WO2018151546A1 - Method and device for improved security in wireless communication system - Google Patents

Method and device for improved security in wireless communication system Download PDF

Info

Publication number
WO2018151546A1
WO2018151546A1 PCT/KR2018/001963 KR2018001963W WO2018151546A1 WO 2018151546 A1 WO2018151546 A1 WO 2018151546A1 KR 2018001963 W KR2018001963 W KR 2018001963W WO 2018151546 A1 WO2018151546 A1 WO 2018151546A1
Authority
WO
WIPO (PCT)
Prior art keywords
base station
terminal
pdcp entity
security key
pdcp
Prior art date
Application number
PCT/KR2018/001963
Other languages
French (fr)
Korean (ko)
Inventor
류선희
안라연
정정수
정병훈
문정민
박승훈
황지원
Original Assignee
삼성전자 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 삼성전자 주식회사 filed Critical 삼성전자 주식회사
Publication of WO2018151546A1 publication Critical patent/WO2018151546A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/20Manipulation of established connections
    • H04W76/27Transitions between radio resource control [RRC] states
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/20Manipulation of established connections
    • H04W76/28Discontinuous transmission [DTX]; Discontinuous reception [DRX]

Definitions

  • the present invention relates to a method of operating a base station and a terminal for managing the RRC connection state for low power low latency.
  • a 5G communication system or a pre-5G communication system is called a system after a 4G network (Beyond 4G Network) or a system after an LTE system (Post LTE).
  • 5G communication systems are being considered for implementation in the ultra-high frequency (mmWave) band (eg, such as the 60 Gigabit (60 GHz) band).
  • FD-MIMO massive array multiple input / output
  • FD-MIMO massive array multiple input / output
  • FD-MIMO massive array multiple input / output
  • FD-MIMO massive array multiple input / output
  • FD-MIMO massive array multiple input / output
  • Array antenna, analog beam-forming, and large scale antenna techniques are discussed.
  • 5G communication systems have advanced small cells, advanced small cells, cloud radio access network (cloud RAN), ultra-dense network (ultra-dense network) , Device to Device communication (D2D), wireless backhaul, moving network, cooperative communication, Coordinated Multi-Points (CoMP), and interference cancellation
  • cloud RAN cloud radio access network
  • D2D Device to Device communication
  • D2D Device to Device communication
  • CoMP Coordinated Multi-Points
  • Hybrid FSK and QAM Modulation FQAM and QAM Modulation
  • SWSC Slide Window Superposition Coding
  • ACM Advanced Coding Modulation
  • FBMC Fan Bank Multi Carrier
  • NOMA NOMA
  • SAP non-orthogonal multiple access
  • SCMA sparse code multiple access
  • IoT Internet of Things
  • IoE Internet of Everything
  • M2M machine to machine
  • MTC Machine Type Communication
  • IT intelligent Internet technology services can be provided that collect and analyze data generated from connected objects to create new value in human life.
  • IoT is a field of smart home, smart building, smart city, smart car or connected car, smart grid, health care, smart home appliances, advanced medical services, etc. through convergence and complex of existing information technology (IT) technology and various industries. It can be applied to.
  • the design of the RRC state for the wireless communication terminal to transmit and receive data was overly conservative due to the design philosophy of the previous generation focused on voice calls. For example, even after no traffic arrives for a certain period of time after receiving traffic, power consumption is severely maintained due to the RRC connected state (Connected discontinuous reception, Connected DRX, C-DRX). In addition, in case of a smart phone user, keep alive messages are frequently generated as data, irrespective of the user's quality of service (QoS). When the RRC connection is designed based on the voice call service, the terminal power consumption may be worsened. .
  • An embodiment of the present invention provides a method for setting a security key for data transmission when a base station in which a terminal is located is changed in consideration of mobility of the terminal in a situation in which data transmission is performed without an RRC state transition in an RRC INACTIVE state. .
  • an embodiment of the present invention provides a method for determining and applying a security key according to whether a packet data convergence protocol (PDCP) entity is changed.
  • PDCP packet data convergence protocol
  • An embodiment of the present invention for solving the above problems is a radio resource including a packet data convergence protocol (PDCP) entity related information and a deactivation counter information from a first base station in a method of operating a terminal in a wireless communication system; control) receiving a connection stop message, storing the first security key and the deactivation counter information currently being used by the terminal, moving the terminal to a second base station, and checking uplink data to be transmitted by the terminal. And generating a second security key based on the PDCP entity related information and the deactivation counter information and transmitting the uplink data encrypted with the second security key to the second base station.
  • PDCP packet data convergence protocol
  • a radio resource control (RRC) connection stop including a packet data convergence protocol (PDCP) entity-related information and a deactivation counter information from a transceiver for transmitting and receiving a signal and a first base station Receive a message, and stores the first security key and the deactivation counter information currently being used by the terminal, the terminal moves to the second base station, confirms the uplink data to be transmitted by the terminal, the PDCP entity related information and And a control unit generating a second security key based on the deactivation counter information and controlling to transmit the uplink data encrypted with the second security key to the second base station.
  • RRC radio resource control
  • the communication system of the terminal and the base station transitions to the RRC Connected_Active (RRC_CONNECTED) state when transmitting data directly in an Inactive (RRC_INACTIVE) state while selecting an RRC state for data transmission and performing a procedure therefor. Since the transition is not performed, the standby time (C-DRX, Radio tail) in the Active (RRC_CONNECTED) state is kept to a minimum, so the power consumption saving effect of the terminal is expected.
  • RRC_INACTIVE Inactive
  • RRC_CONNECTED Connected_Active
  • FIG. 1 is a diagram schematically illustrating a structure of a (5G, NR) communication system according to an embodiment of the present invention.
  • FIG. 2 is a diagram illustrating an example of operations of three RRC states, Connected_Active (RRC_CONNECTED), Connected_Inactive, and Idle, which are to be applied in a (5G, NR) communication system according to an exemplary embodiment of the present invention.
  • FIG. 3 is a diagram illustrating an exemplary state of a terminal, a base station, and a core-network (MME) in an inactive (RRC_INACTIVE) state in a communication system according to an embodiment of the present invention.
  • MME core-network
  • FIG. 4 is a diagram illustrating an example of a UE operating in an RRC Inactive state according to an embodiment of the present invention a) within a cell, b) within the same PDCP, within an entity, and c) another PDCP entity.
  • FIG. 5 is a diagram illustrating a generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
  • FIG. 6 illustrates an RRC field for transmitting an Enable PDCP_entity info and an INACTIVE counter when transmitting an RRC Connection suspend in a communication system according to an embodiment of the present invention.
  • FIG. 7 illustrates a generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
  • FIG. 8 is a diagram illustrating an example of notation of corresponding information when the communication system transmits PDCP entity information in a communication system according to an embodiment of the present invention.
  • FIG. 9 is a diagram illustrating a generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
  • FIG. 10 illustrates generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state in a communication system according to an embodiment of the present invention.
  • FIG. 11 is a diagram illustrating a security key generation and application for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
  • FIG. 12 is a view showing the structure of another terminal according to an embodiment of the present invention.
  • FIG. 13 is a diagram showing the structure of another base station according to an embodiment of the present invention.
  • FIG. 14 is a diagram showing the structure of a core network node according to an embodiment of the present invention.
  • An embodiment of the present invention relates to an operation method of a base station and a terminal which are discussed in 3GPP RAN 5G.
  • the standard defines energy-efficient operation with the main goal of improving the power efficiency [bit / J] of the terminal and base station networks more than 1000 times within the next 10 years.
  • a control for reducing the active (RRC_CONNECTED) operation time of the UE has been started to solve the possibility of additional power consumption due to the beamforming transmission method required for mmW operation of the high frequency band.
  • the technique proposed in the embodiment of the present invention is a technique for controlling and maintaining an RRC connection based on three RRC states, Connected_Active (RRC_CONNECTED), Connected_Inactive, and Idle, which are to be applied in a mobile communication system (5G or NR).
  • RRC_CONNECTED Connected_Active
  • Connected_Inactive Connected_Inactive
  • Idle which are to be applied in a mobile communication system
  • the spectral efficiency improvement and the channel access method are improved for the RRC state (Inactive and (or) Active (RRC_CONNECTED)) determination method for data transmission and efficient transmission in the RRC inactive state when transmitting traffic of the UE. It covers how to support the feature.
  • the RRC state (Inactive and (or) Active (RRC_CONNECTED)) determination method for transmitting data and the spectral efficiency improvement and channel access method improvement for efficiently transmitting the traffic of the UE in the RRC Inactive state are improved. Deal with.
  • the embodiment of the present invention deals with the improvement of the security method according to the change of the PDCP entity.
  • FIG. 1 is a diagram schematically illustrating a structure of a 5G NR communication system according to an embodiment of the present invention.
  • a base station (gNB or base station, 110, 115, 120, and 125) is connected to a terminal (UE or terminal, 105) through a wireless channel, and performs a more complicated role than that of a conventional (UMTS) NodeB and an eNodeB base station of LTE. .
  • the S-GW 130 is a device for providing a data bearer, and generates or removes a data bearer under the control of the MME 140.
  • the MME 140 is a device that is responsible for various control functions as well as mobility management function for the terminal 105 is connected to a plurality of base stations.
  • FIG. 2 is a diagram illustrating three RRC states, Connected_Active (RRC_CONNECTED) 205, Connected_Inactive 210, and Idle 215, which are applied in a 5G NR communication system according to an exemplary embodiment of the present invention.
  • the connected Active (RRC_CONNECTED) state 205 may be referred to as an RRC connected mode, and is a wireless connection state in which a terminal can transmit and receive data.
  • the idle state 215 may be referred to as a standby mode or an RRC standby mode, and is a wireless access state in which the terminal monitors whether paging is transmitted to the terminal.
  • the two modes are in a wireless access state that is also applied to the LTE system, and the detailed technology is the same as that of the existing LTE system.
  • the Connected_inactive state 210 is newly defined and may be named as the RRC_INACTIVE state. In the RRC inactive state, the UE context is maintained in the base station and the terminal, RAN-based paging is supported.
  • the UE may transition to the connected mode or the standby mode by using a specific procedure.
  • the mode is changed from the inactive (RRC_INACTIVE) mode to the connected mode, and the mode is changed from the connected mode to the inactive (RRC_INACTIVE) mode using the connection inactivation procedure.
  • the connection activation / inactivation procedure is one or more RRC messages transmitted and received between the terminal and the base station, characterized in that composed of one or more steps. You can also switch from Inactive (RRC_INACTIVE) mode to Standby mode according to a specific procedure.
  • various methods such as specific message exchange or timer-based or event-based may be considered.
  • the transition between connected and standby mode follows existing LTE technology. That is, switching between the modes is performed through a connection establishment or release procedure.
  • the 3GPP NR operates three RRC states by adding an Inactive (RRC_INACTIVE) state to two existing RRC states, and the UE operates as one RRC state at a time.
  • RRC_INACTIVE Inactive
  • FIG. 3 is a diagram illustrating an example of states of a terminal, a base station, and an MME in an inactive state in an NR communication system according to an exemplary embodiment of the present invention.
  • Inactive is a new RRC state
  • the air interface of the terminal 305 and the base station 310 is not connected, but the core network of the base station 310 and the MME 315 maintains the connected state.
  • the terminal 305 releases the RRC Connected_Active (RRC_CONNECTED) state with the base station 310
  • the base station 310 and the MME 315 are in the ECM Connected state
  • the context of the terminal 305 is the base station 310 and the MME ( Assume that 315 is storing.
  • the Anchor eNB stores the UE context including the resume ID for UE confirmation.
  • the mobile station transmits a corresponding ID to check the identity of the mobile station.
  • the new base station retrieves the UE context based on the terminal ID and then performs an access procedure.
  • the transmission operation of cellular-internet of things (C-IoT) and narrow band-internet of things (NB-IoT) in the standard 3GPP Release 13 transmits (RRC resume) data after transitioning to the RRC connected state. There is no need to set up a separate data radio bearer (DRB).
  • RRC_INACTIVE the MAC design related to the Inactive (RRC_INACTIVE) state is needed as an enhancement to the limitations of the control plane (CP) / user plane (UP) -solution agreed to the NB-IoT.
  • CP-solution it is necessary to solve SRB-based MME-gNB load increase problem, delay resolution, and QoS discrimination by transmitting initial small data based on NAS security (SRB, signaling radio bearer) in idle state.
  • SRB signaling radio bearer
  • UP-solution operates to minimize CN (core network) burden and delay due to RRC signaling through RRC connection resume / suspend procedure, but because of data transmission in connected state, there is a problem of standby power consumption such as C-DRX. .
  • RRC_INACTIVE Inactive
  • Idle-based NB-IoT operation aperiodic CQI (channel quality indicator), BSR (buffer status report) related information, new monitoring timer, etc.
  • RRC_INACTIVE RRC Inactive
  • PDCP entities may be the same or different in the same base station, and even if different cells, PDCP entities may be the same or different.
  • an embodiment of the present invention may consider the following operation according to the necessity of a new security key when the terminal moves to a different cell / PDCP entity.
  • the UE identifies / detects movement to different cell / PDCP entities
  • RRC signaling (RRC connection request, or RRC connection resume request) includes UE_ID and MAC-I.
  • the terminal derives a new security key based on INACTIVE_count, and in this case, the corresponding data + RRC signaling is ciphered based on the new key, integrity protected, and includes an operation of transmitting MAC-I and INACTIVE_count.
  • Another embodiment of the present invention includes transmitting data to a DRB when RRC signaling is not needed.
  • a new MAC CE (MAC header) format indicating RRC resume is required for data transmission. This includes the operation of transmitting corresponding information by defining a new MAC-CE format in addition to the existing MAC-CE as follows.
  • a new MAC-CE may be indicated by selecting one bit string from among reserved bits (01011-11001).
  • 01011 includes an example of operating as a MAC CE indicating UL data transmission transmitted during an Inactive (RRC_INACTIVE) state.
  • RRC_INACTIVE Inactive
  • the specific index number may be changed.
  • the corresponding information of UL data transmission in Inactive includes an operation of setting a window for continuously monitoring a physical downlink control channel (PDCCH) and waiting time for the terminal and the base station.
  • PDCCH physical downlink control channel
  • the method includes a method of referring to TA information or BSR information channel CQI information acquired from previous UL data in Inactive (RRC_INACTIVE).
  • MAC CE new MAC header format
  • DL ACK for UL data in Inactive RRC_INACTIVE
  • it includes an operation of increasing the low power efficiency of the UE by setting a window for continuously monitoring a short PDCCH.
  • a method of operating when the target base station is different from the anchor base station is as shown in the following embodiment.
  • the anchor base station transmits security key related information for generating a new security key to the target base station.
  • the anchor base station omits the operation of transmitting the security key related information for generating the new security key to the target base station.
  • the method includes using a security key (old) by lowering the NG changing counter (NCC) again.
  • Anchor Because it forwards the entire encrypted data to the base station, it consumes resources of backhaul (X2, Xn, etc.), and delay occurs because data is transmitted to Core-network (S-GW) via Anchor base station (PDCP entity).
  • S-GW Core-network
  • PDCP entity Anchor base station
  • UE_ID In order to support UE specific anchor, UE_ID must be deciphered at target base station. Therefore, security key to be applied to UE_ID is commonly used between anchor base station at target base station so that only the corresponding part can be deciphered at target.
  • the anchor base station can be fixed within a certain area (network-wise paging area or tracking area) set by the network, and forwarded to the fixed anchor base station as a whole.
  • a target base station for transmitting data in an Inactive (RRC_INACTIVE) state transmits data directly to a core network (S-GW) without data forwarding to an existing anchor base station.
  • target base station for transmitting data in Inactive (RRC_INACTIVE) state forwards all encrypted data to existing anchor base station through Core-network (S- How to send to GW)
  • Service requirements of the terminal service type, use case, ultra reliable low latency communication (URLLC), enhanced mobile broadband (eMBB), massive machine type communications (MMTC) or radio access network (RAN) slice information, network slice)
  • URLLC ultra reliable low latency communication
  • eMBB enhanced mobile broadband
  • MMTC massive machine type communications
  • RAN radio access network
  • NSSAI network slice selection assistance information
  • the NSSAI is network slice related information corresponding to the terminal and can be used as additional information in the DRB configuration by transmitting the corresponding information to the base station.
  • One embodiment includes the following operations because data deciphering and CN (S-GW, etc.) are required without data forwarding from the target cell to the anchor base station;
  • data deciphering includes a security key application method and a deciphering analysis method including each or all of ciphering and integrality protection.
  • This operation may include an operation applied differently according to UE capability or applied to all Inactive (RRC_INACTIVE) state terminals.
  • PA zone is fixed to the network
  • PA region is UE-specific
  • TA zone is fixed to the network
  • TA area is UE-specific
  • a CU is a control unit
  • a DU is an RF related processing unit
  • a PDCP is assumed to be located in a CU.
  • RLC / MAC may be located in CU / DU and PHY is assumed to be located in DU.
  • the term itself includes various extended versions in addition to the CU and DU, and is applicable to the separation and extension structure of the control unit and the RF.
  • FIG. 5 is a diagram illustrating a generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
  • Enable PDCP_entity info is a parameter indicating whether PDCP_entity ID information is transmitted to the UE, and may be used as a criterion for determining whether PDCP_entity is the same as or different from the anchor PDCP storing the UE context when the UE is suspended.
  • the INACTIVE counter is a security key generation related parameter for generating a new key when the PDCP_entity is different from the anchor PDCP storing the UE context or when the change is unknown when the terminal is suspend.
  • the mobile communication system may include a terminal 505, an anchor cell 510, a new cell 515, and a core network node 520.
  • the core network node 520 may include an MME and / or an S-GW.
  • the fixed cell 510 may be named a fixed base station
  • the new cell 515 may be named a new base station.
  • the transmission / reception operation of the cell may be understood as the transmission / reception operation of the base station corresponding to the cell.
  • the core network node 520 may transmit an INACTVE message to the fixed cell 510.
  • the INACTIVE message may include INACTIVE_NH and INACTIVE_NCC.
  • the fixed cell 510 receiving the INACTIVE message may transmit an RRC connection suspend message to the terminal 505 (operation 533).
  • the terminal 505 may store a UE context.
  • the UE context may include an old key (A_KeNB) and INACTIVE_counter.
  • the fixed cell 510 may store a UE context.
  • the UE context may include an old key (A_KeNB) and INACTIVE_counter.
  • the terminal 505 may move to a new cell 515 or a new base station.
  • the terminal 505 may receive at least one of system information, SRS, or RS from the moved new cell 515.
  • At least one of the system information, the SRS, or the RS may include the PDCP entity ID of the new cell 515 (operation 541).
  • the uplink data transmitted by the terminal 505 may be generated.
  • the terminal 505 may increase the INACTIVE counter. For example, you can increase the counter value by one.
  • the terminal 505 may derive a new security key (T_KeNB) and apply it. A new security key can be derived / generated from the INACTIVE_counter.
  • the UE 505 may transmit an RRC connection resume request message to the new cell 515.
  • the UE may transmit uplink data (UL data) together with the RRC connection resumption request message.
  • the UL data may include a UE ID and / or an inactive counter and may be encrypted with a new security key (cyphered and integrity protected).
  • the new cell 515 may identify the fixed cell 510 or the fixed base station.
  • the new cell 515 may identify the fixed cell 510 using the UE ID, which may be a Resume ID.
  • the Resume ID may be provided to the terminal 505 in operation 533.
  • the new cell 515 transmits a UE Context Search request to the fixed cell 510.
  • the terminal context search request may include a UE_ID.
  • the fixed cell 510 transmits a UE Context Response to a new cell 515.
  • the terminal context search response may include T_KeNB and INACTIVE_NCC.
  • the new cell 515 stores the terminal context.
  • the terminal context may include information (T_KeNB, INACITVE_NCC) about a new security key received from the fixed cell 510.
  • the new cell 515 transmits an RRC connection response message to the terminal 505.
  • the RRC connection response message may include resume / suspend information and ACK / NACK information.
  • the terminal 505 transmits an RRC connection reconfig complete message to the new cell 515.
  • the new cell 515 sends a path switch request message to the core network node 520.
  • the core network node 520 sends a path switch response message to the new cell 515.
  • the new cell 515 transmits a context release message to the fixed cell 510.
  • PDCP_entity_Indication indicates that the network provides PDCP entity information.
  • NULL indicates that the network does not provide PDCP entity information.
  • Enable PDCP_entity info PDCP_entity_Indication
  • the UE and the base station can know whether the network provides PDCP entity information.Based on this, the ID itself can be transmitted as System Information (mandatory or on). Method of transmitting as data through -demand SI, mapping to radio resources (time of TTI, frequency of subcarrier, space such as beam index, scrambling sequence, etc.) to inform the terminal of ID information of PDCP entity It includes a method.
  • the terminal receives ID related information of the PDCP entity based on the corresponding PDCP_entity_method and determines whether to use the NCC value of the security key to be applied as it is or whether to generate a new security key by NCC + and apply the corresponding security key to Inactive ( RRC_Inactive) state can transmit data.
  • RRC release message RRC Connection suspend
  • security key information to be applied to inactive data transmission such as Inactive_counter is transmitted.
  • the security key can be common for the Inactive (RRC_INACTIVE) state within cell-specific or configured areas based on MME / PA / TA or cell list.
  • Connected_key is an operation that uses the security key used by the corresponding gNB and transmits the security key related information.
  • Inactive_Key A security key used in the Inactive (RRC_INACTIVE) state separately from the security key used by the gNB in the connected state. This is an operation for transmitting related information, and NULL indicates that there is no need to transmit security key related information in a corresponding network.
  • the UE transmits inactive data only within a serving (anchor) base station (cell, PDCP entity). If the mobile station moves out of the serving (anchor) base station (cell, PDCP entity), it performs an operation of updating the security key after the transition to the connected state. In this case, the RRC connection request or the RRC resume request applies NAS security, thereby indicating that the security key update is not necessary in the Inactive (RRC_INACTIVE) state.
  • a method for indicating PDCP Change Indication in a control signal between base stations corresponding to a cell is included.
  • PDCP Change Indication indicates the PDCP information for the corresponding DU / corresponding cell that the UE moves to request an RRC connection or add or handover to a cell.
  • the terminal indicates whether a new security key to be used by the 5G base station gNB newly accessed by the UE through (RRC connection, cell addition, handover), etc. is indicated by a field 'KgNB update required'.
  • the terminal informs whether the PDCP recovery should be performed in the newly-connected 5G base station gNB through RRC connection, cell addition, handover), etc. as a 'PDCP data recovery required' field.
  • FIG. 7 illustrates generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state in a communication system according to an exemplary embodiment of the present invention.
  • a method of transmitting security key information to be applied to inactive data transmission such as Inactive_counter.
  • the security key may be common for the purpose of Inactive (RRC_INACTIVE) state within the region specific to the cell specific or configured based on MME / PA / TA or cell list as described above.
  • the UE determines whether to generate a new security key (operation of generating and applying a new key when PDCP_entity is changed), and DATA, UE_ID (eg resume_ID, S-TMSI (SAE-temporary) to transmit the corresponding security key. mobile subscriber identity), T-RNTI, etc.) and the new base station receives the data and processes the data at the target (security key decoding and CN (S-GW)) or forwarding to the anchor cell.
  • S-GW security key decoding and CN
  • a method of transmitting an RRC connection request by adding a bit indicating whether forwarding is necessary to an anchor base station or whether an old key is used or not is forwarded to an anchor base station in a new MAC CE format.
  • the mobile communication system may include a terminal 705, an anchor cell 710, a new cell 715, and a core network node 720.
  • Core network node 720 may include an MME and / or an S-GW.
  • the core network node 520 may transmit an INACTVE message to the fixed cell 710.
  • the INACTIVE message may include INACTIVE_NH and INACTIVE_NCC.
  • the fixed cell 710 receiving the INACTIVE message may transmit an RRC connection suspend message to the terminal 705 (operation 733).
  • the terminal 705 may store a UE context.
  • the UE context may include an old key (A_KeNB) and INACTIVE_counter.
  • the fixed cell 710 may store a UE context.
  • the UE context may include an old key (A_KeNB) and INACTIVE_counter.
  • the terminal 705 may move to a new cell 515 or a new base station.
  • the terminal 705 may receive at least one of system information, SRS, or RS from the moved new cell 715.
  • At least one of the system information, the SRS or the RS may include the PDCP entity ID of the new cell 715 (operation 741).
  • the uplink data transmitted by the terminal 705 may be generated.
  • the terminal 705 checks whether the PDCP entity is different. That is, in operation 733, the terminal 705 checks whether the PDCP entity of the cell transmitting the message is different from the PDCP entity of the currently moved cell. If the PDCP entity is different, the operation proceeds to operation 745.
  • the terminal 705 may increase the INACTIVE counter. For example, you can increase the counter value by one.
  • the terminal 705 may derive a new security key (T_KeNB) and apply it. A new security key can be derived / generated from the INACTIVE_counter.
  • T_KeNB new security key
  • the UE 705 may transmit an RRC connection resume request message to the new cell 715.
  • the UE may transmit uplink data (UL data) together with the RRC connection resumption request message.
  • the UL data may include a UE ID and / or an inactive counter and may be encrypted with a new security key (cyphered and integrity protected).
  • the RRC connection resumption request message may include information indicating whether to forward the UL data to the fixed cell 710 and information indicating whether to use an old key. A bit of information indicating whether forwarding of the UL data is required or a bit indicating information indicating whether to use an old key may be added to a new MAC CE format.
  • the new cell 715 may attempt to send UL data to the core network node 720 and forward to the fixed cell 710 if it fails.
  • the new cell 715 may identify the fixed cell 710 or the fixed base station.
  • the new cell 715 may identify the fixed cell 710 using the UE ID, which may be at least one of Resume ID, S-TMSI, and T-RNTI.
  • the Resume ID may be provided to the terminal 705 in operation 733.
  • the new cell 715 transmits a UE Context Search request to the fixed cell 710.
  • the terminal context search request may include a UE_ID.
  • the fixed cell 710 transmits a UE Context Response to a new cell 715.
  • the terminal context search response may include T_KeNB and INACTIVE_NCC.
  • the new cell 715 stores the terminal context.
  • the terminal context may include information (T_KeNB, INACITVE_NCC) about a new security key received from the fixed cell 710.
  • the new cell 715 transmits an RRC connection response message to the terminal 705.
  • the RRC connection response message may include resume / suspend information and ACK / NACK information.
  • the terminal 705 transmits an RRC connection reconfig complete message to the new cell 715.
  • the new cell 715 transmits a path switch request message to the core network node 720.
  • the core network node 720 transmits a path switch response message to the new cell 715.
  • the new cell 715 transmits a context release message to the fixed cell 710.
  • FIG. 8 is a diagram illustrating an example of notation of corresponding information when a communication system transmits PDCP entity information in a communication system according to an embodiment of the present invention.
  • an embodiment of the present invention provides a method for the base station to further transmit PDCP entity information to the corresponding terminal.
  • a method for the base station may be a method of additionally transmitting the entire ID of the PDCP entity or the ID of the PDCP entity uniquely defined within the tracking area or the paging area as an additional field in addition to the existing cell ID (PCell ID).
  • PCell ID existing cell ID
  • some information of the PDCP entity may be included as an additional field in an existing cell ID.
  • the same security key is used when the same DU is used even if the DU is changed in a relatively wide area.
  • whether or not the same PDCP can be indicated using only some bits of the PCDP ID, and through this, it can be indicated whether to change the PDCP.
  • the ID itself is transmitted as data through system information (mandatory or on-demand SI), radio resources (time of TTI, frequency of subcarrier, beam index, etc.). It is possible to use a method of informing the terminal of ID information of the PDCP entity by mapping the space, a scrambling sequence, etc.).
  • system information managed or on-demand SI
  • radio resources time of TTI, frequency of subcarrier, beam index, etc.
  • RS Reference signal
  • FIG. 9 is a diagram illustrating a generation and application of a security key for a data transmission operation in an INACTIVE state in a communication system according to an embodiment of the present invention.
  • Enable PDCP_entity info 1
  • a method of transmitting this by marking the RRC connection suspend which is transitioned to RRC INACTIVE and transmitting a new security key based on this method (when PDCP_entity is changed)
  • a method of generating a new security key in the process of generating a new key based on Inactive_Conter ie, depending on whether the PDCP_entity has been changed using the old key (A_KeNB) and INACTIVE_counter included in the stored UE context as input values. Determine whether to generate a new key.
  • the operation includes using an existing old key without increasing the inactive counter, and generating a new new key based on the existing old key by increasing the inactive counter when the PDCP_entity is changed.
  • RRC connection request and RACH transition from RRC_Inactive to RRC_Connected state include the operation of using the old key without increasing the inactive counter at all times.
  • the Inactive counter is always increased during the RRC connection request and the RACH operation that transitions from the RRC_Inactive to the RRC_Connected state according to the base station configuration or the terminal configuration. It includes the operation of generating.
  • the present invention includes a method of separating and using a security key to be used in RRC_connected and a security key to be used in an RRC INACTIVE state.
  • an access stratum (AS) security for INACTIVE data transmission is used.
  • the key can be applied in common between the target base station and the anchor base station.
  • PA paging area
  • FIG. 10 illustrates generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state in a communication system according to an embodiment of the present invention.
  • the present invention relates to a method and a method of determining whether to generate a new security key based on the method.
  • the embodiment of FIG. 10 includes an operation of applying an existing key when the PDCP_entity of the moved cell is the same and a method of transmitting a DL ACK / NACK in an RRC connection response.
  • a mobile communication system may include a terminal 1005, an anchor cell 1010, a new cell 1015, and a core network node 1020.
  • the core network node 1020 may include an MME and / or an S-GW.
  • the core network node 1020 may transmit an INACTVE message to the fixed cell 710.
  • the INACTIVE message may include INACTIVE_NH and INACTIVE_NCC.
  • the fixed cell 1010 receiving the INACTIVE message may transmit an RRC connection suspend message to the terminal 1005 (operation 1033).
  • the terminal 1005 may store a UE context.
  • the UE context may include an old key (A_KeNB) and INACTIVE_counter.
  • the fixed cell 1010 may store a UE context.
  • the UE context may include an old key (A_KeNB) and INACTIVE_counter.
  • the terminal 1005 may move to a new cell 1015 or a new base station.
  • the terminal 1005 may receive at least one of system information, SRS, or RS from the moved new cell 1015.
  • At least one of the system information, the SRS, or the RS may include a PDCP entity ID of the new cell 1015 (operation 1041).
  • the UE 1005 may generate uplink data to be transmitted.
  • the terminal 1005 checks whether the PDCP entity is different. That is, in operation 1033, the terminal 1005 checks whether the PDCP entity of the cell transmitting the message is different from the PDCP entity of the currently moved cell. If the PDCP entities are identical, the operation proceeds to operation 1045. In operation 1045, the terminal 1005 maintains the INACTIVE counter without increasing it. In operation 1047, the terminal 1005 uses the old key (A_KeNB) previously used as a security key.
  • A_KeNB old key
  • the UE 1005 may transmit UL data to the new cell 1015 when transmitting an RRC Connection request message.
  • the UL data may include a UE ID and may be encrypted with an old key.
  • the new cell 1015 may identify the fixed cell 1010 or the fixed base station.
  • the new cell 1015 may identify the fixed cell 1010 using the UE ID, which may be at least one of Resume ID, S-TMSI, and T-RNTI.
  • the Resume ID may be provided to the terminal 1005 in operation 1033.
  • the new cell 1015 transmits a UE Context Search request to the fixed cell 1010.
  • the terminal context search request may include a UE_ID.
  • the fixed cell 1010 transmits a UE Context Response to a new cell 1015.
  • the UE context search response may include a PDCP sequence number (SN).
  • the new cell 1015 stores the terminal context.
  • the UE context may include an old key, Inactive_counter, and the new cell 1015 may update the PDCP SN.
  • the new cell 1015 transmits an RRC connection response message to the terminal 1005.
  • the RRC connection response message may include resume / suspend information, UE context update information, and ACK / NACK information.
  • the terminal 1005 transmits an RRC connection reconfig complete message to the new cell 1015.
  • the new cell 1015 transmits a path switch request message to the core network node 1020.
  • the core network node 1020 transmits a path switch response message to the new cell 1015.
  • the new cell 1015 transmits a context release message to the fixed cell 1010.
  • FIG. 11 is a diagram illustrating a security key generation and application for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
  • the embodiment of FIG. 11 includes a method of applying an existing key and piggybacking to paging for transmission of DL ACK / NACK when PDCP_entity of the moved cell is the same.
  • a mobile communication system may include a terminal 1105, an anchor cell 1110, a new cell 1115, and a core network node 1120.
  • the core network node 1120 may include an MME and / or an S-GW.
  • the core network node 1120 may transmit an INACTVE message to the fixed cell 1110.
  • the INACTIVE message may include INACTIVE_NH and INACTIVE_NCC.
  • the fixed cell 1110 having received the INACTIVE message may transmit an RRC connection suspend message to the UE 1105 (operation 1133).
  • the UE 1105 may store a UE context.
  • the UE context may include an old key (A_KeNB) and INACTIVE_counter.
  • the fixed cell 1110 may store a UE context.
  • the UE context may include an old key (A_KeNB) and INACTIVE_counter.
  • the terminal 1105 may move to a new cell 1115 or a new base station.
  • the terminal 1105 may receive at least one of system information, SRS, or RS from the moved new cell 1115.
  • At least one of the system information, the SRS or the RS may include the PDCP entity ID of the new cell 1115 (operation 1141).
  • uplink data transmitted by the terminal 1105 may be generated.
  • the terminal 1105 checks whether the PDCP entity is different. That is, the UE 1105 checks whether the PDCP entity of the cell which has transmitted the message is different from the PDCP entity of the cell which is currently moved in operation 1133. If the PDCP entities are identical, the operation proceeds to operation 1145. In operation 1145, the terminal 1105 maintains the INACTIVE counter without increasing it. In operation 1147, the terminal 1105 uses an old key (A_KeNB) previously used as a security key.
  • A_KeNB old key
  • the UE 1105 may transmit UL data to the new cell 1115 without RRC signaling.
  • the UL data may include a UE ID and may be encrypted with an old key.
  • the new cell 1115 may identify the fixed cell 1110 or the fixed base station.
  • the new cell 1115 may identify the fixed cell 1110 using the UE ID, and the UE ID may be at least one of Resume ID, S-TMSI, and T-RNTI.
  • the Resume ID may be provided to the terminal 1105 in operation 1133.
  • the new cell 1115 transmits a UE Context Search request to the fixed cell 1110.
  • the terminal context search request may include a UE_ID.
  • the fixed cell 1110 transmits a UE Context Response to a new cell 1115.
  • the UE context search response may include a PDCP sequence number (SN).
  • the new cell 1115 stores the terminal context.
  • the UE context may include an old key, Inactive_counter, and the new cell 1015 may update the PDCP SN.
  • the new cell 1115 transmits a path switch request message to the core network node 1120.
  • the core network node 1120 transmits a path switch response message to the new cell 1115.
  • the new cell 1115 transmits a context release message to the fixed cell 1110.
  • the core network node 1120 transmits a paging message to the fixed cell 1110.
  • the fixed cell 1110 may transmit a paging message to the terminal 1105, and piggyback ACK / NACK on the paging message.
  • FIG. 12 is a diagram illustrating a structure of a terminal according to an embodiment of the present invention.
  • the terminal may include a transceiver 1210, a controller 1220, and a storage 1230.
  • the controller 1220 may be defined as a circuit or an application specific integrated circuit or at least one processor.
  • the transceiver 1210 may exchange a signal with another network entity.
  • the transceiver 1210 may receive system information from, for example, a base station, and may receive a synchronization signal or a reference signal.
  • the controller 1220 may control the overall operation of the terminal according to the embodiment proposed by the present invention.
  • the storage unit 1230 may store at least one of information transmitted and received through the transceiver 1210 and information generated through the controller 1220.
  • the control unit 1220 receives a radio resource control (RRC) connection stop message including packet data convergence protocol (PDCP) entity related information and deactivation counter information from a first base station, Stores the first security key and the deactivation counter information being used, the terminal moves to a second base station, identifies uplink data to be transmitted by the terminal, and based on the PDCP entity related information and deactivation counter information.
  • RRC radio resource control
  • PDCP packet data convergence protocol
  • a security key may be generated, and the uplink data encrypted with the second security key may be transmitted to the second base station.
  • the controller 1220 determines whether the PDCP entity of the first base station and the PDCP entity of the second base station are the same when the ID of the PDCP entity is provided according to the PDCP entity related information.
  • the deactivation counter may be updated to generate the second security key. If the PDCP entities of the first base station and the second base station are the same, the second security key may be the same as the first security key.
  • the controller 1220 updates the deactivation counter regardless of whether the PDCP entity of the first base station and the PDCP entity of the second base station are the same.
  • the second security key may be generated.
  • the controller 1220 may control to transmit the uplink data together with the RRC connection resumption request message. In addition, the controller 1220 may control to transmit the identifier of the terminal and the deactivation counter used to generate the second security key together with the uplink data. In addition, the control unit 1220 receives system information including the cell identifier of the second base station and the PDCP entity identifier of the second base station from the second base station, and based on the PDCP entity identifier of the second base station; The PDCP entity of the first base station and the PDCP entity of the second base station may be controlled to determine whether the same.
  • FIG. 13 is a diagram illustrating a structure of a base station according to an embodiment of the present invention.
  • the base station may include a transceiver 1310, a controller 1320, and a storage 1330.
  • the controller 1320 may be defined as a circuit or application specific integrated circuit or at least one processor.
  • the transceiver 1310 may transmit and receive signals with other network entities.
  • the transceiver 1310 may transmit system information to the terminal, and may transmit a synchronization signal or a reference signal.
  • the controller 1320 may control the overall operation of the base station according to the embodiment proposed by the present invention.
  • the storage unit 1330 may store at least one of information transmitted and received through the transceiver 1310 and information generated through the controller 1320.
  • the core network node may be an MME or an S-GW, or may be a function corresponding to an MME or a function corresponding to an S-GW.
  • the core network node may include a transceiver 1410, a controller 1420, and a storage 1430.
  • the controller 1420 may be defined as a circuit or an application specific integrated circuit or at least one processor.
  • the transceiver 1410 may transmit and receive signals with other network entities.
  • the transceiver 1410 may transmit system information to the terminal, and may transmit a synchronization signal or a reference signal.
  • the controller 1420 may control the overall operation of the core network node according to the embodiment proposed by the present invention.
  • the storage 1430 may store at least one of information transmitted and received through the transceiver 1410 and information generated through the controller 1420.

