WO2013060154A1 - Procédé et dispositif de mise à jour d'une clé de pws - Google Patents

Procédé et dispositif de mise à jour d'une clé de pws Download PDF

Info

Publication number
WO2013060154A1
WO2013060154A1 PCT/CN2012/077423 CN2012077423W WO2013060154A1 WO 2013060154 A1 WO2013060154 A1 WO 2013060154A1 CN 2012077423 W CN2012077423 W CN 2012077423W WO 2013060154 A1 WO2013060154 A1 WO 2013060154A1
Authority
WO
WIPO (PCT)
Prior art keywords
pws key
pws
key
updated
network side
Prior art date
Application number
PCT/CN2012/077423
Other languages
English (en)
Chinese (zh)
Inventor
李阳
冯成燕
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2013060154A1 publication Critical patent/WO2013060154A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/90Services for handling of emergency or hazardous situations, e.g. earthquake and tsunami warning systems [ETWS]

Definitions

  • the present invention relates to the field of communications, and in particular to a method and apparatus for updating a public alert system (PWS) key.
  • PWS public alert system
  • 3GPP 3rd Generation Partnership Project
  • PWS Public Alert System
  • CBS Cell Broadcast Service
  • GSM Global System of Mobile communication
  • UMTS Universal Mobile Telecommunications System
  • LTE Long Term Evolution
  • CBS Cell Broadcast Service
  • the functions of each network element are as follows: Cell Broadcast Entity (CBE): A communication network that is not defined by 3GPP.
  • the CBE is responsible for formatting the Cell Broadcast Service (CBS), including dividing the CBS message into different pages.
  • the Cell Broadcast Center (CBC) is a part of the core network and can be connected to multiple CBEs.
  • the CBC is responsible for the management of CBS messages, including: determining the time when the CBS message starts broadcasting; determining the time when the CBS message stops broadcasting, and Instructing each BSC/RNC to stop broadcasting CBS messages; determining a time interval during which CBS messages are repeatedly broadcasted; determining a cell broadcast channel for broadcasting CBS messages, etc.
  • BSC Base The Station Controller
  • RNC Radio Network Controller
  • MME Mobility Management Entity
  • the CBC After receiving the alarm information sent by the CBE, the CBC configures and encapsulates it, and sends it to the BSC (GSM system) and RNC (UMTS system) of the affected area.
  • MME LTE system
  • BSC/RNC/MME forwards it to the base station (GSM system is BTS, UMTS) System is B, LTE systems e B) broadcast to the user.
  • the currently defined CBS services are all sent on the broadcast channel.
  • the broadcast channel does not have any security protection. An attacker can tamper with an alert message, or after receiving an alert message, replay in the same region or at another location at other times, causing unnecessary panic and confusion in the public.
  • 3GPP decided to secure the PWS by introducing a signature algorithm and a key management scheme by using a digital signature field and a timestamp.
  • the terminal When the terminal receives the broadcasted alert message, it will first authenticate the message, and only if the authentication succeeds, it is considered to be a valid alert message.
  • the verifier needs to obtain the signer's key, which is usually a public key and needs to be guaranteed to be valid. That is, for the UE, it is necessary to obtain a signed key.
  • the key In order to ensure the freshness and security of the key, the key generally has an effective life cycle. During this life cycle, the key can be used normally.
  • the present invention provides a method and apparatus for updating a PWS key to at least solve the problem of the technical solution that the PWS key is not updated in the related art.
  • a method of updating a PWS key is provided.
  • the method for updating the PWS key according to the present invention includes: when the preset condition is met, the UE receives the updated PWS key sent by the network side device through the non-access stratum downlink message; the UE adopts the received PWS key.
  • the PWS key information includes a PWS key.
  • the PWS key information further includes an identifier of the PWS key.
  • the method further includes: the UE saves the PWS secret.
  • the ID of the key includes one of the following: the predetermined duration is reached; the network side device receives the key update message sent by the cell broadcast center CBC, where the key update message includes: the updated PWS key and the PWS The identity of the key.
  • the method further includes: the UE receiving the identifier of the updated PWS key sent by the network side device; and determining, by the UE, the saved PWS key Whether the identifier of the received updated PWS key is included in the identifier, if it is included, the update is successful.
  • the manner in which the network side device sends the identifier of the updated PWS key includes: a broadcast message delivery mode.
  • the method when the UE determines whether the identifier of the received PWS key includes the identifier of the received updated PWS key, the method further includes: if the identifier of the PWS key saved by the UE does not include the received update The identifier corresponding to the PWS key, the UE initiates a PWS key update procedure, and requests the updated PWS key to the network side device.
