WO2019161545A1 - Procédé de vérification d'intégrité, dispositif de réseau, dispositif terminal et support de stockage informatique - Google Patents

Procédé de vérification d'intégrité, dispositif de réseau, dispositif terminal et support de stockage informatique Download PDF

Info

Publication number
WO2019161545A1
WO2019161545A1 PCT/CN2018/077057 CN2018077057W WO2019161545A1 WO 2019161545 A1 WO2019161545 A1 WO 2019161545A1 CN 2018077057 W CN2018077057 W CN 2018077057W WO 2019161545 A1 WO2019161545 A1 WO 2019161545A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal device
msg3
context
network device
identifier
Prior art date
Application number
PCT/CN2018/077057
Other languages
English (en)
Chinese (zh)
Inventor
唐海
Original Assignee
Oppo广东移动通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oppo广东移动通信有限公司 filed Critical Oppo广东移动通信有限公司
Priority to PCT/CN2018/077057 priority Critical patent/WO2019161545A1/fr
Priority to CN201880036992.XA priority patent/CN110710241A/zh
Publication of WO2019161545A1 publication Critical patent/WO2019161545A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity

Definitions

  • the present invention relates to the field of information processing technologies, and in particular, to an integrity verification method, a network device, a terminal device, and a computer storage medium.
  • a new RRC state that is, an RRC_INACTIVE state
  • the network side configures the paging area of the RAN by using dedicated signaling to the UE, and the RAN paging area may be one cell or multiple cells.
  • the network side is not notified, and the mobility behavior under the idle, that is, the cell selection reselection principle is followed.
  • the UE When the UE moves out of the paging area configured by the RAN, the UE is triggered to resume the RRC connection and re-acquire the paging area configured by the RAN.
  • the gNB that keeps the connection between the RAN and the CN for the UE triggers all the cells in the RAN paging area to send a paging message to the UE, so that the UE in the INACTIVCE state can resume the RRC connection and perform data reception.
  • the fake base station pretends to send the MSG3 message. , or other messages for the UE, the risk of the network being attacked, and the message carrying the UE identification information and the cause value information needs to be secured.
  • an embodiment of the present invention provides an integrity verification method, a network device, a terminal device, and a computer storage medium.
  • An embodiment of the present invention provides an integrity protection method, which is applied to a first network device, where the method includes:
  • the embodiment of the invention provides an integrity protection method, which is applied to a terminal device, and the method includes:
  • an MSG3 message including an RRC connection recovery request, where the RRC connection recovery request carries a terminal device context identifier.
  • An embodiment of the present invention provides a first network device, where the method includes:
  • the first communication unit receives an MSG3 message that is sent by the terminal device and includes an RRC connection recovery request; and acquires the terminal device context from the target network device;
  • the first processing unit acquires the terminal device context identifier and/or the target network device identifier from the MSG3 and/or by decoding the PUSCH where the MSG3 is located.
  • the embodiment of the invention provides a terminal device, where the terminal device includes:
  • the second communication unit sends an MSG3 message including an RRC connection recovery request to the network side, where the RRC connection recovery request carries the terminal device context identifier.
  • a first network device provided by an embodiment of the present invention includes: a processor and a memory for storing a computer program capable of running on a processor,
  • processor is configured to perform the steps of the foregoing method when the computer program is run.
  • a terminal device provided by an embodiment of the present invention includes: a processor and a memory for storing a computer program capable of running on a processor,
  • processor is configured to perform the steps of the foregoing method when the computer program is run.
  • a computer storage medium is provided by the embodiment of the present invention.
  • the computer storage medium stores computer executable instructions, and the foregoing method steps are implemented when the computer executable instructions are executed.
  • the technical solution of the embodiment of the present invention can transmit the terminal device context identifier to the network side by using the MAC CE method or carry the terminal device context identifier by using the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and obtain the target base station from the target base station. Look for context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, thereby improving the reliability of the terminal device accessing the network.
  • FIG. 1 is a schematic flowchart of an integrity verification method according to an embodiment of the present invention.
  • FIG. 2 is a schematic diagram of a network structure
  • FIG. 3 is a schematic structural diagram of a first network device according to an embodiment of the present invention.
  • FIG. 4 is a schematic structural diagram of a terminal device according to an embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a hardware architecture according to an embodiment of the present invention.
  • An embodiment of the present invention provides an integrity protection method, which is applied to a first network device. As shown in FIG. 1, the method includes:
  • Step 101 Receive an MSG3 message that is sent by the terminal device and includes an RRC connection recovery request.
  • Step 102 Obtain a terminal device context identifier, and/or a target network device identifier from the MSG3 and/or by decoding a PUSCH where the MSG3 is located.