Abstract

Disclosed are a communication technique for merging, with IoT technology, a 5G communication system for supporting data transmission rate higher than that of a 4G system, and a system therefor. The disclosure can be applied to intelligent services (for example, smart home, smart building, smart city, smart car or connected car, health care, digital education, retail, security and safety related services and the like) on the basis of 5G communication technology and IoT-related technology. In addition, the disclosure relates to a method by which a terminal operates in a wireless communication system, comprising the steps of: receiving a radio resource control (RRC) connection stop message including packet data convergence protocol (PDCP) entity related information and inactivation counter information from a first base station; storing a first security key currently being used by the terminal and the inactivation counter information; allowing the terminal to move to a second base station; allowing the terminal to check uplink data to be transmitted; generating a second security key on the basis of the PDCP entity related information and the inactivation counter information; and transmitting the uplink data encrypted using the second security key to the second base station.

Description

무선 통신 시스템에서 개선된 보안을 위한 방법 및 장치Method and apparatus for improved security in wireless communication system
본 발명은 저전력 저지연을 위한 RRC 연결 상태 관리를 위한 기지국 및 단말의 동작 방법에 관한 것이다.The present invention relates to a method of operating a base station and a terminal for managing the RRC connection state for low power low latency.
4G 통신 시스템 상용화 이후 증가 추세에 있는 무선 데이터 트래픽 수요를 충족시키기 위해, 개선된 5G 통신 시스템 또는 pre-5G 통신 시스템을 개발하기 위한 노력이 이루어지고 있다. 이러한 이유로, 5G 통신 시스템 또는 pre-5G 통신 시스템은 4G 네트워크 이후 (Beyond 4G Network) 통신 시스템 또는 LTE 시스템 이후 (Post LTE) 이후의 시스템이라 불리어지고 있다. 높은 데이터 전송률을 달성하기 위해, 5G 통신 시스템은 초고주파(mmWave) 대역 (예를 들어, 60기가(60GHz) 대역과 같은)에서의 구현이 고려되고 있다. 초고주파 대역에서의 전파의 경로손실 완화 및 전파의 전달 거리를 증가시키기 위해, 5G 통신 시스템에서는 빔포밍(beamforming), 거대 배열 다중 입출력(massive MIMO), 전차원 다중입출력(Full Dimensional MIMO: FD-MIMO), 어레이 안테나(array antenna), 아날로그 빔형성(analog beam-forming), 및 대규모 안테나 (large scale antenna) 기술들이 논의되고 있다. 또한 시스템의 네트워크 개선을 위해, 5G 통신 시스템에서는 진화된 소형 셀, 개선된 소형 셀 (advanced small cell), 클라우드 무선 액세스 네트워크 (cloud radio access network: cloud RAN), 초고밀도 네트워크 (ultra-dense network), 기기 간 통신 (Device to Device communication: D2D), 무선 백홀 (wireless backhaul), 이동 네트워크 (moving network), 협력 통신 (cooperative communication), CoMP (Coordinated Multi-Points), 및 수신 간섭제거 (interference cancellation) 등의 기술 개발이 이루어지고 있다. 이 밖에도, 5G 시스템에서는 진보된 코딩 변조(Advanced Coding Modulation: ACM) 방식인 FQAM (Hybrid FSK and QAM Modulation) 및 SWSC (Sliding Window Superposition Coding)과, 진보된 접속 기술인 FBMC(Filter Bank Multi Carrier), NOMA(non- orthogonal multiple access), 및SCMA(sparse code multiple access) 등이 개발되고 있다.In order to meet the increasing demand for wireless data traffic since the commercialization of 4G communication systems, efforts are being made to develop improved 5G communication systems or pre-5G communication systems. For this reason, a 5G communication system or a pre-5G communication system is called a system after a 4G network (Beyond 4G Network) or a system after an LTE system (Post LTE). In order to achieve high data rates, 5G communication systems are being considered for implementation in the ultra-high frequency (mmWave) band (eg, such as the 60 Gigabit (60 GHz) band). In order to mitigate the path loss of radio waves in the ultra-high frequency band and increase the propagation distance of radio waves, beamforming, massive array multiple input / output (FD-MIMO), and FD-MIMO are used in 5G communication systems. Array antenna, analog beam-forming, and large scale antenna techniques are discussed. In addition, in order to improve the network of the system, 5G communication systems have advanced small cells, advanced small cells, cloud radio access network (cloud RAN), ultra-dense network (ultra-dense network) , Device to Device communication (D2D), wireless backhaul, moving network, cooperative communication, Coordinated Multi-Points (CoMP), and interference cancellation The development of such technology is being done. In addition, in 5G systems, Hybrid FSK and QAM Modulation (FQAM) and Slide Window Superposition Coding (SWSC), Advanced Coding Modulation (ACM), and FBMC (Filter Bank Multi Carrier) and NOMA are advanced access technologies. Non-orthogonal multiple access (SAP) and sparse code multiple access (SCMA) are being developed.
한편, 인터넷은 인간이 정보를 생성하고 소비하는 인간 중심의 연결 망에서, 사물 등 분산된 구성 요소들 간에 정보를 주고 받아 처리하는 IoT(Internet of Things, 사물인터넷) 망으로 진화하고 있다. 클라우드 서버 등과의 연결을 통한 빅데이터(Big data) 처리 기술 등이 IoT 기술에 결합된 IoE (Internet of Everything) 기술도 대두되고 있다. IoT를 구현하기 위해서, 센싱 기술, 유무선 통신 및 네트워크 인프라, 서비스 인터페이스 기술, 및 보안 기술과 같은 기술 요소 들이 요구되어, 최근에는 사물간의 연결을 위한 센서 네트워크(sensor network), 사물 통신(Machine to Machine, M2M), MTC(Machine Type Communication)등의 기술이 연구되고 있다. IoT 환경에서는 연결된 사물들에서 생성된 데이터를 수집, 분석하여 인간의 삶에 새로운 가치를 창출하는 지능형 IT(Internet Technology) 서비스가 제공될 수 있다. IoT는 기존의 IT(information technology)기술과 다양한 산업 간의 융합 및 복합을 통하여 스마트홈, 스마트 빌딩, 스마트 시티, 스마트 카 혹은 커넥티드 카, 스마트 그리드, 헬스 케어, 스마트 가전, 첨단의료서비스 등의 분야에 응용될 수 있다.Meanwhile, the Internet is evolving from a human-centered connection network in which humans create and consume information, and an Internet of Things (IoT) network that exchanges and processes information between distributed components such as things. The Internet of Everything (IoE) technology, which combines big data processing technology through connection with cloud servers and the like, is emerging. In order to implement the IoT, technical elements such as sensing technology, wired / wireless communication and network infrastructure, service interface technology, and security technology are required, and recently, a sensor network for connection between things, a machine to machine , M2M), Machine Type Communication (MTC), etc. are being studied. In an IoT environment, intelligent Internet technology (IT) services can be provided that collect and analyze data generated from connected objects to create new value in human life. IoT is a field of smart home, smart building, smart city, smart car or connected car, smart grid, health care, smart home appliances, advanced medical services, etc. through convergence and complex of existing information technology (IT) technology and various industries. It can be applied to.
이에, 5G 통신 시스템을 IoT 망에 적용하기 위한 다양한 시도들이 이루어지고 있다. 예를 들어, 센서 네트워크(sensor network), 사물 통신(Machine to Machine, M2M), MTC(Machine Type Communication)등의 기술이 5G 통신 기술이 빔 포밍, MIMO, 및 어레이 안테나 등의 기법에 의해 구현되고 있는 것이다. 앞서 설명한 빅데이터 처리 기술로써 클라우드 무선 액세스 네트워크(cloud RAN)가 적용되는 것도 5G 기술과 IoT 기술 융합의 일 예라고 할 수 있을 것이다.Accordingly, various attempts have been made to apply the 5G communication system to the IoT network. For example, technologies such as sensor network, machine to machine (M2M), machine type communication (MTC), and the like, are implemented by techniques such as beamforming, MIMO, and array antennas. It is. Application of cloud radio access network (cloud RAN) as the big data processing technology described above may be an example of convergence of 5G technology and IoT technology.
무선 통신 단말이 데이터를 송수신 하기 위한 RRC state의 설계는 음성통화 위주의 이전 세대의 설계 철학으로 지나치게 보수적으로 설계 되었다. 예를 들어 traffic 수신 이후 일정시간 동안 traffic 도착이 없음에도 RRC connected 상태로 (Connected discontinuous reception, Connected DRX, C-DRX) 등의 대기시간을 유지하는 데 이로 인한 전력 소모가 심각하다. 또한 스마트폰 사용자의 경우, 사용자 QoS(quality of service)와 상관없는 keep alive message등이 data로 빈번하게 발생하는데 이를 위한 RRC connection을 음성 통화 서비스 기반으로 설계할 경우 단말 전력 소모가 더욱 악화될 수 있다. 본 발명의 실시 예에서는 RRC INACTIVE 상태에서 RRC State 천이 없이 data 전송을 수행하는 상황에서 단말의 이동성을 고려하여 단말이 위치한 기지국이 변경된 경우 data전송을 위한 보안키 설정 및 이를 설정하기 위한 방법을 제공한다.The design of the RRC state for the wireless communication terminal to transmit and receive data was overly conservative due to the design philosophy of the previous generation focused on voice calls. For example, even after no traffic arrives for a certain period of time after receiving traffic, power consumption is severely maintained due to the RRC connected state (Connected discontinuous reception, Connected DRX, C-DRX). In addition, in case of a smart phone user, keep alive messages are frequently generated as data, irrespective of the user's quality of service (QoS). When the RRC connection is designed based on the voice call service, the terminal power consumption may be worsened. . An embodiment of the present invention provides a method for setting a security key for data transmission when a base station in which a terminal is located is changed in consideration of mobility of the terminal in a situation in which data transmission is performed without an RRC state transition in an RRC INACTIVE state. .
또한, 본 발명의 실시 예는 PDCP(packet data convergence protocol) entity 의 변경 여부에 따른 보안 키 결정 및 적용 방법을 제공한다.In addition, an embodiment of the present invention provides a method for determining and applying a security key according to whether a packet data convergence protocol (PDCP) entity is changed.
상기와 같은 문제점을 해결하기 위한 본 발명의 실시 예는 무선 통신 시스템에서 단말의 동작 방법에 있어서, 제1 기지국으로부터 PDCP(packet data convergence protocol) 개체 관련 정보 및 비활성화 카운터 정보를 포함하는 RRC(radio resource control) 연결 중지 메시지를 수신하는 단계, 현재 단말이 사용중인 제1 보안키 및 상기 비활성화 카운터 정보를 저장하는 단계, 상기 단말이 제2 기지국으로 이동하는 단계, 상기 단말이 전송할 상향링크 데이터를 확인하는 단계, 상기 PDCP 개체 관련 정보 및 비활성화 카운터 정보에 기반하여 제2 보안 키를 생성하는 단계 및 상기 제2 보안 키로 암호화된 상기 상향링크 데이터를 상기 제2 기지국으로 전송하는 단계를 포함하는 방법을 제공한다.An embodiment of the present invention for solving the above problems is a radio resource including a packet data convergence protocol (PDCP) entity related information and a deactivation counter information from a first base station in a method of operating a terminal in a wireless communication system; control) receiving a connection stop message, storing the first security key and the deactivation counter information currently being used by the terminal, moving the terminal to a second base station, and checking uplink data to be transmitted by the terminal. And generating a second security key based on the PDCP entity related information and the deactivation counter information and transmitting the uplink data encrypted with the second security key to the second base station. .
또한, 본 발명의 실시 예는 단말에 있어서, 신호를 송신 및 수신하는 송수신부 및 제1 기지국으로부터 PDCP(packet data convergence protocol) 개체 관련 정보 및 비활성화 카운터 정보를 포함하는 RRC(radio resource control) 연결 중지 메시지를 수신하고, 현재 단말이 사용중인 제1 보안키 및 상기 비활성화 카운터 정보를 저장하며, 상기 단말이 제2 기지국으로 이동하고, 상기 단말이 전송할 상향링크 데이터를 확인하며, 상기 PDCP 개체 관련 정보 및 비활성화 카운터 정보에 기반하여 제2 보안 키를 생성하고, 상기 제2 보안 키로 암호화된 상기 상향링크 데이터를 상기 제2 기지국으로 전송하도록 제어하는 제어부를 포함하는 단말을 제공한다.In addition, an embodiment of the present invention, in the terminal, a radio resource control (RRC) connection stop including a packet data convergence protocol (PDCP) entity-related information and a deactivation counter information from a transceiver for transmitting and receiving a signal and a first base station Receive a message, and stores the first security key and the deactivation counter information currently being used by the terminal, the terminal moves to the second base station, confirms the uplink data to be transmitted by the terminal, the PDCP entity related information and And a control unit generating a second security key based on the deactivation counter information and controlling to transmit the uplink data encrypted with the second security key to the second base station.
본 발명의 실시 예에 따르면, 단말 및 기지국의 통신 시스템은 Data 전송을 위한 RRC state를 선택하고 이를 위한 절차를 수행하면서 Inactive(RRC_INACTIVE) state에서 바로 data를 전송하는 경우 RRC Connected_Active (RRC_CONNECTED) 상태로 천이(Transition)을 수행하지 않으므로 Active (RRC_CONNECTED) 상태에서의 대기시간 (C-DRX, Radio tail)을 최소한으로 유지 되므로 단말의 전력 소모 절약 효과가 기대된다. 또한, RRC state 천이를 위한 RRC release message 없이 Data를 전송함으로써, Inactive(RRC_INACTIVE) (Idle) 상태에서 Data를 전송하고자 하는 경우 Connected_Active (RRC_CONNECTED)로 RRC state를 천이하지 않으므로 관련 Control Signalling에 소요되는 지연을 제거하여 Data 전송 지연 감소 효과가 있다. 또한 RRC state 천이를 위한 RRC release message의 감소는 5G 기지국 (RU/TRP)의 전력 소모 감소를 통한 Cost 효율성 및 5G 셀간 주변 간섭 감소를 통해 무선자원 사용 효율성 증대가 기대된다.According to an embodiment of the present invention, the communication system of the terminal and the base station transitions to the RRC Connected_Active (RRC_CONNECTED) state when transmitting data directly in an Inactive (RRC_INACTIVE) state while selecting an RRC state for data transmission and performing a procedure therefor. Since the transition is not performed, the standby time (C-DRX, Radio tail) in the Active (RRC_CONNECTED) state is kept to a minimum, so the power consumption saving effect of the terminal is expected. In addition, by transmitting data without RRC release message for transition of RRC state, if you want to transmit data in Inactive (RRC_INACTIVE) (Idle) state, it does not transition the RRC state to Connected_Active (RRC_CONNECTED), so delays in related control signaling This reduces the data transmission delay. In addition, the reduction of the RRC release message for the transition of the RRC state is expected to increase the efficiency of radio resource use by reducing the power consumption of the 5G base station (RU / TRP) and reducing the peripheral interference between 5G cells.
또한, 본 발명의 실시 예에 따르면 개선된 보안 방법을 제공할 수 있다.In addition, according to an embodiment of the present invention can provide an improved security method.
도 1은 본 발명의 일 실시 예에 따른 (5G, NR) 통신 시스템의 구조를 개략적으로 도시하는 도면이다.1 is a diagram schematically illustrating a structure of a (5G, NR) communication system according to an embodiment of the present invention.
도 2는 본 발명의 일 실시 예에 따른 (5G, NR) 통신 시스템에서 적용 예정인 3개의 RRC state인 Connected_Active (RRC_CONNECTED), Connected_Inactive, Idle의 동작 예시를 나타낸 도면이다.2 is a diagram illustrating an example of operations of three RRC states, Connected_Active (RRC_CONNECTED), Connected_Inactive, and Idle, which are to be applied in a (5G, NR) communication system according to an exemplary embodiment of the present invention.
도 3은 본 발명의 일 실시 예에 따른 통신 시스템에서 Inactive(RRC_INACTIVE)상태의 단말과 기지국 과 Core-network (MME)의 상태 예시를 나타낸 도면이다.3 is a diagram illustrating an exemplary state of a terminal, a base station, and a core-network (MME) in an inactive (RRC_INACTIVE) state in a communication system according to an embodiment of the present invention.
도 4는 본 발명의 일 실시 예에 따른 단말이 RRC Inactive상태에서 동작하는 시나리오를 a) 동일 셀 이내, b) 동일 PDCP, entity 이내, c) 다른 PDCP entity로 이동하는 예를 도시한 도면이다. 4 is a diagram illustrating an example of a UE operating in an RRC Inactive state according to an embodiment of the present invention a) within a cell, b) within the same PDCP, within an entity, and c) another PDCP entity.
도 5는 본 발명의 일 실시 예에 따른 통신 시스템에서 단말이 Inactive(RRC_INACTIVE) state 에서 Data 전송 동작을 위한 보안키 생성 및 적용을 도시하는 도면이다.5 is a diagram illustrating a generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
도 6은 본 발명의 일 실시 예에 따른 통신 시스템에서 RRC Connection suspend 전송 시 Enable PDCP_entity info와 INACTIVE counter를 전송하는 RRC field 를 도시한 도면이다.FIG. 6 illustrates an RRC field for transmitting an Enable PDCP_entity info and an INACTIVE counter when transmitting an RRC Connection suspend in a communication system according to an embodiment of the present invention.
도 7은 본 발명의 일 실시 예에 따른 통신 시스템에서 단말이 Inactive(RRC_INACTIVE) state 에서 Data 전송 동작을 위한 보안키 생성 및 적용을 도시하는 도면이다.FIG. 7 illustrates a generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
도 8은 본 발명의 일 실시 예에 따른 통신 시스템에서 전송하고 Network이 PDCP entity 정보를 제공하는 경우, 해당 정보의 표기 예시를 보여주는 도면이다.8 is a diagram illustrating an example of notation of corresponding information when the communication system transmits PDCP entity information in a communication system according to an embodiment of the present invention.
도 9은 본 발명의 일 실시 예에 따른 통신 시스템에서 단말이 Inactive(RRC_INACTIVE) state 에서 Data 전송 동작을 위한 보안키 생성 및 적용을 도시하는 도면이다. 9 is a diagram illustrating a generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
도 10은 본 발명의 일 실시 예에 따른 통신 시스템에서 단말이 Inactive(RRC_INACTIVE) state 에서 Data 전송 동작을 위한 보안키 생성 및 적용을 도시하는 도면이다.FIG. 10 illustrates generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state in a communication system according to an embodiment of the present invention.
도 11은 본 발명의 일 실시 예에 따른 통신 시스템에서 단말이 Inactive(RRC_INACTIVE) state 에서 Data 전송 동작을 위한 보안키 생성 및 적용을 도시하는 도면이다.FIG. 11 is a diagram illustrating a security key generation and application for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
도 12는 본 발명의 일 실시 예에 다른 단말의 구조를 나타내는 도면이다. 12 is a view showing the structure of another terminal according to an embodiment of the present invention.
도 13은 본 발명의 일 실시 예에 다른 기지국의 구조를 나타내는 도면이다. 13 is a diagram showing the structure of another base station according to an embodiment of the present invention.
도 14는 본 발명의 일 실시 예에 다른 코어네트워크 노드의 구조를 나타내는 도면이다.14 is a diagram showing the structure of a core network node according to an embodiment of the present invention.
이하, 본 발명의 실시예를 첨부한 도면과 함께 상세히 설명한다. 또한 본 발명을 설명함에 있어서 관련된 공지 기능 혹은 구성에 대한 구체적인 설명이 본 발명의 요지를 불필요하게 흐릴 수 있다고 판단된 경우 그 상세한 설명은 생략한다. 그리고 후술되는 용어들은 본 발명에서의 기능을 고려하여 정의된 용어들로서 이는 사용자, 운용자의 의도 또는 관례 등에 따라 달라질 수 있다. 그러므로 그 정의는 본 명세서 전반에 걸친 내용을 토대로 내려져야 할 것이다.Hereinafter, embodiments of the present invention will be described in detail with the accompanying drawings. In addition, in describing the present invention, when it is determined that a detailed description of a related known function or configuration may unnecessarily obscure the subject matter of the present invention, the detailed description thereof will be omitted. Terms to be described later are terms defined in consideration of functions in the present invention, and may be changed according to intentions or customs of users or operators. Therefore, the definition should be made based on the contents throughout the specification.
본 발명의 이점 및 특징, 그리고 그것들을 달성하는 방법은 첨부되는 도면과 함께 상세하게 후술되어 있는 실시 예들을 참조하면 명확해질 것이다. 그러나 본 발명은 이하에서 개시되는 실시 예들에 한정되는 것이 아니라 서로 다른 다양한 형태로 구현될 수 있으며, 단지 본 실시 예들은 본 발명의 개시가 완전하도록 하고, 본 발명이 속하는 기술분야에서 통상의 지식을 가진 자에게 발명의 범주를 완전하게 알려주기 위해 제공되는 것이며, 본 발명은 청구항의 범주에 의해 정의될 뿐이다. 명세서 전체에 걸쳐 동일 참조 부호는 동일 구성 요소를 지칭한다.Advantages and features of the present invention, and methods for achieving them will be apparent with reference to the embodiments described below in detail in conjunction with the accompanying drawings. However, the present invention is not limited to the embodiments disclosed below, but may be implemented in various forms, and only the embodiments of the present invention make the disclosure of the present invention complete and the general knowledge in the technical field to which the present invention belongs. It is provided to fully convey the scope of the invention to those skilled in the art, and the present invention is defined only by the scope of the claims. Like reference numerals refer to like elements throughout.
본 발명의 실시 예는 3GPP RAN 5G 에서 논의되고 있는 기지국 및 단말의 동작 방식에 대한 것이다. 해당 표준에서는 향후 10년 이내에 단말 및 기지국 네트워크의 전력 효율성 [bit/J] 이 1000배 이상 향상되는 것을 주 목표로 에너지 효율적 동작을 정의하고 있다. 이를 위해 고주파수 대역의 mmW 동작 시 필수적인 빔포밍(Beamforming) 전송 방식에 따른 전력 추가 소모 가능성을 해결하기 위해 단말의 Active (RRC_CONNECTED) 동작 시간을 감소 시키는 제어가 논의 시작되고 있다.An embodiment of the present invention relates to an operation method of a base station and a terminal which are discussed in 3GPP RAN 5G. The standard defines energy-efficient operation with the main goal of improving the power efficiency [bit / J] of the terminal and base station networks more than 1000 times within the next 10 years. To solve this problem, a control for reducing the active (RRC_CONNECTED) operation time of the UE has been started to solve the possibility of additional power consumption due to the beamforming transmission method required for mmW operation of the high frequency band.
본 발명의 실시 예에서 제안하고 있는 기술은 이동통신시스템 (5G 혹은 NR)에서 적용 예정인 3개의 RRC state인 Connected_Active (RRC_CONNECTED), Connected_Inactive, Idle에 기반한 RRC connection 제어 및 유지 방법에 관한 기술이다. 특히, data 전송을 하는 RRC state (Inactive 및(or) Active (RRC_CONNECTED)) 결정 방법 및 단말의 traffic 전송 시 RRC Inactive state에서 효율적으로 전송을 수행하는 경우에 대해서 Spectral efficiency 향상 및 Channel access 방법을 향상시키도록 하는 기능을 지원하는 방법에 대해 다룬다.The technique proposed in the embodiment of the present invention is a technique for controlling and maintaining an RRC connection based on three RRC states, Connected_Active (RRC_CONNECTED), Connected_Inactive, and Idle, which are to be applied in a mobile communication system (5G or NR). In particular, the spectral efficiency improvement and the channel access method are improved for the RRC state (Inactive and (or) Active (RRC_CONNECTED)) determination method for data transmission and efficient transmission in the RRC inactive state when transmitting traffic of the UE. It covers how to support the feature.
