WO2014196983A1 - Etablissement de communication en utilisant des identifiants pour un environnement dispositif à dispositif - Google Patents

Etablissement de communication en utilisant des identifiants pour un environnement dispositif à dispositif Download PDF

Info

Publication number
WO2014196983A1
WO2014196983A1 PCT/US2013/044708 US2013044708W WO2014196983A1 WO 2014196983 A1 WO2014196983 A1 WO 2014196983A1 US 2013044708 W US2013044708 W US 2013044708W WO 2014196983 A1 WO2014196983 A1 WO 2014196983A1
Authority
WO
WIPO (PCT)
Prior art keywords
identity
user equipment
mobile network
certificate
processor
Prior art date
Application number
PCT/US2013/044708
Other languages
English (en)
Inventor
Ram Lakshmi NARAYANAN
Original Assignee
Nokia Siemens Networks Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Siemens Networks Oy filed Critical Nokia Siemens Networks Oy
Priority to PCT/US2013/044708 priority Critical patent/WO2014196983A1/fr
Publication of WO2014196983A1 publication Critical patent/WO2014196983A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/108Source integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/90Services for handling of emergency or hazardous situations, e.g. earthquake and tsunami warning systems [ETWS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/14Direct-mode setup
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Definitions

  • Certain embodiments generally relate to communication systems, and for example, to device-to-device (D2D) communication integrated into a communications network, such as long-term evolution (LTE) or long-term evolution advanced (LTE-A) cellular network specified by the 3rd Generation Partnership Project (3GPP).
  • D2D device-to-device
  • LTE long-term evolution
  • LTE-A long-term evolution advanced
  • 3GPP 3rd Generation Partnership Project
  • a cellular network is a radio network made up of one or more cells, where each cell is served by at least one centralized controller, such as a base station (BS), a Node B, or an evolved Node B (eNB).
  • a centralized controller such as a base station (BS), a Node B, or an evolved Node B (eNB).
  • UE user equipment
  • a UE communicates with another UE via the centralized controller, where the centralized controller relays messages sent by a first UE to a second UE, and visa-versa.
  • a UE directly communicates with another UE, without the need of a centralized controller. Utilizing a cellular network versus an ad-hoc network has its benefits and drawbacks.
  • utilizing a cellular network over an ad-hoc network provides the benefit of easy resource control and interference control.
  • utilizing a cellular network over an ad-hoc network also provides the drawback of inefficient resource utilization. For instance, additional resources may be required in a cellular network when the two UEs are close to each other, as compared to an ad-hoc network.
  • a hybrid network utilizes both a cellular mode and a D2D transmission mode.
  • a UE can choose to communicate either via a cellular mode or a D2D transmission mode.
  • a hybrid network may allow UEs to communicate either via a cellular mode (i.e. via a centralized controller) or via an autonomous D2D transmission mode where the UEs can establish a channel without the need for a centralized controller. The UE can make this selection depending on which mode provides better overall performance.
  • a hybrid network can improve total system performance over a cellular network or an ad-hoc network.
  • issues related to resource sharing and interference situations may need to be addressed.
  • cellular networks may not be available because they are off-line. For example, in disaster or catastrophic situation, cellular networks may be knocked off-line for various reasons. However, reliable communications networks are likely even more necessary in these disaster situations to help alleviate damage and coordinate emergency response.
  • One embodiment is directed to a method including receiving, by a server in a mobile network, an identity request message for an identity of a user equipment.
  • the method may further include, while the mobile network is online, generating an identity certificate for the user equipment.
  • the method may then include sending the identity certificate to the user equipment for use when the mobile network is offline.
  • the apparatus includes at least one processor and at least one memory comprising computer program code.
  • the at least one memory and the computer program code are configured, with the at least one processor, to cause the apparatus at least to receive an identity request message for an identity of a user equipment in a mobile network, and, while the mobile network is online, generate an identity certificate for the user equipment.
  • the at least one memory and the computer program code may further be configured, with the at least one processor, to cause the apparatus at least to send the identity certificate to the user equipment for use when the mobile network is offline.
  • Another embodiment is directed to a computer program, embodied on a computer readable medium, wherein the computer program is configured to control a processor to perform a process.
  • the process includes receiving an identity request message for an identity of a user equipment in a mobile network.
  • the process may further include, while the mobile network is online, generating an identity certificate for the user equipment.
  • the method may then include sending the identity certificate to the user equipment for use when the mobile network is offline.