  • Step 103 Acquire the terminal device context from the target network device.
  • the first network device in this embodiment can be understood as the current serving base station of the terminal device.
  • the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB.
  • the target network device can be understood as an anchor gNB that holds the terminal device context.
  • the packet may specifically include the following two implementation manners:
  • the target network device determines that the integrity check is successful, acquiring the terminal device context from the target network device, and restoring the terminal device context;
  • the target network device determines that the integrity check fails, obtaining the rejecting the terminal device indication from the target network device, and rejecting the terminal device to restore the context request.
  • the first network device may forward the TB data to the target base station (that is, the target network device) when the terminal device context needs to be acquired; the target base station decodes the TB data, obtains the UE AS context id, and then finds The context of the UE, and recovering SRB1 according to the AS context of the UE, and performing decoding and integrity verification, and/or decryption;
  • the target base station that is, the target network device
  • the target base station decodes the TB data, obtains the UE AS context id, and then finds The context of the UE, and recovering SRB1 according to the AS context of the UE, and performing decoding and integrity verification, and/or decryption
  • the integrity verification of the target network device ie, the target base station
  • the context of the UE is sent to the serving base station.
  • the serving base station recovers the context of the UE; if the integrity protection verification fails, the serving base station is notified to reject the UE.
  • the terminal device context identifier Acquiring, according to the terminal device context identifier, the terminal device context from the target network device; performing decoding and integrity check on the TB data including the terminal device context identifier; when the integrity check succeeds Determining to restore the terminal device context; when the integrity check fails, determining to reject the terminal device to resume the context request.
  • the first network device (that is, the serving base station) requests the target base station for the UE context by using the UE AS context id; the first network device (that is, the serving base station) restores the context of the UE.
  • the TB data is then decoded and decoded and integrity verified, and/or decrypted.
  • the first network device restores the context of the UE if the integrity verification succeeds; if the integrity protection verification fails, the UE is rejected.
  • this embodiment also describes how to obtain the terminal device context identifier in the following scenarios:
  • Scenario 1 The UE initiates an RRC connection recovery.
  • the UE uses the key of the original AS context for integrity protection and decides to send it to the network side on SRB1.
  • specific operations on the network side may include:
  • the RRC connection recovery request is handed over to the MAC layer of SRB0; decoding is performed by the MAC layer to determine that the TB data is data of SRB1.
  • the UE first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3.
  • the PUSCH is scrambled by using the temporary C-RNTI allocated in the RAR in the MSG2.
  • the network side may also perform a process of allocating a temporary C-RNTI to the terminal device in a random access response RAR in the MSG2.
  • the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: performing descrambling on the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH based on the temporary C-RNTI.
  • the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0.
  • the MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
  • the preamble sequence is used by the MSG3 to send an SRB1 message.
  • the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast.
  • the preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
  • the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
  • the network side After the UE receives the dedicated preamble, the network side responds to the RAR. Specifically, the network side sends a random access response to the terminal device, and at least the uplink scheduling resource and the temporary C-RNTI are carried in the random access response.
  • the UE sends an RRC connection recovery request according to the uplink scheduling resource in the RAR; the network side receives the MSG3 message that is sent by the terminal device through the PUSCH and includes the RRC connection recovery request.
  • the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
  • the identifier of the target network device is obtained by the blind solution, and the terminal device context identifier that is carried in the MSG3 decoding is obtained.
  • the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
  • the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
  • the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
  • the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
  • the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
  • the embodiment of the invention provides an integrity protection method, which is applied to a terminal device, and the method includes:
  • an MSG3 message including an RRC connection recovery request, where the RRC connection recovery request carries a terminal device context identifier.
  • the first network device in this embodiment can be understood as the current serving base station of the terminal device.
  • the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB.
  • the target network device can be understood as an anchor gNB that holds the terminal device context.
  • an MSG3 message including an RRC connection recovery request including:
  • the RRC Connection Recovery Request message is integrity protected and/or encrypted using a key and security algorithm in the UE AS context;
