WO2023201454A1 - 中继通信方法、装置、通信设备及存储介质 - Google Patents

中继通信方法、装置、通信设备及存储介质 Download PDF

Info

Publication number
WO2023201454A1
WO2023201454A1 PCT/CN2022/087316 CN2022087316W WO2023201454A1 WO 2023201454 A1 WO2023201454 A1 WO 2023201454A1 CN 2022087316 W CN2022087316 W CN 2022087316W WO 2023201454 A1 WO2023201454 A1 WO 2023201454A1
Authority
WO
WIPO (PCT)
Prior art keywords
message
discovery
key
relay
request
Prior art date
Application number
PCT/CN2022/087316
Other languages
English (en)
French (fr)
Inventor
陆伟
Original Assignee
北京小米移动软件有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京小米移动软件有限公司 filed Critical 北京小米移动软件有限公司
Priority to PCT/CN2022/087316 priority Critical patent/WO2023201454A1/zh
Priority to CN202280001218.1A priority patent/CN117296351A/zh
Publication of WO2023201454A1 publication Critical patent/WO2023201454A1/zh

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/005Discovery of network devices, e.g. terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • H04W48/10Access restriction or access information delivery, e.g. discovery data delivery using broadcasted information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/04Terminal devices adapted for relaying to or from another terminal or user

Definitions

  • the present disclosure relates to but is not limited to the field of communication technology, and in particular, to a relay communication method, device, communication equipment and storage medium.
  • the relay UE In relay communication, when the remote user equipment (Remote UE) cannot communicate with the network due to network signal coverage and other reasons, the relay UE can be used, such as UE-to-Network (U2N) relay.
  • the relay function continues communication with the network.
  • the remote UE can first transmit the information that needs to be transmitted to the network to the relay UE, and then the relay UE transmits the information to the network; or, the network can first transmit the information that needs to be transmitted to the remote UE. After being transmitted to the relay terminal, the relay UE transmits the information to the remote UE, thereby realizing communication between the remote UE and the network.
  • the discovery message transmitted between the remote UE and the relay UE lacks security protection.
  • the discovery message transmitted between the remote UE and the relay UE lacks security protection.
  • Security protection there are huge security risks in this way.
  • Embodiments of the present disclosure disclose a relay communication method, device, communication equipment and storage medium.
  • a relay communication method executed by a first UE, including:
  • AMF Access and Mobility Management Function
  • PCF Policy Control Function
  • a relay communication method executed by AMF, including:
  • a second request message for requesting security information is sent to the first PCF corresponding to the first identification information.
  • a relay communication method executed by a second UE, including:
  • the third request message is used to request security information for relay communication discovery between the first UE and the second UE; wherein the third request message includes a third request of the second UE.
  • Identification information is used by the second AMF to send the fourth request information for requesting security information to the second PCF corresponding to the second UE.
  • a relay communication method executed by the second AMF, including:
  • a fourth request message for requesting security information is sent to the second PCF corresponding to the third identification information.
  • a relay communication method executed by the first PCF, including:
  • a relay communication method executed by the second PCF, including:
  • a fourth request message for requesting security information is sent to the first PCF.
  • a relay communication method executed by a network device, including:
  • the request message sent by the UE;
  • the request message carries the identification information of the UE;
  • the request message is used to request security information for relay communication discovery between the UE and the UE;
  • a relay communication device applied to a first UE, including:
  • the first sending module is configured to send a first request message to the first AMF, where the first request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the first request message includes first identification information of the first UE; the first identification information is used by the first AMF to send the second request information for requesting security information to the first PCF corresponding to the first UE.
  • a relay communication device applied to the first AMF, including:
  • the second receiving module is configured to receive a first request message sent by the first UE, where the first request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the second sending module is configured to send the second request message for requesting security information to the first PCF corresponding to the first identification information based on the first identification information of the first UE carried in the first request message.