  • the UE initiates a PWS key update process, and the requesting the updated PWS key to the network side device includes: the UE sends a request message for updating the current PWS key to the network side device, where the request message carries the updated PWS The identifier of the key; the UE receives the updated PWS key delivered by the network side device.
  • the method further includes: receiving, by the UE, The PWS message delivered by the network side device, where the PWS message is encrypted by using the updated PWS key.
  • the method further includes: receiving, by the UE, a PWS message sent by the network side device, where the PWS message is an updated PWS key.
  • the key is encrypted; the UE receives the identifier of the updated PWS key sent by the network side device; in the case that the UE fails to authenticate the PWS message by using the current PWS key, the UE sends the updated current PWS to the network side device.
  • the request message of the key wherein the request message carries an identifier of the updated PWS key; the UE receives the updated PWS key delivered by the network side device.
  • the non-access stratum downlink message includes: an advertisement message.
  • the method for updating the PWS key includes: when the preset condition is met, the network side device is triggered to send the updated PWS key; and the network side device sends the updated PWS key to the UE by using the non-access stratum downlink message. So that the UE updates the current PWS key information with the received PWS key, wherein the PWS key information includes a PWS key.
  • the PWS key information further includes an identifier of the PWS key.
  • the method further includes: the UE saves the PWS secret. The ID of the key.
  • the preset condition includes one of the following: the predetermined duration is reached; the network side device receives the key update message sent by the cell broadcast center CBC, where the key update message includes: the updated PWS key and the PWS The identity of the key.
  • the method further includes: sending, by the network side device, an identifier of the updated PWS key.
  • the manner in which the network side device delivers the updated PWS key includes: a broadcast message delivery mode.
  • the method further includes:
  • the updated PWS key sent by the network side device is not included in the identifier of the PWS key saved by the UE, and the UE initiates a PWS key update process, and requests the updated PWS key from the network side device.
  • the UE initiates a PWS key update procedure, and requesting the updated PWS key from the network side device includes: the network side device receives a request message for updating the current PWS key from the UE, where the request message carries an update.
  • the identifier of the PWS key the network side device delivers the updated PWS key.
  • the method further includes: sending, by the network side device, the PWS message Wherein, the PWS message is encrypted using the updated PWS key.
  • the method when the UE uses the received PWS key to update the current PWS key to be abnormal, the method further includes: the network side device sends a PWS message, where the PWS message is encrypted by using the updated PWS key; The network side device sends an identifier of the updated PWS key, where the UE fails to use the current PWS key to authenticate the PWS message, the network side device receives the request message for updating the current PWS key from the UE, where The request message carries an identifier of the updated PWS key; the network side device delivers the updated PWS key.
  • the non-access stratum downlink message includes: an advertisement message.
  • the device for updating the PWS key includes: a first receiving module, configured to receive an updated PWS key sent by the network side device through the non-access stratum downlink message when the preset condition is met; And being configured to update current PWS key information by using the received PWS key, wherein the PWS key information includes a PWS key.
  • the PWS key information further includes an identifier of the PWS key
  • the apparatus further includes: a saving module, configured to save the identifier of the PWS key.
  • the method further includes: a second receiving module, configured to receive an identifier of the updated PWS key sent by the network side device; and a determining module, configured to determine whether the identifier of the saved PWS key includes the received The identifier of the updated PWS key, if included, the update is successful.
  • the method further includes: a sending module, configured to send, to the network side device, a request message for updating the current PWS key, when the output of the determining module is negative or the first receiving module or the updating module performs an operation abnormality, where The request message carries an identifier of the updated PWS key; the third receiving module is configured to receive the updated PWS key delivered by the network side device.
  • the method further includes: a fourth receiving module, configured to receive a PWS message sent by the network side device, where the PWS message is encrypted by using an updated PWS key.
  • a fourth receiving module configured to receive a PWS message sent by the network side device, where the PWS message is encrypted by using an updated PWS key.