  • Another embodiment is directed to a method including receiving, by a user equipment in a mobile network, at least one identity certificate from an identity distribution server.
  • the method may also include using the at least one identity certificate to establish device-to-device (D2D) communication with at least one other user equipment when the mobile network is offline.
  • D2D device-to-device
  • the apparatus includes at least one processor and at least one memory comprising computer program code.
  • the at least one memory and the computer program code are configured, with the at least one processor, to cause the apparatus at least to receive at least one identity certificate from an identity distribution server in a mobile network, and to use the at least one identity certificate to establish device-to-device (D2D) communication with at least one other user equipment when the mobile network is offline.
  • Another embodiment is directed to a computer program, embodied on a computer readable medium, wherein the computer program is configured to control a processor to perform a process.
  • the process includes receiving at least one identity certificate from an identity distribution server in a mobile network.
  • the process may also include using the at least one identity certificate to establish device-to-device (D2D) communication with at least one other user equipment when the mobile network is offline.
  • FIG. 1 illustrates an example of a system, according to one embodiment
  • FIG. 2 illustrates an example of a signaling diagram, according to an embodiment
  • FIG. 3a illustrates an example of an apparatus, according to one embodiment
  • FIG. 3b illustrates an example of an apparatus, according to another embodiment
  • FIG. 4a illustrates an example of a flow diagram of a method, according to one embodiment
  • FIG. 4b illustrates an example of a flow diagram of a method, according to another embodiment.
  • Disasters are exceptional events that are can be either man made, such as terrorist attacks, or natural disasters, such as earthquakes, hurricanes, tornadoes, wildfires and floods, etc. Disasters create emergency situations, and can cause physical damage as well as social disorder. In these emergency situations, basic provisions and services, such as food, water, shelter, protection and medical help are needed. The effort required to provide these basic services to the victims generally must be coordinated quickly via a reliable communication network.
  • Prior disaster events provide certain lessons that may be applied to future events. For example, generally, most of the casualties occur within 48 hours after the disaster event. Cellular network towers, communication, and power lines that were present before the disaster may not be operational. As a result, victims or users affected in the disaster area usually are not able to communicate with their families via the usual wired or wireless (e.g., cellular) communication networks. Disaster relief operations take place with help of medical personnel, fire and police departments, and, as a result of the issues noted above, they may have issues establishing reliable communications, which may be established very late.
  • D2D Device-to-Device
  • 3GPP 3rd Generation Partnership Project
  • D2D standardization is still in the early phase of defining use case(s), but it will be important to include use cases that are applicable to emergency networks.
  • Network assisted public safety communication is currently being worked out as part of D2D requirements, and existing requirements are not adequate to support disaster relief network services that demand infrastructure-less support.
  • D2D can allow for a hybrid combination of infrastructure -mode and ad hoc communication.
  • Certain embodiments of the invention provide a scheme in which the cellular network infrastructure can assist in distribution of the required identities and associated mappings prior to disaster events. These identities may then be later used for ad-hoc mode (e.g., emergency) type communication. The same identities can be used by many applications to build networks in D2D ad-hoc mode environment. Embodiments can be useful for disaster and emergency situations, as described herein, but are not limited to such situations. In fact, embodiments can equally be applied in other situations where the centralized cellular network is not available.
  • IP internet protocol
  • DHCP dynamic host configuration protocol
  • Static an identity assigned to each device or endpoint in a network and is used to communicate data services between them. IP addresses, however, may not be permanent and users generally do not remember them.
  • An email address is an example of a permanent identity, but is not real time (e.g., a user must periodically log-on in order to receive e-mail messages). All these example identities have scope, and a lifetime associated with them. The scope of these identifies are restricted to a realm, zone, or particular architecture. As a result, these identities are not usable when the network infrastructure is not available for some reason.
  • Phone numbers may be the most common and well known identity associated with communication. Most people remember at least some important phone numbers, and almost all mobile phones have the ability to locally store a contact list including phone numbers. Phone numbers are applicable to both fixed and mobile phone service.
  • SIM subscriber identity module
  • IMSI International Mobile Subscriber Identity
