC reestablishment information of the cell in the handover request message that is the same as the own eNB ID.
  • the source MME finds the target MME, and sends a forward relocation request message; the target MME determines the target eNB, and sends a handover request message thereto; the target eNB returns a handover request acknowledgement message to the target MME; the target MME returns the forward weight to the source MME. Positioning response The message, the source sends a handover command message to the DeNB, and the DeNB forwards the handover command message to the RN.
  • the RN sends a handover command to the UE, and the UE switches to the target eNB. If the UE fails to handover and the DeNB is successfully re-established, the DeNB sends a path switch process to the core network, or performs a security parameter update process. The DeNB then uses the newly obtained NH and NCC to generate a new K eNB * with the UE to implement key isolation.
  • the MME After receiving the path switching request, the MME checks whether the current cell or the current base station of the UE changes. If there is no change, the MME does not send a modify bearer request to the SGW, and returns a path switch request acknowledgement message to the DeNB. If the MME receives the security parameter update request message, it calculates a new NH, NCC, and returns to the DeNB.
  • the DeNB uses the newly obtained NH and NCC to generate a new K eNB * with the UE to implement key isolation.
  • the embodiment of the present invention further provides a relay device.
  • the device includes:
  • the receiving module 11 is configured to receive a handover request message.
  • the processing module 12 is configured to: when the handover request message includes the re-establishment information of the other cell, and request the key information from the core network device when the user equipment successfully switches to the cell of the user or successfully re-establishes the cell to the cell; Key information from the core network device.
  • the processing module 12 is further configured to: when the handover request message does not include the re-establishment information of the other cell, and determine that the user equipment does not request the core network device when the user equipment successfully switches to its own cell or successfully re-establishes its own cell. Key information.
  • the processing module 12 is specifically configured to request key information from the core network device by using a Path Switch process or a security parameter update process.
  • the method when the user equipment is switched from the relay device to another device, the method further includes: a determining module 13 configured to determine cell reconstruction information of the target base station and have the same eNB when preparing to reestablish the cell The identified cell reconstruction information.
  • the modules of the device of the embodiment of the present invention may be integrated into one body, or Separate deployment.
  • the above modules can be combined into one module, or can be further split into multiple sub-modules.
  • the embodiment of the present invention further provides a base station device.
  • the device includes:
  • the receiving module 21 is configured to receive a handover request message.
  • the parsing module 22 is configured to parse the re-establishment information in the handover request message, and the processing module 23 is configured to: when the re-establishment information includes the re-establishment information of the self-managed cell, and when the user equipment successfully re-establishes the cell to the user,
  • the core network device requests key information; and receives key information from the core network device.
  • the base station device When the handover request message is a handover request message from the core network device, the base station device further includes: a sending module 24, configured to: when the reconstruction information includes reconstruction information of other relay devices managed by itself, The handover request message is sent to the relay device involved in the reconstruction information.
  • a sending module 24 configured to: when the reconstruction information includes reconstruction information of other relay devices managed by itself, The handover request message is sent to the relay device involved in the reconstruction information.
  • the base station device further includes: a deleting module 25, configured to delete the reconstruction information of the DeNB self-managed cell carried in the handover request message.
  • the handover request message is a handover request message from the relay device or a handover request message from the core network device, and the base station device further includes: a storage module 26, configured to save the reconstruction of the self management cell included in the reconstruction information information.
  • the processing module 23 is specifically configured to request key information from the core network device by using a Path Switch process or a security parameter update process.
  • the modules of the device in the embodiment of the present invention may be integrated into one module or may be separately deployed.
  • the above modules can be combined into one module, or they can be further split into multiple sub-modules.
  • the embodiment of the present invention further provides a core network device.
  • the device includes:
  • a receiving module 31 configured to receive a message requesting key information
  • the calculating module 32 is configured to calculate key information according to the message requesting the key information;
  • the sending module 33 is configured to send the key information to the requesting node.
  • the receiving module 31 is specifically configured to receive a message requesting the key information during the Path Switch process; or receive a message requesting the key information during the security parameter update process.
  • the core network device further includes: a determining module 34, configured to: when the serving base station or the cell of the user equipment does not change, determine not to notify the SGW to update the bearer information.
  • the modules of the device in the embodiment of the present invention may be integrated into one module or may be separately deployed.
  • the above modules can be combined into one module, or they can be further split into multiple sub-modules.
  • the embodiments of the present invention can be implemented by means of software plus a necessary general hardware platform, and of course, can also be through hardware, but in many cases, the former is better.
  • Implementation Based on such understanding, the technical solution of the embodiments of the present invention may be embodied in the form of a software product in essence or in the form of a software product, which is stored in a storage medium and includes a plurality of instructions.
  • a computer device (which may be a personal computer, server, or network device, etc.) is caused to perform the methods described in various embodiments of the present invention.
  • modules in the apparatus in the embodiments may be distributed in the apparatus of the embodiment according to the description of the embodiments, or may be correspondingly changed in one or more apparatuses different from the embodiment.
  • the modules of the above embodiments may be combined into one module, or may be further split into a plurality of sub-modules.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Description

