WO2019161545A1 - Integrity verification method, network device, terminal device and computer storage medium - Google Patents

Integrity verification method, network device, terminal device and computer storage medium Download PDF

Info

Publication number
WO2019161545A1
WO2019161545A1 PCT/CN2018/077057 CN2018077057W WO2019161545A1 WO 2019161545 A1 WO2019161545 A1 WO 2019161545A1 CN 2018077057 W CN2018077057 W CN 2018077057W WO 2019161545 A1 WO2019161545 A1 WO 2019161545A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal device
msg3
context
network device
identifier
Prior art date
Application number
PCT/CN2018/077057
Other languages
French (fr)
Chinese (zh)
Inventor
唐海
Original Assignee
Oppo广东移动通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oppo广东移动通信有限公司 filed Critical Oppo广东移动通信有限公司
Priority to CN201880036992.XA priority Critical patent/CN110710241A/en
Priority to PCT/CN2018/077057 priority patent/WO2019161545A1/en
Publication of WO2019161545A1 publication Critical patent/WO2019161545A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity

Definitions

  • the present invention relates to the field of information processing technologies, and in particular, to an integrity verification method, a network device, a terminal device, and a computer storage medium.
  • a new RRC state that is, an RRC_INACTIVE state
  • the network side configures the paging area of the RAN by using dedicated signaling to the UE, and the RAN paging area may be one cell or multiple cells.
  • the network side is not notified, and the mobility behavior under the idle, that is, the cell selection reselection principle is followed.
  • the UE When the UE moves out of the paging area configured by the RAN, the UE is triggered to resume the RRC connection and re-acquire the paging area configured by the RAN.
  • the gNB that keeps the connection between the RAN and the CN for the UE triggers all the cells in the RAN paging area to send a paging message to the UE, so that the UE in the INACTIVCE state can resume the RRC connection and perform data reception.
  • the fake base station pretends to send the MSG3 message. , or other messages for the UE, the risk of the network being attacked, and the message carrying the UE identification information and the cause value information needs to be secured.
  • an embodiment of the present invention provides an integrity verification method, a network device, a terminal device, and a computer storage medium.
  • An embodiment of the present invention provides an integrity protection method, which is applied to a first network device, where the method includes:
  • the embodiment of the invention provides an integrity protection method, which is applied to a terminal device, and the method includes:
  • an MSG3 message including an RRC connection recovery request, where the RRC connection recovery request carries a terminal device context identifier.
  • An embodiment of the present invention provides a first network device, where the method includes:
  • the first communication unit receives an MSG3 message that is sent by the terminal device and includes an RRC connection recovery request; and acquires the terminal device context from the target network device;
  • the first processing unit acquires the terminal device context identifier and/or the target network device identifier from the MSG3 and/or by decoding the PUSCH where the MSG3 is located.
  • the embodiment of the invention provides a terminal device, where the terminal device includes:
  • the second communication unit sends an MSG3 message including an RRC connection recovery request to the network side, where the RRC connection recovery request carries the terminal device context identifier.
  • a first network device provided by an embodiment of the present invention includes: a processor and a memory for storing a computer program capable of running on a processor,
  • processor is configured to perform the steps of the foregoing method when the computer program is run.
  • a terminal device provided by an embodiment of the present invention includes: a processor and a memory for storing a computer program capable of running on a processor,
  • processor is configured to perform the steps of the foregoing method when the computer program is run.
  • a computer storage medium is provided by the embodiment of the present invention.
  • the computer storage medium stores computer executable instructions, and the foregoing method steps are implemented when the computer executable instructions are executed.
  • the technical solution of the embodiment of the present invention can transmit the terminal device context identifier to the network side by using the MAC CE method or carry the terminal device context identifier by using the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and obtain the target base station from the target base station. Look for context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, thereby improving the reliability of the terminal device accessing the network.
  • FIG. 1 is a schematic flowchart of an integrity verification method according to an embodiment of the present invention.
  • FIG. 2 is a schematic diagram of a network structure
  • FIG. 3 is a schematic structural diagram of a first network device according to an embodiment of the present invention.
  • FIG. 4 is a schematic structural diagram of a terminal device according to an embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a hardware architecture according to an embodiment of the present invention.
  • An embodiment of the present invention provides an integrity protection method, which is applied to a first network device. As shown in FIG. 1, the method includes:
  • Step 101 Receive an MSG3 message that is sent by the terminal device and includes an RRC connection recovery request.
  • Step 102 Obtain a terminal device context identifier, and/or a target network device identifier from the MSG3 and/or by decoding a PUSCH where the MSG3 is located.
  • Step 103 Acquire the terminal device context from the target network device.
  • the first network device in this embodiment can be understood as the current serving base station of the terminal device.
  • the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB.
  • the target network device can be understood as an anchor gNB that holds the terminal device context.
  • the packet may specifically include the following two implementation manners:
  • the target network device determines that the integrity check is successful, acquiring the terminal device context from the target network device, and restoring the terminal device context;
  • the target network device determines that the integrity check fails, obtaining the rejecting the terminal device indication from the target network device, and rejecting the terminal device to restore the context request.
  • the first network device may forward the TB data to the target base station (that is, the target network device) when the terminal device context needs to be acquired; the target base station decodes the TB data, obtains the UE AS context id, and then finds The context of the UE, and recovering SRB1 according to the AS context of the UE, and performing decoding and integrity verification, and/or decryption;
  • the target base station that is, the target network device
  • the target base station decodes the TB data, obtains the UE AS context id, and then finds The context of the UE, and recovering SRB1 according to the AS context of the UE, and performing decoding and integrity verification, and/or decryption
  • the integrity verification of the target network device ie, the target base station
  • the context of the UE is sent to the serving base station.
  • the serving base station recovers the context of the UE; if the integrity protection verification fails, the serving base station is notified to reject the UE.
  • the terminal device context identifier Acquiring, according to the terminal device context identifier, the terminal device context from the target network device; performing decoding and integrity check on the TB data including the terminal device context identifier; when the integrity check succeeds Determining to restore the terminal device context; when the integrity check fails, determining to reject the terminal device to resume the context request.
  • the first network device (that is, the serving base station) requests the target base station for the UE context by using the UE AS context id; the first network device (that is, the serving base station) restores the context of the UE.
  • the TB data is then decoded and decoded and integrity verified, and/or decrypted.
  • the first network device restores the context of the UE if the integrity verification succeeds; if the integrity protection verification fails, the UE is rejected.
  • this embodiment also describes how to obtain the terminal device context identifier in the following scenarios:
  • Scenario 1 The UE initiates an RRC connection recovery.
  • the UE uses the key of the original AS context for integrity protection and decides to send it to the network side on SRB1.
  • specific operations on the network side may include:
  • the RRC connection recovery request is handed over to the MAC layer of SRB0; decoding is performed by the MAC layer to determine that the TB data is data of SRB1.
  • the UE first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3.
  • the PUSCH is scrambled by using the temporary C-RNTI allocated in the RAR in the MSG2.
  • the network side may also perform a process of allocating a temporary C-RNTI to the terminal device in a random access response RAR in the MSG2.
  • the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: performing descrambling on the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH based on the temporary C-RNTI.
  • the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0.
  • the MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
  • the preamble sequence is used by the MSG3 to send an SRB1 message.
  • the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast.
  • the preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
  • the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
  • the network side After the UE receives the dedicated preamble, the network side responds to the RAR. Specifically, the network side sends a random access response to the terminal device, and at least the uplink scheduling resource and the temporary C-RNTI are carried in the random access response.
  • the UE sends an RRC connection recovery request according to the uplink scheduling resource in the RAR; the network side receives the MSG3 message that is sent by the terminal device through the PUSCH and includes the RRC connection recovery request.
  • the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
  • the identifier of the target network device is obtained by the blind solution, and the terminal device context identifier that is carried in the MSG3 decoding is obtained.
  • the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
  • the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
  • the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
  • the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
  • the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
  • the embodiment of the invention provides an integrity protection method, which is applied to a terminal device, and the method includes:
  • an MSG3 message including an RRC connection recovery request, where the RRC connection recovery request carries a terminal device context identifier.
  • the first network device in this embodiment can be understood as the current serving base station of the terminal device.
  • the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB.
  • the target network device can be understood as an anchor gNB that holds the terminal device context.
  • an MSG3 message including an RRC connection recovery request including:
  • the RRC Connection Recovery Request message is integrity protected and/or encrypted using a key and security algorithm in the UE AS context;
  • An RRC connection recovery request is sent in the MSG3, and the MAC CE carrying the terminal device context identifier is obtained in the MSG3.
  • the terminal device first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3.
  • the temporary C-RNTI allocated by the network side is obtained from the random access response RAR in the MSG2.
  • the RRC connection recovery request sent in the MSG3 on the PUSCH is scrambled based on the temporary C-RNTI. That is, the terminal device scrambles the PUSCH by using the temporary C-RNTI allocated in the RAR in the MSG2.
  • the network side may also perform processing of allocating a temporary C-RNTI to the terminal device in a random access response RAR in the MSG2.
  • the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: performing descrambling on the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH based on the temporary C-RNTI.
  • the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0.
  • the MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
  • the preamble sequence allocated by the network side is obtained by system broadcast, or the protocol specifies a whole network unique preamble sequence; wherein the preamble sequence is used by the MSG3 to send the SRB1 message.
  • the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast.
  • the preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
  • the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
  • the UE After receiving the dedicated preamble, the UE receives the random access response sent by the network side, acquires at least the uplink scheduling resource and the temporary C-RNTI in the random access response, and sends an RRC connection recovery based on the PUSCH corresponding to the uplink scheduling resource. request. Specifically, the network side sends a random access response to the terminal device, and at least the uplink scheduling resource and the temporary C-RNTI are carried in the random access response.
  • the base station identification part based on the terminal device context identifier, or the PUSCH is scrambled based on the terminal context identifier or based on the C-RNTI; correspondingly, the network side receiving terminal equipment sends the RRC connection recovery request by using the PUSCH MSG3 message.
  • the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
  • the identifier of the target network device is obtained by the blind solution, and the terminal device context identifier that is carried in the MSG3 decoding is obtained.
  • the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
  • the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
  • the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
  • the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
  • the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
  • An embodiment of the present invention provides a first network device, as shown in FIG. 3, including:
  • the first communication unit 31 receives an MSG3 message that is sent by the terminal device and includes an RRC connection recovery request, and acquires the terminal device context from the target network device.
  • the first processing unit 32 obtains the terminal device context identifier and/or the target network device identifier from the MSG3 and/or by decoding the PUSCH where the MSG3 is located.
  • the first network device in this embodiment can be understood as the current serving base station of the terminal device.
  • the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB.
  • the target network device can be understood as an anchor gNB that holds the terminal device context.
  • the obtaining the terminal device context from the target network device may specifically include the following two implementation manners:
  • the first communication unit 31 sends the TB data including the terminal device context identifier to the target network device;
  • the target network device determines that the integrity check is successful, acquiring the terminal device context from the target network device, and restoring the terminal device context;
  • the target network device determines that the integrity check fails, obtaining the rejecting the terminal device indication from the target network device, and rejecting the terminal device to restore the context request.
  • the first network device may forward the TB data to the target base station (that is, the target network device) when the terminal device context needs to be acquired; the target base station decodes the TB data, obtains the UE AS context id, and then finds The context of the UE, and recovering SRB1 according to the AS context of the UE, and performing decoding and integrity verification, and/or decryption;
  • the target base station that is, the target network device
  • the target base station decodes the TB data, obtains the UE AS context id, and then finds The context of the UE, and recovering SRB1 according to the AS context of the UE, and performing decoding and integrity verification, and/or decryption
  • the integrity verification of the target network device ie, the target base station
  • the context of the UE is sent to the serving base station.
  • the serving base station recovers the context of the UE; if the integrity protection verification fails, the serving base station is notified to reject the UE.
  • the first communication unit 31 acquires the terminal device context from the target network device based on the terminal device context identifier; the first processing unit 32 decodes and completes the TB data including the terminal device context identifier. Verifying that when the integrity check is successful, determining to restore the terminal device context; when the integrity check fails, determining to reject the terminal device to resume the context request.
  • the first network device (that is, the serving base station) requests the target base station for the UE context by using the UE AS context id; the first network device (that is, the serving base station) restores the context of the UE.
  • the TB data is then decoded and decoded and integrity verified, and/or decrypted.
  • the first network device restores the context of the UE if the integrity verification succeeds; if the integrity protection verification fails, the UE is rejected.
  • this embodiment also describes how to obtain the terminal device context identifier in the following scenarios:
  • Scenario 1 The UE initiates an RRC connection recovery.
  • the UE uses the key of the original AS context for integrity protection and decides to send it to the network side on SRB1.
  • specific operations on the network side may include:
  • the first communication unit 31 hands the RRC connection recovery request to the MAC layer of SRB0, and performs decoding by the MAC layer to determine that the TB data is data of SRB1.
  • the first processing unit receives an RRC connection recovery request sent by the terminal device in the MSG3, acquires a MAC CE carrying the terminal device context identifier from the MSG3, and acquires the terminal by decoding the MAC CE.
  • a device context identifier and an identification of the target network device are included in the MSG3.
  • the UE first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3.
  • the PUSCH is scrambled by using the temporary C-RNTI allocated in the RAR in the MSG2.
  • the network side may also perform the following processing: the first communication unit 31 allocates a temporary C-RNTI to the terminal device in the random access response RAR in the MSG2.
  • the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: a first processing unit 32, based on the temporary C-RNTI, the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH Perform descrambling.
  • the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0.
  • the MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
  • the first communication unit 31 broadcasts a preamble sequence to the terminal device by using a system broadcast, or the protocol specifies a unique preamble sequence of the entire network;
  • the preamble sequence is used by the MSG3 to send an SRB1 message.
  • the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast.
  • the preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
  • the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
  • the network side responds to the RAR. Specifically, the first communication unit 31 sends a random access response to the terminal device, and carries at least the uplink scheduling resource and the temporary C- in the random access response. RNTI.
  • the UE sends an RRC connection recovery request according to the uplink scheduling resource in the RAR; the network side receives the MSG3 message that is sent by the terminal device through the PUSCH and includes the RRC connection recovery request.
  • the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
  • the first processing unit when the PUSCH is scrambled based on the base station identification part of the terminal device context identifier, obtains the identifier of the target network device by using a blind solution, and the method is obtained according to the MSG3 decoding.
  • Terminal device context identifier when the PUSCH is scrambled based on the base station identification part of the terminal device context identifier, obtains the identifier of the target network device by using a blind solution, and the method is obtained according to the MSG3 decoding.
  • the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
  • the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
  • the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
  • the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
  • the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
  • An embodiment of the present invention provides a terminal device, as shown in FIG. 4, including:
  • the second communication unit 41 sends an MSG3 message including an RRC connection recovery request to the network side, where the RRC connection recovery request carries the terminal device context identifier.
  • the first network device in this embodiment can be understood as the current serving base station of the terminal device.
  • the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB.
  • the target network device can be understood as an anchor gNB that holds the terminal device context.
  • the terminal device further includes:
  • the second processing unit 42 restores the UE AS context and SRB1; performs integrity protection and/or encryption on the RRC connection recovery request message by using a key and a security algorithm in the UE AS context;
  • the second communication unit 41 sends an RRC connection recovery request in the MSG3, and acquires a MAC CE carrying the terminal device context identifier in the MSG3.
  • the terminal device first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3.
  • the temporary C-RNTI allocated by the network side is obtained from the random access response RAR in the MSG2.
  • the RRC connection recovery request sent in the MSG3 on the PUSCH is scrambled based on the temporary C-RNTI. That is, the terminal device scrambles the PUSCH by using the temporary C-RNTI allocated in the RAR in the MSG2.
  • the network side may also perform a process of allocating a temporary C-RNTI to the terminal device in a random access response RAR in the MSG2.
  • the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: performing descrambling on the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH based on the temporary C-RNTI.
  • the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0.
  • the MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
  • the second communication unit 41 acquires a preamble sequence allocated by the network side through system broadcast, or specifies a whole network unique preamble sequence by using a protocol; wherein the preamble sequence is used by the MSG3 to send an SRB1 message.
  • the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast.
  • the preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
  • the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
  • the second communication unit 41 After receiving the dedicated preamble, the second communication unit 41 receives a random access response sent by the network side, and acquires at least an uplink scheduling resource and a temporary C-RNTI in the random access response; The corresponding PUSCH transmits an RRC connection recovery request. Specifically, the network side sends a random access response to the terminal device, and at least the uplink scheduling resource and the temporary C-RNTI are carried in the random access response.
  • a second processing unit based on the base station identification part of the terminal device context identifier, or the PUSCH is scrambled based on the terminal context identifier or based on the C-RNTI; correspondingly, the network side receiving terminal device sends the content by using the PUSCH
  • the RRC connection recovers the requested MSG3 message.
  • the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
  • the identifier of the target network device is obtained by the blind solution, and the terminal device context identifier that is carried in the MSG3 decoding is obtained.
  • the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
  • the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
  • the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
  • the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
  • the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
  • the embodiment of the present invention further provides a hardware component architecture of a network device or a terminal device.
  • the system includes at least one processor 51, a memory 52, and at least one network interface 53.
  • the various components are coupled together by a bus system 54.
  • bus system 54 is used to implement connection communication between these components.
  • the bus system 54 includes, in addition to the data bus, a power bus, a control bus, and a status signal bus.
  • various buses are labeled as bus system 54 in FIG.
  • the memory 52 in the embodiments of the present invention may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memory.
  • memory 52 stores elements, executable modules or data structures, or a subset thereof, or their extension set:
  • the processor 51 is configured to be able to process the method steps of the first embodiment or the second embodiment, and details are not described herein.
  • a computer storage medium is provided by the embodiment of the present invention.
  • the computer storage medium stores computer executable instructions. When the computer executable instructions are executed, the method steps of the first embodiment or the second embodiment are implemented.
  • Embodiments of the Invention may be stored in a computer readable storage medium if it is implemented in the form of a software function module and sold or used as a standalone product. Based on such understanding, the technical solution of the embodiments of the present invention may be embodied in the form of a software product in essence or in the form of a software product stored in a storage medium, including a plurality of instructions.
  • a computer device (which may be a personal computer, server, or network device, etc.) is caused to perform all or part of the methods described in various embodiments of the present invention.
  • the foregoing storage medium includes various media that can store program codes, such as a USB flash drive, a mobile hard disk, a read only memory (ROM), a magnetic disk, or an optical disk.
  • embodiments of the invention are not limited to any specific combination of hardware and software.
  • an embodiment of the present invention further provides a computer storage medium, wherein a computer program is configured, and the computer program is configured to execute a data scheduling method according to an embodiment of the present invention.

