WO2015176462A1 - Dual-connection radio bearer migration processing and migration methods and devices - Google Patents

Dual-connection radio bearer migration processing and migration methods and devices Download PDF

Info

Publication number
WO2015176462A1
WO2015176462A1 PCT/CN2014/087718 CN2014087718W WO2015176462A1 WO 2015176462 A1 WO2015176462 A1 WO 2015176462A1 CN 2014087718 W CN2014087718 W CN 2014087718W WO 2015176462 A1 WO2015176462 A1 WO 2015176462A1
Authority
WO
WIPO (PCT)
Prior art keywords
radio bearer
data radio
base station
bearer identifier
identifier
Prior art date
Application number
PCT/CN2014/087718
Other languages
French (fr)
Chinese (zh)
Inventor
和峰
杜忠达
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2015176462A1 publication Critical patent/WO2015176462A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/08Reselecting an access point
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/24Reselection being triggered by specific parameters
    • H04W36/26Reselection being triggered by specific parameters by agreed or negotiated communication parameters
    • H04W36/28Reselection being triggered by specific parameters by agreed or negotiated communication parameters involving a plurality of connections, e.g. multi-call or multi-bearer connections

Definitions

  • the present invention relates to the field of communications, and in particular, to a migration processing and migration method and apparatus for a dual connectivity radio bearer.
  • LTE Long Term Evolution
  • LTE Advanced enhanced LTE
  • the user plane data protocol stack of the existing LTE is as shown in FIG. 1 , and the GPRS Tunneling Protocol for the User Plane (GTP-TTP) is used from the core network through the user-level general packet radio service (GPRS) protocol.
  • GTP-TTP GPRS Tunneling Protocol for the User Plane
  • GPRS general packet radio service
  • PDCP Packet Data Convergence Protocol
  • RLC Radio Link Control
  • PHY Physical layer
  • the data transmission link between the network and the UE is a one-to-one dedicated link, so the signal quality of the link and the size of the resources used determine the data transmission performance between the two. If the resources used by the link are limited or the signal quality is poor, the user experience of the UE will decrease. This is a huge challenge that mobile operators are facing now.
  • the network capacity is expanding year by year, it still cannot keep up with the increase in the number of user terminals.
  • IP is short for Internet Protocol
  • UDP/IP is short for User Data Protocol/Internet Protocol.
  • LPN Low Power Nodes
  • next-generation communication networks such as LTE
  • a small cell Small Cell
  • Pico eNB where eNB is short for evolved Node B, eNB may be called evolved Node B
  • LPN low-power nodes
  • the network deployment environment becomes more complicated and brings some problems.
  • the coverage of the LPN cell is relatively small compared to the macro cell (Macro Cell)
  • the capacity is relatively small, and some LPN cells may be easily occupied by the user and cause the load to be too high, thereby affecting the user.
  • Dual Connectivity is one of them.
  • the dual-connected terminal can maintain connection with two network nodes at the same time.
  • the UE maintains connection with the macro cell and the LPN cell at the same time.
  • the network side can control the transmission data of the terminal on the two nodes in real time.
  • the UE moves or other reasons cause the LPN cell to change, another cell can still maintain the connection, and this change does not cause excessive signaling impact.
  • the UE must be securely connected to the network.
  • the access layer (Access Stratum, AS for short) between the radio access network element (such as an eNB) and the user equipment has the same security context.
  • the base station key KeNB is included, according to which the encryption key (KRRCenc) and the integrity protection key (KRRCint) of the AS control plane and the encryption key (KUPenc) of the user plane can be derived.
  • the sender uses the control plane integrity protection key (KRRCint) and the encryption key (KRRCenc), and the specified algorithm to perform integrity protection and encryption on the control plane data, and at the receiving end. Reverse operations (decryption and integrity protection verification) are performed according to the same key and algorithm. Both the user plane data transmission and reception sides use the user plane encryption key (KUPenc) to encrypt and decrypt the user plane data. .
  • the base station key initial KeNB is calculated by the core network and then transmitted to the eNB. In the subsequent process, for example, to prevent the PDCP sequence number from being flipped or the UE switching, the KeNB also updates.
  • the KeNB of the handover target side is still calculated by the core network; but if an X2 handover occurs, the derivative method of the KeNB (or KeNB*) of the handover target side may have two As shown in FIG. 3, one is derived from the KeNB on the switching source side, and the other is derived from the Next Hop (NH) key, where the NH key is derived from the core network. Calculated and sent to the eNB.
  • the service bearer (Service-Gateway, S-GW for short) is divided into two groups, which are respectively passed through the master base station (Master eNB, referred to as The MeNB) and the secondary base station (Secondary SeNB, SeNB for short) establish a connection with the UE, as shown in FIG.
  • the two nodes connected to the UE need to use different security keys to protect the respective connection bearers.
  • the base station key S-KeNB on the SeNB is derived from the base station key KeNB on the MeNB.
  • the SeNB When the KeNB of the MeNB changes, the SeNB is deleted; but when the S-KeNB on the SeNB changes, the connection on the MeNB is unaffected.
  • the scenario in which the S-KeNB changes includes: the S-KeNB caused by the KeNB key change on the MeNB. Change, the S-KeNB key modification initiated by the MeNB, the PDCP COUNT value carried on the SeNB is reversed, or the key change caused by other SeNB reconfigurations.
  • the connection bearer of the UE may be migrated between the MeNB and the SeNB, that is, the bearer on the MeNB may be migrated to the SeNB, and the SeNB shall bear the data transmission and reception;
  • the reverse can occur, ie the bearer on the SeNB is migrated back to the MeNB.
  • the identity of the bearer does not change.
  • the data radio bearer (DRB id) (DRB id) is assigned to the base station side; the Evolved Packet System (EPS) bearer identifier (ESP) is assigned to the core network side. Id), and Enhanced Radio Access Bearer (E-RAB id).
  • the DRB id is one-to-one or mapped with the EPS id and the E-RAB id. If the radio bearer corresponding to a DRB id of the access layer is deleted, the ground bearer corresponding to the EPS id of the non-access stratum needs to be deleted. In the bearer migration process in the dual-connection scenario, the actual change is only related to the change of the user plane path, and the bearer does not change. Therefore, the corresponding radio bearer identifier and the ground bearer identifier and their corresponding relationships do not occur. Variety.
  • the present invention provides a dual-connection radio bearer migration processing, migration method and device, to at least solve the above problem. technical problem.
  • a method for processing a dual-connection radio bearer including: a primary base station assigning a new data radio bearer identifier to a data radio bearer to be migrated, where the new The data radio bearer identifier is different from the data radio bearer identifier used by the master base station and the slave base station; the master base station sends a message to the user equipment to notify the user equipment to perform data radio bearer migration, where the message is Carrying the new radio bearer identity.
  • the new radio bearer identifier has a mapping relationship with the evolved packet system bearer identifier corresponding to the data radio bearer.
  • the method further includes: clearing the current data radio bearer when the master base station and/or the slave base station performs key update Data radio bearer identification record not used.
  • the method further includes: the primary base station migrating the data radio bearer from the primary base station to the secondary base station, and then the secondary base station migrates the data radio bearer The key back to the primary base station, and/or the source base station carrying the migration is updated, and the key of the target base station carrying the migration is not updated.
  • a method for migrating a dual-connected radio bearer including: receiving, by a user equipment, a message from a primary base station for notifying a user equipment to perform data radio bearer migration, where The message carries a new data radio bearer identifier allocated by the primary base station, where the new data radio bearer identifier is used to identify a data radio bearer to be migrated, and the new data radio bearer identifier is associated with the primary base station and The data radio bearer identifiers that have been used by the base station are different; the user equipment migrates the data radio bearers to the target base station according to the new data radio bearer identifier.
  • the method further includes: the user equipment, the new data radio bearer identifier, and the Corresponding to the evolved packet system bearer identifier corresponding to the data radio bearer, and deleting the original data radio bearer identifier of the data radio bearer.
  • a dual-connection radio bearer migration processing apparatus which is applied to a primary base station, and includes: an allocation module, configured to allocate a new data radio bearer to be migrated. a data radio bearer identifier, wherein the new data radio bearer identifier is different from the data radio bearer identifier used by the master base station and the slave base station; and the sending module is configured to send the user equipment to notify the user equipment to perform data
  • the radio carries the migrated message, where the message carries the new radio bearer identifier.
  • the allocating module is further configured to allocate the new data radio bearer identifier when the new radio bearer identifier has a mapping relationship with the evolved packet system bearer identifier corresponding to the data radio bearer.
  • a dual connectivity radio bearer migration apparatus including: a receiving module, configured to receive, from a primary base station, a user equipment for notifying a data radio bearer migration. a message, wherein the message carries a new data radio bearer assigned by the primary base station The new data radio bearer identifier is used to identify the data radio bearer to be migrated, and the new data radio bearer identifier is different from the data radio bearer identifier used by the master base station and the slave base station; And configured to migrate the data radio bearer to the target base station according to the new data radio bearer identifier.
  • the mapping module is further configured to: the new data radio bearer identifier is associated with the evolved packet system bearer identifier corresponding to the data radio bearer, and the original data radio bearer identifier of the data radio bearer is deleted.
  • a base station including the migration processing apparatus of the dual connectivity radio bearer described above.
  • a user equipment including the migration device of the dual connectivity radio bearer described above.
  • the invention solves the problem that the primary base station allocates a new data radio bearer identifier different from the data radio bearer identifier of the primary base station and the data radio bearer identifier that has been used by the base station for the data radio bearer to be migrated, and solves the related art, the dual connection
  • the wireless bearer has problems such as security caused by key leakage during the migration process between the base stations, and improves the security of the dual-connection bearer of the terminal.
  • FIG. 1 is a schematic diagram of an LTE user plane protocol stack according to the related art
  • FIG. 2 is a schematic diagram of a key derivation and protection mechanism in a network of the related art
  • FIG. 3 is a schematic diagram of a method for deriving a base station key in a handover scenario according to the related art
  • FIG. 4 is a schematic diagram of a dual connectivity scenario according to the related art
  • FIG. 5 is a schematic diagram of a dual connectivity key multiplexing scenario according to the related art
  • FIG. 6 is a schematic diagram of an encryption method according to the related art
  • FIG. 7 is a flowchart of a migration processing method of a dual connectivity radio bearer according to an embodiment of the present invention.
  • FIG. 8 is a structural block diagram of a migration processing apparatus for a dual connectivity radio bearer according to an embodiment of the present invention.
  • FIG. 9 is a flowchart of a method for migrating a dual connectivity radio bearer according to an embodiment of the present invention.
  • FIG. 10 is a structural block diagram of a dual connectivity radio bearer migration apparatus according to an embodiment of the present invention.
  • FIG. 11 is a block diagram showing another structure of a dual connectivity radio bearer migration apparatus according to a preferred embodiment of the present invention.
  • FIG. 12 is a schematic diagram of a bearer migration process actively triggered by a primary base station according to a preferred embodiment of the present invention.
  • FIG. 13 is a schematic diagram of a bearer migration process actively triggered from a base station according to a preferred embodiment of the present invention.
  • FIG. 14 is a schematic diagram of a bearer migration process actively triggered from a base station according to a preferred embodiment of the present invention.
  • FIG. 7 is a flowchart of a migration processing method of a dual connectivity radio bearer according to an embodiment of the present invention. As shown in FIG. 7, the method includes steps S702-S706:
  • Step 702 The primary base station allocates a new data radio bearer identifier to the data radio bearer to be migrated, where the new data radio bearer identifier is different from the data radio bearer identifier used by the master base station and the slave base station;
  • Step 704 The primary base station sends a message to the user equipment to notify the user equipment that the data radio bearer is migrated, where the message carries the new radio bearer identifier corresponding to the data radio bearer to be migrated.
  • the foregoing various processing steps may be applied to various migration scenarios of the radio bearer, for example, from the original data radio bearer of the base station to the primary base station; or the original data radio bearer of the primary base station is migrated to the secondary base station; or The data radio bearer of the primary base station is migrated to the secondary base station, and then migrated from the secondary base station to the primary base station.
  • the key information and the like may be repeatedly used, which may lead to key leakage, etc., and the technical means adopting the above various processing steps are adopted as
  • the data radio bearer is allocated with a new data radio bearer identification technology that is different from the primary base station and the radio bearer identifier that has been allocated by the base station. Therefore, the multiplexing of information such as keys is fundamentally avoided, and the dual connectivity bearer is improved. Security when hosting migrations.
  • the primary base station allocates a new data radio bearer identifier to the data radio bearer, and no longer uses the original data radio bearer identifier. Therefore, after receiving the message, the user equipment needs to re-use the new one.
  • the data radio bearer identifier corresponds to the evolved packet system bearer identifier corresponding to the data radio bearer, and does not trigger the deletion indication of the upper layer radio bearer.