一种安全隔离的方法和设备 本申请要求于 2011 年 1 月 11 日提交中国专利局, 申请号为 201110004665.6, 发明名称为 "一种安全隔离的方法和设备" 的中国 专利申请的优先权, 其全部内容通过引用结合在本申请中。 技术领域
本发明涉及通信技术领域, 尤其涉及一种安全隔离的方法和设 备。 背景技术
在未来的移动通信系统中, 例如 B3G ( Beyond Third Generation, 后三代)或 LTE-A ( Long Term Evolution- Advanced, 高级长期演进 ), 将提供更高的峰值数据速率和小区吞吐量, 同时也需要更大的带宽, 目前 2GHz以下的未分配带宽已经很少, B3G/LTE-A系统需要的部分 或全部带宽只能在更高的频段上(例如 3GHz以上 )寻找。 其中频段 越高, 电波传播衰减的越快, 传输距离越短, 同样覆盖区域下, 要保 证连续覆盖, 则需要更多基站, 而由于基站具有较高的造价, 会增加 布网成本, 为了解决布网成本及覆盖问题, 可将 RN ( Relay Node, 中继节点) 引入到系统中。
如图 1所示, 为 LTE-A系统中引入 RN后的网络架构图, RN通 过 DeNB ( Donor Evolved Node B , 施主基站) 下的 donor cell (施主 小区 )接入到核心网, RN和核心网之间没有直接的有线接口; 每个 RN可控制一个或多个小区; UE ( User Equipment, 用户设备 )和 RN 之间的接口为 Uu口, RN和 DeNB之间的接口为 Un口。
如图 2所示的 S1切换过程示意图,当前 S1切换过程分为切换准 备、 切换执行、 切换通知阶段。 切换准备阶段 (图 2中步骤 2~9 ) 由 源 eNB ( Evolved Node B, 演进型基站 )发起, 决定切换到哪个目标 eNB; 源 MME ( Mobility Management Entity, 移动性管理实体 )收到 源 eNB发来的切换请求( HO Required )后 , 需计算出新的 ΝΗ ( Next Hop, 下一跳密钥)和 NCC ( Next hop Chaining Counter, 下一跳计数 器 )发给目标 MME; 目标 MME将收到的 NH和 NCC放在切换请求 ( HO Request ) 中发给目标 eNB使用。 另夕卜, 目标 eNB为了和 UE 同步 NH密钥, 需将 NCC放在透明容器中经核心网透传给源 eNB。
进一步的, 切换命令 ( HO Command ) 消息中携带目标 eNB生 成的切换命令消息(对应空口的 RRC ( Radio Resource Control, 无线 资源控制 )连接重配置消息), 由源 eNB转发给 UE; UE收到切换命 令消息后, 根据 NCC与目标 eNB同步 NH, 并进一步生成空口使用 的密钥。
如图 3所示的 X2切换过程示意图, 当前 X2切换过程分为切换 准备、 切换执行、 路径转换阶段。 X2切换过程中, 由于 UE的服务 基站从源 eNB转移到目标 eNB, eNB与 SGW ( Serving Gateway, 服 务网关)之间的上下行用户数据传输路径需转移到目标 eNB。 目标 eNB在 UE切换过来后发起路径转换过程,并将下行数据传输地址等 信息经 MME通知 SGW, SGW在响应消息中将上行数据传输地址等 信息经 MME通知 eNB。
具体的, 在路径转换过程中, MME生成新的密钥 NH, 并为其 分配标记 NCC, 放在 Path Switch Request Acknowledge (路径转换请 求确认 ) 消息中发给目标 eNB。 由于只有 UE和 MME可计算 NH , eNB不具有计算 NH的功能, 则源 eNB不知道 MME给目标 eNB发 送的 NH值; 目标 eNB和 UE利用 NH计算出空口使用的密钥, 该密 钥是源 eNB无法计算出的, 因此实现了安全隔离的目的。
在实现本发明的过程中,发明人发现现有技术中至少存在以下问 题:
在 relay场景中, DeNB覆盖范围较大, 如果 UE切换失败, 可能 选择 DeNB的小区进行重建, 甚至是其他 RN。 对于 UE从邻 eNB切 换到 DeNB下的场景, 为了提高切换成功率, DeNB在转发切换请求 消息给目标 RN时, 可将完整的切换请求消息转发给 RRC重建信息 中涉及到的 RN。在该切换请求消息中, 包含源基站准备的 RRC重建 信息、 MME发给目标基站的密钥 NH和对应的计数器 NCC。 此时会 导致同一对 {NH、 NCC}发给了多个目标节点(RN、 DeNB ), —旦攻 击者攻破其中一个 RN获得了 NH, 则不管 UE切换到哪个 RN或 DeNB, 攻击者均可以推算出 UE在空口上使用的密钥, 从而破解 UE 通信的内容, 侵犯用户的隐私。 发明内容
本发明实施例提供一种安全隔离的方法和设备,以实现密钥的隔 离。
为了达到上述目的, 本发明实施例提供一种安全隔离的方法, 该 方法包括:
当中继设备接收到切换请求消息时,如果所述切换请求消息中包 含其他小区的重建信息,则在用户设备成功切换到自身的小区或成功 重建到自身的小区时, 所述中继设备向核心网设备请求密钥信息。
本发明实施例提供一种安全隔离的方法, 该方法包括: 当 DeNB接收到切换请求消息时,所述 DeNB解析所述切换请求 消息中的重建信息;
如果所述重建信息中包含自身管理小区的重建信息, 当用户设备 成功重建到自身的小区时, 所述 DeNB向核心网设备请求密钥信息。
本发明实施例提供一种安全隔离的方法, 该方法包括: 当核心网设备接收到请求密钥信息的消息时,所述核心网设备计 算密钥信息, 并将所述密钥信息发送给请求的节点。
本发明实施例提供一种中继设备, 包括:
接收模块, 用于接收切换请求消息;
处理模块, 用于当所述切换请求消息中包含其他小区的重建信 息, 并在用户设备成功切换到自身的小区或成功重建到自身的小区 时, 向核心网设备请求密钥信息; 并接收来自所述核心网设备的密钥 信息。
本发明实施例提供一种基站设备, 包括:
接收模块, 用于接收切换请求消息;
解析模块, 用于解析所述切换请求消息中的重建信息; 处理模块, 用于当所述重建信息中包含自身管理小区的重建信 息, 并在用户设备成功重建到自身的小区时, 向核心网设备请求密钥 信息; 并接收来自所述核心网设备的密钥信息。
本发明实施例提供一种核心网设备, 包括:
接收模块, 用于接收请求密钥信息的消息;
计算模块, 用于根据请求密钥信息的消息计算密钥信息; 发送模块, 用于将所述密钥信息发送给请求的节点。
与现有技术相比, 本发明至少具有以下优点:
可以提高 UE在切换时的重建成功概率, 降低切换失败概率, 并 且实现密钥隔离, 保证用户的通信安全。 附图说明
图 1为现有技术中 LTE-A系统中引入 RN后的网络架构图; 图 2为现有技术中 S1切换过程示意图;
图 3为现有技术中 X2切换过程示意图;
图 4为本发明实施例一提供的一种安全隔离的方法流程示意图; 图 5为本发明实施例二提供的应用场景示意图;
图 6 为本发明实施例二提供的一种可能的安全参数更新过程示 意图;
图 7为本发明实施例三提供的应用场景示意图;
图 8为本发明实施例四提供的应用场景示意图;
图 9为本发明实施例五提供的中继设备结构示意图;
图 10为本发明实施例六提供的基站设备结构示意图;
图 11为本发明实施例七提供的核心网设备结构示意图。 具体实施方式
下面将结合本发明实施例中的附图,对本发明实施例中的技术方 案进行清楚、 完整地描述, 显然, 所描述的实施例仅仅是本发明的一 部分实施例, 而不是全部的实施例。 基于本发明中的实施例, 本领域 普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施 例, 都属于本发明保护的范围。
实施例一
本发明实施例一提供一种安全隔离的方法,该方法应用的场景包 括但不限于基于中继 (relay ) 场景的 SI切换过程, 如果切换请求消 息发送给多个节点 (RN、 DeNB ), 则在切换成功或重建成功之后, 可通过 Path Switch过程或新的安全参数更新过程来获取新的密钥消 息(如 NH消息), 从而可以在提高 UE切换成功概率的基础上, 实 现密钥隔离, 保证用户的通信安全。 如图 4所示, 该方法包括以下步 骤:
步骤 401 , 中继设备接收切换请求消息。 如果切换请求消息中包 含其他小区的重建信息(即 RRC重建信息 ), 则在用户设备成功切换 到自身的小区或成功重建到自身的小区时, 执行步骤 402; 如果切换 请求消息中不包含其他小区的重建信息,则在用户设备成功切换到自 身的小区或成功重建到自身的小区时, 执行步骤 403。
步骤 402, 中继设备向核心网设备(例如, MME等)请求密钥 信息 (新的密钥 NH信息)。 之后, 中继设备可接收到来自该核心网 设备的密钥信息。
本步骤中, 中继设备可通过 Path Switch过程向核心网设备请求 密钥信息; 或者, 中继设备可通过安全参数更新过程(即新定义的 S1-AP过程) 向核心网设备请求密钥信息。
步骤 403, 中继设备确定不向核心网设备请求密钥信息。
在多小区重建准备过程中, 对 S1切换过程, 源 eNB选定目标小 区后, 为了提高 UE重建到其他小区的成功概率, 需准备目标小区信 息、 目标 eNB 下其他小区的重建信息, 并放在切换请求消息中的 Source To Target Transparent Container IE中。 其中, 重建准备信息包 括与小区关联的密钥以及完整性校验码; 当 UE选择某个小区进行 RRC重建时,会上报与该小区对应的完整性校验码, 目标 eNB将 UE 上报的完整性校验码与自身保存的进行对比, 如果一致, 则可以允许 UE接入该小区。
本发明实施例中, 当用户设备从中继设备切换到其他设备(如 UE从 RN切换到邻 eNB下)时, 为了提高切换成功率, 该中继设备 在准备重建小区时, 可准备具有相同 eNB标识( eNB ID ) 的小区重 建信息, 包括施主基站(DeNB )的小区重建信息、 DeNB下其他 RN 小区的重建信息。 一旦 UE切换失败, 则选择 DeNB小区进行重建, 并可能重建成功。