  • keys keys and other useful information to establish the identities of the users.
  • the IMSI is a unique number identifying the subscriber within the network.
  • the mapping of the phone number to the IMSI is stored inside the cellular network, for example by the Home Subscriber System (HSS).
  • HSS Home Subscriber System
  • the network internally maps the IMSI to a Mobile Subscriber Integrated Services Digital Network-Number (MSISDN), and establishes two party communications. If such scenario needs to happen in direct device-to-device communication (D2D) ad hoc mode each phone needs to maintain its identity correctly.
  • MSISDN is a number uniquely identifying a subscription in a mobile/cellular network. In other words, the MSISDN is the telephone number to the SIM in a mobile/cellular phone.
  • IP addresses are dynamically assigned and are generally not remembered by any applications inside cellular/mobile phones (e.g., UE). Using an ad hoc network is helpful to build a network only with nodes, but they do not have common identity. Most of the Ad hoc routing protocols deal with connection, and route convergence. Existing IP and/or phone services cannot run on top of it due to a lack of centralized control.
  • P2P Peer-to-Peer
  • Fig. 1 illustrates an example of a communication system 100, according to one embodiment.
  • system 100 includes one cell, cell 1.
  • System 100 also includes one eNB, eNBl .
  • system 100 can include any number of cells and/or eNBs.
  • eNBl is located in cell 1 and can serve UEs within its serving area.
  • System 100 also includes UEl , UE2, UE3, and UE4, which are each located in cell 1.
  • UE2 and UE3 are in D2D communication
  • UEl and UE4 are served by the cellular network infrastructure via eNBl .
  • communication system 100 may be considered a hybrid network that can utilize both a cellular mode and a D2D transmission mode.
  • victims may not be able to use existing identities discussed above (e.g., phone numbers, IP addresses, email addresses) and associated services to establish communication.
  • identities e.g., phone numbers, IP addresses, email addresses
  • UEl e.g., phone numbers, IP addresses, email addresses
  • Naming identities such as phone numbers, IP addresses (IPv4 and IPv6), email addresses, websites, etc., which are associated with a central infrastructure are likely not usable and not available.
  • identities are prepared and distributed to UEs in order to later enable offline emergency communications. This procedure can be performed when the UEs are getting normal service, during service activation itself, or at regular intervals. Then, when network infrastructure is knocked offline (e.g. due to a disaster event), the previously distributed identities can be used for ad-hoc network topology creation. As a result, the identities can be utilized to serve disaster type applications such as voice call.
  • Fig. 2 illustrates an example of a signaling diagram for securely transferring identities (e.g., MSISDN and its associated credentials) to a mobile/cellular phone (e.g., UE). Subsequently, using these transferred identities, infrastructure-less communication can be established for direct D2D communication. At least two approaches may be used to distribute credentials, namely the PUSH and PULL mechanisms, as illustrated in Fig. 2.
  • Fig. 2 illustrates some examples of network elements in wireless access network technologies that may be used to achieve the functionality of embodiments of the invention. However, the functionality that is illustrated in Fig. 2 could be implemented (or combined) with other network elements.
  • UE-1 is powered ON and completes the network attach. While in this example, the network attach is performed via a visitor location register (VLR) (as in 2G networks), it could also be performed, for example, by a mobility management entity (MME) in case of 4G, or any other appropriate entity depending on the type of network.
  • VLR visitor location register
  • MME mobility management entity
  • Embodiments of the invention are applicable to all types of wireless access networks and their associated entities.
  • UE-1 sends a REQUEST IDENTITY CERTIFICATE message towards the identity distribution server.
  • this identity distribution server could be placed in the existing network infrastructure. For example, it could be part of the pre-configuration performed by the operator, or it could be part of the device management framework. A main purpose of this server is to securely distribute identities of the phone, such as MSISDN and associated credentials.
  • the identity distribution server passes the UE credentials that it receives (such as IMSI, temporary mobile subscriber identity (TMSI), etc.) to the HSS/VLR sub-systems and request Authentication Centre (AuC), to verify the UE and generate secure signature information.
  • the identity distribution server prepares the UE identity certificate. It collects all the information that is required to generate the identities and prepares them as certificates. For example, the identity distribution server may collect the required information for public certificates, which contains issuers name, date, and validity, and also the MSISDN identity.
  • the certificate may be valid for a 30 day period (or less).
  • the UE may renew the certificate at regular intervals. A shorter validity period avoids overuse and eliminates the need for certificate revocation list maintenance. This helps assure that the identity was issued by an operator.