  • An RRC connection recovery request is sent in the MSG3, and the MAC CE carrying the terminal device context identifier is obtained in the MSG3.
  • the terminal device first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3.
  • the temporary C-RNTI allocated by the network side is obtained from the random access response RAR in the MSG2.
  • the RRC connection recovery request sent in the MSG3 on the PUSCH is scrambled based on the temporary C-RNTI. That is, the terminal device scrambles the PUSCH by using the temporary C-RNTI allocated in the RAR in the MSG2.
  • the network side may also perform processing of allocating a temporary C-RNTI to the terminal device in a random access response RAR in the MSG2.
  • the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: performing descrambling on the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH based on the temporary C-RNTI.
  • the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0.
  • the MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
  • the preamble sequence allocated by the network side is obtained by system broadcast, or the protocol specifies a whole network unique preamble sequence; wherein the preamble sequence is used by the MSG3 to send the SRB1 message.
  • the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast.
  • the preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
  • the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
  • the UE After receiving the dedicated preamble, the UE receives the random access response sent by the network side, acquires at least the uplink scheduling resource and the temporary C-RNTI in the random access response, and sends an RRC connection recovery based on the PUSCH corresponding to the uplink scheduling resource. request. Specifically, the network side sends a random access response to the terminal device, and at least the uplink scheduling resource and the temporary C-RNTI are carried in the random access response.
  • the base station identification part based on the terminal device context identifier, or the PUSCH is scrambled based on the terminal context identifier or based on the C-RNTI; correspondingly, the network side receiving terminal equipment sends the RRC connection recovery request by using the PUSCH MSG3 message.
  • the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
  • the identifier of the target network device is obtained by the blind solution, and the terminal device context identifier that is carried in the MSG3 decoding is obtained.
  • the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
  • the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
  • the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
  • the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
  • the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
  • An embodiment of the present invention provides a first network device, as shown in FIG. 3, including:
  • the first communication unit 31 receives an MSG3 message that is sent by the terminal device and includes an RRC connection recovery request, and acquires the terminal device context from the target network device.
  • the first processing unit 32 obtains the terminal device context identifier and/or the target network device identifier from the MSG3 and/or by decoding the PUSCH where the MSG3 is located.
  • the first network device in this embodiment can be understood as the current serving base station of the terminal device.
  • the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB.
  • the target network device can be understood as an anchor gNB that holds the terminal device context.
  • the obtaining the terminal device context from the target network device may specifically include the following two implementation manners:
  • the first communication unit 31 sends the TB data including the terminal device context identifier to the target network device;
  • the target network device determines that the integrity check is successful, acquiring the terminal device context from the target network device, and restoring the terminal device context;
  • the target network device determines that the integrity check fails, obtaining the rejecting the terminal device indication from the target network device, and rejecting the terminal device to restore the context request.
  • the first network device may forward the TB data to the target base station (that is, the target network device) when the terminal device context needs to be acquired; the target base station decodes the TB data, obtains the UE AS context id, and then finds The context of the UE, and recovering SRB1 according to the AS context of the UE, and performing decoding and integrity verification, and/or decryption;
  • the target base station that is, the target network device
  • the target base station decodes the TB data, obtains the UE AS context id, and then finds The context of the UE, and recovering SRB1 according to the AS context of the UE, and performing decoding and integrity verification, and/or decryption
  • the integrity verification of the target network device ie, the target base station
  • the context of the UE is sent to the serving base station.
  • the serving base station recovers the context of the UE; if the integrity protection verification fails, the serving base station is notified to reject the UE.
  • the first communication unit 31 acquires the terminal device context from the target network device based on the terminal device context identifier; the first processing unit 32 decodes and completes the TB data including the terminal device context identifier. Verifying that when the integrity check is successful, determining to restore the terminal device context; when the integrity check fails, determining to reject the terminal device to resume the context request.
  • the first network device (that is, the serving base station) requests the target base station for the UE context by using the UE AS context id; the first network device (that is, the serving base station) restores the context of the UE.