另外, 本发明实施例中, 当接收到切换请求消息之后, 如果目标 小区不是自身管理的小区, 但 RRC重建信息中包含有自身管理小区 的信息, 则不认为是异常情况; 如果 RRC重建信息中包含有不是自 身管理小区的信息, 则不认为是异常情况。
需要注意的是, 上述处理过程是针对中继设备的处理过程, 针对 DeNB侧的处理,还可以包括:当 DeNB接收到切换请求消息时, DeNB 解析切换请求消息中的重建信息;如果重建信息中包含自身管理小区 的重建信息, 则保存包含的自身管理小区的重建信息; 并当用户设备 成功重建到自身的小区时, DeNB向核心网设备请求密钥信息(通过 Path Switch 过程或安全参数更新过程向核心网设备请求新的密钥信 息)。 之后, DeNB可接收到来自核心网设备的密钥信息。
本发明实施例中,切换请求消息为来自中继设备的切换请求消息 或来自核心网设备的切换请求消息。
当接收到来自目标 MME的切换请求(Handover Request ) 消息 之后, DeNB至少解析切换请求消息中的重建信息, 如果重建信息中 有自身管理小区的信息, 则至少保存自身管理小区的重建信息。 如果 重建信息中包含自身管理的其他中继设备的重建信息,则 DeNB将切 换请求消息发送给重建信息中涉及的中继设备; 在发送之前, DeNB 可删除切换请求消息中携带的 DeNB自身管理小区的重建信息。进一 步的, 将切换请求消息转发给其他 RN之后, 当 UE成功重建到自身 的小区时, DeNB向 MME请求新的密钥信息。
当接收到来自源中继设备的切换请求( Handover Required )消息 之后, DeNB至少解析切换请求消息中的重建信息, 如果重建信息中 有自身管理小区的信息, 则至少保存自身小区的重建信息; 当 UE成 功重建到自身的小区之后, DeNB向 MME请求新的密钥信息。
针对核心网设备 MME侧的处理过程, 还可以包括: 当 MME接 收到请求密钥信息的消息时(在 Path Switch过程中接收或者在安全 参数更新过程中接收), MME计算密钥信息(NH、 NCC等), 并将 密钥信息发送给请求的节点 (中继设备或者 DeNB )。
具体的, 当接收到路径转换请求(针对 Path Switch过程)或密 钥获取请求(针对安全参数更新过程 )后, MME计算新的 NH、 NCC 发送给请求节点。 另外, 如果 UE的服务基站 /小区没有发生变化, 则 MME确定可以不通知 SGW更新承载信息,即不向 SGW发送修改承 载请求 ( Modify Bearer Request )。
实施例二
本发明实施例二提供一种安全隔离的方法,如图 5所示的从 eNB 经 S1切换到 RN的应用场景示意图, 该方法包括以下步骤:
( 1 )源 eNB向源 MME发送切换请求消息。 其中, 由于源 eNB 无法区分 RN小区和 DeNB 小区, 则在准备重建信息时, 可能准备 DeNB下某些 RN的小区的信息。
( 2 ) 源 MME找到目标 MME, 发送前转重定位请求( Forward Relocation Request ) 消息; 目标 MME确定目标 DeNB , 并向其发送 切换请求消息。
( 3 ) DeNB收到来自目标 MME的切换请求消息之后, 根据其 中的目标小区标识将切换请求消息发送给目标 RN (如图 5中 RN1 )。
本发明实施例中, DeNB至少解析切换请求消息中的重建信息, 如果重建信息中有自身管理小区的信息,则至少保存自身小区的重建 信息(如将切换请求信息完整保存下来)。 如果切换请求消息中有其 他 RN小区的重建信息,则可以将切换请求消息转发给涉及的 RN(如 图 5中 RN2 )。 可选的, DeNB在转发切换请求消息给 RN时, 还可 以删除该切换请求消息中携带的自身小区的重建信息。
本发明实施例中, UE切换失败后成功重建到自身的小区后, DeNB可发起路径转换过程(Path Switch过程), 或是发起一个新定 义的 S1-AP过程(安全参数更新过程), 以获取新的密钥 NH。
( 4 )如果 RN1收到的切换请求消息中有不是自身小区的重建信 息(RN1可推测出 DeNB可能将同一条切换请求消息也发给了其他 RN ), 则不认为这是异常情况, 且在 UE成功切换到自身的小区或是 切换失败后成功重建到自身的小区后,发起路径转换过程或发起一个 新定义的 S1-AP过程, 获取新的密钥 NH。 如果 RN1收到的切换请 求消息中没有不是自身小区的重建信息, 则 RN1可不向 MME索取 新的密钥 NH。 进一步的, RN1可利用新获得的 NH和 NCC与 UE 生成新的 KeNB*, 实现密钥隔离。
本发明实施例中, 一种可能的安全参数更新过程如图 6所示, 上 述新定义的 S1-AP过程用于基站(包括 eNB、 RN、 DeNB, HeNB等 类型的节点)向 MME索取新的 NH和 NCC,使用该过程的好处是只 在基站和 MME之间进行, 不涉及 MME和 SGW、 PGW之间的信息 交互, 可节省核心网处理负担。