  • the prepared certificate is passed back to the HSS (AuC) which is requested to sign and generate the public certificate.
  • the signed certificate with identity credentials is passed back, at 6, to the identity distribution server.
  • the RESPONSE IDENTITY CERTIFICATE is sent by the identity server to UE-1.
  • the RESPONSE IDENTITY CERTIFICATE contains MSISDN information as part of the public certificate.
  • the identity certificate is generated and the network does automatic push of the information.
  • UE-2 is powered ON and completes the network attach.
  • wireless access network infrastructure equipment such as VLR or MME or other suitable server such as device management or patch management server
  • the identity distribution server prepares the UE identity certificate in a similar manner to that discussed above in connection with step 4.
  • the prepared certificate is passed back to the HSS (AuC) which is requested to sign and generate the public certificate.
  • the signed certificate with identity credentials is passed back, at 6, to the identity distribution server.
  • the RESPONSE IDENTITY CERTIFICATE is sent by the identity server to UE-2.
  • UE-1 and/or UE-2 can store the identity certificate securely in its SIM or in protected storage.
  • the chosen storage message can be specific to the operator.
  • the lifetime of the certificate can be made short and, in order to avoid generating the keys each time, the network could send an updated certificate by updated date change.
  • usage of certificate may only be valid in the absence of centralized network infrastructure. Applications that are using these certificates should be trusted by operator (such as dialer application inside the phone).
  • the UEs may use those certificates to aid in D2D communication in an ad-hoc network scenario. For instance, during an emergency situation such as disaster, the UE could use the identities, such as MSISDN, stored inside the certificate as its own identity. This identity can then be supplied as part of a routing update to determine the neighboring UEs. Before making calls, the UEs in the disaster region need to know about each other and can establish any ad hoc communication to discover their topology.
  • identities such as MSISDN
  • each UE may send its own identifiers, which can be used to populate a routing table in each node.
  • Each UE will contain route information, such as IPv4/IPv6 address and its neighbour UE reachable information, along with their MSISDN identity.
  • route information such as IPv4/IPv6 address and its neighbour UE reachable information, along with their MSISDN identity.
  • the default dialler application takes inputs from the user, and forwards it to any interfaces (normally, when user dials using the phone dialler application, it interacts with the cellular CS network). Now, users could dial in using their phone numbers to contact each other in disaster region.
  • Disaster regions contain many differentiating parameters or factors, including terrain, type of location, size of location, number of people living before disaster, etc. Embodiments have taken into account extensive simulations of human mobility models in disaster regions, and how embodiments of the invention can assist them to survive and move to a disaster free zone more quickly.
  • Fig. 3a illustrates an example of an apparatus 10 according to an embodiment.
  • apparatus 10 may be a network entity, such as an identity distribution server, VLR, MME, HSS, and/or AuC illustrated in Fig. 2 above.
  • identity distribution server VLR, MME, HSS, and/or AuC illustrated in Fig. 2 above.
  • apparatus 10 may include components or features not shown in Fig. 3a. Only those components or features necessary for illustration of the invention are depicted in Fig. 3 a.
  • apparatus 10 includes a processor 22 for processing information and executing instructions or operations.
  • processor 22 may be any type of general or specific purpose processor. While a single processor 22 is shown in Fig. 3a, multiple processors may be utilized according to other embodiments. In fact, processor 22 may include one or more of general-purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs), field-programmable gate arrays (FPGAs), application-specific integrated circuits (ASICs), and processors based on a multi-core processor architecture, as examples.
  • DSPs digital signal processors
  • FPGAs field-programmable gate arrays
  • ASICs application-specific integrated circuits
  • Apparatus 10 further includes a memory 14, which may be coupled to processor 22, for storing information and instructions that may be executed by processor 22.
  • Memory 14 may be one or more memories and of any type suitable to the local application environment, and may be implemented using any suitable volatile or nonvolatile data storage technology such as a semiconductor-based memory device, a magnetic memory device and system, an optical memory device and system, fixed memory, and removable memory.
  • memory 14 can be comprised of any combination of random access memory (RAM), read only memory (ROM), static storage such as a magnetic or optical disk, or any other type of non-transitory machine or computer readable media.
  • the instructions stored in memory 14 may include program instructions or computer program code that, when executed by processor 22, enable the apparatus 10 to perform tasks as described herein.
  • Apparatus 10 may also include one or more antennas 25 for transmitting and receiving signals and/or data to and from apparatus 10.