  • the TB data is then decoded and decoded and integrity verified, and/or decrypted.
  • the first network device restores the context of the UE if the integrity verification succeeds; if the integrity protection verification fails, the UE is rejected.
  • this embodiment also describes how to obtain the terminal device context identifier in the following scenarios:
  • Scenario 1 The UE initiates an RRC connection recovery.
  • the UE uses the key of the original AS context for integrity protection and decides to send it to the network side on SRB1.
  • specific operations on the network side may include:
  • the first communication unit 31 hands the RRC connection recovery request to the MAC layer of SRB0, and performs decoding by the MAC layer to determine that the TB data is data of SRB1.
  • the first processing unit receives an RRC connection recovery request sent by the terminal device in the MSG3, acquires a MAC CE carrying the terminal device context identifier from the MSG3, and acquires the terminal by decoding the MAC CE.
  • a device context identifier and an identification of the target network device are included in the MSG3.
  • the UE first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3.
  • the PUSCH is scrambled by using the temporary C-RNTI allocated in the RAR in the MSG2.
  • the network side may also perform the following processing: the first communication unit 31 allocates a temporary C-RNTI to the terminal device in the random access response RAR in the MSG2.
  • the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: a first processing unit 32, based on the temporary C-RNTI, the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH Perform descrambling.
  • the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0.
  • the MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
  • the first communication unit 31 broadcasts a preamble sequence to the terminal device by using a system broadcast, or the protocol specifies a unique preamble sequence of the entire network;
  • the preamble sequence is used by the MSG3 to send an SRB1 message.
  • the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast.
  • the preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
  • the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
  • the network side responds to the RAR. Specifically, the first communication unit 31 sends a random access response to the terminal device, and carries at least the uplink scheduling resource and the temporary C- in the random access response. RNTI.
  • the UE sends an RRC connection recovery request according to the uplink scheduling resource in the RAR; the network side receives the MSG3 message that is sent by the terminal device through the PUSCH and includes the RRC connection recovery request.
  • the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
  • the first processing unit when the PUSCH is scrambled based on the base station identification part of the terminal device context identifier, obtains the identifier of the target network device by using a blind solution, and the method is obtained according to the MSG3 decoding.
  • Terminal device context identifier when the PUSCH is scrambled based on the base station identification part of the terminal device context identifier, obtains the identifier of the target network device by using a blind solution, and the method is obtained according to the MSG3 decoding.
  • the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
  • the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
  • the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
  • the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
  • the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
  • An embodiment of the present invention provides a terminal device, as shown in FIG. 4, including:
  • the second communication unit 41 sends an MSG3 message including an RRC connection recovery request to the network side, where the RRC connection recovery request carries the terminal device context identifier.
  • the first network device in this embodiment can be understood as the current serving base station of the terminal device.
  • the terminal device is also a user equipment (UE) in the figure, and the current UE is in the serving base station, that is, the serving gNB.
  • the target network device can be understood as an anchor gNB that holds the terminal device context.
  • the terminal device further includes:
  • the second processing unit 42 restores the UE AS context and SRB1; performs integrity protection and/or encryption on the RRC connection recovery request message by using a key and a security algorithm in the UE AS context;
  • the second communication unit 41 sends an RRC connection recovery request in the MSG3, and acquires a MAC CE carrying the terminal device context identifier in the MSG3.
  • the terminal device first performs a contention random access procedure, and sends an RRC connection recovery request message to the network side in the MSG3, and adds a MAC CE of the UE AS context id to the MSG3.
  • the temporary C-RNTI allocated by the network side is obtained from the random access response RAR in the MSG2.
  • the RRC connection recovery request sent in the MSG3 on the PUSCH is scrambled based on the temporary C-RNTI. That is, the terminal device scrambles the PUSCH by using the temporary C-RNTI allocated in the RAR in the MSG2.
  • the network side may also perform a process of allocating a temporary C-RNTI to the terminal device in a random access response RAR in the MSG2.
  • the MSG3 message that is sent by the receiving terminal device and includes the RRC connection recovery request further includes: performing descrambling on the RRC connection recovery request sent by the terminal device in the MSG3 on the PUSCH based on the temporary C-RNTI.
  • the network side descrambles the data on the PUSCH through the temporary C-RNTI, and then delivers the UE to the MAC layer of the SRB0.