作为一种可能的实施方式, DeNB 在步骤(3 ) 时只将切换请求 消息发给目标 RN1 , 不发送给其他涉及到的 RN; 此时, 如果 UE成 功切换到 RN1或重建到 RN1的小区后, RN1不需要向 MME获取新 的密钥。
( 5 ) RN2收到切换请求消息之后, 如果目标小区不是自身管理 的小区, 但重建信息中包含有自身管理小区的信息, 则不认为这是异 常情况。 如果 RN2收到的切换请求消息中有不是自身小区的重建信 息, 则在 UE成功重建到自身的小区后, 发起路径转换过程或安全参 数更新过程, 获取新的密钥 ΝΗ。
( 6 )如果 DeNB/RNl/RN2中有设备发起了向 MME索取新密钥 的过程, 则 MME在收到路径转换请求后, 检查 UE的当前小区或当 前基站是否发生变化, 如果没有变化, 则不向 SGW发送修改承载请 求( Modify Bearer Request ), 并向消息的来源节点返回路径转换请求 确认消息。如果 MME收到安全参数更新请求消息, 则计算新的 NH、 NCC, 并返回给消息的来源节点。
( 7 ) DeNB/RNl/RN2利用新获得的 NH和 NCC与 UE生成新的 KeNB* , 实现密钥隔离。
实施例三
本发明实施例三提供一种安全隔离的方法,如图 7所示的从 eNB 经 S1切换到 DeNB的应用场景示意图, 该方法包括以下步骤:
( 1 ) 源 eNB向源 MME发送切换请求消息。
( 2 )源 MME找到目标 MME, 发送前转重定位请求消息; 目标 MME确定目标 DeNB , 并向其发送切换请求消息。
( 3 ) DeNB收到来自目标 MME的切换请求消息之后, 如果切 换请求消息中有其他 RN小区的重建信息, 则可以将切换请求消息转 发给涉及的 RN (如图 7中 RN1和 RN2 )。 可选的, DeNB在转发切 换请求消息给 RN时, 可以删除该切换请求消息中自身小区的重建信
( 4 ) RN收到切换请求消息之后,如果目标小区不是自身管理的 小区,但重建信息中有自身管理小区的信息,则不认为这是异常情况。
( 5 )如果 DeNB 在步骤(3 ) 中将切换请求消息转发给了其他 RN, 则在 UE成功切换到自身的小区, 或是切换失败后成功重建到 自身的小区后, 发起路径转换过程或安全参数更新过程。
( 6 ) MME在收到路径转换请求后,检查 UE的当前小区或当前 基站是否发生变化, 如果没有变化, 则不向 SGW发送修改承载请求 ( Modify Bearer Request ), 并向 DeNB返回路径转换请求确认消息。 如果 MME收到安全参数更新请求消息, 则计算新的 NH、 NCC, 并 返回给 DeNB。
( 7 ) DeNB利用新获得的 NH和 NCC与 UE生成新的 KeNB*, 实现密钥隔离。
( 8 )如果 RN收到的切换请求消息中有不是自身小区的重建信 息, 则在 UE成功重建到自身的小区后, 发起路径转换过程或安全参 数更新过程。 (RN可推测出 DeNB可能将同一条切换请求也发给了 其他 RN )。
( 9 ) MME收到路径转换请求后, 检查 UE的当前小区或当前基 站是否发生变化, 如果没有变化, 则不向 SGW发送修改承载请求, 并向 RN返回路径转换请求确认消息。 如果 MME收到安全参数更新 请求消息, 则计算新的 NH、 NCC, 并返回给 RN。
( 10 ) RN利用新获得的 NH和 NCC与 UE生成新的 KeNB*, 实 现密钥隔离。
实施例四
本发明实施例四提供一种安全隔离的方法, 如图 8所示的从 RN 经 S1切换到 eNB的应用场景示意图, 该方法包括以下步骤:
( 1 ) 源 RN准备重建信息时, 准备目标 eNB小区的信息、 与自 身 eNB ID相同的小区的信息。 其中, 源 RN准备哪些与自身 eNB ID 相同的小区的重建信息, 可以根据 UE上报的测量结果决定。
( 2 ) DeNB收到来自 RN的切换请求消息后, 将该切换请求消 息发送给目标 MME。
本发明实施例中, DeNB收到来自 RN的切换请求消息后, 至少 解析其中的重建信息 (如 Source To Target Transparent Container IE ), 如果有自身管理小区的重建信息,则至少保存自身管理小区的重建信 息。 可选的, DeNB在转发切换请求消息给 MME时, 可以删除该切 换请求消息中与自身 eNB ID相同的小区的 RRC重建信息。
( 3 )源 MME找到目标 MME, 发送前转重定位请求消息; 目标 MME确定目标 eNB,向其发送切换请求消息;目标 eNB给目标 MME 返回切换请求确认消息; 目标 MME给源 MME返回前转重定位响应 消息 , 源 ΜΜΕ给 DeNB发送切换命令消息 , DeNB将切换命令消息 转发给 RN。
( 4 ) RN向 UE发送切换命令, UE切换到目标 eNB; 如果 UE 切换失败,重建到 DeNB成功,则 DeNB向核心网发送路径转换( path switch )过程, 或执行安全参数更新过程。 之后 DeNB利用新获得的 NH和 NCC与 UE生成新的 KeNB*, 实现密钥隔离。