  • Apparatus 10 may further include a transceiver 28 configured to transmit and receive information.
  • transceiver 28 may be configured to modulate information on to a carrier waveform for transmission by the antenna(s) 25 and demodulate information received via the antenna(s) 25 for further processing by other elements of apparatus 10.
  • transceiver 28 may be capable of transmitting and receiving signals or data directly.
  • Processor 22 may perform functions associated with the operation of apparatus 10 including, without limitation, precoding of antenna gain/phase parameters, encoding and decoding of individual bits forming a communication message, formatting of information, and overall control of the apparatus 10, including processes related to management of communication resources.
  • memory 14 stores software modules that provide functionality when executed by processor 22.
  • the modules may include, for example, an operating system that provides operating system functionality for apparatus 10.
  • the memory may also store one or more functional modules, such as an application or program, to provide additional functionality for apparatus 10.
  • the components of apparatus 10 may be implemented in hardware, or as any suitable combination of hardware and software.
  • apparatus 10 may be an identity distribution server.
  • apparatus 10 may be controlled by memory 14 and processor 22 to receive an identity request message for an identity of a UE in a mobile network. While the mobile network is online, apparatus 10 may be controlled by memory 14 and processor 22 to generate an identity certificate for the UE, and to send the identity certificate to the UE for use when the mobile network is offline.
  • apparatus 10 may be controlled by memory 14 and processor 22 to receive the identity request message from the UE.
  • apparatus 10 may be controlled by memory 14 and processor 22 to receive the identity request message from a network node, such as a VLR, a MME, a device management server, or a patch management server.
  • apparatus 10 may be controlled by memory 14 and processor 22 to verify the identity of the UE with a HSS subsystem.
  • apparatus 10 may also be controlled by memory 14 and processor 22 to forward the identity certificate to the HSS sub-system for signing and for generating a public certificate.
  • the identity certificate is valid for a period of 30 days or less.
  • Fig. 3b illustrates an example of an apparatus 20 according to another embodiment.
  • apparatus 20 may be a UE. It should be noted that one of ordinary skill in the art would understand that apparatus 20 may include components or features not shown in Fig. 3b. Only those components or features necessary for illustration of the invention are depicted in Fig. 3b.
  • apparatus 20 includes a processor 32 for processing information and executing instructions or operations.
  • Processor 32 may be any type of general or specific purpose processor. While a single processor 32 is shown in Fig. 3b, multiple processors may be utilized according to other embodiments.
  • processor 32 may include one or more of general-purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs), field-programmable gate arrays (FPGAs), application-specific integrated circuits (ASICs), and processors based on a multi-core processor architecture, as examples.
  • DSPs digital signal processors
  • FPGAs field-programmable gate arrays
  • ASICs application-specific integrated circuits
  • Apparatus 20 further includes a memory 34, which may be coupled to processor 32, for storing information and instructions that may be executed by processor 32.
  • Memory 34 may be one or more memories and of any type suitable to the local application environment, and may be implemented using any suitable volatile or nonvolatile data storage technology such as a semiconductor-based memory device, a magnetic memory device and system, an optical memory device and system, fixed memory, and removable memory.
  • memory 34 can be comprised of any combination of random access memory (RAM), read only memory (ROM), static storage such as a magnetic or optical disk, or any other type of non-transitory machine or computer readable media.
  • the instructions stored in memory 34 may include program instructions or computer program code that, when executed by processor 32, enable the apparatus 20 to perform tasks as described herein.
  • Apparatus 20 may also include one or more antennas 35 for transmitting and receiving signals and/or data to and from apparatus 20.
  • Apparatus 20 may further include a transceiver 38 configured to transmit and receive information.
  • transceiver 38 may be configured to modulate information on to a carrier waveform for transmission by the antenna(s) 35 and demodulate information received via the antenna(s) 35 for further processing by other elements of apparatus 20.
  • transceiver 38 may be capable of transmitting and receiving signals or data directly.
  • Processor 32 may perform functions associated with the operation of apparatus 20 including, without limitation, precoding of antenna gain/phase parameters, encoding and decoding of individual bits forming a communication message, formatting of information, and overall control of the apparatus 20, including processes related to management of communication resources.
  • memory 34 stores software modules that provide functionality when executed by processor 32.
  • the modules may include, for example, an operating system that provides operating system functionality for apparatus 20.