  • the notification message is implemented in multiple manners, for example, by using a new dedicated message, or by using an existing message.
  • the primary base station can record the data radio bearer identity that the primary base station and the secondary base station have used.
  • the record information may be updated by the key update process to clear the bearer identification record that is not used by the current radio bearer. For example, when the primary base station and/or the base station passively or actively perform key update, the current data radio bearer is not used.
  • the data radio bearer identification record (that is, the data radio bearer identification record that is not used by the current radio bearer). Specifically, it can be expressed as the following implementation forms:
  • the primary base station When the key update is initiated, the primary base station clears the data radio bearer identification record that is not used by the current bearer; when there is no new data radio bearer identifier, the primary base station and the secondary base station can also use the key update process to clear unused data wireless.
  • the identity record is carried to retrieve the radio bearer identity resource.
  • the method for clearing the bearer identifier is as follows: if the used radio bearer identifier of the used data recorded by the primary base station is 1, 2, 3, but there are only two data radio bearers on the current primary base station and the secondary base station, respectively, the identifier 2 is used. And 3, through the key update process, you can clear the record of ID 1 that is no longer used.
  • the solution in this embodiment may be applied to the following scenarios, but is not limited thereto: the primary base station migrates the data radio bearer from the primary base station to the secondary base station, and then the secondary base station migrates the data radio bearer back to the primary base station, and/or
  • the key of the source base station carrying the migration is updated and the key of the target base station carrying the migration is not updated.
  • the source/target base station carrying the migration is for the data radio bearer to be migrated. For example, if a data radio bearer is migrated from the A base station to the B base station, the A base station is the source base station for the bearer migration, and the B base station is the target base station carrying the migration.
  • a dual-connection radio bearer migration processing apparatus is also provided, which is applied to a primary base station, and is used to implement the foregoing method. As shown in FIG. 8, the apparatus includes:
  • the allocating module 80 is configured to allocate a new data radio bearer identifier to the data radio bearer to be migrated, where the new data radio bearer identifier is different from the data radio bearer identifier used by the master base station and the slave base station;
  • the sending module 82 is connected to the distribution module 80, and is configured to send a message to the user equipment to notify the user equipment to perform data radio bearer migration, where the message carries the new radio bearer identifier.
  • the foregoing allocation module 80 is further configured to allocate the new data radio bearer identifier when the new radio bearer identifier has a mapping relationship with the evolved packet system bearer identifier corresponding to the data radio bearer.
  • each of the above modules may be implemented by software or a hardware module.
  • the distribution module 80 is located in the first processor, and the sending module 82 may be located in the second processor.
  • the allocation module 80 and the transmitting module 82 are all located in the same processor, but are not limited thereto.
  • a base station including: the migration processing apparatus of the dual connectivity radio bearer described above.
  • a method for migrating a dual connectivity radio bearer includes:
  • Step S902 The user equipment receives a message from the primary base station for informing the user equipment to perform data radio bearer migration, where the message carries a new data radio bearer identifier allocated by the primary base station, where the new data radio bearer identifier is used to identify The data radio bearer to be migrated, the new data radio bearer identifier is different from the data radio bearer identifier used by the primary base station and the slave base station;
  • Step S904 The user equipment migrates the data radio bearer to the target base station according to the new data radio bearer identifier.
  • the user equipment when the user equipment migrates the data radio bearer to the target base station according to the new data radio bearer identifier, the user equipment needs to make the new data radio bearer identifier of the data radio bearer and the data.
  • the evolved packet system bearer identifier corresponding to the radio bearer is corresponding, and the original data radio bearer identifier of the data radio bearer is deleted. In this process, deleting the original data radio bearer identifier of the data radio bearer does not trigger the deletion of the evolved packet system bearer corresponding to the data radio bearer and its identifier.
  • a dual-connected radio bearer migrating device is also provided.
  • the device is used to implement the foregoing solution, and can be applied to a user equipment. As shown in FIG. 10, the device includes:
  • the receiving module 102 is configured to receive a message from the primary base station for notifying the user equipment to perform data radio bearer migration, where the message carries a new data radio bearer identifier allocated by the primary base station, where the new data radio bearer identifier is used for Identifying the data radio bearer to be migrated, where the new data radio bearer identifier is different from the data radio bearer identifier used by the primary base station and the slave base station;
  • the migration module 104 is configured to migrate the data radio bearer to the target base station according to the new data radio bearer identifier.
  • the foregoing apparatus may further include: a mapping module 106, configured to establish a mapping relationship between a new data radio bearer identifier and an evolved packet system bearer identifier corresponding to the data radio bearer, and delete the original data radio bearer The mapping relationship between the data radio bearer identifier and the evolved packet system bearer identifier.
  • a mapping module 106 configured to establish a mapping relationship between a new data radio bearer identifier and an evolved packet system bearer identifier corresponding to the data radio bearer, and delete the original data radio bearer The mapping relationship between the data radio bearer identifier and the evolved packet system bearer identifier.
  • a user equipment including: the migration device of the dual connectivity radio bearer described above.
  • the following preferred embodiment provides a method for managing a dual-connection radio bearer, so that when the connection bearer of the terminal is migrated between the base stations that are simultaneously connected, the problem of key multiplexing and the like is avoided, thereby ensuring the security of the dual connection.
  • the main idea of the following embodiment is:
  • the radio bearer When the radio bearer is migrated from the first base station (which may be the primary base station or the secondary base station) to the second base station (which may be the primary base station or the secondary base station), it needs to be assigned a new data radio bearer identifier and the radio bearer with the data
  • the corresponding evolved packet system bearer identity re-corresponds to the new radio bearer identity.
  • the new radio bearer identifier is to be distinguished from other bearer identifiers that have been allocated on the first base station and the second base station. Further, when the key update is initiated, the first base station and/or the second base station clears the bearer identifier that is not used by the current bearer.
  • the first base station and the second base station may also use the key update procedure to clear the unused bearer identity record to regain the radio bearer identity resource.
  • the “first” and “second” described in the above embodiments are only used to distinguish the information or entity involved, and do not constitute an improper definition of the information or entity involved.
  • the UE maintains dual connectivity with the primary base station (ie, MeNB) and the secondary base station (ie, SeNB), wherein the MeNB wishes to migrate the A bearer (whose data radio identifier is 1) on the base station to the SeNB.
  • MeNB primary base station
  • SeNB secondary base station
  • step S1202 the MeNB initiates a modification request to the SeNB, which carries the A bearer configuration information to be migrated, including the new data radio bearer identifier allocated thereto, and assumes that the new data radio bearer identifier is 2.
  • the MeNB needs to ensure that the data radio bearer identifier 2 has not been used.
  • Step S1204 The SeNB generates a modification request response message according to the MeNB indication.
  • Step S1206 The MeNB initiates a reconfiguration command to the UE according to the modification request response message, where the UE is instructed to migrate the A bearer to the SeNB, and a new data radio bearer identifier 2 is allocated thereto.
  • Step S1208 The UE establishes a connection with the SeNB according to the command message of the MeNB, and completes the migration of the A bearer, and the UE changes the mapping relationship between the radio bearer corresponding to the A bearer and the EPS bearer, and deletes the data radio bearer. After identifying 1, the data radio bearer identifier 2 is re-mapped with the EPS bearer identifier of the bearer. The UE then initiates a flush configuration complete message to the MeNB.
  • step S1210 the MeNB sends a modification complete message to the SeNB to notify the completion of the migration.
  • the MeNB can also use the foregoing process to complete the migration of multiple data radio bearers at the same time.
  • Embodiment 2 is a diagrammatic representation of Embodiment 1:
  • the UE maintains dual connectivity with the primary base station (ie, the MeNB) and the secondary base station (ie, the SeNB), wherein the B bearers on the SeNB are previously migrated by the MeNB, and the keys on the MeNB and the SeNB are KeNB1 and S, respectively.
  • the B bearers on the SeNB are previously migrated by the MeNB, and the keys on the MeNB and the SeNB are KeNB1 and S, respectively.
  • - KeNB1 B carries the PDCP COUNT count value in the transmission process on the SeNB, and the key change on the SeNB becomes S-KeNB2.
  • the SeNB wishes to re-migrate the B-bearer (the data radio identifier of the base station) on the base station to the MeNB.
  • Step S1302 The SeNB sends a modification request message to the MeNB, where the B bearer configuration information that needs to be migrated is carried.
  • step S1304 the MeNB generates a reconfiguration command to the UE according to the bearer migration request message, where the new configuration information carried by the B on the MeNB is carried, including the data radio bearer identifier (set to 2) that the MeNB reassigns for the B bearer.
  • the MeNB needs to ensure that the new radio bearer identifier 2 is different from the data radio bearer identifier that the MeNB and the SeNB have used.
  • Step S1306 The UE completes the migration of the B bearer to the MeNB according to the command message of the MeNB, and the UE changes the mapping relationship between the radio bearer corresponding to the B bearer and the EPS bearer, deletes the radio bearer identifier 1, and re-enables the radio bearer identifier 2 and the bearer.
  • the EPS bearer identity establishes a mapping. The UE then initiates a reconfiguration complete message to the MeNB.
  • step S1308 the MeNB sends a modification confirmation message to the SeNB to notify the completion of the migration.
  • the MeNB may actively determine whether the key carried by the B bearer on the SeNB is updated, if the key S-KeNB1 on the SeNB does update, and the local key and the original MeNB migrate the B bearer to the SeNB. If the key KeNB1 is the same, the MeNB may choose not to allocate a new radio bearer identifier for the B bearer.
  • the MeNB and the SeNB can also use the process to simultaneously perform migration of multiple data radio bearers.
  • Embodiment 3 is a diagrammatic representation of Embodiment 3
  • the UE maintains dual connectivity with the primary base station (ie, MeNB) and the secondary base station (ie, SeNB,), wherein the SeNB wishes to exit the upper connection (ie, is deleted) due to load or other reasons, and the SeNB base station All data radio bearers (whose data radio identifier is 1) are migrated to the MeNB.
  • MeNB primary base station
  • SeNB secondary base station
  • All data radio bearers whose data radio identifier is 1
  • Step S1402 The SeNB sends a release request message to the MeNB, where all data radio bearer configuration information that needs to be migrated is carried.
  • Step S1404 The MeNB generates a reconfiguration command initiated by the UE, where the new configuration information of all or part of the data radio bearers on the MeNB is carried, including the data radio bearer identifier re-allocated by the MeNB for all or part of the data radio bearers on the SeNB. .
  • the MeNB needs to ensure that the newly allocated data radio bearer identifier is different from the data radio bearer identifier used by the MeNB and the SeNB.
  • Step S1406 The UE completes the migration of the responding data radio bearer to the MeNB according to the command message of the MeNB, and deletes the radio connection with the SeNB. At the same time, the UE changes the mapping relationship between the radio bearer corresponding to the B bearer and the EPS bearer, and establishes a mapping between the newly allocated data radio bearer identifier and the EPS bearer identifier of the corresponding bearer. The UE then initiates a reconfiguration complete message to the MeNB.
  • step S1408 the MeNB sends a release confirmation message to the SeNB.
  • step 1404 if the MeNB determines that no redundant radio bearer identifier can be allocated at present, the MeNB needs to initiate a key update procedure of the MeNB.
  • the update process is the same as the existing key update process, and is not described here.
  • the embodiment of the present invention achieves the following beneficial effects: the foregoing technical solution provided by the embodiment of the present invention can ensure sufficient security protection for the multi-connection bearer of the terminal, and can prevent the service connection at the terminal from being carried. When a migration occurs between base stations, it poses a hidden danger in key security. At the same time, the management method in the present invention fully multiplexes the existing connection management mechanism, and ensures the backward compatibility of the network and the terminal on the software and hardware to a certain extent.
  • a storage medium is further provided, wherein the software includes the above-mentioned software, including but not limited to: an optical disk, a floppy disk, a hard disk, an erasable memory, and the like.
  • modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device, thereby Storing them in a storage device is performed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that herein, or separately fabricated into individual integrated circuit modules, or Multiple of these modules or steps are fabricated as a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software.
  • the primary base station is configured to allocate a new data radio bearer identifier different from the data radio bearer of the primary base station and the data radio bearer identifier used by the base station for the data radio bearer to be migrated.
  • the dual-connection radio bearer has the problem of security caused by key leakage during the migration process between the base stations, and the security of the dual-connection bearer of the terminal is improved.