  • a relay communication device applied to a second UE, including:
  • the third sending module is configured to send a third request message to the second AMF, where the third request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the third request message includes third identification information of the second UE; the third identification information is used by the second AMF to send the fourth request information for requesting security information to the second PCF corresponding to the second UE.
  • a relay communication device applied to the second AMF, including:
  • the fourth receiving module is configured to receive a third request message sent by the second UE, wherein the third request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the fourth sending module is configured to send the fourth request message for requesting security information to the second PCF corresponding to the third identification information based on the third identification information of the second UE carried in the third request message.
  • a relay communication device applied to the first PCF, including:
  • the fifth receiving module is configured to receive the second request message sent by the first AMF and/or receive the fourth request message sent by the second PCF, wherein the second request message and/or the fourth request message are used to request the first Security information for relay communication discovery between the user equipment UE and the second UE.
  • a relay communication device is provided, applied to the second PCF, including:
  • the sixth receiving module is configured to receive a fourth request message sent by the second AMF, wherein the fourth request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the sixth sending module is configured to send a fourth request message for requesting security information to the first PCF.
  • a communication device includes:
  • Memory used to store instructions executable by the processor
  • the processor is configured to implement the relay communication method of any embodiment of the present disclosure when running executable instructions.
  • a computer storage medium stores a computer executable program.
  • the executable program is executed by a processor, the relay communication method of any embodiment of the present disclosure is implemented.
  • a first request message may be sent to the first AMF through the first UE, where the first request message is used to request security information for relay communication discovery between the first UE and the second UE; wherein , the first request message includes first identification information of the first UE; the first identification information is used by the first AMF to send the second request information for requesting security information to the first PCF corresponding to the first UE.
  • security protection can be performed based on the security information; in this way, compared with the method in which security protection cannot be performed when relay communication discovery is performed, the first UE can The relay communication between the UE and the second UE is found to be more secure.
  • the first AMF can accurately know which first UE needs to obtain the security information for relay communication discovery; and it is beneficial for the first AMF to obtain the security information.
  • the information is then sent to the first UE.
  • Figure 1 is a schematic structural diagram of a wireless communication system according to an exemplary embodiment.
  • FIG. 2 is a flow chart illustrating a UE-to-network relay discovery method through Model A according to an exemplary embodiment.
  • Figure 3 is a flowchart illustrating a UE-to-network relay discovery method through Model B according to an exemplary embodiment.
  • Figure 4 is a flow chart of a relay communication method according to an exemplary embodiment.
  • Figure 5 is a flow chart of a relay communication method according to an exemplary embodiment.
  • Figure 6 is a flow chart of a relay communication method according to an exemplary embodiment.
  • Figure 7 is a flow chart of a relay communication method according to an exemplary embodiment.
  • Figure 8 is a flow chart of a relay communication method according to an exemplary embodiment.
  • Figure 9 is a flow chart of a relay communication method according to an exemplary embodiment.
  • Figure 10 is a flow chart of a relay communication method according to an exemplary embodiment.
  • Figure 11 is a flow chart of a relay communication method according to an exemplary embodiment.
  • Figure 12 is a flow chart of a relay communication method according to an exemplary embodiment.
  • Figure 13 is a flow chart of a relay communication method according to an exemplary embodiment.
  • Figure 14 is a flow chart of a relay communication method according to an exemplary embodiment.
  • Figure 15 is a flowchart of a relay communication method according to an exemplary embodiment.
  • Figure 16 is a block diagram of a relay communication device according to an exemplary embodiment.
  • Figure 17 is a block diagram of a relay communication device according to an exemplary embodiment.
  • Figure 18 is a block diagram of a relay communication device according to an exemplary embodiment.
  • Figure 19 is a block diagram of a relay communication device according to an exemplary embodiment.
  • Figure 20 is a block diagram of a relay communication device according to an exemplary embodiment.