본 발명의 실시 예에서는 data 전송을 하는 RRC state (Inactive 및(or) Active (RRC_CONNECTED)) 결정 방법 및 RRC Inactive state에서 단말의 traffic전송시에 효율적으로 전송하도록 하는 Spectral efficiency 향상 및 Channel access 방법 향상을 다룬다.According to an embodiment of the present invention, the RRC state (Inactive and (or) Active (RRC_CONNECTED)) determination method for transmitting data and the spectral efficiency improvement and channel access method improvement for efficiently transmitting the traffic of the UE in the RRC Inactive state are improved. Deal with.
또한, 본 발명의 실시 예는 PDCP entity의 변경에 따른 보안 방법 향상을 다룬다.In addition, the embodiment of the present invention deals with the improvement of the security method according to the change of the PDCP entity.
도 1은 본 발명의 일 실시 예에 따른 5G NR 통신 시스템의 구조를 개략적으로 도시하는 도면이다.1 is a diagram schematically illustrating a structure of a 5G NR communication system according to an embodiment of the present invention.
도 1에서 상기 기지국(gNB 또는 base station, 110, 115, 120,125)으로 단말(UE 또는 terminal, 105)와 무선 채널을 통해 연결되며 기존 (UMTS)의 NodeB와 LTE의 eNodeB 기지국 보다 복잡한 역할을 수행한다. In FIG. 1, a base station (gNB or base station, 110, 115, 120, and 125) is connected to a terminal (UE or terminal, 105) through a wireless channel, and performs a more complicated role than that of a conventional (UMTS) NodeB and an eNodeB base station of LTE. .
해당 이동통신 시스템에서는 인터넷 프로토콜을 통한 VoIP(Voice over IP) 서비스와 같은 실시간 서비스를 비롯한 모든 사용자 트래픽이 공용 채널(shared channel)을 통해 서비스 되므로, UE들의 버퍼 상태, 가용 전송 전력 상태, 채널 상태 등의 상태 정보를 취합해서 스케줄링을 하는 장치가 필요하며, 이를 상기 gNB(110, 115, 120, 125)들이 담당한다. 하나의 gNB는 통상 다수의 셀들을 제어한다. 상기 S-GW(130)는 데이터 베어러를 제공하는 장치이며, 상기 MME(140)의 제어에 따라서 데이터 베어러를 생성하거나 제거한다. 상기 MME(140)는 상기 단말(105)에 대한 이동성 관리 기능은 물론 각종 제어 기능을 담당하는 장치로 다수의 기지국들과 연결된다. In the mobile communication system, all user traffic including real-time services such as Voice over IP (VoIP) service through the Internet protocol is serviced through a shared channel, so that the UE's buffer state, available transmit power state, channel state, etc. There is a need for an apparatus for scheduling by collecting the state information of the gNB (110, 115, 120, 125) is responsible for this. One gNB typically controls multiple cells. The S-GW 130 is a device for providing a data bearer, and generates or removes a data bearer under the control of the MME 140. The MME 140 is a device that is responsible for various control functions as well as mobility management function for the terminal 105 is connected to a plurality of base stations.
도 2는 본 발명의 일 실시 예에 따른 5G NR 통신 시스템에서 적용되는 3개의 RRC 상태(state)인 Connected_Active (RRC_CONNECTED)(205), Connected_Inactive(210), Idle(215)에 대해서 설명하기로 한다.2 is a diagram illustrating three RRC states, Connected_Active (RRC_CONNECTED) 205, Connected_Inactive 210, and Idle 215, which are applied in a 5G NR communication system according to an exemplary embodiment of the present invention.
connected Active (RRC_CONNECTED) 상태(205)는 RRC 연결 모드라 명명할 수 있으며, 단말이 데이터를 송수신할 수 있는 무선 접속 상태이다. Idle 상태(215)는 대기 모드 또는 RRC 대기 모드로 명명할 수 있으며, 단말이 자신에게 페이징이 전송되는지를 모니터링 하는 무선 접속 상태이다. 상기 두 모드는 LTE 시스템에도 적용되는 무선 접속 상태로, 상세 기술은 기존 LTE 시스템의 것과 동일하다. 5G NR 통신 시스템에서는 신규로 Connected_inactive 상태(210)가 정의되었으며, RRC_INACTIVE 상태로 명명할 수도 있다. RRC inactive 상태에서 UE context가 기지국과 단말에 유지되며, RAN 기반 페이징이 지원된다.The connected Active (RRC_CONNECTED) state 205 may be referred to as an RRC connected mode, and is a wireless connection state in which a terminal can transmit and receive data. The idle state 215 may be referred to as a standby mode or an RRC standby mode, and is a wireless access state in which the terminal monitors whether paging is transmitted to the terminal. The two modes are in a wireless access state that is also applied to the LTE system, and the detailed technology is the same as that of the existing LTE system. In the 5G NR communication system, the Connected_inactive state 210 is newly defined and may be named as the RRC_INACTIVE state. In the RRC inactive state, the UE context is maintained in the base station and the terminal, RAN-based paging is supported.
RRC INACTIVE 상태에서 단말은 특정 절차를 이용하여, 연결 모드 혹은 대기 모드로 천이할 수 있다. Connection activation에 따라 Inactive(RRC_INACTIVE) 모드에서 연결 모드로 전환되며, Connection inactivation 절차를 이용하여 연결 모드에서 Inactive(RRC_INACTIVE) 모드로 전환된다. 상기 Connection activation/inactivation 절차는 하나 이상의 RRC 메시지를 단말과 기지국 간 송수신되며, 하나 이상의 단계로 구성되는 것을 특징으로 한다. 역시 특정 절차에 따라 Inactive(RRC_INACTIVE) 모드에서 대기 모드로 전환 가능하다. 상기 언급된 특정 절차로는 특정 메시지 교환 혹은 타이머 기반 혹은 이벤트 기반 등 다양한 방법이 고려될 수 있다. 연결 모드와 대기 모드 간 전환은 기존의 LTE 기술을 따른다. 즉, connection establishment 혹은 release 절차를 통해, 상기 모드간 전환이 이루어진다. In the RRC INACTIVE state, the UE may transition to the connected mode or the standby mode by using a specific procedure. According to the connection activation, the mode is changed from the inactive (RRC_INACTIVE) mode to the connected mode, and the mode is changed from the connected mode to the inactive (RRC_INACTIVE) mode using the connection inactivation procedure. The connection activation / inactivation procedure is one or more RRC messages transmitted and received between the terminal and the base station, characterized in that composed of one or more steps. You can also switch from Inactive (RRC_INACTIVE) mode to Standby mode according to a specific procedure. As the specific procedure mentioned above, various methods such as specific message exchange or timer-based or event-based may be considered. The transition between connected and standby mode follows existing LTE technology. That is, switching between the modes is performed through a connection establishment or release procedure.
도 2과 같이 3GPP NR은 기존 2개의 RRC state에 추가로 Inactive(RRC_INACTIVE) state를 더해 3개 RRC State를 운용하며 단말은 한번에 하나의 RRC State로 동작한다.As shown in FIG. 2, the 3GPP NR operates three RRC states by adding an Inactive (RRC_INACTIVE) state to two existing RRC states, and the UE operates as one RRC state at a time.
도 3은 본 발명의 일 실시 예에 따른NR 통신 시스템에서 Inactive상태의 단말과 기지국 및 MME의 상태 예시를 나타낸 도면이다. 3 is a diagram illustrating an example of states of a terminal, a base station, and an MME in an inactive state in an NR communication system according to an exemplary embodiment of the present invention.
신규 RRC 상태인 Inactive는 단말(305)과 기지국(310)의 Air interface는 비 접속 상태이지만 기지국(310)과 MME(315)의 core network은 접속상태를 유지한다. 단말(305)이 기지국(310)과 RRC Connected_Active (RRC_CONNECTED) 상태를 해지 (Release) 하더라도 기지국(310)과 MME(315)는 ECM Connected 상태로 단말(305)의 Context는 기지국(310)과 MME(315)가 저장하고 있는 것을 가정한다. Inactive is a new RRC state, the air interface of the terminal 305 and the base station 310 is not connected, but the core network of the base station 310 and the MME 315 maintains the connected state. Even if the terminal 305 releases the RRC Connected_Active (RRC_CONNECTED) state with the base station 310, the base station 310 and the MME 315 are in the ECM Connected state, and the context of the terminal 305 is the base station 310 and the MME ( Assume that 315 is storing.
기존 RRC idle state에서 RRC 천이 지연을 감소 하기 위해 S1 연결 설정 & Security 절차 생략이 필요하다. 이를 위해 Anchor eNB 는 UE 확인용 resume ID를 비롯한 UE context를 저장한다. 단말이 Idle 상태에서 이동 시에 신규 기지국 (gNB) 접속 시 단말의 identity를 확인하기 위해 단말은 해당 ID를 전송하고 단말이 접속한 기지국 (단말 정지 시 혹은 동일 셀 이내 위치 시에는 기존 기지국, 이동 시에는 신규 기지국)은 단말 ID를 기반으로 UE context를 검색(retrieve)하고 이후 접속 절차를 수행하게 된다. In order to reduce the RRC transition delay in the existing RRC idle state, it is necessary to omit the S1 connection establishment & security procedure. To this end, the Anchor eNB stores the UE context including the resume ID for UE confirmation. When a mobile station is connected to a new base station (gNB) while moving in idle state, the mobile station transmits a corresponding ID to check the identity of the mobile station. The new base station) retrieves the UE context based on the terminal ID and then performs an access procedure.
그러나 표준 3GPP Release 13에서의 C-IoT(cellular - internet of things), NB-IoT(narrow band - internet of things)의 전송 동작은 RRC connected state로 천이한 이후 (RRC resume) data를 전송하므로 Idle state 위한 별도의 DRB(data radio bearer) 설정을 하지 않고 해당 설정이 필요하지 않다. 그러나 NB-IoT 에 합의된 CP(control plane)/UP(user plane)-solution의 한계점에 대한 enhancement로 Inactive(RRC_INACTIVE) state관련 MAC 설계가 필요하다. CP-solution의 경우, Idle 상태에서 초기 small data를 NAS security (SRB, signaling radio bearer)기반 data 전송하여 SRB기반 MME-gNB 부하 증가 문제 해결, 지연 해결, QoS 차별 지원이 필요하다. 또한 UP-solution은 RRC connection resume/suspend 절차를 통한 RRC signaling으로 인한 CN(core network) 부담 및 지연 최소화를 동작하지만 connected 상태에서 data를 전송하기 때문에 C-DRX 등의 대기 전력소모의 문제가 발생한다.However, the transmission operation of cellular-internet of things (C-IoT) and narrow band-internet of things (NB-IoT) in the standard 3GPP Release 13 transmits (RRC resume) data after transitioning to the RRC connected state. There is no need to set up a separate data radio bearer (DRB). However, the MAC design related to the Inactive (RRC_INACTIVE) state is needed as an enhancement to the limitations of the control plane (CP) / user plane (UP) -solution agreed to the NB-IoT. In case of CP-solution, it is necessary to solve SRB-based MME-gNB load increase problem, delay resolution, and QoS discrimination by transmitting initial small data based on NAS security (SRB, signaling radio bearer) in idle state. In addition, UP-solution operates to minimize CN (core network) burden and delay due to RRC signaling through RRC connection resume / suspend procedure, but because of data transmission in connected state, there is a problem of standby power consumption such as C-DRX. .
이러한 문제를 해결하기 위한 방법으로 아래와 같은 동작을 고려할 수 있다.As a way to solve this problem, the following operation can be considered.
1) Inactive(RRC_INACTIVE) state 도입: Idle 기반 NB-IoT 동작 대비 Inactive(RRC_INACTIVE) state 단말 동작 추가 (비주기적 CQI(channel quality indicator), BSR(buffer status report)관련 정보, 신규 monitoring timer 등)1) Inactive (RRC_INACTIVE) state introduced: Added Inactive (RRC_INACTIVE) state terminal operation compared to Idle-based NB-IoT operation (aperiodic CQI (channel quality indicator), BSR (buffer status report) related information, new monitoring timer, etc.)
2) Inactive(RRC_INACTIVE) state 이내 small data 전송: DRB 기반 data 전송 (SRB기반 MME-gNB 부하 증가 문제 해결, 지연 해결, QoS 차별 지원가능)2) Small data transmission within Inactive (RRC_INACTIVE) state: DRB-based data transmission (SRB-based MME-gNB load increase problem solving, delay resolution, QoS discrimination support)
도 4는 본 발명의 일 실시 예에 따른 단말이 RRC Inactive(RRC_INACTIVE)상태에서 동작하는 시나리오를 a) 동일 셀 이내, b) 동일 PDCP entity 이내, c) 다른 PDCP entity로 이동하는 예를 도시한 도면이다.4 is a diagram illustrating an example of a UE operating in an RRC Inactive (RRC_INACTIVE) state according to an embodiment of the present invention in a) within a cell, b) within a same PDCP entity, and c) moving to another PDCP entity. to be.
시나리오 a)나 b)의 경우 동일한 PDCP entity 이내에서 동작하므로 old security key를 사용하는 것이 가능하다, 그러나 단말이 다른 PDCP entity로 이동하는 경우 신규 보안키가 필요하다. 동일한 기지국 내에서 PDCP entity가 동일할 수도 있고, 상이할 수도 있으며, 서로 다른 셀이라고 하더라도 PDCP entity는 동일할 수도 있고, 상이할 수도 있다.In scenario a) or b), it is possible to use an old security key because it operates within the same PDCP entity, but a new security key is required when the terminal moves to another PDCP entity. PDCP entities may be the same or different in the same base station, and even if different cells, PDCP entities may be the same or different.
따라서 본 발명의 실시 예는 단말이 상이한 cell/PDCP entity로 이동하는 경우 신규 보안키 필요성에 따라 아래와 같은 동작을 고려할 수 있다.Therefore, an embodiment of the present invention may consider the following operation according to the necessity of a new security key when the terminal moves to a different cell / PDCP entity.
1) 단말이 이전 anchor셀과 상이한 (different) cell/PDCP entity로 이동을 인지할 수 있도록 기지국이 전송하는 신규 indication message 설계 및 제어 신호 전송 절차를 포함하고1) a new indication message design and control signal transmission procedure transmitted by the base station so that the terminal can recognize movement to a different cell / PDCP entity different from the previous anchor cell;
2) 단말이 different cell/PDCP entity로 이동을 구분/탐지하는 동작 및2) the UE identifies / detects movement to different cell / PDCP entities; and
3) 이를 기반으로 Inactive(RRC_INACTIVE) 상태에서 data 전송 시 RRC signalling (RRC connection request, 혹은 RRC connection resume Request) 제어 신호가 필요한 경우를 구분하는 동작, security key를 적용하는 절차 및3) Based on this, distinguishing the case where RRC signaling (RRC connection request, or RRC connection resume Request) control signal is required when transmitting data in Inactive (RRC_INACTIVE) state, procedure to apply security key, and
4) 이에 따른 Data와 RRC signalling (RRC connection request, 혹은 RRC connection resume Request) 를 함께 전송하는 동작을 포함한다.4) This includes transmitting data and RRC signaling (RRC connection request, or RRC connection resume request) accordingly.
이때 RRC signalling (RRC connection request, 혹은 RRC connection resume Request) 는 UE_ID 및 MAC-I 를 포함한다. In this case, RRC signaling (RRC connection request, or RRC connection resume request) includes UE_ID and MAC-I.
또한 단말이 신규 보안키를 INACTIVE_count를 기반으로 derive하는 동작 및, 이 경우 해당 data + RRC signalling은 신규키 기반으로 ciphering 되고 integrity protection 되어 전송되며 MAC-I 와 INACTIVE_count를 포함하여 전송하는 동작을 포함한다.In addition, the terminal derives a new security key based on INACTIVE_count, and in this case, the corresponding data + RRC signaling is ciphered based on the new key, integrity protected, and includes an operation of transmitting MAC-I and INACTIVE_count.
본 발명의 다른 실시 예로 RRC signalling이 필요하지 않은 경우 Data를 DRB로 전송하는 동작을 포함한다. 이때는 Data전송을 위해 RRC resume을 표기하는 신규 MAC CE (MAC header) 포맷이 필요하다. 이는 아래의 같이 기존 MAC-CE에 추가하여 신규한 MAC-CE 포맷을 정의하여 해당정보를 전송하는 동작을 포함한다.Another embodiment of the present invention includes transmitting data to a DRB when RRC signaling is not needed. In this case, a new MAC CE (MAC header) format indicating RRC resume is required for data transmission. This includes the operation of transmitting corresponding information by defining a new MAC-CE format in addition to the existing MAC-CE as follows.
예를 들어 reserved bit인 (01011-11001) 중 하나의 비트 열을 선택하여 신규한 MAC-CE를 지시할 수 있다. 일 실시 예로 01011은 Inactive(RRC_INACTIVE) state 동안에 전송하는 UL data 전송을 표기하는 MAC CE로 동작하는 예를 포함한다. 여기에서 구체적인 index 번호는 변경 적용될 수 있다.For example, a new MAC-CE may be indicated by selecting one bit string from among reserved bits (01011-11001). According to an embodiment, 01011 includes an example of operating as a MAC CE indicating UL data transmission transmitted during an Inactive (RRC_INACTIVE) state. Herein, the specific index number may be changed.
Table. 신규 LCID for UL-SCHTable. New LCID for UL-SCH
Figure PCTKR2018001963-appb-I000001
Figure PCTKR2018001963-appb-I000001
UL data transmission in Inactive(RRC_INACTIVE) 의 해당 정보는 단말 및 기지국이 PDCCH(physical downlink control channel)를 연속 monitoring하는 window를 설정하고 대기하는 시간을 제어하는 동작을 포함한다.The corresponding information of UL data transmission in Inactive (RRC_INACTIVE) includes an operation of setting a window for continuously monitoring a physical downlink control channel (PDCCH) and waiting time for the terminal and the base station.
예를 들어 UL data transmission in Inactive(RRC_INACTIVE) 경우 이후 연달아 전송될 DL/UL 전송을 지원하기 위해 PDCCH를 monitoring하는 window를 설정하고 유지하는 동작을 포함한다. 이 경우 이전 UL data in Inactive(RRC_INACTIVE)에서 획득한 TA 정보나 BSR 정보 채널 CQI 정보 등을 reference하여 사용하는 방법을 포함한다.For example, in case of UL data transmission in Inactive (RRC_INACTIVE), it includes setting and maintaining a window for monitoring the PDCCH to support DL / UL transmission to be transmitted subsequently. In this case, the method includes a method of referring to TA information or BSR information channel CQI information acquired from previous UL data in Inactive (RRC_INACTIVE).
또 다른 일 실시 예로, 단말이 Inactive(RRC_INACTIVE) state에서 data 전송 시 UL data에 대한 ACK인지 DL data 전송인지를 구분하는 새로운 MAC header 포맷 (MAC CE) 를 아래와 같이 정의하고 해당 정보를 전송할 때 구분하여 전송하는 동작 및 이를 기반으로 단말 및 기지국이 PDCCH를 연속 monitoring하는 window를 설정하고 대기하는 시간을 제어하는 동작을 포함한다.In another embodiment, when a UE transmits data in an Inactive (RRC_INACTIVE) state, a new MAC header format (MAC CE) for identifying whether ACK or DL data transmission is transmitted for UL data is defined as follows, and when the corresponding information is transmitted, It includes the operation of transmitting and controlling the time for setting and waiting for a window for continuously monitoring the PDCCH by the terminal and the base station.
예를 들어 DL ACK for UL data in Inactive(RRC_INACTIVE)의 경우 짧은 PDCCH를 연속 monitoring하는 window를 설정하여 단말의 저전력 효율을 높이는 동작을 포함한다. For example, in the case of DL ACK for UL data in Inactive (RRC_INACTIVE), it includes an operation of increasing the low power efficiency of the UE by setting a window for continuously monitoring a short PDCCH.
Table. 신규 LCID for DL-SCHTable. New LCID for DL-SCH
Figure PCTKR2018001963-appb-I000002
Figure PCTKR2018001963-appb-I000002
본 발명의 다양한 실시 예에 따른 보안키 생성 및 적용을 위한 방법으로 아래와 같은 방법 및 동작이 고려될 수 있다.As a method for generating and applying a security key according to various embodiments of the present disclosure, the following method and operation may be considered.
Target 기지국이 anchor 기지국과 다를 때 동작하는 방법은 아래의 일 실시 예와 같이A method of operating when the target base station is different from the anchor base station is as shown in the following embodiment.
1) 신규 보안키를 생성하여 이를 기반으로 Target 기지국에서 UE_ID (예를 들어, Resume ID)를 포함하는 data를 deciphering할 수 있도록 처리하는 방법. 이때 anchor 기지국은 Target 기지국으로 신규 보안키 생성을 위한 보안키 관련 정보를 전송한다. 이때 NH(next hop key)를 MME로부터 할당 받아야 하는 부담이 (signalling 및 지연) 존재한다.1) A method for generating a new security key and deciphering data including UE_ID (eg, Resume ID) at the target base station based on the new security key. At this time, the anchor base station transmits security key related information for generating a new security key to the target base station. At this time, there is a burden (signalling and delay) to be allocated the next hop key (NH) from the MME.
단말이 이동하여 new PDCP entity 여부를 알 수 없는 경우에도 지속적으로 new security key로 전송할 경우, anchor 기지국은 Target 기지국으로 신규 보안키 생성을 위한 보안키 관련 정보를 전송하는 동작은 생략한다. 이 경우, counter, NH를 MME로부터 할당 받아야 하는 부담을 줄이기 위해 NCC(NG changing counter) 를 다시 낮추어 기존 보안키 (old)를 사용하는 방법을 포함한다.Even when the UE moves and the new PDCP entity is not known, the anchor base station omits the operation of transmitting the security key related information for generating the new security key to the target base station. In this case, to reduce the burden of having to allocate the counter and NH from the MME, the method includes using a security key (old) by lowering the NG changing counter (NCC) again.
2) 기존 보안 키를 기반으로 Target 기지국에서 anchor 기지국으로 encrypt된 Data 전체를 forwarding하여 Anchor 기지국(PDCP entity)을 경유하여 Core-network (S-GW)로 전송하는 방법2) Forwarding the entire encrypted data from the target base station to the anchor base station based on the existing security key and transmitting it to the Core-network (S-GW) via the anchor base station (PDCP entity).
anchor 기지국으로 encrypt된 Data 전체를 forwarding하므로 백홀 (X2, Xn등)의 자원으로 소진하며, Data가 Anchor 기지국(PDCP entity)을 경유하여 Core-network (S-GW)로 전송되므로 지연이 발생한다.anchor Because it forwards the entire encrypted data to the base station, it consumes resources of backhaul (X2, Xn, etc.), and delay occurs because data is transmitted to Core-network (S-GW) via Anchor base station (PDCP entity).
기존 보안키를 기반으로 Target 기지국에서 anchor 기지국으로 encrypt된 Data 전체를 forwarding하여 Anchor 기지국(PDCP entity)을 경유하는 경우When forwarding the entire encrypted data from the target base station to the anchor base station based on the existing security key, via the anchor base station (PDCP entity)
1) UE specific anchor를 지원하기 위해서는 UE_ID를 target기지국에서 deciphering 할 수 있어야 하므로, UE_ID에 적용될 보안키는 Target 기지국에서 anchor 기지국간 common하게 사용하여 해당 부분만 target에서 deciphering 가능하도록 동작한다. 1) In order to support UE specific anchor, UE_ID must be deciphered at target base station. Therefore, security key to be applied to UE_ID is commonly used between anchor base station at target base station so that only the corresponding part can be deciphered at target.
2) Network specific anchor를 지정하여 예를 들어 Network에서 설정하는 일정영역 (network-wise Paging area 혹은 tracking area)이내에 anchor 기지국을 고정하여 설정하고 해당 고정 anchor 기지국으로 Data 전체를 forwarding 할 수 있다.2) By specifying a network specific anchor, for example, the anchor base station can be fixed within a certain area (network-wise paging area or tracking area) set by the network, and forwarded to the fixed anchor base station as a whole.
일 실시 예로, 단말의 UE capability 에서 표기한 UE mobility type 정보에 따라, According to an embodiment, according to UE mobility type information indicated in UE capability of a terminal,
1) 고정형 단말의 경우 항상 anchor 기지국 이내에서 동작하므로 1) Fixed station always operates within anchor base station
1-1) 항상 old 보안키를 사용하여 전송하는 방법1-1) Always send using old security key
1-2) 항상 신규 보안키를 생성하여 전송하는 방법1-2) Always create and send new security key
2) 이동형 단말의 경우 anchor 기지국 변경이 가능하므로 PDCP entity정보를 알 수 없을 경우 2) In case of mobile terminal, it is possible to change anchor base station.
2-1) 항상 신규 보안키를 생성하여 사용하는 방법의 경우 Inactive(RRC_INACTIVE) 상태에서 data를 전송하기 위한 target 기지국은 기존 Anchor 기지국으로 data forwarding 없이 바로 core network (S-GW)로 data를 전송하는 동작2-1) In the case of always creating and using a new security key, a target base station for transmitting data in an Inactive (RRC_INACTIVE) state transmits data directly to a core network (S-GW) without data forwarding to an existing anchor base station. action