Abstract

The present invention provides dual-connection radio bearer migration processing and migration methods and devices. The migration processing method comprises: a master base station allocates a new data radio bearer identifier to a data radio bearer to be migrated, the new data radio bearer identifier being different from data radio bearer identifiers that have been used by the master base station and data radio bearer identifiers that have been used by a slave base station; and the master base station sends to a user equipment a message for informing the user equipment of migrating the data radio bearer, the message carrying the new radio bearer identifier. By means of the technical solution provided in the present invention, the problem in the related art that the security is low due to key exposure during the migration of a dual-connection radio bearer between base stations is solved, and the security of the dual-connection bearer of a terminal is improved.

Description

双连接无线承载的迁移处理、迁移方法及装置Migration processing, migration method and device for dual-connected wireless bearer 技术领域Technical field
本发明涉及通信领域,尤其是涉及一种双连接无线承载的迁移处理、迁移方法及装置。The present invention relates to the field of communications, and in particular, to a migration processing and migration method and apparatus for a dual connectivity radio bearer.
背景技术Background technique
随着无线通信技术和标准的不断演进,移动分组业务得到了巨大的发展,单终端的数据吞吐能力不断在提升。以长期演进(Long Term Evolution,LTE)系统为例,在20M带宽内可以支持下行最大速率100Mbps的数据传输,后续的增强的LTE(LTE Advanced)网络中,数据的传输速率将进一步提升,甚至可以达到1Gbps。With the continuous evolution of wireless communication technologies and standards, mobile packet services have been greatly developed, and the data throughput capability of single terminals is constantly improving. Taking the Long Term Evolution (LTE) system as an example, the downlink maximum rate of 100 Mbps data transmission can be supported in the 20 M bandwidth. In the subsequent enhanced LTE (LTE Advanced) network, the data transmission rate will be further improved, and even Up to 1Gbps.
现有LTE的用户面数据协议栈如图1所示,从核心网经用户层面通用分组无线业务(General Packet Radio Service,简称为GPRS)隧道协议(GPRS Tunneling Protocol for the User Plane,简称为GTP-U)收到的下行数据,经解包后通过分组数据汇聚协议(Packet Data Convergence Protocol,简称为PDCP)子层、无线链路控制(Radio Link Control,简称为RLC)协议子层、媒体接入控制(Medium Access Control,简称为MAC)协议子层和物理层(PHYsics,简称为PHY)处理发送给用户设备(User Equipment,简称为UE);上行数据的发送与下行正好相反。目前网络与UE之间的数据传输链路是一对一的专用链接,因此这条链路的信号质量和使用的资源大小决定了两者间的数据传输性能。如果链路使用的资源受到限制或者信号质量比较差,则UE的用户体验就会下降,这就是现在移动运营商正在面临的巨大挑战,虽然网络容量逐年扩增,但仍赶不上用户终端数量的增加和用户对数据业务量的需求,在图1中,IP为互联网协议(Internet Protocol)的简称,UDP/IP为用户数据协议(User Date Protocol)/互联网协议的简称。The user plane data protocol stack of the existing LTE is as shown in FIG. 1 , and the GPRS Tunneling Protocol for the User Plane (GTP-TTP) is used from the core network through the user-level general packet radio service (GPRS) protocol. U) Received downlink data, after unpacking, through the Packet Data Convergence Protocol (PDCP) sublayer, Radio Link Control (RLC) protocol sublayer, media access The control (Medium Access Control, MAC for short) protocol sublayer and physical layer (PHYsics, PHY for short) are sent to the user equipment (User Equipment, UE for short); the uplink data is sent in the opposite direction to the downlink. Currently, the data transmission link between the network and the UE is a one-to-one dedicated link, so the signal quality of the link and the size of the resources used determine the data transmission performance between the two. If the resources used by the link are limited or the signal quality is poor, the user experience of the UE will decrease. This is a huge challenge that mobile operators are facing now. Although the network capacity is expanding year by year, it still cannot keep up with the increase in the number of user terminals. And the user's demand for data traffic, in Figure 1, IP is short for Internet Protocol, and UDP/IP is short for User Data Protocol/Internet Protocol.
为了满足数据业务量的增长需求,以及业务在地域上不平均的特点,运营商在部署新一代通信网络(比如LTE)的过程中,也在增加低功率节点(Low Power Node,简称为LPN)或称小小区(Small Cell)或微基站(Pico eNB,其中,eNB为evolved Node B的简称,eNB可以称为演进的节点B)来进行热点增强。随着LPN小区的增加,网络部署环境变得更加复杂,同时也带来了一些问题。首先,因为LPN小区相对来说覆盖范围相比于宏小区(Macro Cell)要小得多,容量也相对较小,某些LPN小区可能会轻易被用户占满而导致负荷过高,从而影响用户数据的吞吐量,而另外一些LPN小 区或宏小区会处在相对较低的负荷水平上,如果要平衡负荷,需要网络侧执行负荷均衡操作,但该过程不够灵活,尤其当小区较多时,这种灵活性的缺乏导致的负荷不均就更严重;另外,由于LPN小区数量比较多,因此用户设备(或称为终端)在网络内发生移动时,会导致频繁的小区间切换(Handover),从而导致频繁的数据业务终端甚至是掉话等问题,这也会导致用户的数据吞吐量和用户体验的下降。同时这种频繁的切换也会导致终端与网络,尤其是核心网会收到大量的信令冲击,从而可能导致系统资源拥塞甚至瘫痪。随着将来运营商以及个人部署的LPN小区数量的增加,上述情况会愈来愈严重,因此目前不少公司和运营商都倾向于寻求一种新的增强方案,双连接(Dual Connectivity)就是其中之一,双连接下终端可以同时与两个网络节点保持连接,比如UE同时与宏小区和LPN小区保持连接,在网络负荷不均衡时,网络侧可以实时调控终端在两个节点上的传输数据量,同时如果UE移动或其他原因导致LPN小区变更时,另外一个小区还可以保持连接,且这种变更不会导致过多的信令冲击。In order to meet the growing demand for data traffic and the geographically uneven nature of services, operators are also adding low-power nodes (Low Power Nodes, LPN for short) in the process of deploying next-generation communication networks (such as LTE). Or a small cell (Small Cell) or a micro base station (Pico eNB, where eNB is short for evolved Node B, eNB may be called evolved Node B) for hotspot enhancement. As the number of LPN cells increases, the network deployment environment becomes more complicated and brings some problems. First, because the coverage of the LPN cell is relatively small compared to the macro cell (Macro Cell), the capacity is relatively small, and some LPN cells may be easily occupied by the user and cause the load to be too high, thereby affecting the user. Data throughput, while others are small The area or macro cell will be at a relatively low load level. If the load is to be balanced, the network side needs to perform load balancing operations, but the process is not flexible enough, especially when there are many cells, the lack of such flexibility leads to no load. In addition, because the number of LPN cells is relatively large, when a user equipment (or terminal) moves within the network, frequent inter-cell handover (Handover) is caused, resulting in frequent data service terminals or even Problems such as dropped calls, which can also lead to a decline in user data throughput and user experience. At the same time, such frequent handovers may also cause the terminal and the network, especially the core network, to receive a large amount of signaling impact, which may cause system resources to be congested or even paralyzed. With the increase in the number of LPN cells deployed by operators and individuals in the future, this situation will become more and more serious. Therefore, many companies and operators are eager to seek a new enhanced solution. Dual Connectivity is one of them. First, the dual-connected terminal can maintain connection with two network nodes at the same time. For example, the UE maintains connection with the macro cell and the LPN cell at the same time. When the network load is unbalanced, the network side can control the transmission data of the terminal on the two nodes in real time. At the same time, if the UE moves or other reasons cause the LPN cell to change, another cell can still maintain the connection, and this change does not cause excessive signaling impact.
但UE与网络连接必须保证安全。在单连接场景下,按照现有协议,如图2所示,无线接入网网元(例如eNB)与用户设备之间的接入层(Access Stratum,简称为AS)拥有相同的安全上下文,其中包括基站密钥KeNB,根据该密钥可以派生出AS控制面的加密密钥(KRRCenc)和完整性保护密钥(KRRCint),以及用户面的加密密钥(KUPenc)。在eNB与UE之间进行数据传输时,发送端利用控制面完整性保护密钥(KRRCint)和加密密钥(KRRCenc),以及指定算法对控制面数据实施完整性保护和加密,而在接收端则会根据相同的密钥和算法执行反向操作(解密和完整性保护验证),对于用户面数据发送和接收双方则会利用用户面加密密钥(KUPenc)对用户面数据进行加密和解密操作。其中所述基站密钥初始KeNB由核心网计算然后发送给eNB。在后续的过程中,比如为防止PDCP序列号翻转或UE发生切换时,KeNB也会发生更新。以切换为例,如果是发生的S1切换,则切换目标侧的KeNB仍然由核心网计算;但如果发生的是X2切换,则切换目标侧的KeNB(或称KeNB*)的派生方法可能有两种,如图3所示,一种是由切换源侧的KeNB派生而来,另一种由下一跳(Next Hop,简称为NH)密钥派生而来,其中NH密钥是由核心网计算并发送给eNB的。However, the UE must be securely connected to the network. In a single-connection scenario, according to the existing protocol, as shown in FIG. 2, the access layer (Access Stratum, AS for short) between the radio access network element (such as an eNB) and the user equipment has the same security context. The base station key KeNB is included, according to which the encryption key (KRRCenc) and the integrity protection key (KRRCint) of the AS control plane and the encryption key (KUPenc) of the user plane can be derived. When data transmission is performed between the eNB and the UE, the sender uses the control plane integrity protection key (KRRCint) and the encryption key (KRRCenc), and the specified algorithm to perform integrity protection and encryption on the control plane data, and at the receiving end. Reverse operations (decryption and integrity protection verification) are performed according to the same key and algorithm. Both the user plane data transmission and reception sides use the user plane encryption key (KUPenc) to encrypt and decrypt the user plane data. . The base station key initial KeNB is calculated by the core network and then transmitted to the eNB. In the subsequent process, for example, to prevent the PDCP sequence number from being flipped or the UE switching, the KeNB also updates. Taking the handover as an example, if the S1 handover occurs, the KeNB of the handover target side is still calculated by the core network; but if an X2 handover occurs, the derivative method of the KeNB (or KeNB*) of the handover target side may have two As shown in FIG. 3, one is derived from the KeNB on the switching source side, and the other is derived from the Next Hop (NH) key, where the NH key is derived from the core network. Calculated and sent to the eNB.
在双连接场景下,如果采用的是非承载分离的数据分流方法,即连接承载从服务网关(Service-Gateway,简称为S-GW)被分为两组,分别通过主基站(Master eNB,简称为MeNB)和从基站(Secondary SeNB,简称为SeNB)与UE建立连接,如图4所示。UE与接入的两个节点需要采用不同的安全密钥分别保护各自的连接承载。其中SeNB上的基站密钥S-KeNB由MeNB上的基站密钥KeNB派生。当MeNB的KeNB发生变更时,SeNB会被删掉;但当SeNB上的S-KeNB变更时,MeNB上的连接是不受影响的。S-KeNB发生变更的场景包括:由MeNB上KeNB密钥变更导致的S-KeNB 变更,MeNB主动发起的S-KeNB密钥修改,SeNB上承载的PDCP COUNT值发生反转时,或其他SeNB重配导致的密钥变更等。In the dual-connection scenario, if a non-bearer-separated data offloading method is adopted, the service bearer (Service-Gateway, S-GW for short) is divided into two groups, which are respectively passed through the master base station (Master eNB, referred to as The MeNB) and the secondary base station (Secondary SeNB, SeNB for short) establish a connection with the UE, as shown in FIG. The two nodes connected to the UE need to use different security keys to protect the respective connection bearers. The base station key S-KeNB on the SeNB is derived from the base station key KeNB on the MeNB. When the KeNB of the MeNB changes, the SeNB is deleted; but when the S-KeNB on the SeNB changes, the connection on the MeNB is unaffected. The scenario in which the S-KeNB changes includes: the S-KeNB caused by the KeNB key change on the MeNB. Change, the S-KeNB key modification initiated by the MeNB, the PDCP COUNT value carried on the SeNB is reversed, or the key change caused by other SeNB reconfigurations.
实际中,考虑到UE的移动性以及网络的负荷等变化,UE的连接承载可能会在MeNB和SeNB间发生迁移,即MeNB上的承载可能会被迁移到SeNB,由SeNB承担其数据收发;也可以发生反向的,即SeNB上承载被迁移回MeNB。在该过程中,承载的标识不会发生变化。在LTE系统中,UE的承载的划分方法有多种方式,相应的会有多个标识对应于该承载。其中在基站侧会为其分配数据无线承载(Data Radio Bearer,简称为DRB)标识(DRB id);在核心网侧会为其分配演进分组系统(Evolved Packet System,简称为EPS)承载标识(ESP id),和增强无线接入承载(Enhanced Radio Access Bearer,简称为E-RAB)标识(E-RAB id)等。其中DRB id与EPS id和E-RAB id是一一对应或映射的。如果接入层某个DRB id对应的无线承载被删除,其对应非接入层的EPS id对应的地面承载也需要被删除。在所述的双连接场景下的承载迁移过程中,实际只是关乎其用户面路径的变更,其承载不会发生变化,因此其对应的无线承载标识和地面承载标识以及其对应关系都不会发生变化。In practice, considering the mobility of the UE and the load of the network, the connection bearer of the UE may be migrated between the MeNB and the SeNB, that is, the bearer on the MeNB may be migrated to the SeNB, and the SeNB shall bear the data transmission and reception; The reverse can occur, ie the bearer on the SeNB is migrated back to the MeNB. During this process, the identity of the bearer does not change. In the LTE system, there are multiple ways to divide the bearer of the UE, and correspondingly, multiple identifiers correspond to the bearer. The data radio bearer (DRB id) (DRB id) is assigned to the base station side; the Evolved Packet System (EPS) bearer identifier (ESP) is assigned to the core network side. Id), and Enhanced Radio Access Bearer (E-RAB id). The DRB id is one-to-one or mapped with the EPS id and the E-RAB id. If the radio bearer corresponding to a DRB id of the access layer is deleted, the ground bearer corresponding to the EPS id of the non-access stratum needs to be deleted. In the bearer migration process in the dual-connection scenario, the actual change is only related to the change of the user plane path, and the bearer does not change. Therefore, the corresponding radio bearer identifier and the ground bearer identifier and their corresponding relationships do not occur. Variety.