  • the memory may also store one or more functional modules, such as an application or program, to provide additional functionality for apparatus 20.
  • the components of apparatus 20 may be implemented in hardware, or as any suitable combination of hardware and software.
  • apparatus 20 may be a UE.
  • apparatus 20 may be controlled by memory 34 and processor 32 to receive at least one identity certificate from an identity distribution server in a mobile network, and to use the at least one identity certificate to establish device-to-device (D2D) communication with at least one other user equipment when the mobile network is offline.
  • apparatus 20 may be further controlled by memory 34 and processor 32 to transmit a routing update comprising the at least one identity certificate to determine neighboring UEs.
  • Apparatus 20 may be controlled by memory 34 and processor 32 to store the at least one identity in its SIM or in protected storage. According to one embodiment, the at least one identity certificate may be valid only when the mobile network is offline.
  • Fig. 4a illustrates an example of a flow chart of a method for preparing and distributing identities that can be used for offline D2D communication, according to one embodiment.
  • the method of Fig. 4a may be performed by a server, such as an identity distribution server, in a mobile network.
  • the method may include, at 400, receiving an identity request message for an identity of a UE.
  • the method may then include, at 410, generating an identity certificate for the UE while the mobile network is online.
  • the method may also include, at 420, verifying the identity of the user equipment with a HSS sub-system.
  • the method can also include, at 430, forwarding the identity certificate to the home subscription server sub-system for signing and for generating a public certificate.
  • the method may then include, at 440, sending the identity certificate to the user equipment for use when the mobile network is offline.
  • Fig. 4b illustrates an example of a flow chart of a method for using identity certificate information for D2D communication when the mobile network is offline, according to one embodiment.
  • the method of Fig. 4b may be performed by a UE.
  • the method may include, at 450, receiving at least one identity certificate from an identity distribution server.
  • the method may include storing the at least one identity in a subscriber identity module or in protected storage.
  • the method may also include, at 470, using the at least one identity certificate to establish D2D communication with at least one other user equipment when the mobile network is offline.
  • the using of the at least one identity certificate may include transmitting a routing update comprising the at least one identity certificate to determine neighboring user equipment.
  • any of the methods described herein may be implemented by software and/or computer program code stored in memory or other computer readable or tangible media, and executed by a processor.
  • the functionality may be performed by hardware, for example through the use of an application specific integrated circuit (ASIC), a programmable gate array (PGA), a field programmable gate array (FPGA), or any other combination of hardware and software.
  • ASIC application specific integrated circuit
  • PGA programmable gate array
  • FPGA field programmable gate array
  • embodiments provide a mechanism to use identities in a decentralized and controlled manner such that they can be utilized, for example, for D2D or emergency service communication.
  • cellular identities can be available for offline service in emergency situation.
  • An embodiment includes a mechanism wherein the identity certificates of each user are securely transferred for future use (e.g., in case of emergency situations).
  • embodiments provide mechanisms to enable usage of mobile broadband networks to support offline type of service.
  • some embodiments provide a mechanism wherein user-known identities are pushed to routing layer (X-Layer approach) and enables use of applications seamlessly in D2D ad-hoc mode.
  • Embodiments are compatible with all types of cellular or mobile technology, such as LTE, LTE-A, etc. Therefore, embodiments can be standardized to enable D2D ad-hoc (infrastructure less) mode communication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Public Health (AREA)
  • Environmental & Geological Engineering (AREA)
  • Emergency Management (AREA)
  • Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne des systèmes, des procédés, des appareils et des produits-programmes informatiques pour établir une communication dispositif à dispositif en utilisant des identifiants de mobiles ou de cellulaires. Un procédé peut consister en la réception, par un serveur dans un réseau mobile, d'un message de demande d'identité pour une identité d'un équipement utilisateur. Le procédé peut alors consister, lorsque le réseau mobile est en ligne, en la génération d'un certificat d'identité pour l'équipement utilisateur et en l'envoi du certificat d'identité à l'équipement utilisateur pour une utilisation lorsque le réseau mobile est hors connexion.
PCT/US2013/044708 2013-06-07 2013-06-07 Etablissement de communication en utilisant des identifiants pour un environnement dispositif à dispositif WO2014196983A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2013/044708 WO2014196983A1 (fr) 2013-06-07 2013-06-07 Etablissement de communication en utilisant des identifiants pour un environnement dispositif à dispositif