2-2) 항상 기존 보안키를 사용하여 전송하는 경우 Inactive(RRC_INACTIVE) 상태에서 data를 전송하기 위한 target 기지국은 기존 Anchor 기지국으로 encrypt된 Data 전체를 forwarding하여 Anchor 기지국을 경유하여 Core-network (S-GW)로 전송하는 방법2-2) In case of always transmitting by using existing security key, target base station for transmitting data in Inactive (RRC_INACTIVE) state forwards all encrypted data to existing anchor base station through Core-network (S- How to send to GW)
단말의 UE capability 에서 표기한 service type 정보에 따라 According to the service type information indicated in the UE capability of the terminal
3) Service type 이 delay tolerant 가 있는 경우 data forward에서 발생하는 지연이 QoS를 저하하지 않으므로 그리고/혹은 (and/or) heavy data traffic service type이 아닌 경우 anchor 기지국으로 encrypt된 Data 전체를 forwarding하므로 백홀 (X2, Xn 등)의 자원으로 소진이 적으므로3) If the service type is delay tolerant, the delay in data forward does not degrade QoS and / or forwards the entire encrypted data to the anchor base station if it is not (and / or) heavy data traffic service type. X2, Xn and so on)
3-1) 항상 old 보안키를 사용하여 target - anchor 기지국으로 forwarding하여 전송하는 방법3-1) Always forwarding to target-anchor base station using old security key
3-2) 항상 신규 보안키를 생성하여 전송하여 target - anchor 기지국으로 forwarding하여 전송하는 방법 3-2) A method of always creating and transmitting a new security key and forwarding it to the target- anchor base station for transmission.
4) 단말의 service 요구사항 (service type, use case, URLLC(ultra reliable low latency communication), eMBB(enhanced mobile broadband), mMTC(massive machine type communications)) 혹은 RAN(radio access network) slice 정보, network slice 정보, NSSAI(network slice selection assistance information) 를 포함하는 요구사항에 기반한 UE capacity에 기반하는 방법. 4) Service requirements of the terminal (service type, use case, ultra reliable low latency communication (URLLC), enhanced mobile broadband (eMBB), massive machine type communications (MMTC) or radio access network (RAN) slice information, network slice)) Information based on UE capacity based on requirements including network slice selection assistance information (NSSAI).
NSSAI는 단말에 해당되는 network slice 관련 정보이며, 해당 정보를 기지국에 전송하여 DRB configuration에 부가 정보로 사용할 수 있다.The NSSAI is network slice related information corresponding to the terminal and can be used as additional information in the DRB configuration by transmitting the corresponding information to the base station.
- delay 요구사항이 strict한 경우: data forward에서 발생하는 지연이 QoS를 저하하므로 If the delay requirement is strict: The delay in data forward degrades the QoS.
- 그리고/혹은 (and/or) heavy data traffic service type인 경우: And / or for heavy data traffic service type:
anchor 기지국으로 encrypt된 Data 전체를 forwarding하므로 백홀 (X2, Xn등)의 자원으로 소진이 심하므로anchor Because it is forwarding the entire encrypted data to the base station, it is exhausted with resources of backhaul (X2, Xn, etc.).
Target cell에서 anchor 기지국으로 Data forwarding 없이 data deciphering 및 CN (S-GW등) 으로 전송이 필요하므로 아래와 같은 동작을 포함하는 일 실시 예;One embodiment includes the following operations because data deciphering and CN (S-GW, etc.) are required without data forwarding from the target cell to the anchor base station;
본 발명의 실시 예에서 data deciphering은 ciphering, integrality protection 각각 혹은 모두를 포함하는 보안 키 적용 방법 및 deciphering 해석 방법을 포함한다.In an embodiment of the present invention, data deciphering includes a security key application method and a deciphering analysis method including each or all of ciphering and integrality protection.
이러한 동작은 UE capability 에 따라 차별적으로 적용하거나 혹은 모든 Inactive(RRC_INACTIVE) state 단말에 대해 적용하는 동작을 포함한다.This operation may include an operation applied differently according to UE capability or applied to all Inactive (RRC_INACTIVE) state terminals.
4-1) INACTIVE Data 전송을 위한 AS 보안키를 target 기지국과 anchor 기지국 간에 공통으로 적용하는 동작4-1) Operation of applying AS security key for INACTIVE Data transmission in common between target base station and anchor base station
- MME이내에서 공통 (Common)하게 적용하는 동작-Commonly applied operation within MME
- (RAN-based) Paging area (PA) 이내에서 공통으로 적용하는 동작-Common operation within the (RAN-based) paging area (PA)
. PA 영역이 Network에 대해 고정적인 경우. PA zone is fixed to the network
. PA 영역이 UE-specific 하게 동작하는 경우 . PA region is UE-specific
- (CN-based) Tracking area (TA) 이내에서 공통으로 적용하는 동작-Commonly applied within the (CN-based) tracking area (TA)
. TA 영역이 Network에 대해 고정적인 경우. TA zone is fixed to the network
. TA 영역이 UE-specific 하게 동작하는 경우 . TA area is UE-specific
5) CU-DU 구조에서 CU에 하나의 PDCP가 다수의 DU를 통합하므로 비교적 넓은 영역에서 DU가 변경되어도 동일한 DU를 사용하는 경우 동일 보안키를 사용하므로 이를 동일 PDCP 여부를 PCDP ID의 일부 비트만을 가지고 PDCP변경 여부를 indication 하는 방법5) Since one PDCP integrates multiple DUs in a CU in the CU-DU structure, even if the DU is changed in a relatively large area, the same security key is used when the same DU is used. How to indicate whether PDCP has been changed
- 예를 들어 1bit 혹은 3bit (8 sequence)의 indication으로 인접 CU와 구분하는 경우 넓은 CU coverage이내에서 대부분의 DU 변경은 CU 이내에서 발생한다.For example, in the case of distinguishing a neighboring CU with an indication of 1 bit or 3 bits (8 sequences), most DU changes occur within a CU within a wide CU coverage.
- CU (PDPC) 변경 시 보안 키를 업데이트 하는 방법을 포함한다.-Update the security key when the CU (PDPC) changes.
여기서 CU-DU에서 CU는 제어부, DU는 RF 관련 처리부로 PDCP는 CU에 위치하는 구조를 가정한다. RLC/MAC은 CU/DU에 위치할 수 있으며 PHY는 DU에 위치하는 것을 가정한다.In the CU-DU, a CU is a control unit, a DU is an RF related processing unit, and a PDCP is assumed to be located in a CU. RLC / MAC may be located in CU / DU and PHY is assumed to be located in DU.
용어 자체는 CU, DU 이외에 다양한 확장 버전을 포함하며 제어부와 RF의 분리 및 확장 구조에 대한 적용이 가능하다.The term itself includes various extended versions in addition to the CU and DU, and is applicable to the separation and extension structure of the control unit and the RF.
도 5는 본 발명의 일 실시 예에 따른 통신 시스템에서 단말이 Inactive(RRC_INACTIVE) state 에서 Data 전송 동작을 위한 보안키 생성 및 적용을 도시하는 도면이다.5 is a diagram illustrating a generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
도 5를 참조하면, RRC Connection suspend 전송 시 Enable PDCP_entity info와 INACTIVE counter를 전송하고 Network이 PDCP entity 정보 (ID나 ID의 일부)를 제공하는 하는 경우 이러한 Indication을 단말에게 전송하며, 이를 단말이 RRC INACTIVE로 천이되는 RRC Release (cause= suspend, connection suspend)에 표기하여 전송하는 방법과 이를 기반하여 신규 보안키 생성 여부를 고정하는 방법 (예를 들어 항상 신규 키, 혹은 항상 old키를 사용하는 방법)을 설명한다.Referring to FIG. 5, when the RRC connection suspend is transmitted, when the PDCP_entity info and INACTIVE counters are transmitted and the network provides PDCP entity information (part of ID or ID), this indication is transmitted to the UE, and the UE transmits the RRC INACTIVE. The RRC Release (cause = suspend, connection suspend) which is transitioned to, and the method of fixing the new security key based on this (e.g., always using new key or always old key) Explain.
도 5의 실시 예를 참고하면, Legacy RRC release message의 변경 없이 Enable PDCP_entity info와 INACTIVE counter을 전송하지 않거나, 신규 RRC connection suspend의 Enable PDCP_entity info와 INACTIVE counter을 NULL로 설정하여 동작하는 방법을 고려할 수 있다. 여기서 Enable PDCP_entity info는 PDCP_entity ID 정보를 단말에 전송하는지 여부를 indication하는 parameter로 PDCP_entity가 단말이 suspend 될 때 UE context를 저장한 Anchor PDCP와 동일한지 다른지를 판단하는 근거 (Criterion)로 이용될 수 있다. INACTIVE counter 는 PDCP_entity가 단말이 suspend 될 때 UE context를 저장한 Anchor PDCP와 달라지거나 혹은 변경을 알 수 없을 때, 신규 키를 생성하기 위한 보안 키 생성 관련 parameter이다.Referring to the embodiment of FIG. 5, a method of not transmitting the Enable PDCP_entity info and the INACTIVE counter without changing the legacy RRC release message or setting the Enable PDCP_entity info and the INACTIVE counter of the new RRC connection suspend to NULL may be considered. . Here, Enable PDCP_entity info is a parameter indicating whether PDCP_entity ID information is transmitted to the UE, and may be used as a criterion for determining whether PDCP_entity is the same as or different from the anchor PDCP storing the UE context when the UE is suspended. The INACTIVE counter is a security key generation related parameter for generating a new key when the PDCP_entity is different from the anchor PDCP storing the UE context or when the change is unknown when the terminal is suspend.
구체적으로 도 5를 참조하면, 이동 통신 시스템은 단말(505), 고정 셀 (anchor cell, 510), 새로운 셀 (new cell, 515) 및 코어네트워크 노드 (520)를 포함할 수 있다. 코어네트워크 노드(520)는 MME 및/또는 S-GW를 포함할 수 있다. 고정 셀(510)은 고정 기지국으로 명명할 수 있으며, 새로운 셀 (515)은 새로운 기지국으로 명명할 수도 있다. 셀의 송수신 동작은 셀에 대응하는 기지국의 송수신 동작으로 이해할 수 있다.Specifically, referring to FIG. 5, the mobile communication system may include a terminal 505, an anchor cell 510, a new cell 515, and a core network node 520. The core network node 520 may include an MME and / or an S-GW. The fixed cell 510 may be named a fixed base station, and the new cell 515 may be named a new base station. The transmission / reception operation of the cell may be understood as the transmission / reception operation of the base station corresponding to the cell.
531 동작에서 코어네트워크 노드(520)는 INACTVE 메시지를 고정 셀(510)에게 전송할 수 있다. 상기 INACTIVE 메시지는 INACTIVE_NH, INACTIVE_NCC를 포함할 수 있다. 상기 INACTIVE 메시지를 수신한 고정 셀(510)은 단말(505)에게 RRC 연결 중지 메시지(RRC connection suspend)를 전송할 수 있다(533 동작). 상기 RRC 연결 중지 메시지는 RRC connection suspend를 포함하는 RRC connection release 메시지 일 수 있으며, Enable PDCP_entity info=0, INACTIVE counter를 포함할 수 있다. PDCP_entity info=0의 경우 단말(505)에게 PDCP_entity ID 정보를 제공하지 않음을 지시할 수 있다.In operation 531, the core network node 520 may transmit an INACTVE message to the fixed cell 510. The INACTIVE message may include INACTIVE_NH and INACTIVE_NCC. The fixed cell 510 receiving the INACTIVE message may transmit an RRC connection suspend message to the terminal 505 (operation 533). The RRC connection stop message may be an RRC connection release message including an RRC connection suspend, and may include Enable PDCP_entity info = 0 and an INACTIVE counter. In case of PDCP_entity info = 0, it may indicate that the terminal 505 does not provide PDCP_entity ID information.
535 동작에서 단말(505)은 단말 컨텍스트(UE context)를 저장할 수 있다. UE context는 old key (A_KeNB), INACTIVE_counter 를 포함할 수 있다. 537 동작에서 고정 셀(510)은 단말 컨텍스트(UE context)를 저장할 수 있다. UE context는 old key (A_KeNB), INACTIVE_counter 를 포함할 수 있다.In operation 535, the terminal 505 may store a UE context. The UE context may include an old key (A_KeNB) and INACTIVE_counter. In operation 537, the fixed cell 510 may store a UE context. The UE context may include an old key (A_KeNB) and INACTIVE_counter.
539 동작에서 단말(505)는 새로운 셀 (515) 또는 새로운 기지국으로 이동할 수 있다. 단말(505)은 이동한 새로운 셀 (515)으로부터 시스템 정보, SRS 또는 RS 중 적어도 하나를 수신할 수 있다. 상기 시스템 정보, SRS 또는 RS 중 적어도 하나는 새로운 셀(515)의 PDCP entity ID를 포함할 수 있다(541 동작).In operation 539, the terminal 505 may move to a new cell 515 or a new base station. The terminal 505 may receive at least one of system information, SRS, or RS from the moved new cell 515. At least one of the system information, the SRS, or the RS may include the PDCP entity ID of the new cell 515 (operation 541).
543 동작에서 단말(505)이 전송할 상향링크 데이터가 발생할 수 있다. 545 동작에서 단말(505)은 INACTIVE counter를 증가 시킬 수 있다. 예를 들어, 카운터 값을 1 증가 시킬 수 있다. 547 동작에서 단말(505)은 새로운 보안 키(new security key (T_KeNB))를 유도하고, 이를 적용할 수 있다. 새로운 보안키는 상기 INACTIVE_counter로부터 유도/생성될 수 있다.In operation 543, the uplink data transmitted by the terminal 505 may be generated. In operation 545, the terminal 505 may increase the INACTIVE counter. For example, you can increase the counter value by one. In operation 547, the terminal 505 may derive a new security key (T_KeNB) and apply it. A new security key can be derived / generated from the INACTIVE_counter.
549 동작에서 단말(505)은 RRC 연결 재개 요청 메시지(RRC connection resume request)를 새로운 셀(515)에게 전송할 수 있다. 단말은 RRC 연결 재개 요청 메시지와 함께 상향링크 데이터 (UL data)를 전송할 수 있다. UL data는 UE ID 및/또는 Inactive counter를 포함할 수 있으며, 새로운 보안키(cyphered and integrity protected)로 암호화되어 있을 수 있다. 551 동작에서 새로운 셀(515)은 고정 셀 (510) 또는 고정 기지국을 식별할 수 있다. 새로운 셀(515)은 UE ID를 이용하여 고정 셀(510)을 식별할 수 있고, 상기 UE ID는 Resume ID 일 수 있다. Resume ID는 533 동작에서 단말(505)에게 제공될 수 있다. In operation 549, the UE 505 may transmit an RRC connection resume request message to the new cell 515. The UE may transmit uplink data (UL data) together with the RRC connection resumption request message. The UL data may include a UE ID and / or an inactive counter and may be encrypted with a new security key (cyphered and integrity protected). In operation 551, the new cell 515 may identify the fixed cell 510 or the fixed base station. The new cell 515 may identify the fixed cell 510 using the UE ID, which may be a Resume ID. The Resume ID may be provided to the terminal 505 in operation 533.
고정 셀(510)을 확인하면, 553 동작에서 새로운 셀(515)은 단말 컨텍스트 검색 요청 (Retrieve UE Context Request)을 고정 셀(510)에게 전송한다. 상기 단말 컨텍스트 검색 요청은 UE_ID를 포함할 수 있다. 555 동작에서 고정 셀(510)은 단말 컨텍스트 검색 응답 (Retrieve UE Context Response)을 새로운 셀(515)에게 전송한다. 상기 단말 컨텍스트 검색 응답은 T_KeNB, INACTIVE_NCC 를 포함할 수 있다. 557 동작에서 새로운 셀(515)은 단말 컨텍스트를 저장한다. 단말 컨텍스트는 고정 셀(510)로부터 수신한 새로운 보안키에 대한 정보(T_KeNB, INACITVE_NCC)를 포함할 할 수 있다.If the fixed cell 510 is identified, in operation 553, the new cell 515 transmits a UE Context Search request to the fixed cell 510. The terminal context search request may include a UE_ID. In operation 555, the fixed cell 510 transmits a UE Context Response to a new cell 515. The terminal context search response may include T_KeNB and INACTIVE_NCC. In operation 557, the new cell 515 stores the terminal context. The terminal context may include information (T_KeNB, INACITVE_NCC) about a new security key received from the fixed cell 510.
559 동작에서 새로운 셀(515)은 단말(505)에게 RRC 연결 응답 메시지(RRC connection response) 메시지를 전송한다. 상기 RRC 연결 응답 메시지는 resume/suspend 정보, ACK/NACK 정보를 포함할 수 있다. 561 동작에서 단말(505)은 새로운 셀(515)에게 RRC 연결 재설정 완료 메시지(RRC connection Reconfig Complete) 를 전송한다. 563 동작에서 새로운 셀(515)은 path switch request 메시지를 코어 네트워크 노드(520)에게 전송한다. 565 동작에서 코어 네트워크 노드(520)는 path switch response 메시지를 새로운 셀(515)에게 전송한다. 567 동작에서 새로운 셀(515)은 고정 셀(510)에게 컨텍스트 해제 (context release) 메시지를 전송한다.In operation 559, the new cell 515 transmits an RRC connection response message to the terminal 505. The RRC connection response message may include resume / suspend information and ACK / NACK information. In operation 561, the terminal 505 transmits an RRC connection reconfig complete message to the new cell 515. In operation 563, the new cell 515 sends a path switch request message to the core network node 520. In operation 565, the core network node 520 sends a path switch response message to the new cell 515. In operation 567, the new cell 515 transmits a context release message to the fixed cell 510.
도 6은 본 발명의 실시 예에 따른 통신 시스템에서 RRC release (cause = suspend) 혹은 RRC connection suspend 전송 시 Enable PDCP_entity info와 INACTIVE counter를 전송하는 RRC field 를 예시하는 도면이다.6 is a diagram illustrating an RRC field for transmitting an Enable PDCP_entity info and an INACTIVE counter when transmitting an RRC release (cause = suspend) or an RRC connection suspend in a communication system according to an embodiment of the present invention.
본 발명의 실시 예에서 보안키 생성 및 적용을 위한 PDCP_entity에 관한 정보는 RRC release message에 (RRC Connection suspend) 전송 시 신규 필드로 Enable PDCP_entity info와 INACTIVE counter를 전송하고, PDCP entity 정보 관련하여 Enable PDCP_entity info = 1인 경우, 이를 단말을 RRC INACTIVE로 천이시키기 위한 RRC connection suspend에 포함하여 전송할 수 있다.In the embodiment of the present invention, the PDCP_entity information for generating and applying the security key transmits an Enable PDCP_entity info and an INACTIVE counter as a new field when transmitting (RRC Connection suspend) in an RRC release message, and enables PDCP_entity info in relation to PDCP entity information. = 1, this may be transmitted in an RRC connection suspend for transitioning the terminal to RRC INACTIVE.
- PDCP_entity_Indication인 경우, Network이 PDCP entity 정보를 제공하는 것을 indication하는 동작 If PDCP_entity_Indication, indicates that the network provides PDCP entity information.
- PDCP_entity_blind인 경우, 해당 Network이 PDCP entity 정보와 상관없이 동작 가능함을 indication하는 동작-In case of PDCP_entity_blind, it indicates that the network can operate regardless of PDCP entity information.
- NULL: 해당 Network이 PDCP entity 정보를 제공하지 않는 것을 indication하는 동작NULL: indicates that the network does not provide PDCP entity information.
이러한 Enable PDCP_entity info 정보에 기반하여Based on this Enable PDCP_entity info information
만약 Enable PDCP_entity info = PDCP_entity_Indication인 경우, Network이 PDCP entity 정보를 제공하는지 여부를 단말 및 기지국이 알 수 있으며, 이를 기반으로 PDCP entity의 ID 관련 정보를 전송하는 방법으로 ID 자체를 System Information (mandatory or on-demand SI)를 통하여 Data로 전송하는 방법, 무선자원 (TTI 등의 시간, subcarrier 등의 주파수, Beam index 등의 공간, scrambling sequence 등의)에 맵핑하여 PDCP entity의 ID 관련 정보를 단말에 알려주는 방법을 포함한다. If Enable PDCP_entity info = PDCP_entity_Indication, the UE and the base station can know whether the network provides PDCP entity information.Based on this, the ID itself can be transmitted as System Information (mandatory or on). Method of transmitting as data through -demand SI, mapping to radio resources (time of TTI, frequency of subcarrier, space such as beam index, scrambling sequence, etc.) to inform the terminal of ID information of PDCP entity It includes a method.
단말은 해당 PDCP_entity_method를 기반으로 PDCP entity의 ID 관련 정보를 수신하고 이를 기반으로 적용할 보안키의 NCC 값을 그대로 사용할 것인지 NCC+ 하여 신규 보안키를 생성할 것인지를 판단하고 해당 보안키를 적용하여 Inactive (RRC_Inactive) state 에서 data 전송을 수행할 수 있다.The terminal receives ID related information of the PDCP entity based on the corresponding PDCP_entity_method and determines whether to use the NCC value of the security key to be applied as it is or whether to generate a new security key by NCC + and apply the corresponding security key to Inactive ( RRC_Inactive) state can transmit data.
또한 RRC release message에 (RRC Connection suspend) 전송 시에 Inactive_counter등의 inactive data 전송에 적용할 보안키 정보를 전송한다. 보안키는 cell specific 하거나 혹은 MME/PA/TA 혹은 cell list 기반하여 configure 된 영역 이내에서 Inactive(RRC_INACTIVE) state 용도로 common 할 수 있다.In addition, when the RRC release message (RRC Connection suspend) is transmitted, security key information to be applied to inactive data transmission such as Inactive_counter is transmitted. The security key can be common for the Inactive (RRC_INACTIVE) state within cell-specific or configured areas based on MME / PA / TA or cell list.
Connected_key는 해당 gNB가 connected상태에서 사용하는 보안키를 사용하는 동작 및 보안키 관련 정보를 전송하는 동작이고, Inactive_Key 해당 gNB가 connected상태에서 사용하는 보안키와 별도로 Inactive(RRC_INACTIVE) 상태에서 사용하는 보안키 관련 정보를 전송하는 동작이며, NULL은 해당 Network에서 별도 보안키 관련 정보를 전송할 필요가 없는 경우를 지시한다. Connected_key is an operation that uses the security key used by the corresponding gNB and transmits the security key related information.Inactive_Key A security key used in the Inactive (RRC_INACTIVE) state separately from the security key used by the gNB in the connected state. This is an operation for transmitting related information, and NULL indicates that there is no need to transmit security key related information in a corresponding network.
일실 시 예로 (CU-DU) 구조에서 CU에서 동작하는 PDCP entity가 공통된 coverage 영역이 커서 신규 보안키가 필요하지 않은 경우, 단말이 serving (anchor) 기지국 (cell, PDCP entity) 이내에서만 inactive data를 전송하는 동작을 수행하고, 해당 serving (anchor) 기지국 (cell, PDCP entity) 밖으로 이동하는 경우에는 connected 상태로 천이한 이후 보안키를 업데이트 하는 동작을 수행한다. 이때 RRC connection request 혹은 RRC resume request는 NAS security를 적용하고, 이로 인해 Inactive(RRC_INACTIVE) 상태에서 보안키 update가 필요하지 않음을 indication 할 수 있다. For example, if a new security key is not needed because the coverage area common to the PDCP entity operating in the CU is large in a (CU-DU) structure, the UE transmits inactive data only within a serving (anchor) base station (cell, PDCP entity). If the mobile station moves out of the serving (anchor) base station (cell, PDCP entity), it performs an operation of updating the security key after the transition to the connected state. In this case, the RRC connection request or the RRC resume request applies NAS security, thereby indicating that the security key update is not necessary in the Inactive (RRC_INACTIVE) state.
이러한 CU-DU구조에서 cell에 대응하는 기지국간에 제어 신호에서 PDCP Change Indication 을 표기하는 방법을 포함한다. In this CU-DU structure, a method for indicating PDCP Change Indication in a control signal between base stations corresponding to a cell is included.
PDCP Change Indication은 단말이 이동하여 RRC connection을 요청하는 혹은 Cell addition 혹은 Handover하는 해당 DU/해당 cell에 대한 PDCP 정보를 지시한다.PDCP Change Indication indicates the PDCP information for the corresponding DU / corresponding cell that the UE moves to request an RRC connection or add or handover to a cell.
PDCP Change Indication IE (information element)PDCP Change Indication IE (information element)
Figure PCTKR2018001963-appb-I000003
Figure PCTKR2018001963-appb-I000003