但承载的这种迁移可能会带来密钥复用的安全隐患。基于前面所述的MeNB和SeNB拥有各自的独立密钥为前提,如图5所示,原本处于MeNB上的承载2被迁移到了SeNB,在SeNB上传输期间,承载2的PDCP COUNT值发生了反转,按照现有协议,需要执行S-KeNB的更新,但这不会对MeNB产生影响,其KeNB仍然保持不变。但是当承载2再次被迁移回MeNB时,就可能会出现承载的同一个计数值COUNT的数据包被同一个密钥重复加密的问题,如图6所示,此时加密算法所有的输入密钥、承载标识、计数值COUNT等都会被重复使用,在安全领域,密钥等加密参数的重复利用会导致密钥泄露等问题,因此需要杜绝该问题。However, this kind of migration of bearers may bring security risks of key reuse. Based on the foregoing that the MeNB and the SeNB have their own independent keys, as shown in FIG. 5, the bearer 2 originally on the MeNB is migrated to the SeNB, and during the transmission on the SeNB, the PDCP COUNT value of the bearer 2 is reversed. In turn, according to the existing protocol, the update of the S-KeNB needs to be performed, but this does not affect the MeNB, and its KeNB remains unchanged. However, when the bearer 2 is migrated back to the MeNB again, there may be a problem that the data packet carrying the same count value COUNT is repeatedly encrypted by the same key, as shown in FIG. 6, at this time, all the input keys of the encryption algorithm. The bearer flag, the count value COUNT, etc. are all reused. In the security field, the reuse of encryption parameters such as keys may cause problems such as key leakage, so it is necessary to eliminate the problem.
发明内容Summary of the invention
针对相关技术中,双连接无线承载在基站间迁移过程中存在密钥泄露而导致的安全性等问题,本发明提供了一种双连接无线承载的迁移处理、迁移方法及装置,以至少解决上述技术问题。For the related art, the problem that the dual-connection radio bearer has a key leakage during the inter-base station migration process, the present invention provides a dual-connection radio bearer migration processing, migration method and device, to at least solve the above problem. technical problem.
为了达到上述目的,根据本发明的一个实施例,提供了一种双连接无线承载的迁移处理方法,包括:主基站为待迁移的数据无线承载分配新的数据无线承载标识,其中,所述新的数据无线承载标识与所述主基站和从基站已经使用过的数据无线承载标识均不同;所述主基站向用户设备发送用于通知用户设备进行数据无线承载迁移的消息,其中,该消息中携带有所述新的无线承载标识。 In order to achieve the above object, according to an embodiment of the present invention, a method for processing a dual-connection radio bearer is provided, including: a primary base station assigning a new data radio bearer identifier to a data radio bearer to be migrated, where the new The data radio bearer identifier is different from the data radio bearer identifier used by the master base station and the slave base station; the master base station sends a message to the user equipment to notify the user equipment to perform data radio bearer migration, where the message is Carrying the new radio bearer identity.
优选地,所述新的无线承载标识与所述数据无线承载对应的演进分组系统承载标识存在映射关系。Preferably, the new radio bearer identifier has a mapping relationship with the evolved packet system bearer identifier corresponding to the data radio bearer.
优选地,主基站为待迁移的数据无线承载分配新的数据无线承载标识之前,所述方法还包括:在所述主基站和/或所述从基站进行密钥更新时,清除当前数据无线承载不使用的数据无线承载标识记录。Preferably, before the primary base station allocates a new data radio bearer identifier to the data radio bearer to be migrated, the method further includes: clearing the current data radio bearer when the master base station and/or the slave base station performs key update Data radio bearer identification record not used.
优选地,主基站分配新的数据无线承载标识之前,所述方法还包括:所述主基站将所述数据无线承载由主基站迁移至从基站后,再由从基站将所述数据无线承载迁移回主基站,和/或承载迁移的源基站的密钥发生了更新且承载迁移的目标基站的密钥未发生更新。Preferably, before the primary base station allocates a new data radio bearer identifier, the method further includes: the primary base station migrating the data radio bearer from the primary base station to the secondary base station, and then the secondary base station migrates the data radio bearer The key back to the primary base station, and/or the source base station carrying the migration is updated, and the key of the target base station carrying the migration is not updated.
为了达到上述目的,根据本发明的再一个实施例,还提供了一种双连接无线承载的迁移方法,包括:用户设备接收来自主基站的用于通知用户设备进行数据无线承载迁移的消息,其中,所述消息携带有所述主基站分配的新的数据无线承载标识,该新的数据无线承载标识用于标识待迁移的数据无线承载,所述新的数据无线承载标识与所述主基站和从基站已经使用过的数据无线承载标识均不同;所述用户设备按照所述新的数据无线承载标识将所述数据无线承载迁移至目标基站。In order to achieve the above object, in accordance with still another embodiment of the present invention, a method for migrating a dual-connected radio bearer is provided, including: receiving, by a user equipment, a message from a primary base station for notifying a user equipment to perform data radio bearer migration, where The message carries a new data radio bearer identifier allocated by the primary base station, where the new data radio bearer identifier is used to identify a data radio bearer to be migrated, and the new data radio bearer identifier is associated with the primary base station and The data radio bearer identifiers that have been used by the base station are different; the user equipment migrates the data radio bearers to the target base station according to the new data radio bearer identifier.
优选地,所述用户设备按照所述新的数据无线承载标识将所述数据无线承载迁移至目标基站时,所述方法还包括:所述用户设备使所述新的数据无线承载标识与所述数据无线承载对应的演进分组系统承载标识对应,并删除所述数据无线承载原有的数据无线承载标识。Preferably, when the user equipment migrates the data radio bearer to the target base station according to the new data radio bearer identifier, the method further includes: the user equipment, the new data radio bearer identifier, and the Corresponding to the evolved packet system bearer identifier corresponding to the data radio bearer, and deleting the original data radio bearer identifier of the data radio bearer.
为了达到上述目的,根据本发明的再一个实施例,还提供了一种双连接无线承载的迁移处理装置,应用于主基站,包括:分配模块,设置为为待迁移的数据无线承载分配新的数据无线承载标识,其中,所述新的数据无线承载标识与所述主基站和从基站已经使用过的数据无线承载标识均不同;发送模块,设置为向用户设备发送用于通知用户设备进行数据无线承载迁移的消息,其中,该消息中携带有所述新的无线承载标识。In order to achieve the above object, according to still another embodiment of the present invention, a dual-connection radio bearer migration processing apparatus is further provided, which is applied to a primary base station, and includes: an allocation module, configured to allocate a new data radio bearer to be migrated. a data radio bearer identifier, wherein the new data radio bearer identifier is different from the data radio bearer identifier used by the master base station and the slave base station; and the sending module is configured to send the user equipment to notify the user equipment to perform data The radio carries the migrated message, where the message carries the new radio bearer identifier.
优选地,所述分配模块还设置为在所述新的无线承载标识与所述数据无线承载对应的演进分组系统承载标识存在映射关系时,分配所述新的数据无线承载标识。Preferably, the allocating module is further configured to allocate the new data radio bearer identifier when the new radio bearer identifier has a mapping relationship with the evolved packet system bearer identifier corresponding to the data radio bearer.
为了达到上述目的,根据本发明的再一个实施例,还提供了一种双连接无线承载的迁移装置,包括:接收模块,设置为接收来自主基站的用于通知用户设备进行数据无线承载迁移的消息,其中,所述消息携带有所述主基站分配的新的数据无线承载标 识,该新的数据无线承载标识用于标识待迁移的数据无线承载,所述新的数据无线承载标识与所述主基站和所述从基站已经使用过的数据无线承载标识均不同;迁移模块,设置为按照所述新的数据无线承载标识将所述数据无线承载迁移至目标基站。In order to achieve the above object, in accordance with still another embodiment of the present invention, a dual connectivity radio bearer migration apparatus is provided, including: a receiving module, configured to receive, from a primary base station, a user equipment for notifying a data radio bearer migration. a message, wherein the message carries a new data radio bearer assigned by the primary base station The new data radio bearer identifier is used to identify the data radio bearer to be migrated, and the new data radio bearer identifier is different from the data radio bearer identifier used by the master base station and the slave base station; And configured to migrate the data radio bearer to the target base station according to the new data radio bearer identifier.
优选地,还包括:映射模块,设置为使所述新的数据无线承载标识与所述数据无线承载对应的演进分组系统承载标识对应,并删除所述数据无线承载原有的数据无线承载标识。Preferably, the mapping module is further configured to: the new data radio bearer identifier is associated with the evolved packet system bearer identifier corresponding to the data radio bearer, and the original data radio bearer identifier of the data radio bearer is deleted.
为了达到上述目的,根据本发明的再一个实施例,还提供了一种基站,包括以上所述的双连接无线承载的迁移处理装置。In order to achieve the above object, according to still another embodiment of the present invention, a base station is further provided, including the migration processing apparatus of the dual connectivity radio bearer described above.
为了达到上述目的,根据本发明的再一个实施例,还提供了一种用户设备,包括以上所述的双连接无线承载的迁移装置。In order to achieve the above object, according to still another embodiment of the present invention, there is further provided a user equipment, including the migration device of the dual connectivity radio bearer described above.
通过本发明,采用主基站为待迁移的数据无线承载分配与主基站和从基站已经使用过的数据无线承载标识均不同的新的数据无线承载标识的技术手段,解决了相关技术中,双连接无线承载在基站间的迁移过程中存在密钥泄露而导致的安全性等问题,提高了终端的双连接承载的安全性。The invention solves the problem that the primary base station allocates a new data radio bearer identifier different from the data radio bearer identifier of the primary base station and the data radio bearer identifier that has been used by the base station for the data radio bearer to be migrated, and solves the related art, the dual connection The wireless bearer has problems such as security caused by key leakage during the migration process between the base stations, and improves the security of the dual-connection bearer of the terminal.
附图说明DRAWINGS
此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。在附图中:The drawings described herein are intended to provide a further understanding of the invention, and are intended to be a part of the invention. In the drawing:
图1为根据相关技术的LTE用户面协议栈示意图;1 is a schematic diagram of an LTE user plane protocol stack according to the related art;
图2为相关技术的网络中密钥派生和保护机制示意图;2 is a schematic diagram of a key derivation and protection mechanism in a network of the related art;
图3为根据相关技术的切换场景下基站密钥派生的方法示意图;3 is a schematic diagram of a method for deriving a base station key in a handover scenario according to the related art;
图4根据相关技术的双连接场景示意图;4 is a schematic diagram of a dual connectivity scenario according to the related art;
图5为根据相关技术的双连接密钥复用场景示意图;FIG. 5 is a schematic diagram of a dual connectivity key multiplexing scenario according to the related art; FIG.
图6为根据相关技术的加密方法示意图;6 is a schematic diagram of an encryption method according to the related art;
图7为根据本发明实施例的双连接无线承载的迁移处理方法的流程图;7 is a flowchart of a migration processing method of a dual connectivity radio bearer according to an embodiment of the present invention;
图8为根据本发明实施例的双连接无线承载的迁移处理装置的结构框图; FIG. 8 is a structural block diagram of a migration processing apparatus for a dual connectivity radio bearer according to an embodiment of the present invention; FIG.
图9为根据本发明实施例的双连接无线承载的迁移方法的流程图;9 is a flowchart of a method for migrating a dual connectivity radio bearer according to an embodiment of the present invention;
图10为根据本发明实施例的双连接无线承载的迁移装置的结构框图;FIG. 10 is a structural block diagram of a dual connectivity radio bearer migration apparatus according to an embodiment of the present invention; FIG.
图11为根据本发明优选实施例的双连接无线承载的迁移装置的另一结构框图;11 is a block diagram showing another structure of a dual connectivity radio bearer migration apparatus according to a preferred embodiment of the present invention;
图12为根据本发明优选实施例的主基站主动触发的承载迁移流程示意图;FIG. 12 is a schematic diagram of a bearer migration process actively triggered by a primary base station according to a preferred embodiment of the present invention; FIG.
图13为根据本发明优选实施例的从基站主动触发的承载迁移流程示意图;FIG. 13 is a schematic diagram of a bearer migration process actively triggered from a base station according to a preferred embodiment of the present invention; FIG.
图14为根据本发明优选实施例的从基站主动触发的承载迁移流程示意图。FIG. 14 is a schematic diagram of a bearer migration process actively triggered from a base station according to a preferred embodiment of the present invention.
具体实施方式detailed description
下文中将参考附图并结合实施例来详细说明本发明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互组合。The invention will be described in detail below with reference to the drawings in conjunction with the embodiments. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict.
