WO2023185960A1 - Procédé et appareil de communication - Google Patents

Procédé et appareil de communication Download PDF

Info

Publication number
WO2023185960A1
WO2023185960A1 PCT/CN2023/084871 CN2023084871W WO2023185960A1 WO 2023185960 A1 WO2023185960 A1 WO 2023185960A1 CN 2023084871 W CN2023084871 W CN 2023084871W WO 2023185960 A1 WO2023185960 A1 WO 2023185960A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
network element
handover
ncc
message
Prior art date
Application number
PCT/CN2023/084871
Other languages
English (en)
Chinese (zh)
Inventor
杨林平
姚琴波
梁云侠
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2023185960A1 publication Critical patent/WO2023185960A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/14Reselecting a network or an air interface
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/0055Transmission or use of information for re-establishing the radio link
    • H04W36/0079Transmission or use of information for re-establishing the radio link in case of hand-off failure or rejection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/16Performing reselection for specific purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/24Reselection being triggered by specific parameters

Definitions

  • the present application relates to the field of communication, and in particular, to a communication method and device.
  • the terminal can switch within the network of the same standard. For example, the terminal can switch within the NR network, or in the Handover within LTE network. Alternatively, the terminal can also switch between networks of different standards. For example, the terminal can switch from an NR network to an LTE network, or from an LTE network to an NR network.
  • NR new radio
  • LTE long term evolution
  • the terminal may re-establish a radio resource control (RRC) connection with the network to avoid service interruption.
  • RRC radio resource control
  • the terminal may fail to switch multiple times in a row, resulting in the terminal being unable to switch successfully in the future. How to ensure that the terminal can successfully switch is a hot issue in the industry.
  • Embodiments of the present application provide a communication method and device to prevent subsequent handovers from still failing when multiple consecutive handovers fail.
  • the first aspect is to provide a communication method.
  • the method includes: when it is determined that the number of consecutive switching failures of the terminal reaches a preset number, the mobility management network element triggers a re-authentication process of the terminal, and after the re-authentication process is completed, resets the NCC of the terminal to the initial value. NCC. Among them, every time it is determined that the terminal needs to be switched, the mobility management network element adds 1 to the NCC value of the terminal's next hop chain calculation.
  • the NCC of the terminal and the mobility management network element may be out of synchronization.
  • the mobility management network element can reset the NCC saved on the terminal and the mobility management network element side to the initial value of NCC by triggering the terminal's re-authentication process to ensure that the terminal and the NCC on the network side of the mobility management network element remain synchronized. , to prevent subsequent switching from still failing.
  • the preset number is greater than or equal to 2, that is, when two consecutive handover failures occur, the reset of the NCC can be triggered to ensure that the terminal succeeds in handover as soon as possible to avoid the number of consecutive handover failures. Too many and affect business continuity.
  • the preset number of times is equal to 7.
  • NCC is usually represented by 3 bits, for example, it means that the value of NCC ranges from 0 (recorded as NCC0) to 7 (recorded as NCC7). Taking the initial value as NCC0 as an example, 7 consecutive switching failures (the default number is equal to 7) will cause the NCC to increase to NCC8.
  • NCC8 can only be represented by flipping, such as flipping to NCC0, that is, the value of NCC is flipped.
  • the mobility management network element knows that the current NCC is NCC8, but the NCC of the terminal indicated through the air interface is NCC0, causing the terminal to be out of sync with the NCC on the network side. At this time, synchronization can be restored by resetting the NCC. For example, the mobility management network element and the terminal are reset to NCC0, thereby avoiding continued handover failures due to NCC out-of-synchronization.
  • the preset number can be any integer less than 2 N , such as 2 N -1, 2 N -2 or 2 N -3, etc. . This application does not limit this.
  • the mobility management network element stores the number of consecutive terminal handover failures.
  • the method described in the first aspect may further include: when it is determined that the terminal handover fails, the mobility management network element adds 1 to the number of consecutive terminal handover failures, and when any one or more of the following conditions are met, the mobile management network element The management network element resets the number of consecutive terminal handover failures to the initial value, such as 0 or 1.
  • the any one or more conditions include: the switching result of the next switching after the current switching failure is a successful switching, the number of consecutive switching failures of the terminal reaches a preset number, or the terminal enters an idle state.
  • the mobility management network element re-records the number of consecutive terminal handover failures to ensure maintenance accuracy, so that if the NCC of the terminal and the mobility management network element are out of sync again, the mobile management network element can re-record the number of consecutive handover failures. Trigger NCC reset to avoid subsequent handover failures due to different NCCs.
  • the prerequisite for a successful terminal handover is that the NCC of the terminal and the mobile management network element are synchronized.
  • the number of consecutive terminal handover failures saved by the mobility management network element can be used to indicate whether the mobility management network element needs to reset the NCC.
  • the mobility management network element can be triggered to reset the NCC.
  • the mobility management network element can also reset the number of consecutive terminal handover failures to the initial value.
  • the method described in the first aspect may further include: the mobility management network element determines that the terminal handover fails. It can be understood that since the mobility management network element can initiate the handover process, the mobility management network element needs to know the handover result, such as whether the handover is successful or failed, to ensure that subsequent processes are executed normally.
  • the mobility management network element determines that the terminal handover fails, including: the mobility management network element receives a relocation response message.
  • the relocation response message is used to indicate that the target access network device does not allow terminal handover. That is, before the terminal senses the handover, the handover fails because the target access network device does not allow the terminal to handover.
  • the mobility management network element determines that the terminal switching fails, including: the mobility management network element times out and fails to receive the relocation completion notification message, and the relocation completion notification message is used to indicate that the terminal switching is completed. That is to say, failure to receive the relocation completion notification message after a timeout indicates that the terminal switch has not been successful. For example, the terminal cannot access the target access network device, that is, the terminal senses the switch, but fails to attempt to access the target access network device. This switch failed.
  • the mobility management network element can update the number of consecutive terminal handover failures based on this handover failure to ensure the number of consecutive terminal handover failures. accuracy.
  • the method described in the first aspect may also include: the mobility management network element receives the handover requirement message, and adds the NCC value of the terminal according to the handover requirement message. 1. Then, the mobility management network element receives the relocation response message and sends the terminal's current NCC to the terminal. The relocation response message is used to instruct the target access network device to allow the terminal to switch. In this way, the terminal can trigger the integrity protection check during the handover process based on the current NCC to ensure communication security during the handover process.
  • the mobility management network element triggers the terminal's re-authentication process, which includes: the mobility management network element sends an authentication request message to the authentication service network element.
  • the authentication request message is used to request the authentication service network element to Authentication is performed by reusing existing signaling to trigger the re-authentication process to reduce implementation difficulty.
  • the re-authentication process is completed, including: the mobility management network element receives an authentication response message from the authentication service network element.
  • the authentication response message may be used to indicate successful authentication, that is, indicating that the terminal is trustworthy.
  • the mobility management network element can reset the NCC of the terminal to the initial value of the NCC only after determining that the terminal is trustworthy, which can further ensure communication security.
  • the re-authentication process is at least one of the following: the authentication and key agreement AKA process, or the extended authentication protocol EAP-AKA' process.
  • the specific re-authentication process can be determined by the home operator.
  • the strategy can be determined flexibly.
  • the method described in the first aspect may also include: the mobility management network element reports to The terminal sends a non-access layer NAS security mode command message; or the mobility management network element receives a security mode response message from the terminal.
  • the NAS security mode command message is used to instruct the terminal to activate the NAS security context.
  • the NAS security context is a security context generated through the re-authentication process.
  • the security mode response message is used to indicate the completion of the NAS security context activation so that it can be activated later.
  • the NAS security context further activates the terminal's access layer AS security context to ensure AS signaling security.
  • a communication device in a second aspect, includes: a module for executing the method described in the first aspect, for example, a transceiver module and a processing module. in,
  • the processing module is used to trigger the re-authentication process of the terminal when it is determined that the number of consecutive switching failures of the terminal reaches a preset number of times; wherein, each time it is determined that the terminal needs to be switched, the mobility management network element changes the NCC of the terminal Add 1 to the value. And, the processing module is also used to reset the NCC of the terminal to the NCC of the initial value after the re-authentication process is completed.
  • the preset number is greater than or equal to 2.
  • the preset number of times is equal to 7.
  • the preset number can be any integer less than 2 N , such as 2 N -1, 2 N -2 or 2 N -3, etc. . This application does not limit this.
  • the communication device stores the number of consecutive switching failures of the terminal.
  • the processing module is also used to add 1 to the number of consecutive terminal switching failures when it is determined that the terminal switching fails, and reset the number of consecutive terminal switching failures to 1 when any one or more of the following conditions are met. initial value.
  • any one or more conditions include: the switching result of the next switching after the current switching failure is a successful switching, the number of consecutive switching failures of the terminal reaches a preset number, or the terminal enters an idle state.
  • the processing module is also used to determine terminal switching failure.
  • the transceiver module is configured to receive a relocation response message, and the relocation response message is used to indicate that the target access network device does not allow terminal switching.
  • the transceiver module is configured to time out and fail to receive the relocation completion notification message, and the relocation completion notification message is used to indicate that the terminal switching is completed.
  • the transceiver module is also configured to receive the handover requirement message before the processing module triggers the re-authentication process of the terminal.
  • the processing module is also used to add 1 to the NCC value of the terminal according to the handover requirement message;
  • the transceiver module is also used to receive a relocation response message, and the relocation response message is used to instruct the target access network device to allow the terminal to switch.
  • the transceiver module is also used to send the terminal's current NCC to the terminal.
  • the value of NCC is represented by 3 bits.
  • the transceiver module is used to send an authentication request message to the authentication service network element.
  • the authentication request message is used to request the authentication service network element to authenticate the terminal.
  • the transceiver module is configured to receive an authentication response message from the authentication service network element, and the authentication response message is used to indicate successful authentication.
  • the re-authentication process includes at least one of the following: AKA process, or EAP-AKA’ process.
  • the transceiver module is configured to send a safe mode command message to the terminal after the re-authentication process is completed and before the processing module resets the NCC of the terminal to the initial value of the NCC.
  • the transceiver module is configured to receive a security mode response message from the terminal after the re-authentication process is completed and before the processing module resets the NCC of the terminal to the initial value of the NCC.
  • the security mode command message is used to instruct the terminal to activate the non-access layer NAS security context.
  • the NAS security context is a security context generated through the re-authentication process.
  • the security mode response message is used to indicate the completion of the NAS security context activation.
  • the transceiver module may include a sending module and a receiving module.
  • the sending module is used to implement the sending function of the communication device described in the fifth aspect
  • the receiving module is used to implement the receiving function of the communication device described in the second aspect.
  • the communication device described in the second aspect may further include a storage module that stores programs or instructions.
  • the processing module executes the program or instruction
  • the communication device can execute the communication method described in the first aspect.
  • the communication device described in the second aspect may be a network device, such as a mobility management network element, or may be a chip (system) or other component or component that can be installed in the network device, or may include a network device. device, this application does not limit this.
  • a communication device in a third aspect, includes: a processor configured to execute the communication method described in the first aspect.
  • the communication device described in the third aspect may further include a transceiver.
  • the transceiver can be a transceiver circuit or an interface circuit.
  • the transceiver may be used for the device to communicate with other communication devices.
  • the communication device described in the third aspect may further include a memory.
  • This memory can be integrated with the processor or provided separately.
  • the memory may be used to store computer programs and/or data involved in the communication method described in the first aspect.
  • the communication device described in the third aspect may be the network device described in the first aspect, or a chip (system) or other component or component that may be disposed in the network device, or a device including the network device. .
  • a fourth aspect provides a communication device.
  • the communication device includes: a processor, the processor is coupled to a memory, and the processor is used to execute a computer program stored in the memory, so that the communication device executes the communication method described in the first aspect.
  • the communication device described in the fourth aspect may further include a transceiver. Should send and receive The device can be a transceiver circuit or an interface circuit. The transceiver may be used for the device to communicate with other communication devices.
  • the communication device described in the fourth aspect may be the network device described in the first aspect, or a chip (system) or other component or component that may be disposed in the network device, or a device including the network device .
  • a communication device including: a processor and a memory; the memory is used to store a computer program, and when the processor executes the computer program, the communication device performs the communication method described in the first aspect. .
  • the communication device described in the fifth aspect may further include a transceiver.
  • the transceiver can be a transceiver circuit or an interface circuit.
  • the transceiver may be used for the device to communicate with other communication devices.
  • the communication device described in the fifth aspect may be the network device described in the first aspect, or a chip (system) or other components or components that may be disposed in the network device, or a device including the network device .