Abstract

Disclosed are an integrity verification method, a network device, a terminal device, and a computer storage medium. The method comprises: receiving an MSG3 message that comprises a connection resume request (RRC) and that is sent by a terminal device; acquiring a context identifier of the terminal device and/or an identifier of a target network device from within the MSG3 and/or by means of decoding a PUSCH in which the MSG3 is located; and acquiring context of the terminal device from within the target network device.

Description

完整性校验方法、网络设备、终端设备及计算机存储介质Integrity verification method, network device, terminal device, and computer storage medium 技术领域Technical field
本发明涉及信息处理技术领域,尤其涉及一种完整性校验方法、网络设备、终端设备及计算机存储介质。The present invention relates to the field of information processing technologies, and in particular, to an integrity verification method, a network device, a terminal device, and a computer storage medium.
背景技术Background technique
5G网络环境中为了降低空口信令和快速恢复无线连接,快速恢复数据业务的目的,定义一个新的RRC状态,即RRC_INACTIVE状态。当终端设备处于RRC_INACTIVE状态,网络侧会通过专用信令给UE配置RAN的寻呼区域,该RAN寻呼区域可以是一个小区或者多个小区。当UE在该区域内移动时不用通知网络侧,遵循idle下移动性行为,即小区选择重选原则。当UE移动出RAN配置的寻呼区域时,会触发UE恢复RRC连接并重新获取RAN配置的寻呼区域。当UE有下行数据到达时,为UE保持RAN和CN之间连接的gNB会触发RAN寻呼区域内的所有小区发送寻呼消息给UE,使得INACTIVCE状态的UE能够恢复RRC连接,进行数据接收。In the 5G network environment, in order to reduce air interface signaling and quickly recover wireless connections, and quickly recover data services, a new RRC state, that is, an RRC_INACTIVE state, is defined. When the terminal device is in the RRC_INACTIVE state, the network side configures the paging area of the RAN by using dedicated signaling to the UE, and the RAN paging area may be one cell or multiple cells. When the UE moves within the area, the network side is not notified, and the mobility behavior under the idle, that is, the cell selection reselection principle is followed. When the UE moves out of the paging area configured by the RAN, the UE is triggered to resume the RRC connection and re-acquire the paging area configured by the RAN. When the UE has downlink data, the gNB that keeps the connection between the RAN and the CN for the UE triggers all the cells in the RAN paging area to send a paging message to the UE, so that the UE in the INACTIVCE state can resume the RRC connection and perform data reception.
在随机接入过程的MSG3中,即RRC ConnectionResumeRequest消息中携带了UE的AS上下文id信息以及安全信息Short MAC-I及原因值,考虑的安全攻击存在的可能性,会有假基站冒充发送MSG3消息,或者其他针对该UE的消息,造成网络被攻击的风险,需要对携带UE标识信息以及原因值信息的消息进行安全保护。In the MSG3 of the random access procedure, that is, the RRC ConnectionResumeRequest message carries the AS context id information of the UE and the security information Short MAC-I and the cause value, and the possibility of considering the security attack exists, the fake base station pretends to send the MSG3 message. , or other messages for the UE, the risk of the network being attacked, and the message carrying the UE identification information and the cause value information needs to be secured.
发明内容Summary of the invention
为解决上述技术问题,本发明实施例提供了一种完整性校验方法、网络设备、终端设备及计算机存储介质。To solve the above technical problem, an embodiment of the present invention provides an integrity verification method, a network device, a terminal device, and a computer storage medium.
本发明实施例提供一种完整性保护方法,应用于第一网络设备,所述 方法包括:An embodiment of the present invention provides an integrity protection method, which is applied to a first network device, where the method includes:
接收终端设备发来的包含RRC连接恢复请求的MSG3消息;Receiving, by the terminal device, an MSG3 message including an RRC connection recovery request;
从所述MSG3中和/或通过解码MSG3所在PUSCH,获取终端设备上下文标识、和/或目标网络设备标识;Obtaining a terminal device context identifier, and/or a target network device identifier from the MSG3 and/or by decoding a PUSCH where the MSG3 is located;
从所述目标网络设备中获取所述终端设备上下文。Obtaining the terminal device context from the target network device.
本发明实施例提供一种完整性保护方法,应用于终端设备,所述方法包括:The embodiment of the invention provides an integrity protection method, which is applied to a terminal device, and the method includes:
向网络侧发送包含RRC连接恢复请求的MSG3消息;其中,所述RRC连接恢复请求中携带终端设备上下文标识。Sending, to the network side, an MSG3 message including an RRC connection recovery request, where the RRC connection recovery request carries a terminal device context identifier.
本发明实施例提供一种第一网络设备,所述方法包括:An embodiment of the present invention provides a first network device, where the method includes:
第一通信单元,接收终端设备发来的包含RRC连接恢复请求的MSG3消息;从所述目标网络设备中获取所述终端设备上下文;The first communication unit receives an MSG3 message that is sent by the terminal device and includes an RRC connection recovery request; and acquires the terminal device context from the target network device;
第一处理单元,从所述MSG3中和/或通过解码MSG3所在PUSCH,获取终端设备上下文标识、和/或目标网络设备标识。The first processing unit acquires the terminal device context identifier and/or the target network device identifier from the MSG3 and/or by decoding the PUSCH where the MSG3 is located.
本发明实施例提供一种终端设备,所述终端设备包括:The embodiment of the invention provides a terminal device, where the terminal device includes:
第二通信单元,向网络侧发送包含RRC连接恢复请求的MSG3消息;其中,所述RRC连接恢复请求中携带终端设备上下文标识。The second communication unit sends an MSG3 message including an RRC connection recovery request to the network side, where the RRC connection recovery request carries the terminal device context identifier.
本发明实施例提供的一种第一网络设备,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,A first network device provided by an embodiment of the present invention includes: a processor and a memory for storing a computer program capable of running on a processor,
其中,所述处理器用于运行所述计算机程序时,执行前述方法的步骤。Wherein the processor is configured to perform the steps of the foregoing method when the computer program is run.
本发明实施例提供的一种终端设备,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,A terminal device provided by an embodiment of the present invention includes: a processor and a memory for storing a computer program capable of running on a processor,
其中,所述处理器用于运行所述计算机程序时,执行前述方法的步骤。Wherein the processor is configured to perform the steps of the foregoing method when the computer program is run.
本发明实施例提供的一种计算机存储介质,所述计算机存储介质存储有计算机可执行指令,所述计算机可执行指令被执行时实现前述方法步骤。A computer storage medium is provided by the embodiment of the present invention. The computer storage medium stores computer executable instructions, and the foregoing method steps are implemented when the computer executable instructions are executed.
本发明实施例的技术方案,就能够通过MAC CE方式向网络侧发送终端设备上下文标识或者通过加扰PUSCH来携带终端设备上下文标识,从而网络设备能够识别终端设备对应的目标基站并从目标基站中寻找上下文。 从而,当终端设备所接入的网络设备管理的当前小区没有终端设备上下文的时候,能够根据终端设备上下文标识从目标基站中获取上下文,提升了终端设备接入网络的可靠性。The technical solution of the embodiment of the present invention can transmit the terminal device context identifier to the network side by using the MAC CE method or carry the terminal device context identifier by using the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and obtain the target base station from the target base station. Look for context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, thereby improving the reliability of the terminal device accessing the network.
附图说明DRAWINGS
图1为本发明实施例提供的一种完整性校验方法流程示意图;1 is a schematic flowchart of an integrity verification method according to an embodiment of the present invention;
图2为一种网络结构示意图;2 is a schematic diagram of a network structure;
图3为本发明实施例第一网络设备组成结构示意图;3 is a schematic structural diagram of a first network device according to an embodiment of the present invention;
图4为本发明实施例终端设备组成结构示意图;4 is a schematic structural diagram of a terminal device according to an embodiment of the present invention;
图5为本发明实施例的一种硬件架构示意图。FIG. 5 is a schematic diagram of a hardware architecture according to an embodiment of the present invention.
具体实施方式Detailed ways
为了能够更加详尽地了解本发明实施例的特点与技术内容,下面结合附图对本发明实施例的实现进行详细阐述,所附附图仅供参考说明之用,并非用来限定本发明实施例。The embodiments of the present invention are described in detail below with reference to the accompanying drawings.
实施例一、Embodiment 1
本发明实施例提供了一种完整性保护方法,应用于第一网络设备,如图1所示,所述方法包括:An embodiment of the present invention provides an integrity protection method, which is applied to a first network device. As shown in FIG. 1, the method includes:
步骤101:接收终端设备发来的包含RRC连接恢复请求的MSG3消息;Step 101: Receive an MSG3 message that is sent by the terminal device and includes an RRC connection recovery request.
步骤102:从所述MSG3中和/或通过解码MSG3所在PUSCH,获取终端设备上下文标识、和/或目标网络设备标识;Step 102: Obtain a terminal device context identifier, and/or a target network device identifier from the MSG3 and/or by decoding a PUSCH where the MSG3 is located.
步骤103:从所述目标网络设备中获取所述终端设备上下文。Step 103: Acquire the terminal device context from the target network device.
本实施例中所述第一网络设备可以理解为终端设备当前的服务基站,比如,图2所示,终端设备也就是图中的用户设备(UE),当前UE处于服务基站,即服务gNB的覆盖范围内,目标网络设备可以理解为保存终端设备上下文的锚基站(Anchor gNB)。The first network device in this embodiment can be understood as the current serving base station of the terminal device. For example, as shown in FIG. 2, the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB. Within the coverage, the target network device can be understood as an anchor gNB that holds the terminal device context.
前述步骤103中,所述从所述目标网络设备中获取所述终端设备上下 文,包可以具体包括以下两种实现方式:In the foregoing step 103, the acquiring the terminal device context from the target network device, the packet may specifically include the following two implementation manners:
方式一、method one,
将包含有所述终端设备上下文标识的TB数据发送至所述目标网络设备;Transmitting TB data including the terminal device context identifier to the target network device;
当所述目标网络设备确定完整性校验成功时,从所述目标网络设备获取所述终端设备上下文,并恢复所述终端设备上下文;When the target network device determines that the integrity check is successful, acquiring the terminal device context from the target network device, and restoring the terminal device context;
当所述目标网络设备确定完整性校验失败时,从所述目标网络设备获取拒绝所述终端设备指示,并拒绝所述终端设备恢复上下文请求。And when the target network device determines that the integrity check fails, obtaining the rejecting the terminal device indication from the target network device, and rejecting the terminal device to restore the context request.
具体来说,第一网络设备可以在需要获取终端设备上下文的时候,将TB数据转发给目标基站(也就是目标网络设备);目标基站将该TB数据进行解码,获取UE AS上下文id,然后找到UE的上下文,并根据UE的AS上下文恢复SRB1,并进行解码以及完整性验证,和/或解密;Specifically, the first network device may forward the TB data to the target base station (that is, the target network device) when the terminal device context needs to be acquired; the target base station decodes the TB data, obtains the UE AS context id, and then finds The context of the UE, and recovering SRB1 according to the AS context of the UE, and performing decoding and integrity verification, and/or decryption;
相应的,如果目标网络设备(即目标基站)完整性验证成功,则将UE的上下文发送给服务基站。服务基站恢复UE的上下文;如果完整性保护验证失败,则通知服务基站拒绝该UE。Correspondingly, if the integrity verification of the target network device (ie, the target base station) is successful, the context of the UE is sent to the serving base station. The serving base station recovers the context of the UE; if the integrity protection verification fails, the serving base station is notified to reject the UE.
