WO2017171900A1 - Appareil, système et procédé de mise à jour sélective d'informations sur des clés d'une connexion sécurisée à un wlan entre un ue et un ap au wlan - Google Patents

Appareil, système et procédé de mise à jour sélective d'informations sur des clés d'une connexion sécurisée à un wlan entre un ue et un ap au wlan Download PDF

Info

Publication number
WO2017171900A1
WO2017171900A1 PCT/US2016/040318 US2016040318W WO2017171900A1 WO 2017171900 A1 WO2017171900 A1 WO 2017171900A1 US 2016040318 W US2016040318 W US 2016040318W WO 2017171900 A1 WO2017171900 A1 WO 2017171900A1
Authority
WO
WIPO (PCT)
Prior art keywords
wlan
version
key information
enb
key
Prior art date
Application number
PCT/US2016/040318
Other languages
English (en)
Inventor
Ido Ouzieli
Ofer Hareuveni
Alexander Sirotkin
Original Assignee
Intel IP Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel IP Corporation filed Critical Intel IP Corporation
Priority to CN201680084039.3A priority Critical patent/CN108886686B/zh
Publication of WO2017171900A1 publication Critical patent/WO2017171900A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation

Definitions

  • Some embodiments described herein generally relate to selectively updating key information of a secured Wireless Local Area Network (WLAN) connection between a User Equipment (UE) and a WLAN Access Point (AP).
  • WLAN Wireless Local Area Network
  • a wireless communication device e.g., a mobile device, may be configured to utilize multiple wireless communication technologies.
  • a User Equipment (UE) device may be configured to utilize a cellular connection, e.g., a Universal Mobile Telecommunications System (UMTS) cellular connection or a Long Term Evolution (LTE) connection, as well as a wireless-local-area- network (WLAN) connection, e.g., a Wireless-Fidelity (WiFi) connection.
  • a cellular connection e.g., a Universal Mobile Telecommunications System (UMTS) cellular connection or a Long Term Evolution (LTE) connection
  • WLAN wireless-local-area- network
  • WiFi Wireless-Fidelity
  • FIG. 1 is a schematic block diagram illustration of a system, in accordance with some demonstrative embodiments.
  • FIG. 2 is a schematic illustration of operations and communications between a User Equipment (UE), first and second cellular managers, and a Wireless Local Area Network (WLAN) Access point (AP), in accordance with some demonstrative embodiments.
  • UE User Equipment
  • WLAN Wireless Local Area Network
  • FIG. 3 is a schematic illustration of elements of a UE, in accordance with some demonstrative embodiments.
  • FIG. 4 is a schematic flow-chart illustration of a method of selectively updating key information of a secured WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
  • Fig. 5 is a schematic flow-chart illustration of a method of selectively updating key information of a secured WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
  • Fig. 6 is a schematic flow-chart illustration of a method of selectively updating key information of a secured WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
  • Fig. 7 is a schematic illustration of a product, in accordance with some demonstrative embodiments.
  • Discussions herein utilizing terms such as, for example, “processing”, “computing”, “calculating”, “determining”, “establishing”, “analyzing”, “checking”, or the like, may refer to operation(s) and/or process(es) of a computer, a computing platform, a computing system, or other electronic computing device, that manipulate and/or transform data represented as physical (e.g., electronic) quantities within the computer's registers and/or memories into other data similarly represented as physical quantities within the computer' s registers and/or memories or other information storage medium that may store instructions to perform operations and/or processes.
  • the terms “plurality” and “a plurality”, as used herein, include, for example, “multiple” or “two or more”. For example, "a plurality of items” includes two or more items.
  • references to "one embodiment,” “an embodiment,” “demonstrative embodiment,” “various embodiments,” etc., indicate that the embodiment(s) so described may include a particular feature, structure, or characteristic, but not every embodiment necessarily includes the particular feature, structure, or characteristic. Further, repeated use of the phrase “in one embodiment” does not necessarily refer to the same embodiment, although it may.
  • Some embodiments may be used in conjunction with various devices and systems, for example, a Personal Computer (PC), a desktop computer, a mobile computer, a laptop computer, a notebook computer, a tablet computer, a Smartphone device, a server computer, a handheld computer, a handheld device, a Personal Digital Assistant (PDA) device, a handheld PDA device, an on-board device, an off-board device, an Internet of Things (IoT) device, a sensor device, a wearable device, a hybrid device, a vehicular device, a non- vehicular device, a mobile or portable device, a consumer device, a non-mobile or nonportable device, a wireless communication station, a wireless communication device, a wireless Access Point (AP), a wired or wireless router, a wired or wireless modem, a video device, an audio device, an audio-video (A/V) device, a wired or wireless network, a wireless area network, a cellular network, a cellular node, a cellular
  • PC
  • Some embodiments may be used in conjunction with devices and/or networks operating in accordance with existing 3rd Generation Partnership Project (3GPP) and/or Long Term Evolution (LTE) specifications (including 3GPP TS 36.300 ( 'TS 36.300 Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Universal Terrestrial Radio Access Network (E-UTRAN); Overall description; Stage 2, version 11.7.0 Release 11 ", September 2013); 3 GPP TS 36.331 (ETSI TS 136 331; V12.3.0 (2014-09); LTE; Evolved Universal Terrestrial Radio Access (E-UTRA); Radio Resource Control (RRC); Protocol specification (3GPP TS 36.331 version 12.3.0 Release 12); and/or 3 GPP TS 36.463 (3 GPP TS 36.463 VO.2.0 (2015-10) Technical Specification; 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Radio Access Network (E-UTRAN) and Wireless LAN (WLAN);
  • Some embodiments may be used in conjunction with one or more types of wireless communication signals and/or systems, for example, Radio Frequency (RF), Frequency- Division Multiplexing (FDM), Orthogonal FDM (OFDM), Single Carrier Frequency Division Multiple Access (SC-FDMA), Time-Division Multiplexing (TDM), Time-Division Multiple Access (TDMA), Extended TDMA (E-TDMA), General Packet Radio Service (GPRS), extended GPRS, Code-Division Multiple Access (CDMA), Wideband CDMA (WCDMA), CDMA 2000, single-carrier CDMA, multi-carrier CDMA, Multi-Carrier Modulation (MDM), Discrete Multi-Tone (DMT), Bluetooth®, Global Positioning System (GPS), Wireless Fidelity (Wi-Fi), Wi-Max, ZigBeeTM, Ultra-Wideband (UWB), Global System for Mobile communication (GSM), second generation (2G), 2.5G, 3G, 3.5G, 4G, Fifth Generation (5G) mobile
  • wireless device includes, for example, a device capable of wireless communication, a communication device capable of wireless communication, a communication station capable of wireless communication, a portable or non-portable device capable of wireless communication, or the like.
  • a wireless device may be or may include a peripheral that is integrated with a computer, or a peripheral that is attached to a computer.
  • the term “wireless device” may optionally include a wireless service.
  • the term "communicating" as used herein with respect to a communication signal includes transmitting the communication signal and/or receiving the communication signal.
  • a communication unit which is capable of communicating a communication signal, may include a transmitter to transmit the communication signal to at least one other communication unit, and/or a communication receiver to receive the communication signal from at least one other communication unit.
  • the verb communicating may be used to refer to the action of transmitting or the action of receiving.
  • the phrase "communicating a signal” may refer to the action of transmitting the signal by a first device, and may not necessarily include the action of receiving the signal by a second device.
  • the phrase “communicating a signal” may refer to the action of receiving the signal by a first device, and may not necessarily include the action of transmitting the signal by a second device.
  • circuitry may refer to, be part of, or include, an Application Specific Integrated Circuit (ASIC), an integrated circuit, an electronic circuit, a processor (shared, dedicated, or group), and/or memory (shared, dedicated, or group), that execute one or more software or firmware programs, a combinational logic circuit, and/or other suitable hardware components that provide the described functionality.
  • ASIC Application Specific Integrated Circuit
  • the circuitry may be implemented in, or functions associated with the circuitry may be implemented by, one or more software or firmware modules.
  • circuitry may include logic, at least partially operable in hardware.
  • logic may refer, for example, to computing logic embedded in circuitry of a computing apparatus and/or computing logic stored in a memory of a computing apparatus.
  • the logic may be accessible by a processor of the computing apparatus to execute the computing logic to perform computing functions and/or operations.
  • logic may be embedded in various types of memory and/or firmware, e.g., silicon blocks of various chips and/or processors.
  • Logic may be included in, and/or implemented as part of, various circuitry, e.g. radio circuitry, receiver circuitry, control circuitry, transmitter circuitry, transceiver circuitry, processor circuitry, and/or the like.
  • logic may be embedded in volatile memory and/or non- volatile memory, including random access memory, read only memory, programmable memory, magnetic memory, flash memory, persistent memory, and the like. Logic may be executed by one or more processors using memory, e.g., registers, stuck, buffers, and/or the like, coupled to the one or more processors, e.g., as necessary to execute the logic.
  • the term "antenna”, as used herein, may include any suitable configuration, structure and/or arrangement of one or more antenna elements, components, units, assemblies and/or arrays. In some embodiments, the antenna may implement transmit and receive functionalities using separate transmit and receive antenna elements.
  • the antenna may implement transmit and receive functionalities using common and/or integrated transmit/receive elements.
  • the antenna may include, for example, a phased array antenna, a single element antenna, a dipole antenna, a set of switched beam antennas, and/or the like.
  • the term "cell”, as used herein, may include a combination of network resources, for example, downlink and optionally uplink resources.
  • the resources may be controlled and/or allocated, for example, by a node (also referred to as a "base station"), or the like.
  • the linking between a carrier frequency of the downlink resources and a carrier frequency of the uplink resources may be indicated in system information transmitted on the downlink resources.
  • UMTS Universal Mobile Telecommunications System
  • GSM Global System for Mobile communications
  • 3G cellular network a 4G cellular network
  • 4G cellular network a 4.5G network
  • 5G cellular network a WiMAX cellular network
  • WLAN Termination (WT) node Some demonstrative embodiments are described herein with respect to a WLAN Termination (WT) node. However, other embodiments may be implemented in any other WLAN controller, WLAN access device, WLAN Access Point (AP), WLAN access controller (AC), and/or WLAN access manager, node, and/or interface.
  • WLAN controller Wireless Local Area Network (WLAN) node
  • AP WLAN Access Point
  • AC WLAN access controller
  • WLAN access manager node, and/or interface.
  • HetNet Heterogeneous Network
  • the HetNet may utilize a deployment of a mix of technologies, frequencies, cell sizes and/or network architectures, e.g., including cellular, millimeter wave ("mmWave” or "mmW"), and/or the like.
  • the HetNet may include a radio access network having layers of different-sized cells ranging from large macrocells to small cells, for example, picocells and femtocells.
  • Other embodiments may be used in conjunction with any other suitable wireless communication network.
  • Other embodiments may be used in conjunction with any other suitable wireless communication network.
  • system 100 may include one or more wireless communication devices capable of communicating content, data, information and/or signals via one or more wireless mediums (WM) 108.
  • system 100 may include at least one User Equipment (UE) 102 capable of communicating with one or more wireless communication networks, e.g., as described below.
  • UE User Equipment
  • Wireless mediums 108 may include, for example, a radio channel, a cellular channel, an RF channel, a WiFi channel, an IR channel, and the like.
  • One or more elements of system 100 may optionally be capable of communicating over any suitable wired communication links.
  • system 100 may include at least one cellular manager 104 to manage communication of a cellular network, e.g., as described below.
  • cellular manager 104 may include, may operate as, and/or may perform the functionality of, an Evolved Node B (eNB).
  • eNB Evolved Node B
  • cellular manager 104 may be configured to perform radio resource management (RRM), radio bearer control, radio admission control (access control), connection mobility management, resource scheduling between UEs and eNB radios, e.g., Dynamic allocation of resources to UEs in both uplink and downlink, header compression, link encryption of user data streams, packet routing of user data towards a destination, e.g., another eNB or an Evolved Packet Core (EPC), scheduling and/or transmitting paging messages, e.g., incoming calls and/or connection requests, broadcast information coordination, measurement reporting, and/or any other operations, communications, and/or functionality.
  • RRM radio resource management
  • radio bearer control radio admission control
  • access control access control
  • connection mobility management resource scheduling between UEs and eNB radios, e.g., Dyna
  • cellular manager 104 may include any other functionality and/or may perform the functionality of any other cellular node, network controller, base station or any other node or network device.
  • cellular manager 104 may be part of a UMTS. According to this example, cellular manager 104 may perform the functionality of a Radio Network Controller (RNC), which may control a plurality of Node B devices 157.
  • RNC Radio Network Controller
  • the node B may be configured to communicate directly with UEs, e.g., including UE 102, for example, using a Wideband Code Division Multiple Access (WCDMA) and/or Time Division Synchronous Code Division Multiple Access (TD-SCDMA) air interface technology.
  • WCDMA Wideband Code Division Multiple Access
  • TD-SCDMA Time Division Synchronous Code Division Multiple Access
  • the RNC may include, for example, a UMTS RNC configured to control the Node B devices 157.
  • system 100 may include a WLAN Termination (WT) node 106, which may be configured to terminate a WLAN network interface, e.g., as described herein.
  • WT WLAN Termination
  • a WT node to terminate a WLAN network interface.
  • additional or alternative termination node may be used to terminate a network interface of any other non-cellular RAT network, for example, a Bluetooth network, a millimeter wave (mmWave) network, and/or any other network, e.g., in addition to or instead of the WLAN network.
  • a Bluetooth network for example, a Bluetooth network, a millimeter wave (mmWave) network, and/or any other network, e.g., in addition to or instead of the WLAN network.
  • mmWave millimeter wave
  • WT node 106 may be configured to manage access to a non-cellular network 107, for example, a WLAN, e.g., a Service Set (SS), a Basic Service Set (BSS), and Extended Service Set, a Homogenous Extended Service Set (HESS), and the like.
  • a WLAN e.g., a Service Set (SS), a Basic Service Set (BSS), and Extended Service Set, a Homogenous Extended Service Set (HESS), and the like.
  • SS Service Set
  • BSS Basic Service Set
  • HESS Homogenous Extended Service Set
  • one or more functionalities of WT node 106 may be implemented, for example, in the form of, or as part of, a WLAN access device, for example, as part of a WLAN Access Point (AP), or a WLAN Access Controller (AC), as part of another device, or as a standalone device.
  • WT node 106 may perform any other functionality and/or may perform at least part of the functionality of any other device capable of controlling and/or managing WLAN radio access to one or more wired networks.
  • WT bode 106 may include, operate as, and/or perform the functionality of, an AP, e.g., configured to communicate directly with UE 102 via a WLAN link.
  • an AP e.g., configured to communicate directly with UE 102 via a WLAN link.
  • WT bode 106 may include, operate as, and/or perform the functionality of, an AC.
  • WT node 106 may control a plurality of AP devices, e.g., including Lightweight Access Point (LAP) devices 158.
  • LAP Lightweight Access Point
  • UE 102 may include, for example, a Mobile Device (MD), a Station (STA), a mobile computer, a laptop computer, a notebook computer, a tablet computer, an UltrabookTM computer, an Internet of Things (IoT) device, a wearable device, a sensor device, a mobile internet device, a handheld computer, a handheld device, a storage device, a PDA device, a handheld PDA device, an on-board device, an off-board device, a hybrid device (e.g., combining cellular phone functionalities with PDA device functionalities), a consumer device, a vehicular device, a non-vehicular device, a mobile or portable device, a mobile phone, a cellular telephone, a PCS device, a mobile or portable GPS device, a DVB device, a relatively small computing device, a non-desktop computer, a "Carry Small Live Large” (CSLL) device, an Ultra Mobile Device (UMD), an Ultra Mobile PC
  • system 100 may include at least one WLAN AP 119.
  • WT node 106 may include, may operate as, and/or may perform one or more functionalities of WLAN AP 119, e.g., as described below.
  • WLAN AP 119 and WT node 106 may be implemented as two separate and/or independent units, elements, device and/or entities of system 100, e.g., as described below.
  • UE 102, cellular manager 104, WT node 106, and/or WLAN AP 119 may include one or more communication interfaces to perform communication between UE 102, cellular manager 104, WT node 106, WLAN AP 119, and/or with one or more other wireless communication devices, e.g., as described below.
  • Some demonstrative embodiments include an interface 199 (also referred to as “the access device interface”, “the horizontal interface”, “the “Xw interface”, “the X2-W interface” or “the cellularAVLAN interface”), which may include circuitry and/or logic configured to interface, e.g., directly or indirectly, between a cellular network element, e.g., cellular manager 104, and a WLAN element, e.g., WT node 106, as described in detail below.
  • a cellular network element e.g., cellular manager 104
  • a WLAN element e.g., WT node 106
  • interface 199 may be implemented to interface between an eNB and a WT node, e.g., as described below.
  • the cellularAVLAN interface 199 may be implemented to directly interface between any other cellular device and any other WLAN device.
  • the cellularAVLAN interface 199 may be implemented to directly interface between an eNB and a WLAN AP or WLAN AC, e.g., WLAN AP 119.
  • the cellularAVLAN interface 199 may be implemented to directly interface between a UMTS RNC and a WT node.
  • the cellular/WLAN interface 199 may be implemented to directly interface between a UMTS RNC and a WLAN AP or AC, e.g., WLAN AP 119.
  • interface 199 may be utilized to enhance and/or increase the efficiency of interworking, integration and/or management of the cellular and WLAN radio access technologies.
  • interface 199 may be configured to perform and/or support one or more aggregation operations and/or functionalities, for example, to transfer traffic, e.g., in addition to transferring control plane information.
  • interface 199 may be utilized to improve efficiency of resource management, to provide efficient load balancing, and/or to improve mobility between Radio Access Technology (RAT) networks.
  • RAT Radio Access Technology
  • cellular manager 104 may include an interface ("Core Network (CN) interface") 146, e.g., a vertical interface, including circuitry and/or logic configured to communicate with one or more elements of a CN 183, e.g., an Evolved Packet Core (EPC).
  • CN Core Network
  • EPC Evolved Packet Core
  • CN interface 146 may include an S I vertical interface configured to communicate between cellular manager 104 and a Serving Gateway (S-GW) 185 according to an S I protocol, e.g., if cellular manager 104 performs the functionality of an eNB.
  • S-GW 187 may interface between cellular manager 104 and a Packet Data Network (PDN) Gateway (P-GW) 187.
  • PDN Packet Data Network
  • P-GW Packet Data Network Gateway
  • CN interface 146 may include any other vertical interface with one or more elements of CN 183.
  • cellular manger 104 may perform the functionality of an RNC, e.g., in a UMTS system.
  • CN interface 146 may include an Interface Unit Circuit Switch (Iu-CS) interface and/or an Interface Unit Packet Switch (Iu-PS) interface, to interface between the RNC and one or more packet- switched or circuit-switched CN elements.
  • Iu-CS Interface Unit Circuit Switch
  • Iu-PS Interface Unit Packet Switch
  • cellular manager 104 may include an interface including circuitry and/or logic to communicate user plane traffic, directly or indirectly, between CN 183 and UE 102.
  • cellular manager 104 may communicate the user plane traffic directly with UE 102, for example, if cellular manager 104 performs the functionality of an eNB.
  • cellular manager 104 may include an air interface, for example, a cellular transceiver (TRx) 167, including circuitry and/or logic configured to communicate with UE 102 via a cellular link.
  • TRx cellular transceiver
  • cellular manager 104 may communicate the user plane traffic with UE 102 via Node B 157, e.g., if cellular manager 104 performs the functionality of an RNC.
  • cellular manager 104 may include a Node B interface 161 to communicate between the RNC and Node B 157.
  • Node B interface 161 may include an Interface Unit b (Iub).
  • cellular manager 104 may include a WT node interface 169 (also referred to as "WLAN interface” or “WLAN control interface”) including circuitry and/or logic configured to communicate with WT node 106 and/or with one or more WLAN stations (STAs), e.g., as described below.