  • a communication device including: a processor.
  • the processor is configured to be coupled to the memory, and after reading the computer program in the memory, execute the communication method as described in the first aspect according to the computer program.
  • the communication device described in the sixth aspect may further include a transceiver.
  • the transceiver can be a transceiver circuit or an interface circuit.
  • the transceiver may be used for the device to communicate with other communication devices.
  • the communication device described in the sixth aspect may be the network device described in the first aspect, or a chip (system) or other component or component that may be disposed in the network device, or a device including the network device .
  • a computer-readable storage medium including: a computer program or instructions; when the computer program or instructions are run on a computer, the computer is caused to perform the communication method as described in the first aspect.
  • a computer program product including: a computer program or instructions, which, when run on a computer, cause the computer to perform the communication method as described in the first aspect.
  • Figure 1 is a schematic diagram of the architecture of the 4G system
  • Figure 2 is a schematic diagram of the architecture of the 5G system
  • Figure 3 is an architectural schematic diagram of an example diagram of the 4G-5G converged architecture
  • Figure 4 is a schematic diagram of the key derivation process
  • Figure 5 is a schematic diagram 2 of the key derivation process
  • Figure 6 is a schematic flow chart of handover from 4G to 5G;
  • Figure 7 is a schematic flow chart of handover from 5G to 4G;
  • Figure 8 is a schematic flow chart of handover from 4G to 4G;
  • Figure 9 is a schematic flow chart of handover from 5G to 5G;
  • Figure 10 is a flowchart 1 of RRC re-establishment
  • Figure 11 is a schematic diagram 2 of the RRC re-establishment process
  • Figure 12 is a schematic flowchart 1 of handover failure
  • Figure 13 is a schematic diagram 2 of the process of handover failure
  • Figure 14 is a schematic architectural diagram of a communication system provided by an embodiment of the present application.
  • FIG. 15 is a schematic flowchart 1 of the communication method provided by the embodiment of the present application.
  • Figure 16 is a schematic flowchart 2 of the communication method provided by the embodiment of the present application.
  • Figure 17 is a schematic flowchart three of the communication method provided by the embodiment of the present application.
  • Figure 18 is a schematic structural diagram of a communication device provided by an embodiment of the present application.
  • Figure 19 is a schematic second structural diagram of a communication device provided by an embodiment of the present application.
  • the security context of the UE includes the NAS security context of the UE and the AS security context of the UE.
  • the NAS security context of the UE can be used to ensure the communication security of the NAS.
  • the UE's NAS security context may be the UE's complete NAS security context.
  • the complete NAS security context of the UE may include: key K SAME /key K AMF , the NAS algorithm, the encryption key of the NAS, and the integrity protection key of the NAS.
  • the NAS algorithm may be the encryption and integrity protection algorithm of the NAS.
  • the encryption key of the NAS and the integrity protection key of the NAS can be derived through the NAS algorithm by using the key K SAME / the key K AMF as the NAS algorithm input parameters.
  • the NAS security context of the UE may be identified by a key set identifier (KSI).
  • the KSI may be a 5G key set identifier (key set identifier in 5G, ngKSI) or an E-UTRAN key set identifier (key set identifier in E-UTRAN, eKSI).
  • NAS security context a key set identifier
  • E-UTRAN key set identifier key set identifier in E-UTRAN, eKSI
  • activating the NAS security context means adjusting the status of the NAS security context to an available state, that is, the NAS security context can be used subsequently. If the NAS security context is not activated, the NAS security context is unavailable.
  • the AS security context of the UE can be used to ensure communication security of the AS.
  • the AS security context of the UE may include: a pair of ⁇ NH, NCC ⁇ , AS algorithm, AS encryption key, and AS integrity protection key.
  • NH is the initial value of NH, that is, when it is the initial key KeNB/key KgNB
  • the initial key KeNB can be deduced based on the key K SAME in the NAS security context
  • the initial key KgNB can be derived based on the NAS security context.
  • the key K in the security context is derived from AMF .
  • the encryption key of the AS and the integrity protection key of the AS can be derived through the AS algorithm using the key KeNB/key KgNB as input parameters of the AS algorithm.
  • the embodiment of this application describes the "NAS security context of the UE" as the "AS security context”.
  • activating the AS security context means adjusting the status of the AS security context to an available state, that is, the AS security context can be used subsequently. If the AS security context is not activated, the AS security context is not available.
  • FIG. 1 is a schematic diagram of the architecture of the 4G system.
  • the 4G system or evolved packet system includes: terminal, evolved universal mobile telecommunications system (UMTS) land wireless Access network (evolved UMTS territorial radio access network (E-UTRAN) equipment, mobility management entity (MME), serving gateway (SGW), packet data network (PDN gateway) (PDN gateway, PGW), business capability opening Function (service capability exposure function, SCEF) network element and home subscriber server (home subscriber server, HSS) and other network elements or equipment.
  • UMTS evolved universal mobile telecommunications system
  • E-UTRAN mobility management entity
  • SGW serving gateway
  • PDN gateway packet data network
  • SCEF service capability exposure function
  • HSS home subscriber server
  • the terminal may be a terminal with a transceiver function, or a chip or chip system that can be installed on the terminal.
  • the terminal can also be called user equipment (UE), access terminal, subscriber unit (subscriber unit), user station, mobile station (MS), mobile station, remote station, remote terminal, mobile device, User terminal, terminal, wireless communication device, user agent or user device.
  • UE user equipment
  • MS subscriber unit
  • MS mobile station
  • remote station remote terminal
  • mobile device User terminal, terminal, wireless communication device, user agent or user device.
  • the terminal in the embodiment of the present application may be a mobile phone (mobile phone), cellular phone (cellular phone), smart phone (smart phone), tablet computer (Pad), wireless data card, personal digital assistant computer (personal digital assistant, PDA) ), wireless modems, handheld devices, laptop computers, machine type communication (MTC) terminals, computers with wireless transceiver functions, virtual reality (VR) Terminals, augmented reality (AR) terminals, wireless terminals in industrial control, wireless terminals in self-driving, wireless terminals in remote medical, smart grids Wireless terminals in grid, wireless terminals in transportation safety, wireless terminals in smart city, wireless terminals in smart home, vehicle-mounted terminals, roadside units with terminal functions (road side unit, RSU) etc.
  • the terminal of this application may also be a vehicle-mounted module, vehicle-mounted module, vehicle-mounted component, vehicle-mounted chip, or vehicle-mounted unit built into the vehicle as one or more components or units.
  • E-UTRAN equipment can be eNB (eNodeB) or next generation eNB (next generation-eNB, ng-eNB).
  • E-UTRAN equipment is mainly used to provide network access functions for terminals in specific areas, such as the network signal coverage area of E-UTRAN equipment, so that the above-mentioned terminals can access and attach to the 4G network through E-UTRAN equipment.
  • E-UTRAN equipment communicates with the MME through S1-MME and with the SGW through S1-U.
  • MME is mainly responsible for mobility management, bearer management, user authentication, SGW selection and other functions.
  • Different MMEs communicate with each other through S10 (only one MME is shown as an example in Figure 1).
  • the MME communicates with the HSS through S6a.
  • the MME communicates with the SGW through S11.
  • the MME communicates with the SCEF network element through T8.
  • the SCEF network element communicates with For server communication, SGSN communicates with MME through S3, SGSN communicates with SGW through S4, SGW communicates with PGW through S5, and PGW accesses the server through SGi.
  • the 4G system may also include the UTRAN/global system for mobile communication (GSM) or enhanced data of the second generation (2G)/the third generation (3G) system.
  • GSM UTRAN/global system for mobile communication
  • 3G third generation
  • Rate GSM evolution enhanced data rate for GSM evolution, EDGE
  • GSM/EDGE radio access network, GERAN GSM/EDGE radio access network, GERAN
  • serving GPRS support node serving GPRS support node, SGSN
  • the terminal accesses from the 2G/3G system, the terminal communicates with the SGSN through the UTRAN/GERAN equipment, and the UTRAN/GERAN equipment communicates with the SGW through S12.
  • the SGSN communicates with the MME through S3, and the SGSN communicates with the SGW through S4.
  • the 4G system shown in Figure 1 may also include other network elements, such as policy and charging rules function (PCRF) network elements in the 4G system, etc., the embodiments of this application do not Make specific limitations.
  • PCRF policy and charging rules function
  • FIG. 2 is a schematic diagram of the architecture of the 5G system.
  • the 5G system includes: access network (AN) and core network (core network, CN), and can also include: terminals.
  • AN access network
  • core network core network
  • the specific functions of the terminal in the 5G system can be referred to the relevant introduction in the above-mentioned 4G system, and will not be described again.
  • the above-mentioned AN is used to implement access-related functions. It can provide network access functions for authorized users in a specific area, and can determine transmission links of different qualities to transmit user data according to the user's level, business needs, etc.
  • the AN forwards control signals and user data between the terminal and the CN.
  • AN may include: access network equipment, which may also be called radio access network equipment (radio access network, RAN) equipment.
  • radio access network, RAN radio access network
  • RAN equipment can be a device that provides access to terminals and is mainly responsible for wireless resource management, quality of service (QoS) management, data compression and encryption on the air interface side.
  • RAN equipment may include 5G, such as gNB in the new radio (NR) system, or one or a group (including multiple antenna panels) antenna panels of base stations in 5G, or may also constitute gNB, transmission Network nodes of transmission and reception point (TRP or transmission point, TP) or transmission measurement function (TMF), such as baseband unit (building base band unit, BBU), or centralized unit (CU) ) or distributed unit (DU), RSU with base station function, or wired access gateway, or 5G core network element.
  • 5G such as gNB in the new radio (NR) system, or one or a group (including multiple antenna panels) antenna panels of base stations in 5G, or may also constitute gNB, transmission Network nodes of transmission and reception point (TRP or transmission point, TP) or transmission measurement function (TMF), such as baseband unit (building
  • RAN equipment can also include access points (APs) in wireless fidelity (WiFi) systems, wireless relay nodes, wireless backhaul nodes, various forms of macro base stations, micro base stations (also (called small stations), relay stations, access points, wearable devices, vehicle-mounted devices, etc.
  • APs access points
  • WiFi wireless fidelity
  • the RAN equipment may also include next-generation mobile communication systems, such as 6G access network equipment, such as 6G base stations, or in the next-generation mobile communication system, the network equipment may also have other naming methods, which are all covered in this article.
  • CN is mainly responsible for maintaining mobile network subscription data and providing terminals with functions such as session management, mobility management, policy management, and security authentication.
  • CN mainly includes the following network elements: user plane function (UPF) network element, authentication server function (AUSF) network element, access and mobility management function (AMF) network element Element, session management function (SMF) network element, network slice selection function (NSSF) network element, network exposure function (NEF) network element, network function repository function (NF repository function, NRF) network element, policy control function (PCF) network element, unified data management (UDM) network element, unified data repository (UDR), application function, AF) network element, and charging function (CHF) network element.
  • UPF user plane function
  • AUSF authentication server function
  • AMF access and mobility management function
  • SMF session management function
  • NSSF network slice selection function
  • NEF network exposure function
  • NRF network exposure function
  • PCF policy control function
  • UDM unified data management
  • UDR unified data repository
  • UDR application
  • the UPF network element is mainly responsible for user data processing (forwarding, receiving, accounting, etc.).
  • the UPF network element can receive user data from a data network (DN) and forward the user data to the terminal through the access network device.
  • the UPF network element can also receive user data from the terminal through the access network equipment and send it to the DN Forward this user data.
  • DN network element refers to the operator network that provides data transmission services to users. For example, Internet protocol (IP), multimedia service (IP multi-media service, IMS), Internet, etc.
  • IP Internet protocol
  • multimedia service IP multi-media service
  • IMS Internet multi-media service
  • the DN can be an operator's external network or a network controlled by the operator, used to provide business services to terminal devices.
  • the AUSF network element is mainly used to perform terminal security authentication.
  • AMF network elements are mainly used for mobility management in mobile networks. For example, user location update, user registration network, user switching, etc.
  • SMF network elements are mainly used for session management in mobile networks. For example, session establishment, modification, and release. Specific functions include assigning Internet Protocol (IP) addresses to users, selecting UPF that provides message forwarding functions, etc.
  • IP Internet Protocol
  • the PCF network element mainly supports providing a unified policy framework to control network behavior, provides policy rules to the control layer network functions, and is also responsible for obtaining user subscription information related to policy decisions.
  • PCF network elements can provide policies to AMF network elements and SMF network elements, such as quality of service (QoS) policies, slice selection policies, etc.
  • QoS quality of service
  • NSSF network elements are mainly used to select network slices for terminals.
  • NEF network elements are mainly used to support the opening of capabilities and events.
  • UDM network elements are mainly used to store user data, such as contract data, authentication/authorization data, etc.
  • UDR network elements are mainly used to store structured data.
  • the stored content includes contract data and policy data, externally exposed structured data and application-related data.
  • the AF network element mainly supports interaction with the CN to provide services, such as affecting data routing decisions, policy control functions, or providing some third-party services to the network side.
  • Figure 3 is an example diagram of a 4G-5G converged architecture provided by this application.
  • the 4G-5G converged architecture mainly includes: terminal, eNB, ng-eNB, MME, gNB, AMF network element, HSS +UDM etc.
  • HSS+UDM refers to the function of integrating HSS into UDM network elements, or the function of integrating UDM network elements into HSS.
  • the terminal can access evolved packet core (EPC) through eNB or ng-eNB, such as accessing MME.
  • EPC evolved packet core
  • the terminal can only access the 5G core network (5GC) through ng-eNB, such as accessing the AMF network element.
  • the terminal can access 5GC only through gNB.
  • the terminal can also access the 5GC through dual-connectivity (DC).
  • DC dual-connectivity
  • the data plane of the terminal accesses the 5GC through ng-eNB
  • the control plane of the terminal accesses the 5GC through gNB.
  • the data plane of the terminal is connected to the 5GC through gNB
  • the control plane of the terminal is connected to the 5GC through ng-eNB.
  • both the terminal and the network side need to perform key deduction to ensure the security of data transmission.
  • the "network side” mentioned in this application can be understood as “mobility management network element”, such as MME/AMF network element, and the two can be replaced in description.
  • the following uses the network side as an example to introduce the key derivation process in detail.
  • the terminal side will refer to it for understanding and will not be described again.
  • Figure 4 is a schematic flow chart of the key derivation performed by the MME. As shown in Figure 4, if the next hop chain calculation (network If the value of hop chaining count (NCC) does not change, the eNB performs horizontal deduction to update the key KeNB. If the value of NCC changes, the MME performs vertical deduction to update the next hop parameter (NH). Whether the value of NCC changes may depend on the status of the terminal. For example, if the terminal needs to be switched, the value of NCC is updated and incremented by 1.