方式二、Method 2,
基于所述终端设备上下文标识,从所述目标网络设备获取所述终端设备上下文;针对包含有所述终端设备上下文标识的TB数据进行解码以及完整性校验;当所述完整性校验成功时,确定恢复所述终端设备上下文;当所述完整性校验失败时,确定拒绝所述终端设备恢复上下文请求。Acquiring, according to the terminal device context identifier, the terminal device context from the target network device; performing decoding and integrity check on the TB data including the terminal device context identifier; when the integrity check succeeds Determining to restore the terminal device context; when the integrity check fails, determining to reject the terminal device to resume the context request.
具体来说,第一网络设备(也就是服务基站)通过UE AS上下文id,向目标基站索要UE上下文;第一网络设备(也就是服务基站)恢复UE的上下文。然后对TB数据进行解码,并进行解码以及完整性验证,和/或解密。Specifically, the first network device (that is, the serving base station) requests the target base station for the UE context by using the UE AS context id; the first network device (that is, the serving base station) restores the context of the UE. The TB data is then decoded and decoded and integrity verified, and/or decrypted.
相应的,第一网络设备(也就是服务基站)如果完整性验证成功,则服务基站恢复UE的上下文;如果完整性保护验证失败,则拒绝该UE。Correspondingly, the first network device (that is, the serving base station) restores the context of the UE if the integrity verification succeeds; if the integrity protection verification fails, the UE is rejected.
在前述方案的基础上,本实施例还针对如何获取终端设备上下文标识进行以下多种场景的说明:On the basis of the foregoing solution, this embodiment also describes how to obtain the terminal device context identifier in the following scenarios:
场景1、UE发起RRC连接恢复,则UE使用原来AS上下文的密钥进行完整性保护,并决定在SRB1上发送给网络侧。相应的,网络侧具体的操作可以包括:Scenario 1. The UE initiates an RRC connection recovery. The UE uses the key of the original AS context for integrity protection and decides to send it to the network side on SRB1. Correspondingly, specific operations on the network side may include:
所述接收终端设备发来的包含RRC连接恢复请求的MSG3消息,包括:The receiving, by the receiving terminal device, the MSG3 message that includes the RRC connection recovery request, including:
将所述RRC连接恢复请求交给SRB0的MAC层;通过所述MAC层进行解码以确定TB数据为SRB1的数据。The RRC connection recovery request is handed over to the MAC layer of SRB0; decoding is performed by the MAC layer to determine that the TB data is data of SRB1.
所述从所述MSG3中和/或通过解码MSG3所在PUSCH,获取终端设备上下文标识、和/或目标网络设备标识,包括:Obtaining the terminal device context identifier and/or the target network device identifier from the MSG3 and/or by decoding the PUSCH where the MSG3 is located, including:
接收所述终端设备在MSG3中发送的RRC连接恢复请求,从所述MSG3中获取携带有所述终端设备上下文标识的MAC CE;通过解码所述MAC CE获取所述终端设备上下文标识,并确定所述目标网络设备的标识。Receiving an RRC connection recovery request sent by the terminal device in the MSG3, acquiring a MAC CE carrying the terminal device context identifier from the MSG3, acquiring the terminal device context identifier by decoding the MAC CE, and determining the location The identifier of the target network device.
进一步地,UE首先进行竞争随机接入过程,在MSG3中发送RRC连接恢复请求消息给网络侧,同时在MSG3中添加一个UE AS上下文id的MAC CE。此时采用MSG2中RAR中分配的临时C-RNTI对PUSCH进行加扰。Further, the UE first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3. At this time, the PUSCH is scrambled by using the temporary C-RNTI allocated in the RAR in the MSG2.
在前述终端设备侧的处理的基础上,网络侧还可以执行以下处理:在MSG2中的随机接入响应RAR中向所述终端设备分配临时C-RNTI。相应的,所述接收终端设备发来的包含RRC连接恢复请求的MSG3消息还包括:基于临时C-RNTI,对PUSCH上所述终端设备在MSG3中发送的RRC连接恢复请求进行解扰。On the basis of the foregoing processing on the terminal device side, the network side may also perform a process of allocating a temporary C-RNTI to the terminal device in a random access response RAR in the MSG2. Correspondingly, the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: performing descrambling on the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH based on the temporary C-RNTI.
也就是说,网络侧在PUSCH上通过临时C-RNTI对数据进行解扰,然后将UE递交给SRB0的MAC层,MAC解码发现该TB数据是SRB1上的数据,且解码出UE AS上下文id,并根据UE AS上下文id找到目标网络设备。That is, the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0. The MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
场景2、Scene 2
通过系统广播向所述终端设备广播前导序列,或协议规定全网唯一前导序列;Broadcasting a preamble sequence to the terminal device by a system broadcast, or a protocol specifying a unique preamble sequence of the entire network;
其中,所述前导序列用于MSG3发送SRB1消息。The preamble sequence is used by the MSG3 to send an SRB1 message.
也就是说网络侧为终端设备(也就是UE)分配专用的preamble,该preamble可以是全网唯一,也可以是小区内唯一,且在系统广播里面广播该预留的preamble。该preamble用于指示UE发起的RRC连接恢复请求,采用SRB1发送,和/或采用完整性保护,和/或采用加密等等。That is to say, the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast. The preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
如果UE恢复RRC连接,且采用SRB1发送,和/或采用完整性保护,和/或采用加密。则UE发送该专用preamble。If the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
UE收到该专用preamble后,网络侧响应RAR,具体的,网络侧向所述终端设备发送随机接入响应,在所述随机接入响应中至少携带上行调度资源和临时C-RNTI。After the UE receives the dedicated preamble, the network side responds to the RAR. Specifically, the network side sends a random access response to the terminal device, and at least the uplink scheduling resource and the temporary C-RNTI are carried in the random access response.
UE根据RAR里面的上行调度资源发送RRC连接恢复请求;网络侧接收终端设备通过PUSCH发来的包含RRC连接恢复请求的MSG3消息。The UE sends an RRC connection recovery request according to the uplink scheduling resource in the RAR; the network side receives the MSG3 message that is sent by the terminal device through the PUSCH and includes the RRC connection recovery request.
进一步地,终端设备(也就是UE)发送该消息的PUSCH可以采用UE as context ID的gNB id部分进行加扰,或者RAR里面的C-RNTI加扰,或者UE context id加扰等等。Further, the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
相应的,当所述PUSCH为基于终端设备上下文标识的基站标识部分进行加扰时,通过盲解获取所述目标网络设备的标识,基于MSG3解码中获取携带的所述终端设备上下文标识;Correspondingly, when the PUSCH is scrambled based on the base station identification part of the terminal device context identifier, the identifier of the target network device is obtained by the blind solution, and the terminal device context identifier that is carried in the MSG3 decoding is obtained.
当所述PUSCH基于所述终端上下文标识进行加扰时,通过盲解获取所述终端设备上下文标识,并确定目标基站(目标网络设备)的标识;When the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
也就是,UE as context ID的gNB id部分进行加扰或者UE as context ID进行加扰,则网络侧通过盲解获取目标基站的标识。That is, the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
当所述PUSCH为基于临时C-RNTI进行加扰时,基于MSG3解码中获取携带的所述终端设备上下文标识,并确定目标基站的标识。When the PUSCH is scrambled based on the temporary C-RNTI, the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
即终端设备采用RAR里面的C-RNTI加扰,则此时MSG3中携带UE context id MAC CE。找到目标基站。That is, the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
可见,通过采用上述方案,就能够通过MAC CE方式向网络侧发送终端设备上下文标识或者通过加扰PUSCH来携带终端设备上下文标识,从而网络设备能够识别终端设备对应的目标基站并从目标基站中寻找上下文。 从而,当终端设备所接入的网络设备管理的当前小区没有终端设备上下文的时候,能够根据终端设备上下文标识从目标基站中获取上下文,提升了终端设备接入网络的可靠性以及系统处理效率。It can be seen that, by using the foregoing solution, the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
实施例二、Embodiment 2
本发明实施例提供了一种完整性保护方法,应用于终端设备,所述方法包括:The embodiment of the invention provides an integrity protection method, which is applied to a terminal device, and the method includes:
向网络侧发送包含RRC连接恢复请求的MSG3消息;其中,所述RRC连接恢复请求中携带终端设备上下文标识。Sending, to the network side, an MSG3 message including an RRC connection recovery request, where the RRC connection recovery request carries a terminal device context identifier.
本实施例中所述第一网络设备可以理解为终端设备当前的服务基站,比如,图2所示,终端设备也就是图中的用户设备(UE),当前UE处于服务基站,即服务gNB的覆盖范围内,目标网络设备可以理解为保存终端设备上下文的锚基站(Anchor gNB)。The first network device in this embodiment can be understood as the current serving base station of the terminal device. For example, as shown in FIG. 2, the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB. Within the coverage, the target network device can be understood as an anchor gNB that holds the terminal device context.
本实施例针对发送RRC连接恢复请求提供以下两种场景:This embodiment provides the following two scenarios for sending an RRC connection recovery request:
场景1、scene 1,
所述向网络侧发送包含RRC连接恢复请求的MSG3消息,包括:Sending, by the network side, an MSG3 message including an RRC connection recovery request, including:
恢复UE AS上下文和SRB1;Restore the UE AS context and SRB1;
使用UE AS上下文中的密钥和安全算法对RRC连接恢复请求消息进行完整性保护,和/或加密;The RRC Connection Recovery Request message is integrity protected and/or encrypted using a key and security algorithm in the UE AS context;
在MSG3中发送RRC连接恢复请求,在所述MSG3中获取携带有所述终端设备上下文标识的MAC CE。An RRC connection recovery request is sent in the MSG3, and the MAC CE carrying the terminal device context identifier is obtained in the MSG3.
终端设备首先进行竞争随机接入过程,在MSG3中发送RRC连接恢复请求消息给网络侧,同时在MSG3中添加一个UE AS上下文id的MAC CE。此时从MSG2中的随机接入响应RAR中获取网络侧分配的临时C-RNTI。具体的,基于临时C-RNTI,对PUSCH上在MSG3中发送的RRC连接恢复请求进行加扰。也就是终端设备采用MSG2中RAR中分配的临时C-RNTI对PUSCH进行加扰。The terminal device first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3. At this time, the temporary C-RNTI allocated by the network side is obtained from the random access response RAR in the MSG2. Specifically, the RRC connection recovery request sent in the MSG3 on the PUSCH is scrambled based on the temporary C-RNTI. That is, the terminal device scrambles the PUSCH by using the temporary C-RNTI allocated in the RAR in the MSG2.
在前述终端设备侧的处理的基础上,网络侧还可以执行以下处理:在 MSG2中的随机接入响应RAR中向所述终端设备分配临时C-RNTI。相应的,所述接收终端设备发来的包含RRC连接恢复请求的MSG3消息还包括:基于临时C-RNTI,对PUSCH上所述终端设备在MSG3中发送的RRC连接恢复请求进行解扰。On the basis of the foregoing processing on the terminal device side, the network side may also perform processing of allocating a temporary C-RNTI to the terminal device in a random access response RAR in the MSG2. Correspondingly, the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: performing descrambling on the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH based on the temporary C-RNTI.
也就是说,网络侧在PUSCH上通过临时C-RNTI对数据进行解扰,然后将UE递交给SRB0的MAC层,MAC解码发现该TB数据是SRB1上的数据,且解码出UE AS上下文id,并根据UE AS上下文id找到目标网络设备。That is, the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0. The MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
场景2、Scene 2
通过系统广播获取网络侧分配的前导序列,或协议规定全网唯一前导序列;其中,所述前导序列用于MSG3发送SRB1消息。The preamble sequence allocated by the network side is obtained by system broadcast, or the protocol specifies a whole network unique preamble sequence; wherein the preamble sequence is used by the MSG3 to send the SRB1 message.
也就是说网络侧为终端设备(也就是UE)分配专用的preamble,该preamble可以是全网唯一,也可以是小区内唯一,且在系统广播里面广播该预留的preamble。该preamble用于指示UE发起的RRC连接恢复请求,采用SRB1发送,和/或采用完整性保护,和/或采用加密等等。That is to say, the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast. The preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
如果UE恢复RRC连接,且采用SRB1发送,和/或采用完整性保护,和/或采用加密。则UE发送该专用preamble。If the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
UE收到该专用preamble后,接收网络侧发送的随机接入响应;在所述随机接入响应中至少获取上行调度资源和临时C-RNTI;基于所述上行调度资源对应的PUSCH发送RRC连接恢复请求。具体的,网络侧向所述终端设备发送随机接入响应,在所述随机接入响应中至少携带上行调度资源和临时C-RNTI。After receiving the dedicated preamble, the UE receives the random access response sent by the network side, acquires at least the uplink scheduling resource and the temporary C-RNTI in the random access response, and sends an RRC connection recovery based on the PUSCH corresponding to the uplink scheduling resource. request. Specifically, the network side sends a random access response to the terminal device, and at least the uplink scheduling resource and the temporary C-RNTI are carried in the random access response.