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2013/044708 WO2014196983A1 (fr) 2013-06-07 2013-06-07 Etablissement de communication en utilisant des identifiants pour un environnement dispositif à dispositif

Publications (1)

Publication Number Publication Date
WO2014196983A1 true WO2014196983A1 (fr) 2014-12-11

Family

ID=52008465

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2013/044708 WO2014196983A1 (fr) 2013-06-07 2013-06-07 Etablissement de communication en utilisant des identifiants pour un environnement dispositif à dispositif

Country Status (1)

Country Link
WO (1) WO2014196983A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016099940A1 (fr) * 2014-12-19 2016-06-23 Motorola Solutions, Inc. Équipement d'utilisateur et procédé pour l'enregistrement dynamique de sous-système multimédia à protocole internet (ims)
WO2017065536A1 (fr) * 2015-10-14 2017-04-20 삼성전자 주식회사 Dispositif de terminal utilisateur et procédé pour déterminer un compagnon de ce dernier
WO2018032484A1 (fr) * 2016-08-19 2018-02-22 Zte Corporation Appareil et procédé d'appel d'urgence
EP3448075A1 (fr) * 2017-08-22 2019-02-27 Gemalto M2M GmbH Procédé de sécurisation d'une connexion de communication

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6247127B1 (en) * 1997-12-19 2001-06-12 Entrust Technologies Ltd. Method and apparatus for providing off-line secure communications
US20020080752A1 (en) * 2000-12-22 2002-06-27 Fredrik Johansson Route optimization technique for mobile IP
US20020165824A1 (en) * 1995-10-02 2002-11-07 Silvio Micali Scalable certificate validation and simplified PKI management
US20110261792A1 (en) * 2010-04-26 2011-10-27 Research In Motion Limited Conversion of mobile device to lan-only telephony functions