  • an apparatus for updating a PWS key is provided.
  • the device for updating the PWS key according to the present invention includes: a triggering module, configured to trigger the network side device to send the updated PWS key when the preset condition is met; and the first sending module is configured to send the downlink message through the non-access stratum
  • the updated PWS key is sent, so that the UE updates the current PWS key information by using the received PWS key, where the PWS key information includes a PWS key.
  • the method further includes: a second sending module, configured to send the identifier of the updated PWS key.
  • the method further includes: a fifth receiving module, configured to receive a request message for updating the current PWS key from the UE, where the request message carries the updated PWS key
  • the third sending module is configured to deliver the updated PWS key.
  • the method further includes: a fourth sending module, configured to send a PWS message, where the PWS message is encrypted by using the updated PWS key.
  • FIG. 1 is a schematic diagram of a network architecture of a PWS in a 3GPP network according to the related art
  • FIG. 2 is a flowchart of a method for updating a PWS key according to a first embodiment of the present invention
  • FIG. 3 is a PWS key according to an example 1 of the present invention.
  • FIG. 4 is a flowchart of a method for updating a PWS key according to Example 2 of the present invention
  • FIG. 5 is a flowchart of a method for updating a PWS key according to Example 3 of the present invention
  • FIG. 6 is a flowchart according to the present invention.
  • FIG. 7 is a flowchart of a method for updating a PWS key according to Embodiment 2 of the present invention
  • FIG. 8 is a flowchart of an apparatus for updating a PWS key according to Embodiment 1 of the present invention
  • FIG. 9 is a block diagram showing a structure of an apparatus for updating a PWS key according to a preferred embodiment of the present invention.
  • FIG. 10 is a block diagram showing a structure of an apparatus for updating a PWS key according to a second embodiment of the present invention.
  • BEST MODE FOR CARRYING OUT THE INVENTION will be described in detail with reference to the accompanying drawings. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict.
  • 2 is a flow chart of a method for updating a PWS key according to a first embodiment of the present invention. As shown in FIG.
  • Step S202 When the preset condition is met, the UE receives the updated PWS key information sent by the network side device by using the non-access stratum downlink message, where The PWS key information includes a PWS key; Step S204: The UE updates the current PWS key by using the received PWS key.
  • the method shown in FIG. 2 is adopted, and when the preset condition is met, the network side device receives the updated PWS key by using the updated PWS key delivered by the non-access stratum downlink message; and adopts the received PWS.
  • the key updates the current PWS key, which solves the problem that the related art lacks the technical solution for updating the PWS key, and realizes the security protection of the PWS by real-time updating of the PWS key.
  • the PWS key information further includes an identifier of the PWS key, and after the UE receives the updated PWS key information sent by the network side device by using the non-access stratum downlink message, the method further includes: the UE saving the PWS key Logo.
  • the non-access stratum downlink message may include, but is not limited to: an announcement message.
  • the foregoing preset condition may include but is not limited to one of the following:
  • the predetermined duration may be preset by using a timer or the like for the usage period of the PWS key;
  • the network side device receives the key update message delivered by the cell broadcast center (CBC), where the key update message includes: the updated PWS key and the identifier of the PWS key.
  • the following processing may also be included:
  • the UE receives an identifier of the updated PWS key delivered by the network side device
  • the UE determines whether the identifier of the stored PWS key includes the identifier of the received updated PWS key, and if yes, the update succeeds.
  • the manner in which the network side device sends the updated PWS key may include, but is not limited to, a broadcast message sending manner.
  • the following processing may be further included: if the PWS secret saved by the UE The identifier of the key does not include the identifier corresponding to the received PWS key, and the UE initiates a PWS key update procedure, and requests the network side device to update the PWS key.
  • the UE initiates a PWS key update procedure, and the requesting the updated PWS key to the network side device may include the following processing: (1) The UE sends a request message for updating the current PWS key to the network side device, where the request message carries The identifier of the updated PWS key; (2) The UE receives the updated PWS key delivered from the network side device.