基于终端设备上下文标识的基站标识部分、或者、所述PUSCH基于所述终端上下文标识、或者基于C-RNTI进行加扰;相应的,网络侧接收终端设备通过PUSCH发来的包含RRC连接恢复请求的MSG3消息。The base station identification part based on the terminal device context identifier, or the PUSCH is scrambled based on the terminal context identifier or based on the C-RNTI; correspondingly, the network side receiving terminal equipment sends the RRC connection recovery request by using the PUSCH MSG3 message.
进一步地,终端设备(也就是UE)发送该消息的PUSCH可以采用UE as context ID的gNB id部分进行加扰,或者RAR里面的C-RNTI加扰,或者UE context id加扰等等。Further, the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
相应的,当所述PUSCH为基于终端设备上下文标识的基站标识部分进行加扰时,通过盲解获取所述目标网络设备的标识,基于MSG3解码中获取携带的所述终端设备上下文标识;Correspondingly, when the PUSCH is scrambled based on the base station identification part of the terminal device context identifier, the identifier of the target network device is obtained by the blind solution, and the terminal device context identifier that is carried in the MSG3 decoding is obtained.
当所述PUSCH基于所述终端上下文标识进行加扰时,通过盲解获取所述终端设备上下文标识,并确定目标基站(目标网络设备)的标识;When the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
也就是,UE as context ID的gNB id部分进行加扰或者UE as context ID进行加扰,则网络侧通过盲解获取目标基站的标识。That is, the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
当所述PUSCH为基于临时C-RNTI进行加扰时,基于MSG3解码中获取携带的所述终端设备上下文标识,并确定目标基站的标识。When the PUSCH is scrambled based on the temporary C-RNTI, the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
即终端设备采用RAR里面的C-RNTI加扰,则此时MSG3中携带UE context id MAC CE。找到目标基站。That is, the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
可见,通过采用上述方案,就能够通过MAC CE方式向网络侧发送终端设备上下文标识或者通过加扰PUSCH来携带终端设备上下文标识,从而网络设备能够识别终端设备对应的目标基站并从目标基站中寻找上下文。从而,当终端设备所接入的网络设备管理的当前小区没有终端设备上下文的时候,能够根据终端设备上下文标识从目标基站中获取上下文,提升了终端设备接入网络的可靠性以及系统处理效率。It can be seen that, by using the foregoing solution, the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
实施例三、Embodiment 3
本发明实施例提供了一种第一网络设备,如图3所示,包括:An embodiment of the present invention provides a first network device, as shown in FIG. 3, including:
第一通信单元31,接收终端设备发来的包含RRC连接恢复请求的MSG3消息;从所述目标网络设备中获取所述终端设备上下文;The first communication unit 31 receives an MSG3 message that is sent by the terminal device and includes an RRC connection recovery request, and acquires the terminal device context from the target network device.
第一处理单元32,从所述MSG3中和/或通过解码MSG3所在PUSCH,获取终端设备上下文标识、和/或目标网络设备标识。The first processing unit 32 obtains the terminal device context identifier and/or the target network device identifier from the MSG3 and/or by decoding the PUSCH where the MSG3 is located.
本实施例中所述第一网络设备可以理解为终端设备当前的服务基站,比如,图2所示,终端设备也就是图中的用户设备(UE),当前UE处于服务基站,即服务gNB的覆盖范围内,目标网络设备可以理解为保存终端设备上下文的锚基站(Anchor gNB)。The first network device in this embodiment can be understood as the current serving base station of the terminal device. For example, as shown in FIG. 2, the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB. Within the coverage, the target network device can be understood as an anchor gNB that holds the terminal device context.
所述从所述目标网络设备中获取所述终端设备上下文,包可以具体包括以下两种实现方式:The obtaining the terminal device context from the target network device, the packet may specifically include the following two implementation manners:
方式一、method one,
第一通信单元31,将包含有所述终端设备上下文标识的TB数据发送至所述目标网络设备;The first communication unit 31 sends the TB data including the terminal device context identifier to the target network device;
当所述目标网络设备确定完整性校验成功时,从所述目标网络设备获取所述终端设备上下文,并恢复所述终端设备上下文;When the target network device determines that the integrity check is successful, acquiring the terminal device context from the target network device, and restoring the terminal device context;
当所述目标网络设备确定完整性校验失败时,从所述目标网络设备获取拒绝所述终端设备指示,并拒绝所述终端设备恢复上下文请求。And when the target network device determines that the integrity check fails, obtaining the rejecting the terminal device indication from the target network device, and rejecting the terminal device to restore the context request.
具体来说,第一网络设备可以在需要获取终端设备上下文的时候,将TB数据转发给目标基站(也就是目标网络设备);目标基站将该TB数据进行解码,获取UE AS上下文id,然后找到UE的上下文,并根据UE的AS上下文恢复SRB1,并进行解码以及完整性验证,和/或解密;Specifically, the first network device may forward the TB data to the target base station (that is, the target network device) when the terminal device context needs to be acquired; the target base station decodes the TB data, obtains the UE AS context id, and then finds The context of the UE, and recovering SRB1 according to the AS context of the UE, and performing decoding and integrity verification, and/or decryption;
相应的,如果目标网络设备(即目标基站)完整性验证成功,则将UE的上下文发送给服务基站。服务基站恢复UE的上下文;如果完整性保护验证失败,则通知服务基站拒绝该UE。Correspondingly, if the integrity verification of the target network device (ie, the target base station) is successful, the context of the UE is sent to the serving base station. The serving base station recovers the context of the UE; if the integrity protection verification fails, the serving base station is notified to reject the UE.
方式二、Method 2,
第一通信单元31,基于所述终端设备上下文标识,从所述目标网络设备获取所述终端设备上下文;第一处理单元32,针对包含有所述终端设备上下文标识的TB数据进行解码以及完整性校验;当所述完整性校验成功时,确定恢复所述终端设备上下文;当所述完整性校验失败时,确定拒绝所述终端设备恢复上下文请求。The first communication unit 31 acquires the terminal device context from the target network device based on the terminal device context identifier; the first processing unit 32 decodes and completes the TB data including the terminal device context identifier. Verifying that when the integrity check is successful, determining to restore the terminal device context; when the integrity check fails, determining to reject the terminal device to resume the context request.
具体来说,第一网络设备(也就是服务基站)通过UE AS上下文id,向目标基站索要UE上下文;第一网络设备(也就是服务基站)恢复UE的上下文。然后对TB数据进行解码,并进行解码以及完整性验证,和/或解密。Specifically, the first network device (that is, the serving base station) requests the target base station for the UE context by using the UE AS context id; the first network device (that is, the serving base station) restores the context of the UE. The TB data is then decoded and decoded and integrity verified, and/or decrypted.
相应的,第一网络设备(也就是服务基站)如果完整性验证成功,则服务基站恢复UE的上下文;如果完整性保护验证失败,则拒绝该UE。Correspondingly, the first network device (that is, the serving base station) restores the context of the UE if the integrity verification succeeds; if the integrity protection verification fails, the UE is rejected.
在前述方案的基础上,本实施例还针对如何获取终端设备上下文标识进行以下多种场景的说明:On the basis of the foregoing solution, this embodiment also describes how to obtain the terminal device context identifier in the following scenarios:
场景1、UE发起RRC连接恢复,则UE使用原来AS上下文的密钥进行完整性保护,并决定在SRB1上发送给网络侧。相应的,网络侧具体的操作可以包括:Scenario 1. The UE initiates an RRC connection recovery. The UE uses the key of the original AS context for integrity protection and decides to send it to the network side on SRB1. Correspondingly, specific operations on the network side may include:
第一通信单元31,将所述RRC连接恢复请求交给SRB0的MAC层;通过所述MAC层进行解码以确定TB数据为SRB1的数据。The first communication unit 31 hands the RRC connection recovery request to the MAC layer of SRB0, and performs decoding by the MAC layer to determine that the TB data is data of SRB1.
所述第一处理单元,接收所述终端设备在MSG3中发送的RRC连接恢复请求,从所述MSG3中获取携带有所述终端设备上下文标识的MAC CE;通过解码所述MAC CE获取所述终端设备上下文标识,并确定所述目标网络设备的标识。The first processing unit receives an RRC connection recovery request sent by the terminal device in the MSG3, acquires a MAC CE carrying the terminal device context identifier from the MSG3, and acquires the terminal by decoding the MAC CE. A device context identifier and an identification of the target network device.
进一步地,UE首先进行竞争随机接入过程,在MSG3中发送RRC连接恢复请求消息给网络侧,同时在MSG3中添加一个UE AS上下文id的MAC CE。此时采用MSG2中RAR中分配的临时C-RNTI对PUSCH进行加扰。Further, the UE first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3. At this time, the PUSCH is scrambled by using the temporary C-RNTI allocated in the RAR in the MSG2.
在前述终端设备侧的处理的基础上,网络侧还可以执行以下处理:第一通信单元31,在MSG2中的随机接入响应RAR中向所述终端设备分配临时C-RNTI。相应的,所述接收终端设备发来的包含RRC连接恢复请求的MSG3消息还包括:第一处理单元32,基于临时C-RNTI,对PUSCH上所述终端设备在MSG3中发送的RRC连接恢复请求进行解扰。On the basis of the foregoing processing on the terminal device side, the network side may also perform the following processing: the first communication unit 31 allocates a temporary C-RNTI to the terminal device in the random access response RAR in the MSG2. Correspondingly, the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: a first processing unit 32, based on the temporary C-RNTI, the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH Perform descrambling.
也就是说,网络侧在PUSCH上通过临时C-RNTI对数据进行解扰,然后将UE递交给SRB0的MAC层,MAC解码发现该TB数据是SRB1上的数据,且解码出UE AS上下文id,并根据UE AS上下文id找到目标网络设备。That is, the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0. The MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
场景2、Scene 2
第一通信单元31,通过系统广播向所述终端设备广播前导序列,或协议规定全网唯一前导序列;The first communication unit 31 broadcasts a preamble sequence to the terminal device by using a system broadcast, or the protocol specifies a unique preamble sequence of the entire network;
其中,所述前导序列用于MSG3发送SRB1消息。The preamble sequence is used by the MSG3 to send an SRB1 message.
也就是说网络侧为终端设备(也就是UE)分配专用的preamble,该preamble可以是全网唯一,也可以是小区内唯一,且在系统广播里面广播该预留的preamble。该preamble用于指示UE发起的RRC连接恢复请求,采用SRB1发送,和/或采用完整性保护,和/或采用加密等等。That is to say, the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast. The preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
如果UE恢复RRC连接,且采用SRB1发送,和/或采用完整性保护,和/或采用加密。则UE发送该专用preamble。If the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
UE收到该专用preamble后,网络侧响应RAR,具体的,第一通信单元31,向所述终端设备发送随机接入响应,在所述随机接入响应中至少携带上行调度资源和临时C-RNTI。After the UE receives the dedicated preamble, the network side responds to the RAR. Specifically, the first communication unit 31 sends a random access response to the terminal device, and carries at least the uplink scheduling resource and the temporary C- in the random access response. RNTI.
UE根据RAR里面的上行调度资源发送RRC连接恢复请求;网络侧接收终端设备通过PUSCH发来的包含RRC连接恢复请求的MSG3消息。The UE sends an RRC connection recovery request according to the uplink scheduling resource in the RAR; the network side receives the MSG3 message that is sent by the terminal device through the PUSCH and includes the RRC connection recovery request.
进一步地,终端设备(也就是UE)发送该消息的PUSCH可以采用UE as context ID的gNB id部分进行加扰,或者RAR里面的C-RNTI加扰,或者UE context id加扰等等。Further, the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
相应的,所述第一处理单元,当所述PUSCH为基于终端设备上下文标识的基站标识部分进行加扰时,通过盲解获取所述目标网络设备的标识,基于MSG3解码中获取携带的所述终端设备上下文标识;Correspondingly, the first processing unit, when the PUSCH is scrambled based on the base station identification part of the terminal device context identifier, obtains the identifier of the target network device by using a blind solution, and the method is obtained according to the MSG3 decoding. Terminal device context identifier;
当所述PUSCH基于所述终端上下文标识进行加扰时,通过盲解获取所述终端设备上下文标识,并确定目标基站(目标网络设备)的标识;When the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