즉, (RRC connection, Cell addition, Handover) 등으로 단말이 새로 접속하는 5G 기지국 gNB에서 사용할 보안키를 신규로 업데이트 해야 하는지를 ‘KgNB update required’’ 필드로 지시한다. 또한 RRC connection, Cell addition, Handover) 등으로 단말이 새로 접속하는 5G 기지국 gNB에서 PDCP recovery를 수행해야 하는지 여부를 ‘PDCP data recovery required‘ 필드로 알려준다.That is, the terminal indicates whether a new security key to be used by the 5G base station gNB newly accessed by the UE through (RRC connection, cell addition, handover), etc. is indicated by a field 'KgNB update required'. In addition, the terminal informs whether the PDCP recovery should be performed in the newly-connected 5G base station gNB through RRC connection, cell addition, handover), etc. as a 'PDCP data recovery required' field.
도 7은 본 발명의 실시 예에 따른 통신 시스템에서 단말이 Inactive(RRC_INACTIVE) state 에서 Data 전송 동작을 위한 보안키 생성 및 적용을 도시하는 도면이다. FIG. 7 illustrates generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state in a communication system according to an exemplary embodiment of the present invention.
도 7을 참조하면, RRC Connection suspend 전송 시 Enable PDCP_entity info와 INACTIVE counter를 전송하고, Network이 PDCP entity 정보를 제공하고 Enable PDCP_entity info = 1인 경우, 이를 단말이 RRC INACTIVE로 천이되는 RRC connection suspend에 표기하여 전송하는 방법과, 이때 Inactive_counter 등의 inactive data 전송에 적용할 보안키 정보를 전송하는 방법을 설명한다. 보안키는 앞서 기술한 바와 같이 cell specific 하거나 혹은 MME/PA/TA 혹은 cell list 기반하여 configure 된 영역 이내에서 Inactive(RRC_INACTIVE) state 용도로 common 할 수 있다.Referring to FIG. 7, when the RRC connection suspend is transmitted, the enable PDCP_entity info and INACTIVE counters are transmitted, and when the network provides PDCP entity information and Enable PDCP_entity info = 1, this is indicated on the RRC connection suspend where the UE transitions to RRC INACTIVE. And a method of transmitting security key information to be applied to inactive data transmission such as Inactive_counter. The security key may be common for the purpose of Inactive (RRC_INACTIVE) state within the region specific to the cell specific or configured based on MME / PA / TA or cell list as described above.
도 7의 실시 예에서는 단말이 신규 보안키 생성 여부를 결정하는 방법 (PDCP_entity 변경 시 신규키 생성 및 적용 동작) 및 해당 보안키를 전송할 DATA, UE_ID (예를 들어 resume_ID, S-TMSI(SAE-temporary mobile subscriber identity), T-RNTI 등) 을 encryption하여 전송하는 방법 및 신규 기지국이 해당 data를 수신하여 target에서 (보안 키 복호 및 CN (S-GW)로 전송) 처리를 할 것인지 Anchor cell로 forwarding을 수행할 것인지 결정하는 동작 및 해당 결정을 위한 신규 UE 전송 필드를 추가하는 방법을 제공한다. In the embodiment of FIG. 7, the UE determines whether to generate a new security key (operation of generating and applying a new key when PDCP_entity is changed), and DATA, UE_ID (eg resume_ID, S-TMSI (SAE-temporary) to transmit the corresponding security key. mobile subscriber identity), T-RNTI, etc.) and the new base station receives the data and processes the data at the target (security key decoding and CN (S-GW)) or forwarding to the anchor cell. An operation of determining whether to perform and a method of adding a new UE transmission field for the determination are provided.
예를 들어, RRC connection request (RRC resume request) 에 anchor 기지국으로 forwarding 필요 여부, old key 사용 여부 등을 indication하는 비트를 추가하여 전송하는 방법MAC header에 신규 MAC CE format으로 anchor 기지국으로 forwarding 필요 여부, old key 사용 여부 등을 indication하는 비트를 추가하여 전송하는 방법별도의 anchor 기지국으로 forwarding 필요 여부 없이 target 기지국이 보안 키 복호 및 CN (S-GW)로 data 전송을 시도한 후, 보고에 실패하면 Anchor cell로 forwarding을 수행하는 방법을 포함한다.For example, a method of transmitting an RRC connection request (RRC resume request) by adding a bit indicating whether forwarding is necessary to an anchor base station or whether an old key is used or not is forwarded to an anchor base station in a new MAC CE format. Method to add bit indicating whether old key is used or not and send Anchor cell if target base station tries to transmit data to security key decoding and CN (S-GW) without forwarding to another anchor base station. It includes how to perform forwarding.
도 7를 참조하면, 이동 통신 시스템은 단말(705), 고정 셀 (anchor cell, 710), 새로운 셀 (new cell, 715) 및 코어네트워크 노드 (720)를 포함할 수 있다. 코어네트워크 노드(720)는 MME 및/또는 S-GW를 포함할 수 있다. Referring to FIG. 7, the mobile communication system may include a terminal 705, an anchor cell 710, a new cell 715, and a core network node 720. Core network node 720 may include an MME and / or an S-GW.
731 동작에서 코어네트워크 노드(520)는 INACTVE 메시지를 고정 셀(710)에게 전송할 수 있다. 상기 INACTIVE 메시지는 INACTIVE_NH, INACTIVE_NCC를 포함할 수 있다. 상기 INACTIVE 메시지를 수신한 고정 셀(710)은 단말(705)에게 RRC 연결 중지 메시지(RRC connection suspend)를 전송할 수 있다(733 동작). 상기 RRC 연결 중지 메시지는 RRC connection suspend를 포함하는 RRC connection release 메시지 일 수 있으며, Enable PDCP_entity info=1, INACTIVE counter를 포함할 수 있다. PDCP_entity info=1의 경우 단말(505)에게 PDCP_entity ID 정보를 제공하는 것을 지시할 수 있다.In operation 731, the core network node 520 may transmit an INACTVE message to the fixed cell 710. The INACTIVE message may include INACTIVE_NH and INACTIVE_NCC. The fixed cell 710 receiving the INACTIVE message may transmit an RRC connection suspend message to the terminal 705 (operation 733). The RRC connection stop message may be an RRC connection release message including an RRC connection suspend, and may include Enable PDCP_entity info = 1 and an INACTIVE counter. In the case of PDCP_entity info = 1, it may be instructed to provide the PDCP_entity ID information to the terminal 505.
735 동작에서 단말(705)은 단말 컨텍스트(UE context)를 저장할 수 있다. UE context는 old key (A_KeNB), INACTIVE_counter 를 포함할 수 있다. 737 동작에서 고정 셀(710)은 단말 컨텍스트(UE context)를 저장할 수 있다. UE context는 old key (A_KeNB), INACTIVE_counter 를 포함할 수 있다.In operation 735, the terminal 705 may store a UE context. The UE context may include an old key (A_KeNB) and INACTIVE_counter. In operation 737, the fixed cell 710 may store a UE context. The UE context may include an old key (A_KeNB) and INACTIVE_counter.
739 동작에서 단말(705)은 새로운 셀 (515) 또는 새로운 기지국으로 이동할 수 있다. 단말(705)은 이동한 새로운 셀 (715)으로부터 시스템 정보, SRS 또는 RS 중 적어도 하나를 수신할 수 있다. 상기 시스템 정보, SRS 또는 RS 중 적어도 하나는 새로운 셀(715)의 PDCP entity ID를 포함할 수 있다(741 동작).In operation 739, the terminal 705 may move to a new cell 515 or a new base station. The terminal 705 may receive at least one of system information, SRS, or RS from the moved new cell 715. At least one of the system information, the SRS or the RS may include the PDCP entity ID of the new cell 715 (operation 741).
743 동작에서 단말(705)이 전송할 상향링크 데이터가 발생할 수 있다. 744 동작에서 단말(705)은 PDCP entity가 다른지 여부를 확인한다. 즉, 단말(705)은 733 동작에서 메시지를 전송한 셀의 PDCP entity와 현재 이동한 셀의 PDCP entity 가 다른지 여부를 확인한다. 만약 PDCP entity가 다른 경우 745 동작으로 진행한다. 745 동작에서 단말(705)은 INACTIVE counter를 증가 시킬 수 있다. 예를 들어, 카운터 값을 1 증가 시킬 수 있다. 747 동작에서 단말(705)은 새로운 보안 키(new security key (T_KeNB))를 유도하고, 이를 적용할 수 있다. 새로운 보안키는 상기 INACTIVE_counter로부터 유도/생성될 수 있다.In operation 743, the uplink data transmitted by the terminal 705 may be generated. In operation 744, the terminal 705 checks whether the PDCP entity is different. That is, in operation 733, the terminal 705 checks whether the PDCP entity of the cell transmitting the message is different from the PDCP entity of the currently moved cell. If the PDCP entity is different, the operation proceeds to operation 745. In operation 745, the terminal 705 may increase the INACTIVE counter. For example, you can increase the counter value by one. In operation 747, the terminal 705 may derive a new security key (T_KeNB) and apply it. A new security key can be derived / generated from the INACTIVE_counter.
749 동작에서 단말(705)은 RRC 연결 재개 요청 메시지(RRC connection resume request)를 새로운 셀(715)에게 전송할 수 있다. 단말은 RRC 연결 재개 요청 메시지와 함께 상향링크 데이터 (UL data)를 전송할 수 있다. UL data는 UE ID 및/또는 Inactive counter를 포함할 수 있으며, 새로운 보안키(cyphered and integrity protected)로 암호화되어 있을 수 있다. 또한, 상기 RRC 연결 재개 요청 메시지는 고정 셀 (710)로 상기 UL data를 포워딩 하는 것이 필요한지 여부를 나타내는 정보, old key 사용 여부를 지시하는 정보를 포함할 수 있다. MAC header에 신규 MAC CE 포맷에 상기 UL data의 포워딩이 필요한지 여부를 지시하는 정보 또는 old key 사용 여부를 지시하는 정보의 비트를 추가할 수 있다. 또한, 지시자와 무관하게 새로운 셀(715)이 UL data를 코어 네트워크 노드(720)로 전송하는 것을 시도하고, 실패한 경우에 고정 셀(710)로 포워딩할 수도 있다.In operation 749, the UE 705 may transmit an RRC connection resume request message to the new cell 715. The UE may transmit uplink data (UL data) together with the RRC connection resumption request message. The UL data may include a UE ID and / or an inactive counter and may be encrypted with a new security key (cyphered and integrity protected). The RRC connection resumption request message may include information indicating whether to forward the UL data to the fixed cell 710 and information indicating whether to use an old key. A bit of information indicating whether forwarding of the UL data is required or a bit indicating information indicating whether to use an old key may be added to a new MAC CE format. In addition, regardless of the indicator, the new cell 715 may attempt to send UL data to the core network node 720 and forward to the fixed cell 710 if it fails.
751 동작에서 새로운 셀(715)은 고정 셀 (710) 또는 고정 기지국을 식별할 수 있다. 새로운 셀(715)은 UE ID를 이용하여 고정 셀(710)을 식별할 수 있고, 상기 UE ID는 Resume ID, S-TMSI, T-RNTI 중 적어도 하나 일 수 있다. Resume ID는 733 동작에서 단말(705)에게 제공될 수 있다. In operation 751, the new cell 715 may identify the fixed cell 710 or the fixed base station. The new cell 715 may identify the fixed cell 710 using the UE ID, which may be at least one of Resume ID, S-TMSI, and T-RNTI. The Resume ID may be provided to the terminal 705 in operation 733.
고정 셀(710)을 확인하면, 753 동작에서 새로운 셀(715)은 단말 컨텍스트 검색 요청 (Retrieve UE Context Request)을 고정 셀(710)에게 전송한다. 상기 단말 컨텍스트 검색 요청은 UE_ID를 포함할 수 있다. 755 동작에서 고정 셀(710)은 단말 컨텍스트 검색 응답 (Retrieve UE Context Response)을 새로운 셀(715)에게 전송한다. 상기 단말 컨텍스트 검색 응답은 T_KeNB, INACTIVE_NCC 를 포함할 수 있다. 757 동작에서 새로운 셀(715)은 단말 컨텍스트를 저장한다. 단말 컨텍스트는 고정 셀(710)로부터 수신한 새로운 보안키에 대한 정보(T_KeNB, INACITVE_NCC)를 포함할 할 수 있다.If the fixed cell 710 is identified, in operation 753, the new cell 715 transmits a UE Context Search request to the fixed cell 710. The terminal context search request may include a UE_ID. In operation 755, the fixed cell 710 transmits a UE Context Response to a new cell 715. The terminal context search response may include T_KeNB and INACTIVE_NCC. In operation 757, the new cell 715 stores the terminal context. The terminal context may include information (T_KeNB, INACITVE_NCC) about a new security key received from the fixed cell 710.
759 동작에서 새로운 셀(715)은 단말(705)에게 RRC 연결 응답 메시지(RRC connection response) 메시지를 전송한다. 상기 RRC 연결 응답 메시지는 resume/suspend 정보, ACK/NACK 정보를 포함할 수 있다. 761 동작에서 단말(705)는 새로운 셀(715)에게 RRC 연결 재설정 완료 메시지(RRC connection Reconfig Complete) 를 전송한다. 763 동작에서 새로운 셀(715)은 path switch request 메시지를 코어 네트워크 노드(720)에게 전송한다. 765 동작에서 코어 네트워크 노드(720)는 path switch response 메시지를 새로운 셀(715)에게 전송한다. 767 동작에서 새로운 셀(715)은 고정 셀(710)에게 컨텍스트 해제 (context release) 메시지를 전송한다.In operation 759, the new cell 715 transmits an RRC connection response message to the terminal 705. The RRC connection response message may include resume / suspend information and ACK / NACK information. In operation 761, the terminal 705 transmits an RRC connection reconfig complete message to the new cell 715. In operation 763, the new cell 715 transmits a path switch request message to the core network node 720. In operation 765, the core network node 720 transmits a path switch response message to the new cell 715. In operation 767, the new cell 715 transmits a context release message to the fixed cell 710.
도 8은 본 발명의 실시 예에 따른 통신 시스템에서 전송하고 Network이 PDCP entity 정보를 제공하는 경우, 해당 정보의 표기 예시를 보여주는 도면이다.8 is a diagram illustrating an example of notation of corresponding information when a communication system transmits PDCP entity information in a communication system according to an embodiment of the present invention.
도 3에서 예시하는 바와 같이 단말이 이동할 때 Cell관련 정보만 System information등을 통해 broadcasting 되면 단말은 기지국의 PDCP entity정보를 알 수 없다. 따라서, 본 발명의 실시 예에서는 기지국이 해당 단말에게 PDCP entity 정보를 추가로 전송하는 방법을 제공한다. 도 8의 810과 같이 기존 cell ID (PCell ID)등에 추가 필드로 PDCP entity의 전체 ID나 혹은 tracking area 혹은 Paging area 이내에 Unique하게 정의된 PDCP entity의 ID를 추가로 전송하는 방법이 있을 수 있으며, 도 8의 820 과 같이 기존 cell ID 등에 추가 필드로 PDCP entity 의 일부 정보를 포함할 수도 있다.As illustrated in FIG. 3, when only the UE-related information is broadcasted through system information, the UE cannot know PDCP entity information of the base station. Accordingly, an embodiment of the present invention provides a method for the base station to further transmit PDCP entity information to the corresponding terminal. As shown in 810 of FIG. 8, there may be a method of additionally transmitting the entire ID of the PDCP entity or the ID of the PDCP entity uniquely defined within the tracking area or the paging area as an additional field in addition to the existing cell ID (PCell ID). As shown in 820 of 8, some information of the PDCP entity may be included as an additional field in an existing cell ID.
CU-DU 구조에서 CU에 하나의 PDCP가 다수의 DU를 통합하므로 비교적 넓은 영역에서 DU가 변경되어도 동일한 DU를 사용하는 경우 동일 보안키를 사용한다. 이 경우 동일 PDCP 인지 여부를 PCDP ID의 일부 비트만을 이용해 지시할 수 있고, 이를 통해 PDCP변경 여부를 지시할 수 있다.In the CU-DU structure, since one PDCP integrates multiple DUs in a CU, the same security key is used when the same DU is used even if the DU is changed in a relatively wide area. In this case, whether or not the same PDCP can be indicated using only some bits of the PCDP ID, and through this, it can be indicated whether to change the PDCP.
예를 들어 1bit 혹은 3bit (8 sequence)의 indication으로 인접 CU와 구분하는 경우 넓은 CU coverage 이내에서 대부분의 DU 변경은 동일 CU 이내에서 발생한다. 따라서 CU의 변경 없이 DU 만 변경되는 경우에는 보안키를 업데이트 하지 않고, CU (PDPC entity) 변경 시 보안키를 업데이트 하는 방법을 포함한다.For example, when distinguishing from neighboring CUs by indication of 1 bit or 3 bits (8 sequences), most DU changes occur within the same CU within a wide CU coverage. Therefore, when only the DU is changed without changing the CU, it does not update the security key, but includes a method of updating the security key when the CU (PDPC entity) is changed.
이러한 PDCP entity의 ID 관련 정보를 전송하는 방법으로 ID 자체를 System Information (mandatory or on-demand SI)를 통하여 Data로 전송하는 방법, 무선자원 (TTI등의 시간, subcarrier 등의 주파수, Beam index 등의 공간, scrambling sequence등의) 맵핑하여 PDCP entity의 ID 관련 정보를 단말에 알려주는 방법을 사용할 수 있다. (system information으로 전송하는 방법, 해당 정보를 common SI로 주기적으로 전송하는 방법, On demand SI로 전송하는 방법, Synchronization signal 을 통해 전송하는 방법, PSS를 통해 전송하는 방법, SSS를 통해 전송하는 방법, Reference signal (RS), CRS를 통해 전송하는 방법, DMRS 를 통해 전송하는 방법, BRS 를 통해 전송하는 방법, aRS를 통해 전송하는 방법) As a method of transmitting ID related information of PDCP entity, the ID itself is transmitted as data through system information (mandatory or on-demand SI), radio resources (time of TTI, frequency of subcarrier, beam index, etc.). It is possible to use a method of informing the terminal of ID information of the PDCP entity by mapping the space, a scrambling sequence, etc.). (How to send system information, How to send the information periodically to common SI, How to send on demand SI, How to send via synchronization signal, How to send via PSS, How to send via SSS, Reference signal (RS), how to transmit via CRS, how to transmit via DMRS, how to transmit via BRS, how to transmit via aRS)
도 9는 본 발명의 실시 예에 따른 통신 시스템에서 단말이 INACTIVE state 에서 Data 전송 동작을 위한 보안키 생성 및 적용을 도시하는 도면이다.RRC Connection suspend 전송시 Enable PDCP_entity info와 INACTIVE counter를 전송하고 Network이 PDCP entity 정보를 제공하는 경우, Enable PDCP_entity info = 1인 경우, 이를 단말이 RRC INACTIVE로 천이되는 RRC connection suspend에 표기하여 전송하는 방법과 이를 기반하여 신규 보안키 생성 여부를 결정하는 방법 (PDCP_entity 변경시 Inactive_Conter 기반으로 신규키 생성하는 동작의 과정에서 신규 보안키를 생성하는 방법을 도시한다. 다시 말하면, 저장한 UE context에 포함된 old key (A_KeNB), INACTIVE_counter 를 입력값으로 PDCP_entity가 변경되었는지 여부에 따라 신규 키 생성 여부를 결정한다.FIG. 9 is a diagram illustrating a generation and application of a security key for a data transmission operation in an INACTIVE state in a communication system according to an embodiment of the present invention. When a RRC connection suspend is transmitted, an Enable PDCP_entity info and an INACTIVE counter are transmitted. In case of providing PDCP entity information, when Enable PDCP_entity info = 1, a method of transmitting this by marking the RRC connection suspend which is transitioned to RRC INACTIVE and transmitting a new security key based on this method (when PDCP_entity is changed) A method of generating a new security key in the process of generating a new key based on Inactive_Conter, ie, depending on whether the PDCP_entity has been changed using the old key (A_KeNB) and INACTIVE_counter included in the stored UE context as input values. Determine whether to generate a new key.
즉, PDCP_entity가 동일한 경우 Inactive counter를 증가 시키지 않고 기존 old key를 사용하는 동작 및 PDCP_entity가 변경된 경우 Inactive counter를 증가시켜 기존 old key를 기반으로 신규 new key를 생성하는 동작을 포함한다. That is, if the PDCP_entity is the same, the operation includes using an existing old key without increasing the inactive counter, and generating a new new key based on the existing old key by increasing the inactive counter when the PDCP_entity is changed.
또한, PDCP_entity를 명시적으로 지시하지 않은 경우에 기지국 설정 혹은 단말 설정에 따라 In addition, when PDCP_entity is not explicitly indicated, according to the base station configuration or the terminal configuration
RRC_Inactive에서 RRC_Connected 상태로 천이하는 RRC connection request 및 RACH 동작 시에 항상 Inactive counter를 증가 시키지 않고 기존 old key를 사용하는 동작을 포함한다. RRC connection request and RACH transition from RRC_Inactive to RRC_Connected state include the operation of using the old key without increasing the inactive counter at all times.
또한, PDCP_entity를 명시적으로 지시하지 않은 경우에 기지국 설정 혹은 단말 설정에 따라 RRC_Inactive에서 RRC_Connected 상태로 천이하는 RRC connection request 및 RACH 동작 시에 항상 Inactive counter를 증가시켜 기존 old key를 기반으로 신규 new key를 생성하는 동작을 포함한다. In addition, when the PDCP_entity is not explicitly instructed, the Inactive counter is always increased during the RRC connection request and the RACH operation that transitions from the RRC_Inactive to the RRC_Connected state according to the base station configuration or the terminal configuration. It includes the operation of generating.
또 다른 일실시 예로, 본 발명은, RRC_connected에서 사용할 보안키와 RRC INACTIVE 상태에서 사용할 보안키를 분리하여 사용하는 방법을 포함한다.본 발명의 실시 예에서 INACTIVE Data 전송을 위한 AS(access stratum) 보안키를 target 기지국과 anchor 기지국 간에 공통으로 적용할 수 있다.In another embodiment, the present invention includes a method of separating and using a security key to be used in RRC_connected and a security key to be used in an RRC INACTIVE state. In an embodiment of the present invention, an access stratum (AS) security for INACTIVE data transmission is used. The key can be applied in common between the target base station and the anchor base station.
- 동일한 MME 내에서 공통 (Common)하게 적용하는 동작Common operation within the same MME
- 동일한 (RAN-based) Paging area (PA) 내에서 공통으로 적용하는 동작 (PA 영역이 Network에 대해 고정적인 경우, PA 영역이 UE-specific 하게 동작하는 경우) -Common operation within the same (RAN-based) paging area (PA) (when the PA area is fixed to the network and the PA area is UE-specific)
- 동일한 (CN-based) Tracking area (TA) 내에서 공통으로 적용하는 동작 (TA 영역이 Network에 대해 고정적인 경우, TA 영역이 UE-specific 하게 동작하는 경우) -Commonly applied within the same (CN-based) tracking area (TA) (when the TA area is fixed to the network and the TA area is UE-specific).
도 10은 본 발명의 일 실시 예에 따른 통신 시스템에서 단말이 Inactive(RRC_INACTIVE) state 에서 Data 전송 동작을 위한 보안키 생성 및 적용을 도시하는 도면이다. FIG. 10 illustrates generation and application of a security key for a data transmission operation in an Inactive (RRC_INACTIVE) state in a communication system according to an embodiment of the present invention.
도 10은 RRC Connection suspend 전송 시 Enable PDCP_entity info와 INACTIVE counter를 전송하고, Network이 PDCP entity 정보를 제공하고 Enable PDCP_entity info = 1인 경우, 이를 단말이 RRC INACTIVE로 천이되는 RRC connection suspend에 표기하여 전송하는 방법과 이를 기반하여 신규 보안키 생성 여부를 결정하는 방법에 관한 것이다.FIG. 10 transmits an Enable PDCP_entity info and an INACTIVE counter when transmitting an RRC Connection suspend, and if the Network provides PDCP entity information and Enable PDCP_entity info = 1, the terminal indicates this to an RRC connection suspend that is transitioned to RRC INACTIVE and transmits it. The present invention relates to a method and a method of determining whether to generate a new security key based on the method.
도 10의 실시 예는 이동한 셀의 PDCP_entity가 동일할 경우 기존 키를 적용하는 동작 및 RRC connection response 에 DL ACK/NACK을 전송하는 방법을 포함한다.The embodiment of FIG. 10 includes an operation of applying an existing key when the PDCP_entity of the moved cell is the same and a method of transmitting a DL ACK / NACK in an RRC connection response.
도 10를 참조하면, 이동 통신 시스템은 단말(1005), 고정 셀 (anchor cell, 1010), 새로운 셀 (new cell, 1015) 및 코어네트워크 노드 (1020)를 포함할 수 있다. 코어네트워크 노드(1020)는 MME 및/또는 S-GW를 포함할 수 있다. Referring to FIG. 10, a mobile communication system may include a terminal 1005, an anchor cell 1010, a new cell 1015, and a core network node 1020. The core network node 1020 may include an MME and / or an S-GW.