  • NCC hop chaining count
  • NH next hop parameter
  • an NCC value of x can be recorded as NCCx.
  • NCCx For convenience of expression, an NCC value of x can be recorded as NCCx.
  • NCC0 an NCC value of 0
  • NCC value of 1 can be recorded as NCC1, and so on.
  • the initial value of NH is recorded as NH0
  • the NH obtained by the xth vertical deduction can be recorded as NHx, such as NH1, NH2, NH3, etc., and so on.
  • the eNB can deduce the initial key KeNB based on the key K ASME and the non-access stratum (non-access stratum, NAS) uplink count (NAS uplink count).
  • the initial key KeNB is NH0.
  • the NH0 is associated with NCC0 as a pair ⁇ NH,NCC ⁇ .
  • the eNB can use the initial key KeNB (recorded as key KeNB1), the physical cell identifier (PCI) of the cell where the terminal currently camps, and the E-UTRA absolute frequency point Number (E-UTRA absolute radio frequency channel number, EARFCN), such as the downlink EARFCN (EARFCN-DL), deduces the key KeNB2, and the key KeNB2 can be used to derive the key for data integrity protection and encryption .
  • the eNB can deduce the key KeNB3 based on the key KeNB2, the PCI of the cell where the terminal currently resides, and the E-UTRA absolute frequency number.
  • the key KeNB3 can be used to deduce data integrity protection and New key for encryption. And so on, thereby iteratively updating the key KeNB to ensure communication security.
  • NCC is updated and increases from NCC0 to NCC1
  • the MME performs vertical deduction to deduce NH1 based on the keys K ASME and NH0.
  • NH1 is associated with NCC1 as a new pair ⁇ NH, NCC ⁇ , which is used by MME to perform horizontal deduction based on NCC1.
  • the MME continues to perform vertical deduction to deduce NH2 based on the keys K ASME and NH1.
  • NH2 is associated with NCC2 as a new pair ⁇ NH, NCC ⁇ , which is used by MME to perform horizontal deduction based on NCC2. So on and so forth.
  • Figure 5 is a schematic flowchart of the AMF network element performing key derivation. As shown in Figure 5, if the value of NCC does not change, gNB performs horizontal derivation to update the key KgNB. If the value of NCC changes, the AMF network element performs vertical deduction to update NH.
  • gNB can deduce the initial key KgNB based on the key K AMF and the NAS uplink count value.
  • the initial key KgNB is as NH0.
  • the NH0 is associated with NCC0 as a pair ⁇ NH,NCC ⁇ .
  • gNB can derive the key KgNB2 based on the initial key KgNB (denoted as key KgNB1), the PCI of the cell where the terminal currently resides, and the carrier frequency (frequency), such as the downlink carrier frequency (DL frequency).
  • the key KgNB2 can be used to deduce keys used for data integrity protection and encryption.
  • gNB can deduce key KgNB3 based on key KgNB2, the PCI of the cell where the terminal currently resides, and the carrier frequency. Key KgNB3 can be used to deduce a new key for data integrity protection and encryption. . And so on, thereby iteratively updating the key KgNB to ensure communication security.
  • NCC0 is updated to NCC1
  • the AMF network element performs vertical deduction to AMF and NH0 according to the key K, Deduction of NH1.
  • NH1 is associated with NCC1 as a new pair ⁇ NH, NCC ⁇ , which is used by AMF network elements to perform horizontal deduction based on NCC1.
  • NCC1 is updated to NCC2
  • the AMF network element continues to perform vertical deduction to deduce NH2 based on the keys K AMF and NH1.
  • NH2 is associated with NCC2 as a new pair ⁇ NH, NCC ⁇ , which is used by AMF network elements to perform horizontal deduction based on NCC2. So on and so forth.
  • the number of vertical deductions can be determined by the difference between the NCC value before and after the update. For example, if the NCC value is updated from NCC0 to NCC1, the MME/AMF network element can perform a vertical deduction based on the NH0 related to NCC0 to obtain the NH1 related to NCC1. If the NCC value is updated from NCC0 to NCC2, the MME/AMF network element can perform two vertical deductions based on the NH0 related to NCC0 to obtain the NH2 related to NCC2. If the NCC value is updated from NCC2 to NCC3, the MME/AMF network element can perform a vertical deduction based on the NH2 related to NCC2 to obtain the NH3 related to NCC3.
  • Handover means that when the RAN device senses that the signal strength of the terminal in its own cell is gradually weakening, it can switch the terminal to the cell of a RAN device with better signal strength (for example, a neighbor RAN device).
  • the switching can be EPC to 5GC switching (EPC HO->5GC).
  • the switch may be a 5GC to EPC switch (5GC HO->EPC).
  • the handover may be an EPC-to-EPC handover (EPC HO->EPC).
  • the switch may be a 5GC to 5GC switch (5GC HO->5GC). They are introduced below.
  • Figure 6 is a schematic diagram of a switching process from EPC to 5GC provided by this application. As shown in Figure 6, the process includes:
  • S601 The UE connects to the EPC through the eNB.
  • the UE can access the eNB through the initial access procedure, access the EPC through the eNB, and complete the attachment.
  • S602 The eNB determines that the UE needs to be handed over.
  • the eNB may sense that the UE's signal strength gradually weakens.
  • the eNB determines that the UE needs to be handed over to a base station with better signal strength, so that it can select a base station with better signal strength from various candidate base stations, such as gNB/ng-eNB.
  • the eNB sends a handover required message to the MME.
  • the MME receives the handover requirement message from the eNB.
  • the handover requirement message is used to request the UE to be handed over to the corresponding gNB/ng-eNB.
  • the handover requirement message may include: tracking area code (TAC) to point to the AMF network element, such as the AMF network element serving the gNB/ng-eNB.
  • TAC tracking area code
  • the MME learns that the UE needs to switch to gNB/ng-eNB, so it updates the NCC value stored locally by the MME and adds 1 to obtain the updated NCC, and performs vertical deduction based on the updated NCC to obtain the updated NH.
  • the updated NCC and the updated NH are associated as an updated pair ⁇ NH, NCC ⁇ .
  • the MME sends a relocation request message to the AMF network element.
  • the AMF network element receives the relocation request message from the MME.
  • the relocation request message is used to request the UE to be handed over to the corresponding gNB/ng-eNB.
  • the relocation request message may include: the identity of the gNB/ng-eNB, and the EPS security context of the UE.
  • the EPS security context of the UE mainly includes: EPS security capabilities, EPS NAS security algorithm, key K ASME , and an updated pair of ⁇ NH, NCC ⁇ .
  • the EPS security capability can be used to indicate whether the UE supports encryption and integrity protection.
  • the security algorithm of EPS NAS is used to indicate the algorithms supported for encryption and integrity protection. So, AMF
  • the network element can construct the 5G security context of the UE based on the EPS security context of the UE.
  • the AMF network element generates a NAS container (container).
  • the NAS container can carry the above-mentioned updated NCC.
  • the length of the NAS container is 10 bytes, and the 5th to 7th bits of the 8th byte can be used to represent the updated NCC, that is, 3 bits can be used to represent the updated NCC.
  • 3 bits can represent NCC0-NCC7, a total of 8 values.
  • the NAS container can be integrity protected for subsequent integrity protection verification.
  • the AMF network element can deduce the key K AMF ' based on the key K ASME and the updated NH, and use the key K AMF ' to protect the integrity of the NAS container.
  • S606 The AMF network element sends a handover request message to gNB/ng-eNB.
  • gNB/ng-eNB receives the handover request message from the AMF network element.
  • the handover request message is used to request to handover the UE to gNB/ng-eNB.
  • the AMF network element can initiate a request to gNB/ng-eNB to determine whether gNB/ng-eNB allows the UE to switch to gNB/ng-eNB's own cell.
  • gNB/ng-eNB sends a handover request ACK message to the AMF network element.
  • the AMF network element receives the handover request confirmation message from gNB/ng-eNB.
  • the handover request confirmation message is used to instruct gNB/ng-eNB to allow the UE to handover. For example, the current resources of gNB/ng-eNB are sufficient, allowing more UEs to be switched in.
  • the handover request confirmation message is used to indicate that the gNB/ng-eNB does not allow the UE to handover. For example, gNB/ng-eNB currently has insufficient resources and does not allow more UEs to switch in.
  • the AMF network element sends a relocation response (relocation response) message to the MME.
  • the MME receives the relocation response message from the AMF network element.
  • the relocation response message can be used to indicate that the UE can switch to gNB/ng-eNB, and the relocation response message carries the above-mentioned integrity protected NAS container.
  • the relocation response message may be used to indicate that the UE cannot switch to gNB/ng-eNB, or that the UE is not allowed to switch.
  • the handover fails when the UE has not yet sensed the handover, and the process ends.
  • the MME sends a handover preparation failure message to the eNB.
  • the eNB receives the handover failure message from the MME.
  • the MME can send a handover failure message to the eNB to indicate the handover failure, that is, the handover failure is not perceived by the UE. The process ends.
  • S610 The MME sends a handover command message to the eNB.
  • the eNB receives the handover command message from the MME.
  • the MME may send a switching command message to the eNB to indicate that the UE can switch to gNB/ng-eNB.
  • the switching command message carries the above integrity-protected NAS container. That is to say, the MME can obtain the integrity-protected NAS container from the relocation response message, encapsulate it into a handover command message, and then send the handover command message to the eNB.
  • the eNB sends a handover command message to the UE.
  • the UE receives the handover command message from the eNB. interest.
  • the handover command message carries the evolved mobile communication system terrestrial radio access network mobility command (mobility from EUTRA command) message. If the UE switches to gNB, the evolved mobile communication system terrestrial radio access network mobility command message carries a radio resource control (RRC) reconfiguration (RRC reconfiguration) message, and the RRC reconfiguration message carries the above mentioned Integrity protected NAS containers. If the UE switches to ng-eNB, the evolved mobile communication system terrestrial radio access network mobility command message carries an RRC connection reconfiguration message, and the RRC connection reconfiguration message carries the above integrity-protected NAS container.
  • RRC radio resource control
  • S612 The UE performs integrity protection verification.
  • the UE can obtain the updated NCC from the integrity-protected NAS container, and perform a corresponding number of vertical deductions based on the difference between the updated NCC and the UE's locally pre-saved NCC to obtain the updated NH.
  • the UE can deduce the key KAMF ' based on the NH and the UE's locally pre-stored key KASME , and use the key KAMF ' to perform integrity protection verification on the integrity-protected NAS container. If the integrity protection check passes, the UE can switch to the gNB/ng-eNB.
  • the handover fails, that is, the UE senses the handover failure, thereby triggering the execution of the RRC connection re-establishment process.
  • the handover fails, that is, the UE senses the handover failure, thereby triggering the execution of the RRC connection re-establishment process.
  • S613 The UE sends a handover complete message to gNB/ng-eNB.
  • gNB/ng-eNB receives the handover completion message of the UE.
  • the UE will try to access gNB/ng-eNB. If the UE successfully accesses the gNB/ng-eNB, the UE sends a handover completion message to the gNB/ng-eNB to indicate that the handover is completed. If the UE fails to access gNB/ng-eNB, the handover fails, that is, the UE senses the handover failure. At this time, the UE does not send a handover completion message and triggers the RRC connection re-establishment process. For specific implementation principles, please refer to the relevant introductions in Figure 10 and Figure 11 below, which will not be described again.
  • gNB/ng-eNB sends a handover notification (handover notify) message to the AMF network element.
  • the AMF network element receives the handover notification message from gNB/ng-eNB.
  • gNB/ng-eNB can send a handover notification message to the AMF network element according to the handover completion message to indicate that the handover is completed.
  • the AMF network element can send a relocation complete notification message to the MME to indicate that the handover is completed, or that the handover is successful, thereby triggering the MME to release the context of the UE.
  • the UE will not send a handover completion message
  • gNB/ng-eNB will not send a handover notification message
  • the AMF network element will not send a relocation completion notification message.
  • the MME can determine that the handover has failed based on not receiving the relocation completion notification message after a timeout (such as exceeding the handover protection time), but still retains the context of the UE.
  • S609 and S610-S614 are optional steps. If gNB/ng-eNB does not allow the UE to switch, perform S609. If gNB/ng-eNB allows the UE to switch, perform S610-S614.
  • Figure 7 is a schematic flow chart of 5GC to EPC switching provided by this application. As shown in Figure 7, the process includes:
  • the UE connects to the 5GC through gNB/ng-eNB.
  • the UE can access the gNB/ng-eNB through the initial access procedure, access the 5GC through the gNB/ng-eNB, and complete the attachment.
  • S702 gNB/ng-eNB determines that the UE needs to be handed over.
  • the gNB/ng-eNB may sense that the signal strength of the UE gradually weakens.
  • the signal strength of the UE weakens to a certain extent, gNB/ng-eNB determines that the UE needs to be handed over to a base station with better signal strength, so that a base station with better signal strength, such as an eNB, can be selected from various candidate base stations.
  • S703 gNB/ng-eNB sends a handover requirement message to the AMF network element.
  • the AMF network element receives the handover requirement message from gNB/ng-eNB.
  • the handover requirement message is used to request handover of the UE to the corresponding eNB.
  • the handover requirement message may include: TAC to point to the MME, for example, the MME serving the eNB.
  • the AMF network element learns that the UE needs to switch to the eNB, so it updates the NCC value stored locally by the AMF network element and adds 1 to obtain the updated NCC, and performs vertical deduction based on the updated NCC to obtain the updated NH.
  • the updated NCC and the updated NH are associated as an updated pair ⁇ NH, NCC ⁇ .
  • the AMF network element can deduce the key K SAME ' based on the key K AMF and the updated NH.
  • the AMF network element sends a relocation request message to the MME.
  • the MME receives the relocation request message from the AMF network element.
  • the relocation request message is used to request the UE to be handed over to the corresponding eNB.
  • the relocation request message may include: the identity of the eNB and the EPS security context of the UE.
  • the EPS security context of the UE mainly includes: EPS security capabilities, EPS NAS security algorithm, key K ASME ', and the updated pair ⁇ NH, NCC ⁇ .
  • the EPS security context of the UE can be obtained by mapping the AMF network element according to the 5G security context of the UE. In this way, the MME can derive NAS-level security, such as keys used for NAS-level encryption and integrity protection.
  • S705 The MME sends a handover request message to the eNB.
  • the eNB receives the handover request message from the MME.
  • the handover request message is used to request to handover the UE to gNB/ng-eNB. After learning that the UE needs to switch to gNB/ng-eNB, the AMF network element can initiate a request to gNB/ng-eNB to determine whether gNB/ng-eNB allows the UE to switch to gNB/ng-eNB's own cell.
  • the handover request message may include: an updated pair of ⁇ NH, NCC ⁇ .
  • the eNB constructs an access stratum (AS) container.
  • AS access stratum
  • the eNB can construct a container.
  • the container carries the updated NCC described above.
  • eNB can also deduce the key KeNB based on the updated pair ⁇ NH, NCC ⁇ .
  • the key KeNB is used for subsequent integrity protection verification. If the eNB does not allow the UE to switch, the eNB does not need to construct a container or derive the key KeNB.
  • S707 The eNB sends a handover request confirmation message to the MME.
  • the MME receives the handover request confirmation message from the eNB.
  • the handover request confirmation message is used to instruct the eNB to allow the UE to handover
  • the handover request confirmation message carries the above container, which is identified as a target to source transparent container (target to source transparent container), indicating that the container needs to be used by the target base station , such as eNB transparently transmits to the source base station, such as gNB/ng-eNB.
  • the handover request confirmation message is used to indicate that the eNB does not allow the UE to handover. For example, gNB/ng-eNB currently has insufficient resources and does not allow more UEs to switch in.
  • S708 The MME sends a relocation response message to the AMF network element.
  • the AMF network element receives the relocation response message from the MME.
  • the relocation response message can be used to indicate that the UE can switch to the eNB, and the relocation response message carries the above container, which is identified as an E-UTRAN transparent transmission container (E-UTRAN transparent container), indicating that the container is transparently transmitted by E-UTRAN.
  • E-UTRAN transparent container E-UTRAN transparent transmission container