也就是,UE as context ID的gNB id部分进行加扰或者UE as context ID进行加扰,则网络侧通过盲解获取目标基站的标识。That is, the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
当所述PUSCH为基于临时C-RNTI进行加扰时,基于MSG3解码中获取携带的所述终端设备上下文标识,并确定目标基站的标识。When the PUSCH is scrambled based on the temporary C-RNTI, the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
即终端设备采用RAR里面的C-RNTI加扰,则此时MSG3中携带UE context id MAC CE。找到目标基站。That is, the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
可见,通过采用上述方案,就能够通过MAC CE方式向网络侧发送终端设备上下文标识或者通过加扰PUSCH来携带终端设备上下文标识,从而网络设备能够识别终端设备对应的目标基站并从目标基站中寻找上下文。 从而,当终端设备所接入的网络设备管理的当前小区没有终端设备上下文的时候,能够根据终端设备上下文标识从目标基站中获取上下文,提升了终端设备接入网络的可靠性以及系统处理效率。It can be seen that, by using the foregoing solution, the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
实施例四、Embodiment 4
本发明实施例提供了一种终端设备,如图4所示,包括:An embodiment of the present invention provides a terminal device, as shown in FIG. 4, including:
第二通信单元41,向网络侧发送包含RRC连接恢复请求的MSG3消息;其中,所述RRC连接恢复请求中携带终端设备上下文标识。The second communication unit 41 sends an MSG3 message including an RRC connection recovery request to the network side, where the RRC connection recovery request carries the terminal device context identifier.
本实施例中所述第一网络设备可以理解为终端设备当前的服务基站,比如,图2所示,终端设备也就是图中的用户设备(UE),当前UE处于服务基站,即服务gNB的覆盖范围内,目标网络设备可以理解为保存终端设备上下文的锚基站(Anchor gNB)。The first network device in this embodiment can be understood as the current serving base station of the terminal device. For example, as shown in FIG. 2, the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB. Within the coverage, the target network device can be understood as an anchor gNB that holds the terminal device context.
本实施例针对发送RRC连接恢复请求提供以下两种场景:This embodiment provides the following two scenarios for sending an RRC connection recovery request:
场景1、scene 1,
所述终端设备还包括:The terminal device further includes:
第二处理单元42,恢复UE AS上下文和SRB1;使用UE AS上下文中的密钥和安全算法对RRC连接恢复请求消息进行完整性保护,和/或加密;The second processing unit 42 restores the UE AS context and SRB1; performs integrity protection and/or encryption on the RRC connection recovery request message by using a key and a security algorithm in the UE AS context;
所述第二通信单元41,在MSG3中发送RRC连接恢复请求,在所述MSG3中获取携带有所述终端设备上下文标识的MAC CE。The second communication unit 41 sends an RRC connection recovery request in the MSG3, and acquires a MAC CE carrying the terminal device context identifier in the MSG3.
终端设备首先进行竞争随机接入过程,在MSG3中发送RRC连接恢复请求消息给网络侧,同时在MSG3中添加一个UE AS上下文id的MAC CE。此时从MSG2中的随机接入响应RAR中获取网络侧分配的临时C-RNTI。具体的,基于临时C-RNTI,对PUSCH上在MSG3中发送的RRC连接恢复请求进行加扰。也就是终端设备采用MSG2中RAR中分配的临时C-RNTI对PUSCH进行加扰。The terminal device first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3. At this time, the temporary C-RNTI allocated by the network side is obtained from the random access response RAR in the MSG2. Specifically, the RRC connection recovery request sent in the MSG3 on the PUSCH is scrambled based on the temporary C-RNTI. That is, the terminal device scrambles the PUSCH by using the temporary C-RNTI allocated in the RAR in the MSG2.
在前述终端设备侧的处理的基础上,网络侧还可以执行以下处理:在MSG2中的随机接入响应RAR中向所述终端设备分配临时C-RNTI。相应的,所述接收终端设备发来的包含RRC连接恢复请求的MSG3消息还包括: 基于临时C-RNTI,对PUSCH上所述终端设备在MSG3中发送的RRC连接恢复请求进行解扰。On the basis of the foregoing processing on the terminal device side, the network side may also perform a process of allocating a temporary C-RNTI to the terminal device in a random access response RAR in the MSG2. Correspondingly, the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: performing descrambling on the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH based on the temporary C-RNTI.
也就是说,网络侧在PUSCH上通过临时C-RNTI对数据进行解扰,然后将UE递交给SRB0的MAC层,MAC解码发现该TB数据是SRB1上的数据,且解码出UE AS上下文id,并根据UE AS上下文id找到目标网络设备。That is, the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0. The MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
场景2、Scene 2
所述第二通信单元41,通过系统广播获取网络侧分配的前导序列,或协议规定全网唯一前导序列;其中,所述前导序列用于MSG3发送SRB1消息。The second communication unit 41 acquires a preamble sequence allocated by the network side through system broadcast, or specifies a whole network unique preamble sequence by using a protocol; wherein the preamble sequence is used by the MSG3 to send an SRB1 message.
也就是说网络侧为终端设备(也就是UE)分配专用的preamble,该preamble可以是全网唯一,也可以是小区内唯一,且在系统广播里面广播该预留的preamble。该preamble用于指示UE发起的RRC连接恢复请求,采用SRB1发送,和/或采用完整性保护,和/或采用加密等等。That is to say, the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast. The preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
如果UE恢复RRC连接,且采用SRB1发送,和/或采用完整性保护,和/或采用加密。则UE发送该专用preamble。If the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
UE收到该专用preamble后,所述第二通信单元41接收网络侧发送的随机接入响应;在所述随机接入响应中至少获取上行调度资源和临时C-RNTI;基于所述上行调度资源对应的PUSCH发送RRC连接恢复请求。具体的,网络侧向所述终端设备发送随机接入响应,在所述随机接入响应中至少携带上行调度资源和临时C-RNTI。After receiving the dedicated preamble, the second communication unit 41 receives a random access response sent by the network side, and acquires at least an uplink scheduling resource and a temporary C-RNTI in the random access response; The corresponding PUSCH transmits an RRC connection recovery request. Specifically, the network side sends a random access response to the terminal device, and at least the uplink scheduling resource and the temporary C-RNTI are carried in the random access response.
第二处理单元,基于终端设备上下文标识的基站标识部分、或者、所述PUSCH基于所述终端上下文标识、或者基于C-RNTI进行加扰;相应的,网络侧接收终端设备通过PUSCH发来的包含RRC连接恢复请求的MSG3消息。a second processing unit, based on the base station identification part of the terminal device context identifier, or the PUSCH is scrambled based on the terminal context identifier or based on the C-RNTI; correspondingly, the network side receiving terminal device sends the content by using the PUSCH The RRC connection recovers the requested MSG3 message.
进一步地,终端设备(也就是UE)发送该消息的PUSCH可以采用UE as context ID的gNB id部分进行加扰,或者RAR里面的C-RNTI加扰,或者UE context id加扰等等。Further, the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
相应的,当所述PUSCH为基于终端设备上下文标识的基站标识部分进行加扰时,通过盲解获取所述目标网络设备的标识,基于MSG3解码中获取携带的所述终端设备上下文标识;Correspondingly, when the PUSCH is scrambled based on the base station identification part of the terminal device context identifier, the identifier of the target network device is obtained by the blind solution, and the terminal device context identifier that is carried in the MSG3 decoding is obtained.
当所述PUSCH基于所述终端上下文标识进行加扰时,通过盲解获取所述终端设备上下文标识,并确定目标基站(目标网络设备)的标识;When the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
也就是,UE as context ID的gNB id部分进行加扰或者UE as context ID进行加扰,则网络侧通过盲解获取目标基站的标识。That is, the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
当所述PUSCH为基于临时C-RNTI进行加扰时,基于MSG3解码中获取携带的所述终端设备上下文标识,并确定目标基站的标识。When the PUSCH is scrambled based on the temporary C-RNTI, the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
即终端设备采用RAR里面的C-RNTI加扰,则此时MSG3中携带UE context id MAC CE。找到目标基站。That is, the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
可见,通过采用上述方案,就能够通过MAC CE方式向网络侧发送终端设备上下文标识或者通过加扰PUSCH来携带终端设备上下文标识,从而网络设备能够识别终端设备对应的目标基站并从目标基站中寻找上下文。从而,当终端设备所接入的网络设备管理的当前小区没有终端设备上下文的时候,能够根据终端设备上下文标识从目标基站中获取上下文,提升了终端设备接入网络的可靠性以及系统处理效率。It can be seen that, by using the foregoing solution, the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
本发明实施例还提供了一种网络设备或终端设备的硬件组成架构,如图5所示,包括:至少一个处理器51、存储器52、至少一个网络接口53。各个组件通过总线系统54耦合在一起。可理解,总线系统54用于实现这些组件之间的连接通信。总线系统54除包括数据总线之外,还包括电源总线、控制总线和状态信号总线。但是为了清楚说明起见,在图5中将各种总线都标为总线系统54。The embodiment of the present invention further provides a hardware component architecture of a network device or a terminal device. As shown in FIG. 5, the system includes at least one processor 51, a memory 52, and at least one network interface 53. The various components are coupled together by a bus system 54. It will be appreciated that bus system 54 is used to implement connection communication between these components. The bus system 54 includes, in addition to the data bus, a power bus, a control bus, and a status signal bus. However, for clarity of description, various buses are labeled as bus system 54 in FIG.
可以理解,本发明实施例中的存储器52可以是易失性存储器或非易失性存储器,或可包括易失性和非易失性存储器两者。It is to be understood that the memory 52 in the embodiments of the present invention may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memory.
在一些实施方式中,存储器52存储了如下的元素,可执行模块或者数据结构,或者他们的子集,或者他们的扩展集:In some embodiments, memory 52 stores elements, executable modules or data structures, or a subset thereof, or their extension set:
操作系统521和应用程序522。 Operating system 521 and application 522.
其中,所述处理器51配置为:能够处理前述实施例一或二的方法步骤,这里不再进行赘述。The processor 51 is configured to be able to process the method steps of the first embodiment or the second embodiment, and details are not described herein.
本发明实施例提供的一种计算机存储介质,所述计算机存储介质存储有计算机可执行指令,所述计算机可执行指令被执行时实施前述实施例一或二的方法步骤。A computer storage medium is provided by the embodiment of the present invention. The computer storage medium stores computer executable instructions. When the computer executable instructions are executed, the method steps of the first embodiment or the second embodiment are implemented.
本发明实施例上述装置如果以软件功能模块的形式实现并作为独立的产品销售或使用时,也可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明实施例的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机、服务器、或者网络设备等)执行本发明各个实施例所述方法的全部或部分。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read Only Memory)、磁碟或者光盘等各种可以存储程序代码的介质。这样,本发明实施例不限制于任何特定的硬件和软件结合。Embodiments of the Invention The above apparatus may be stored in a computer readable storage medium if it is implemented in the form of a software function module and sold or used as a standalone product. Based on such understanding, the technical solution of the embodiments of the present invention may be embodied in the form of a software product in essence or in the form of a software product stored in a storage medium, including a plurality of instructions. A computer device (which may be a personal computer, server, or network device, etc.) is caused to perform all or part of the methods described in various embodiments of the present invention. The foregoing storage medium includes various media that can store program codes, such as a USB flash drive, a mobile hard disk, a read only memory (ROM), a magnetic disk, or an optical disk. Thus, embodiments of the invention are not limited to any specific combination of hardware and software.
相应地,本发明实施例还提供一种计算机存储介质,其中存储有计算机程序,该计算机程序配置为执行本发明实施例的数据调度方法。Correspondingly, an embodiment of the present invention further provides a computer storage medium, wherein a computer program is configured, and the computer program is configured to execute a data scheduling method according to an embodiment of the present invention.
尽管为示例目的,已经公开了本发明的优选实施例,本领域的技术人员将意识到各种改进、增加和取代也是可能的,因此,本发明的范围应当不限于上述实施例。While the preferred embodiments of the present invention have been disclosed for purposes of illustration, those skilled in the art will recognize that various modifications, additions and substitutions are possible, and the scope of the invention should not be limited to the embodiments described above.