  • the UE can accurately determine whether the update is successful. If the identifier of the updated PWS key is consistent with the identifier of the received updated PWS key, the update is successful; if the updated PWS key is identified and received If the identifiers of the updated PWS keys are inconsistent, the subsequent operations may be continued.
  • FIG. 3 is a flow chart of a method for updating a PWS key according to Example 1 of the present invention. As shown in FIG. 3, this example shows a process in which a network side device actively sends an updated PWS key to a UE. This flow gives a flow chart of the LTE network, which is similar for the GSM/UMTS network, as long as the MME is replaced by the SGSN.
  • Step S302 The CBC sends a PWS key (key) to be updated to the network side device (for example, the MME) and the The identifier of the PWS key (key id);
  • Step S304 After receiving the delivered key message, the MME saves the key and sends a response message to the CBC.
  • Steps S302 and S304 are an MME trigger.
  • the case of the key update may also include other situations, such as the expiration of the key usage period in the MME, and the subsequent examples are the same;
  • Step S306 The MME prepares to actively send the updated PWS key to the UE.
  • the MME directly sends the NAS layer connection, and then the MME first sends the PWS key information, including the key and the NAS, to the UE.
  • the corresponding key ID may be a notification message (NOTIFICATION) or the like;
  • Step S310 The UE updates the locally saved current key information by using the newly received key information.
  • Step S312 After the MME sends the PWS key information, the interval is separated. After the time, the current PWS key ID is broadcast to the UE through the base station device.
  • the interval may be determined by a specific device by using a timer or other methods, and the interval time is determined by a specific device.
  • Step S314 After receiving the broadcast PWS ID, the UE determines whether the locally saved and the received ones are consistent. Then the PWS key update is successful.
  • Example 2 Figure 4 is a flow chart of a method for updating a PWS key according to Example 2 of the present invention. As shown in FIG. 4, the example shows that the network actively sends an updated PWS key to the terminal, and the UE does not successfully receive the exception handling process. This flow gives a flow chart of the LTE network. It is similar for the GSM/UMTS network, as long as the MME is replaced with the SGSN. The specific steps are as follows: Step S402: The CBC sends a PWS key (key) and an identifier (key id) of the PWS key to the MME.
  • Step S404 After receiving the issued key message, the MME saves the key. Key information, and send a response message to the CBC; Step S406: The MME prepares to actively send the updated PWS key to the UE. If the NAS layer connection of the UE exists in the MME, the PWS key is directly sent; otherwise, the MME first triggers the establishment of the NAS layer connection, and then sends the same; Step S408: The MME sends the PWS key to the UE by using the non-access stratum (NAS layer) message. Information, including the key and the corresponding key ID. For example, the NAS layer message may be an announcement message NOTIFICATION or the like; Step S410: The UE updates the locally saved information using the newly received key.
  • NAS layer may be an announcement message NOTIFICATION or the like.
  • Step S412 After the PGW sends the PWS key information, the MME broadcasts the current PWS key ID to the UE through the base station device.
  • the time interval may be a timer mode, and the interval time is determined by a specific device.
  • Step S414 After receiving the broadcast PWS ID, the UE determines that the local save is inconsistent with the received one, possibly due to step S408 and / or step S410 abnormally caused;
  • Step S416 After the UE is separated for a period of time, the tracking area update message requests to update the PWS key, and the message carries the PWS key id to be requested. If it is a GERAN/UMTS network, the location area or the router is used to update the message.
  • Step S418 After receiving the request message, the network side device sends a corresponding PWS key response message to the UE according to the PWS key id. As can be seen, FIG.
  • FIG. 3 shows a case where the UE successfully updates the current PWS key with the received PWS key in step S204
  • FIG. 4 shows that the UE adopts the received PWS key update in step S204.
  • the current PWS key is abnormal, that is, no update is successful.
  • the following processing may be further included: the UE receives the The PWS message delivered by the network side device, where the PWS message is encrypted by using the updated PWS key.
  • Example 3 is a flow chart of a method for updating a PWS key according to Example 3 of the present invention. As shown in FIG. 5, this embodiment shows that the network actively sends updated PWS key information to the terminal, and the process of receiving the PWS message is received after the PWS key of the UE has not been updated successfully.
  • This flow gives a flow chart of the LTE network. It is similar to the GSMAJMTS network, as long as the MME is replaced by the SGSN.
  • the specific steps are as follows: Step S502: The CBC sends a PWS key (key) and an identifier (key id) of the PWS key to the MME. Step S504: After receiving the issued key message, the MME saves the key.