  • the relocation response message may be used to indicate that the UE cannot switch to the eNB, or that the UE is not allowed to switch.
  • the handover fails when the UE has not yet sensed the handover, and the process ends.
  • S709 The AMF network element sends a handover failure message to gNB/ng-eNB.
  • gNB/ng-eNB receives the handover failure message from the AMF network element.
  • the AMF network element can send a handover failure message to the gNB/ng-eNB to indicate the handover failure, that is, the handover failure is not perceived by the UE. , the switching process ends.
  • S710 The AMF network element sends a handover command message to gNB/ng-eNB.
  • gNB/ng-eNB receives the handover command message from the AMF network element.
  • the AMF network element may send a switching command message to the gNB/ng-eNB to indicate that the UE can switch to the eNB.
  • the handover command message carries the above container, which is identified as a target-to-source transparent container, indicating that the container needs to be transparently transmitted from the target base station, such as eNB, to the source base station, such as gNB/ng-eNB. That is to say, the AMF network element can obtain the container from the relocation response message, encapsulate it into a handover command message, and then send the handover command message to the gNB/ng-eNB.
  • gNB/ng-eNB sends a handover command message to the UE.
  • the UE receives the handover command message from gNB/ng-eNB.
  • the handover command message carries the evolved mobile communication system terrestrial radio access network mobility command message. If the gNB sends a handover command message to the UE, the handover command message carries the new air interface mobility command message (mobility from NR command).
  • the evolved mobile communication system terrestrial radio access network mobility command message or the new air interface mobility command message carries an RRC connection reconfiguration message, and the RRC connection reconfiguration message carries the above container.
  • the UE derives the key KeNB.
  • the UE can obtain the updated NCC from the above container, and perform a corresponding number of vertical deductions based on the difference between the updated NCC and the UE's locally pre-saved NCC to obtain the updated NH. In this way, the UE can derive the key KeNB based on the NH. In addition, the UE can also deduce the key K SAME ' based on the updated NH and the KAMF locally saved by the UE, so that the UE can continue to deduce NAS level security, such as keys used for NAS level encryption and integrity protection.
  • NAS level security such as keys used for NAS level encryption and integrity protection.
  • the UE sends a handover completion message to the eNB.
  • the eNB receives the handover completion message of the UE.
  • a handover complete message may be used to indicate handover completion.
  • the handover completion message may be an integrity protection message for the UE through the key KeNB.
  • the UE may attempt to access the eNB. If the UE successfully accesses the eNB, the UE sends a handover completion message to the eNB to indicate that the handover is completed. Otherwise, if the UE fails to access gNB/ng-eNB, the handover fails, or the UE senses the handover failure, which can trigger the execution of the RRC connection re-establishment process.
  • the eNB sends a handover notification message to the MME.
  • the MME receives the handover communication from the eNB. Get the news.
  • the handover notification message can be used to indicate that the handover is completed, or that the handover is considered completed from the perspective of the eNB.
  • the eNB can use the key KeNB derived in S706 to perform integrity protection verification on the received handover completion message. If the integrity protection check passes, a handover notification message is sent to indicate that the handover is completed.
  • the MME can send a relocation completion notification message to the AMF network element to indicate that the handover is completed, or that the handover is successful, thereby triggering the AMF network element to release the context of the UE. If the eNB integrity protection check fails or the handover completion message is not received, the handover notification message will not be sent, and the MME will not send the relocation completion notification message. In this way, the AMF network element can determine that the handover has failed based on the failure to receive the relocation completion notification message after timeout, and still retain the context of the UE.
  • S709 and S710-S714 are optional steps. If the eNB does not allow the UE to switch, perform S709. If the eNB allows the UE to switch, perform S710-S714.
  • Figure 8 is a schematic flow chart of an EPC-to-EPC handover provided by this application. As shown in Figure 8, the process includes:
  • S801 The UE connects to the EPC through the source eNB.
  • S802 The source eNB determines that the UE needs to be handed over.
  • the source eNB sends a handover requirement message to the source MME.
  • the source MME receives the handover requirement message from the source eNB.
  • S801-S803 are similar to the above-mentioned S701-S703, which can be understood by reference and will not be described again.
  • S804 The source MME sends a relocation request message to the target MME.
  • the target MME receives the relocation request message from the source MME.
  • the relocation request message is used to request the UE to be handed over to the corresponding target eNB.
  • the relocation request message may include: the identity of the target eNB and the EPS security context of the UE.
  • the EPS security context of the UE mainly includes: EPS security capabilities, EPS NAS security algorithm, key K ASME , and an updated pair of ⁇ NH, NCC ⁇ .
  • the target MME sends a handover request message to the target eNB.
  • the target eNB receives the handover request message from the target MME.
  • S806 The target eNB constructs an AS container.
  • the target eNB sends a handover request confirmation message to the target MME.
  • the target MME receives the handover request confirmation message from the target eNB.
  • the target MME sends a relocation response message to the source MME.
  • the source MME receives the relocation response message from the target MME.
  • the source MME sends a handover failure message to the source eNB.
  • the source eNB receives the handover failure message from the source MME.
  • the source MME sends a handover command message to the source eNB.
  • the source eNB receives the handover command message from the source MME.
  • S805-S810 are similar to the above-mentioned S705-S710, which can be understood by reference and will not be described again.
  • the source eNB sends a handover command message to the UE.
  • the UE receives the handover command message from the source eNB.
  • the handover command message carries an RRC connection reconfiguration message, and the RRC connection reconfiguration message carries the above container.
  • the UE derives the key KeNB.
  • S813 The UE sends a handover completion message to the target eNB.
  • the target eNB receives the handover completion message of the UE.
  • the target eNB sends a handover notification message to the target MME.
  • the target MME receives the handover notification message from the target eNB.
  • S811-S814 are similar to the above-mentioned S711-S714, which can be understood by reference and will not be described again.
  • Figure 9 is a schematic process diagram of a 5GC to 5GC switching provided by this application. As shown in Figure 9, the process includes:
  • S901 The UE connects to the 5GC through the source gNB/ng-eNB.
  • S902 The source gNB/ng-eNB determines that the UE needs to be handed over.
  • the source gNB/ng-eNB sends a handover requirement message to the source AMF network element.
  • the source AMF network element receives the handover requirement message from the source gNB/ng-eNB.
  • S901-S903 are similar to the above-mentioned S701-S703, which can be understood by reference and will not be described again.
  • the source AMF network element sends a UE context creation request (Namf_Communication_CreateUEContext Request) message to the target AMF network element.
  • the target AMF network element receives the UE context creation request message from the source AMF network element.
  • the UE context creation request message is used to request to handover the UE to the corresponding target gNB/ng-eNB.
  • the UE context creation request message may include: the identity of the target gNB/ng-eNB, the key KAMF , and an updated pair of ⁇ NH, NCC ⁇ .
  • the target AMF network element sends a handover request message to the target gNB/ng-eNB.
  • the target gNB/ng-eNB receives the handover request message from the target AMF network element.
  • S906 The target gNB/ng-eNB constructs an AS container.
  • the target gNB/ng-eNB can construct a container.
  • the container carries the updated NCC described above.
  • the target gNB/ng-eNB can also deduce the key based on the updated pair ⁇ NH, NCC ⁇ for subsequent integrity protection verification. For example, when switching to the target gNB, the target gNB derives the key KgNB based on the updated pair ⁇ NH, NCC ⁇ .
  • the target ng-eNB derives the key KeNB based on the updated pair ⁇ NH, NCC ⁇ .
  • the target gNB/ng-eNB sends a handover request confirmation message to the target AMF network element.
  • the target AMF network element receives the handover request confirmation message from the target gNB/ng-eNB.
  • the target AMF network element sends a UE context creation response (Namf_Communication_CreateUEContext Response) message to the source AMF network element.
  • the source AMF network element receives UE context creation response message from the target AMF network element.
  • the UE context creation response message may be used to indicate that the UE can switch to the gNB/ng-eNB.
  • the UE context creation response message may be used to indicate that the UE cannot switch to gNB/ng-eNB, or to indicate that the UE is not allowed to switch.
  • the handover fails when the UE has not yet sensed the handover, and the process ends.
  • the source AMF network element sends a handover failure message to the source gNB/ng-eNB.
  • the source gNB/ng-eNB receives the handover failure message from the source AMF network element.
  • the source AMF network element sends a handover command message to the source gNB/ng-eNB.
  • the source gNB/ng-eNB receives the handover command message from the source AMF network element.
  • S909-S910 is similar to the above-mentioned S709-S710, which can be understood by reference and will not be described again.
  • the source gNB/ng-eNB sends a handover command message to the UE.
  • the UE receives the handover command message from the source gNB/ng-eNB.
  • the handover command message carries an RRC connection reconfiguration message, and the RRC connection reconfiguration message carries the above container.
  • the handover command message carries an evolved mobile communication system terrestrial radio access network mobility command message, and the evolved mobile communication system terrestrial radio access network mobility command The message carries an RRC reconfiguration message, and the RRC reconfiguration message carries the above container.
  • the handover command message carries a new air interface mobility command message, and the new air interface mobility command message carries an RRC connection reconfiguration message.
  • the RRC connection reconfiguration message Carry the above container.
  • the handover command message carries an RRC reconfiguration message, and the RRC reconfiguration message carries the above container.
  • the UE derives the key.
  • the UE can obtain the updated NCC from the above container, and perform a corresponding number of vertical deductions based on the difference between the updated NCC and the UE's locally pre-saved NCC to obtain the updated NH. In this way, the UE can deduce the key based on the NH. For example, when switching to the target gNB, the UE derives the key KgNB based on the NH. When switching to the target ng-eNB, the UE derives the key KeNB based on the NH.
  • S913 The UE sends a handover completion message to the target gNB/ng-eNB.
  • the target gNB/ng-eNB receives the handover completion message of the UE.
  • the target gNB/ng-eNB sends a handover notification message to the target AMF network element.
  • the target AMF network element receives the handover notification message from the target gNB/ng-eNB.
  • S913-S914 are similar to the above-mentioned S713-S714, which can be understood by reference and will not be described again.
  • Both LTE and NR define the RRC re-establishment process in the case of handover failure to enable the UE to re-establish an RRC connection with the eNB and avoid service interruption. They are introduced below.
  • FIG 10 is a schematic flow chart of RRC re-establishment in an LTE scenario provided by this application. As shown in Figure 10, the process includes:
  • the UE performs cell selection.
  • the UE can perform cell selection to select a suitable cell and re-establish the RRC connection.
  • the UE sends an RRC connection reestablishment request (RRC connection reestablishment request) message to the target eNB.
  • RRC connection reestablishment request RRC connection reestablishment request
  • the target eNB receives the RRC connection re-establishment request message from the UE.
  • the RRC connection re-establishment request message is used to request to re-establish the RRC connection with the target eNB.
  • the RRC connection re-establishment request message mainly carries the identity of the UE, such as the wireless network temporary identifier (cell radio network temporary identifier, C-RNTI), the physical cell ID (physical cell ID), and the truncated (short) integrity message authentication code. (message authentication code for integrity, MAC-I), and the rebuild reason value.
  • the target eNB sends a UE context request (retrieve UE context request) message to the source eNB.
  • the source eNB receives the UE context request message from the target eNB.
  • the target eNB may determine whether the target eNB and the source eNB are the same eNB according to the identity of the UE. If the target eNB and the source eNB are different eNBs, the target eNB sends a UE context request message to the source eNB to request the context of the UE. Otherwise, if the target eNB and the source eNB are the same eNB, S1002-S1003 will not be executed.
  • the source eNB sends a UE context response (retrieve UE context response) message to the target eNB.
  • the target eNB receives the UE context response message from the source eNB.
  • the source eNB obtains the context of the UE according to the UE context request message, such as obtaining the context of the UE locally. In this way, the source eNB can send a UE context response message to the target eNB.
  • the UE context response message carries the context of the UE.
  • the target eNB sends an RRC connection reestablishment (RRC connection reestablishment) message to the UE.
  • the UE receives the RRC connection re-establishment message from the target eNB.
  • the RRC connection re-establishment message may be used to instruct the target eNB to allow the RRC connection to be re-established with the UE.
  • the target eNB can verify that the short MAC-I matches the token.
  • the token can be determined by the target eNB according to the context of the UE. If the short MAC-I does not match the token, the verification fails, the process ends, and the RRC connection cannot be re-established. If the short MAC-I matches the token, the verification is passed, and the target eNB can continue to use the pair of ⁇ NH, NCC ⁇ associated with the key KeNB in the context of the UE, such as using these ⁇ NH, NCC ⁇ to continue the deduction.
  • the UE sends an RRC connection reestablishment complete message to the target eNB.
  • the target eNB receives the RRC connection re-establishment completion message from the UE.
  • the RRC connection re-establishment complete message may be used to indicate that the RRC connection re-establishment is completed.
  • the UE can also use the pair of ⁇ NH, NCC ⁇ associated with the key KeNB in the context of the UE. If these ⁇ NH, NCC ⁇ are used to continue the deduction, the UE can obtain the same key as the target eNB. At this point, the RRC connection is re-established, and both the UE and the target eNB have derived the same key. This key can be used to derive the key for encryption and integrity protection to ensure communication security.
  • FIG 11 is a schematic flow chart of RRC re-establishment in an NR scenario provided by this application. As shown in Figure 11, the process includes:
  • the UE performs cell selection.
  • the UE sends an RRC reestablishment request (RRC reestablishment request) message to the target gNB.
  • RRC reestablishment request RRC reestablishment request
  • the target gNB receives the RRC re-establishment request message from the UE.
  • the target gNB sends a UE context request message to the source gNB.
  • the source gNB receives the UE context request message from the target gNB.
  • S1104 The source gNB sends a UE context response message to the target gNB.
  • the target gNB receives the UE context response message from the source gNB.
  • S1101-S1104 are similar to the above-mentioned S1001-S1004, which can be understood by reference and will not be described again.
  • the target gNB sends an RRC reestablishment message to the UE.
  • the UE receives the RRC re-establishment message from the target gNB.
  • the RRC re-establishment message may be used to instruct the target gNB to allow the RRC connection to be re-established with the UE.
  • the RRC re-establishment message carries the updated NCC.
  • the RRC re-establishment message is an integrity protected message.
  • the target gNB can verify that the short MAC-I matches the token.
  • the token can be determined by the target gNB according to the context of the UE. If the short MAC-I does not match the token, the verification fails, the process ends, and the RRC connection cannot be re-established. If the short MAC-I matches the token, the verification is passed.
  • the target gNB can deduce the key KgNB of the target gNB based on the key KgNB in the context of the UE, that is, the key KgNB of the source gNB, and use the key of the target gNB. KgNB derives keys used for integrity protection.