1031 동작에서 코어네트워크 노드(1020)는 INACTVE 메시지를 고정 셀(710)에게 전송할 수 있다. 상기 INACTIVE 메시지는 INACTIVE_NH, INACTIVE_NCC를 포함할 수 있다. 상기 INACTIVE 메시지를 수신한 고정 셀(1010)은 단말(1005)에게 RRC 연결 중지 메시지(RRC connection suspend)를 전송할 수 있다(1033 동작). 상기 RRC 연결 중지 메시지는 RRC connection suspend를 포함하는 RRC connection release 메시지 일 수 있으며, Enable PDCP_entity info=1, INACTIVE counter를 포함할 수 있다. In operation 1031, the core network node 1020 may transmit an INACTVE message to the fixed cell 710. The INACTIVE message may include INACTIVE_NH and INACTIVE_NCC. The fixed cell 1010 receiving the INACTIVE message may transmit an RRC connection suspend message to the terminal 1005 (operation 1033). The RRC connection stop message may be an RRC connection release message including an RRC connection suspend, and may include Enable PDCP_entity info = 1 and an INACTIVE counter.
1035 동작에서 단말(1005)은 단말 컨텍스트(UE context)를 저장할 수 있다. UE context는 old key (A_KeNB), INACTIVE_counter 를 포함할 수 있다. 1037 동작에서 고정 셀(1010)은 단말 컨텍스트(UE context)를 저장할 수 있다. UE context는 old key (A_KeNB), INACTIVE_counter 를 포함할 수 있다.In operation 1035, the terminal 1005 may store a UE context. The UE context may include an old key (A_KeNB) and INACTIVE_counter. In operation 1037, the fixed cell 1010 may store a UE context. The UE context may include an old key (A_KeNB) and INACTIVE_counter.
1039 동작에서 단말(1005)은 새로운 셀 (1015) 또는 새로운 기지국으로 이동할 수 있다. 단말(1005)은 이동한 새로운 셀 (1015)으로부터 시스템 정보, SRS 또는 RS 중 적어도 하나를 수신할 수 있다. 상기 시스템 정보, SRS 또는 RS 중 적어도 하나는 새로운 셀(1015)의 PDCP entity ID를 포함할 수 있다(1041 동작).In operation 1039, the terminal 1005 may move to a new cell 1015 or a new base station. The terminal 1005 may receive at least one of system information, SRS, or RS from the moved new cell 1015. At least one of the system information, the SRS, or the RS may include a PDCP entity ID of the new cell 1015 (operation 1041).
1043 동작에서 단말(1005)이 전송할 상향링크 데이터가 발생할 수 있다. 1044 동작에서 단말(1005)은 PDCP entity가 다른지 여부를 확인한다. 즉, 단말(1005)은 1033 동작에서 메시지를 전송한 셀의 PDCP entity와 현재 이동한 셀의 PDCP entity 가 다른지 여부를 확인한다. 만약 PDCP entity가 동일한 경우 1045 동작으로 진행한다. 1045 동작에서 단말(1005)은 INACTIVE counter를 증가 시키지 않고 유지한다. 1047 동작에서 단말(1005)은 이전에 사용하던 올드 키(old key (A_KeNB))를 보안키로 사용한다.In operation 1043, the UE 1005 may generate uplink data to be transmitted. In operation 1044, the terminal 1005 checks whether the PDCP entity is different. That is, in operation 1033, the terminal 1005 checks whether the PDCP entity of the cell transmitting the message is different from the PDCP entity of the currently moved cell. If the PDCP entities are identical, the operation proceeds to operation 1045. In operation 1045, the terminal 1005 maintains the INACTIVE counter without increasing it. In operation 1047, the terminal 1005 uses the old key (A_KeNB) previously used as a security key.
1049 동작에서 단말(1005)은 RRC Connection request 메시지 전송 시 UL data를 새로운 셀 (1015)에게 전송할 수 있다. UL data는 UE ID를 포함할 수 있고, 올드 키로 암호화되어 있을 수 있다. 1051 동작에서 새로운 셀(1015)은 고정 셀 (1010) 또는 고정 기지국을 식별할 수 있다. 새로운 셀(1015)은 UE ID를 이용하여 고정 셀(1010)을 식별할 수 있고, 상기 UE ID는 Resume ID, S-TMSI, T-RNTI 중 적어도 하나 일 수 있다. Resume ID는 1033 동작에서 단말(1005)에게 제공될 수 있다. In operation 1049, the UE 1005 may transmit UL data to the new cell 1015 when transmitting an RRC Connection request message. The UL data may include a UE ID and may be encrypted with an old key. In operation 1051, the new cell 1015 may identify the fixed cell 1010 or the fixed base station. The new cell 1015 may identify the fixed cell 1010 using the UE ID, which may be at least one of Resume ID, S-TMSI, and T-RNTI. The Resume ID may be provided to the terminal 1005 in operation 1033.
고정 셀(1010)을 확인하면, 1053 동작에서 새로운 셀(1015)은 단말 컨텍스트 검색 요청 (Retrieve UE Context Request)을 고정 셀(1010)에게 전송한다. 상기 단말 컨텍스트 검색 요청은 UE_ID를 포함할 수 있다. 1055 동작에서 고정 셀(1010)은 단말 컨텍스트 검색 응답 (Retrieve UE Context Response)을 새로운 셀(1015)에게 전송한다. 상기 단말 컨텍스트 검색 응답은 PDCP SN(sequence number)을 포함할 수 있다. 1057 동작에서 새로운 셀(1015)은 단말 컨텍스트를 저장한다. 단말 컨텍스트는 올드 키, Inactive_counter를 포함할 수 있고, 새로운 셀(1015)은 PDCP SN을 업데이트 할 수 있다.If the fixed cell 1010 is confirmed, in operation 1053, the new cell 1015 transmits a UE Context Search request to the fixed cell 1010. The terminal context search request may include a UE_ID. In operation 1055, the fixed cell 1010 transmits a UE Context Response to a new cell 1015. The UE context search response may include a PDCP sequence number (SN). In operation 1057, the new cell 1015 stores the terminal context. The UE context may include an old key, Inactive_counter, and the new cell 1015 may update the PDCP SN.
1059 동작에서 새로운 셀(1015)은 단말(1005)에게 RRC 연결 응답 메시지(RRC connection response) 메시지를 전송한다. 상기 RRC 연결 응답 메시지는 resume/suspend 정보, UE context update 정보, ACK/NACK 정보를 포함할 수 있다. 1061 동작에서 단말(1005)은 새로운 셀(1015)에게 RRC 연결 재설정 완료 메시지(RRC connection Reconfig Complete) 를 전송한다. 1063 동작에서 새로운 셀(1015)은 path switch request 메시지를 코어 네트워크 노드(1020)에게 전송한다. 1065 동작에서 코어 네트워크 노드(1020)는 path switch response 메시지를 새로운 셀(1015)에게 전송한다. 1067 동작에서 새로운 셀(1015)은 고정 셀(1010)에게 컨텍스트 해제 (context release) 메시지를 전송한다.In operation 1059, the new cell 1015 transmits an RRC connection response message to the terminal 1005. The RRC connection response message may include resume / suspend information, UE context update information, and ACK / NACK information. In operation 1061, the terminal 1005 transmits an RRC connection reconfig complete message to the new cell 1015. In operation 1063, the new cell 1015 transmits a path switch request message to the core network node 1020. In operation 1065, the core network node 1020 transmits a path switch response message to the new cell 1015. In operation 1067, the new cell 1015 transmits a context release message to the fixed cell 1010.
도 11은 본 발명의 일 실시 예에 따른 통신 시스템에서 단말이 Inactive(RRC_INACTIVE) state 에서 Data 전송 동작을 위한 보안키 생성 및 적용을 도시하는 도면이다. FIG. 11 is a diagram illustrating a security key generation and application for a data transmission operation in an Inactive (RRC_INACTIVE) state of a terminal in a communication system according to an embodiment of the present invention.
도 11은 RRC Connection suspend 전송 시 Enable PDCP_entity info와 INACTIVE counter를 전송하고 Network이 PDCP entity 정보를 제공하는 경우, Enable PDCP_entity info = 1인 경우, 이를 단말이 RRC INACTIVE로 천이되는 RRC connection suspend에 표기하여 전송하는 방법과 이를 기반하여 신규 보안키 생성 여부를 결정하는 방법에 관한 것이다.FIG. 11 illustrates that when PDRC_entity info and INACTIVE counters are transmitted when the RRC connection suspend is transmitted, and the network provides PDCP entity information, when Enable PDCP_entity info = 1, the terminal indicates this to the RRC connection suspend that is transitioned to RRC INACTIVE. And a method for determining whether to generate a new security key based on the same.
도 11의 실시 예는 이동한 셀의 PDCP_entity가 동일할 경우, 기존키 적용 동작 및 DL ACK/NACK 전송을 위해 paging에 piggyback 하여 전송하는 방법을 포함한다. The embodiment of FIG. 11 includes a method of applying an existing key and piggybacking to paging for transmission of DL ACK / NACK when PDCP_entity of the moved cell is the same.
도 11를 참조하면, 이동 통신 시스템은 단말(1105), 고정 셀 (anchor cell, 1110), 새로운 셀 (new cell, 1115) 및 코어네트워크 노드 (1120)를 포함할 수 있다. 코어네트워크 노드(1120)는 MME 및/또는 S-GW를 포함할 수 있다. Referring to FIG. 11, a mobile communication system may include a terminal 1105, an anchor cell 1110, a new cell 1115, and a core network node 1120. The core network node 1120 may include an MME and / or an S-GW.
1131 동작에서 코어네트워크 노드(1120)는 INACTVE 메시지를 고정 셀(1110)에게 전송할 수 있다. 상기 INACTIVE 메시지는 INACTIVE_NH, INACTIVE_NCC를 포함할 수 있다. 상기 INACTIVE 메시지를 수신한 고정 셀(1110)은 단말(1105)에게 RRC 연결 중지 메시지(RRC connection suspend)를 전송할 수 있다(1133 동작). 상기 RRC 연결 중지 메시지는 RRC connection suspend를 포함하는 RRC connection release 메시지 일 수 있으며, Enable PDCP_entity info=1, INACTIVE counter를 포함할 수 있다. In operation 1131, the core network node 1120 may transmit an INACTVE message to the fixed cell 1110. The INACTIVE message may include INACTIVE_NH and INACTIVE_NCC. The fixed cell 1110 having received the INACTIVE message may transmit an RRC connection suspend message to the UE 1105 (operation 1133). The RRC connection stop message may be an RRC connection release message including an RRC connection suspend, and may include Enable PDCP_entity info = 1 and an INACTIVE counter.
1135 동작에서 단말(1105)은 단말 컨텍스트(UE context)를 저장할 수 있다. UE context는 old key (A_KeNB), INACTIVE_counter 를 포함할 수 있다. 1137 동작에서 고정 셀(1110)은 단말 컨텍스트(UE context)를 저장할 수 있다. UE context는 old key (A_KeNB), INACTIVE_counter 를 포함할 수 있다.In operation 1135, the UE 1105 may store a UE context. The UE context may include an old key (A_KeNB) and INACTIVE_counter. In operation 1137, the fixed cell 1110 may store a UE context. The UE context may include an old key (A_KeNB) and INACTIVE_counter.
1139 동작에서 단말(1105)은 새로운 셀 (1115) 또는 새로운 기지국으로 이동할 수 있다. 단말(1105)은 이동한 새로운 셀 (1115)으로부터 시스템 정보, SRS 또는 RS 중 적어도 하나를 수신할 수 있다. 상기 시스템 정보, SRS 또는 RS 중 적어도 하나는 새로운 셀(1115)의 PDCP entity ID를 포함할 수 있다(1141 동작).In operation 1139, the terminal 1105 may move to a new cell 1115 or a new base station. The terminal 1105 may receive at least one of system information, SRS, or RS from the moved new cell 1115. At least one of the system information, the SRS or the RS may include the PDCP entity ID of the new cell 1115 (operation 1141).
1143 동작에서 단말(1105)이 전송할 상향링크 데이터가 발생할 수 있다. 1144 동작에서 단말(1105)은 PDCP entity가 다른지 여부를 확인한다. 즉, 단말(1105)은 1133 동작에서 메시지를 전송한 셀의 PDCP entity와 현재 이동한 셀의 PDCP entity 가 다른지 여부를 확인한다. 만약 PDCP entity가 동일한 경우 1145 동작으로 진행한다. 1145 동작에서 단말(1105)은 INACTIVE counter를 증가 시키지 않고 유지한다. 1147 동작에서 단말(1105)은 이전에 사용하던 올드 키(old key (A_KeNB))를 보안키로 사용한다.In operation 1143, uplink data transmitted by the terminal 1105 may be generated. In operation 1144, the terminal 1105 checks whether the PDCP entity is different. That is, the UE 1105 checks whether the PDCP entity of the cell which has transmitted the message is different from the PDCP entity of the cell which is currently moved in operation 1133. If the PDCP entities are identical, the operation proceeds to operation 1145. In operation 1145, the terminal 1105 maintains the INACTIVE counter without increasing it. In operation 1147, the terminal 1105 uses an old key (A_KeNB) previously used as a security key.
1149 동작에서 단말(1105)은 RRC 시그널링 없이 UL data를 새로운 셀 (1115)에게 전송할 수 있다. UL data는 UE ID를 포함할 수 있고, 올드 키로 암호화되어 있을 수 있다. 1151 동작에서 새로운 셀(1115)은 고정 셀 (1110) 또는 고정 기지국을 식별할 수 있다. 새로운 셀(1115)은 UE ID를 이용하여 고정 셀(1110)을 식별할 수 있고, 상기 UE ID는 Resume ID, S-TMSI, T-RNTI 중 적어도 하나 일 수 있다. Resume ID는 1133 동작에서 단말(1105)에게 제공될 수 있다. In operation 1149, the UE 1105 may transmit UL data to the new cell 1115 without RRC signaling. The UL data may include a UE ID and may be encrypted with an old key. In operation 1151, the new cell 1115 may identify the fixed cell 1110 or the fixed base station. The new cell 1115 may identify the fixed cell 1110 using the UE ID, and the UE ID may be at least one of Resume ID, S-TMSI, and T-RNTI. The Resume ID may be provided to the terminal 1105 in operation 1133.
고정 셀(1110)을 확인하면, 1153 동작에서 새로운 셀(1115)은 단말 컨텍스트 검색 요청 (Retrieve UE Context Request)을 고정 셀(1110)에게 전송한다. 상기 단말 컨텍스트 검색 요청은 UE_ID를 포함할 수 있다. 1155 동작에서 고정 셀(1110)은 단말 컨텍스트 검색 응답 (Retrieve UE Context Response)을 새로운 셀(1115)에게 전송한다. 상기 단말 컨텍스트 검색 응답은 PDCP SN(sequence number)을 포함할 수 있다. 1157 동작에서 새로운 셀(1115)은 단말 컨텍스트를 저장한다. 단말 컨텍스트는 올드 키, Inactive_counter를 포함할 수 있고, 새로운 셀(1015)은 PDCP SN을 업데이트 할 수 있다.After checking the fixed cell 1110, in operation 1153, the new cell 1115 transmits a UE Context Search request to the fixed cell 1110. The terminal context search request may include a UE_ID. In operation 1155, the fixed cell 1110 transmits a UE Context Response to a new cell 1115. The UE context search response may include a PDCP sequence number (SN). In operation 1157, the new cell 1115 stores the terminal context. The UE context may include an old key, Inactive_counter, and the new cell 1015 may update the PDCP SN.
1163 동작에서 새로운 셀(1115)은 path switch request 메시지를 코어 네트워크 노드(1120)에게 전송한다. 1165 동작에서 코어 네트워크 노드(1120)는 path switch response 메시지를 새로운 셀(1115)에게 전송한다. 1167 동작에서 새로운 셀(1115)은 고정 셀(1110)에게 컨텍스트 해제 (context release) 메시지를 전송한다. 1169 동작에서 코어 네트워크 노드(1120)는 고정 셀(1110)에게 페이징 메시지를 전송한다. 1171 동작에서 고정 셀(1110)은 단말(1105)에게 페이징 메시지를 전송할 수 있고, 페이징 메시지에 ACK/NACK을 피기백(piggyback)하여 전송할 수 있다. In operation 1163, the new cell 1115 transmits a path switch request message to the core network node 1120. In operation 1165, the core network node 1120 transmits a path switch response message to the new cell 1115. In operation 1167, the new cell 1115 transmits a context release message to the fixed cell 1110. In operation 1169, the core network node 1120 transmits a paging message to the fixed cell 1110. In operation 1171, the fixed cell 1110 may transmit a paging message to the terminal 1105, and piggyback ACK / NACK on the paging message.
도 12는 본 발명의 일 실시 예에 따른 단말의 구조를 도시한 도면이다. 12 is a diagram illustrating a structure of a terminal according to an embodiment of the present invention.
도 12를 참고하면, 단말은 송수신부 (1210), 제어부 (1220), 저장부 (1230)을 포함할 수 있다. 본 발명의 실시 예에서 제어부(1220)는, 회로 또는 어플리케이션 특정 통합 회로 또는 적어도 하나의 프로세서라고 정의될 수 있다. Referring to FIG. 12, the terminal may include a transceiver 1210, a controller 1220, and a storage 1230. In an embodiment of the present disclosure, the controller 1220 may be defined as a circuit or an application specific integrated circuit or at least one processor.
송수신부 (1210)는 다른 네트워크 엔티티와 신호를 송수신할 수 있다. 송수신부(1210)는 예를 들어, 기지국으로부터 시스템 정보를 수신할 수 있으며, 동기 신호 또는 기준 신호를 수신할 수 있다. 제어부 (1220)은 본 발명에서 제안하는 실시 예에 따른 단말의 전반적인 동작을 제어할 수 있다. 저장부(1230)는 상기 송수신부 (1210)를 통해 송수신되는 정보 및 제어부 (1220)을 통해 생성되는 정보 중 적어도 하나를 저장할 수 있다. The transceiver 1210 may exchange a signal with another network entity. The transceiver 1210 may receive system information from, for example, a base station, and may receive a synchronization signal or a reference signal. The controller 1220 may control the overall operation of the terminal according to the embodiment proposed by the present invention. The storage unit 1230 may store at least one of information transmitted and received through the transceiver 1210 and information generated through the controller 1220.
본 발명의 실시 예에 따르면 상기 제어부(1220)는 제1 기지국으로부터 PDCP(packet data convergence protocol) 개체 관련 정보 및 비활성화 카운터 정보를 포함하는 RRC(radio resource control) 연결 중지 메시지를 수신하고, 현재 단말이 사용중인 제1 보안키 및 상기 비활성화 카운터 정보를 저장하며, 상기 단말이 제2 기지국으로 이동하고, 상기 단말이 전송할 상향링크 데이터를 확인하며, 상기 PDCP 개체 관련 정보 및 비활성화 카운터 정보에 기반하여 제2 보안 키를 생성하고, 상기 제2 보안 키로 암호화된 상기 상향링크 데이터를 상기 제2 기지국으로 전송하도록 제어할 수 있다.According to an embodiment of the present invention, the control unit 1220 receives a radio resource control (RRC) connection stop message including packet data convergence protocol (PDCP) entity related information and deactivation counter information from a first base station, Stores the first security key and the deactivation counter information being used, the terminal moves to a second base station, identifies uplink data to be transmitted by the terminal, and based on the PDCP entity related information and deactivation counter information. A security key may be generated, and the uplink data encrypted with the second security key may be transmitted to the second base station.
또한, 상기 제어부(1220)는 상기 제어부는 상기 PDCP 개체 관련 정보에 따라 PDCP 개체의 ID가 제공되면, 상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 동일한지 여부를 판단하고, 상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 서로 다른 경우 상기 비활성화 카운터를 갱신하여 상기 제2 보안 키를 생성하도록 제어할 수 있다. 상기 제1 기지국과 상기 제2 기지국의 PDCP 개체가 동일하면, 상기 제2 보안키는 상기 제1 보안키와 동일할 수 있다.The controller 1220 determines whether the PDCP entity of the first base station and the PDCP entity of the second base station are the same when the ID of the PDCP entity is provided according to the PDCP entity related information. When the PDCP entity of the first base station and the PDCP entity of the second base station are different from each other, the deactivation counter may be updated to generate the second security key. If the PDCP entities of the first base station and the second base station are the same, the second security key may be the same as the first security key.
또한, 상기 제어부(1220)는 상기 PDCP 개체 관련 정보에 따라 PDCP 개체의 ID가 제공되지 않으면, 상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 동일성과 무관하게 상기 비활성화 카운터를 갱신하여 상기 제2 보안키를 생성할 수 있다.If the ID of the PDCP entity is not provided according to the PDCP entity related information, the controller 1220 updates the deactivation counter regardless of whether the PDCP entity of the first base station and the PDCP entity of the second base station are the same. The second security key may be generated.
또한, 상기 제어부(1220)는 상기 상향링크 데이터를 RRC 연결 재개 요청 메시지와 함께 전송하도록 제어할 수 있다. 또한, 상기 제어부(1220)는 상기 단말의 식별자 및 상기 제2 보안키의 생성에 사용된 비활성화 카운터를 상기 상향링크 데이터와 함께 전송하도록 제어할 수 있다. 또한, 상기 제어부(1220)는 상기 제2 기지국으로부터 상기 제2 기지국의 셀 식별자 및 제2 기지국의 PDCP 개체 식별자를 포함하는 시스템 정보를 수신하고, 상기 제2 기지국의 PDCP 개체 식별자에 기반하여 상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 동일한지 여부를 판단하도록 제어할 수 있다.In addition, the controller 1220 may control to transmit the uplink data together with the RRC connection resumption request message. In addition, the controller 1220 may control to transmit the identifier of the terminal and the deactivation counter used to generate the second security key together with the uplink data. In addition, the control unit 1220 receives system information including the cell identifier of the second base station and the PDCP entity identifier of the second base station from the second base station, and based on the PDCP entity identifier of the second base station; The PDCP entity of the first base station and the PDCP entity of the second base station may be controlled to determine whether the same.
도 13은 본 발명의 일 실시 예에 따른 기지국의 구조를 도시한 도면이다. 13 is a diagram illustrating a structure of a base station according to an embodiment of the present invention.
도 13을 참고하면, 기지국은 송수신부 (1310), 제어부 (1320), 저장부 (1330)을 포함할 수 있다. 본 발명의 실시 예에서 제어부(1320)는, 회로 또는 어플리케이션 특정 통합 회로 또는 적어도 하나의 프로세서라고 정의될 수 있다. Referring to FIG. 13, the base station may include a transceiver 1310, a controller 1320, and a storage 1330. In an embodiment of the present disclosure, the controller 1320 may be defined as a circuit or application specific integrated circuit or at least one processor.
송수신부 (1310)는 다른 네트워크 엔티티와 신호를 송수신할 수 있다. 송수신부(1310)는 예를 들어, 단말에 시스템 정보를 전송할 수 있으며, 동기 신호 또는 기준 신호를 전송할 수 있다. 제어부 (1320)은 본 발명에서 제안하는 실시 예에 따른 기지국의 전반적인 동작을 제어할 수 있다. 저장부(1330)는 상기 송수신부 (1310)를 통해 송수신되는 정보 및 제어부 (1320)을 통해 생성되는 정보 중 적어도 하나를 저장할 수 있다.The transceiver 1310 may transmit and receive signals with other network entities. For example, the transceiver 1310 may transmit system information to the terminal, and may transmit a synchronization signal or a reference signal. The controller 1320 may control the overall operation of the base station according to the embodiment proposed by the present invention. The storage unit 1330 may store at least one of information transmitted and received through the transceiver 1310 and information generated through the controller 1320.
도 14는 본 발명의 일 실시 예에 다른 코어 네트워크 노드의 구조를 도시한 도면이다. 코어 네트워크 노드는 MME 또는 S-GW 일 수 있으며, MME에 대응하는 function 또는 S-GW에 대응하는 function 일 수도 있다. 14 is a diagram illustrating a structure of a core network node according to an embodiment of the present invention. The core network node may be an MME or an S-GW, or may be a function corresponding to an MME or a function corresponding to an S-GW.
도 14를 참고하면, 코어 네트워크 노드는 송수신부 (1410), 제어부 (1420), 저장부 (1430)을 포함할 수 있다. 본 발명의 실시 예에서 제어부(1420)는, 회로 또는 어플리케이션 특정 통합 회로 또는 적어도 하나의 프로세서라고 정의될 수 있다. Referring to FIG. 14, the core network node may include a transceiver 1410, a controller 1420, and a storage 1430. In an embodiment of the present disclosure, the controller 1420 may be defined as a circuit or an application specific integrated circuit or at least one processor.
송수신부 (1410)는 다른 네트워크 엔티티와 신호를 송수신할 수 있다. 송수신부(1410)는 예를 들어, 단말에 시스템 정보를 전송할 수 있으며, 동기 신호 또는 기준 신호를 전송할 수 있다. 제어부 (1420)은 본 발명에서 제안하는 실시 예에 따른 코어네트워크 노드의 전반적인 동작을 제어할 수 있다. 저장부(1430)는 상기 송수신부 (1410)를 통해 송수신되는 정보 및 제어부 (1420)을 통해 생성되는 정보 중 적어도 하나를 저장할 수 있다.The transceiver 1410 may transmit and receive signals with other network entities. For example, the transceiver 1410 may transmit system information to the terminal, and may transmit a synchronization signal or a reference signal. The controller 1420 may control the overall operation of the core network node according to the embodiment proposed by the present invention. The storage 1430 may store at least one of information transmitted and received through the transceiver 1410 and information generated through the controller 1420.
그리고 본 명세서와 도면에 개시된 실시 예들은 본 발명의 내용을 쉽게 설명하고, 이해를 돕기 위해 특정 예를 제시한 것일 뿐이며, 본 발명의 범위를 한정하고자 하는 것은 아니다. 따라서 본 발명의 범위는 여기에 개시된 실시 예들 이외에도 본 발명의 기술적 사상을 바탕으로 도출되는 모든 변경 또는 변형된 형태가 본 발명의 범위에 포함되는 것으로 해석되어야 한다.In addition, the embodiments disclosed in the specification and the drawings merely present specific examples to easily explain and easily understand the contents of the present invention, and are not intended to limit the scope of the present invention. Therefore, the scope of the present invention should be construed that all changes or modifications derived based on the technical spirit of the present invention are included in the scope of the present invention in addition to the embodiments disclosed herein.