  • the MAC decoding finds that the TB data is the data on the SRB1, and decodes the UE AS context id. And find the target network device according to the UE AS context id.
  • the second communication unit 41 acquires a preamble sequence allocated by the network side through system broadcast, or specifies a whole network unique preamble sequence by using a protocol; wherein the preamble sequence is used by the MSG3 to send an SRB1 message.
  • the network side allocates a dedicated preamble to the terminal device (that is, the UE), and the preamble may be unique to the entire network, or may be unique within the cell, and broadcast the reserved preamble in the system broadcast.
  • the preamble is used to indicate a UE initiated RRC connection recovery request, sent using SRB1, and/or employ integrity protection, and/or employ encryption or the like.
  • the UE resumes the RRC connection and sends with SRB1, and/or employs integrity protection, and/or employs encryption. Then the UE sends the dedicated preamble.
  • the second communication unit 41 After receiving the dedicated preamble, the second communication unit 41 receives a random access response sent by the network side, and acquires at least an uplink scheduling resource and a temporary C-RNTI in the random access response; The corresponding PUSCH transmits an RRC connection recovery request. Specifically, the network side sends a random access response to the terminal device, and at least the uplink scheduling resource and the temporary C-RNTI are carried in the random access response.
  • a second processing unit based on the base station identification part of the terminal device context identifier, or the PUSCH is scrambled based on the terminal context identifier or based on the C-RNTI; correspondingly, the network side receiving terminal device sends the content by using the PUSCH
  • the RRC connection recovers the requested MSG3 message.
  • the PUSCH that the terminal device (that is, the UE) sends the message may be scrambled by using the gNB id part of the UE as context ID, or the C-RNTI scrambling in the RAR, or the UE context id scrambling, and the like.
  • the identifier of the target network device is obtained by the blind solution, and the terminal device context identifier that is carried in the MSG3 decoding is obtained.
  • the PUSCH is scrambled based on the terminal context identifier, obtaining the terminal device context identifier by using a blind solution, and determining an identifier of the target base station (target network device);
  • the gNB id part of the UE as context ID is scrambled or the UE as context ID is scrambled, and the network side obtains the identity of the target base station by blind solution.
  • the terminal device context identifier that is carried in the MSG3 decoding is obtained, and the identifier of the target base station is determined.
  • the terminal device uses the C-RNTI in the RAR to scramble, and the MSG3 carries the UE context id MAC CE. Find the target base station.
  • the terminal device context identifier can be sent to the network side by using the MAC CE method or the terminal device context identifier can be carried by the scrambling PUSCH, so that the network device can identify the target base station corresponding to the terminal device and search for the target base station. Context. Therefore, when the current cell managed by the network device accessed by the terminal device does not have the terminal device context, the context can be obtained from the target base station according to the terminal device context identifier, which improves the reliability of the terminal device accessing the network and the system processing efficiency.
  • the embodiment of the present invention further provides a hardware component architecture of a network device or a terminal device.
  • the system includes at least one processor 51, a memory 52, and at least one network interface 53.
  • the various components are coupled together by a bus system 54.
  • bus system 54 is used to implement connection communication between these components.
  • the bus system 54 includes, in addition to the data bus, a power bus, a control bus, and a status signal bus.
  • various buses are labeled as bus system 54 in FIG.
  • the memory 52 in the embodiments of the present invention may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memory.
  • memory 52 stores elements, executable modules or data structures, or a subset thereof, or their extension set:
  • the processor 51 is configured to be able to process the method steps of the first embodiment or the second embodiment, and details are not described herein.
  • a computer storage medium is provided by the embodiment of the present invention.
  • the computer storage medium stores computer executable instructions. When the computer executable instructions are executed, the method steps of the first embodiment or the second embodiment are implemented.
  • Embodiments of the Invention may be stored in a computer readable storage medium if it is implemented in the form of a software function module and sold or used as a standalone product. Based on such understanding, the technical solution of the embodiments of the present invention may be embodied in the form of a software product in essence or in the form of a software product stored in a storage medium, including a plurality of instructions.
  • a computer device (which may be a personal computer, server, or network device, etc.) is caused to perform all or part of the methods described in various embodiments of the present invention.
  • the foregoing storage medium includes various media that can store program codes, such as a USB flash drive, a mobile hard disk, a read only memory (ROM), a magnetic disk, or an optical disk.
  • embodiments of the invention are not limited to any specific combination of hardware and software.
  • an embodiment of the present invention further provides a computer storage medium, wherein a computer program is configured, and the computer program is configured to execute a data scheduling method according to an embodiment of the present invention.