  • Step S506 The MME prepares to actively send the updated PWS key to the UE. If the NAS layer connection of the UE exists in the MME, the MME directly sends the NAS layer connection, and then the MME first sends the PWS key information to the UE, including the key and the NAS. The corresponding key ID.
  • the NAS layer message may be an advertisement message NOTIFICATION or the like;
  • Step S510 The UE updates the locally saved information by using the newly received key information.
  • Step S512 After the MME sends the PWS key information, after a period of time, The current PWS key ID is broadcast to the UE by the base station device.
  • Step S514 After receiving the broadcast PWS ID, the UE determines that the local save is inconsistent with the received one;
  • Step S516 The UE receives the PWS message sent by the network side, and the PWS message is signed with the latest key. It should be noted that: Step S516 can occur at any time between step S512 and step S518.
  • Step S518 After receiving the PWS message, the UE stops the current processing and starts the process of requesting the PWS key by the UE. It should be noted that: the UE uses the tracking area update message to request to update the PWS key, and the message carries the PWS key id to be requested.
  • Step S520 After receiving the request message, the network side sends the corresponding PWS key to the UE according to the PWS key id.
  • the following processing may also be included:
  • the UE receives the PWS message sent by the network side device, where the PWS message is encrypted by using the updated PWS key;
  • the UE receives the identifier of the updated PWS key sent by the network side device; (3) in the case that the UE fails to authenticate the PWS message by using the current PWS key, the UE sends the update current to the network side device. a request message of the PWS key, where the request message carries an identifier of the updated PWS key;
  • FIG. 6 is a flow chart of a method for updating a PWS key according to Example 4 of the present invention. As shown in FIG. 6, this embodiment shows a process in which the network actively sends updated PWS key information to the terminal, and the UE receives the PWS message without successfully receiving the updated PWS key information.
  • This flow gives a flow chart of the LTE network. It is similar for the GSM/UMTS network, as long as the MME is replaced by the SGSN.
  • the specific steps are as follows: Step S602: The CBC sends a PWS key (key) to be updated and an identifier of the PWS key to the MME.
  • Step S604 After receiving the delivered key message, the MME saves the key information and sends a response message to the CBC.
  • Step S606 The MME prepares to actively send the updated PWS key to the UE. If the NAS layer connection of the UE exists in the MME, the MME directly sends the NAS layer connection, and then the MME first sends the PWS key information, including the key and the NAS, to the UE.
  • the corresponding key ID may be an announcement message NOTIFICATION or the like;
  • Step S610 The UE updates the locally saved information by using the newly received key information.
  • Step S608 An abnormality occurs in step S608 or step S610.
  • an abnormal situation occurs in which the UE does not receive the NAS layer message or the received content is incorrect.
  • Step S612 The UE receives the PWS message sent by the network side, and the PWS message is signed with the latest key.
  • Step S616 can occur at any time between step S608 and step S612.
  • Step S614 After the PGW sends the PWS key information, the MME broadcasts the current PWS key ID to the UE through the base station device. The interval may be in a timer mode, and the interval time is determined by a specific device.
  • Step S616 After receiving the PWS message, the UE stops the current processing and starts the process of requesting the PWS key by the UE. It should be noted that: the UE uses the tracking area update message to request to update the PWS key, and the message carries the PWS key id to be requested. If it is a GERAN/UMTS network, the location area or the router is used to update the message. Step S618: After receiving the request message, the network side sends the corresponding PWS key to the UE according to the PWS key id.
  • FIG. 7 is a flowchart of a method for updating a PWS key according to Embodiment 2 of the present invention. As shown in FIG.
  • Step S702 When a preset condition is met, the network side device is triggered to send updated PWS key information, where the PWS key information includes a PWS key;
  • Step S704 The network side device sends the updated PWS key to the UE by using the non-access stratum downlink message, so that the UE updates the current PWS key by using the received PWS key.
  • the PWS key information includes a PWS key
  • Step S704 The network side device sends the updated PWS key to the UE by using the non-access stratum downlink message, so that the UE updates the current PWS key by using the received PWS key.
  • the network side device when the preset condition is met, the network side device is triggered to send the updated PWS key; the network side device sends the updated PWS key to the UE through the non-access stratum downlink message, so that The UE uses the received PWS key to update the current PWS key, and solves the problem that the related technology does not involve updating the PWS key, and implements the real-time update of the PWS key to strengthen the security protection of the PWS.