Claims (14)

  1. 무선 통신 시스템에서 단말의 동작 방법에 있어서,In the method of operating a terminal in a wireless communication system,
    제1 기지국으로부터 PDCP(packet data convergence protocol) 개체 관련 정보 및 비활성화 카운터 정보를 포함하는 RRC(radio resource control) 연결 중지 메시지를 수신하는 단계;Receiving a radio resource control (RRC) connection stop message including packet data convergence protocol (PDCP) entity related information and deactivation counter information from a first base station;
    현재 단말이 사용중인 제1 보안키 및 상기 비활성화 카운터 정보를 저장하는 단계;Storing the first security key and the deactivation counter information currently being used by the terminal;
    상기 단말이 제2 기지국으로 이동하는 단계;Moving the terminal to a second base station;
    상기 단말이 전송할 상향링크 데이터를 확인하는 단계;Confirming uplink data to be transmitted by the terminal;
    상기 PDCP 개체 관련 정보 및 비활성화 카운터 정보에 기반하여 제2 보안 키를 생성하는 단계; 및Generating a second security key based on the PDCP entity related information and the deactivation counter information; And
    상기 제2 보안 키로 암호화된 상기 상향링크 데이터를 상기 제2 기지국으로 전송하는 단계를 포함하는 방법.Transmitting the uplink data encrypted with the second security key to the second base station.
  2. 제1항에 있어서, The method of claim 1,
    상기 PDCP 개체 관련 정보에 따라 PDCP 개체의 ID가 제공되면, 상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 동일한지 여부를 판단하는 단계를 더 포함하고, Determining whether a PDCP entity of the first base station and a PDCP entity of the second base station are the same when an ID of a PDCP entity is provided according to the PDCP entity related information;
    상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 서로 다른 경우 상기 비활성화 카운터를 갱신하여 상기 제2 보안 키를 생성하는 것을 특징으로 하는 방법.And if the PDCP entity of the first base station and the PDCP entity of the second base station are different from each other, updating the deactivation counter to generate the second security key.
  3. 제2항에 있어서, 상기 제1 기지국과 상기 제2 기지국의 PDCP 개체가 동일하면, 상기 제2 보안키는 상기 제1 보안키와 동일한 것을 특징으로 하는 방법.The method of claim 2, wherein if the PDCP entities of the first base station and the second base station are the same, the second security key is the same as the first security key.
  4. 제1항에 있어서, The method of claim 1,
    상기 PDCP 개체 관련 정보에 따라 PDCP 개체의 ID가 제공되지 않으면, 상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 동일성과 무관하게 상기 비활성화 카운터를 갱신하여 상기 제2 보안키를 생성하는 것을 특징으로 하는 방법.If the ID of the PDCP entity is not provided according to the PDCP entity related information, the PDCP entity of the first base station and the PDCP entity of the second base station update the deactivation counter to generate the second security key regardless of the identity. Characterized in that the method.
  5. 제1항에 있어서, 상기 상향링크 데이터를 RRC 연결 재개 요청 메시지와 함께 전송하는 것을 특징으로 하는 방법.The method of claim 1, wherein the uplink data is transmitted with an RRC connection resumption request message.
  6. 제1항에 있어서, 상기 단말의 식별자 및 상기 제2 보안키의 생성에 사용된 비활성화 카운터를 상기 상향링크 데이터와 함께 전송하는 것을 특징으로 하는 방법.The method of claim 1, wherein the deactivation counter used to generate the identifier of the terminal and the second security key is transmitted together with the uplink data.
  7. 제2항에 있어서, 상기 제2 기지국으로부터 상기 제2 기지국의 셀 식별자 및 제2 기지국의 PDCP 개체 식별자를 포함하는 시스템 정보를 수신하는 단계를 포함하고,3. The method of claim 2 including receiving system information from the second base station, the system information including the cell identifier of the second base station and the PDCP entity identifier of the second base station;
    상기 제2 기지국의 PDCP 개체 식별자에 기반하여 상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 동일한지 여부를 판단하는 것을 특징으로 하는 방법. And determining whether the PDCP entity of the first base station and the PDCP entity of the second base station are the same based on the PDCP entity identifier of the second base station.
  8. 단말에 있어서,In the terminal,
    신호를 송신 및 수신하는 송수신부; 및Transmitting and receiving unit for transmitting and receiving a signal; And
    제1 기지국으로부터 PDCP(packet data convergence protocol) 개체 관련 정보 및 비활성화 카운터 정보를 포함하는 RRC(radio resource control) 연결 중지 메시지를 수신하고, 현재 단말이 사용중인 제1 보안키 및 상기 비활성화 카운터 정보를 저장하며, 상기 단말이 제2 기지국으로 이동하고, 상기 단말이 전송할 상향링크 데이터를 확인하며, 상기 PDCP 개체 관련 정보 및 비활성화 카운터 정보에 기반하여 제2 보안 키를 생성하고, 상기 제2 보안 키로 암호화된 상기 상향링크 데이터를 상기 제2 기지국으로 전송하도록 제어하는 제어부를 포함하는 단말.Receive a radio resource control (RRC) connection stop message including packet data convergence protocol (PDCP) entity related information and deactivation counter information from a first base station, and store the first security key and the deactivation counter information currently being used by the terminal. The terminal moves to the second base station, identifies uplink data to be transmitted by the terminal, generates a second security key based on the PDCP entity related information and the deactivation counter information, and encrypts the second security key. And a control unit controlling to transmit the uplink data to the second base station.
  9. 제8항에 있어서, 상기 제어부는 상기 PDCP 개체 관련 정보에 따라 PDCP 개체의 ID가 제공되면, 상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 동일한지 여부를 판단하고, 상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 서로 다른 경우 상기 비활성화 카운터를 갱신하여 상기 제2 보안 키를 생성하도록 제어하는 것을 특징으로 하는 단말.The method of claim 8, wherein, when the ID of the PDCP entity is provided according to the PDCP entity related information, the controller determines whether the PDCP entity of the first base station and the PDCP entity of the second base station are the same, And if the PDCP entity of the base station and the PDCP entity of the second base station are different from each other, updating the deactivation counter to generate the second security key.
  10. 제9항에 있어서, 상기 제1 기지국과 상기 제2 기지국의 PDCP 개체가 동일하면, 상기 제2 보안키는 상기 제1 보안키와 동일한 것을 특징으로 하는 단말.10. The terminal of claim 9, wherein if the PDCP entities of the first base station and the second base station are the same, the second security key is the same as the first security key.
  11. 제8항에 있어서, 상기 제어부는,The method of claim 8, wherein the control unit,
    상기 PDCP 개체 관련 정보에 따라 PDCP 개체의 ID가 제공되지 않으면, 상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 동일성과 무관하게 상기 비활성화 카운터를 갱신하여 상기 제2 보안키를 생성하도록 제어하는 것을 특징으로 하는 단말.If the ID of the PDCP entity is not provided according to the PDCP entity related information, the PDCP entity of the first base station and the PDCP entity of the second base station update the deactivation counter to generate the second security key irrespective of the same identity. Terminal for controlling.
  12. 제8항에 있어서, 상기 제어부는, 상기 상향링크 데이터를 RRC 연결 재개 요청 메시지와 함께 전송하도록 제어하는 것을 특징으로 하는 단말.The terminal of claim 8, wherein the controller controls the uplink data to be transmitted together with an RRC connection resumption request message.
  13. 제8항에 있어서, 상기 제어부는, 상기 단말의 식별자 및 상기 제2 보안키의 생성에 사용된 비활성화 카운터를 상기 상향링크 데이터와 함께 전송하도록 제어하는 것을 특징으로 하는 단말.The terminal of claim 8, wherein the controller controls to transmit the identifier of the terminal and the deactivation counter used to generate the second security key together with the uplink data.
  14. 제9항에 있어서, 상기 제어부는 상기 제2 기지국으로부터 상기 제2 기지국의 셀 식별자 및 제2 기지국의 PDCP 개체 식별자를 포함하는 시스템 정보를 수신하고, 상기 제2 기지국의 PDCP 개체 식별자에 기반하여 상기 제1 기지국의 PDCP 개체와 상기 제2 기지국의 PDCP 개체가 동일한지 여부를 판단하도록 제어하는 것을 특징으로 하는 단말.The method of claim 9, wherein the control unit receives system information including the cell identifier of the second base station and the PDCP entity identifier of the second base station from the second base station, and based on the PDCP entity identifier of the second base station; And control to determine whether the PDCP entity of the first base station and the PDCP entity of the second base station are the same.
PCT/KR2018/001963 2017-02-20 2018-02-14 Method and device for improved security in wireless communication system WO2018151546A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2017-0022541 2017-02-20
KR20170022541 2017-02-20