针对相关技术中,在双连接无线承载在基站间的迁移过程中由于密钥复用等导致的安全性等问题,以下实施例提供了相应的解决方案,详细如下。For the related art, in the migration process of the dual-connection radio bearer between the base stations, the following solutions provide corresponding solutions due to security problems such as key multiplexing and the like, as follows.
图7为根据本发明实施例的双连接无线承载的迁移处理方法的流程图。如图7所示,该方法包括步骤S702-S706:FIG. 7 is a flowchart of a migration processing method of a dual connectivity radio bearer according to an embodiment of the present invention. As shown in FIG. 7, the method includes steps S702-S706:
步骤702,主基站为待迁移的数据无线承载分配新的数据无线承载标识,其中该新的数据无线承载标识与主基站和从基站已经使用过的数据无线承载标识均不同;Step 702: The primary base station allocates a new data radio bearer identifier to the data radio bearer to be migrated, where the new data radio bearer identifier is different from the data radio bearer identifier used by the master base station and the slave base station;
步骤704,主基站向用户设备发送用于通知用户设备进行数据无线承载迁移的消息,其中该消息中携带有所述待迁移数据无线承载对应的新的无线承载标识。Step 704: The primary base station sends a message to the user equipment to notify the user equipment that the data radio bearer is migrated, where the message carries the new radio bearer identifier corresponding to the data radio bearer to be migrated.
优选地,上述各个处理步骤可以应用于无线承载的各种迁移场景中,例如,从基站原有的数据无线承载迁移到主基站;或者,主基站原有的数据无线承载迁移到从基站;或者,主基站的数据无线承载迁移至从基站后,再由从基站迁移至主基站。尤其是对于最后一种情况,在数据无线承载反复迁移的场景下,由于密钥等信息会重复使用会导致密钥泄露等问题,而采用上述各个处理步骤的技术手段,由于采用了为待迁移的数据无线承载分配与主基站和从基站已经分配过的无线承载标识均不同的新的数据无线承载标识技术手段,因此,从根本上避免了密钥等信息的复用,提高了双连接承载在承载迁移时的安全性。 Preferably, the foregoing various processing steps may be applied to various migration scenarios of the radio bearer, for example, from the original data radio bearer of the base station to the primary base station; or the original data radio bearer of the primary base station is migrated to the secondary base station; or The data radio bearer of the primary base station is migrated to the secondary base station, and then migrated from the secondary base station to the primary base station. Especially in the last case, in the scenario where the data radio bearer is repeatedly migrated, the key information and the like may be repeatedly used, which may lead to key leakage, etc., and the technical means adopting the above various processing steps are adopted as The data radio bearer is allocated with a new data radio bearer identification technology that is different from the primary base station and the radio bearer identifier that has been allocated by the base station. Therefore, the multiplexing of information such as keys is fundamentally avoided, and the dual connectivity bearer is improved. Security when hosting migrations.
由于在步骤S702中,主基站为所述数据无线承载分配了新的数据无线承载标识,而不再使用原有的数据无线承载标识,因此,用户设备在收到消息后,需要重新使用新的数据无线承载标识对应与所述数据无线承载对应的演进分组系统承载标识,而不会触发上层的无线承载的删除指示。In the step S702, the primary base station allocates a new data radio bearer identifier to the data radio bearer, and no longer uses the original data radio bearer identifier. Therefore, after receiving the message, the user equipment needs to re-use the new one. The data radio bearer identifier corresponds to the evolved packet system bearer identifier corresponding to the data radio bearer, and does not trigger the deletion indication of the upper layer radio bearer.
在步骤S704中,上述通知消息的实现方式有多种,例如可以通过一个新增的专用消息来实现,还可以利用已有消息实现。In the step S704, the notification message is implemented in multiple manners, for example, by using a new dedicated message, or by using an existing message.
为了便于分配新的数据无线承载标识,主基站可以记录主基站和从基站已使用过的数据无线承载标识。所述记录信息可以通过密钥更新过程进行更新,清除当前无线承载不用的承载标识记录,例如:在主基站和/或从基站被动或主动进行密钥更新时,清除当前数据无线承载不使用的数据无线承载标识记录(即当前无线承载不使用的数据无线承载标识记录)。具体地,可以表现为以下实现形式:In order to facilitate the allocation of a new data radio bearer identity, the primary base station can record the data radio bearer identity that the primary base station and the secondary base station have used. The record information may be updated by the key update process to clear the bearer identification record that is not used by the current radio bearer. For example, when the primary base station and/or the base station passively or actively perform key update, the current data radio bearer is not used. The data radio bearer identification record (that is, the data radio bearer identification record that is not used by the current radio bearer). Specifically, it can be expressed as the following implementation forms:
当主动发起密钥更新时主基站会清除当前承载不用的数据无线承载标识记录;当没有新的数据无线承载标识时,主基站和从基站也可以使用密钥更新过程来清除不使用的数据无线承载标识记录,以重新获得无线承载标识资源。When the key update is initiated, the primary base station clears the data radio bearer identification record that is not used by the current bearer; when there is no new data radio bearer identifier, the primary base station and the secondary base station can also use the key update process to clear unused data wireless. The identity record is carried to retrieve the radio bearer identity resource.
举例说明上述的承载标识清除方法:如果主基站记录的已使用过的数据无线承载标识为1,2,3,但当前主基站和从基站上只存在两个数据无线承载,分别在使用标识2和3,则通过密钥更新过程,可以清除当前不再使用的标识1的记录。For example, the method for clearing the bearer identifier is as follows: if the used radio bearer identifier of the used data recorded by the primary base station is 1, 2, 3, but there are only two data radio bearers on the current primary base station and the secondary base station, respectively, the identifier 2 is used. And 3, through the key update process, you can clear the record of ID 1 that is no longer used.
本实施例中的方案可以应用于以下场景但不限于此:主基站将数据无线承载由主基站迁移至从基站后,再由从基站将所述数据无线承载迁移回第主基站,和/或The solution in this embodiment may be applied to the following scenarios, but is not limited thereto: the primary base station migrates the data radio bearer from the primary base station to the secondary base station, and then the secondary base station migrates the data radio bearer back to the primary base station, and/or
承载迁移的源基站的密钥发生了更新且承载迁移的目标基站的密钥未发生更新。其中承载迁移的源/目标基站是针对待迁移的数据无线承载而言的。举例说明,比如某数据无线承载被从A基站迁移到了B基站,则A基站就是该承载迁移的源基站,而B基站就是承载迁移的目标基站。The key of the source base station carrying the migration is updated and the key of the target base station carrying the migration is not updated. The source/target base station carrying the migration is for the data radio bearer to be migrated. For example, if a data radio bearer is migrated from the A base station to the B base station, the A base station is the source base station for the bearer migration, and the B base station is the target base station carrying the migration.
在本实施例中,还提供了一种双连接无线承载的迁移处理装置,该装置应用于主基站,用于实现上述方法,如图8所示,该装置包括:In this embodiment, a dual-connection radio bearer migration processing apparatus is also provided, which is applied to a primary base station, and is used to implement the foregoing method. As shown in FIG. 8, the apparatus includes:
分配模块80,设置为为待迁移的数据无线承载分配新的数据无线承载标识,其中,该新的数据无线承载标识与主基站和从基站已经使用过的数据无线承载标识均不同;The allocating module 80 is configured to allocate a new data radio bearer identifier to the data radio bearer to be migrated, where the new data radio bearer identifier is different from the data radio bearer identifier used by the master base station and the slave base station;
发送模块82,连接至分配模块80,设置为向用户设备发送用于通知用户设备进行数据无线承载迁移的消息,其中,该消息中携带有上述新的无线承载标识。 The sending module 82 is connected to the distribution module 80, and is configured to send a message to the user equipment to notify the user equipment to perform data radio bearer migration, where the message carries the new radio bearer identifier.
优选地,上述分配模块80还设置为在上述新的无线承载标识与数据无线承载对应的演进分组系统承载标识存在映射关系时,分配上述新的数据无线承载标识。Preferably, the foregoing allocation module 80 is further configured to allocate the new data radio bearer identifier when the new radio bearer identifier has a mapping relationship with the evolved packet system bearer identifier corresponding to the data radio bearer.
需要说明的是,上述各个模块是可以通过软件或硬件模块来实现的,对于后者,可以表现为以下实现形式:分配模块80位于第一处理器中,发送模块82可以位于第二处理器中;或者,分配模块80和发送模块82均位于同一处理器中,但不限于此。It should be noted that each of the above modules may be implemented by software or a hardware module. For the latter, the following implementation forms may be implemented: the distribution module 80 is located in the first processor, and the sending module 82 may be located in the second processor. Or, the allocation module 80 and the transmitting module 82 are all located in the same processor, but are not limited thereto.
在本实施例中,还提供一种基站,包括:以上所述的双连接无线承载的迁移处理装置。In this embodiment, a base station is further provided, including: the migration processing apparatus of the dual connectivity radio bearer described above.
在本实施例中,还提供一种双连接无线承载的迁移方法,如图9所示,该方法包括:In this embodiment, a method for migrating a dual connectivity radio bearer is also provided. As shown in FIG. 9, the method includes:
步骤S902,用户设备接收来自主基站的用于通知用户设备进行数据无线承载迁移的消息,其中,该消息携带有主基站分配的新的数据无线承载标识,该新的数据无线承载标识用于标识待迁移的数据无线承载,上述新的数据无线承载标识与主基站和从基站已经使用过的数据无线承载标识均不同;Step S902: The user equipment receives a message from the primary base station for informing the user equipment to perform data radio bearer migration, where the message carries a new data radio bearer identifier allocated by the primary base station, where the new data radio bearer identifier is used to identify The data radio bearer to be migrated, the new data radio bearer identifier is different from the data radio bearer identifier used by the primary base station and the slave base station;
步骤S904,用户设备按照上述新的数据无线承载标识将数据无线承载迁移至目标基站。Step S904: The user equipment migrates the data radio bearer to the target base station according to the new data radio bearer identifier.
在本实施例的一个优选实施方式中,用户设备按照上述新的数据无线承载标识将数据无线承载迁移至目标基站时,用户设备需要使所述数据无线承载的新的数据无线承载标识与该数据无线承载对应的演进分组系统承载标识对应,并删除所述数据无线承载原有的数据无线承载标识。在该过程中,删除数据无线承载原有的数据无线承载标识不会触发所述数据无线承载对应的演进分组系统承载及其标识的删除。In a preferred embodiment of the present embodiment, when the user equipment migrates the data radio bearer to the target base station according to the new data radio bearer identifier, the user equipment needs to make the new data radio bearer identifier of the data radio bearer and the data. The evolved packet system bearer identifier corresponding to the radio bearer is corresponding, and the original data radio bearer identifier of the data radio bearer is deleted. In this process, deleting the original data radio bearer identifier of the data radio bearer does not trigger the deletion of the evolved packet system bearer corresponding to the data radio bearer and its identifier.
在本实施例中还提供一种双连接无线承载的迁移装置,该装置用于实现上述方案,可以应用于用户设备,如图10所示,该装置包括:In this embodiment, a dual-connected radio bearer migrating device is also provided. The device is used to implement the foregoing solution, and can be applied to a user equipment. As shown in FIG. 10, the device includes:
接收模块102,设置为接收来自主基站的用于通知用户设备进行数据无线承载迁移的消息,其中,该消息携带有主基站分配的新的数据无线承载标识,该新的数据无线承载标识用于标识待迁移的数据无线承载,上述新的数据无线承载标识与主基站和从基站已经使用过的数据无线承载标识均不同;The receiving module 102 is configured to receive a message from the primary base station for notifying the user equipment to perform data radio bearer migration, where the message carries a new data radio bearer identifier allocated by the primary base station, where the new data radio bearer identifier is used for Identifying the data radio bearer to be migrated, where the new data radio bearer identifier is different from the data radio bearer identifier used by the primary base station and the slave base station;
迁移模块104,设置为按照上述新的数据无线承载标识将数据无线承载迁移至目标基站。 The migration module 104 is configured to migrate the data radio bearer to the target base station according to the new data radio bearer identifier.
优选地,如图11所示,上述装置还可以包括:映射模块106,设置为建立新的数据无线承载标识与数据无线承载对应的演进分组系统承载标识的映射关系并删除数据无线承载原有的数据无线承载标识与演进分组系统承载标识的映射关系。Preferably, as shown in FIG. 11, the foregoing apparatus may further include: a mapping module 106, configured to establish a mapping relationship between a new data radio bearer identifier and an evolved packet system bearer identifier corresponding to the data radio bearer, and delete the original data radio bearer The mapping relationship between the data radio bearer identifier and the evolved packet system bearer identifier.
在本实施例中,还提供一种用户设备,包括:以上所述的双连接无线承载的迁移装置。In this embodiment, a user equipment is further provided, including: the migration device of the dual connectivity radio bearer described above.