  • Figure 21 is a block diagram of a relay communication device according to an exemplary embodiment.
  • Figure 22 is a block diagram of a relay communication device according to an exemplary embodiment.
  • Figure 23 is a block diagram of a UE according to an exemplary embodiment.
  • Figure 24 is a block diagram of a base station according to an exemplary embodiment.
  • first, second, third, etc. may be used to describe various information in the embodiments of the present disclosure, the information should not be limited to these terms. These terms are only used to distinguish information of the same type from each other.
  • first information may also be called second information, and similarly, the second information may also be called first information.
  • word “if” as used herein may be interpreted as "when” or "when” or "in response to determining.”
  • FIG. 1 shows a schematic structural diagram of a wireless communication system provided by an embodiment of the present disclosure.
  • the wireless communication system is a communication system based on cellular mobile communication technology.
  • the wireless communication system may include several user equipments 110 and several base stations 120.
  • user equipment 110 may be a device that provides voice and/or data connectivity to a user.
  • the user equipment 110 may communicate with one or more core networks via a Radio Access Network (RAN).
  • RAN Radio Access Network
  • the user equipment 110 may be an Internet of Things user equipment, such as a sensor device, a mobile phone (or a "cellular" phone) ) and computers with IoT user equipment, which may be, for example, fixed, portable, pocket-sized, handheld, computer-built-in, or vehicle-mounted devices.
  • the user equipment 110 may also be equipment of an unmanned aerial vehicle.
  • the user equipment 110 may also be a vehicle-mounted device, for example, it may be an on-board computer with a wireless communication function, or a wireless user equipment connected to an external on-board computer.
  • the user equipment 110 may also be a roadside device, for example, it may be a streetlight, a signal light or other roadside device with a wireless communication function.
  • the base station 120 may be a network-side device in a wireless communication system.
  • the wireless communication system can be the 4th generation mobile communication technology (the 4th generation mobile communication, 4G) system, also known as the Long Term Evolution (LTE) system; or the wireless communication system can also be a 5G system, Also called new air interface system or 5G NR system.
  • the wireless communication system may also be a next-generation system of the 5G system.
  • the access network in the 5G system can be called the New Generation-Radio Access Network (NG-RAN).
  • NG-RAN New Generation-Radio Access Network
  • the base station 120 may be an evolved base station (eNB) used in the 4G system.
  • the base station 120 may also be a base station (gNB) that adopts a centralized distributed architecture in the 5G system.
  • eNB evolved base station
  • gNB base station
  • the base station 120 adopts a centralized distributed architecture it usually includes a centralized unit (central unit, CU) and at least two distributed units (distributed unit, DU).
  • the centralized unit is equipped with a protocol stack including the Packet Data Convergence Protocol (PDCP) layer, the Radio Link Control protocol (Radio Link Control, RLC) layer, and the Media Access Control (Medium Access Control, MAC) layer;
  • PDCP Packet Data Convergence Protocol
  • RLC Radio Link Control
  • MAC Media Access Control
  • the distribution unit is provided with a physical (Physical, PHY) layer protocol stack, and the embodiment of the present disclosure does not limit the specific implementation of the base station 120.
  • a wireless connection may be established between the base station 120 and the user equipment 110 through a wireless air interface.
  • the wireless air interface is a wireless air interface based on the fourth generation mobile communication network technology (4G) standard; or the wireless air interface is a wireless air interface based on the fifth generation mobile communication network technology (5G) standard, such as
  • the wireless air interface is a new air interface; alternatively, the wireless air interface may also be a wireless air interface based on the next generation mobile communication network technology standard of 5G.
  • an E2E (End to End, end-to-end) connection can also be established between user equipments 110 .
  • vehicle-to-vehicle (V2V) communication vehicle-to-roadside equipment (vehicle to Infrastructure, V2I) communication and vehicle-to-person (vehicle to pedestrian, V2P) communication in vehicle networking communication (vehicle to everything, V2X) Wait for the scene.