Claims (43)

  1. 一种完整性保护方法,应用于第一网络设备,所述方法包括:An integrity protection method is applied to a first network device, and the method includes:
    接收终端设备发来的包含RRC连接恢复请求的MSG3消息;Receiving, by the terminal device, an MSG3 message including an RRC connection recovery request;
    从所述MSG3中和/或通过解码MSG3所在PUSCH,获取终端设备上下文标识、和/或目标网络设备标识;Obtaining a terminal device context identifier, and/or a target network device identifier from the MSG3 and/or by decoding a PUSCH where the MSG3 is located;
    从所述目标网络设备中获取所述终端设备上下文。Obtaining the terminal device context from the target network device.
  2. 根据权利要求1所述的方法,其中,所述从所述目标网络设备中获取所述终端设备上下文,包括:The method of claim 1, wherein the obtaining the terminal device context from the target network device comprises:
    将包含有所述终端设备上下文标识的TB数据发送至所述目标网络设备;Transmitting TB data including the terminal device context identifier to the target network device;
    当所述目标网络设备确定完整性校验成功时,从所述目标网络设备获取所述终端设备上下文,并恢复所述终端设备上下文。And when the target network device determines that the integrity check is successful, acquiring the terminal device context from the target network device, and restoring the terminal device context.
  3. 根据权利要求2所述的方法,其中,所述方法还包括:The method of claim 2, wherein the method further comprises:
    当所述目标网络设备确定完整性校验失败时,从所述目标网络设备获取拒绝所述终端设备指示,并拒绝所述终端设备恢复上下文请求。And when the target network device determines that the integrity check fails, obtaining the rejecting the terminal device indication from the target network device, and rejecting the terminal device to restore the context request.
  4. 根据权利要求1所述的方法,其中,所述从所述目标网络设备中获取所述终端设备上下文,包括:The method of claim 1, wherein the obtaining the terminal device context from the target network device comprises:
    基于所述终端设备上下文标识,从所述目标网络设备获取所述终端设备上下文;Obtaining the terminal device context from the target network device based on the terminal device context identifier;
    针对包含有所述终端设备上下文标识的TB数据进行解码以及完整性校验;Decoding and integrity check for TB data including the terminal device context identifier;
    当所述完整性校验成功时,确定恢复所述终端设备上下文。When the integrity check is successful, it is determined to restore the terminal device context.
  5. 根据权利要求4所述的方法,其中,所述方法还包括:The method of claim 4 wherein the method further comprises:
    当所述完整性校验失败时,确定拒绝所述终端设备恢复上下文请求。When the integrity check fails, it is determined that the terminal device is denied to restore the context request.
  6. 根据权利要求1-5任一项所述的方法,其中,所述接收终端设备发 来的包含RRC连接恢复请求的MSG3消息,包括:The method according to any one of claims 1-5, wherein the receiving, by the receiving terminal device, the MSG3 message including the RRC connection recovery request includes:
    将所述RRC连接恢复请求交给SRB0的MAC层;Handing the RRC connection recovery request to the MAC layer of SRB0;
    通过所述MAC层进行解码以确定TB数据为SRB1的数据。Decoding is performed by the MAC layer to determine that the TB data is the data of SRB1.
  7. 根据权利要求6所述的方法,其中,所述从所述MSG3中和/或通过解码MSG3所在PUSCH,获取终端设备上下文标识、和/或目标网络设备标识,包括:The method according to claim 6, wherein the obtaining the terminal device context identifier and/or the target network device identifier from the MSG3 and/or by decoding the PUSCH where the MSG3 is located includes:
    接收所述终端设备在MSG3中发送的RRC连接恢复请求,从所述MSG3中获取携带有所述终端设备上下文标识的MAC CE;Receiving an RRC connection recovery request sent by the terminal device in the MSG3, and acquiring, from the MSG3, a MAC CE carrying the terminal device context identifier;
    通过解码所述MAC CE获取所述终端设备上下文标识,并确定所述目标网络设备的标识。Obtaining the terminal device context identifier by decoding the MAC CE, and determining an identifier of the target network device.
  8. 根据权利要求7所述的方法,其中,所述方法还包括:The method of claim 7 wherein the method further comprises:
    在MSG2中的随机接入响应RAR中向所述终端设备分配临时C-RNTI。A temporary C-RNTI is allocated to the terminal device in a random access response RAR in MSG2.
  9. 根据权利要求8所述的方法,其中,所述接收终端设备发来的包含RRC连接恢复请求的MSG3消息还包括:The method of claim 8, wherein the receiving, by the receiving terminal device, the MSG3 message that includes the RRC connection recovery request further comprises:
    基于临时C-RNTI,对PUSCH上所述终端设备在MSG3中发送的RRC连接恢复请求进行解扰。The RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH is descrambled based on the temporary C-RNTI.
  10. 根据权利要求1-5任一项所述的方法,其中,所述方法还包括:The method of any of claims 1-5, wherein the method further comprises:
    通过系统广播向所述终端设备广播前导序列,或协议规定全网唯一前导序列;Broadcasting a preamble sequence to the terminal device by a system broadcast, or a protocol specifying a unique preamble sequence of the entire network;
    其中,所述前导序列用于MSG3发送SRB1消息。The preamble sequence is used by the MSG3 to send an SRB1 message.
  11. 根据权利要求10所述的方法,其中,所述方法还包括:The method of claim 10, wherein the method further comprises:
    向所述终端设备发送随机接入响应,在所述随机接入响应中至少携带上行调度资源和临时C-RNTI。Sending a random access response to the terminal device, and carrying at least an uplink scheduling resource and a temporary C-RNTI in the random access response.
  12. 根据权利要求10所述的方法,其中,所述接收终端设备发来的包含RRC连接恢复请求的MSG3消息,包括:The method of claim 10, wherein the receiving, by the receiving terminal device, the MSG3 message that includes the RRC connection recovery request comprises:
    接收终端设备通过PUSCH发来的包含RRC连接恢复请求的MSG3消息。Receiving an MSG3 message that is sent by the terminal device through the PUSCH and includes an RRC connection recovery request.
  13. 根据权利要求12所述的方法,其中,所述基方法还包括:The method of claim 12 wherein said base method further comprises:
    当所述PUSCH为基于终端设备上下文标识的基站标识部分进行加扰时,通过盲解获取所述目标网络设备的标识,基于MSG3解码中获取携带的所述终端设备上下文标识;When the PUSCH is scrambled based on the base station identification part of the terminal device context identifier, the identifier of the target network device is obtained by the blind solution, and the terminal device context identifier that is carried in the MSG3 decoding is obtained;
    当所述PUSCH基于所述终端上下文标识进行加扰时,通过盲解获取所述终端设备上下文标识,并确定目标网络设备的标识;When the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target network device;
    当所述PUSCH为基于临时C-RNTI进行加扰时,基于MSG3解码中获取携带的所述终端设备上下文标识,并确定目标网络设备的标识;所述MSG3中携带有所述终端设备上下文标识的MAC CE。When the PUSCH is scrambled based on the temporary C-RNTI, the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target network device is determined; the MSG3 carries the terminal device context identifier. MAC CE.
  14. 一种完整性保护方法,应用于终端设备,所述方法包括:An integrity protection method is applied to a terminal device, and the method includes:
    向网络侧发送包含RRC连接恢复请求的MSG3消息;其中,所述RRC连接恢复请求中携带终端设备上下文标识。Sending, to the network side, an MSG3 message including an RRC connection recovery request, where the RRC connection recovery request carries a terminal device context identifier.
  15. 根据权利要求14所述的方法,其中,所述向网络侧发送包含RRC连接恢复请求的MSG3消息,包括:The method of claim 14, wherein the transmitting the MSG3 message including the RRC connection recovery request to the network side comprises:
    恢复UE AS上下文和SRB1;Restore the UE AS context and SRB1;
    使用UE AS上下文中的密钥和安全算法对RRC连接恢复请求消息进行完整性保护,和/或加密;The RRC Connection Recovery Request message is integrity protected and/or encrypted using a key and security algorithm in the UE AS context;
    在MSG3中发送RRC连接恢复请求,在所述MSG3中获取携带有所述终端设备上下文标识的MAC CE。An RRC connection recovery request is sent in the MSG3, and the MAC CE carrying the terminal device context identifier is obtained in the MSG3.
  16. 根据权利要求15所述的方法,其中,所述方法还包括:The method of claim 15 wherein the method further comprises:
    从MSG2中的随机接入响应RAR中获取网络侧分配的临时C-RNTI。The temporary C-RNTI allocated by the network side is obtained from the random access response RAR in the MSG2.
  17. 根据权利要求16所述的方法,其中,所述方法还包括:The method of claim 16 wherein the method further comprises:
    基于临时C-RNTI,对PUSCH上在MSG3中发送的RRC连接恢复请 求进行加扰。The RRC connection recovery request transmitted in the MSG3 on the PUSCH is scrambled based on the temporary C-RNTI.
  18. 根据权利要求14所述的方法,其中,所述方法还包括:The method of claim 14, wherein the method further comprises:
    通过系统广播获取网络侧分配的前导序列,或协议规定全网唯一前导序列;Obtaining a preamble sequence allocated by the network side through system broadcast, or a protocol specifying a unique preamble sequence of the entire network;
    其中,所述前导序列用于MSG3发送SRB1消息。The preamble sequence is used by the MSG3 to send an SRB1 message.
  19. 根据权利要求18所述的方法,其中,所述方法还包括:The method of claim 18, wherein the method further comprises:
    接收网络侧发送的随机接入响应;Receiving a random access response sent by the network side;
    在所述随机接入响应中至少获取上行调度资源和临时C-RNTI;Obtaining at least an uplink scheduling resource and a temporary C-RNTI in the random access response;
    基于所述上行调度资源对应的PUSCH发送RRC连接恢复请求。And transmitting an RRC connection recovery request according to the PUSCH corresponding to the uplink scheduling resource.
  20. 根据权利要求19所述的方法,其中,所述方法还包括:The method of claim 19, wherein the method further comprises:
    基于终端设备上下文标识的基站标识部分、或者、所述PUSCH基于所述终端上下文标识、或者基于C-RNTI进行加扰。The base station identification part based on the terminal device context identifier, or the PUSCH is scrambled based on the terminal context identifier or based on the C-RNTI.
  21. 一种第一网络设备,所述方法包括:A first network device, the method comprising:
    第一通信单元,接收终端设备发来的包含RRC连接恢复请求的MSG3消息;从所述目标网络设备中获取所述终端设备上下文;The first communication unit receives an MSG3 message that is sent by the terminal device and includes an RRC connection recovery request; and acquires the terminal device context from the target network device;
    第一处理单元,从所述MSG3中和/或通过解码MSG3所在PUSCH,获取终端设备上下文标识、和/或目标网络设备标识。The first processing unit acquires the terminal device context identifier and/or the target network device identifier from the MSG3 and/or by decoding the PUSCH where the MSG3 is located.