( 5 ) MME收到路径转换请求后, 检查 UE的当前小区或当前基 站是否发生变化, 如果没有变化, 则不向 SGW发送修改承载请求, 并向 DeNB返回路径转换请求确认消息。如果 MME收到安全参数更 新请求消息, 则计算新的 NH、 NCC, 并返回给 DeNB。
( 6 ) DeNB利用新获得的 NH和 NCC与 UE生成新的 KeNB*, 实现密钥隔离。
实施例五
基于与上述方法同样的发明构思,本发明实施例中还提供了一种 中继设备, 如图 9所示, 该设备包括:
接收模块 11 , 用于接收切换请求消息;
处理模块 12, 用于当所述切换请求消息中包含其他小区的重建 信息,并在用户设备成功切换到自身的小区或成功重建到自身的小区 时, 向核心网设备请求密钥信息; 并接收来自所述核心网设备的密钥 信息。
所述处理模块 12, 还用于当所述切换请求消息中不包含其他小 区的重建信息,并在用户设备成功切换到自身的小区或成功重建到自 身的小区时, 确定不向核心网设备请求密钥信息。
所述处理模块 12, 具体用于通过 Path Switch过程或安全参数更 新过程向所述核心网设备请求密钥信息。
本发明实施例中, 当所述用户设备从所述中继设备切换到其他设 备时, 还包括: 确定模块 13, 用于在准备重建小区时, 确定目标基 站的小区重建信息、 以及具有相同 eNB标识的小区重建信息。
其中, 本发明实施例的装置的各个模块可以集成于一体, 也可以 分离部署。 上述模块可以合并为一个模块, 也可以进一步拆分成多个 子模块。
实施例六
基于与上述方法同样的发明构思,本发明实施例中还提供了一种 基站设备, 如图 10所示, 该设备包括:
接收模块 21 , 用于接收切换请求消息;
解析模块 22, 用于解析所述切换请求消息中的重建信息; 处理模块 23, 用于当所述重建信息中包含自身管理小区的重建 信息, 并在用户设备成功重建到自身的小区时, 向核心网设备请求密 钥信息; 并接收来自所述核心网设备的密钥信息。
所述切换请求消息为来自核心网设备的切换请求消息时,所述基 站设备还包括: 发送模块 24, 用于当所述重建信息中包含自身管理 的其他中继设备的重建信息时,将所述切换请求消息发送给所述重建 信息中涉及的中继设备。
所述基站设备还包括: 删除模块 25 , 用于删除所述切换请求消 息中携带的所述 DeNB自身管理小区的重建信息。
所述切换请求消息为来自中继设备的切换请求消息或来自核心 网设备的切换请求消息, 所述基站设备还包括: 存储模块 26, 用于 保存所述重建信息中包含的自身管理小区的重建信息。
所述处理模块 23 , 具体用于通过 Path Switch过程或安全参数更 新过程向所述核心网设备请求密钥信息。
其中, 本发明实施例的装置的各个模块可以集成于一体, 也可以 分离部署。 上述模块可以合并为一个模块, 也可以进一步拆分成多个 子模块。
实施例七
基于与上述方法同样的发明构思,本发明实施例中还提供了一种 核心网设备, 如图 11所示, 该设备包括:
接收模块 31 , 用于接收请求密钥信息的消息;
计算模块 32, 用于根据请求密钥信息的消息计算密钥信息; 发送模块 33, 用于将所述密钥信息发送给请求的节点。
所述接收模块 31 , 具体用于在 Path Switch过程中接收到请求密 钥信息的消息; 或者, 在安全参数更新过程中接收到请求密钥信息的 消息。
所述核心网设备还包括: 确定模块 34, 用于当用户设备的服务 基站或小区没有发生变化时, 确定不通知 SGW更新承载信息。
其中, 本发明实施例的装置的各个模块可以集成于一体, 也可以 分离部署。 上述模块可以合并为一个模块, 也可以进一步拆分成多个 子模块。
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解 到本发明实施例可借助软件加必需的通用硬件平台的方式来实现, 当 然也可以通过硬件, 但很多情况下前者是更佳的实施方式。基于这样 的理解,本发明实施例的技术方案本质上或者说对现有技术做出贡献 的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一 个存储介质中, 包括若干指令用以使得一台计算机设备 (可以是个人 计算机, 服务器, 或者网络设备等)执行本发明各个实施例所述的方 法。
本领域技术人员可以理解附图只是一个优选实施例的示意图,附 图中的模块或流程并不一定是实施本发明所必须的。
本领域技术人员可以理解实施例中的装置中的模块可以按照实 施例描述进行分布于实施例的装置中,也可以进行相应变化位于不同 于本实施例的一个或多个装置中。上述实施例的模块可以合并为一个 模块, 也可以进一步拆分成多个子模块。
上述本发明实施例序号仅仅为了描述, 不代表实施例的优劣。 以上公开的仅为本发明的几个具体实施例, 但是, 本发明并非局 限于此,任何本领域的技术人员能思之的变化都应落入本发明的保护 范围。