  • V2V vehicle-to-vehicle
  • V2I vehicle-to-roadside equipment
  • V2P vehicle-to-person communication in vehicle networking communication
  • V2X vehicle networking communication
  • the above user equipment can be considered as the terminal equipment of the following embodiments.
  • the above-mentioned wireless communication system may also include a network management device 130.
  • the network management device 130 may be a core network device in a wireless communication system.
  • the network management device 130 may be a mobility management entity (Mobility Management Entity) in an evolved packet core network (Evolved Packet Core, EPC). MME).
  • the network management device can also be other core network devices, such as serving gateway (Serving GateWay, SGW), public data network gateway (Public Data Network GateWay, PGW), policy and charging rules functional unit (Policy and Charging Rules) Function, PCRF) or Home Subscriber Server (HSS), etc.
  • serving gateway Serving GateWay, SGW
  • public data network gateway Public Data Network GateWay, PGW
  • Policy and Charging Rules Policy and Charging Rules
  • PCRF Policy and Charging Rules
  • HSS Home Subscriber Server
  • the embodiments of the present disclosure enumerate multiple implementations to clearly describe the technical solutions of the embodiments of the present disclosure.
  • the multiple embodiments provided in the embodiments of the present disclosure can be executed alone or in combination with the methods of other embodiments in the embodiments of the present disclosure. They can also be executed alone or in combination. It is then executed together with some methods in other related technologies; the embodiments of the present disclosure do not limit this.
  • control plane and user plane solutions are provided for UE to network relay.
  • the 5G ProSe Key Management Function PKMF
  • PKMF 5G ProSe Key Management Function
  • the proximity communication service name management function DDNMF
  • the DDNMF generates and provides necessary discovery security parameters for proximity services.
  • the DDNMF is a logical function that allocates and resolves proximity service application IDs for dynamic 5G proximity service direct discovery, and maps proximity service applications or restricted codes.
  • DDNMF does not necessarily involve the discovery of 5G Proximity Service UE-to-Network (U2N) relays, which does not require the allocation and resolution of mappings between Proximity Service Application IDs and Proximity Service Application IDs or restricted codes.
  • U2N 5G Proximity Service UE-to-Network
  • the UE uses a Policy Control Function (PCF) to pre-configure or provide discovery parameters during service authorization and information provision.
  • PCF Policy Control Function
  • the currently defined discovery parameters provided to the UE by the PCF include security-related content for 5G Proximity Service U2N discovery for each Proximity Service Relay Service Code (RSC).
  • RSC Proximity Service Relay Service Code
  • a model A approach is provided to support discovery of the UE to the network relay; the model A uses a single discovery protocol message (such as an announcement message).
  • the method of model A is executed by communication equipment, which includes remote UE and U2N relay; where the remote UE includes remote UE1, remote UE2 and remote UE3; the UE through model A reaches
  • the network relay discovery method includes the following steps:
  • Step S21 The U2N relay sends an announcement message.
  • the U2N relay sends an announcement message, and remote UE1, remote UE2, and remote UE3 can all monitor the announcement message.
  • step S22 The U2N relay sends additional information.
  • the U2N relay sends additional information, and remote UE1, remote UE2, and remote UE3 can all monitor the additional information.
  • a Model B approach is provided to support discovery of the UE to the network relay; the Model B uses two discovery protocol messages (such as a request message and a response message).
  • the method of model B is executed by communication equipment, which includes remote UE and U2N relay; among them, U2N relay includes: U2N relay 1, U2N relay 2 and U2N relay 3; through the model B's UE to network relay discovery method includes the following steps:
  • Step S31 The remote UE sends a discovery request message
  • the remote UE sends a discovery request message; U2N relay 1, U2N relay 2 and U2N relay 3 can all monitor the discovery request message.
  • Step S32 The remote UE receives the discovery response message.