Publications (1)

Publication Number Publication Date
WO2018151546A1 true WO2018151546A1 (en) 2018-08-23

Family

ID=63169565

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2018/001963 WO2018151546A1 (en) 2017-02-20 2018-02-14 Method and device for improved security in wireless communication system

Country Status (1)

Country Link
WO (1) WO2018151546A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113273234A (en) * 2019-01-18 2021-08-17 联想(新加坡)私人有限公司 Key refresh for small data traffic
CN114071803A (en) * 2020-07-31 2022-02-18 中国移动通信有限公司研究院 Data transmission method, terminal and network side equipment
WO2023004594A1 (en) * 2021-07-27 2023-02-02 Huawei Technologies Co.,Ltd. Devices and method for configuration of a user device during small data transmission
US20230209415A1 (en) * 2017-06-15 2023-06-29 Qualcomm Incorporated Techniques and apparatuses for user equipment mobility in multi-connectivity mode

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140087743A1 (en) * 2012-02-28 2014-03-27 Sierra Wireless Method and device for controlling the access of equipment for a network of the machine-to-machine type to the resources of a cellular telephony network
WO2017025144A2 (en) * 2015-08-13 2017-02-16 Nokia Solutions And Networks Oy Inactivity timer evaluation

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140087743A1 (en) * 2012-02-28 2014-03-27 Sierra Wireless Method and device for controlling the access of equipment for a network of the machine-to-machine type to the resources of a cellular telephony network
WO2017025144A2 (en) * 2015-08-13 2017-02-16 Nokia Solutions And Networks Oy Inactivity timer evaluation

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
OPPO: "Discussion on IDLE/INACTIVE UE Mobility", R2-1700957, 3GPP TSG-RAN2#97, 4 February 2017 (2017-02-04), Athens, Greece, XP051223315 *
PATRICK MARSCH: "5G Radio Access Network Architecture: Design Guidelines and Key Considerations", IEEE COMMUNICATIONS MAGAZINE, vol. 54, no. 11, XP011634866 *
SAMSUNG: "Overview of the NR RRC state machine and modelling of the INACTIVE state", R2-167493, 3GPP TSG-RAN WG2 MEETING #96, 5 November 2016 (2016-11-05), XP051177409 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230209415A1 (en) * 2017-06-15 2023-06-29 Qualcomm Incorporated Techniques and apparatuses for user equipment mobility in multi-connectivity mode
CN113273234A (en) * 2019-01-18 2021-08-17 联想(新加坡)私人有限公司 Key refresh for small data traffic
CN114071803A (en) * 2020-07-31 2022-02-18 中国移动通信有限公司研究院 Data transmission method, terminal and network side equipment
WO2023004594A1 (en) * 2021-07-27 2023-02-02 Huawei Technologies Co.,Ltd. Devices and method for configuration of a user device during small data transmission

Similar Documents

Publication Publication Date Title
WO2020209620A1 (en) Method and ue for managing paging procedure in wireless communication network
WO2020045969A1 (en) Method and ue for optimizing resources of wireless communication network while providing 5g services
WO2017171529A1 (en) Method for v2x transmission resource selection performed by means of terminal in wireless communication system and terminal using same
WO2017164674A1 (en) Method for changing connection mode in base station, and base station thereof, and method for changing connection mode in user equipment, and user equipment thereof
WO2015020449A1 (en) Security key generation and management method of pdcp distributed structure for supporting dual connectivity
WO2019190205A1 (en) Method and apparatus for performing discontinuous reception in wireless communication system
WO2019074347A1 (en) User equipment (ue) and core network for managing network slice congestion in wireless communication system
WO2019194641A1 (en) Method and apparatus for operating protocol layer of terminal in inactive mode in next-generation mobile communication system
WO2018128477A1 (en) Method and apparatus for data transport control between wireless network systems
WO2019160327A1 (en) Method and device for performing cell reselection in mobile communication system
WO2017126928A1 (en) Method for changing connection mode and mobility management entity
WO2016190639A1 (en) Method and device for reporting buffer state during lte-wireless lan combining in wireless communication system
WO2018038490A1 (en) Method and system for regional data network configuration in wireless communication network
WO2018070845A1 (en) Sidelink synchronization signal transmission method performed by terminal in wireless communication system and terminal using same
WO2012141480A2 (en) Method and apparatus for transmitting/receiving data in mobile communication system
WO2017030399A1 (en) Ue access method and apparatus
WO2020251240A1 (en) Method and apparatus for improving service reliability in wireless communication system
WO2018151546A1 (en) Method and device for improved security in wireless communication system
WO2019225900A1 (en) Method and device for reducing power consumption by terminal in wireless communication system
WO2019194528A1 (en) Method and apparatus for performing transmission
WO2018174638A1 (en) Method and device for managing state of session according to position of terminal in wireless communication system
WO2017126942A1 (en) Method and user equipment for receiving data, and method and base station for transmitting data
WO2017131479A1 (en) Method and apparatus for reducing signaling overhead and reducing battery of terminal
WO2017030427A1 (en) Method and apparatus for access, handover, and encryption control of a ue
WO2019221493A1 (en) Method for controlling terminal for cellular iot service in 5g mobile communication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18754839

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18754839

Country of ref document: EP

Kind code of ref document: A1