Claims

权利要求
1、 一种安全隔离的方法, 其特征在于, 该方法包括:
当中继设备接收到切换请求消息时,如果所述切换请求消息中包 含其他小区的重建信息,则在用户设备成功切换到自身的小区或成功 重建到自身的小区时, 所述中继设备向核心网设备请求密钥信息。
2、 如权利要求 1所述的方法, 其特征在于, 所述中继设备接收 到切换请求消息, 之后还包括:
如果所述切换请求消息中不包含其他小区的重建信息,则在用户 设备成功切换到自身的小区或成功重建到自身的小区时,所述中继设 备确定不向核心网设备请求密钥信息。
3、 如权利要求 1所述的方法, 其特征在于, 所述中继设备向核 心网设备请求密钥信息, 包括:
所述中继设备通过 Path Switch过程或安全参数更新过程向所述 核心网设备请求密钥信息。
4、 一种安全隔离的方法, 其特征在于, 该方法包括:
当施主基站 DeNB接收到切换请求消息时,所述 DeNB解析所述 切换请求消息中的重建信息;
如果所述重建信息中包含自身管理小区的重建信息, 当用户设备 成功重建到自身的小区时, 所述 DeNB向核心网设备请求密钥信息。
5、 如权利要求 4所述的方法, 其特征在于, 所述切换请求消息 为来自核心网设备的切换请求消息时, 该方法进一步包括:
如果所述重建信息中包含自身管理的其他中继设备的重建信息, 所述 DeNB 将所述切换请求消息发送给所述重建信息中涉及的中继 设备。
6、 如权利要求 5所述的方法, 其特征在于, 将所述切换请求消 息发送给所述重建信息中涉及的中继设备, 之前还包括:
所述 DeNB删除所述切换请求消息中携带的所述 DeNB自身管理 小区的重建信息。
7、 如权利要求 4所述的方法, 其特征在于, 所述切换请求消息 为来自中继设备的切换请求消息或来自核心网设备的切换请求消息; 所述 DeNB解析所述切换请求消息中的重建信息, 之后还包括: 所述 DeNB 保存所述重建信息中包含的自身管理小区的重建信
8、 如权利要求 4所述的方法, 其特征在于, 所述 DeNB向核心 网设备请求密钥信息, 包括:
所述 DeNB通过 Path Switch过程或安全参数更新过程向所述核 心网设备请求密钥信息。
9、 一种安全隔离的方法, 其特征在于, 该方法包括:
当核心网设备接收到请求密钥信息的消息时,所述核心网设备计 算密钥信息, 并将所述密钥信息发送给请求的节点。
10、 如权利要求 9所述的方法, 其特征在于, 所述核心网设备接 收到请求密钥信息的消息, 包括:
所述核心网设备在 Path Switch过程中接收到请求密钥信息的消 息; 或者, 所述核心网设备在安全参数更新过程中接收到请求密钥信 息的消息。
11、 如权利要求 9所述的方法, 其特征在于, 所述请求的节点为 中继设备或者 DeNB。
12、 如权利要求 9所述的方法, 其特征在于, 所述核心网设备接 收到请求密钥信息的消息, 之后还包括:
如果用户设备的服务基站或小区没有发生变化,所述核心网设备 确定不通知服务网关 SGW更新承载信息。
13、 一种中继设备, 其特征在于, 包括:
接收模块, 用于接收切换请求消息;
处理模块, 用于当所述切换请求消息中包含其他小区的重建信 息, 并在用户设备成功切换到自身的小区或成功重建到自身的小区 时, 向核心网设备请求密钥信息; 并接收来自所述核心网设备的密钥 信息。
14、 如权利要求 13所述的中继设备, 其特征在于,
所述处理模块,还用于当所述切换请求消息中不包含其他小区的 重建信息,并在用户设备成功切换到自身的小区或成功重建到自身的 小区时, 确定不向核心网设备请求密钥信息。
15、 如权利要求 13所述的中继设备, 其特征在于,
所述处理模块, 具体用于通过 Path Switch过程或安全参数更新 过程向所述核心网设备请求密钥信息。
16、 一种基站设备, 其特征在于, 包括:
接收模块, 用于接收切换请求消息;
解析模块, 用于解析所述切换请求消息中的重建信息; 处理模块, 用于当所述重建信息中包含自身管理小区的重建信 息, 并在用户设备成功重建到自身的小区时, 向核心网设备请求密钥 信息; 并接收来自所述核心网设备的密钥信息。
17、 如权利要求 16所述的基站设备, 其特征在于, 所述切换请 求消息为来自核心网设备的切换请求消息时, 所述基站设备还包括: 发送模块,用于当所述重建信息中包含自身管理的其他中继设备 的重建信息时,将所述切换请求消息发送给所述重建信息中涉及的中 继设备。
18、 如权利要求 17所述的基站设备, 其特征在于, 所述基站设 备还包括:
删除模块,用于删除所述切换请求消息中携带的所述 DeNB 自身 管理小区的重建信息。
19、 如权利要求 16所述的基站设备, 其特征在于, 所述切换请 求消息为来自中继设备的切换请求消息或来自核心网设备的切换请 求消息, 所述基站设备还包括:
存储模块,用于保存所述重建信息中包含的自身管理小区的重建 信息。
20、 如权利要求 16所述的基站设备, 其特征在于,
所述处理模块, 具体用于通过 Path Switch过程或安全参数更新 过程向所述核心网设备请求密钥信息。
21、 一种核心网设备, 其特征在于, 包括:
接收模块, 用于接收请求密钥信息的消息;
计算模块, 用于根据请求密钥信息的消息计算密钥信息; 发送模块, 用于将所述密钥信息发送给请求的节点。
22、 如权利要求 21所述的核心网设备, 其特征在于,
所述接收模块, 具体用于在 Path Switch过程中接收到请求密钥 信息的消息; 或者, 在安全参数更新过程中接收到请求密钥信息的消 23、 如权利要求 21所述的核心网设备, 其特征在于, 所述核心 网设备还包括:
确定模块, 用于当用户设备的服务基站或小区没有发生变化时, 确定不通知 SGW更新承载信息。
PCT/CN2012/070028 2011-01-11 2012-01-04 一种安全隔离的方法和设备 WO2012094958A1 (zh)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP12734180.8A EP2696613B1 (en) 2011-01-11 2012-01-04 Method and device for security isolation
US13/979,219 US9906950B2 (en) 2011-01-11 2012-01-04 Method and device for security isolation

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110004665.6 2011-01-11
CN2011100046656A CN102065424A (zh) 2011-01-11 2011-01-11 一种安全隔离的方法和设备

Publications (1)

Publication Number Publication Date
WO2012094958A1 true WO2012094958A1 (zh) 2012-07-19

Family

ID=44000475

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/070028 WO2012094958A1 (zh) 2011-01-11 2012-01-04 一种安全隔离的方法和设备

Country Status (4)