  • U2N relay 1, U2N relay 2 and U2N relay 3 can all determine the discovery response message based on the discovery request message and send the discovery response message; the remote UE can monitor U2N relay 1, U2N relay 2 and/or Discovery response message sent by U2N relay 3.
  • an embodiment of the present disclosure provides a relay communication method, which is executed by the first UE and includes:
  • Step S41 Send a first request message to the first AMF, where the first request message is used to request security information for relay communication discovery between the first UE and the second UE; where the first request message includes the first UE The first identification information; the first identification information is used by the first AMF to send the second request information for requesting security information to the first PCF corresponding to the first UE.
  • the UE involved may be, but is not limited to, a mobile terminal or a fixed terminal; for example, the first UE and the second UE in the following embodiments may be, but are not limited to, a mobile phone, a computer, a server, Wearable devices, game control platforms or multimedia devices, etc.
  • the first UE may be a relay UE
  • the second UE may be a remote UE.
  • the relay UE may be a 5G relay UE or a 6G relay UE, etc.
  • the relay UE may be a U2N relay.
  • the first AMF, the second AMF, the first PCF and the second PCF may be but are not limited to core network equipment or core network elements or functions; the first AMF, the second The AMF, the first PCF and the second PCF can all be replaced by other core network equipment or core network elements or functions with the same functions.
  • the first AMF may be the AMF of the relay UE; the second AMF may be the AMF of the remote UE; the first PCF may be the PCF of the relay UE; and/or the second PCF may be the remote UE PCF.
  • the first identification information may be used to identify the first UE.
  • the first identification information includes at least one of the following:
  • GUI Globally Unique Temporary UE Identity
  • the second request message is used to request security information for relay communication discovery between the first UE and the second UE.
  • the second request message carries second identification information of the first UE.
  • the second identification signal may be used to identify the first UE.
  • the second identification information includes a User Subscription Permanent Identifier (SUPI) corresponding to the first identification information.
  • SUPI User Subscription Permanent Identifier
  • a first mapping relationship is stored in the first AMF; the first mapping relationship includes: a corresponding relationship between the first identification information and the second identification information.
  • the first mapping relationship includes: the corresponding relationship between SUCI and SUPI, and/or the corresponding relationship between GUTI and SUPI.
  • the first AMF can determine the SUPI of the first UE based on the SUCI and/or SUPI of the first UE; in this way, the first AMF can know which first UE sent the first request message, and send the second request message to Sent to the first PCF corresponding to the first UE.
  • Embodiments of the present disclosure provide a relay communication method, executed by the first UE, including:
  • the first response message includes: the security information included in the second response message; the second response message is the first PCF based on the first UE included in the second response message. Two identification information are sent.
  • the first request message includes: a key request related message; the first response message includes: a key response related message; and the security information includes: an intermediate discovery key.
  • the security information may be any kind of security protection information used to protect the discovery protection of relay communication between the first UE and the second UE.
  • the second request message may include a key request related message.
  • the difference between the first request message and the second request message is that: the first request message carries first identification information; the second request message carries second identification information.
  • the second response message may include a key response related message.
  • the difference between the first response message and the second response message is that: the second response message carries the second identification information; the first response message carries the first identification information or the first response information does not carry the first identification information. information and second identification information.
  • a first request message may be sent to the first AMF through the first UE, where the first request message is used to request security information for relay communication discovery between the first UE and the second UE; wherein , the first request message includes first identification information of the first UE; the first identification information is used by the first AMF to send the second request information for requesting security information to the first PCF corresponding to the first UE.
  • security protection can be performed based on the security information; in this way, compared with the method in which security protection cannot be performed when relay communication discovery is performed, the first UE can The relay communication between the UE and the second UE is found to be more secure.
  • the first AMF can accurately know which first UE needs to obtain the security information for relay communication discovery; and it is beneficial for the first AMF to obtain the security information.