  • the target gNB can update the pair ⁇ NH, NCC ⁇ associated with the source gNB's key KgNB in the context of the UE based on the target eNB's key KgNB to obtain the updated NCC.
  • the target gNB can carry the updated NCC into the RRC re-establishment message, and use the key for integrity protection to perform integrity protection on the RRC re-establishment message.
  • the UE sends an RRC reestablishment complete message to the target gNB.
  • the target gNB receives the RRC re-establishment completion message from the UE.
  • the RRC re-establishment complete message may be used to indicate the completion of RRC re-establishment.
  • the UE may obtain the updated NCC from the RRC re-establishment message, use the updated NCC to deduce the same key KgNB as the target gNB, and use the key KgNB to deduce the key used for integrity protection. In this way, the UE uses the key used for integrity protection to perform integrity protection verification on the RRC re-establishment message. If the integrity protection check passes, the UE sends an RRC re-establishment completion message to the target gNB. At this point, the RRC connection is re-established, and both the UE and the target gNB have derived the same key. This key can be used to derive the key for encryption and integrity protection to ensure communication security.
  • Multiple consecutive handover failures may cause the UE and the NCC on the network side to be out of synchronization, resulting in subsequent handover failures.
  • Other handover scenarios can be understood by reference.
  • Figure 12 is a schematic flowchart of handover failure when the UE senses handover failure.
  • the UE and the network side have the same understanding, and both parties are NH0 and NCC0.
  • MME updates NCC0 to NCC1, and thereby updates NH0 to NH1.
  • NH1 is obtained by vertical deduction once based on the key KeNB.
  • the UE side is still NCC0 and NH0 has not been updated.
  • the network side updates NCC1 to NCC2, and updates NH1 to NH2.
  • NH2 is obtained by two vertical deductions based on the key KeNB.
  • the network side sends NCC2 to the UE through the air interface, and integrity protection information through NH2.
  • the UE can update NCC0 to NCC2 to achieve synchronization with the NCC on the network side, and thereby update NH0 to NH2 to complete the integrity protection check of the above information.
  • the handover fails, for example, the UE fails to access gNB/ng-eNB, the NCC on the network side does not fall back and remains NCC2, but the NCC on the UE side needs to fall back to NCC0. The next 5 switching failures occur and so on.
  • Figure 13 is a schematic flow chart of handover failure when the UE senses handover failure.
  • the UE and the network side have the same understanding, and both parties are NH0 and NCC0.
  • MME updates NCC0 to NCC1, and thereby updates NH0 to NH1.
  • NH1 is obtained by vertical deduction once based on the key KeNB.
  • the UE side is still NCC0 and NH0 has not been updated.
  • the network side updates NCC1 to NCC2, and updates NH1 to NH2.
  • NH2 is obtained by two vertical deductions based on the key KeNB.
  • the handover fails, for example, gNB/ng-eNB does not allow the UE to handover, and the MME sends a handover failure message to the eNB, the NCC on the network side does not fall back and remains NCC2. The next 5 switching failures occur and so on.
  • the network side updates NCC7 to NCC8, and updates NH7 to NH8 accordingly.
  • NH8 is obtained by vertical derivation 8 times based on the key KeNB.
  • the network side can synchronize the NCC to the UE through the air interface.
  • the NCC value on the network side at this time is larger than the maximum value that can be represented by the air interface, such as NCC8>NCC7. In this case, the NCC value will be flipped on the air interface.
  • the NCC value on the air interface is the result of the NCC value on the network side modulo 8, such as flipping from NCC8 to NCC0.
  • the network side sends NCC0 to the UE through the air interface, as well as integrity protection information through NH8.
  • the UE will use NH0 to perform integrity protection verification on the information based on NCC0, so the verification fails, resulting in handover failure.
  • the network side is NCC9 and the UE side is NCC1.
  • the network side is NCC10
  • the UE side is NCC2, and so on.
  • the RRC re-establishment process is mainly used to ensure that the UE is synchronized with the NCC of the target base station. The UE is still out of synchronization with the NCC on the network side, and subsequent handovers will still fail, with repeated handover failures and Problems that are repeatedly re-established and cannot be escaped will have an impact on business continuity.
  • the network side may also adopt a flip method to maintain the NCC, but the NH will still be determined based on the actual value of the NCC. For example, multiple consecutive handover failures cause NCC to be updated from NCC0 to NCC8. At this time, although the network side flips NCC8 to NCC0, the network side will still derive NH8 based on the actual NCC8. In this case, the UE is synchronized with the NCC on the network side, but this synchronization can be considered as false synchronization. The actual NCC and NH are still out of synchronization, and the handover will still fail.
  • the above situations 1 and 2 can be combined, that is, some handover failures are handover failures perceived by the UE, while other handover failures are handover failures not perceived by the UE, but they will still eventually result in handovers from the 7th time.
  • the UE is out of synchronization with the NCC on the network side.
  • the above cases 1 and 2 are based on NCC0 starting to update as an example. This is not a limitation.
  • NCC can also start updating from any value from NCC0 to NCC7. For example, NCC is updated starting from NCC5, and NCC5 and NH5 are a pair ⁇ NH, NCC ⁇ . NCC5 is incremented 7 times continuously, and the network side adopts flip maintenance to NCC4.
  • the network side and the UE have the same understanding of the difference between the NCC value before and after the update (the difference is both 7), that is, NCC4 is not flipped on the air interface, so the deduced NH is all NH12.
  • the network side and the UE have different understandings of the difference between the NCC value before and after the update (the difference determined by the network side is 8, and the difference determined by the UE is 0), that is, The NCC5 deduced again is flipped on the air interface, causing the NH deduced by the network side and the UE to be inconsistent (NH13 on the network side and NH5 on the UE).
  • no matter which value the initial value of NCC is from NCC0 to NCC7, its value may be incremented 8 times continuously, which may cause NCC to flip on the air interface.
  • WiFi wireless fidelity
  • V2X vehicle to everything
  • D2D device-to-device
  • 4G such as LTE systems
  • WiMAX global interoperability for microwave access
  • 5G such as NR systems
  • future communication systems such as the 6th generation , 6G) mobile communication systems, etc.
  • FIG. 14 is a schematic architectural diagram of a communication system to which the communication method provided by the embodiment of the present application is applicable.
  • this communication system can be applied to the above-mentioned 4G system, 5G system, and 4G-5G converged architecture, and mainly includes: terminals and mobile management network elements.
  • the terminal can be a UE, and its related functions can be referred to the above
  • the relevant introduction to the 4G system, 5G system, and 4G-5G converged architecture will not be repeated.
  • the mobility management network element can be an MME or AMF network element, and its related functions can be referred to the relevant introductions in the above-mentioned 4G system, 5G system, and 4G-5G converged architecture, and will not be described again.
  • the mobility management network element can trigger the terminal's re-authentication process to reset the NCC to achieve synchronization between the terminal and the NCC of the mobility management network element, which avoids Subsequent switching still fails.
  • FIG. 15 is a schematic flowchart 1 of the communication method provided by the embodiment of the present application.
  • This communication method may be applicable to handover from EPC to 5GC or handover from EPC to EPC.
  • the flow of this communication method is as follows:
  • the MME determines that the UE has failed to switch over multiple times in succession.
  • the MME may be the source MME of the UE, that is, the MME serving the cell where the UE currently camps.
  • the UE's multiple consecutive handover failures means that the number of consecutive UE handover failures reaches the preset number of times.
  • the UE's multiple consecutive handover failures can be used to trigger the MME to perform the UE's re-authentication process and then reset the NCC.
  • the preset number of times may be greater than or equal to 2.
  • the preset number of times can be equal to 2, that is, in the case of two consecutive handover failures, the reset of the NCC is triggered to ensure that the UE succeeds in handover as soon as possible and avoids affecting the continuity of the service due to too many consecutive handover failures.
  • the preset number of times can be equal to 7, that is, when the UE fails to handover for 7 consecutive times and the value of the NCC is flipped on the air interface, the UE's re-authentication process is triggered to reset the NCC to avoid handover due to NCC desynchronization. fail.
  • NCC0 7 consecutive switching failures (the default number is equal to 7) will cause the NCC to increase to NCC8. Since the value of NCC is usually represented by 3 bits on the air interface, it is limited to 3 bits at this time, and NCC8 will be flipped to NCC0 on the air interface.
  • the NCC maintained by the MME can be NCC8, but the NCC indicated to the UE through the air interface is NCC0, causing the NCC of the UE and the MME to be out of synchronization.
  • the specific principle of NCC flipping can be referred to the relevant introduction in "8. Multiple handover failures" above, and will not be described again.
  • the preset number of times can also be close to 7, such as 4, 5, 6, etc.
  • the value of NCC will be close to its flipped value on the air interface. That is, when the NCC is close to flipping, the UE's re-authentication process will be triggered to avoid NCC desynchronization.
  • the preset number can be any integer less than 2 N , such as 2 N -1, 2 N -2 or 2 N -3, etc. . This application does not limit this.
  • the MME may determine that the UE handover fails. For example, when the UE needs to be handed over, the MME can participate in executing the process shown in Figure 6 or Figure 8. For specific principles, please refer to the relevant introduction corresponding to Figure 6 or Figure 8, which will not be described again.
  • the target access network device such as target eNB or gNB/ng-eNB
  • the MME can receive a relocation response message from the target core network, such as from the AMF network element (see S608 ), or a relocation response message from the target MME (see S808).
  • the relocation response message is used to indicate that the UE cannot be handed over to the target access network device, that is, the UE handover fails.
  • the MME can determine that the UE handover fails according to the relocation response message. Or, in the case where the target access network device allows the UE to switch, but the UE attempts to access the target access network device and fails, the MME times out and does not receive the relocation completion notification message from the target core network.
  • the relocation completion notification message is used to indicate that the handover is successful. In this way, the MME can determine that the UE handover has failed based on the failure to receive the relocation completion notification message after timeout (see S614 or S814).
  • the MME is configured with a counter to save the number of consecutive UE handover failures.
  • the MME can update the number of consecutive handover failures of the UE saved in the counter, such as adding 1 to the number of consecutive UE handover failures, and then determine whether the updated number reaches the preset number. If it is determined that the number of updates has not reached the preset number, the UE's re-authentication process will not be triggered and the next judgment will continue. If it is determined that the number of updates reaches the preset number, the re-authentication process of the UE is triggered.
  • the MME can also determine whether the value of the NCC has been increased to the preset value corresponding to the preset number of times, that is, whether the value of the NCC will be used on the air interface. Up flip or near flip. At this time, if the value of NCC increases to the corresponding preset value, the MME triggers the subsequent re-authentication process. For example, if the preset number is 7 and NCC is NCC1 before the first handover fails, then the preset value of NCC can be NCC0 (the value after NCC8 is flipped).
  • the preset value of NCC can be NCC2 (the value after the flip of NCC10). If the NCC value does not increase to the corresponding preset value, the MME does not trigger subsequent re-authentication procedures to avoid increasing unnecessary signaling overhead.
  • the MME can reset the number of consecutive UE handover failures to the initial value, such as reset to 0 or 1. Any one or more conditions may include: the handover result of the next handover after the current handover fails is a successful handover, the number of consecutive handover failures of the UE reaches the preset number, or the UE enters the idle state (idle), such as the UE switches from The inactive or connected state is released to the idle state.
  • the MME re-records the number of consecutive handover failures of the UE to ensure maintenance accuracy, so that if the NCC of the UE and the MME are out of sync again, the NCC can be triggered to reset again based on the number of re-records to avoid Subsequent handover failed due to different NCCs.
  • the prerequisite for successful handover of the UE is that the NCC of the UE and the MME are synchronized.
  • the number of consecutive UE handover failures saved by the MME can be used to indicate whether the MME needs to reset the NCC.
  • the MME can be triggered to reset the NCC.
  • the MME can also reset the number of consecutive handover failures of the UE to the initial value. For details, see S1502-S1508 below.
  • the re-authentication of the UE means that the UE and the network re-authenticate the two-way authentication.
  • the re-authentication process can be at least one of the following: authentication and key agreement (AKA) process, extended authentication protocol (extensible authentication protocol, EAP)-AKA' process, or any other possible process. No specific restrictions are made.
  • the MME can send a UE authentication request (Nausf_UE Authentication_Authenticate Request) message #1 to the AUSF network element (not shown in Figure 15) to request the AUSF network element to authenticate the UE, that is, trigger the UE's re-authentication process.
  • the AUSF network element can request the UDM network element to determine and select a corresponding re-authentication process according to the home operator's policy, so that the AUSF network element can initiate the re-authentication process. For example, taking the AKA process as an example, the AUSF network element can respond to the UE authentication request message #1, thereby returning the UE authentication response (Nausf_UE Authentication_Authenticate Response) message #1 to the MME.
  • UE authentication response message #1 carries parameters required for authentication, such as a random number (RAND) and an authentication token (AUTN).
  • the MME can send an authentication request (authentication request) message to the UE according to the UE authentication response message #1 to trigger bidirectional authentication in the re-authentication process, such as UE authenticating the network and network authenticating the UE.
  • Authentication request cancellation The message can carry KSI, RAND and AUTN.
  • the UE can verify the AUTN based on RAND and its own root key. At this time, if the UE fails to verify the AUTN, the UE sends an authentication failure message to the MME to indicate the authentication failure, and the process ends. If the UE passes the AUTN verification, the UE indicates that the authentication network has passed.
  • the UE can deduce part of the NAS security context and send an authentication response message to the MME.
  • the authentication response message can be used by the network to authenticate the UE.
  • the authentication response message may carry parameters used for network authentication of the UE, such as a response (RES)* generated by the UE.
  • RES response
  • the MME may send UE authentication request message #2 to the AUSF network element, where the UE authentication request message #2 carries RES*.
  • the AUSF network element compares whether RES* matches the previously saved expected response (expected response, XRES)*. If the AUSF network element determines that RES* and XRES* match, it means that the network authenticates the UE.
  • AUSF network elements can deduce part of the same NAS security context as the UE.
  • the AUSF network element may send the UE authentication response message #2 carrying the part of the NAS security context to the MME to indicate successful authentication, thereby triggering the MME to perform S1503. Otherwise, if the AUSF network element determines that RES* and XRES* do not match, it means that the authentication of the UE fails and the process ends.
  • the MME can trigger the activation of the NAS security context to reset the MME's NCC (S1503 and S1504).
  • the MME sends a NAS security mode command (NAS security mode command) message to the UE.
  • the UE receives the NAS security mode command message from the MME.
  • the NAS security mode command message can be used to activate the NAS security context.
  • the security mode command message may include: UE security capabilities, NAS algorithm, and KSI.
  • the UE security capabilities can be provided to the MME when the UE registers with the network.
  • UE security capabilities may be used to indicate whether the UE supports encryption and/or integrity protection.
  • the NAS algorithm may be a NAS security algorithm supported by the UE.