Abstract

L'invention concerne un procédé de vérification d'intégrité, un dispositif de réseau, un dispositif terminal, ainsi qu'un support de stockage informatique. Le procédé selon l'invention consiste : à recevoir un message MSG3 comprenant une demande de reprise de connexion (RRC), envoyé par un dispositif terminal ; à acquérir un identifiant de contexte du dispositif terminal et/ou un identifiant d'un dispositif de réseau cible issu du MSG3 et/ou par décodage d'un PUSCH dans lequel est situé le MSG3 ; et à acquérir un contexte du dispositif terminal à partir du dispositif de réseau cible.
PCT/CN2018/077057 2018-02-23 2018-02-23 Procédé de vérification d'intégrité, dispositif de réseau, dispositif terminal et support de stockage informatique WO2019161545A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2018/077057 WO2019161545A1 (fr) 2018-02-23 2018-02-23 Procédé de vérification d'intégrité, dispositif de réseau, dispositif terminal et support de stockage informatique
CN201880036992.XA CN110710241A (zh) 2018-02-23 2018-02-23 完整性校验方法、网络设备、终端设备及计算机存储介质

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/077057 WO2019161545A1 (fr) 2018-02-23 2018-02-23 Procédé de vérification d'intégrité, dispositif de réseau, dispositif terminal et support de stockage informatique

Publications (1)

Publication Number Publication Date
WO2019161545A1 true WO2019161545A1 (fr) 2019-08-29

Family

ID=67686621

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/077057 WO2019161545A1 (fr) 2018-02-23 2018-02-23 Procédé de vérification d'intégrité, dispositif de réseau, dispositif terminal et support de stockage informatique

Country Status (2)

Country Link
CN (1) CN110710241A (fr)
WO (1) WO2019161545A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101848536A (zh) * 2010-04-28 2010-09-29 新邮通信设备有限公司 一种无线资源控制连接重建立方法和一种基站
WO2017134630A1 (fr) * 2016-02-05 2017-08-10 Telefonaktiebolaget Lm Ericsson (Publ) Système et procédé d'identification flexible d'équipement utilisateur
CN107124741A (zh) * 2016-02-24 2017-09-01 大唐移动通信设备有限公司 一种rrc连接重建立的方法及装置
WO2017162380A1 (fr) * 2016-03-23 2017-09-28 Sony Corporation Appareil et procédés de télécommunication
CN107318176A (zh) * 2016-04-26 2017-11-03 中兴通讯股份有限公司 恢复标识的获取、发送方法及装置、ue、接入网设备