  22. 根据权利要求21所述的第一网络设备,其中,所述第一通信单元,将包含有所述终端设备上下文标识的TB数据发送至所述目标网络设备;当所述目标网络设备确定完整性校验成功时,从所述目标网络设备获取所述终端设备上下文,并恢复所述终端设备上下文。The first network device according to claim 21, wherein said first communication unit transmits TB data including said terminal device context identifier to said target network device; when said target network device determines integrity When the verification is successful, the terminal device context is obtained from the target network device, and the terminal device context is restored.
  23. 根据权利要求22所述的第一网络设备,其中,所述第一通信单元,当所述目标网络设备确定完整性校验失败时,从所述目标网络设备获取拒绝所述终端设备指示,并拒绝所述终端设备恢复上下文请求。The first network device according to claim 22, wherein the first communication unit acquires a rejection of the terminal device indication from the target network device when the target network device determines that the integrity check fails, and The terminal device is rejected from restoring the context request.
  24. 根据权利要求21所述的第一网络设备,其中,所述第一通信单元, 基于所述终端设备上下文标识,从所述目标网络设备获取所述终端设备上下文;The first network device according to claim 21, wherein the first communication unit acquires the terminal device context from the target network device based on the terminal device context identifier;
    第一处理单元,针对包含有所述终端设备上下文标识的TB数据进行解码以及完整性校验;当所述完整性校验成功时,确定恢复所述终端设备上下文。The first processing unit performs decoding and integrity check on the TB data including the terminal device context identifier; when the integrity check succeeds, it is determined to restore the terminal device context.
  25. 根据权利要求24所述的第一网络设备,其中,所述第一处理单元,当所述完整性校验失败时,确定拒绝所述终端设备恢复上下文请求。The first network device according to claim 24, wherein said first processing unit determines to reject said terminal device to resume a context request when said integrity check fails.
  26. 根据权利要求21-25任一项所述的第一网络设备,其中,所述第一通信单元,将所述RRC连接恢复请求交给SRB0的MAC层;The first network device according to any one of claims 21-25, wherein the first communication unit hands the RRC connection recovery request to a MAC layer of SRB0;
    通过所述MAC层进行解码以确定TB数据为SRB1的数据。Decoding is performed by the MAC layer to determine that the TB data is the data of SRB1.
  27. 根据权利要求26所述的第一网络设备,其中,所述第一处理单元,接收所述终端设备在MSG3中发送的RRC连接恢复请求,从所述MSG3中获取携带有所述终端设备上下文标识的MAC CE;通过解码所述MAC CE获取所述终端设备上下文标识,并确定所述目标网络设备的标识。The first network device according to claim 26, wherein the first processing unit receives an RRC connection recovery request sent by the terminal device in the MSG3, and acquires the terminal device context identifier from the MSG3. The MAC CE obtains the terminal device context identifier by decoding the MAC CE, and determines the identifier of the target network device.
  28. 根据权利要求27所述的第一网络设备,其中,所述第一通信单元,在MSG2中的随机接入响应RAR中向所述终端设备分配临时C-RNTI。The first network device according to claim 27, wherein said first communication unit allocates a temporary C-RNTI to said terminal device in a random access response RAR in MSG2.
  29. 根据权利要求28所述的第一网络设备,其中,所述第一处理单元,基于临时C-RNTI,对PUSCH上所述终端设备在MSG3中发送的RRC连接恢复请求进行解扰。The first network device according to claim 28, wherein the first processing unit descrambles an RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH based on the temporary C-RNTI.
  30. 根据权利要求21-25任一项所述的第一网络设备,其中,所述第一通信单元,通过系统广播向所述终端设备广播前导序列,或协议规定全网唯一前导序列;The first network device according to any one of claims 21-25, wherein the first communication unit broadcasts a preamble sequence to the terminal device through a system broadcast, or specifies a unique preamble sequence of the entire network;
    其中,所述前导序列用于MSG3发送SRB1消息。The preamble sequence is used by the MSG3 to send an SRB1 message.
  31. 根据权利要求30所述的第一网络设备,其中,所述第一通信单元,向所述终端设备发送随机接入响应,在所述随机接入响应中至少携带上行 调度资源和临时C-RNTI。The first network device according to claim 30, wherein the first communication unit sends a random access response to the terminal device, and carries at least an uplink scheduling resource and a temporary C-RNTI in the random access response. .
  32. 根据权利要求30所述的第一网络设备,其中,所述第一通信单元,接收终端设备通过PUSCH发来的包含RRC连接恢复请求的MSG3消息。The first network device according to claim 30, wherein the first communication unit receives an MSG3 message including an RRC connection recovery request sent by the terminal device through the PUSCH.
  33. 根据权利要求32所述的第一网络设备,其中,所述第一处理单元,The first network device according to claim 32, wherein said first processing unit,
    当所述PUSCH为基于终端设备上下文标识的基站标识部分进行加扰时,通过盲解获取所述目标网络设备的标识,基于MSG3解码中获取携带的所述终端设备上下文标识;When the PUSCH is scrambled based on the base station identification part of the terminal device context identifier, the identifier of the target network device is obtained by the blind solution, and the terminal device context identifier that is carried in the MSG3 decoding is obtained;
    当所述PUSCH基于所述终端上下文标识进行加扰时,通过盲解获取所述终端设备上下文标识,并确定目标网络设备的标识;When the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target network device;
    当所述PUSCH为基于临时C-RNTI进行加扰时,基于MSG3解码中获取携带的所述终端设备上下文标识,并确定目标网络设备的标识。When the PUSCH is scrambled based on the temporary C-RNTI, the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target network device is determined.
    所述MSG3中携带有所述终端设备上下文标识的MAC CE;The MAC address of the terminal device context identifier is carried in the MSG3;
  34. 一种终端设备,所述终端设备包括:A terminal device, the terminal device comprising:
    第二通信单元,向网络侧发送包含RRC连接恢复请求的MSG3消息;其中,所述RRC连接恢复请求中携带终端设备上下文标识。The second communication unit sends an MSG3 message including an RRC connection recovery request to the network side, where the RRC connection recovery request carries the terminal device context identifier.
  35. 根据权利要求34所述的终端设备,其中,所述终端设备还包括:The terminal device according to claim 34, wherein the terminal device further comprises:
    第二处理单元,恢复UE AS上下文和SRB1;使用UE AS上下文中的密钥和安全算法对RRC连接恢复请求消息进行完整性保护,和/或加密;a second processing unit, recovering the UE AS context and SRB1; performing integrity protection and/or encryption on the RRC connection recovery request message using a key and a security algorithm in the UE AS context;
    所述第二通信单元,在MSG3中发送RRC连接恢复请求,在所述MSG3中获取携带有所述终端设备上下文标识的MAC CE。The second communication unit sends an RRC connection recovery request in the MSG3, and acquires, in the MSG3, a MAC CE carrying the terminal device context identifier.
  36. 根据权利要求35所述的终端设备,其中,所述第二通信单元,从MSG2中的随机接入响应RAR中获取网络侧分配的临时C-RNTI。The terminal device according to claim 35, wherein the second communication unit acquires a temporary C-RNTI allocated by the network side from a random access response RAR in the MSG2.
  37. 根据权利要求36所述的终端设备,其中,所述第二通信单元,基于临时C-RNTI,对PUSCH上在MSG3中发送的RRC连接恢复请求进行加扰。The terminal device according to claim 36, wherein said second communication unit scrambles an RRC connection recovery request transmitted in MSG3 on the PUSCH based on the temporary C-RNTI.
  38. 根据权利要求34所述的终端设备,其中,所述第二通信单元,通过系统广播获取网络侧分配的前导序列,或协议规定全网唯一前导序列;The terminal device according to claim 34, wherein the second communication unit acquires a preamble sequence allocated by the network side through system broadcast, or specifies a unique preamble sequence of the entire network by using a protocol;
    其中,所述前导序列用于MSG3发送SRB1消息。The preamble sequence is used by the MSG3 to send an SRB1 message.
  39. 根据权利要求38所述的终端设备,其中,所述第二通信单元,接收网络侧发送的随机接入响应;The terminal device according to claim 38, wherein the second communication unit receives a random access response sent by the network side;
    在所述随机接入响应中至少获取上行调度资源和临时C-RNTI;Obtaining at least an uplink scheduling resource and a temporary C-RNTI in the random access response;
    基于所述上行调度资源对应的PUSCH发送RRC连接恢复请求。And transmitting an RRC connection recovery request according to the PUSCH corresponding to the uplink scheduling resource.
  40. 根据权利要求39所述的终端设备,其中,所述终端设备还包括:The terminal device according to claim 39, wherein the terminal device further comprises:
    第二处理单元,基于终端设备上下文标识的基站标识部分、或者、所述PUSCH基于所述终端上下文标识、或者基于C-RNTI进行加扰。The second processing unit performs scrambling based on the base station identification part of the terminal device context identifier, or the PUSCH is based on the terminal context identifier, or based on the C-RNTI.
  41. 一种第一网络设备,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,A first network device comprising: a processor and a memory for storing a computer program executable on the processor,
    其中,所述处理器用于运行所述计算机程序时,执行权利要求1-13任一项所述方法的步骤。Wherein the processor is operative to perform the steps of the method of any of claims 1-13 when the computer program is run.
  42. 一种终端设备,包括:处理器和用于存储能够在处理器上运行的计算机程序的存储器,A terminal device includes: a processor and a memory for storing a computer program executable on the processor,
    其中,所述处理器用于运行所述计算机程序时,执行权利要求14-20任一项所述方法的步骤。Wherein the processor is operative to perform the steps of the method of any one of claims 14-20 when the computer program is run.
  43. 一种计算机存储介质,所述计算机存储介质存储有计算机可执行指令,所述计算机可执行指令被执行时实现权利要求1-20任一项所述方法的步骤。A computer storage medium storing computer executable instructions that, when executed, implement the steps of the method of any of claims 1-20.
PCT/CN2018/077057 2018-02-23 2018-02-23 Integrity verification method, network device, terminal device and computer storage medium WO2019161545A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201880036992.XA CN110710241A (en) 2018-02-23 2018-02-23 Integrity checking method, network equipment, terminal equipment and computer storage medium
PCT/CN2018/077057 WO2019161545A1 (en) 2018-02-23 2018-02-23 Integrity verification method, network device, terminal device and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/077057 WO2019161545A1 (en) 2018-02-23 2018-02-23 Integrity verification method, network device, terminal device and computer storage medium