  • the information is then sent to the first UE.
  • the first response message sent by the first AMF may be received by the first UE, where the first response message includes: the security information included in the second response message; the second response message is based on the first PCF
  • the second response message includes the second identification information of the first UE and is sent.
  • the security information determined by the first PCF can be forwarded by the first AMF so that the first UE obtains the security information discovered by the first UE and the second UE for relay communication, thereby improving the efficiency between the first UE and the second UE.
  • Security following communication discovery since the second response message carries the second identification information, the first AMF can also accurately know which first UE needs to request security information, and accurately forward the security information to the first UE that needs to obtain security information.
  • the key request related message includes: an RSC indicating the relay service
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • RSCs correspond to different intermediate discovery keys.
  • an RSC indicates a relay service; a relay service corresponds to an intermediate discovery key.
  • the key response related message received by the first UE includes an intermediate discovery key of RSC
  • it is determined that the intermediate discovery key is the intermediate between the first UE and the second UE performing the relay service indicated by RSC. Key found.
  • the first UE only requests the intermediate discovery key of one RSC, it can obtain it through the received intermediate discovery key.
  • the key response related message received by the first UE includes two or more intermediate discovery keys indicated by RSC and the identification information of the intermediate discovery key, it can be determined by the identification information of the intermediate discovery key. Obtain the intermediate discovery key corresponding to any RSC. In this way, when the first UE requests the intermediate discovery keys of multiple RSCs, it can accurately determine the intermediate discovery key corresponding to any RSC by obtaining the intermediate discovery keys of the multiple RSCs and the identification information of the intermediate discovery keys.
  • the plurality is two or more.
  • the key request related message also includes at least one of the following:
  • Type indication information used to indicate the type of discovery message for relay communication
  • the first security indication information is used to indicate the security capability of the first UE.
  • the discovery message types include but are not limited to: direct discovery type, or relay discovery type.
  • the type indication information includes: first type indication information, used to indicate that the discovery message type is a direct discovery type; second type indication information, used to indicate that the discovery message type is a relay discovery type.
  • the first security indication information is used by the first PCF to determine the encryption and decryption algorithm and/or the integrity protection algorithm.
  • the encryption and decryption algorithm and/or the integrity protection algorithm may be the encryption and decryption algorithm and/or the integrity protection algorithm for the discovery message of the relay communication.
  • the first PCF by sending a key request-related message including type indication information and/or first security indication information, etc., the first PCF can be made to determine the discovery message type of the relay communication and/or determine the Encryption and decryption algorithms and integrity protection algorithms for discovery messages in relay communications.
  • the key response related message also includes at least one of the following:
  • Algorithm identifier includes at least one of the following:
  • the first algorithm identifier is used to indicate the algorithm for encrypting and decrypting the discovery message of the relay communication
  • the second algorithm identifier is used to indicate the algorithm for integrity protection of the discovery message of the relay communication
  • Time-dependent information used to determine whether the discovery message of the relay communication is subject to a replay attack.
  • time-related information includes but is not limited to at least one of the following: current time, maximum offset, and validity timer.
  • the first UE may determine whether the received information (eg, announcement message) is subject to a replay attack based on the current time and the validity timer. For example, for example, the first UE receives the discovery request message of the second UE; if the first UE determines that the current time is not within the validity timer, it may determine that the discovery request message is subject to a replay attack; or if it is determined that the discovery request message is subject to a replay attack If the current time is within the validity timer, it can be determined that the discovery message is not subject to a replay attack.
  • the received information eg, announcement message
  • the first UE determines the first time range based on the sum of the current time and the maximum offset or based on the difference between the current time and the maximum offset; if the first time range is not within the timing time of the validity timer, the first UE may determine the first time range. It is determined that the discovery message is subject to a replay attack, or, if the first time range is within the time period of the validity timer, it is determined that the discovery message is not subject to a replay attack.