为了更好地理解上述实施例,以下结合优选实施例详细说明。以下优选实施例提供一种双连接无线承载的管理方法,使得终端的连接承载在其同时连接的基站间发生迁移时,避免发生密钥复用等问题,从而保证双连接的安全性。以下实施例的主要思想在于:In order to better understand the above embodiments, the following detailed description will be given in conjunction with the preferred embodiments. The following preferred embodiment provides a method for managing a dual-connection radio bearer, so that when the connection bearer of the terminal is migrated between the base stations that are simultaneously connected, the problem of key multiplexing and the like is avoided, thereby ensuring the security of the dual connection. The main idea of the following embodiment is:
无线承载被从第一基站(可以为主基站或从基站)迁移到第二基站(可以为主基站或从基站)时,需要为其分配新的数据无线承载标识,并使与该数据无线承载相对应的演进分组系统承载标识重新对应于新的无线承载标识。新的无线承载标识要区别于第一基站和第二基站上已经分配过的其他承载标识;进一步的,当发起密钥更新时第一基站和/或第二基站会清除当前承载不用的承载标识记录;当没有新的无线承载标识时第一基站和第二基站也可以使用密钥更新过程来清除不使用的承载标识记录,以重新获得无线承载标识资源。需要说明的是,以上实施例中所述的“第一”“第二”仅用于区分所涉及信息或实体等,并不构成对所涉及信息或实体的不当限定。When the radio bearer is migrated from the first base station (which may be the primary base station or the secondary base station) to the second base station (which may be the primary base station or the secondary base station), it needs to be assigned a new data radio bearer identifier and the radio bearer with the data The corresponding evolved packet system bearer identity re-corresponds to the new radio bearer identity. The new radio bearer identifier is to be distinguished from other bearer identifiers that have been allocated on the first base station and the second base station. Further, when the key update is initiated, the first base station and/or the second base station clears the bearer identifier that is not used by the current bearer. Recording; when there is no new radio bearer identity, the first base station and the second base station may also use the key update procedure to clear the unused bearer identity record to regain the radio bearer identity resource. It should be noted that the “first” and “second” described in the above embodiments are only used to distinguish the information or entity involved, and do not constitute an improper definition of the information or entity involved.
实施例一Embodiment 1
如图12所示,UE与主基站(即MeNB)和从基站(即SeNB,)保持双连接,其中MeNB希望将本基站上的A承载(其数据无线标识为1)迁移到SeNB上。As shown in FIG. 12, the UE maintains dual connectivity with the primary base station (ie, MeNB) and the secondary base station (ie, SeNB), wherein the MeNB wishes to migrate the A bearer (whose data radio identifier is 1) on the base station to the SeNB.
步骤S1202,MeNB向SeNB发起修改请求,其中携带需要迁移的A承载配置信息,包括为其分配的新的数据无线承载标识,假设新的数据无线承载标识为2。其中MeNB需要保证数据无线承载标识2没有被使用过。In step S1202, the MeNB initiates a modification request to the SeNB, which carries the A bearer configuration information to be migrated, including the new data radio bearer identifier allocated thereto, and assumes that the new data radio bearer identifier is 2. The MeNB needs to ensure that the data radio bearer identifier 2 has not been used.
步骤S1204,SeNB根据MeNB指示生成修改请求响应消息。Step S1204: The SeNB generates a modification request response message according to the MeNB indication.
步骤S1206,MeNB根据修改请求响应消息向UE发起重配置命令,其中指示UE,将A承载迁移到SeNB,且为其分配了新的数据无线承载标识2。Step S1206: The MeNB initiates a reconfiguration command to the UE according to the modification request response message, where the UE is instructed to migrate the A bearer to the SeNB, and a new data radio bearer identifier 2 is allocated thereto.
步骤S1208,UE根据MeNB的命令消息同SeNB建立连接完成将A承载的迁移,同时UE将变更A承载对应的无线承载与EPS承载的映射关系,删除数据无线承载标 识1,而重新使数据无线承载标识2与该承载的EPS承载标识建立映射。然后UE向MeNB发起冲配置完成消息。Step S1208: The UE establishes a connection with the SeNB according to the command message of the MeNB, and completes the migration of the A bearer, and the UE changes the mapping relationship between the radio bearer corresponding to the A bearer and the EPS bearer, and deletes the data radio bearer. After identifying 1, the data radio bearer identifier 2 is re-mapped with the EPS bearer identifier of the bearer. The UE then initiates a flush configuration complete message to the MeNB.
步骤S1210,MeNB向SeNB发送修改完成消息,通知迁移完成。In step S1210, the MeNB sends a modification complete message to the SeNB to notify the completion of the migration.
其中,MeNB也可以利用上述过程,同时完成多条数据无线承载的迁移。The MeNB can also use the foregoing process to complete the migration of multiple data radio bearers at the same time.
实施例二:Embodiment 2:
如图13所示,UE与主基站(即MeNB)和从基站(即SeNB)保持双连接,其中SeNB上的B承载是之前由MeNB迁移过来的,MeNB和SeNB上密钥分别是KeNB1和S-KeNB1,B承载在SeNB上的传输过程中,其PDCP COUNT计数值发生反转,同时导致了SeNB上的密钥变更,变为了S-KeNB2。但由于其他原因(比如SeNB上负荷过高等),SeNB希望将本基站上的B承载(其数据无线标识为1)重新迁移到MeNB上。As shown in FIG. 13, the UE maintains dual connectivity with the primary base station (ie, the MeNB) and the secondary base station (ie, the SeNB), wherein the B bearers on the SeNB are previously migrated by the MeNB, and the keys on the MeNB and the SeNB are KeNB1 and S, respectively. - KeNB1, B carries the PDCP COUNT count value in the transmission process on the SeNB, and the key change on the SeNB becomes S-KeNB2. However, for other reasons (such as excessive load on the SeNB, etc.), the SeNB wishes to re-migrate the B-bearer (the data radio identifier of the base station) on the base station to the MeNB.
步骤S1302,SeNB向MeNB发送修改要求消息,其中携带需要迁移的B承载配置信息。Step S1302: The SeNB sends a modification request message to the MeNB, where the B bearer configuration information that needs to be migrated is carried.
步骤S1304,MeNB根据承载迁移请求消息,生成向UE发起的重配置命令,其中携带了B承载在MeNB上的新配置信息,包括MeNB为B承载重新分配的数据无线承载标识(设为2)。其中MeNB需要保证新的无线承载标识2与MeNB和SeNB已使用过的数据无线承载标识均不同。In step S1304, the MeNB generates a reconfiguration command to the UE according to the bearer migration request message, where the new configuration information carried by the B on the MeNB is carried, including the data radio bearer identifier (set to 2) that the MeNB reassigns for the B bearer. The MeNB needs to ensure that the new radio bearer identifier 2 is different from the data radio bearer identifier that the MeNB and the SeNB have used.
步骤S1306,UE根据MeNB的命令消息完成将B承载向MeNB的迁移,同时UE变更B承载对应的无线承载与EPS承载的映射关系,删除无线承载标识1,而重新使无线承载标识2与该承载的EPS承载标识建立映射。然后UE向MeNB发起重配置完成消息。Step S1306: The UE completes the migration of the B bearer to the MeNB according to the command message of the MeNB, and the UE changes the mapping relationship between the radio bearer corresponding to the B bearer and the EPS bearer, deletes the radio bearer identifier 1, and re-enables the radio bearer identifier 2 and the bearer. The EPS bearer identity establishes a mapping. The UE then initiates a reconfiguration complete message to the MeNB.
步骤S1308,MeNB向SeNB发送修改确认消息,通知迁移完成。In step S1308, the MeNB sends a modification confirmation message to the SeNB to notify the completion of the migration.
进一步的,MeNB在步骤S1304中可以主动判断B承载在SeNB上的密钥是否更新,如果SeNB上的密钥S-KeNB1的确发生了更新,而本地的密钥与最初MeNB迁移B承载到SeNB时密钥KeNB1相同没有变化,则MeNB可以选择不为B承载分配新的无线承载标识。Further, in step S1304, the MeNB may actively determine whether the key carried by the B bearer on the SeNB is updated, if the key S-KeNB1 on the SeNB does update, and the local key and the original MeNB migrate the B bearer to the SeNB. If the key KeNB1 is the same, the MeNB may choose not to allocate a new radio bearer identifier for the B bearer.
进一步的,MeNB和SeNB也可以利用该过程同时完成多条数据无线承载的迁移。Further, the MeNB and the SeNB can also use the process to simultaneously perform migration of multiple data radio bearers.
实施例三: Embodiment 3:
如图14所示,UE与主基站(即MeNB)和从基站(即SeNB,)保持双连接,其中SeNB因为负荷或其他原因,希望退出上连接(即被删除),并将SeNB基站上的所有数据无线承载(其数据无线标识为1)迁移到MeNB上。As shown in FIG. 14, the UE maintains dual connectivity with the primary base station (ie, MeNB) and the secondary base station (ie, SeNB,), wherein the SeNB wishes to exit the upper connection (ie, is deleted) due to load or other reasons, and the SeNB base station All data radio bearers (whose data radio identifier is 1) are migrated to the MeNB.
步骤S1402,SeNB向MeNB发送释放请求消息,其中携带需要迁移的所有数据无线承载配置信息。Step S1402: The SeNB sends a release request message to the MeNB, where all data radio bearer configuration information that needs to be migrated is carried.
步骤S1404,MeNB生成向UE发起的重配置命令,其中携带了SeNB上所有或部分数据无线承载在MeNB上的新配置信息,包括MeNB为SeNB上所有或部分数据无线承载重新分配的数据无线承载标识。其中MeNB需要保证新分配的数据无线承载标识与MeNB和SeNB已使用过的数据无线承载标识均不同。Step S1404: The MeNB generates a reconfiguration command initiated by the UE, where the new configuration information of all or part of the data radio bearers on the MeNB is carried, including the data radio bearer identifier re-allocated by the MeNB for all or part of the data radio bearers on the SeNB. . The MeNB needs to ensure that the newly allocated data radio bearer identifier is different from the data radio bearer identifier used by the MeNB and the SeNB.
步骤S1406,UE根据MeNB的命令消息完成响应的数据无线承载向MeNB的迁移,并删除与SeNB的无线连接。同时UE变更B承载对应的无线承载与EPS承载的映射关系,使新分配的数据无线承载标识与对应承载的EPS承载标识建立映射。然后UE向MeNB发起重配置完成消息。Step S1406: The UE completes the migration of the responding data radio bearer to the MeNB according to the command message of the MeNB, and deletes the radio connection with the SeNB. At the same time, the UE changes the mapping relationship between the radio bearer corresponding to the B bearer and the EPS bearer, and establishes a mapping between the newly allocated data radio bearer identifier and the EPS bearer identifier of the corresponding bearer. The UE then initiates a reconfiguration complete message to the MeNB.
步骤S1408,MeNB向SeNB发送释放确认消息。In step S1408, the MeNB sends a release confirmation message to the SeNB.
进一步的,在步骤1404中,如果MeNB判断当前已经没有多余的无线承载标识可以分配,则MeNB需要发起MeNB的密钥更新过程。其中该更新过程与现有密钥更新过程相同,此处不再赘述。Further, in step 1404, if the MeNB determines that no redundant radio bearer identifier can be allocated at present, the MeNB needs to initiate a key update procedure of the MeNB. The update process is the same as the existing key update process, and is not described here.
综上所述,本发明实施例实现了以下有益效果:采用本发明实施例提供的上述技术方案,可以保证为终端的多连接承载提供足够的安全保护,并可以防止在终端的业务连接承载在基站间发生迁移时,造成密钥安全方面的隐患。同时,本发明中所述管理方法充分复用了现有连接管理机制,从一定程度上保证了网络与终端在软硬件上的后向兼容性。In summary, the embodiment of the present invention achieves the following beneficial effects: the foregoing technical solution provided by the embodiment of the present invention can ensure sufficient security protection for the multi-connection bearer of the terminal, and can prevent the service connection at the terminal from being carried. When a migration occurs between base stations, it poses a hidden danger in key security. At the same time, the management method in the present invention fully multiplexes the existing connection management mechanism, and ensures the backward compatibility of the network and the terminal on the software and hardware to a certain extent.
在另外一个实施例中,还提供了一种软件,该软件用于执行上述实施例及优选实施方式中描述的技术方案。In another embodiment, software is also provided for performing the technical solutions described in the above embodiments and preferred embodiments.
在另外一个实施例中,还提供了一种存储介质,该存储介质中存储有上述软件,该存储介质包括但不限于:光盘、软盘、硬盘、可擦写存储器等。In another embodiment, a storage medium is further provided, wherein the software includes the above-mentioned software, including but not limited to: an optical disk, a floppy disk, a hard disk, an erasable memory, and the like.
显然,本领域的技术人员应该明白,上述的本发明的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以 将它们存储在存储装置中由计算装置来执行,并且在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。这样,本发明不限制于任何特定的硬件和软件结合。It will be apparent to those skilled in the art that the various modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device, thereby Storing them in a storage device is performed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that herein, or separately fabricated into individual integrated circuit modules, or Multiple of these modules or steps are fabricated as a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software.
以上仅为本发明的优选实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above are only the preferred embodiments of the present invention, and are not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.
工业实用性Industrial applicability
基于本发明实施例提供的上述技术方案,采用主基站为待迁移的数据无线承载分配与主基站和从基站已经使用过的数据无线承载标识均不同的新的数据无线承载标识的技术手段,解决了相关技术中,双连接无线承载在基站间的迁移过程中存在密钥泄露而导致的安全性等问题,提高了终端的双连接承载的安全性。 According to the foregoing technical solution provided by the embodiment of the present invention, the primary base station is configured to allocate a new data radio bearer identifier different from the data radio bearer of the primary base station and the data radio bearer identifier used by the base station for the data radio bearer to be migrated. In the related art, the dual-connection radio bearer has the problem of security caused by key leakage during the migration process between the base stations, and the security of the dual-connection bearer of the terminal is improved.