Publications (1)

Publication Number Publication Date
WO2019161545A1 true WO2019161545A1 (en) 2019-08-29

Family

ID=67686621

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/077057 WO2019161545A1 (en) 2018-02-23 2018-02-23 Integrity verification method, network device, terminal device and computer storage medium

Country Status (2)

Country Link
CN (1) CN110710241A (en)
WO (1) WO2019161545A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101848536A (en) * 2010-04-28 2010-09-29 新邮通信设备有限公司 Radio resource control connection reestablishment method and base station
WO2017134630A1 (en) * 2016-02-05 2017-08-10 Telefonaktiebolaget Lm Ericsson (Publ) System and method for flexible user equipment identification
CN107124741A (en) * 2016-02-24 2017-09-01 大唐移动通信设备有限公司 A kind of method and device of RRC connection re-establishments
WO2017162380A1 (en) * 2016-03-23 2017-09-28 Sony Corporation Telecommunications apparatus and methods
CN107318176A (en) * 2016-04-26 2017-11-03 中兴通讯股份有限公司 Recover acquisition, sending method and the device, UE, access network equipment of mark

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8341700B2 (en) * 2003-10-13 2012-12-25 Nokia Corporation Authentication in heterogeneous IP networks
CN102821382B (en) * 2008-06-18 2015-09-23 上海华为技术有限公司 A kind of device for accessing
CN104735627A (en) * 2013-12-23 2015-06-24 北京信威通信技术股份有限公司 Trunking service attribute reporting and receiving method, device and system
EP4236496A3 (en) * 2014-12-23 2023-10-11 InterDigital Patent Holdings, Inc. Latency reduction in lte systems
EP3979764A1 (en) * 2015-11-17 2022-04-06 Telefonaktiebolaget Lm Ericsson (Publ) Ue identifier in rrc resume
CN106993335B (en) * 2016-01-21 2022-03-01 中兴通讯股份有限公司 Preamble sending and receiving methods, device, user equipment and base station

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101848536A (en) * 2010-04-28 2010-09-29 新邮通信设备有限公司 Radio resource control connection reestablishment method and base station
WO2017134630A1 (en) * 2016-02-05 2017-08-10 Telefonaktiebolaget Lm Ericsson (Publ) System and method for flexible user equipment identification
CN107124741A (en) * 2016-02-24 2017-09-01 大唐移动通信设备有限公司 A kind of method and device of RRC connection re-establishments
WO2017162380A1 (en) * 2016-03-23 2017-09-28 Sony Corporation Telecommunications apparatus and methods
CN107318176A (en) * 2016-04-26 2017-11-03 中兴通讯股份有限公司 Recover acquisition, sending method and the device, UE, access network equipment of mark

Also Published As

Publication number Publication date
CN110710241A (en) 2020-01-17

Similar Documents

Publication Publication Date Title
CN102025685B (en) Authentication processing method and device
US9667413B2 (en) Encryption realization method and system
US10939413B2 (en) Communication method and related apparatus
CN110710238B (en) Method for indicating user equipment to acquire key, user equipment and network equipment
JP2020519193A (en) Data transmission method, terminal device and access network device
US11246033B2 (en) Authentication method, and related device and system
CN109922474B (en) Method for triggering network authentication and related equipment
WO2009030155A1 (en) Method, system and apparatus for negotiating the security ability when a terminal is moving
CN108293259B (en) NAS message processing and cell list updating method and equipment
Pratas et al. Massive machine-type communication (mMTC) access with integrated authentication
CN109644354B (en) Integrity verification method, network equipment, UE and computer storage medium
EP3799461B1 (en) Network validity verification method and device and computer storage medium
WO2019233444A1 (en) Method and device for enhancing ue identifier security and computer storage medium
CN112887971B (en) Data transmission method and device
US10154369B2 (en) Deterrence of user equipment device location tracking
WO2019161545A1 (en) Integrity verification method, network device, terminal device and computer storage medium
CN116235524A (en) Secure communication method and device
WO2018126791A1 (en) Authentication method and device, and computer storage medium
EP4061037A1 (en) Privacy information transmission method, apparatus, computer device and computer-readable medium
WO2022067815A1 (en) Communication method and apparatus, and device
CN113572801A (en) Session establishing method, device, access network equipment and storage medium
CN113438646B (en) Service establishing method, device, terminal and network side equipment
WO2019178722A1 (en) Method and device for acquiring key, and computer storage medium
KR101094057B1 (en) Method and apparatus for processing an initial signalling message in a mobile communication system
EP3804374B9 (en) Method and apparatus for security algorithm negotiation

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18907043

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18907043

Country of ref document: EP

Kind code of ref document: A1