  • the first UE by receiving the key response related message of the first PCF forwarded by the first AMF and including one of the algorithm identification and time-related information, the first UE can obtain the key for encryption or decryption. Encryption and decryption algorithms, integrity protection algorithms for discovery messages, etc., and/or determining whether discovery messages have suffered replay attacks. This can further improve the security of relay communication discovery between the first UE and the second UE.
  • Embodiments of the present disclosure provide a relay communication method, executed by a first UE, including: receiving a first RSC set sent by a first AMF; wherein the first RSC set includes: at least one first RSC; the first RSC is the An RSC of relay services that the UE can provide.
  • the first RSC set may be sent by the first PCF.
  • the first RSC set may also be sent by the DDNMF corresponding to the first UE.
  • the first UE receives the discovery parameter carrying the first RSC set sent by the first AMF; the discovery parameter is sent by the first PCF or the DDNMF corresponding to the first UE.
  • the first RSC set can be obtained from the first PCF and other core network elements through the first UE, so that the relay services that the first UE can provide can be learned.
  • an embodiment of the present disclosure provides a relay communication method, which is executed by the first UE and includes:
  • Step S51 Determine the relay discovery key based on the intermediate discovery key
  • the relay discovery key includes at least one of the following:
  • Encryption key used to encrypt and decrypt discovery messages for relay communications
  • Integrity Assurance Key used to protect the integrity of discovery messages for relay communications.
  • the relay discovery key may include: a scrambling key (DUSK), used to scramble the discovery message of the relay communication.
  • DUSK scrambling key
  • step S51 includes one of the following:
  • the relay discovery key is determined.
  • the algorithm identifier may include the first algorithm identifier and/or the second algorithm identifier in the above embodiment; the RSC may be the RSC in the above embodiment; the intermediate discovery key may be the intermediate discovery key in the above embodiment. key.
  • Embodiments of the present disclosure provide a relay communication method, which is executed by the first UE, including: determining the relay discovery key based on the intermediate discovery key and the algorithm identifier.
  • Embodiments of the present disclosure provide a relay communication method, which is executed by the first UE, including: determining the relay discovery key based on the intermediate discovery key, the algorithm identifier, and the RSC.
  • the derivation of the relay discovery key can be as follows, where the RSC and the intermediate discovery key are used as input parameters:
  • L0 length of P0(i.e.0x00 0x01)
  • L1 length of algorithm identity(i.e.0x00 0x01)
  • L2 length of RSC(i.e.0x00 0x03).
  • the encryption algorithm and integrity protection algorithm can be set in any implementable manner.
  • the input key is a near field service relay discovery key (PRDK) of 256K; the PRDK can be the intermediate discovery key in the above embodiment.
  • PRDK near field service relay discovery key
  • RSC can be added to the input parameter when determining the relay discovery key, so that the relay discovery key bound to a specific relay service can be obtained.
  • an embodiment of the present disclosure provides a relay communication method, which is executed by the first UE and includes:
  • Step S61 Send a first announcement message, where the first announcement message includes: a discovery message encrypted based on the relay discovery key and protected by integrity; the discovery message is used to indicate that the first UE supports discovery and provides relay services.
  • the discovery message included in the first announcement message may be: a discovery message encrypted based on the relay discovery key and encryption algorithm and integrity protected based on the integrity protection algorithm.
  • Sending the first announcement message in step S61 may be: broadcasting the first announcement message.
  • the discovery message includes at least one RSC.
  • the first UE can notify other UEs: which relay service(s) indicated by the RSC is supported by the first UE.
  • the other UE may be, but is not limited to, a second UE.
  • the discovery message includes but is not limited to: at least one RSC and identification information of the first UE.
  • the identification information may be, but is not limited to, the first identification information in the above embodiment; for example, the identification information may be any information that can uniquely identify the first UE, such as a string of characters. In this way, the first UE can inform other UEs: which first UE supports the relay service indicated by the RSC.