  • the PWS key information further includes an identifier of the PWS key, and after the UE receives the updated PWS key information sent by the network side device by using the non-access stratum downlink message, the method further includes: the UE saving the PWS key Logo.
  • the non-access stratum downlink message may include, but is not limited to: an announcement message.
  • the foregoing preset condition may include but is not limited to one of the following:
  • the predetermined duration may be preset by using a timer or other means for the usage period of the PWS key
  • the network side device receives the key update message sent by the cell broadcast center CBC, where the key update message includes: the updated PWS key and the identifier of the PWS key.
  • the method further includes: sending, by the network side device, an identifier of the updated PWS key.
  • the identifier ID of the current PWS key of the UE is consistent with the identifier ID of the PWS key sent by the network side device, it indicates that the UE updates the PWS key successfully.
  • the manner in which the network side device sends the updated PWS key may include, but is not limited to, a broadcast message delivery mode. For further description of the above preferred embodiments, reference may be made to FIG.
  • the method may further include: if the identifier of the PWS key saved by the UE does not include the The updated PWS key, the UE initiates a PWS key update procedure, and requests the updated PWS key from the network side device.
  • the UE initiates a PWS key update procedure, and requesting the updated PWS key from the network side device may include the following processing:
  • the network side device receives the request message for updating the current PWS key from the UE, where the request message carries the identifier of the updated PWS key; (2) the network side device delivers the updated PWS key.
  • the network side device may further include: sending, by the network side device, a PWS message, Among them, the PWS message is encrypted with the updated PWS key.
  • the following processing may also be included:
  • the network side device delivers the PWS message, where the PWS message is encrypted by using the updated PWS key; (2) the identifier of the updated PWS key sent by the network side device;
  • the network side device receives a request message for updating the current PWS key from the UE, where the request message carries the updated PWS key.
  • FIG. 8 is a structural block diagram of an apparatus for updating a PWS key according to Embodiment 1 of the present invention.
  • the device for updating the PWS key may include: a first receiving module 800, configured to receive an updated PWS sent by a network side device through a non-access stratum downlink message when the preset condition is met. Key information, wherein the PWS key information includes a PWS key; and the updating module 802 is configured to update the current PWS key with the received PWS key.
  • the network side device receives the updated PWS key sent by the non-access stratum downlink message, and the first receiving module 800 receives the PWS key.
  • the update module 802 updates the current PWS key by using the received PWS key, thereby solving the problem that the related technology does not involve updating the PWS key, and realizing the security of the PWS by real-time updating of the PWS key. protection.
  • the foregoing apparatus may further include: a saving module 814, configured to save an identifier of the PWS key.
  • the non-access stratum downlink message may include, but is not limited to: an announcement message.
  • the preset condition may include, but is not limited to, one of the following: (1) reaching a predetermined duration; in a specific implementation process, the predetermined duration may be preset by using a timer or the like for the usage period of the PWS key;
  • the network side device receives the key update message delivered by the cell broadcast center (CBC), where the key update message includes: the updated PWS key and the identifier of the PWS key.
  • the foregoing apparatus may further include: a second receiving module 804, configured to receive an identifier of an updated PWS key sent by the network side device; and a determining module 806, configured to determine the saved Whether the identifier of the updated PWS key is included in the identifier of the PWS key, and if included, the update is successful.
  • the manner in which the network side device sends the updated PWS key may include, but is not limited to, a broadcast message sending manner.
  • the foregoing apparatus may further include: a sending module 808, configured to: when the output of the determining module is negative or the operation of the first receiving module or the updating module is abnormal, The network side device sends a request message for updating the current PWS key, where the request message carries an identifier of the updated PWS key; and the third receiving module 810 is configured to receive the device from the network side device.
  • the foregoing apparatus may further include: a fourth receiving module 812, configured to receive a PWS message sent by the network side device, where the PWS message is encrypted by using an updated PWS key. of.