  • WT node interface 169 may include an AP interface, e.g., if WT node 106 performs the functionality of an AP.
  • interface 169 may include an AC interface, e.g., if WT node 106 performs the functionality of an AC.
  • interface 169 may include any other non-cellular RAT interface to communicate with a node of a non-cellular RAT network.
  • WT node 106 may include a cell manager interface ("the cellular interface") 192 including circuitry and/or logic configured to communicate with cellular manager 104.
  • interface 192 may include an eNB interface, e.g., if cellular manager 104 performs the functionality of an eNB.
  • interface 192 may include a RNC interface, e.g., if cellular manager 104 performs the functionality of a RNC.
  • interfaces 169 and 192 may be configured to communicate between cellular manager 104 and WT node 106 via a direct link of interface 199.
  • interface 199 may include a Point-to-Point (P2P) link, e.g., as described below.
  • P2P Point-to-Point
  • interface 199 may be implemented by any wired and/or wireless link, e.g., using any suitable, Physical Layer (PHY) components and/or protocols.
  • WT node 106 may include a network interface 196 including circuitry and/or logic configured to communicate network traffic with a wired network 177, e.g., the Internet and/or any other network.
  • WT node 106 may include a WLAN interface 193 including circuitry and/or logic configured to communicate the network traffic and/or any other traffic with UE 102 via a WLAN, directly or indirectly.
  • WT node 106 may communicate directly with UE 102 via WLAN link, for example, if WT node 106 includes, operates as, or performs the functionality of, a WLAN AP 119.
  • WLAN interface 193 may include a WLAN radio 194 including circuitry and/or logic configured to communicate the network traffic and/or any other traffic directly with UE 102, e.g., via a WLAN link between WT node 106 and UE 102, for example, if WT node 106 includes, operates as, or performs the functionality of, a WLAN AP 119.
  • WT node 106 may indirectly communicate with UE 102, for example, if WT node 106 performs the functionality of an AC, or if WT node 106 is an entity, which is separate from the WLAN AC or WLAN AP.
  • WLAN interface 193 may include, for example, an AP interface, e.g., a LAP interface 159, to communicate the network traffic and/or any other traffic with WLAN AP 119 and/or LAP 158.
  • WLAN interface 193 may include any other additional or alternative interfaces to directly and/or indirectly communicate via the WLAN.
  • UE 102 may include a non-cellular RAT transceiver (TRx), for example, a WLAN TRx 163, including circuitry and/or logic configured to communicate with a WLAN device, e.g., with WLAN AP 119, WT node 106 and/or with LAP 158, via the WLAN link.
  • TRx non-cellular RAT transceiver
  • a WLAN device e.g., with WLAN AP 119, WT node 106 and/or with LAP 158
  • the UE may include any additional or alternative non-cellular RAT TRx, e.g., a Bluetooth TRx and/or any other TRx, to communicate over any additional or alternative non-cellular RAT network.
  • UE 102 may include a cellular transceiver (TRx) 165 including circuitry and/or logic configured to communicate with a cellular network, for example, via a cellular device, e.g., cellular manager 104 and/or Node B 157, via the cellular link.
  • TRx cellular transceiver
  • WLAN AP 119 may include a network interface 121 including circuitry and/or logic configured to communicate with at least one network node.
  • network interface 121 may include a WT node interface to communicate with WT node 106.
  • network interface 121 may include cellular manager interface to communicate with cellular manager 104, e.g., via interface 199, for example, if WLAN AP 119 is implemented by and/or collocated with WT node 106.
  • WLAN AP 119 may include a WLAN TRx 122 including circuitry and/or logic configured to communicate traffic with UE 102, e.g., via a WLAN link between WLAN AP 119 and UE 102.
  • WLAN TRx 163, cellular TRx 165, cellular TRx 167, WLAN TRx 122, and/or WLAN radio 194 may include one or more wireless transmitters, receivers and/or transceivers including circuitry and/or logic to process, encode, decode, send and/or receive wireless communication signals, RF signals, frames, blocks, transmission streams, packets, messages, data items, and/or data.
  • WLAN TRx 167, WLAN TRx 122, and/or WLAN radio 194 may include one or more wireless receivers (Rx) including circuitry and/or logic to receive wireless communication signals, RF signals, frames, blocks, transmission streams, packets, messages, data items, and/or data; and/or one or more wireless transmitters (Tx) including circuitry and/or logic to send wireless communication signals, RF signals, frames, blocks, transmission streams, packets, messages, data items, and/or data.
  • Rx wireless receivers
  • Tx wireless transmitters
  • WLAN TRx 167, WLAN TRx 122, and/or WLAN radio 194 may include circuitry; logic; Radio Frequency (RF) elements, circuitry and/or logic; baseband elements, circuitry and/or logic; modulation elements, circuitry and/or logic; demodulation elements, circuitry and/or logic; amplifiers; analog to digital and/or digital to analog converters; filters; and/or the like.
  • RF Radio Frequency
  • cellular TRx 167 and/or cellular TRx 165 may include a multiple input multiple output (MIMO) transmitters receivers system (not shown), which may be capable of performing antenna beamforming methods, if desired.
  • cellular TRx 167 and/or cellular TRx 165 may include any other transmitters and/or receivers.
  • cellular TRx 167 and/or cellular TRx 165 may include LTE, WCDMA and/or TD-SCDMA modulator and/or demodulator circuitry (not shown) configured to modulate and/or demodulate downlink signals to be communicated over downlink channels, e.g., between cellular manager 104 and UE 102, and/or uplink signals to be communicated over uplink channels, e.g., between UE 102 and cellular manager 104.
  • cellular TRx 167 and/or cellular TRx 165 may include any other modulators and/or demodulators.
  • cellular TRx 167 and/or cellular TRx 165 may include a turbo decoder and/or a turbo encoder (not shown) including circuitry and/or logic for encoding and/or decoding data bits into data symbols, if desired.
  • cellular TRx 167 and/or cellular TRx 165 may include OFDM and/or SC- FDMA modulators and/or demodulators (not shown) configured to communicate OFDM signals over downlink (DL) channels, and/or SC-FDMA signals over uplink (UL) channels.
  • UE 102 may establish a WLAN link with WLAN AP 119.
  • WLAN TRx 163 may operate as and/or perform the functionality of one or more STAs, e.g., one or more WiFi STAs, WLAN STAs, and/or DMG STAs.
  • the WLAN link may include an uplink and/or a downlink.
  • the WLAN downlink may include, for example, a unidirectional link from the WLAN AP 119 to the one or more STAs.
  • the uplink may include, for example, a unidirectional link from a STA to the WLAN AP 119.
  • WT node 106 may be configured to operate as, and/or perform one or more functionalities of, WLAN AP 119, for example, in a collocated LTE/WLAN aggregation implementation.
  • WT node 106 may be configured to control and/or communicate with one or more WLAN APs 119, e.g., a plurality of WLAN APs 119, for example, as described below.
  • UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106 may include, or may be associated with, one or more antennas.
  • WLAN TRx 163 and/or cellular TRx 165 may be associated with at least two antennas, e.g., antennas 112 and 114, or any other number of antennas, e.g., one antenna or more than two antennas;
  • cellular TRx 167 may be associated with at least two antennas, e.g., antennas 132 and 134, or any other number of antennas, e.g., one antenna or more than two antennas;
  • WLAN radio 194 may be associated with one or more antennas 135; and/or WLAN TRx 122 may be associated with one or more antennas 124.
  • antennas 112, 114, 132, 134, 135 and/or 124 may include any type of antennas suitable for transmitting and/or receiving wireless communication signals, blocks, frames, transmission streams, packets, messages and/or data.
  • antennas 112, 114, 132, 134, 124, and/or 135 may include any suitable configuration, structure and/or arrangement of one or more antenna elements, components, units, assemblies and/or arrays.
  • antennas 112, 114, 132, 134, 124, and/or 135 may include a phased array antenna, a dipole antenna, a single element antenna, a set of switched beam antennas, and/or the like.
  • antennas 112, 114, 132, 134, 124, and/or 135 may implement transmit and receive functionalities using separate transmit and receive antenna elements. In some embodiments, antennas 112, 114, 132, 134, 124, and/or 135 may implement transmit and receive functionalities using common and/or integrated transmit/receive elements.
  • cellular manager 104 may include at least one controller component 182
  • UE 102 may include at least one controller component 197
  • WLAN AP 119 may include at least one controller component 123
  • WT node 106 may include at least one controller component 149.
  • Controllers 182, 197, 123, and/or 149 may be configured to trigger one or more communications, to generate and/or trigger communication of one or more messages and/or transmissions, and/or to perform one or more functionalities, operations and/or procedures, e.g., as described below.
  • controllers 182, 197, 123, and/or 149 may include circuitry and/or logic, e.g., one or more processors including circuitry and/or logic, memory circuitry and/or logic, Media- Access Control (MAC) circuitry and/or logic, Physical Layer (PHY) circuitry and/or logic, and/or any other circuitry and/or logic, configured to perform the functionality of controllers 182, 197, 123, and/or 149, respectively. Additionally or alternatively, one or more functionalities of controllers 182, 197, and/or 149 may be implemented by logic, which may be executed by a machine and/or one or more processors, e.g., as described below.
  • MAC Media- Access Control
  • PHY Physical Layer
  • controller 182 may include circuitry and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger cellular manager 104 to perform one or more operations, communications and/or functionalities, e.g., as described herein.
  • controller 197 may include circuitry and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger UE 102 to perform one or more operations, communications and/or functionalities, e.g., as described herein.
  • controller 123 may include circuitry and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger WLAN AP 119 to perform one or more operations, communications and/or functionalities, e.g., as described herein.
  • controller 149 may include circuitry and/or logic, for example, one or more processors including circuitry and/or logic, configured to cause, request and/or trigger WT node 106 to perform one or more operations, communications and/or functionalities, e.g., as described herein.
  • cellular manager 104 may include a message processor 144 configured to generate, process and/or access one or messages communicated by cellular manager 104.
  • message processor 144 may be configured to generate one or more messages to be transmitted by cellular manager 104, and/or message processor 144 may be configured to access and/or to process one or more messages received by cellular manager 104, e.g., as described below.
  • UE 102 may include a message processor 198 configured to generate, process and/or access one or messages communicated by UE 102.
  • message processor 198 may be configured to generate one or more messages to be transmitted by UE 102, and/or message processor 198 may be configured to access and/or to process one or more messages received by UE 102, e.g., as described below.
  • WLAN AP 119 may include a message processor 125 configured to generate, process and/or access one or messages communicated by WLAN AP 119.
  • message processor 125 may be configured to generate one or more messages to be transmitted by WLAN AP 119, and/or message processor 125 may be configured to access and/or to process one or more messages received by WLAN AP 119, e.g., as described below.
  • WT node 106 may include a message processor 150 configured to generate, process and/or access one or messages communicated by WT node 106.
  • message processor 150 may be configured to generate one or more messages to be transmitted by WT node 106, and/or message processor 150 may be configured to access and/or to process one or more messages received by WT node 106, e.g., as described below.
  • message processors 144, 198, 125, and/or 150 may include circuitry, e.g., processor circuitry, memory circuitry, Media- Access Control (MAC) circuitry, Physical Layer (PHY) circuitry, and/or any other circuitry, configured to perform the functionality of message processors 144, 198, 125, and/or 150. Additionally or alternatively, one or more functionalities of message processors 144, 198, 125, and/or 150 may be implemented by logic, which may be executed by a machine and/or one or more processors, e.g., as described below.
  • MAC Media- Access Control
  • PHY Physical Layer
  • At least part of the functionality of message processor 144 may be implemented as part of cellular TRx 167 and/or WT node interface 169; at least part of the functionality of message processor 198 may be implemented as part of cellular TRx 165 and/or WLAN TRx 163; at least part of the functionality of message processor 125 may be implemented as part of WLAN TRx 122; and/or at least part of the functionality of message processor 150 may be implemented as part of interface 192 and/or interface 193.
  • At least part of the functionality of message processor 144 may be implemented as part of controller 182
  • at least part of the functionality of message processor 198 may be implemented as part of controller 197
  • at least part of the functionality of message processor 125 may be implemented as part of controller 123
  • at least part of the functionality of message processor 150 may be implemented as part of controller 149.
  • message processor 144 may be implemented as part of any other element of cellular manager 104
  • at least part of the functionality of message processor 198 may be implemented as part of any other element of UE 102
  • at least part of the functionality of message processor 125 may be implemented as part of any other element of WLAN AP 119
  • at least part of the functionality of message processor 150 may be implemented as part of any other element of WT node 106.
  • controller 197, and/or message processor 198 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC).
  • SoC System on Chip
  • the chip or SoC may be configured to perform one or more functionalities of cellular transceiver 165 and/or WLAN TRx 163.
  • the chip or SoC may include one or more elements of controller 197, message processor 198, and/or one or more elements of cellular transceiver 165 and/or WLAN TRx 163.
  • controller 197, message processor 198, cellular transceiver 163, and WLAN TRx 163 may be implemented as part of the chip or SoC.
  • controller 197, message processor 198, cellular transceiver 165 and/or WLAN TRx 163 may be implemented by one or more additional or alternative elements of UE 102.
  • controller 182 and/or message processor 144 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC).
  • SoC System on Chip
  • the chip or SoC may be configured to perform one or more functionalities of cellular transceiver 167 and/or WT node interface 169.
  • the chip or SoC may include one or more elements of controller 182, message processor 144, and/or one or more elements of cellular transceiver 167 and/or WT node interface 169.
  • controller 182, message processor 144, cellular transceiver 167, and WT node interface 169 may be implemented as part of the chip or SoC.
  • controller 182, message processor 144, cellular transceiver 167 and/or WT node interface 169 may be implemented by one or more additional or alternative elements of cellular manager 104.
  • controller 149 and/or message processor 150 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC).
  • SoC System on Chip
  • the chip or SoC may be configured to perform one or more functionalities of WLAN interface 193 and/or cellular manager interface 192.
  • the chip or SoC may include one or more elements of controller 149, message processor 150, and/or one or more elements of WLAN interface 193 and/or cellular manager interface 192.
  • controller 149, message processor 150, WLAN interface 193, and cellular manager interface 192 may be implemented as part of the chip or SoC.
  • controller 149, message processor 150, WLAN interface 193 and/or cellular manager interface 192 may be implemented by one or more additional or alternative elements of WT node 106.
  • controller 123 and/or message processor 125 may be implemented by an integrated circuit, for example, a chip, e.g., a System on Chip (SoC).
  • SoC System on Chip
  • the chip or SoC may be configured to perform one or more functionalities of network interface 121 and/or WLAN TRx 122.
  • the chip or SoC may include one or more elements of controller 123, message processor 125, and/or one or more elements of WLAN TRx 122 and/or network interface 1212.
  • controller 123, message processor 125, WLAN TRx 122, and network interface 121 may be implemented as part of the chip or SoC.
  • controller 123, message processor 125, WLAN TRx 122, and/or network interface 121 may be implemented by one or more additional or alternative elements of WLAN AP 119.
  • cellular manager 104, WT node 106, WLAN AP 119, and/or UE 102 may also include, for example, one or more of a processor, an input unit, an output unit, a memory unit, and/or a storage unit.
  • cellular manager 104 may include a processor 173 and/or a memory 174
  • WT node 106 may include a processor 175 and/or a memory 176
  • WLAN AP may include a processor 129 and/or a memory 127
  • UE 102 may include a memory 151, a processor 152, an input unit 153, an output unit 154, and/or a storage unit 155.
  • UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106 may optionally include other suitable hardware components and/or software components.
  • some or all of the components of one or more of UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106 may be enclosed in a common housing or packaging, and may be interconnected or operably associated using one or more wired or wireless links.
  • components of one or more of UE 102, cellular manager 104, WLAN AP 119, and/or WT node 106 may be distributed among multiple or separate devices.
  • processors 173, 175, 129, and/or 152 may include, for example, a Central Processing Unit (CPU), a Digital Signal Processor (DSP), one or more processor cores, a single-core processor, a dual-core processor, a multiple-core processor, a microprocessor, a host processor, a controller, a plurality of processors or controllers, a chip, a microchip, one or more circuits, circuitry, a logic unit, an Integrated Circuit (IC), an Application-Specific IC (ASIC), or any other suitable multi-purpose or specific processor or controller.
  • CPU Central Processing Unit
  • DSP Digital Signal Processor
  • processor 173 may execute instructions, for example, of an Operating System (OS) of cellular manager 104 and/or of one or more suitable applications; processor 175 may execute instructions of an OS of WT node 106 and/or of one or more suitable applications; processor 129 may execute instructions of an OS of WLAN AP 119 and/or of one or more suitable applications; and/or processor 152 may execute instructions of an OS of UE 102 and/or of one or more suitable applications.
  • OS Operating System
  • input unit 153 may include, for example, a keyboard, a keypad, a mouse, a touch-screen, a touch-pad, a track-ball, a stylus, a microphone, or other suitable pointing device or input device.
  • Output unit 154 includes, for example, a monitor, a screen, a touch- screen, a flat panel display, a Light Emitting Diode (LED) display unit, a Liquid Crystal Display (LCD) display unit, a plasma display unit, one or more audio speakers or earphones, or other suitable output devices.
  • LED Light Emitting Diode
  • LCD Liquid Crystal Display
  • memory unit 174, 176 and/or 151 may include, for example, a Random Access Memory (RAM), a Read Only Memory (ROM), a Dynamic RAM (DRAM), a Synchronous DRAM (SD-RAM), a flash memory, a volatile memory, a non-volatile memory, a cache memory, a buffer, a short term memory unit, a long term memory unit, or other suitable memory units.
  • Storage unit 155 includes, for example, a hard disk drive, a floppy disk drive, a Compact Disk (CD) drive, a CD-ROM drive, a DVD drive, or other suitable removable or non-removable storage units.
  • memory unit 174 may store data processed by cellular manager 104; memory unit 151 may store data processed by UE 102; memory unit 127 may store data processed by WLAN AP 119; and/or memory unit 176 may store data processed by WT node 106.
  • UE 102 may be configured to utilize a cellular connection, e.g., a LTE cellular connection or any other cellular connection, to communicate with cellular manager 104, and a WLAN connection, e.g., a WiFi connection, a mmWave connection, a wireless P2P connection, or any other WLAN connection, to communicate with WLAN AP 119, which may be, for example, connected to, implemented by, and/or controlled by WT node 106.
  • a cellular connection e.g., a LTE cellular connection or any other cellular connection
  • WLAN connection e.g., a WiFi connection, a mmWave connection, a wireless P2P connection, or any other WLAN connection
  • one or more elements of system 100 may perform the functionality of a HetNet, which may utilize a deployment of a mix of technologies, frequencies, cell sizes and/or network architectures, for example, including cellular, WLAN, and/or the like.
  • the HetNet may be configured to provide a service through a first wireless communication environment, e.g., a cellular network, and to maintain the service when switching to another communication environment, e.g., WLAN.
  • the HetNet architecture may enable utilizing a mixture of wireless communication environments, e.g., a WLAN environment and a cellular environment, for example, to optimally respond to rapid changes in customer demand, reduce power consumption, reduce cost, increase efficiency and/or achieve any other benefit.
  • system 100 may utilize a Multi-tier, Multi-Radio Access Technology (Multi-RAT) Het-Net architecture, including a tier of small cells, e.g., pico, femto, relay stations, WiFi APs, and the like, overlaid on top of a macro cellular deployment to augment network capacity.
  • Multi-RAT Multi-RAT small cells integrating multiple radios such as WiFi and 3GPP air interfaces in a single infrastructure device.