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020165824A1 (en) * 1995-10-02 2002-11-07 Silvio Micali Scalable certificate validation and simplified PKI management
US6247127B1 (en) * 1997-12-19 2001-06-12 Entrust Technologies Ltd. Method and apparatus for providing off-line secure communications
US20020080752A1 (en) * 2000-12-22 2002-06-27 Fredrik Johansson Route optimization technique for mobile IP
US20110261792A1 (en) * 2010-04-26 2011-10-27 Research In Motion Limited Conversion of mobile device to lan-only telephony functions

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016099940A1 (fr) * 2014-12-19 2016-06-23 Motorola Solutions, Inc. Équipement d'utilisateur et procédé pour l'enregistrement dynamique de sous-système multimédia à protocole internet (ims)
WO2017065536A1 (fr) * 2015-10-14 2017-04-20 삼성전자 주식회사 Dispositif de terminal utilisateur et procédé pour déterminer un compagnon de ce dernier
WO2018032484A1 (fr) * 2016-08-19 2018-02-22 Zte Corporation Appareil et procédé d'appel d'urgence
EP3448075A1 (fr) * 2017-08-22 2019-02-27 Gemalto M2M GmbH Procédé de sécurisation d'une connexion de communication
WO2019038038A1 (fr) * 2017-08-22 2019-02-28 Gemalto M2M Gmbh Procédé de sécurisation d'une voie de communication

Similar Documents

Publication Publication Date Title
EP3603143B1 (fr) Procédé d'acquisition d'informations de zone disponible en tranche de réseau
ES2882473T3 (es) Seleccionar una entidad de función de plano de usuario (UPF) en una entidad de función de control de políticas (PCF) en base a la información de cambio de ubicación del terminal, proporcionada a partir de una entidad de función de gestión de sesión (SMF)
CN110249667B (zh) 非3gpp接入上的终端接入5g网络的注册管理方法
US11375367B2 (en) System and method for deriving a profile for a target endpoint device
KR101754447B1 (ko) 그룹 기반의 머신-투-머신 통신
CN115460686A (zh) 基站、接入和移动性管理功能实体及其方法
US10219152B2 (en) Security architecture and solution for handling internet of things devices in a fifth generation system
US11233817B2 (en) Methods and apparatus for end device discovering another end device
US11139887B2 (en) System and method for radio link sharing
CN111918204A (zh) 用于限制直接发现的方法
EP3403386A2 (fr) Établissement de légendes pour des communications au sein d'un groupe
CN104662997A (zh) 用于缺乏网络覆盖的情况下的设备到设备通信的系统和方法
US10034173B2 (en) MTC service management using NFV
JP2022517584A (ja) Ue、通信システム及び方法
US20230362637A1 (en) Authentication and authorization for user equipment (ue)-to-network relaying
EP3128773B1 (fr) Procédé et appareil de traitement pour découverte d2d
JP7268794B2 (ja) 方法、基地局、及びコアネットワークファンクション
WO2014196983A1 (fr) Etablissement de communication en utilisant des identifiants pour un environnement dispositif à dispositif
CN104349497A (zh) Ue间接近发现方法和设备
US11228896B2 (en) Authorization of roaming for new radio subscribers via an alternative radio access technology
JP6452800B2 (ja) ハイブリッドネットワーキングを実現する方法、システム、装置及びコンピュータ記憶媒体
KR102054280B1 (ko) 비상 이동 통신 시스템운용 방법 및 이를 위한 장치
JPWO2019160061A1 (ja) 通信装置、配信装置、及び送信方法
US20220311810A1 (en) Public Land Mobile Network Support for a Stand-alone Non-Public Access Network
CN116074827A (zh) 一种通信方法及通信装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13886389

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13886389

Country of ref document: EP

Kind code of ref document: A1