  • the device may decrypt the PWS by using the updated key. If the first receiving module 800 or the updating module 802 works abnormally, and the updating module 802 does not update the PWS key, the PWS message sent by the network receiving device received by the fourth receiving module 812 needs to be in the following two manners.
  • mode 1 if the fourth receiving module 812 receives the PWS message sent from the network side device, and before the second receiving module 804 receives the identifier of the updated PWS key sent by the network side device, The determining module 806 stops working, and the sending module 808 sends a request message for updating the current PWS key to the network side device, and the third receiving module 810 receives the updated PWS key sent by the network side device.
  • FIG. 10 is a structural block diagram of an apparatus for updating a PWS key according to Embodiment 2 of the present invention. As shown in FIG.
  • the device for updating the PWS key may include: a triggering module 1000, configured to trigger the network side device to send updated PWS key information when the preset condition is met, where the PWS key information includes The first sending module 1002 is configured to send the updated PWS key through the non-access stratum downlink message, so that the UE updates the current PWS key by using the received PWS key.
  • the triggering module 1000 triggers the network side device to send the updated PWS key; the first sending module 1002 sends the downlink message through the non-access stratum.
  • the updated PWS key is used to enable the UE to update the current PWS key by using the received PWS key, thereby solving the problem that the related technology does not involve updating the PWS key, and realizing the real-time update by the PWS key.
  • the foregoing non-access stratum downlink message may include, but is not limited to: an advertisement message.
  • the foregoing preset condition may include but is not limited to one of the following:
  • the network side device receives the key update message delivered by the cell broadcast center (CBC), where the key update message includes: the updated PWS key and the identifier of the PWS key.
  • the foregoing apparatus may further include: a second sending module 1004, configured to send an identifier of the updated PWS key.
  • the manner in which the network side device sends the updated PWS key may include, but is not limited to, a broadcast message sending manner.
  • FIG. 11 the manner in which the network side device sends the updated PWS key may include, but is not limited to, a broadcast message sending manner.
  • the apparatus may further include: a fifth receiving module 1006, configured to receive a request message from the UE for updating a current PWS key, where the request message carries an updated PWS key
  • the third sending module 1008 is configured to deliver the updated PWS key.
  • the foregoing apparatus may further include: a fourth sending module 1010, configured to send
  • a PWS message wherein the PWS message is encrypted using an updated PWS key.
  • the PWS message sent by the fourth sending module 1010 may be sent by the first sending module 1002 to send an updated PWS key through the non-access stratum downlink message, and the fifth receiving module 1006 receives the update from the UE. Any moment between the request message of the current PWS key. From the above description, it can be seen that the present invention achieves the following technical effects: Before the current PWS key usage period expires, the current PWS key is updated, and the new PWS key can be successfully enabled, and the solution is solved.
  • the related art does not address the problem of how to update the PWS key, thereby achieving the effect of enhancing the security protection of the PWS by real-time updating of the PWS key.
  • modules or steps of the present invention can be implemented by a general-purpose computing device, which can be concentrated on a single computing device or distributed over a network composed of multiple computing devices.
  • they may be implemented by program code executable by the computing device, such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps are fabricated as a single integrated circuit module.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Environmental & Geological Engineering (AREA)
  • Public Health (AREA)
  • Emergency Management (AREA)
  • Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé et un dispositif pour mettre à jour une clé de système d'avertissement public (PWS). Selon ledit procédé, lorsqu'une condition préétablie est satisfaite, un équipement utilisateur (UE) reçoit une clé de PWS mise à jour à partir d'un dispositif côté réseau par l'intermédiaire d'un message NAS de liaison descendante ; l'UE met à jour la clé de PWS courante avec la clé de PWS reçue. Selon la solution technique fournie par la présente invention, la protection de sécurité PWS est améliorée par mise à jour de la clé de PWS en temps réel.
PCT/CN2012/077423 2011-10-25 2012-06-25 Procédé et dispositif de mise à jour d'une clé de pws WO2013060154A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2011103277436A CN103079197A (zh) 2011-10-25 2011-10-25 Pws密钥的更新方法及装置
CN201110327743.6 2011-10-25