  • system 100 may implement any other architecture and/or deployment.
  • UE 102 and/or cellular manager 104 may be configured to establish one or more Evolved UMTS Terrestrial Radio Access Network (E- UTRAN) Radio Access Bearers (E-RABs) between UE 102 and S-GW 185, e.g., via cellular manager 104.
  • E- UTRAN Evolved UMTS Terrestrial Radio Access Network
  • E-RABs Radio Access Bearers
  • UE 102, cellular manager 104 and/or WT node 106 may be configured to communicate according to a LTE/WLAN protocol aggregation (LWA) scheme, e.g., as described below.
  • LWA LTE/WLAN protocol aggregation
  • an LTE/WLAN protocol stack aggregation may be configured to enable LTE interworking with a WLAN protocol stack.
  • the LTE/WLAN protocol stack aggregation may be configured to anchor WLAN mobility at the cellular manager 104.
  • cellular manager 104 and/or WT node 106 may be configured according to a network architecture of a non-collocated LTE/WLAN aggregation, e.g., in which cellular manager 104 and WT node 106 are not collocated as part of an integrated device and/or in which interface 199 is not an internal interface.
  • cellular manager 104 and/or WT node 106 may be configured according to a network architecture of a collocated LTE/WLAN aggregation, e.g., in which cellular manager 104 and WT node 106 may be collocated as part of an integrated device and/or in which interface 199 is an internal interface.
  • some specifications and/or protocols may define one or more protocols ("the IEEE 802.11 protocols") for establishing a connection between a WLAN STA, e.g., a mobile UE, and a WLAN AP.
  • the IEEE 802.11 protocols all require the wireless station and the WLAN AP to engage in an authentication process and in an association process, for example, in order to establish security keys to be used for establishing a secure connection between the wireless station and the WLAN AP.
  • the IEEE 802.11 protocols require that both the WLAN STA and the WLAN AP are to support and use complicated algorithms and protocols, for example, such as operations and/or procedures according to IEEE 802.
  • EAP Extensible Authentication Protocol
  • SAE Secure Attribute Exchange
  • Finite Field Cryptography protocols operations and/or procedures according to Finite Field Cryptography protocols
  • Elliptic Curve Cryptography protocols operations and/or procedures according to Elliptic Curve Cryptography protocols
  • UE 102 and WLAN AP 119 may be configured to establish a secure connection, for example, according to an authentication process, which may utilize a security key, for example, a Pairwise Master Key (PMK).
  • PMK may be used, e.g., during a four-way (4-Way) handshake process, to generate one or more security keys, e.g., one or more Transient Keys (TKs), which may be used to secure communication between UE 102 and WLAN AP 119.
  • TKs Transient Keys
  • UE 102 and/or WLAN AP 119 may be configured to use the security keys to encrypt/decrypt traffic transferred from UE 102 to WLAN AP 119 and/or from WLAN AP 119 to UE 102.
  • an LWA scheme may utilize a WLAN authentication procedure, which may, for example, exploit a connection between cellular manager 114 and WLAN AP 119, for example, via an internal interface, e.g., if WLAN AP 119 is collocated with cellular manager 114, or via an external interface, for example, via interface 199, and/or WT node 106.
  • cellular manager 104 may be configured to enable a coordination of the PMK to be used by the UE 102 and WLAN AP 119, e.g., as described below.
  • controller component 182 may be configured to control transferring of first key information from cellular manager 104 to UE 102 and second key information from cellular manager 104 to WLAN AP 119, e.g., as described below.
  • the second key information, which is provided to the WLAN AP 119 may be based on the first key information, which is provided to UE 102, e.g., as described below.
  • the first and second key information may be configured to facilitate coordination of a PMK to be used by UE 102 and WLAN AP 119, for example, for a 4-way handshake, e.g., as described below.
  • the PMK may include a key, denoted S-Kwr, which may correspond to WT node 106, e.g., as described below.
  • the PMK may be based on a combination of a counter value, e.g., a WT counter provided by WT node 106, and a security key, for example, an eNB key (KeNB), denoted K en b, which may be known to cellular manager 104 and UE 102.
  • controller 149 may be configured to cause WT node 106 to send the WT counter to cellular manager 104, e.g., via interface 199.
  • controller 182 may be configured to retrieve the WT counter from WT node 106, for example, when generating a WT session between cellular node 104 and WT node 106, and/or at one or more additional or alternative instances.
  • the first key information provided from cellular manager 104 to UE 102 may include the WT counter.
  • controller 182 may be configured to cause cellular manager 104 to send to UE 102 a message, e.g., a Radio Resource Control (RRC) message, including the WT counter.
  • RRC Radio Resource Control
  • controller 182 may be configured to cause cellular manager 104 to provide the eNB key to UE 102, e.g., via an RRC message, for example, us part of a handshake, e.g., an LTE handshake, between cellular manager 104 and UE 102.
  • controller component 197 may be configured to determine the PMK based on the WT counter provided by cellular manager 104 and the eNB key corresponding to cellular manager 104.
  • the second key information provided from cellular manager 104 to WLAN AP 119 may include the PMK.
  • controller component 182 may be configured to determine the PMK, e.g., based on the WT counter of WT node 106 and the eNB key corresponding to cellular manager 104.
  • controller component 182 may be configured to cause cellular manager 104 to provide the second key information including the PMK to WLAN AP 119, e.g., directly or via WT node 106.
  • controller component 182 may be configured to cause cellular manager 104 to send to WT node 106 a message, e.g., via interface 199, including the PMK and an indication of UE 102, e.g., a MAC address of UE 102, and/or an indication of a WLAN AP, e.g., a MAC address or Service Set Identifier (SSID), by which the PMK is to be used.
  • SSID Service Set Identifier
  • an eNB may generate a PMK, e.g., the key S-Kwr, to be used for establishing a secure session between a UE, e.g., UE 102, and a WLAN AP, e.g., WLAN AP 119, for example, based on a K eNB of the eNB, and a WT Counter, e.g., a WT counter of WT node 106 connecting between the eNB and the WLAN AP.
  • a PMK e.g., the key S-Kwr
  • the eNB e.g., cellular manager 104
  • the WT node e.g., WT node 106
  • the WLAN AP e.g., WLAN AP 119.
  • the eNB may transfer the WT counter to the UE 102, e.g., using an RRC protocol, and the UE 102 may derive the key S-Kwr, e.g., independently, for example, based on the key S-Kwr and the K e m of the eNB.
  • the key S-Kwr may be used as a PMK by the UE, e.g., UE 102, and the WLAN AP, e.g., WLAN AP 119, for WLAN authentication, for example, when establishing a LWA session between the UE, e.g., UE 102, and the eNB, e.g., cellular manager 104, via the WLAN AP, e.g., WLAN AP 119.
  • the coordination and/or synchronization of the key S-KwT to be used at the UE 102 and the WLAN AP 119 may enable to at least to eliminate a time consuming IEEE 802. IX authentication process, for example, while allowing to only use a 4-way handshake process for generating one or more actual security keys, e.g., the TKs, to secure the communication between the WLAN AP 119 and the UE 102.
  • a LWA session when a LWA session is established using a first version of the PMK, it may be preferred to select not to generate, and/or to select not to use, a new or second version of the PMK during the active LWA session, e.g., as discussed below.
  • generation of a new K e m may be triggered, for example, based on or after handover of a UE, e.g., an intra-eNB handover or inter-eNB handover.
  • an intra-eNB handover may include a handover of a UE from a first cell to a second cell within a same eNB.
  • an inter-eNB handover may include handover of a UE from a first cell of a first eNB to a second cell of a second eNB.
  • the inter-eNB handover and/or the intra-eNB handover may trigger generating a new KeNB for the UE being handed over.
  • generation of a new K e m may be triggered by an eNB based on any other additional or alternative event and/or for any other reason.
  • an eNB may generate a new K e m, for example, to periodically refresh the K e -
  • a first eNB (also referred to as "eNodeB#l"), e.g., a first cellular manager 104, may generate a PMK, for example, based on a KeNB of the eNodeB#l and a WT counter.
  • the eNodeB#l may, for example, transfer the PMK to be provided to WLAN AP 119, e.g., by directly providing the PMK to WLAN AP 119, e.g., if the WLAN AP 119 is collocated with the eNodeB#l, or by providing the PMK to the WT node 106 connected to the WLAN AP 119, e.g., if the WLAN AP 119 is not collocated with the eNodeB .
  • the eNodeB#l may provide the WT counter to UE 102, e.g., via RRC signaling.
  • UE 102 which may have possession of the KeNB of the eNodeB#l, may be able to derive the PMK, e.g., independently, for example, upon LWA activation by the eNodeB#l, and based on the reception of the WT counter.
  • the UE 102 and the WLAN AP 119 may start a 4-way handshake process, for example, to generate one or more security keys, e.g., a set of transient keys, which may be used by UE 102 and/or WLAN AP 119 for encryption and/or decryption processes, for example, to secure communication over a WLAN link between WLAN AP 119 and UE 102, e.g., during a LWA session of UE 102 via WLAN AP 119.
  • security keys e.g., a set of transient keys
  • generation of a new a KeNB may be triggered, for example, by the eNodeB#l, for example, as a result of an inter-eNB handover or for any other reason; or by a second eNB (also referred to as "eNodeB#2"), e.g., a second cellular manager 104, for example, as a result of an intra-eNB handover.
  • a second eNB also referred to as "eNodeB#2”
  • eNodeB#2 e.g., a second cellular manager 104
  • the eNodeB#2 may be in charge of the LWA connection of UE 102.
  • the eNodeB#2 may not be advantageous to have the eNodeB#2 generate a new PMK for UE 102 and WLAN AP 119, e.g., based on a K C N B of the eNodeB#2, and/or to have the UE 102 and the WLAN AP 119 use the new PMK.
  • providing the new PMK to WLAN AP 119 and/or UE 102 may trigger a re- association and/or re-keying process at the WLAN AP 119 and/or the UE 102, which may result in packet loss and/or service degradation.
  • generating and/or using a new PMK during an active LWA session of UE 102 via WLAN AP 119 may require deactivating the LWA, for example, before switching to use the new PMK, e.g., before handover, and potentially re-activating the LWA, e.g., after handover, to enable to use the new PMK.
  • the deactivation of the LWA may result at least in service degradation, for example, as LTE capacity without the WLAN connection may be degraded.
  • requiring that a new S- ⁇ and/or PMK is to be generated and used based on when a new K e NB is generated may result in the WLAN AP and the UE starting a re-association or re-keying process in order to be able to use the new S-Kwr and/or PMK.
  • the re-association process may be long, and may result in service degradation.
  • a re-keying process may be faster, if the re-keying process is not synchronized between the WLAN AP and the UE some packet loss may occur, as the WLAN AP may buffer and send packets encrypted with old transient keys, which are based on the old PMK.
  • multiple key identifiers may be used for different keys, e.g., for the old and the new keys, in practice this may be rarely implemented.
  • using the multiple key identifiers may require a complicated synchronization mechanism when roaming between WLAN APs, as each WLAN AP may need to be aware of the key identifier that was used by the previous WLAN AP.
  • cellular manager 104, UE 102, WT node 106, and/or WLAN AP 119 may be configured to implement one or more mechanisms, which may be configured to enable, for example, at least a PMK refresh process, which may be more smooth, e.g., with reduced or even no packet loss, e.g., as described below.
  • cellular manager 104, UE 102, WT node 106, and/or WLAN AP 119 may be configured to selectively defer generating, transferring and/or using key information, e.g., key information of a PMK, while an LWA session of UE 102 via WLAN AP 119 is active, e.g., as described below.
  • key information e.g., key information of a PMK
  • Some demonstrative embodiments may be implemented, for example, to enhance an LWA scheme, for example, such that a handover, e.g., an LTE handover, may not require LWA deactivation, which, as a result, may require WLAN re-association, which in turn may result in packet loss and/or one or more other adverse effects, e.g., including at least effects which may be noticeable to a user.
  • a handover e.g., an LTE handover
  • WLAN re-association which in turn may result in packet loss and/or one or more other adverse effects, e.g., including at least effects which may be noticeable to a user.
  • Some demonstrative embodiments may be implemented, for example, to allow intra- eNB handover (HO) and/or inter-eNB HO, for example, while reducing and/or avoiding packet loss on a WLAN link of an active LWA session, e.g., as described below.
  • HO intra- eNB handover
  • inter-eNB HO for example, while reducing and/or avoiding packet loss on a WLAN link of an active LWA session, e.g., as described below.
  • an LWA session may be established between an eNB, e.g., cellular manager 104, and a UE, e.g., UE 102, via a WLAN AP, e.g., WLAN AP 119.
  • the UE e.g., UE 102
  • the WLAN AP e.g., WLAN AP 119
  • the eNB e.g., cellular manager 104
  • the eNB may be configured to keep both the WLAN AP, e.g., WLAN AP 119, and the UE, e.g., UE 102, "in the blind” regarding a second version of the PMK ("the new PMK"), for example, as long as the LWA session is active, e.g., as described below.
  • the new PMK a second version of the PMK
  • the eNB e.g., cellular manager 104
  • the eNB may be configured to differ transferring to both the WLAN AP, e.g., WLAN AP 119, and the UE, e.g., UE 102, key information, which may trigger the new PMK, e.g., as described below.
  • the eNB may allow the UE and the WLAN AP to continue using the same transient-keys, which were generated based on the old PMK, for example, for encryption/decryption of traffic of the LWA session.
  • deferring the transferring of the key information to the WLAN AP 119 and the UE 102 may enable to defer a rekeying process to generate new transient keys. Accordingly, deferring the transferring of the key information to the WLAN AP 119 and the UE 102 may enable to maintain the LWA session active, for example, even if the eNB 104 is to generate new key information, e.g., a new K e NB-
  • the new key information may be generated when the UE remains connected to the same WLAN AP 119, e.g., at an intra-eNB HO of a collocated LWA use case, in which the eNB 104 and the WLAN AP 119 are collocated or integrated at the same device.
  • the new key information may be generated at an inter-eNB HO between two eNBs, which are connected to the same WLAN AP 119.
  • cellular node 104, WT node 106, WLAN AP 119 and/or UE 102 may be configured to defer a generation, modification and/or updating of one or more security keys, e.g., one or more transient keys, to secure communication over the WLAN link between WLAN AP 119 and UE 102, for example, when the LWA session of UE 102 via WLAN AP 119 is active, e.g., as described below.
  • security keys e.g., one or more transient keys
  • cellular node 104, WLAN AP 119, WT node 106, and/or UE 102 may be configured to enable not to generate, modify and/or update the one or more security keys, for example, even as long as during a lifetime of the LWA session, e.g., as described below.
  • cellular node 104, WLAN AP 119, WT node 106, and/or UE 102 may be configured to enable not to generate, modify and/or update the one or more security keys, e.g., the TKs, for example, even during an inter-NB or intra-eNB handover of the UE 102, and/or even in response to generation of a new version of the new KeNB, which may be different from the version of the K e NB, which was used for generating the PMK, based on which the security keys, e.g., the TKs, were generated by UE 102 and WLAN AP 119.
  • the security keys e.g., the TKs
  • an eNB e.g., cellular manager 104
  • the WLAN AP and/or the UE may be unaware of an updated version of the key information, e.g., as long as the updated version of the key information is not transferred from the eNB.
  • the UE and WLAN AP may continue to use the same security keys, e.g., transient keys, to secure traffic communicated between the UE and the WLAN AP, for example, without the need to trigger a re-association process and/or a re-keying process.
  • security keys e.g., transient keys
  • the WLAN AP 119 and the UE 102 may be allowed to continue using the same TKs that were generated during the initial 4-way handshake process based on the K e NB and the PMK provided by the eNodeB#l.
  • cellular node 104, WT node 106, UE 102, and/or WLAN AP 119 may be configured to cause and/or allow WLAN AP 119 and UE 102 to use the KeNB and the PMK, for example, only during the initial 4-way handshake process for the generation of the transient keys of the LWA session.
  • cellular node 104, UE 102, WT node 106, and/or WLAN AP 119 may be configured to allow not to regenerate, modify and/or update the transient keys of the LWA session, for example, even as long as the LWA session is active.
  • cellular node 104, UE 102, WT node 106, and/or WLAN AP 119 may be configured to allow WLAN AP 119 and UE 102 to be agnostic to any PMK modifications, for example, even if the eNB has changed, e.g., due to an intra-eNB handover.
  • an eNB e.g., cellular manager 104, may be configured to select not to generate a new PMK for UE 102, for example, as long as there is an active LWA session for UE 102 via WLAN AP 119.
  • an eNB e.g., cellular manager 104
  • an eNB e.g., cellular manager 104
  • cellular manager 104 may be configured to selectively defer updating WLAN AP 119 and/or UE 102 on a new PMK, e.g., as described above, for example, at an intra-eNB handover when UE 102 remains connected to the same WLAN AP 119, for example, at a collocated implementation having the eNB is integrated with the WLAN AP.
  • controller component 182 may be configured to control selective transfer of first key information from cellular node 104 to UE 102 and second key information from cellular node 104 to WLAN AP 119.
  • the second key information may be based on the first key information, e.g., as described above.
  • the first key information may include a WT counter, e.g., corresponding to WT node 106
  • the second key information may be based on the WT counter and an eNB key of cellular node 104.
  • the second key information may include a PMK based on the eNB key and the WT counter, e.g., as described above.
  • controller component 182 may be configured to select to defer transferring of the first key information to the UE 102 and the second key information to the WLAN AP 119, for example, when an active LWA session of the UE 102 is ongoing via the WLAN AP 119, e.g., as described above.
  • controller component 182 may be configured to select to defer transferring of the first key information to the UE 102 and the second key information to the WLAN AP 119, when the first and second key information are based on an eNB key generated by the eNB 104 after establishment of the LWA session of UE 102 via WLAN AP 119, e.g., as described above.
  • controller component 182 may be configured to, prior to establishment of the LWA session, cause the eNB 104 to transfer a first version of the first key information to the UE 102 and a first version of the second key information to the WLAN AP 119, e.g., as described above.
  • controller component 182 may be configured to defer transferring a second version of the first key information, which supersedes the first version of the first key information, to the UE 102 and a second version of the second key information, which supersedes the first version of the second key information, to the WLAN AP 119, for example, at least as long as the LWA session is active, e.g., as described above.
  • the LWA session may include a session handed over to the eNB 104 from another eNB, for example, according to an intra-eNB handover, e.g., as described above.
  • controller component 182 may be configured to defer transferring of the first key information to the UE 102 and the second key information to the WLAN AP 119, when the first and second key information are to be determined based on the eNB key of eNB 104, e.g., after the handover of UE 102 from another eNB to eNB 104.
  • controller component 182 may be configured to defer transferring the first key information to the UE 102 and/or the second key information to the WLAN AP 119, for example, at least as long as the LWA session is active, e.g., as described above. In other embodiments, controller component 182 may be configured to defer transferring the first key information to the UE 102 and/or the second key information to the WLAN AP 119 for any other shorter or longer duration. [00183] Reference is made to Fig.
  • FIG. 2 which schematically illustrates operations and communications between a UE 204, a first eNB 203 (eNodeB#l), a second eNB 233 (eNodeB#2), and a WLAN AP 219, in accordance with some demonstrative embodiments.
  • eNB 203 may include an LTE component 202, which may be configured to communicate with a WT node 206, e.g., a router, via an interface 210, e.g., an Xw interface; and/or eNB 233 may include an LTE component 232, which may be configured to communicate with WT node 206 via an interface 240, e.g., an Xw interface.
  • WT node 206 may be configured to control and/or communicate with one or more WLAN APs, e.g., WLAN AP 219.
  • LTE component 202 may perform one or more roles and/or functionalities of a first cellular manager 104 (Fig. 1)
  • LTE component 232 may perform one or more roles and/or functionalities of a second cellular manager 104 (Fig. 1)
  • WT node 206 may perform one or more roles and/or functionalities of WT node 106 (Fig. 1)
  • WLAN AP 219 may perform one or more roles and/or functionalities of WLAN AP 119 (Fig. 1)
  • interfaces 210 and/or 240 may perform one or more functionalities of interface 199 (Fig. 1).
  • LTE component 202 may be configured to communicate with UE 204 via a cellular link 212.
  • UE 204 may perform one or more functionalities of UE 102 (Fig. 1).
  • eNB 203 may trigger UE 204 to set a PMK at UE 204, e.g., based on an eNB key (KeNB#l) of eNB 203, for example, via a secured LTE connection over link 212, e.g., as described above.
  • KeNB#l eNB key