Country Link
US (1) US9906950B2 (zh)
EP (1) EP2696613B1 (zh)
CN (1) CN102065424A (zh)
WO (1) WO2012094958A1 (zh)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102065424A (zh) 2011-01-11 2011-05-18 大唐移动通信设备有限公司 一种安全隔离的方法和设备
US9213581B2 (en) * 2012-03-14 2015-12-15 Sap Se Method and system for a cloud frame architecture
CN103379564B (zh) * 2012-04-20 2016-08-03 电信科学技术研究院 一种小区内切换方法及装置
US9144003B2 (en) * 2012-05-02 2015-09-22 Qualcomm Incorporated Apparatus and method for a connected mode with reduced signaling
CN103686708B (zh) * 2012-09-13 2018-01-19 电信科学技术研究院 一种密钥隔离方法及设备
CN110730454B (zh) * 2013-07-25 2023-07-21 北京三星通信技术研究有限公司 一种移动通信系统中利用nh、ncc对解决安全问题的方法
US10542570B2 (en) * 2016-03-15 2020-01-21 Huawei Technologies Co., Ltd. System and method for relaying data over a communication network
US10615844B2 (en) 2016-03-15 2020-04-07 Huawei Technologies Co., Ltd. System and method for relaying data over a communication network
EP3565291B1 (en) * 2017-05-04 2021-07-07 Huawei Technologies Co., Ltd. Method and device for acquiring key and communication system
WO2018227480A1 (en) 2017-06-15 2018-12-20 Qualcomm Incorporated Refreshing security keys in 5g wireless systems
WO2019178722A1 (zh) * 2018-03-19 2019-09-26 Oppo广东移动通信有限公司 一种获取密钥的方法及装置、计算机存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009157549A1 (ja) * 2008-06-27 2009-12-30 株式会社エヌ・ティ・ティ・ドコモ 移動通信方法及び移動局
CN101772100A (zh) * 2008-12-29 2010-07-07 中国移动通信集团公司 LTE系统中基站eNB切换时的密钥更新方法、设备及系统
CN101827428A (zh) * 2010-04-22 2010-09-08 新邮通信设备有限公司 减小无线链路失败时数据丢失的方法及中继
CN102065424A (zh) * 2011-01-11 2011-05-18 大唐移动通信设备有限公司 一种安全隔离的方法和设备

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6587680B1 (en) * 1999-11-23 2003-07-01 Nokia Corporation Transfer of security association during a mobile terminal handover
CN101631306A (zh) * 2009-08-17 2010-01-20 中兴通讯股份有限公司 空口密钥的更新方法、终端以及基站
CN102118812B (zh) * 2009-12-31 2014-07-30 华为技术有限公司 中继网络中的切换方法和系统、中继站、控制基站及基站

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009157549A1 (ja) * 2008-06-27 2009-12-30 株式会社エヌ・ティ・ティ・ドコモ 移動通信方法及び移動局
CN101772100A (zh) * 2008-12-29 2010-07-07 中国移动通信集团公司 LTE系统中基站eNB切换时的密钥更新方法、设备及系统
CN101827428A (zh) * 2010-04-22 2010-09-08 新邮通信设备有限公司 减小无线链路失败时数据丢失的方法及中继
CN102065424A (zh) * 2011-01-11 2011-05-18 大唐移动通信设备有限公司 一种安全隔离的方法和设备

Also Published As

Publication number Publication date
CN102065424A (zh) 2011-05-18
EP2696613A1 (en) 2014-02-12
EP2696613B1 (en) 2020-03-11
EP2696613A4 (en) 2017-04-05
US9906950B2 (en) 2018-02-27
US20130288642A1 (en) 2013-10-31

Similar Documents

Publication Publication Date Title
US11477712B2 (en) Maintaining communication and signaling interfaces through a network role transition
WO2012094958A1 (zh) 一种安全隔离的方法和设备
KR101607738B1 (ko) 다중 핸드오버 준비의 향상
US10798619B2 (en) Method and apparatus for performing handover of user equipment in wireless communication system supporting dual connectivity
US9769709B2 (en) Handover method, communication device and communication system
US9179376B2 (en) Relay node handover method, base station, and communication system
CN103442397B (zh) Lte-a中继系统的基于辅助载波的协作切换方法
EP2897398B1 (en) Key isolation method and device
WO2012089033A1 (zh) 重建准备信息发送及获取方法、系统和装置
JP7483898B2 (ja) 通信方法及び装置
EP3982694B1 (en) Multi-connectivity communication methods, access network device, user equipment and compter readable storage medium
US20210315040A1 (en) Method and apparatus for handling radio link failure
EP4013119A1 (en) Device and method for supporting conditional handover in wireless communication system
US20220141732A1 (en) Method and apparatus for reporting assistant information
CN108781376A (zh) 数据传输方法、用户设备及接入网设备
US20180049090A1 (en) Method for Transmitting Data during Base Station Handover, User Equipment, Base Station, and Storage Medium
WO2012100626A1 (zh) 一种基于中继设备切换的资源处理方法和设备
WO2011098001A1 (zh) 切换小区时避免路径转换的方法、系统和设备
WO2016161785A1 (zh) 跨MeNB切换方法、装置及基站
WO2011006445A1 (zh) 一种中继切换方法、系统和设备
WO2014117630A1 (zh) 一种实现x2代理的方法及系统
WO2022082690A1 (zh) 群组切换的方法、装置和系统
WO2012152147A1 (zh) 一种gtp-u隧道错误处理方法及装置
WO2012142824A1 (zh) 小区切换方法及系统
WO2011079818A1 (zh) 一种通信系统切换准备方法、中继节点、通信系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12734180

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 13979219

Country of ref document: US

WWE Wipo information: entry into national phase

Ref document number: 2012734180

Country of ref document: EP