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8341700B2 (en) * 2003-10-13 2012-12-25 Nokia Corporation Authentication in heterogeneous IP networks
CN102821382B (zh) * 2008-06-18 2015-09-23 上海华为技术有限公司 一种用于接入的装置
CN104735627A (zh) * 2013-12-23 2015-06-24 北京信威通信技术股份有限公司 集群业务属性上报和接收的方法、装置和系统
EP3238491A1 (fr) * 2014-12-23 2017-11-01 IDAC Holdings, Inc. Réduction de latence dans des systèmes lte
DK3378273T3 (da) * 2015-11-17 2022-02-21 Ericsson Telefon Ab L M Fremgangsmåder og indretninger til udførelse af en genoptagelsesprocedure
CN106993335B (zh) * 2016-01-21 2022-03-01 中兴通讯股份有限公司 前导码发送、接收方法、装置、用户设备及基站

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101848536A (zh) * 2010-04-28 2010-09-29 新邮通信设备有限公司 一种无线资源控制连接重建立方法和一种基站
WO2017134630A1 (fr) * 2016-02-05 2017-08-10 Telefonaktiebolaget Lm Ericsson (Publ) Système et procédé d'identification flexible d'équipement utilisateur
CN107124741A (zh) * 2016-02-24 2017-09-01 大唐移动通信设备有限公司 一种rrc连接重建立的方法及装置
WO2017162380A1 (fr) * 2016-03-23 2017-09-28 Sony Corporation Appareil et procédés de télécommunication
CN107318176A (zh) * 2016-04-26 2017-11-03 中兴通讯股份有限公司 恢复标识的获取、发送方法及装置、ue、接入网设备

Also Published As

Publication number Publication date
CN110710241A (zh) 2020-01-17

Similar Documents

Publication Publication Date Title
CN102025685B (zh) 认证处理方法及装置
US9667413B2 (en) Encryption realization method and system
US10939413B2 (en) Communication method and related apparatus
JP2020519193A (ja) データ伝送方法、端末デバイス及びアクセスネットワークデバイス
US11246033B2 (en) Authentication method, and related device and system
CN109922474B (zh) 触发网络鉴权的方法及相关设备
WO2009030155A1 (fr) Procédé, système et appareil pour négocier les capacités de sécurité lors du déplacement d'un terminal
CN112566115B (zh) 指示用户设备获取密钥的方法、用户设备及网络设备
CN108293259B (zh) 一种nas消息处理、小区列表更新方法及设备
CN110958688A (zh) 用户设备及其执行的方法、基站及其执行的方法
Pratas et al. Massive machine-type communication (mMTC) access with integrated authentication
CN109644354B (zh) 一种完整性验证方法、网络设备、ue及计算机存储介质
EP3799461B1 (fr) Procédé et dispositif de vérification de validité d'un réseau et support d'informations informatique
WO2019233444A1 (fr) Procédé et dispositif pour renforcer la sécurité d'identifiant d'ue, et support de stockage informatique
CN112887971B (zh) 数据传输方法和装置
CN108377494B (zh) 一种终端异常流程保护方法和装置
US10154369B2 (en) Deterrence of user equipment device location tracking
WO2019161545A1 (fr) Procédé de vérification d'intégrité, dispositif de réseau, dispositif terminal et support de stockage informatique
CN116235524A (zh) 一种安全通信方法以及装置
EP4061037A1 (fr) Procédé de transmission d'informations de confidentialité, appareil, dispositif informatique et support lisible par ordinateur
WO2022067815A1 (fr) Procédé et appareil de communication, et dispositif
CN113572801A (zh) 会话建立方法、装置、接入网设备及存储介质
CN113302959A (zh) 一种数据传输方法及装置
WO2019178722A1 (fr) Procédé et dispositif permettant d'acquérir une clé et support de stockage informatique
EP3804374B9 (fr) Procédé et appareil de négociation d'algorithme de sécurité

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18907043

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18907043

Country of ref document: EP

Kind code of ref document: A1