  • eNB 203 may trigger setting the same PMK, which is set at UE 204, at WLAN AP 219, for example, by providing the PMK to WLAN AP 219 via the secured Xw interface 210, e.g., as described above.
  • WLAN AP 219 may initiate a 4-way handshake with UE 204, for example, to generate one or more Transient-Keys, which are shared between WLAN AP 219 and UE 204, e.g., as described above.
  • WLAN AP 219 and UE 204 may start using the transient-keys to secure traffic communicated between UE 204 and WLAN AP 219, e.g., over a WiFi link 239.
  • WLAN AP 219 and UE 204 use the transient keys for encryption and/or decryption, e.g., IEEE 802.11 encryption/decryption, of packets, e.g., PDCP packets, of an LWA session between eNB 203 and UE 204, e.g., as described above.
  • eNB 203 may select to refresh the KeNB#l. However, for example, since there is an ongoing session of UE 204 via WLAN AP 219, eNB 203 may select not to generate a new PMK. Accordingly, there may be no need to update the WLAN AP 219 and the UE 204 on the change of the KeNB. [00193] In some demonstrative embodiments, as indicated by arrow 268, the UE 204 may be handed over from eNB 203 to eNB 233, for example, according to an eNB HO process to enable eNB 233 to replace eNB 203 with respect to UE 204.
  • eNB 233 may be notified that there is already an ongoing LWA session with UE 204. Accordingly, although eNB 233 may use a different or new KeNB (KeNB#2), e.g., instead of the KeNB#l of eNB 203, the eNB 233 may select not to generate a new PMK for UE 204. Accordingly, there may be no need to update the WLAN AP 219 and the UE 204 on the change of the KeNB.
  • KeNB#2 KeNB
  • cellular node 104 may be configured to perform the selection on whether or not to trigger an update of the security keys between UE 102 and WLAN AP 119, e.g., as described above.
  • an eNB e.g., cellular manager 104
  • the eNB may select not to update the WLAN AP 119 and/or the UE 102 on the new PMK and/or eNB key, e.g., as described above.
  • the UE 102, WT node 106 and/or the WLAN AP 119 may be configured to select not to use the new information, for example, as long as there is an active LWA WiFi session between the WLAN AP 119 and the UE 102, e.g., as described below.
  • the new information shall be used, for example, only once the active LWA WiFi session is terminated and a new one is established.
  • UE 102 may be configured to select whether to defer an update of the security keys between UE 102 and WLAN AP 119, for example, even if a new version of the first security information is received at UE 102 from cellular node 104, e.g., as described below.
  • controller component 197 may be configured to determine a security key based on a first version of key information from an eNB, e.g., cellular mode 104, and, based on the security key, to determine one or more shared keys to secure communication with WLAN AP 119 during the LWA session via the WLAN AP 119.
  • the security key may include the PMK
  • the first version of the key information may include the first version of the eNB key from cellular node 104, e.g., as described above.
  • controller component 197 may be configured to determine the one or more shared keys including one or more TKs, for example, according to a four-way handshake with WLAN AP 119 using the PMK, e.g., as described above.
  • controller component 197 may be configured to select to continue to use the shared keys, which are based on the first version of the key information, for example, even when a second version of the key information, which supersedes the first version of the key information, is received from the cellular network during the LWA session via WLAN AP 119.
  • the first and second versions of the key information may be received from the same eNB.
  • UE 102 may receive from cellular node 104 the first version of the eNB key of cellular node 104, e.g., prior to or during establishment of the LWA session, and UE 102 may receive from cellular node 104 the second version of the eNB key of cellular node 104, for example, while the LWA session via WLAN AP 119 is still active, e.g., as described above.
  • the first and second versions of the key information may be received from first and second respective eNBs.
  • UE 102 may receive from a first cellular node 104 the first version of the eNB key of a first eNB 104, e.g., prior to or during establishment of the LWA session, and UE 102 may receive from a second eNB 104 the second version of the eNB key of the second eNB 104, for example, subsequent to a session handover of the LWA session to the second eNB 104.
  • controller component 197 may be configured to select to continue to use the shared keys, which are based on the first version of the key information, for example, at least as long as the LWA session is active, e.g., as described above.
  • WLAN AP may be configured to select whether to defer an update of the security keys between UE 102 and WLAN AP 119, for example, even if a new version of the second security information is received at WLAN AP 119 from cellular node 104, e.g., as described below.
  • controller component 123 may be configured to determine, based on a first version of a security key from an eNB, e.g., cellular manager 104, one or more shared keys to secure communication during an LWA session of UE 102 via the WLAN AP 119, e.g., as described above.
  • an eNB e.g., cellular manager 104
  • controller component 123 may be configured to determine the one or more shared keys, e.g., including one or more transient keys, based on the first version of the security key, which may include a first version of the PMK, which may be based on an eNB key and a WT counter, e.g., as described above.
  • controller component 123 may be configured to determine the one or more shared keys, e.g., including one or more transient keys, for example, based on a four- way handshake using the PMK, e.g., as described above.
  • controller component 123 may be configured to select to continue to use the shared keys, which are based on the first version of the security key, for example, even when a second version of the security key, which supersedes the first version of the security key, is received during the LWA session of UE 102, e.g., as described above.
  • controller component 123 may be configured to select to continue to use the shared keys, which are based on the first version of the security key, for example, even at least as long as the LWA session is active, e.g., as described above.
  • WT node 106 may be configured to select whether to defer triggering WLAN AP 119 to update the security keys between UE 102 and WLAN AP 119, for example, even if a new version of the second security information is received at WT node 106 from cellular node 104, e.g., as described below.
  • interface 199 may receive from cellular manager 104 a security key corresponding to UE 102.
  • the security key may include a PMK, which may be, for example, based on a WT counter of WT node 106 and an eNB key of cellular manager 104, e.g., as described above.
  • controller component 149 may be configured to control selective transfer of the security key to the WLAN AP 119, e.g., as described above.
  • controller component 149 may be configured to select to defer transferring of the security key to the WLAN AP 119, for example, when an active LWA session of the UE 102 is ongoing via the WLAN AP 119.
  • controller component 149 may be configured to select to defer transferring the security key to the WLAN P 119, for example, at least as long as the LWA session is active. [00219] In some demonstrative embodiments, controller component 149 may be configured to cause the WT node 106 to transfer to the WLAN AP 119 a first version of the security key, e.g., a first PMK, for example, prior to or during establishment of the LWA session, e.g., as described above.
  • a first version of the security key e.g., a first PMK
  • controller component 149 may be configured to select to defer transferring to the WLAN AP 119 a second version of the security key, e.g., a second PMK, which may supersede the first version of the security key, for example, at least as long as the LWA session is active.
  • a second version of the security key e.g., a second PMK
  • interface 192 may receive a first PMK corresponding to UE 102, for example, prior to or during establishment of an LWA session of UE 102 via WLAN AP 119, and controller component 149 may cause WT node 106 to transfer the first PMK to WLAN AP 119, for example, to allow WLAN AP 119 to establish one or more TKs with UE 102 based on the PMK, e.g., as described above.
  • interface 192 may receive a second PMK corresponding to UE 102, for example, while the LWA session of UE 102 via WLAN AP 119 is active, e.g., as described above.
  • controller component 149 may select to defer transferring the second PMK to WLAN AP 119, for example, as long as the LWA session is active, for example, to allow WLAN AP 119 to continue to use the same TKs, which are based on the first PMK, for the LWA session, e.g., as described above.
  • cellular manager 104, WLAN AP 119, and/or UE 102 may be configured to implement a suspend/resume mechanism, which may be configured to controllably suspend and/or resume communication of traffic between WLAN AP 119 and the UE 102, for example, during a process of updating the transient keys between the WLAN AP 119 and the UE 102, e.g., as described below.
  • a suspend/resume mechanism which may be configured to controllably suspend and/or resume communication of traffic between WLAN AP 119 and the UE 102, for example, during a process of updating the transient keys between the WLAN AP 119 and the UE 102, e.g., as described below.
  • the suspend/resume mechanism may be configured to enable, for example, a handover, e.g., an inter-eNB handover or intra-eNB handover, for example, while reducing or even avoiding packet loss, e.g., as described below.
  • a handover e.g., an inter-eNB handover or intra-eNB handover
  • packet loss e.g., as described below.
  • the suspend/resume mechanism may be configured for implementation with respect to intra-eNB handover and/or inter-eNB handover, for example, in a collocated LWA scenario and/or a non-collocated LWA scenario.
  • WLAN AP 119 and/or UE 102 may be able to store traffic to be transmitted ("uplink (UL) data"), for example, until new Transient Keys are generated based the new PMK, e.g., as described below.
  • uplink (UL) data traffic to be transmitted
  • a WLAN AP may be required to start a new rekeying process between the WLAN AP and an UE, for example, when a new PMK based on a new K e NB is generated. This rekeying process may potentially result in packet loss.
  • WLAN AP 119 and/or UE 102 may be configured to selectively "suspend" their data transmission in both uplink and downlink, for example, during a Rekeying process, e.g., during a 4-way handshake following a PMK update.
  • WLAN AP 119 and/or UE 102 may be configured resume the data transmission, for example, after fresh transient keys are generated and available at the WLAN AP 119 and the UE 102, e.g., as described below.
  • an eNB e.g., cellular node 104
  • the current PMK may be based, for example, on a current, e.g., a most recent, K e m-
  • the eNB may be configured to update the WLAN AP 119 and UE 102 on a PMK, e.g., the current PMK or a new PMK, which is to supersede the current PMK.
  • controller component 182 may be configured to cause cellular manager 104 to first update the UE 102 about the PMK, for example, before updating the WLAN AP 119 about the PMK.
  • this may allow having the PMK already installed on the UE 102, e.g., when WLAN AP 119 is to start a 4-way handshake process with UE 102 based on the PMK.
  • the party should stop all UL operations, e.g., by stopping any transmission of data packets to the other party, and should only resume the UL operations to the other party, for example, once the 4-way handshake process is completed and new transient keys were established, e.g., as described below.
  • the party should continue all Downlink (DL) operations based on "old" transient keys, which are based on the current PMK, for example, by accepting encrypted data packets from the other party and decrypting the received packets using the "old" keys, e.g., as described below.
  • DL Downlink
  • a party e.g., each party (either WLAN AP or UE)
  • the party should stop all DL operations, for example, by selecting to stop accepting data packets from the other party and to stop using the "old" keys, e.g., as described below.
  • both parties e.g., the UE and the WLAN AP
  • an eNB e.g., cellular node 104
  • HO inter-eNB handover
  • the eNB e.g., cellular node 104
  • UE 102 may be configured to wait for WLAN AP 119 to start a 4-way handshake process, for example, based on the new PMK, e.g., as described above.
  • UE 102 may be configured to continue to process UL transmissions to WLAN AP 119 and to process DL traffic received from WLAN AP 119, for example, while using one or more "old" or "current" transient-keys, e.g., based on the current PMK, for encryption and/or decryption, e.g., as described above.
  • the eNB may send the new PMK to the WLAN AP 119, for example, internally or using an Xw interface, e.g., interface 199, for example, via WT node 106, e.g., according to an enhanced eNB Configuration Update Xw-AP procedure.
  • WLAN AP 119 may receive the new PMK and may initiate the 4-way handshake process with UE 102, for example, based on the new PMK.
  • WLAN AP 119 may be configured to suspend or stop all UL operations that are not related to the 4-way handshake, for example, by stopping to transmit data-packets towards UE 102.
  • WLAN AP 119 may store part or all information of the suspended UL transmissions, for example, at least until the 4- way handshake process is completed.
  • WLAN AP 119 may select to continue DL operations, for example, to decrypt received data-packets from UE 102, for example, while using the "old" or "current" transient-keys for decryption, e.g., to prevent loss of packets from UE 102 that were already "on air”.
  • UE 102 may receive a first message of the 4- way handshake process from WLAN AP 119 and may, e.g., immediately, stop or suspend, for example, all UL and DL operations that are related to the 4-way handshake. For example, at the stage of receipt of the first message of the 4-way handshake, there may be no new data- packets expected from the WLAN AP 119.
  • WLAN AP 119 may receive a second message of the 4-way handshake process from UE 102 and may, e.g., immediately, stop or suspend, for example, all DL operations that are not related to the 4-way handshake. For example, at the stage of receipt of the second message of the 4-way handshake, there may be no new data-packets expected from UE 102 and, accordingly, there may be no need to perform decryption operations.
  • WLAN AP 119 and UE 102 may be allowed to resume the UL and DL operations, e.g., to communicate data between WLAN AP 119 and UE 102, for example, once the 4-way handshake process is successfully completed, and both parties share the same set of new or fresh Transient- Keys, e.g., based on the new PMK.
  • controller component 123 may be configured to determine, based on a first version of a security key, e.g., a first PMK, a first version of one or more shared keys, e.g., TKs, to secure communication during an LWA session of UE 102 via WLAN AP 119, e.g., as described above.
  • a security key e.g., a first PMK
  • shared keys e.g., TKs
  • controller component 123 may be configured to initiate a four- way handshake with UE 102 based on a second version of the security key, e.g., based on a second PMK, as described above.
  • controller component 123 may be configured to cause WLAN AP 119 to transmit a first message of the four-way handshake to UE 102, and to suspend transmission of traffic of the LWA session to UE 102, e.g., as described above.
  • controller component 123 may be configured to cause WLAN AP 119 to continue processing of traffic of the LWA session from UE 102, for example, based on the first version of the shared keys, e.g., as described above.
  • controller component 123 may be configured to cause WLAN AP 119 to suspend processing of traffic of the LWA session from UE 102, for example, upon receipt of a second message of the four-way handshake from UE 102, e.g., as described above.
  • controller component 123 may be configured to cause WLAN AP 119 to resume communication of the traffic of the LWA session with UE 102 upon completion of the four- way handshake with UE 102, for example, based on a second version of the shared keys, which may be generated based on the second version of the security key, e.g., the second PMK, as described above.
  • controller component 197 may be configured to determine a security key, e.g., a PMK, based on a first version of key information, e.g., a first version of an eNB key from an eNB; and, based on the security key, to determine one or more shared keys, e.g., one or more TKs, to secure communication with WLAN AP 119 during the LWA session via WLAN AP 119, e.g., as described above.
  • a security key e.g., a PMK
  • a first version of key information e.g., a first version of an eNB key from an eNB
  • shared keys e.g., one or more TKs
  • controller component 197 may be configured to determine a new security key, e.g., a new PMK, based on a second version of the key information, e.g., a second version of the eNB key, e.g., as described above.
  • controller component 197 may be configured to select to continue to use the shared keys, which are based on the first version of the key information, e.g., based the fist eNB key, for example, until receipt of the first message of the four-way handshake with WLAN AP 119 based on the new security key, e.g., as described above.
  • controller component 197 may be configured to cause UE 102 to suspend communication of traffic of the LWA session upon receipt of the first message, and to resume communication of the traffic of the LWA session, for example, upon completion of the four-way handshake with the WLAN AP 119 based on the new security key, e.g., the new PMK, as described above.
  • the new security key e.g., the new PMK
  • Fig. 3 schematically illustrates elements of a UE device 300, in accordance with some demonstrative embodiments.
  • one or more elements of UE device 300 may perform the functionality of one or more elements of UE 102 (Fig. 1).
  • one or more elements of UE device 300 may be configured to perform one or more operations and/or the functionalities of one or more of cellular TRx 165 (Fig. 1), WLAN TRx 163 (Fig. 1), controller 197 (Fig., 1), message processor 198 (Fig. 1), and/or one or more other elements of UE 102 (Fig. 1).
  • embodiments of a UE may be implemented into a system using any suitably configured hardware and/or software.
  • Fig. 3 illustrates, for one embodiment, example components of UE device 300.
  • UE device 300 may include application circuitry 302, baseband circuitry 304, Radio Frequency (RF) circuitry 306, front-end module (FEM) circuitry 308, and one or more antennas 810, coupled together at least as shown.
  • RF Radio Frequency
  • FEM front-end module
  • application circuitry 302 may be configured to perform at least part of the functionality of controller 197 (Fig. 1), and/or message processor 198 (Fig. 1); and/or baseband circuitry 304, RF circuitry 306, and/or FEM circuitry 308 may be configured to perform at least part of the functionality of cellular TRx 165 (Fig. 1), WLAN TRx 163 (Fig. 1), controller 197 (Fig. 1), and/or message processor 198 (Fig. 1).
  • the application circuitry 302 may include one or more application processors.
  • the application circuitry 302 may include circuitry such as, but not limited to, one or more single-core or multi-core processors.
  • the processor(s) may include any combination of general-purpose processors and dedicated processors (e.g., graphics processors, application processors, etc.).
  • the processors may be coupled with and/or may include memory/storage and may be configured to execute instructions stored in the memory/storage to enable various applications and/or operating systems to run on the system.
  • the baseband circuitry 304 may include circuitry such as, but not limited to, one or more single-core or multi-core processors.
  • the baseband circuitry 304 may include one or more baseband processors and/or control logic to process baseband signals received from a receive signal path of the RF circuitry 306 and to generate baseband signals for a transmit signal path of the RF circuitry 306.
  • Baseband processing circuitry 304 may interface with the application circuitry 302, for example, for generation and processing of the baseband signals and for controlling operations of the RF circuitry 306.
  • the baseband circuitry 304 may include a second generation (2G) baseband processor 304a, a third generation (3G) baseband processor 304b, a fourth generation (4G) baseband processor 304c, and/or other baseband processor(s) 304d for other existing generations, generations in development or to be developed in the future (e.g., fifth generation (5G), 6G, etc.).
  • the baseband circuitry 304 e.g., one or more of baseband processors 304a-d
  • the radio control functions may include, but are not limited to, signal modulation/demodulation, encoding/decoding, radio frequency shifting, etc.
  • modulation/demodulation circuitry of the baseband circuitry 304 may include Fast-Fourier Transform (FFT), precoding, and/or constellation mapping/demapping functionality.
  • encoding/decoding circuitry of the baseband circuitry 304 may include convolution, tail-biting convolution, turbo, Viterbi, and/or Low Density Parity Check (LDPC) encoder/decoder functionality.
  • LDPC Low Density Parity Check
  • the baseband circuitry 304 may include elements of a protocol stack such as, for example, elements of an evolved universal terrestrial radio access network (EUTRAN) protocol including, for example, physical (PHY), media access control (MAC), radio link control (RLC), packet data convergence protocol (PDCP), and/or radio resource control (RRC) elements.
  • EUTRAN evolved universal terrestrial radio access network
  • a central processing unit (CPU) 304e of the baseband circuitry 304 may be configured, for example, to run elements of the protocol stack for signaling of the PHY, MAC, RLC, PDCP and/or RRC layers.
  • the baseband circuitry may include one or more audio digital signal processor(s) (DSP) 304f.
  • DSP audio digital signal processor
  • the audio DSP(s) 304f may be include elements for compression/decompression and echo cancellation, and/or may include other suitable processing elements in other embodiments.
  • Components of the baseband circuitry 304 may be suitably combined in a single chip, a single chipset, or disposed on a same circuit board in some embodiments.
  • some or all of the constituent components of the baseband circuitry 304 and the application circuitry 302 may be implemented together such as, for example, on a system on a chip (SOC).