  • the UE can verify the NAS security mode command message. For example, the UE may check whether the UE security capabilities match the UE's locally saved security capabilities to ensure that these capabilities have not been modified by an attacker. The UE can also use the integrity protection algorithm and the key K SAME indicated by the KSI to perform integrity protection verification on the NAS security mode command message. If the UE verifies that the NAS security mode command message passes, the UE can activate the NAS security context. In addition, since the NAS security context can be indicated by a KSI, activating the NAS security context can also be considered as activating the KSI.
  • the UE sends a security mode complete message to the MME.
  • the UE receives the security mode command message from the MME.
  • the security mode completion message may be used to indicate that the UE has activated the NAS security context.
  • the MME can complete the message according to the security mode and activate the locally saved NAS security context.
  • both the UE and the MME have activated the same NAS security context, and both parties are aligned at the algorithm level. Both parties can use the same keys and algorithms for subsequent NAS encryption and integrity protection.
  • the MME can also activate the locally saved NAS security context on its own after learning that the authentication is successful.
  • the MME can deduce the initial key KeNB based on the key K SAME .
  • the initial key KeNB is used as the initial value of NH, such as NH0.
  • the initial value of NH can be associated with an initial value of NCC as a pair of initial ⁇ NH, NCC ⁇ , thereby resetting the NCC to the initial value of NCC.
  • the NCC of the initial value can be NCC0, or it can be any other possible value, such as NCC1 or NCC2, which is not specifically limited.
  • the MME can also activate the AS security context according to the activated NAS security context to reset the UE's NCC (S1505-S1508), achieve NCC synchronization, and ensure AS signaling security.
  • the MME sends a context modification request (UE context_modification_request) message to the RAN.
  • the RAN receives the context modification request message from the MME.
  • the RAN may be the source eNB corresponding to the MME.
  • the context modification request message can be used by the RAN to modify the AS security context.
  • the context modification request message may include an initial value of NH.
  • the RAN can modify the request message according to the context and activate the AS security context saved locally in the RAN. For example, the RAN can modify the NH of the initial value in the context modification request message and modify the NH in the locally saved AS security context to the NH of the initial value. And, the RAN also resets the NCC in the AS security context to the NCC of the initial value, and associates the NCC of the initial value with the NH of the initial value as a pair of initial ⁇ NH, NCC ⁇ . The RAN can then activate the modified AS security context.
  • the RAN can directly activate the AS security context after the modification of the AS security context is completed.
  • the RAN may activate the AS security context of the UE after confirming that the UE has activated the AS security context, such as after S1508, without any specific limitation.
  • the RAN sends a context modification response (UE context_modification_response) message to the MME.
  • the MME receives the context modification response message from the RAN.
  • the context modification response message can be used to respond to the context modification request message. For example, after receiving the context modification request message, the RAN may send a context modification response message to the MME to indicate that the RAN has received the context modification request message. At this time, the context modification response message can be considered as an ACK message for the context modification request message.
  • the context modification response message can also be used to indicate that the AS security context modification is completed.
  • the RAN may also send a context modification response message to the MME only after the AS security context modification is completed, without any specific limitation.
  • the RAN sends an AS security mode command (AS security mode commad) message to the UE.
  • AS security mode commad AS security mode command
  • the UE receives the AS security mode command message from the RAN.
  • the AS security mode command message can be used by the UE to activate the AS security context.
  • the AS security mode command message may include: the identification of the encryption algorithm of the AS and the identification of the integrity protection algorithm of the AS.
  • the AS security mode command message is an integrity protected message.
  • the RAN can use the key KeNB in the AS security context and the AS's integrity protection algorithm to deduce the AS's integrity protection key to use the AS's integrity protection key to integrity check the AS security mode command message.
  • Protect the key KeNB in the AS security context and the AS's integrity protection algorithm to deduce the AS's integrity protection key to use the AS's integrity protection key to integrity check the AS security mode command message.
  • the UE can reset the NCC.
  • the UE can derive the initial key KeNB based on the key K SAME in the NAS security context.
  • the initial key KeNB serves as the initial value of NH.
  • the initial value of NH can be associated with an initial value of NCC as a pair of initial ⁇ NH, NCC ⁇ , thereby resetting the NCC to the initial value of NCC.
  • the UE can modify the pair of ⁇ NH, NCC ⁇ in the locally saved AS security context to the pair of initial ⁇ NH, NCC ⁇ based on the pair of initial ⁇ NH, NCC ⁇ .
  • the UE can perform integrity protection verification on the AS security mode command message.
  • the UE determines the integrity protection algorithm of the AS based on the identifier of the integrity protection algorithm of the AS.
  • the UE uses the key KeNB in the AS security context and the AS's integrity protection algorithm to deduce the AS's integrity protection key.
  • the UE uses the integrity protection key of the AS to perform integrity protection verification on the AS security mode command message. At this time, if the UE determines that the integrity is maintained If the protection verification passes, the AS security context saved locally in the UE is activated. Otherwise, if the UE determines that the integrity protection check fails, the AS security context saved locally by the UE is not activated, and the process ends.
  • the UE can also reset the NCC on its own after the NAS security context is activated, and there is no specific limit on this.
  • the UE sends an AS security mode complete message to the RAN.
  • the RAN receives the AS security mode completion message from the UE.
  • the AS security mode completion message is used to indicate that the UE has activated the AS security context.
  • the UE activates the AS security context, and the NCCs of the UE and the MME are also aligned due to reset, which can avoid subsequent handover failures.
  • FIG. 16 is a schematic flowchart 2 of the communication method provided by the embodiment of the present application.
  • This communication method may be applicable to the above-mentioned 5GC to EPC handover, or 5GC to 5GC handover.
  • the flow of this communication method is as follows:
  • the AMF network element determines that the UE has failed to switch over multiple times in succession.
  • the AMF network element may be the source AMF network element of the UE, that is, the AMF network element serving the cell where the UE currently resides. Among them, the AMF network element can determine that the UE handover fails. For example, when the UE needs to be handed over, the AMF network element can participate in executing the process shown in Figure 7 or Figure 9. For specific principles, please refer to the relevant introduction corresponding to Figure 7 or Figure 9, which will not be described again.
  • the AMF network element can receive the relocation response message from the target core network, such as from the MME (see S708), or the UE context creation response message from the target AMF network element (see S908).
  • the relocation response message or the UE context creation response message is used to indicate that the UE cannot be handed over to the target access network device, that is, the UE handover fails. In this way, the AMF network element can determine that the UE handover fails based on the relocation response message or the UE context creation response message.
  • the AMF network element when the target access network device allows the UE to handover, but the UE attempts to access the target access network device and fails, the AMF network element times out and does not receive the relocation completion notification message from the target core network.
  • the relocation completion notification message is used to indicate that the handover is successful. In this way, the AMF network element can determine that the UE handover has failed based on the timeout of not receiving the relocation completion notification message (see S714 or S914).
  • S1601 is similar to the above-mentioned S1501, which can also be understood by reference and will not be described again.
  • the AMF network element sends a NAS security mode command message to the UE.
  • the UE receives the NAS security mode command message from the AMF network element.
  • the UE sends a security mode completion message to the AMF network element.
  • the UE receives the security mode command message from the AMF network element.
  • the AMF network element sends a context modification request message to the RAN.
  • the RAN receives the context modification request message from the AMF network element.
  • the RAN may be the source gNB/ng-eNB corresponding to the AMF network element.
  • the context modification request message can also be used by the RAN to modify the AS security context of the UE.
  • the context modification request message may include an initial pair of ⁇ NH, NCC ⁇ , such as ⁇ NH0, NCC0 ⁇ .
  • the AMF network element can deduce the initial key KgNB based on the key K AMF .
  • the initial key KgNB is used as NH0.
  • NH0 is associated with NCC0 as a pair of initial ⁇ NH, NCC ⁇ , that is, NCC that resets NCC to its initial value.
  • the AMF network element can encapsulate the initial pair ⁇ NH, NCC ⁇ into a context modification request message, and send the context modification request message to the RAN.
  • the RAN can activate the AS security context stored locally in the RAN according to the context modification request message.
  • the RAN can modify the pair of initial ⁇ NH, NCC ⁇ in the request message based on the context modification, and modify the pair of ⁇ NH, NCC ⁇ in the AS security context saved locally by the RAN to the pair of initial ⁇ NH, NCC ⁇ .
  • the RAN can then activate the modified AS security context.
  • the RAN sends a context modification response message to the AMF network element.
  • the AMF network element receives the context modification response message from the RAN.
  • the RAN sends an AS security mode command message to the UE.
  • the UE receives the AS security mode command message from the RAN.
  • S1608 The UE sends an AS security mode completion message to the RAN.
  • the RAN receives the AS security mode completion message from the UE.
  • S1606-S1608 is different from the above-mentioned S1506-S1508 in that the key K ASME can be replaced by the key K AMF , and the key KeNB can be replaced by the key KgNB.
  • the other implementation principles are similar to the above-mentioned S1506-S1508, which can be understood by reference. No longer.
  • FIG. 17 is a schematic flowchart 3 of the communication method provided by the embodiment of the present application.
  • This communication method is suitable for mobile management network elements, which can be MME or AMF network elements.
  • the communication method includes the following processes:
  • the preset number can be 2, that is, in the case of two consecutive handover failures, the reset of the NCC can be triggered to ensure that the terminal switches successfully as soon as possible and avoid affecting the continuity of the business due to too many consecutive handover failures.
  • the preset number of times can also be equal to 7, that is, when the UE fails to handover for 7 consecutive times and the value of the NCC is flipped on the air interface, the terminal's re-authentication process is triggered to reset the NCC to avoid failure due to NCC desynchronization. causing the switch to fail.
  • the preset number can be any integer less than 2 N , such as 2 N -1, 2 N -2 or 2 N -3, etc. . This application does not limit this.
  • the mobility management network element stores the number of consecutive terminal handover failures. When it is determined that the terminal handover fails, the mobility management network element will increase the number of consecutive terminal handover failures by 1, and when any one or more of the following conditions are met, the mobility management network element will increase the number of consecutive terminal handover failures. Set to initial value, such as reset to 0 or 1. Wherein, the any one or more conditions include: the switching result of the next switching after the current switching failure is a successful switching, the number of consecutive switching failures of the terminal reaches a preset number, or the terminal enters an idle state.
  • the mobility management network element can determine that the terminal handover fails. For example, the mobility management network element may receive a relocation response message.
  • the relocation response message may be used to indicate that the target access network device does not allow terminal handover. That is, before the terminal senses the handover, the handover fails because the target access network device does not allow the terminal to handover. or, The mobility management network element times out and does not receive the relocation completion notification message.
  • the relocation completion notification message is used to indicate that the terminal handover is completed. That is to say, failure to receive the relocation completion notification message after a timeout indicates that the terminal switch has not been successful. For example, the terminal cannot access the target access network device, that is, the terminal senses the switch, but fails to attempt to access the target access network device. This switch failed.
  • the mobility management network element can update the number of consecutive terminal handover failures based on this handover failure to ensure the number of consecutive terminal handover failures. accuracy.
  • the mobility management network element since the mobility management network element can initiate the handover process, the mobility management network element needs to know the handover result, such as whether the handover is successful or failed, to ensure that subsequent processes are executed normally.
  • the re-authentication process of the terminal can be at least one of the following: AKA process or EAP-AKA’ process.
  • Which re-authentication process is adopted can be flexibly determined by the home operator's policy.
  • the mobility management network element may send an authentication request message to the authentication service network element.
  • the authentication request message is used to request the authentication service network element to authenticate the terminal, that is, by reusing existing signaling to trigger the re-authentication process, reducing implementation difficulty.
  • the authentication service network element can request the data management network element (UDM network element) to select a corresponding re-authentication process according to the home operator's policy, so that the authentication service network element can initiate the re-authentication process.
  • UDM network element data management network element
  • S1701 can refer to the above-mentioned S1501-S1502 and the relevant introduction in S1601-S1602, which will not be described again.
  • the mobility management network element After the re-authentication process is completed, the mobility management network element resets the NCC of the terminal to the initial value of the NCC.
  • the mobility management network element can receive an authentication response message from the authentication service network element to indicate that the re-authentication process is completed.
  • the authentication response message is used to indicate successful authentication, that is, to indicate that the terminal is trustworthy.
  • the mobility management network element can reset the NCC of the terminal to the initial value of the NCC only after determining that the terminal is trustworthy, which can further ensure communication security.
  • the specific implementation principle of S1702 can refer to the above-mentioned S1502-S1508 and the relevant introduction in S1602-S1608, which will not be described again.
  • the mobility management network element before the mobility management network element triggers the re-authentication process of the terminal, the mobility management network element can also receive the handover requirement message, and change the terminal's information according to the handover requirement message.
  • the value of NCC is increased by 1.
  • the mobility management network element receives the relocation response message and sends the terminal's current NCC to the terminal to trigger both parties to try to align the NCC and try to avoid handover failure due to NCC desynchronization.
  • the relocation response message is used to instruct the target access network device to allow the terminal to switch.
  • the specific implementation principle of this design scheme can also be referred to the relevant introduction in "6. Switching" above, and will not be described again.
  • a possible design solution is that after the re-authentication process is completed, before the mobility management network element resets the NCC of the terminal to the initial value of the NCC, the mobility management network element can also provide the terminal with the NCC of the initial value.
  • Send a NAS security mode command message ; alternatively, the mobility management network element can also receive a security mode response message from the terminal.