Publications (1)

Publication Number Publication Date
WO2013060154A1 true WO2013060154A1 (fr) 2013-05-02

Family

ID=48155581

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/077423 WO2013060154A1 (fr) 2011-10-25 2012-06-25 Procédé et dispositif de mise à jour d'une clé de pws

Country Status (2)

Country Link
CN (1) CN103079197A (fr)
WO (1) WO2013060154A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103888261B (zh) * 2014-03-24 2017-10-27 北京智谷睿拓技术服务有限公司 证书更新方法及装置
CN107800502B (zh) * 2016-08-31 2019-05-31 深圳市中兴微电子技术有限公司 加解密模式间切换的方法及装置
CN110234102B (zh) * 2018-07-13 2020-12-29 Oppo广东移动通信有限公司 通信方法和设备

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010118571A1 (fr) * 2009-04-15 2010-10-21 华为技术有限公司 Procédé, appareil et système de réception de messages de système d'alerte publique (pws)
CN101959134A (zh) * 2009-07-13 2011-01-26 华为技术有限公司 公共报警系统pws消息的发送、接收方法、装置和系统

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010118571A1 (fr) * 2009-04-15 2010-10-21 华为技术有限公司 Procédé, appareil et système de réception de messages de système d'alerte publique (pws)
CN101959134A (zh) * 2009-07-13 2011-01-26 华为技术有限公司 公共报警系统pws消息的发送、接收方法、装置和系统

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
ZTE CORPORATION.: "PWS Key Update Improvements", 3GPP TSG-SA3 (SECURITY) SA3#64, 15 July 2011 (2011-07-15), pages 3 - 110703 *

Also Published As

Publication number Publication date
CN103079197A (zh) 2013-05-01

Similar Documents

Publication Publication Date Title
WO2018171703A1 (fr) Procédé et dispositif de communication
US20150319172A1 (en) Group authentication and key management for mtc
KR101600220B1 (ko) 공공 경보 메시지들의 검증을 위한 공개 키들의 관리
US20140150064A1 (en) Authentication of Warning Messages in a Network
CN102457844A (zh) 一种m2m组认证中组密钥管理方法及系统
JP2021525987A (ja) ネットワーク合法性の検証方法と装置、コンピュータ記憶媒体
WO2010028603A1 (fr) Procédé et système pour générer une clé pendant la mise à jour d'une zone de suivie
WO2013107152A1 (fr) Système, dispositif et procédé de vérification d'informations de signature pws
WO2013060154A1 (fr) Procédé et dispositif de mise à jour d'une clé de pws
US20150236851A1 (en) Method and apparatus for updating ca public key, ue and ca
WO2012167637A1 (fr) Procédé et entité de réseau pour envoyer un message de clé secrète de système d'avertissement destiné au public à un terminal
JP5147450B2 (ja) ページング信号送信方法及び移動局
CN102833743B (zh) 公共警报系统密钥更新信息的发送、更新方法和相应设备
EP2490472B1 (fr) Communiquer des fonctions de réseau pendant une procédure de mise à jour de zone de routage
CN101990768A (zh) 同时报告信息通知方法、移动台以及认证机构系统
US20160198432A1 (en) Paging procedure in a control node
US10827347B1 (en) Dynamic identities in a mobile device
WO2013004103A1 (fr) Procédé de mise à jour pour clé pws dans un système de communication sans fil, appareil côté réseau et terminal
US20150296375A1 (en) Methods, devices, and computer program products improving the public warning system for mobile communication
CN111132167B (zh) 5g用户终端接入5g网络的方法、用户终端设备及介质
WO2012171392A1 (fr) Procédé et système de configuration d'informations de clé de système d'alerte publique dans un système de communication sans fil
KR20140039674A (ko) 이동 통신 시스템에서 단말의 보안 관리 방법 및 장치
WO2013117070A1 (fr) Procédé, dispositif et système d'envoi d'informations de sécurité d'un système d'alarme public
WO2012174874A1 (fr) Procédé pour envoyer et mettre à jour des informations de mise à jour de clé de système de mise en garde du public, et dispositif correspondant
WO2014162691A1 (fr) Système de communication cellulaire, station mobile, station de base et nœud de commande, et procédé les concernant

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12844507

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12844507

Country of ref document: EP

Kind code of ref document: A1