  • SOC system on a chip
  • the baseband circuitry 304 may provide for communication compatible with one or more radio technologies.
  • the baseband circuitry 304 may support communication with an evolved universal terrestrial radio access network (EUTRAN) and/or other wireless metropolitan area networks (WMAN), a wireless local area network (WLAN), a wireless personal area network (WPAN), and/or one or more additional or alternative networks.
  • EUTRAN evolved universal terrestrial radio access network
  • WMAN wireless metropolitan area networks
  • WLAN wireless local area network
  • WPAN wireless personal area network
  • multi-mode baseband circuitry Embodiments in which the baseband circuitry 304 is configured to support radio communications of more than one wireless protocol.
  • RF circuitry 306 may enable communication with wireless networks using modulated electromagnetic radiation through a non-solid medium.
  • the RF circuitry 306 may include switches, filters, amplifiers, etc. to facilitate the communication with the wireless network.
  • RF circuitry 306 may include a receive signal path which may include circuitry to down-convert RF signals received from the FEM circuitry 308, and to provide baseband signals to the baseband circuitry 304.
  • RF circuitry 306 may also include a transmit signal path which may include circuitry to up-convert baseband signals provided by the baseband circuitry 304 and provide RF output signals to the FEM circuitry 308 for transmission.
  • the RF circuitry 306 may include a receive signal path and a transmit signal path.
  • the receive signal path of the RF circuitry 306 may include mixer circuitry 306a, amplifier circuitry 306b, and filter circuitry 306c.
  • the transmit signal path of the RF circuitry 306 may include filter circuitry 306c and mixer circuitry 306a.
  • RF circuitry 306 may also include synthesizer circuitry 306d for synthesizing a frequency for use by the mixer circuitry 306a of the receive signal path and the transmit signal path.
  • the mixer circuitry 306a of the receive signal path may be configured to down-convert RF signals received from the FEM circuitry 308 based on the synthesized frequency provided by synthesizer circuitry 306d.
  • the amplifier circuitry 306b may be configured to amplify the down-converted signals and the filter circuitry 306c may be, for example, a low-pass filter (LPF) or a band-pass filter (BPF), configured to remove unwanted signals from the down-converted signals to generate output baseband signals.
  • LPF low-pass filter
  • BPF band-pass filter
  • Output baseband signals may be provided to the baseband circuitry 304 for further processing.
  • the output baseband signals may be zero-frequency baseband signals, although this is not a requirement.
  • mixer circuitry 306a of the receive signal path may comprise passive mixers, although the scope of the embodiments is not limited in this respect.
  • the mixer circuitry 306a of the transmit signal path may be configured to up-convert input baseband signals based on the synthesized frequency provided by the synthesizer circuitry 306d to generate RF output signals for the FEM circuitry 308.
  • the baseband signals may be provided by the baseband circuitry 304 and may be filtered by filter circuitry 306c.
  • the filter circuitry 306c may include a low-pass filter (LPF), although the scope of the embodiments is not limited in this respect.
  • LPF low-pass filter
  • the mixer circuitry 306a of the receive signal path and the mixer circuitry 306a of the transmit signal path may include two or more mixers and may be arranged for quadrature downconversion and/or upconversion respectively.
  • the mixer circuitry 306a of the receive signal path and the mixer circuitry 306a of the transmit signal path may include two or more mixers and may be arranged for image rejection (e.g., Hartley image rejection).
  • the mixer circuitry 306a of the receive signal path and the mixer circuitry 306a may be arranged for direct downconversion and/or direct upconversion, respectively.
  • the mixer circuitry 306a of the receive signal path and the mixer circuitry 306a of the transmit signal path may be configured for super-heterodyne operation.
  • the output baseband signals and the input baseband signals may be analog baseband signals, although the scope of the embodiments is not limited in this respect.
  • the output baseband signals and the input baseband signals may be digital baseband signals.
  • the RF circuitry 306 may include analog-to-digital converter (ADC) and digital-to-analog converter (DAC) circuitry
  • the baseband circuitry 304 may include a digital baseband interface to communicate with the RF circuitry 306.
  • ADC analog-to-digital converter
  • DAC digital-to-analog converter
  • a separate radio IC circuitry may be provided for processing signals for each spectrum, although the scope of the embodiments is not limited in this respect.
  • the synthesizer circuitry 306d may be a fractional-N synthesizer or a fractional N/N+l synthesizer, although the scope of the embodiments is not limited in this respect as other types of frequency synthesizers may be suitable.
  • synthesizer circuitry 306d may be a delta-sigma synthesizer, a frequency multiplier, or a synthesizer comprising a phase-locked loop with a frequency divider.
  • the synthesizer circuitry 306d may be configured to synthesize an output frequency for use by the mixer circuitry 306a of the RF circuitry 306 based on a frequency input and a divider control input. In some embodiments, the synthesizer circuitry 306d may be a fractional N/N+l synthesizer.
  • frequency input may be provided by a voltage controlled oscillator (VCO), although that is not a requirement.
  • VCO voltage controlled oscillator
  • Divider control input may be provided by either the baseband circuitry 304 or the applications processor 302 depending on the desired output frequency.
  • a divider control input (e.g., N) may be determined from a look-up table based on a channel indicated by the applications processor 302.
  • synthesizer circuitry 306d of the RF circuitry 306 may include a divider, a delay-locked loop (DLL), a multiplexer and a phase accumulator.
  • the divider may be a dual modulus divider (DMD) and the phase accumulator may be a digital phase accumulator (DPA).
  • the DMD may be configured to divide the input signal by either N or N+l (e.g., based on a carry out) to provide a fractional division ratio.
  • the DLL may include a set of cascaded, tunable, delay elements, a phase detector, a charge pump and a D- type flip-flop.
  • the delay elements may be configured to break a VCO period up into Nd equal packets of phase, where Nd is the number of delay elements in the delay line.
  • Nd is the number of delay elements in the delay line.
  • synthesizer circuitry 306d may be configured to generate a carrier frequency as the output frequency, while in other embodiments, the output frequency may be a multiple of the carrier frequency (e.g., twice the carrier frequency, four times the carrier frequency) and used in conjunction with quadrature generator and divider circuitry to generate multiple signals at the carrier frequency with multiple different phases with respect to each other.
  • the output frequency may be a LO frequency (fLO).
  • the RF circuitry 306 may include an IQ/polar converter.
  • FEM circuitry 308 may include a receive signal path which may include circuitry configured to operate on RF signals received from one or more antennas 810, amplify the received signals and provide the amplified versions of the received signals to the RF circuitry 306 for further processing.
  • FEM circuitry 308 may also include a transmit signal path which may include circuitry configured to amplify signals for transmission provided by the RF circuitry 306 for transmission by one or more of the one or more antennas 810.
  • the FEM circuitry 308 may include a TX/RX switch to switch between transmit mode and receive mode operation.
  • the FEM circuitry may include a receive signal path and a transmit signal path.
  • the receive signal path of the FEM circuitry may include a low-noise amplifier (LNA) to amplify received RF signals and provide the amplified received RF signals as an output (e.g., to the RF circuitry 306).
  • LNA low-noise amplifier
  • the transmit signal path of the FEM circuitry 308 may include a power amplifier (PA) to amplify input RF signals (e.g., provided by RF circuitry 306), and one or more filters to generate RF signals for subsequent transmission (e.g., by one or more of the one or more antennas 810.
  • PA power amplifier
  • the UE device 300 may include one or more additional or alternative elements such as, for example, memory/storage, display, camera, sensor, and/or input/output (I/O) interface.
  • additional or alternative elements such as, for example, memory/storage, display, camera, sensor, and/or input/output (I/O) interface.
  • Fig. 4 schematically illustrates a method of selectively updating key information of a secured WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
  • a wireless communication system e.g., system 100 (Fig. 1); a cellular manager, for example, an eNB, e.g., cellular manager 104 (Fig. 1), eNB 203 (Fig. 2), and/or eNB 233 (Fig. 2); an interface, e.g., cellular TRx 167 (Fig. 1), and/or WLAN node interface 169 (Fig.
  • the method may include communicating, at an eNB, with a WLAN AP.
  • cellular manager 104 (Fig. 1) may communicate with WLAN AP 119 (Fig. 1), e.g., directly or via WT node 106 (Fig. 1), as described above.
  • the method may include communicating with a UE via a cellular interface.
  • cellular manager 104 (Fig. 1) may communicate with UE 102 (Fig. 1), e.g., as described above.
  • the method may include selecting to defer transferring of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, when an LWA session of the UE is ongoing via the WLAN AP.
  • controller component 182 may select to defer transferring of first key information from cellular manager 104 (Fig. 1) to UE 102 (Fig. 1) and second key information from cellular manager 104 (Fig. 1) to WLAN AP 119 (Fig. 1), when an LWA session of UE 102 (Fig. 1) is ongoing via the WLAN AP 119 (Fig. 1), e.g., as described above.
  • Fig. 5 schematically illustrates a method of selectively updating key information of a secured WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
  • a wireless communication system e.g., system 100 (Fig. 1); a UE, e.g., UE 102 (Fig. 1), UE 204 (Fig. 2), and/or UE 300 (Fig. 3); an interface, e.g., cellular TRx 165 (Fig. 1), and/or WLAN TRx 163 (Fig. 1); a message processor, e.g., message processor 198 (Fig. 1); and/or a controller, e.g., controller 197 (Fig. 1).
  • a wireless communication system e.g., system 100 (Fig. 1); a UE, e.g., UE 102 (Fig. 1), UE 204 (Fig. 2), and/or UE 300 (Fig. 3); an interface, e.g., cellular TRx 165
  • the method may include determining a security key based on a first version of key information from an eNB of a cellular network.
  • controller component 197 may determine a security key based on a first version of key information from a cellular manager 104 (Fig. 1) of a cellular network, e.g., as described above.
  • the method may include based on the security key, determining one or more shared keys to secure communication with a WLAN AP during an LWA session via the WLAN AP.
  • controller component 197 (Fig. 1) may determine one or more shared keys, e.g., one or more TKs, to secure communication during an LWA session via WLAN AP 119 (Fig. 1), e.g., as described above.
  • the method may include, selecting to continue to use the shared keys, which are based on the first version of the key information, for example, even when a second version of the key information, which supersedes the first version of the key information, is received from the cellular network during the LWA session.
  • controller component 197 (Fig. 1) may select to continue to use the shared keys, which are based on the first version of the key information, for example, even when a second version of the key information, which supersedes the first version of the key information, is received from the cellular network during the LWA session, e.g., as described above.
  • Fig. 6 schematically illustrates a method of selectively updating key information of a secured WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
  • a wireless communication system e.g., system 100 (Fig. 1); a WLAN AP, e.g., WLAN AP 119 (Fig. 1), and/or WLAN AP 219 (Fig. 2); an interface, e.g., network interface 121, and/or WLAN TRx 122 (Fig. 1); a message processor, e.g., message processor 125 (Fig. 1); and/or a controller, e.g., controller 123 (Fig. 1).
  • a wireless communication system e.g., system 100 (Fig. 1); a WLAN AP, e.g., WLAN AP 119 (Fig. 1), and/or WLAN AP 219 (Fig. 2); an interface, e.g., network interface 121, and/or WLAN TRx 122 (Fig. 1); a message processor
  • the method may include determining, based on a first version of a security key from an eNB, one or more shared keys to secure communication during an LWA session of a UE via the WLAN AP.
  • controller component 123 may determine one or more shared keys, e.g., TKs, to secure communication with UE 102 (Fig. 1) during an LWA session, for example, based on a first PMK, e.g., as described above.
  • the method may include selecting to continue to use the shared keys, which are based on the first version of the security key, for example, even when a second version of the security key, which supersedes the first version of the security key, is received during the LWA session.
  • controller component 123 (Fig. 1) may select to continue to use the shared keys, which are based on the first version of the PMK, for example, even when a second version of the PMK, which supersedes the first version of the PMK, is received during the LWA session, e.g., as described above.
  • Product 700 may include one or more tangible computer-readable non-transitory storage media 702, which may include computer-executable instructions, e.g., implemented by logic 704, operable to, when executed by at least one computer processor, enable the at least one computer processor to implement one or more operations at a cellular manager, for example, an eNB, e.g., cellular manager 104 (Fig. 1), eNB 203 (Fig. 2), and/or eNB 233 (Fig. 2); one or more components of a UE, e.g., UE 102 (Fig. 1), UE 204 (Fig.
  • a cellular manager for example, an eNB, e.g., cellular manager 104 (Fig. 1), eNB 203 (Fig. 2), and/or eNB 233 (Fig. 2); one or more components of a UE, e.g., UE 102 (Fig. 1), UE 204 (Fig.
  • a WT node e.g., WT node 106 (Fig. 1); one or more components of a WLAN AP, e.g., WLAN AP 119 (Fig. 1), and/or WLAN AP 219 (Fig. 2); a controller, e.g., controller 182 (Fig. 1), controller 197 (Fig. 1), controller 123 (Fig. 1), and/or controller 149 (Fig. 1); and/or a message processor, e.g., message processor 144 (Fig. 1), message processor 198 (Fig. 1), message processor 125 (Fig. 1), and/or message processor 150 (Fig.
  • non-transitory machine-readable medium is directed to include all computer-readable media, with the sole exception being a transitory propagating signal.
  • product 700 and/or machine-readable storage medium 702 may include one or more types of computer-readable storage media capable of storing data, including volatile memory, non-volatile memory, removable or non-removable memory, erasable or non-erasable memory, writeable or re-writeable memory, and the like.
  • machine-readable storage medium 702 may include, RAM, DRAM, Double- Data-Rate DRAM (DDR-DRAM), SDRAM, static RAM (SRAM), ROM, programmable ROM (PROM), erasable programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), Compact Disk ROM (CD-ROM), Compact Disk Recordable (CD-R), Compact Disk Rewriteable (CD-RW), flash memory (e.g., NOR or NAND flash memory), content addressable memory (CAM), polymer memory, phase-change memory, ferroelectric memory, silicon-oxide-nitride-oxide- silicon (SONOS) memory, a disk, a floppy disk, a hard drive, an optical disk, a magnetic disk, a card, a magnetic card, an optical card, a tape, a cassette, and the like.
  • RAM random access memory
  • DDR-DRAM Double- Data-Rate DRAM
  • SDRAM static RAM
  • ROM read-only memory
  • the computer-readable storage media may include any suitable media involved with downloading or transferring a computer program from a remote computer to a requesting computer carried by data signals embodied in a carrier wave or other propagation medium through a communication link, e.g., a modem, radio or network connection.
  • a communication link e.g., a modem, radio or network connection.
  • logic 704 may include instructions, data, and/or code, which, if executed by a machine, may cause the machine to perform a method, process and/or operations as described herein.
  • the machine may include, for example, any suitable processing platform, computing platform, computing device, processing device, computing system, processing system, computer, processor, or the like, and may be implemented using any suitable combination of hardware, software, firmware, and the like.
  • logic 704 may include, or may be implemented as, software, a software module, an application, a program, a subroutine, instructions, an instruction set, computing code, words, values, symbols, and the like.
  • the instructions may include any suitable type of code, such as source code, compiled code, interpreted code, executable code, static code, dynamic code, and the like.
  • the instructions may be implemented according to a predefined computer language, manner or syntax, for instructing a processor to perform a certain function.
  • the instructions may be implemented using any suitable high-level, low-level, object-oriented, visual, compiled and/or interpreted programming language, such as C, C++, Java, BASIC, Matlab, Pascal, Visual BASIC, assembly language, machine code, and the like.
  • Example 1 includes an apparatus of an Evolved Node B (eNB) comprising a Wireless Local Area Network (WLAN) interface to communicate with a WLAN Access Point (AP); a cellular transceiver to communicate with a User Equipment (UE); and a controller component configured to control selective transfer of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, the second key information is based on the first key information, the controller component configured to select to defer transferring of the first key information to the UE and the second key information to the WLAN AP, when an active Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP.
  • LTE Long-Term-Evolution
  • LWA Long-Term-Evolution
  • Example 2 includes the subject matter of Example 1, and optionally, wherein the controller component is configured to, prior to establishment of the LWA session, cause the eNB to transfer a first version of the first key information to the UE and a first version of the second key information to the WLAN AP, the controller component is configured to defer transferring a second version of the first key information to the UE and a second version of the second key information to the WLAN AP, at least as long as the LWA session is active, the second version of the first and second key information supersedes the first version of the first and second key information.
  • Example 3 includes the subject matter of Example 1, and optionally, wherein the LWA session comprises a session handed over to the eNB from another eNB.
  • Example 4 includes the subject matter of any one of Examples 1-3, and optionally, wherein the controller component is to defer transferring the first key information to the UE and the second key information to the WLAN P at least as long as the LWA session is active.
  • Example 5 includes the subject matter of any one of Examples 1-4, and optionally, wherein the first key information comprises a WLAN Termination (WT) counter, and the second key information is based on the WT counter and an eNB key of the eNB.
  • Example 6 includes the subject matter of Example 5, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
  • PMK Pairwise Master Key
  • Example 7 includes the subject matter of Example 5 or 6, and optionally, wherein the eNB key comprises a key generated by the eNB after establishment of the LWA session.
  • Example 8 includes the subject matter of any one of Examples 1-7, and optionally, comprising one or more antennas, a memory and a processor.
  • Example 9 includes an apparatus comprising circuitry and logic configured to trigger an Evolved Node B (eNB) to communicate with a Wireless Local Area Network (WLAN) Access Point (AP); communicate with a User Equipment (UE) via a cellular interface; and select to defer transferring of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, when an active Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP, the second key information is based on the first key information.
  • eNB Evolved Node B
  • WLAN Wireless Local Area Network
  • UE User Equipment
  • Example 10 includes the subject matter of Example 9, and optionally, wherein the apparatus is configured to, prior to establishment of the LWA session, cause the eNB to transfer a first version of the first key information to the UE and a first version of the second key information to the WLAN AP, and to defer transferring a second version of the first key information to the UE and a second version of the second key information to the WLAN AP, at least as long as the LWA session is active, the second version of the first and second key information supersedes the first version of the first and second key information.
  • Example 11 includes the subject matter of Example 9, and optionally, wherein the LWA session comprises a session handed over to the eNB from another eNB.
  • Example 12 includes the subject matter of any one of Examples 9-11, and optionally, wherein the apparatus is configured to cause the eNB to defer transferring the first key information to the UE and the second key information to the WLAN P at least as long as the LWA session is active.
  • Example 13 includes the subject matter of any one of Examples 9-12, and optionally, wherein the first key information comprises a WLAN Termination (WT) counter, and the second key information is based on the WT counter and an eNB key of the eNB.
  • WT WLAN Termination
  • Example 14 includes the subject matter of Example 13, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
  • PMK Pairwise Master Key
  • Example 15 includes the subject matter of Example 13 or 14, and optionally, wherein the eNB key comprises a key generated by the eNB after establishment of the LWA session.
  • Example 16 includes the subject matter of any one of Examples 9-15, and optionally, comprising one or more antennas, a memory and a processor.