  • the NAS security mode command message is used to instruct the terminal to activate the NAS security context.
  • the NAS security context is a security context generated through the re-authentication process.
  • the security mode response message is used to indicate the completion of the NAS security context activation so that it can be activated later.
  • the NAS security context further activates the terminal's access layer AS security context to ensure AS signaling security.
  • AS security context For ease of understanding, the specific implementation principles of this design scheme can also be referred to the above-mentioned S1503-S1504 and the relevant introductions in S1603-S1604, which will not be described again.
  • the NCC of the terminal and the mobile management network element may be out of synchronization.
  • the mobility management network element can reset the NCC saved on the terminal and the mobility management network element side to the initial value of NCC by triggering the terminal's re-authentication process to ensure that the terminal and the mobility management network element network side
  • the NCC remains synchronized to avoid subsequent handover failures.
  • the communication method provided by the embodiment of the present application is described in detail above with reference to Figures 15-17.
  • the communication device for executing the communication method provided by the embodiment of the present application will be described in detail below with reference to FIGS. 18 and 19 .
  • FIG. 18 is a schematic structural diagram of a communication device provided by an embodiment of the present application.
  • the communication device 1800 includes: modules for executing the above communication method, such as a transceiver module 1801 and a processing module 1802.
  • FIG. 18 shows only the main components of the communication device.
  • the communication device 1800 may be adapted to the communication system shown in Figure 14, and perform the functions of the MME in Figure 15, or the functions of the AMF network element in Figure 16, or the functions of the mobility management network element in Figure 17.
  • the processing module 1802 is used to trigger the re-authentication process of the terminal when it is determined that the number of consecutive switching failures of the terminal reaches a preset number; wherein, each time it is determined that the terminal needs to be switched, the mobility management network element will The NCC value of the terminal is increased by 1.
  • the processing module 1802 is also configured to reset the NCC of the terminal to the initial value of the NCC after the re-authentication process is completed.
  • the preset number is greater than or equal to 2.
  • the preset number of times is equal to 7.
  • the preset number can be any integer less than 2 N , such as 2 N -1, 2 N -2 or 2 N -3, etc. . This application does not limit this.
  • the communication device 1800 stores the number of consecutive terminal handover failures.
  • the processing module 1802 is also configured to add 1 to the number of consecutive terminal switching failures when it is determined that the terminal switching fails, and reset the number of consecutive terminal switching failures when any one or more of the following conditions are met. is the initial value.
  • any one or more conditions include: the switching result of the next switching after the current switching failure is a successful switching, the number of consecutive switching failures of the terminal reaches a preset number, or the terminal enters an idle state.
  • the processing module 1802 is also used to determine that the terminal switching fails.
  • the transceiver module 1801 is configured to receive a relocation response message, where the relocation response message is used to indicate that the target access network device does not allow terminal switching.
  • the transceiving module 1801 is configured to time out and fail to receive the relocation completion notification message, and the relocation completion notification message is used to indicate that the terminal switching is completed.
  • the transceiver module 1801 is also configured to receive the handover requirement message before the processing module 1802 triggers the re-authentication process of the terminal.
  • the processing module 1802 is also configured to increment the NCC value of the terminal by 1 according to the handover requirement message;
  • the transceiving module 1801 is also configured to receive a relocation response message, and the relocation response message is used to instruct the target access network device to allow the terminal to switch.
  • the transceiver module 1801 is also used to send the terminal's current NCC to the terminal.
  • the value of NCC is represented by 3 bits.
  • the transceiver module 1801 is used to send an authentication request message to the authentication service network element.
  • the authentication request message is used to request the authentication service network element to authenticate the terminal.
  • the transceiver module 1801 is configured to receive an authentication response message from the authentication service network element, and the authentication response message is used to indicate successful authentication.
  • the re-authentication process of the terminal includes at least one of the following: AKA process or EAP-AKA’ process.
  • the transceiver module 1801 is configured to send a safe mode command message to the terminal after the re-authentication process is completed and before the processing module 1802 resets the NCC of the terminal to the initial value of the NCC.
  • the transceiver module 1801 is configured to receive a security mode response message from the terminal after the re-authentication process is completed and before the processing module 1802 resets the NCC of the terminal to the initial value of the NCC.
  • the security mode command message is used to instruct the terminal to activate the non-access layer NAS security context.
  • the NAS security context is a security context generated through the re-authentication process.
  • the security mode response message is used to indicate the completion of the NAS security context activation.
  • the transceiver module 1801 may include a sending module (not shown in Figure 18) and a receiving module (not shown in Figure 18).
  • the sending module is used to realize the sending function of the communication device 1800
  • the receiving module is used to realize the receiving function of the communication device 1800.
  • the communication device 1800 may also include a storage module (not shown in FIG. 18), which stores programs or instructions.
  • the processing module 1802 executes the program or instruction, the communication device 1800 can perform the functions of the terminal in the communication method shown in Figures 15-16.
  • the communication device 1800 may be a network device, a chip (system) or other components or components that can be disposed in the network device, or a device including a network device, which is not limited in this application.
  • FIG. 19 is a second structural schematic diagram of a communication device provided by an embodiment of the present application.
  • the communication device may be a terminal, or a chip (system) or other components or components that can be installed in the terminal.
  • communication device 1900 may include processor 1901.
  • the communication device 1900 may also include a memory 1902 and/or a transceiver 1903.
  • the processor 1901 is coupled to the memory 1902 and the transceiver 1903, for example, through a communication bus.
  • the processor 1901 is the control center of the communication device 1900, and may be a processor or a collective name for multiple processing elements.
  • the processor 1901 is one or more central processing units (CPUs), may also be an application specific integrated circuit (ASIC), or may be configured to implement one or more embodiments of the present application.
  • An integrated circuit such as one or more microprocessors (digital signal processor, DSP), or one or more field programmable gate arrays (field programmable gate array, FPGA).
  • the processor 1901 can perform various functions of the communication device 1900 by running or executing software programs stored in the memory 1902 and calling data stored in the memory 1902, such as performing the above-mentioned functions shown in FIGS. 15-17 communication method.
  • the processor 1901 may include one or more CPUs, such as CPU0 and CPU1 shown in FIG. 19 .
  • the communication device 1900 may also include multiple processors, such as the processor 1901 and the processor 1904 shown in FIG. 19 .
  • processors can be a single-core processor (single-CPU) or a multi-core processor (multi-CPU).
  • a processor here may refer to one or more devices, circuits, and/or processing cores for processing data (eg, computer program instructions).
  • the memory 1902 is used to store the software program for executing the solution of the present application, and is controlled by the processor 1901 for execution.
  • the processor 1901 for specific implementation methods, please refer to the above method embodiments, which will not be described again here.
  • the memory 1902 may be a read-only memory (ROM) or may store static data. Other types of static storage devices that can store state information and instructions, random access memory (RAM) or other types of dynamic storage devices that can store information and instructions, or electrically erasable programmable read-only memory (electrically erasable programmable read-only memory) erasable programmable read-only memory (EEPROM), compact disc read-only memory (CD-ROM) or other optical disc storage, optical disc storage (including compressed optical discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.) , disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store the desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited thereto.
  • the memory 1902 may be integrated with the processor 1901, or may exist independently and be coupled to the processor 1901 through the interface circuit (not shown in Figure 19) of the communication device 1900. This is not specifically limited in the embodiment of the present
  • Transceiver 1903 used for communication with other communication devices.
  • the communication device 1900 is a terminal, and the transceiver 1903 can be used to communicate with a network device or with another terminal device.
  • the communication device 1900 is a network device, and the transceiver 1903 can be used to communicate with a terminal or another network device.
  • the transceiver 1903 may include a receiver and a transmitter (not shown separately in Figure 19). Among them, the receiver is used to implement the receiving function, and the transmitter is used to implement the sending function.
  • the transceiver 1903 can be integrated with the processor 1901, or can exist independently and be coupled to the processor 1901 through the interface circuit (not shown in Figure 19) of the communication device 1900. This is not the case in the embodiment of this application. Specific limitations.
  • the structure of the communication device 1900 shown in Figure 19 does not constitute a limitation on the communication device.
  • the actual communication device may include more or less components than shown in the figure, or some components may be combined, or Different component arrangements.
  • the technical effects of the communication device 1900 can be referred to the technical effects of the communication method described in the above method embodiments, which will not be described again here.
  • An embodiment of the present application provides a communication system.
  • the communication system includes: one or more terminals shown in Figures 8-10.
  • the processor in the embodiment of the present application can be a central processing unit (CPU).
  • the processor can also be other general-purpose processors, digital signal processors (DSP), special-purpose integrated processors, etc.
  • Circuit application specific integrated circuit, ASIC), off-the-shelf programmable gate array (field programmable gate array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc.
  • a general-purpose processor may be a microprocessor or the processor may be any conventional processor, etc.
  • the memory in the embodiments of the present application may be volatile memory or non-volatile memory, or may include both volatile and non-volatile memory.
  • the non-volatile memory can be read-only memory (ROM), programmable ROM (PROM), erasable programmable read-only memory (erasable PROM, EPROM), electrically removable memory. Erase programmable read-only memory (electrically EPROM, EEPROM) or flash memory.
  • Volatile memory may be random access memory (RAM), which is used as an external cache.
  • RAM random access memory
  • RAM random access memory
  • SRAM static random access memory
  • DRAM dynamic random access memory
  • RAM synchronous dynamic random access memory
  • synchronous DRAM synchronous DRAM, SDRAM
  • double data rate synchronous dynamic random access memory double data rate SDRAM, DDR SDRAM
  • enhanced synchronous dynamic random access memory enhanced SDRAM, ESDRAM
  • synchronous link dynamic random access memory serial DRAM, SLDRAM
  • direct memory bus random access memory direct rambus RAM, DR RAM
  • the above embodiments may be implemented in whole or in part by software, hardware (such as circuits), firmware, or any other combination.
  • the above-described embodiments may be implemented in whole or in part in the form of a computer program product.
  • the computer program product includes one or more computer instructions or computer programs. When the computer instructions or computer programs are loaded or executed on the computer, the processes or functions described in the embodiments of the present application are generated in whole or in part.
  • the computer may be a general-purpose computer, a special-purpose computer, a computer network, or other programmable devices.
  • the computer instructions may be stored in or transmitted from one computer-readable storage medium to another, e.g., the computer instructions may be transferred from a website, computer, server, or data center Transmit to another website, computer, server or data center through wired (such as infrared, wireless, microwave, etc.) means.
  • the computer-readable storage medium may be any available medium that a computer can access, or a data storage device such as a server or a data center that contains one or more sets of available media.
  • the usable media may be magnetic media (eg, floppy disk, hard disk, tape), optical media (eg, DVD), or semiconductor media.
  • the semiconductor medium may be a solid state drive.
  • At least one refers to one or more, and “plurality” refers to two or more.
  • At least one of the following” or similar expressions thereof refers to any combination of these items, including any combination of a single item (items) or a plurality of items (items).
  • at least one of a, b, or c can mean: a, b, c, a-b, a-c, b-c, or a-b-c, where a, b, c can be single or multiple .
  • the size of the sequence numbers of the above-mentioned processes does not mean the order of execution.
  • the execution order of each process should be determined by its functions and internal logic, and should not be used in the embodiments of the present application.
  • the implementation process constitutes any limitation.
  • the disclosed systems, devices and methods can be implemented in other ways.
  • the device embodiments described above are only illustrative.
  • the division of the units is only a logical function division. In actual implementation, there may be other division methods.
  • multiple units or components may be combined or can be integrated into another system, or some features can be ignored, or not implemented.
  • the coupling or direct coupling or communication connection between the shown or discussed may be through some Interface, indirect coupling or communication connection of devices or units, may be electrical, mechanical or other forms.
  • the units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place, or they may be distributed to multiple network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.
  • each functional unit in each embodiment of the present application can be integrated into one processing unit, each unit can exist physically alone, or two or more units can be integrated into one unit.
  • the functions are implemented in the form of software functional units and sold or used as independent products, they can be stored in a computer-readable storage medium.
  • the technical solution of the present application is essentially or the part that contributes to the existing technology or the part of the technical solution can be embodied in the form of a software product.
  • the computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in various embodiments of this application.
  • the aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM), random access memory (RAM), magnetic disk or optical disk and other media that can store program code. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention se rapporte au domaine technique des communications, et concerne un procédé et un appareil de communication, destinés à être utilisés pour résoudre le problème selon lequel un transfert intercellulaire ultérieur ne peut pas être achevé dans le cas de multiples défaillances de transfert intercellulaire consécutives. Dans le procédé, lorsque le nombre de défaillances de transfert consécutives d'un terminal atteint un nombre prédéfini, les NCC du terminal et un côté réseau d'un élément de réseau de gestion de mobilité peuvent ne pas être synchronisés. Dans ce cas, l'élément de réseau de gestion de mobilité peut réinitialiser les NCC du terminal et le côté réseau de l'élément de réseau de gestion mobile à un NCC d'une valeur initiale en déclenchant un processus de ré-authentification du terminal, garantissant ainsi que les NCC du terminal et le côté réseau de l'élément de réseau de gestion de mobilité sont synchronisés pour éviter des défaillances de transfert ultérieures.
PCT/CN2023/084871 2022-04-01 2023-03-29 Procédé et appareil de communication WO2023185960A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210339461.6A CN116939734A (zh) 2022-04-01 2022-04-01 通信方法及装置
CN202210339461.6 2022-04-01