Claims (12)

  1. 一种双连接无线承载的迁移处理方法,包括:A migration processing method for a dual connectivity radio bearer, comprising:
    主基站为待迁移的数据无线承载分配新的数据无线承载标识,其中,所述新的数据无线承载标识与所述主基站和从基站已经使用过的数据无线承载标识均不同;The primary base station allocates a new data radio bearer identifier to the data radio bearer to be migrated, where the new data radio bearer identifier is different from the data radio bearer identifier used by the master base station and the slave base station;
    所述主基站向用户设备发送用于通知用户设备进行数据无线承载迁移的消息,其中,该消息中携带有所述新的无线承载标识。The primary base station sends a message to the user equipment to notify the user equipment to perform data radio bearer migration, where the message carries the new radio bearer identifier.
  2. 根据权利要求1所述的方法,其中,所述新的无线承载标识与所述数据无线承载对应的演进分组系统承载标识存在映射关系。The method according to claim 1, wherein the new radio bearer identifier has a mapping relationship with an evolved packet system bearer identifier corresponding to the data radio bearer.
  3. 根据权利要求1所述的方法,其中,主基站为待迁移的数据无线承载分配新的数据无线承载标识之前,所述方法还包括:The method of claim 1, wherein before the primary base station allocates a new data radio bearer identifier to the data radio bearer to be migrated, the method further includes:
    在所述主基站和/或所述从基站进行密钥更新时,清除当前数据无线承载不使用的数据无线承载标识记录。When the primary base station and/or the secondary base station performs key update, the data radio bearer identification record that is not used by the current data radio bearer is cleared.
  4. 根据权利要求1至3中任一项所述的方法,其中,主基站分配新的数据无线承载标识之前,所述方法还包括:The method according to any one of claims 1 to 3, wherein before the primary base station allocates a new data radio bearer identifier, the method further comprises:
    所述主基站将所述数据无线承载由主基站迁移至从基站后,再由从基站将所述数据无线承载迁移回主基站,和/或承载迁移的源基站的密钥发生了更新且承载迁移的目标基站的密钥未发生更新。After the primary base station migrates the data radio bearer from the primary base station to the secondary base station, the slave base station migrates the data radio bearer back to the primary base station, and/or the key of the source base station carrying the migration is updated and carried. The key of the migrated target base station has not been updated.
  5. 一种双连接无线承载的迁移方法,包括:A method for migrating a dual connectivity radio bearer, comprising:
    用户设备接收来自主基站的用于通知用户设备进行数据无线承载迁移的消息,其中,所述消息携带有所述主基站分配的新的数据无线承载标识,该新的数据无线承载标识用于标识待迁移的数据无线承载,所述新的数据无线承载标识与所述主基站和从基站已经使用过的数据无线承载标识均不同;The user equipment receives a message from the primary base station for informing the user equipment to perform data radio bearer migration, where the message carries a new data radio bearer identifier allocated by the primary base station, and the new data radio bearer identifier is used to identify The data radio bearer to be migrated, the new data radio bearer identifier is different from the data radio bearer identifier used by the primary base station and the slave base station;
    所述用户设备按照所述新的数据无线承载标识将所述数据无线承载迁移至目标基站。The user equipment migrates the data radio bearer to the target base station according to the new data radio bearer identifier.
  6. 根据权利要求5所述的方法,其中,所述用户设备按照所述新的数据无线承载标识将所述数据无线承载迁移至目标基站时,所述方法还包括: The method according to claim 5, wherein when the user equipment migrates the data radio bearer to the target base station according to the new data radio bearer identifier, the method further includes:
    所述用户设备使所述新的数据无线承载标识与所述数据无线承载对应的演进分组系统承载标识对应,并删除所述数据无线承载原有的数据无线承载标识。The user equipment associates the new data radio bearer identifier with the evolved packet system bearer identifier corresponding to the data radio bearer, and deletes the original data radio bearer identifier of the data radio bearer.
  7. 一种双连接无线承载的迁移处理装置,应用于主基站,包括:A dual-connected radio bearer migration processing apparatus is applied to a primary base station, including:
    分配模块,设置为为待迁移的数据无线承载分配新的数据无线承载标识,其中,所述新的数据无线承载标识与所述主基站和从基站已经使用过的数据无线承载标识均不同;An allocating module, configured to allocate a new data radio bearer identifier to the data radio bearer to be migrated, where the new data radio bearer identifier is different from the data radio bearer identifier used by the primary base station and the slave base station;
    发送模块,设置为向用户设备发送用于通知用户设备进行数据无线承载迁移的消息,其中,该消息中携带有所述新的无线承载标识。The sending module is configured to send a message to the user equipment to notify the user equipment to perform data radio bearer migration, where the message carries the new radio bearer identifier.
  8. 根据权利要求7所述的装置,其中,所述分配模块还设置为在所述新的无线承载标识与所述数据无线承载对应的演进分组系统承载标识存在映射关系时,分配所述新的数据无线承载标识。The apparatus according to claim 7, wherein the allocating module is further configured to allocate the new data when the new radio bearer identifier has a mapping relationship with an evolved packet system bearer identifier corresponding to the data radio bearer Wireless bearer identification.
  9. 一种双连接无线承载的迁移装置,包括:A dual connectivity radio bearer migration device includes:
    接收模块,设置为接收来自主基站的用于通知用户设备进行数据无线承载迁移的消息,其中,所述消息携带有所述主基站分配的新的数据无线承载标识,该新的数据无线承载标识用于标识待迁移的数据无线承载,所述新的数据无线承载标识与所述主基站和所述从基站已经使用过的数据无线承载标识均不同;The receiving module is configured to receive, from the primary base station, a message for notifying the user equipment to perform data radio bearer migration, where the message carries a new data radio bearer identifier allocated by the primary base station, and the new data radio bearer identifier The data radio bearer to be migrated is different, and the new data radio bearer identifier is different from the data radio bearer identifier used by the primary base station and the slave base station;
    迁移模块,设置为按照所述新的数据无线承载标识将所述数据无线承载迁移至目标基站。And a migration module, configured to migrate the data radio bearer to the target base station according to the new data radio bearer identifier.
  10. 根据权利要求9所述的装置,其中,还包括:The apparatus according to claim 9, further comprising:
    映射模块,设置为使所述新的数据无线承载标识与所述数据无线承载对应的演进分组系统承载标识对应,并删除所述数据无线承载原有的数据无线承载标识。The mapping module is configured to make the new data radio bearer identifier correspond to the evolved packet system bearer identifier corresponding to the data radio bearer, and delete the original data radio bearer identifier of the data radio bearer.
  11. 一种基站,包括:权利要求7或8所述的双连接无线承载的迁移处理装置。A base station comprising: the dual-connection radio bearer migration processing apparatus according to claim 7 or 8.
  12. 一种用户设备,包括:权利要求9或10所述的双连接无线承载的迁移装置。 A user equipment comprising: the dual connectivity radio bearer migration apparatus of claim 9 or 10.
PCT/CN2014/087718 2014-05-23 2014-09-28 Dual-connection radio bearer migration processing and migration methods and devices WO2015176462A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410223153.2A CN104219722B (en) 2014-05-23 2014-05-23 Migration process, moving method and the device of dual link radio bearer
CN201410223153.2 2014-05-23