  • Example 17 includes a system of cellular communication comprising an Evolved Node B (eNB), the eNB comprising one or more antennas; a memory; a processor; a Wireless Local Area Network (WLAN) interface to communicate with a WLAN Access Point (AP); a cellular transceiver to communicate with a User Equipment (UE); and a controller component configured to control selective transfer of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, the second key information is based on the first key information, the controller component configured to select to defer transferring of the first key information to the UE and the second key information to the WLAN AP, when an active Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP.
  • LTE Long-Term-Evolution
  • LWA Long-Term-Evolution
  • Example 18 includes the subject matter of Example 17, and optionally, wherein the controller component is configured to, prior to establishment of the LWA session, cause the eNB to transfer a first version of the first key information to the UE and a first version of the second key information to the WLAN AP, the controller component is configured to defer transferring a second version of the first key information to the UE and a second version of the second key information to the WLAN AP, at least as long as the LWA session is active, the second version of the first and second key information supersedes the first version of the first and second key information.
  • Example 19 includes the subject matter of Example 17, and optionally, wherein the LWA session comprises a session handed over to the eNB from another eNB.
  • Example 20 includes the subject matter of any one of Examples 17-19, and optionally, wherein the controller component is to defer transferring the first key information to the UE and the second key information to the WLAN P at least as long as the LWA session is active.
  • Example 21 includes the subject matter of any one of Examples 17-20, and optionally, wherein the first key information comprises a WLAN Termination (WT) counter, and the second key information is based on the WT counter and an eNB key of the eNB.
  • WT WLAN Termination
  • Example 22 includes the subject matter of Example 21, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
  • PMK Pairwise Master Key
  • Example 23 includes the subject matter of Example 21 or 22, and optionally, wherein the eNB key comprises a key generated by the eNB after establishment of the LWA session.
  • Example 24 includes a method to be performed at an Evolved Node B (eNB), the method comprising communicating with a Wireless Local Area Network (WLAN) Access Point (AP); communicating with a User Equipment (UE) via a cellular interface; and selecting to defer transferring of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, when an active Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP, the second key information is based on the first key information.
  • eNB Evolved Node B
  • UE User Equipment
  • Example 25 includes the subject matter of Example 24, and optionally, comprising, prior to establishment of the LWA session, causing the eNB to transfer a first version of the first key information to the UE and a first version of the second key information to the WLAN AP, and deferring transferring a second version of the first key information to the UE and a second version of the second key information to the WLAN AP, at least as long as the LWA session is active, the second version of the first and second key information supersedes the first version of the first and second key information.
  • Example 26 includes the subject matter of Example 24, and optionally, wherein the LWA session comprises a session handed over to the eNB from another eNB.
  • Example 27 includes the subject matter of any one of Examples 24-26, and optionally, comprising deferring transferring the first key information to the UE and the second key information to the WLAN P at least as long as the LWA session is active.
  • Example 28 includes the subject matter of any one of Examples 24-27, and optionally, wherein the first key information comprises a WLAN Termination (WT) counter, and the second key information is based on the WT counter and an eNB key of the eNB.
  • WT WLAN Termination
  • Example 29 includes the subject matter of Example 28, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
  • PMK Pairwise Master Key
  • Example 30 includes the subject matter of Example 28 or 29, and optionally, wherein the eNB key comprises a key generated by the eNB after establishment of the LWA session.
  • Example 31 includes a product comprising one or more tangible computer-readable non-transitory storage media comprising computer-executable instructions operable to, when executed by at least one computer processor, enable the at least one computer processor to implement operations at an Evolved Node B (eNB), the operations comprising communicating with a Wireless Local Area Network (WLAN) Access Point (AP); communicating with a User Equipment (UE) via a cellular interface; and selecting to defer transferring of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, when an active Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP, the second key information is based on the first key information.
  • LTE Long-Term-Evolution
  • LWA Long-Term-Evolution
  • LWA Long-Term
  • Example 32 includes the subject matter of Example 31, and optionally, wherein the operations comprise, prior to establishment of the LWA session, causing the eNB to transfer a first version of the first key information to the UE and a first version of the second key information to the WLAN AP, and deferring transferring a second version of the first key information to the UE and a second version of the second key information to the WLAN AP, at least as long as the LWA session is active, the second version of the first and second key information supersedes the first version of the first and second key information.
  • Example 33 includes the subject matter of Example 31, and optionally, wherein the LWA session comprises a session handed over to the eNB from another eNB.
  • Example 34 includes the subject matter of any one of Examples 31-33, and optionally, wherein the operations comprise deferring transferring the first key information to the UE and the second key information to the WLAN P at least as long as the LWA session is active.
  • Example 35 includes the subject matter of any one of Examples 31-34, and optionally, wherein the first key information comprises a WLAN Termination (WT) counter, and the second key information is based on the WT counter and an eNB key of the eNB.
  • WT WLAN Termination
  • Example 36 includes the subject matter of Example 35, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
  • PMK Pairwise Master Key
  • Example 37 includes the subject matter of Example 35 or 36, and optionally, wherein the eNB key comprises a key generated by the eNB after establishment of the LWA session.
  • Example 38 includes an apparatus of cellular communication by an Evolved Node B (eNB), the apparatus comprising means for communicating with a Wireless Local Area Network (WLAN) Access Point (AP); means for communicating with a User Equipment (UE) via a cellular interface; and means for selecting to defer transferring of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, when an active Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP, the second key information is based on the first key information.
  • LTE Long-Term-Evolution
  • LWA Long-Term-Evolution
  • Example 39 includes the subject matter of Example 38, and optionally, comprising means for, prior to establishment of the LWA session, causing the eNB to transfer a first version of the first key information to the UE and a first version of the second key information to the WLAN AP, and deferring transferring a second version of the first key information to the UE and a second version of the second key information to the WLAN AP, at least as long as the LWA session is active, the second version of the first and second key information supersedes the first version of the first and second key information.
  • Example 40 includes the subject matter of Example 38, and optionally, wherein the LWA session comprises a session handed over to the eNB from another eNB.
  • Example 41 includes the subject matter of any one of Examples 38-40, and optionally, comprising means for deferring transferring the first key information to the UE and the second key information to the WLAN P at least as long as the LWA session is active.
  • Example 42 includes the subject matter of any one of Examples 38-41, and optionally, wherein the first key information comprises a WLAN Termination (WT) counter, and the second key information is based on the WT counter and an eNB key of the eNB.
  • WT WLAN Termination
  • Example 43 includes the subject matter of Example 42, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
  • PMK Pairwise Master Key
  • Example 44 includes the subject matter of Example 42 or 43, and optionally, wherein the eNB key comprises a key generated by the eNB after establishment of the LWA session.
  • Example 45 includes an apparatus of a User Equipment (UE), the apparatus comprising a cellular transceiver to communicate with a cellular network; a Wireless Local Area Network (WLAN) transceiver to communicate with a WLAN Access Point (AP); and a controller component configured to determine a security key based on a first version of key information from an evolved Node B (eNB) and, based on the security key, to determine one or more shared keys to secure communication with the WLAN AP during a Long-Term- Evolution (LTE) WLAN Aggregation (LWA) session via the WLAN AP, the controller configured to select to continue to use the shared keys, which are based on the first version of the key information, when a second version of the key information, which supersedes the first version of the key information, is received from the cellular network during the LWA session.
  • eNB evolved Node B
  • LTE Long-Term- Evolution
  • LWA Long-Term- Evolution
  • Example 46 includes the subject matter of Example 45, and optionally, wherein the controller component is configured to select to continue to use the shared keys, which are based on the first version of the key information, at least as long as the LWA session is active.
  • Example 47 includes the subject matter of Example 45 or 46, and optionally, wherein the controller component is configured to determine a new security key based on the second version of the key information, the controller component is configured to select to continue to use the shared keys, which are based on the first version of the key information, until receipt of a first message of a four-way handshake with the WLAN AP based on the new security key, the controller component is configured to cause the UE to suspend communication of traffic of the LWA session upon receipt of the first message, and to resume communication of the traffic of the LWA session upon completion of the four-way handshake with the WLAN AP based on the new security key.
  • Example 48 includes the subject matter of any one of Examples 45-47, and optionally, wherein the second version of the key
  • Example 49 includes the subject matter of any one of Examples 45-47, and optionally, wherein the second version of the key information is from another eNB, subsequent to session handover to the another eNB.
  • Example 50 includes the subject matter of any one of Examples 45-49, and optionally, wherein the controller component is to determine the shared keys according to a four-way handshake with the WLAN AP.
  • Example 51 includes the subject matter of any one of Examples 45-50, and optionally, comprising one or more antennas, a memory and a processor.
  • Example 52 includes an apparatus comprising circuitry and logic configured to trigger a User Equipment (UE) to determine a security key based on a first version of key information from an evolved Node B (eNB) of a cellular network; based on the security key, determine one or more shared keys to secure communication with a Wireless Local Area Network (WLAN) Access Point (AP) during a Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session via the WLAN AP; and when a second version of the key information, which supersedes the first version of the key information, is received from the cellular network during the LWA session, select to continue to use the shared keys, which are based on the first version of the key information.
  • UE User Equipment
  • eNB evolved Node B
  • AP Wireless Local Area Network
  • LTE Long-Term-Evolution
  • LWA Long-Term-Evolution
  • Example 53 includes the subject matter of Example 52, and optionally, wherein the apparatus is configured to select to continue to use the shared keys, which are based on the first version of the key information, at least as long as the LWA session is active.
  • Example 54 includes the subject matter of Example 52 or 53, and optionally, wherein the apparatus is configured to cause the UE to determine a new security key based on the second version of the key information, to select to continue to use the shared keys, which are based on the first version of the key information, until receipt of a first message of a four-way handshake with the WLAN AP based on the new security key, to suspend communication of traffic of the LWA session upon receipt of the first message, and to resume communication of the traffic of the LWA session upon completion of the four-way handshake with the WLAN AP based on the new security key.
  • Example 55 includes the subject matter of any one of Examples 52-54, and optionally, wherein the second version of the key information is from the eNB.
  • Example 56 includes the subject matter of any one of Examples 52-54, and optionally, wherein the second version of the key information is from another eNB, subsequent to session handover to the another eNB.
  • Example 57 includes the subject matter of any one of Examples 52-56, and optionally, wherein the apparatus is configured to cause the UE to determine the shared keys according to a four-way handshake with the WLAN AP.
  • Example 58 includes the subject matter of any one of Examples 52-57, and optionally, comprising one or more antennas, a memory and a processor.
  • Example 59 includes a system of cellular communication comprising a User Equipment (UE), the UE comprising one or more antennas; a memory; a processor; a cellular transceiver to communicate with a cellular network; a Wireless Local Area Network (WLAN) transceiver to communicate with a WLAN Access Point (AP); and a controller component configured to determine a security key based on a first version of key information from an evolved Node B (eNB) and, based on the security key, to determine one or more shared keys to secure communication with the WLAN AP during a Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session via the WLAN AP, the controller configured to select to continue to use the shared keys, which are based on the first version of the key information, when a second version of the key information, which supersedes the first version of the key information, is received from the cellular network during the LWA session.
  • Example 60 includes the subject matter of Example 59, and optionally, wherein the
  • Example 61 includes the subject matter of Example 59 or 60, and optionally, wherein the controller component is configured to determine a new security key based on the second version of the key information, the controller component is configured to select to continue to use the shared keys, which are based on the first version of the key information, until receipt of a first message of a four-way handshake with the WLAN AP based on the new security key, the controller component is configured to cause the UE to suspend communication of traffic of the LWA session upon receipt of the first message, and to resume communication of the traffic of the LWA session upon completion of the four-way handshake with the WLAN AP based on the new security key.
  • Example 62 includes the subject matter of any one of Examples 59-61, and optionally, wherein the second version of the key information is from the eNB.
  • Example 63 includes the subject matter of any one of Examples 59-61, and optionally, wherein the second version of the key information is from another eNB, subsequent to session handover to the another eNB.
  • Example 64 includes the subject matter of any one of Examples 59-63, and optionally, wherein the controller component is to determine the shared keys according to a four-way handshake with the WLAN AP.
  • Example 65 includes a method to be performed at a User Equipment (UE), the method comprising determining a security key based on a first version of key information from an evolved Node B (eNB) of a cellular network; based on the security key, determining one or more shared keys to secure communication with a Wireless Local Area Network (WLAN) Access Point (AP) during a Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session via the WLAN AP; and when a second version of the key information, which supersedes the first version of the key information, is received from the cellular network during the LWA session, selecting to continue to use the shared keys, which are based on the first version of the key information.
  • UE User Equipment
  • Example 66 includes the subject matter of Example 65, and optionally, comprising selecting to continue to use the shared keys, which are based on the first version of the key information, at least as long as the LWA session is active.
  • Example 67 includes the subject matter of Example 65 or 66, and optionally, comprising determining a new security key based on the second version of the key information, selecting to continue to use the shared keys, which are based on the first version of the key information, until receipt of a first message of a four-way handshake with the WLAN AP based on the new security key, suspending communication of traffic of the LWA session upon receipt of the first message, and resuming communication of the traffic of the LWA session upon completion of the four-way handshake with the WLAN AP based on the new security key.
  • Example 68 includes the subject matter of any one of Examples 65-67, and optionally, wherein the second version of the key information is from the eNB.
  • Example 69 includes the subject matter of any one of Examples 65-67, and optionally, wherein the second version of the key information is from another eNB, subsequent to session handover to the another eNB.
  • Example 70 includes the subject matter of any one of Examples 65-69, and optionally, comprising determining the shared keys according to a four- way handshake with the WLAN AP.
  • Example 71 includes a product comprising one or more tangible computer-readable non-transitory storage media comprising computer-executable instructions operable to, when executed by at least one computer processor, enable the at least one computer processor to implement operations at a User Equipment (UE), the operations comprising determining a security key based on a first version of key information from an evolved Node B (eNB) of a cellular network; based on the security key, determining one or more shared keys to secure communication with a Wireless Local Area Network (WLAN) Access Point (AP) during a Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session via the WLAN AP; and when a second version of the key information, which supersedes the first version of the key information, is received from the cellular network during the LWA session, selecting to continue to use the shared keys, which are based on the first version of the key information.
  • UE User Equipment
  • Example 72 includes the subject matter of Example 71, and optionally, wherein the operations comprise selecting to continue to use the shared keys, which are based on the first version of the key information, at least as long as the LWA session is active.
  • Example 73 includes the subject matter of Example 71 or 72, and optionally, wherein the operations comprise determining a new security key based on the second version of the key information, selecting to continue to use the shared keys, which are based on the first version of the key information, until receipt of a first message of a four-way handshake with the WLAN AP based on the new security key, suspending communication of traffic of the LWA session upon receipt of the first message, and resuming communication of the traffic of the LWA session upon completion of the four-way handshake with the WLAN AP based on the new security key.
  • Example 74 includes the subject matter of any one of Examples 71-73, and optionally, wherein the second version of the key information is from the eNB.
  • Example 75 includes the subject matter of any one of Examples 71-73, and optionally, wherein the second version of the key information is from another eNB, subsequent to session handover to the another eNB.
  • Example 76 includes the subject matter of any one of Examples 71-75 wherein the operations comprise determining the shared keys according to a four-way handshake with the WLAN AP.
  • Example 77 includes an apparatus of cellular communication by a User Equipment (UE), the apparatus comprising means for determining a security key based on a first version of key information from an evolved Node B (eNB) of a cellular network; means for, based on the security key, determining one or more shared keys to secure communication with a Wireless Local Area Network (WLAN) Access Point (AP) during a Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session via the WLAN AP; and means for, when a second version of the key information, which supersedes the first version of the key information, is received from the cellular network during the LWA session, selecting to continue to use the shared keys, which are based on the first version of the key information.
  • UE User Equipment
  • Example 78 includes the subject matter of Example 77, and optionally, comprising means for selecting to continue to use the shared keys, which are based on the first version of the key information, at least as long as the LWA session is active.
  • Example 79 includes the subject matter of Example 77 or 78, and optionally, comprising means for determining a new security key based on the second version of the key information, selecting to continue to use the shared keys, which are based on the first version of the key information, until receipt of a first message of a four-way handshake with the WLAN AP based on the new security key, suspending communication of traffic of the LWA session upon receipt of the first message, and resuming communication of the traffic of the LWA session upon completion of the four-way handshake with the WLAN AP based on the new security key.
  • Example 80 includes the subject matter of any one of Examples 77-79, and optionally, wherein the second version of the key information is from the eNB.