Publications (1)

Publication Number Publication Date
WO2023185960A1 true WO2023185960A1 (fr) 2023-10-05

Family

ID=88199347

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/084871 WO2023185960A1 (fr) 2022-04-01 2023-03-29 Procédé et appareil de communication

Country Status (2)

Country Link
CN (1) CN116939734A (fr)
WO (1) WO2023185960A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150269028A1 (en) * 2012-10-29 2015-09-24 Nokia Solutions And Networks Oy Methods, apparatuses and computer program products enabling to improve handover security in mobile communication networks
CN109842484A (zh) * 2017-11-24 2019-06-04 电信科学技术研究院 一种下一跳链计数器更新方法、装置及设备
US20200214070A1 (en) * 2017-06-14 2020-07-02 Samsung Electronics Co., Ltd Method and user equipment (ue) for reconnecting rrc connection with radio access network (ran) node
US20210127270A1 (en) * 2018-01-19 2021-04-29 Guangdong Oppo Mobile Telecommunications Corp., Ltd. Method for instructing user equipment to obtain key, user equipment and network device
WO2022001330A1 (fr) * 2020-06-29 2022-01-06 中兴通讯股份有限公司 Procédé de transfert, dispositif de réseau, équipement utilisateur et système de communication

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150269028A1 (en) * 2012-10-29 2015-09-24 Nokia Solutions And Networks Oy Methods, apparatuses and computer program products enabling to improve handover security in mobile communication networks
US20200214070A1 (en) * 2017-06-14 2020-07-02 Samsung Electronics Co., Ltd Method and user equipment (ue) for reconnecting rrc connection with radio access network (ran) node
CN109842484A (zh) * 2017-11-24 2019-06-04 电信科学技术研究院 一种下一跳链计数器更新方法、装置及设备
US20210127270A1 (en) * 2018-01-19 2021-04-29 Guangdong Oppo Mobile Telecommunications Corp., Ltd. Method for instructing user equipment to obtain key, user equipment and network device
WO2022001330A1 (fr) * 2020-06-29 2022-01-06 中兴通讯股份有限公司 Procédé de transfert, dispositif de réseau, équipement utilisateur et système de communication

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3GPP System Architecture Evolution (SAE); Security architecture (Release 17)", 3GPP STANDARD; TECHNICAL SPECIFICATION; 3GPP TS 33.401, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. SA WG3, no. V17.1.0, 24 March 2022 (2022-03-24), Mobile Competence Centre ; 650, route des Lucioles ; F-06921 Sophia-Antipolis Cedex ; France, pages 1 - 174, XP052144799 *

Also Published As

Publication number Publication date
CN116939734A (zh) 2023-10-24

Similar Documents

Publication Publication Date Title
US11228905B2 (en) Security implementation method, related apparatus, and system
US10911948B2 (en) Method and system for performing network access authentication based on non-3GPP network, and related device
CN109587688B (zh) 系统间移动性中的安全性
EP3138311B1 (fr) Procédé et système permettant d'assurer la sécurité à partir d'un réseau d'accès radio
CN111448813B (zh) 与配置的安全保护进行通信的系统和方法
WO2019062374A1 (fr) Procédé et appareil de négociation d'algorithme d'élaboration de clés
JP6725764B2 (ja) 無線リソース制御接続の再確立
US20220303763A1 (en) Communication method, apparatus, and system
US20240305983A1 (en) Communication method and apparatus
WO2023186028A1 (fr) Procédé et appareil de communication
WO2024067619A1 (fr) Procédé de communication et appareil de communication
WO2024032207A1 (fr) Procédé, appareil et système de communication
WO2023213301A1 (fr) Procédé d'authentification, appareil de communication, et support de stockage lisible par ordinateur
TWI816295B (zh) 配置演進分組系統非接入層安全演算法的方法及相關裝置
WO2022148469A1 (fr) Procédé, appareil et système de protection de sécurité
WO2023185960A1 (fr) Procédé et appareil de communication
WO2021073382A1 (fr) Appareil et procédé d'enregistrement
WO2023185582A1 (fr) Procédé et dispositif de communication
WO2024149053A1 (fr) Procédé d'authentification et appareil de communication
CN116528234B (zh) 一种虚拟机的安全可信验证方法及装置
WO2024165058A1 (fr) Procédé et appareil de communication
WO2024120500A1 (fr) Procédé de communication et appareil associé
WO2023072271A1 (fr) Procédé et appareil de gestion d'un contexte de sécurité
WO2024160127A1 (fr) Procédé, dispositif et système de communications
WO2024060626A1 (fr) Procédé d'authentification, appareil de communication et système de communication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23778325

Country of ref document: EP

Kind code of ref document: A1