Publications (1)

Publication Number Publication Date
WO2015176462A1 true WO2015176462A1 (en) 2015-11-26

Family

ID=52100769

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/087718 WO2015176462A1 (en) 2014-05-23 2014-09-28 Dual-connection radio bearer migration processing and migration methods and devices

Country Status (2)

Country Link
CN (1) CN104219722B (en)
WO (1) WO2015176462A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018237374A1 (en) * 2017-06-23 2018-12-27 Motorola Mobility Llc Method and apparatus for implementing bearer specific changes as part of a connection reconfiguration that impacts the security keys being used
US10880737B2 (en) 2017-06-23 2020-12-29 Motorola Mobility Llc Method and apparatus for refreshing the security keys of a subset of configured radio bearers

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016108560A1 (en) 2014-12-30 2016-07-07 Lg Electronics Inc. Method and apparatus for performing inter-menb handover without senb change in wireless communication system
CN105848222B (en) * 2015-01-16 2021-05-28 北京三星通信技术研究有限公司 Method and base station equipment for switching
CN104869666B (en) * 2015-04-10 2019-05-21 电信科学技术研究院 Data Radio Bearer configuration method, data transmission method and equipment
CN106454946A (en) * 2015-08-12 2017-02-22 中兴通讯股份有限公司 Data bearer migration method, data bearer migration device and evolutional node
CN106470503A (en) * 2015-08-14 2017-03-01 中国电信股份有限公司 Method of attachment, connection equipment, user equipment and connection system
US10368238B2 (en) 2015-12-01 2019-07-30 Htc Corporation Device and method of handling data transmission/reception for dual connectivity
WO2017096531A1 (en) * 2015-12-08 2017-06-15 Intel Corporation Software defined network switch and evolved node-b (enb) for multiple bearer connectivity
US20190320417A1 (en) * 2015-12-10 2019-10-17 Nokia Solutions And Networks Oy Method, system and apparatus
CN108282817B (en) * 2017-01-05 2021-08-20 华为技术有限公司 Information transmission method and device
AU2018262068B2 (en) * 2017-05-05 2023-04-06 Sony Corporation Communications device, infrastructure equipment, wireless communications network and methods
CN109246849A (en) * 2017-05-24 2019-01-18 中兴通讯股份有限公司 The method, apparatus and system of recovering bearing under a kind of NSA framework
CN107809777B (en) * 2017-11-06 2020-12-29 中国联合网络通信集团有限公司 Data transmission method, user equipment, main base station, auxiliary base station and core network
CN108401540B (en) * 2017-11-29 2021-11-23 北京小米移动软件有限公司 Management method and device of data radio bearer identification pool
JP7085002B2 (en) 2018-01-05 2022-06-15 オッポ広東移動通信有限公司 Data radio bearer identifier assignment method, network nodes and computer storage media
CN111373795B (en) * 2018-01-19 2022-04-29 Oppo广东移动通信有限公司 Configuration method of signaling radio bearer, terminal equipment and network equipment
KR20200135802A (en) * 2018-03-23 2020-12-03 광동 오포 모바일 텔레커뮤니케이션즈 코포레이션 리미티드 Handover method and apparatus, computer storage medium
US11071025B2 (en) 2018-06-29 2021-07-20 FG Innovation Company Limited Cell handover with minimum mobility interruption
CN113038466B (en) * 2018-09-12 2023-02-21 维沃移动通信有限公司 Processing method and apparatus
CN112153098B (en) * 2019-06-28 2023-09-29 华为技术有限公司 Application migration method and device
CN114390699A (en) * 2020-10-22 2022-04-22 大唐移动通信设备有限公司 State parameter processing method and device and network equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101527935A (en) * 2008-03-04 2009-09-09 大唐移动通信设备有限公司 Processing method and device in scheduling of resources
CN103533662A (en) * 2013-09-27 2014-01-22 电信科学技术研究院 Uplink scheduling requesting method, uplink scheduling method and equipment
CN103731883A (en) * 2014-01-20 2014-04-16 中国联合网络通信集团有限公司 Load balancing method and device
CN103747442A (en) * 2013-12-27 2014-04-23 上海华为技术有限公司 Security key context distribution method, mobility management entity and base station
WO2014061001A1 (en) * 2012-10-21 2014-04-24 Mariana Goldhamer Improved utilization of the uplink fdd channel

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101527935A (en) * 2008-03-04 2009-09-09 大唐移动通信设备有限公司 Processing method and device in scheduling of resources
WO2014061001A1 (en) * 2012-10-21 2014-04-24 Mariana Goldhamer Improved utilization of the uplink fdd channel
CN103533662A (en) * 2013-09-27 2014-01-22 电信科学技术研究院 Uplink scheduling requesting method, uplink scheduling method and equipment
CN103747442A (en) * 2013-12-27 2014-04-23 上海华为技术有限公司 Security key context distribution method, mobility management entity and base station
CN103731883A (en) * 2014-01-20 2014-04-16 中国联合网络通信集团有限公司 Load balancing method and device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018237374A1 (en) * 2017-06-23 2018-12-27 Motorola Mobility Llc Method and apparatus for implementing bearer specific changes as part of a connection reconfiguration that impacts the security keys being used
US10880737B2 (en) 2017-06-23 2020-12-29 Motorola Mobility Llc Method and apparatus for refreshing the security keys of a subset of configured radio bearers
US10917785B2 (en) 2017-06-23 2021-02-09 Motorola Mobility Llc Method and apparatus for implementing bearer specific changes as part of a connection reconfiguration that impacts the security keys being used
EP3972309A1 (en) * 2017-06-23 2022-03-23 Motorola Mobility LLC Method and apparatus for implementing bearer specific changes as part of a connection reconfiguration that impacts the security keys being used
EP4221290A1 (en) * 2017-06-23 2023-08-02 Motorola Mobility LLC Method and apparatus for implementing bearer specific changes as part of a connection reconfiguration that impacts the security keys being used

Also Published As

Publication number Publication date
CN104219722A (en) 2014-12-17
CN104219722B (en) 2019-07-23

Similar Documents

Publication Publication Date Title
WO2015176462A1 (en) Dual-connection radio bearer migration processing and migration methods and devices
JP7318779B2 (en) Master radio access network node, AMF and methods thereof
US11596011B2 (en) Dual connectivity network
US9986462B2 (en) Double-connection implementation method and base station
US11805564B2 (en) Multi-connectivity communication method and device
US9906994B2 (en) Handover method, master base station and slave base station
US11412563B2 (en) Multi-connectivity communication method and device
WO2016119109A1 (en) Switching device and method
WO2015015300A2 (en) Method of supporting security handling for dual connectivity
TWI503016B (en) A method for performing handover, the system and apparatus
WO2015161575A1 (en) Method, base station, mobile management entity, and system for reporting location of user terminal
WO2016101586A1 (en) Base station switching method and system, related device, and storage medium
WO2016107144A1 (en) Method, device, and system for updating user-side path
WO2014177107A1 (en) Pdcp count value processing method, device and computer storage medium
WO2019023632A1 (en) A security key model to support dual connectivity
WO2022094976A1 (en) Key generation method and apparatus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14892819

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14892819

Country of ref document: EP

Kind code of ref document: A1