  • Example 81 includes the subject matter of any one of Examples 77-79, and optionally, wherein the second version of the key information is from another eNB, subsequent to session handover to the another eNB.
  • Example 82 includes the subject matter of any one of Examples 77-81, and optionally, comprising means for determining the shared keys according to a four-way handshake with the WLAN AP.
  • Example 83 includes an apparatus of a Wireless Local Area Network (WLAN) Access Point (AP), the apparatus comprising a radio to communicate with a User Equipment (UE); and a controller component configured to determine, based on a first version of a security key from an evolved node B (eNB), one or more shared keys to secure communication during a Long-Term- Evolution (LTE) WLAN Aggregation (LWA) session of the UE via the WLAN AP, the controller component configured to select to continue to use the shared keys, which are based on the first version of the security key, when a second version of the security key, which supersedes the first version of the security key, is received during the LWA session.
  • Example 84 includes the subject matter of Example 83, and optionally, wherein the controller component is configured to select to continue to use the shared keys, which are based on the first version of the security key, at least as long as the LWA session is active.
  • Example 85 includes the subject matter of Example 83 or 84, and optionally, wherein the controller component is configured to initiate a four-way handshake with the UE based on the second version of the security key, the controller component is configured to cause the WLAN AP to transmit a first message of the four-way handshake to the UE, to suspend transmission of traffic of the LWA session to the UE and to continue processing of traffic of the LWA session from the UE based on the shared keys, the controller component is configured to cause the WLAN AP to suspend processing of traffic of the LWA session from the UE upon receipt of a second message of the four-way handshake from the UE, and to resume communication of the traffic of the LWA session upon completion of the four-way handshake with the UE based on the second version of the security key.
  • Example 86 includes the subject matter of any one of Examples 83-85, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an eNB key and a WLAN Termination
  • PMK Pairwise Master
  • Example 87 includes the subject matter of any one of Examples 83-86, and optionally, comprising one or more antennas, a memory and a processor.
  • Example 88 includes an apparatus comprising circuitry and logic configured to trigger a Wireless Local Area Network (WLAN) Access Point (AP) to determine, based on a first version of a security key from an evolved Node B (eNB), one or more shared keys to secure communication during a Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session of a User Equipment (UE) via the WLAN AP; and select to continue to use the shared keys, which are based on the first version of the security key, when a second version of the security key, which supersedes the first version of the security key, is received during the LWA session.
  • WLAN Wireless Local Area Network
  • AP Wireless Local Area Network
  • eNB evolved Node B
  • LTE Long-Term-Evolution
  • LWA WLAN Aggregation
  • UE User Equipment
  • Example 89 includes the subject matter of Example 88, and optionally, wherein the apparatus is configured to cause the WLAN AP to select to continue to use the shared keys, which are based on the first version of the security key, at least as long as the LWA session is active.
  • Example 90 includes the subject matter of Example 88 or 89, and optionally, wherein the apparatus is configured to cause the WLAN AP to initiate a four-way handshake with the UE based on the second version of the security key, to transmit a first message of the four-way handshake to the UE, to suspend transmission of traffic of the LWA session to the UE and to continue processing of traffic of the LWA session from the UE based on the shared keys, to suspend processing of traffic of the LWA session from the UE upon receipt of a second message of the four-way handshake from the UE, and to resume communication of the traffic of the LWA session upon completion of the four-way handshake with the UE based on the second version of the security key.
  • Example 91 includes the subject matter of any one of Examples 88-90, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an eNB key and a WLAN Termination (WT) counter.
  • Example 92 includes the subject matter of any one of Examples 88-91, and optionally, comprising one or more antennas, a memory and a processor.
  • Example 93 includes a system of wireless communication comprising a Wireless Local Area Network (WLAN) Access Point (AP), the WLAN AP comprising one or more antennas; a memory; a processor; a radio to communicate with a User Equipment (UE); and a controller component configured to determine, based on a first version of a security key from an evolved node B (eNB), one or more shared keys to secure communication during a Long- Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE via the WLAN AP, the controller component configured to select to continue to use the shared keys, which are based on the first version of the security key, when a second version of the security key, which supersedes the first version of the security key, is received during the LWA session.
  • Example 94 includes the subject matter of Example 93, and optionally, wherein the controller component is configured to select to continue to use the shared keys, which are based on the first version of the security key, at least as long as the LWA session
  • Example 95 includes the subject matter of Example 93 or 94, and optionally, wherein the controller component is configured to initiate a four-way handshake with the UE based on the second version of the security key, the controller component is configured to cause the WLAN AP to transmit a first message of the four-way handshake to the UE, to suspend transmission of traffic of the LWA session to the UE and to continue processing of traffic of the LWA session from the UE based on the shared keys, the controller component is configured to cause the WLAN AP to suspend processing of traffic of the LWA session from the UE upon receipt of a second message of the four-way handshake from the UE, and to resume communication of the traffic of the LWA session upon completion of the four-way handshake with the UE based on the second version of the security key.
  • Example 96 includes the subject matter of any one of Examples 93-95, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an evolved Node B (eNB) key and a WLAN Termination (WT) counter.
  • PMK Pairwise Master Key
  • eNB evolved Node B
  • WT WLAN Termination
  • Example 97 includes a method to be performed at a Wireless Local Area Network (WLAN) Access Point (AP), the method comprising determining, based on a first version of a security key from an evolved Node B (eNB), one or more shared keys to secure communication during a Long-Term- Evolution (LTE) WLAN Aggregation (LWA) session of a User Equipment (UE) via the WLAN AP; and selecting to continue to use the shared keys, which are based on the first version of the security key, when a second version of the security key, which supersedes the first version of the security key, is received during the LWA session.
  • eNB evolved Node B
  • LTE Long-Term- Evolution
  • LWA Long-Term- Evolution
  • UE User Equipment
  • Example 98 includes the subject matter of Example 97, and optionally, comprising selecting to continue to use the shared keys, which are based on the first version of the security key, at least as long as the LWA session is active.
  • Example 99 includes the subject matter of Example 97 or 98, and optionally, comprising initiating a four-way handshake with the UE based on the second version of the security key, transmitting a first message of the four-way handshake to the UE, suspending transmission of traffic of the LWA session to the UE and continuing processing of traffic of the LWA session from the UE based on the shared keys, suspending processing of traffic of the LWA session from the UE upon receipt of a second message of the four-way handshake from the UE, and resuming communication of the traffic of the LWA session upon completion of the four-way handshake with the UE based on the second version of the security key.
  • Example 100 includes the subject matter of any one of Examples 97-99, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an eNB key and a WLAN Termination (WT) counter.
  • PMK Pairwise Master Key
  • WT WLAN Termination
  • Example 101 includes a product comprising one or more tangible computer-readable non-transitory storage media comprising computer-executable instructions operable to, when executed by at least one computer processor, enable the at least one computer processor to implement operations at a Wireless Local Area Network (WLAN) Access Point (AP), the operations comprising determining, based on a first version of a security key from an evolved Node B (eNB), one or more shared keys to secure communication during a Long-Term- Evolution (LTE) WLAN Aggregation (LWA) session of a User Equipment (UE) via the WLAN AP; and selecting to continue to use the shared keys, which are based on the first version of the security key, when a second version of the security key, which supersedes the first version of the security key, is received during the LWA session.
  • WLAN Wireless Local Area Network
  • AP Wireless Local Area Network
  • eNB evolved Node B
  • LTE Long-Term- Evolution
  • LWA Long-Term- Evolution
  • UE User Equipment
  • Example 102 includes the subject matter of Example 101, and optionally, wherein the operations comprise selecting to continue to use the shared keys, which are based on the first version of the security key, at least as long as the LWA session is active.
  • Example 103 includes the subject matter of Example 101 or 102, and optionally, wherein the operations comprise initiating a four-way handshake with the UE based on the second version of the security key, transmitting a first message of the four-way handshake to the UE, suspending transmission of traffic of the LWA session to the UE and continuing processing of traffic of the LWA session from the UE based on the shared keys, suspending processing of traffic of the LWA session from the UE upon receipt of a second message of the four-way handshake from the UE, and resuming communication of the traffic of the LWA session upon completion of the four-way handshake with the UE based on the second version of the security key.
  • Example 104 includes the subject matter of any one of Examples 101-103, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an evolved Node B (eNB) key and a WLAN Termination (WT) counter.
  • PMK Pairwise Master Key
  • eNB evolved Node B
  • WT WLAN Termination
  • Example 105 includes an apparatus of communication by a Wireless Local Area Network (WLAN) Access Point (AP), the apparatus comprising means for determining, based on a first version of a security key from an evolved Node B (eNB), one or more shared keys to secure communication during a Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session of a User Equipment (UE) via the WLAN AP; and means for selecting to continue to use the shared keys, which are based on the first version of the security key, when a second version of the security key, which supersedes the first version of the security key, is received during the LWA session.
  • eNB evolved Node B
  • LTE Long-Term-Evolution
  • LWA WLAN Aggregation
  • UE User Equipment
  • Example 106 includes the subject matter of Example 105, and optionally, comprising means for selecting to continue to use the shared keys, which are based on the first version of the security key, at least as long as the LWA session is active.
  • Example 107 includes the subject matter of Example 105 or 106, and optionally, comprising means for initiating a four-way handshake with the UE based on the second version of the security key, means for transmitting a first message of the four- way handshake to the UE, means for suspending transmission of traffic of the LWA session to the UE and continuing processing of traffic of the LWA session from the UE based on the shared keys, means for suspending processing of traffic of the LWA session from the UE upon receipt of a second message of the four-way handshake from the UE, and means for resuming communication of the traffic of the LWA session upon completion of the four- way handshake with the UE based on the second version of the security key.
  • Example 108 includes the subject matter of any one of Examples 105-107, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an evolved Node B (eNB) key and a WLAN Termination (WT) counter.
  • PMK Pairwise Master Key
  • eNB evolved Node B
  • WT WLAN Termination
  • Example 109 includes an apparatus of a Wireless Local Area Network (WLAN) Termination (WT) node, the apparatus comprising a first interface to communicate with a WLAN Access Point (AP); a second interface to receive from an evolved node B (eNB) a security key corresponding to a User Equipment (UE); and a controller component configured to control selective transfer of the security key to the WLAN AP, the controller component configured to select to defer transferring of the security key to the WLAN AP, when an active Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP.
  • LTE Long-Term-Evolution
  • LWA Long-Term-Evolution
  • Example 110 includes the subject matter of Example 109, and optionally, wherein the controller component is to defer transferring the security key to the WLAN P at least as long as the LWA session is active.
  • Example 111 includes the subject matter of Example 109 or 110, and optionally, wherein the controller component is configured to, prior to establishment of the LWA session, cause the WT node to transfer a first version of the security key to the WLAN AP, the controller component is configured to defer transferring a second version of the security key to the WLAN AP, at least as long as the LWA session is active, the second version of the security key supersedes the first version of the security key.
  • Example 112 includes the subject matter of any one of Examples 109-111, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
  • PMK Pairwise Master Key
  • Example 113 includes the subject matter of any one of Examples 109-112, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.
  • Example 114 includes the subject matter of any one of Examples 109-113, and optionally, comprising one or more antennas, a memory and a processor.
  • Example 115 includes an apparatus comprising circuitry and logic configured to trigger a Wireless Local Area Network (WLAN) Termination (WT) node to receive from an evolved node B (eNB) a security key corresponding to a User Equipment (UE); and select to defer transferring of the security key to a WLAN Access Point (AP), when an active Long- Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP.
  • WLAN Wireless Local Area Network
  • eNB evolved node B
  • UE User Equipment
  • AP WLAN Access Point
  • LTE Long- Term-Evolution
  • LWA Long- Term-Evolution
  • Example 116 includes the subject matter of Example 115, and optionally, wherein the apparatus is configured to cause the WT node to defer transferring the security key to the WLAN P at least as long as the LWA session is active.
  • Example 117 includes the subject matter of Example 115 or 116, and optionally, wherein the apparatus is configured to cause the WT node to, prior to establishment of the LWA session, transfer a first version of the security key to the WLAN AP, and defer transferring a second version of the security key to the WLAN AP, at least as long as the LWA session is active, the second version of the security key supersedes the first version of the security key.
  • Example 118 includes the subject matter of any one of Examples 115-117, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
  • PMK Pairwise Master Key
  • Example 119 includes the subject matter of any one of Examples 115-118, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.
  • Example 120 includes the subject matter of any one of Examples 115-119, and optionally, comprising one or more antennas, a memory and a processor.
  • Example 121 includes a system of wireless communication comprising a Wireless Local Area Network (WLAN) Termination (WT) node, the WT node comprising one or more antennas; a memory; a processor; a first interface to communicate with a WLAN Access Point (AP); a second interface to receive from an evolved node B (eNB) a security key corresponding to a User Equipment (UE); and a controller component configured to control selective transfer of the security key to the WLAN AP, the controller component configured to select to defer transferring of the security key to the WLAN AP, when an active Long- Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP.
  • WLAN Wireless Local Area Network
  • WT Wireless Local Area Network
  • AP WLAN Access Point
  • UE User Equipment
  • controller component configured to control selective transfer of the security key to the WLAN AP, the controller component configured to select to defer transferring of the security key to the WLAN AP, when an active Long- Term-Evolution (LTE
  • Example 122 includes the subject matter of Example 121, and optionally, wherein the controller component is to defer transferring the security key to the WLAN P at least as long as the LWA session is active.
  • Example 123 includes the subject matter of Example 121 or 122, and optionally, wherein the controller component is configured to, prior to establishment of the LWA session, cause the WT node to transfer a first version of the security key to the WLAN AP, the controller component is configured to defer transferring a second version of the security key to the WLAN AP, at least as long as the LWA session is active, the second version of the security key supersedes the first version of the security key.
  • Example 124 includes the subject matter of any one of Examples 121-123, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
  • PMK Pairwise Master Key
  • Example 125 includes the subject matter of any one of Examples 121-124, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.
  • Example 126 includes a method to be performed at a Wireless Local Area Network (WLAN) Termination (WT) node, the method comprising receiving from an evolved node B (eNB) a security key corresponding to a User Equipment (UE); and selecting to defer transferring of the security key to a WLAN Access Point (AP), when an active Long-Term- Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP.
  • eNB evolved node B
  • UE User Equipment
  • AP WLAN Access Point
  • LTE Long-Term- Evolution
  • LWA Long-Term- Evolution
  • Example 127 includes the subject matter of Example 126, and optionally, comprising deferring transferring the security key to the WLAN P at least as long as the LWA session is active.
  • Example 128 includes the subject matter of Example 126 or 127, and optionally, comprising, prior to establishment of the LWA session, transferring a first version of the security key to the WLAN AP, and deferring transferring a second version of the security key to the WLAN AP, at least as long as the LWA session is active, the second version of the security key supersedes the first version of the security key.
  • Example 129 includes the subject matter of any one of Examples 126-128, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
  • PMK Pairwise Master Key
  • Example 130 includes the subject matter of any one of Examples 126-129, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.
  • Example 131 includes a product comprising one or more tangible computer-readable non-transitory storage media comprising computer-executable instructions operable to, when executed by at least one computer processor, enable the at least one computer processor to implement operations at a Wireless Local Area Network (WLAN) Termination (WT) node, the operations comprising receiving from an evolved node B (eNB) a security key corresponding to a User Equipment (UE); and selecting to defer transferring of the security key to a WLAN Access Point (AP), when an active Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP.
  • WLAN Wireless Local Area Network
  • UE User Equipment
  • Example 132 includes the subject matter of Example 131, and optionally, wherein the operations comprise deferring transferring the security key to the WLAN P at least as long as the LWA session is active.
  • Example 133 includes the subject matter of Example 131 or 132, and optionally, wherein the operations comprise, prior to establishment of the LWA session, transferring a first version of the security key to the WLAN AP, and deferring transferring a second version of the security key to the WLAN AP, at least as long as the LWA session is active, the second version of the security key supersedes the first version of the security key.
  • Example 134 includes the subject matter of any one of Examples 131-133, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
  • PMK Pairwise Master Key
  • Example 135 includes the subject matter of any one of Examples 131-134, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.
  • Example 136 includes an apparatus of wireless communication by a Wireless Local Area Network (WLAN) Termination (WT) node, the apparatus comprising means for receiving from an evolved node B (eNB) a security key corresponding to a User Equipment (UE); and means for selecting to defer transferring of the security key to a WLAN Access Point (AP), when an active Long-Term-Evolution (LTE) WLAN Aggregation (LWA) session of the UE is ongoing via the WLAN AP.
  • eNB evolved node B
  • UE User Equipment
  • AP WLAN Access Point
  • LTE Long-Term-Evolution
  • LWA Long-Term-Evolution
  • Example 137 includes the subject matter of Example 136, and optionally, comprising means for deferring transferring the security key to the WLAN P at least as long as the LWA session is active.
  • Example 138 includes the subject matter of Example 136 or 137, and optionally, comprising means for, prior to establishment of the LWA session, transferring a first version of the security key to the WLAN AP, and deferring transferring a second version of the security key to the WLAN AP, at least as long as the LWA session is active, the second version of the security key supersedes the first version of the security key.
  • Example 139 includes the subject matter of any one of Examples 136-138, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
  • PMK Pairwise Master Key
  • Example 140 includes the subject matter of any one of Examples 136-139, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.

Abstract

Certains exemples de modes de réalisation concernent des dispositifs, des systèmes et/ou des procédés de mise à jour sélective d'informations sur des clés d'une connexion sécurisée à un réseau local sans fil (WLAN) entre un équipement utilisateur (UE) et un point d'accès (AP) au WLAN. Par exemple, un nœud B évolué (eNB) peut être conçu pour contrôler un transfert sélectif d'informations sur une première clé de l'eNB à un UE et d'informations sur une seconde clé de l'eNB à un AP au WLAN et pour choisir de différer le transfert des informations sur la première clé à l'UE et des informations sur la seconde clé à l'AP au WLAN lorsqu'une session active d'agrégation d'une évolution à long terme (LTE) et d'un WLAN (LWA) de l'UE est en cours par l'intermédiaire de l'AP au WLAN.
PCT/US2016/040318 2016-03-31 2016-06-30 Appareil, système et procédé de mise à jour sélective d'informations sur des clés d'une connexion sécurisée à un wlan entre un ue et un ap au wlan WO2017171900A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201680084039.3A CN108886686B (zh) 2016-03-31 2016-06-30 选择性更新ue与wlan ap之间的安全wlan连接的密钥信息的装置、系统和方法

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201662316335P 2016-03-31 2016-03-31
US62/316,335 2016-03-31
US201662327650P 2016-04-26 2016-04-26
US62/327,650 2016-04-26

Publications (1)

Publication Number Publication Date
WO2017171900A1 true WO2017171900A1 (fr) 2017-10-05

Family

ID=56561436

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2016/040318 WO2017171900A1 (fr) 2016-03-31 2016-06-30 Appareil, système et procédé de mise à jour sélective d'informations sur des clés d'une connexion sécurisée à un wlan entre un ue et un ap au wlan

Country Status (2)

Country Link
CN (1) CN108886686B (fr)
WO (1) WO2017171900A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10211907B1 (en) 2016-05-26 2019-02-19 Sprint Spectrum L.P. Coordinated multipoint mode selection for relay base station
US10237759B1 (en) * 2017-03-29 2019-03-19 Sprint Spectrum L.P. Coordinated multipoint set selection based on donor status
US10313933B2 (en) * 2016-04-01 2019-06-04 Lg Electronics Inc. Method and apparatus for enhancing mobility for 3GPP LTE-WLAN aggregation in wireless communication system
US11121871B2 (en) 2018-10-22 2021-09-14 International Business Machines Corporation Secured key exchange for wireless local area network (WLAN) zero configuration

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015148434A1 (fr) * 2014-03-24 2015-10-01 Intel IP Corporation Appareil, système et procédé pour sécuriser des communications d'un équipement d'utilisateur (ue) dans un réseau local sans fil
WO2016036296A1 (fr) * 2014-09-05 2016-03-10 Telefonaktiebolaget L M Ericsson (Publ) Interfonctionnement et intégration de différents réseaux d'accès radio

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6999759B2 (en) * 2003-03-14 2006-02-14 Motorola, Inc. Method and apparatus for providing deferrable data services in a cellular communication system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015148434A1 (fr) * 2014-03-24 2015-10-01 Intel IP Corporation Appareil, système et procédé pour sécuriser des communications d'un équipement d'utilisateur (ue) dans un réseau local sans fil
WO2016036296A1 (fr) * 2014-09-05 2016-03-10 Telefonaktiebolaget L M Ericsson (Publ) Interfonctionnement et intégration de différents réseaux d'accès radio

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
"Draft Standard for Information Technology - Telecommunications and Information Exchange Between Systems - Local and Metropolitan Area Networks - Specific Requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications", IEEEP802.11REVMCTM_D3.0, June 2014 (2014-06-01)
"ETSI TS 136 331; V12.3.0", 3GPP TS 36.331, September 2014 (2014-09-01)
"IEEE Standard for Information technology-Telecommunications and information exchange between systems Local and metropolitan area networks --Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications", IEEE 802.11-2012, 29 March 2012 (2012-03-29)
"Inc WiGig MAC and PHY Specification Version 1.1,", WIRELESS GIGABIT ALLIANCE, April 2011 (2011-04-01)
"Technical Specification; 3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Evolved Universal Terrestrial Radio Access Network (E-UTRAN) and Wireless LAN (WLAN); Xw application protocol (XwAP) (Release 13)", 3GPP TS 36.463 V0.2.0, October 2015 (2015-10-01)
"TS 36.300 Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Universal Terrestrial Radio Access Network (E-UTRAN); Overall description; Stage 2, version 11.7.0 Release 11", 3GPP TS 36.300, September 2013 (2013-09-01)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10313933B2 (en) * 2016-04-01 2019-06-04 Lg Electronics Inc. Method and apparatus for enhancing mobility for 3GPP LTE-WLAN aggregation in wireless communication system
US10652785B2 (en) 2016-04-01 2020-05-12 Lg Electronics Inc. Method and apparatus for enhancing mobility for 3GPP LTE-WLAN aggregation in wireless communication system
US10211907B1 (en) 2016-05-26 2019-02-19 Sprint Spectrum L.P. Coordinated multipoint mode selection for relay base station
US10237759B1 (en) * 2017-03-29 2019-03-19 Sprint Spectrum L.P. Coordinated multipoint set selection based on donor status
US11121871B2 (en) 2018-10-22 2021-09-14 International Business Machines Corporation Secured key exchange for wireless local area network (WLAN) zero configuration

Also Published As

Publication number Publication date
CN108886686A (zh) 2018-11-23
CN108886686B (zh) 2022-05-24

Similar Documents

Publication Publication Date Title
WO2017078657A1 (fr) Appareil, systeme et procédé d'établissement à assistance cellulaire d'une connexion wlan sécurisée entre un ue et un ap de wlan
US10045255B2 (en) Apparatus, system and method of processing PDCP PDUs of an E-RAB
US10809999B2 (en) Secure firmware upgrade for cellular IoT
US10327143B2 (en) Apparatus, system and method of communicating between a cellular manager and a user equipment (UE) via a WLAN node
CN105850169B (zh) 无线局域网中用户设备(ue)的安全通信的装置、系统和方法
US20150109997A1 (en) Apparatus, system and method of interfacing between a cellular manager and a wlan access device
US10015203B2 (en) Apparatus, system and method of differentiating between an IMS connection and a non-IMS connection
EP3412057B1 (fr) Opération de protocole de convergence de données de paquet (pdcp) dans un mode transparent
AU2018202590A1 (en) Apparatus, system and method of securing communications of a user equipment (ue) in a wireless local area network
CN108886686B (zh) 选择性更新ue与wlan ap之间的安全wlan连接的密钥信息的装置、系统和方法
EP3198986B1 (fr) Appareil, procédé et produit de configuration de réseau local sans fil (wlan) d'un équipement d'utilisateur (ue)
WO2017172450A1 (fr) Optimisations de protocole de convergence de données par paquets pour une agrégation lte-wlan
WO2017171925A1 (fr) Maintien d'une connexion wifi pendant le transfert intercellulaire d'un équipement utilisateur dans un réseau d'évolution à long terme (lte)
WO2017026976A1 (fr) Appareil, système et procédé de mesure de synchronisation fine à assistance cellulaire
WO2016164066A1 (fr) Appareil, système et procédé de direction de trafic au niveau d'un équipement utilisateur (ue)
WO2017142580A1 (fr) Appareil, système et procédé de relais d'un équipement utilisateur (ue) par l'intermédiaire d'une technologie d'accès radio (rat) non cellulaire

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16745902

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 16745902

Country of ref document: EP

Kind code of ref document: A1