  • the first announcement message can be broadcast through the first UE, so that the second UE and the like that monitor the first announcement message can know the relay services that the first UE can provide.
  • the discovery message in the first announcement message is a discovery message encrypted by the relay discovery key and protected by integrity, thereby improving the security of relay communication discovery between the first UE and the second UE.
  • an embodiment of the present disclosure provides a relay communication method, which is executed by the first UE and includes:
  • Step S71 Receive a second announcement message, where the second announcement message includes: a discovery request message encrypted based on the relay discovery key and protected by integrity; the discovery request message is used to request the second UE to discover the requested relay service. ;
  • Step S72 Decrypt and verify the second announcement message based on the relay discovery key to obtain the discovery request message.
  • the discovery request message in the second announcement message may be: a discovery request message encrypted based on the relay discovery key and encryption algorithm and integrity protected based on the integrity protection algorithm.
  • Receiving the second announcement message in step S71 may include: receiving the second announcement message sent by the second UE.
  • the discovery request message includes at least one RSC.
  • the first UE can learn the relay service or relay services indicated by the RSC that the second UE needs to request.
  • the discovery request message includes but is not limited to: RSC and identification information of the second UE.
  • RSC radio station identity
  • the first UE can learn which second UE needs to request the relay service indicated by the RSC.
  • Decrypting and verifying the second announcement message based on the relay discovery key in step S72 includes: decrypting the second announcement message based on the relay discovery key and the decryption algorithm corresponding to the encryption algorithm, and verifying the second announcement message through the integrity protection algorithm. The message is verified for integrity.
  • the first UE may receive the discovery request message sent by the second UE to learn the relay service that the second UE needs to request.
  • the discovery request message is a message encrypted by the relay discovery key and protected by integrity, which can improve the security of the relay communication discovery between the first UE and the second UE.
  • Embodiments of the present disclosure provide a relay communication method, executed by a first UE, including: sending a third announcement message, wherein the third announcement message includes: a discovery response message encrypted based on the relay discovery key and protected by integrity. , where the discovery response message is determined based on the discovery request message.
  • the discovery response message in the third announcement message may be: a discovery response message encrypted based on the relay discovery key and encryption algorithm and integrity protected based on the integrity protection algorithm.
  • the discovery response message sent by the first UE may be a confirmed response message.
  • the first UE determines that the relay service authorized by the first UE does not include the relay service requested by the discovery request message, the first UE does not send the discovery response message.
  • the second UE may be informed according to the discovery response message sent by the first UE whether it can provide the relay service requested by the second UE.
  • the discovery response message may be a message encrypted by the relay discovery key and protected by integrity, which may improve the security of the relay communication discovery between the first UE and the second UE.
  • the first UE when the first UE receives the announcement message encrypted by the relay discovery key and protected by integrity sent by the second UE, it can decrypt and verify the integrity of the announcement message by using the same relay discovery key, etc., The content of the announcement message can be accurately obtained.
  • the following relay communication method is executed by the first AMF, which is similar to the above description of the relay communication method executed by the first UE; and for the relay communication method executed by the first AMF that is not disclosed in the embodiment
  • the relay communication method executed by the first AMF that is not disclosed in the embodiment
  • the embodiment of the present disclosure provides a relay communication method, which is executed by the first AMF, including:
  • Step S81 Receive a first request message sent by the first UE, where the first request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • Step S82 Based on the first identification information of the first UE carried in the first request message, send the second request message for requesting security information to the first PCF corresponding to the first identification information.
  • Embodiments of the present disclosure provide a relay communication method, executed by the first AMF, including:
  • a first response message carrying the security information is sent to the first UE.
  • the first request message and the second request message may be the first request message and the second request message respectively in step S41; the security information may be the security information in the above step S41; the first identification information may be is the first identification information in step S41.
  • the first response message and the second response message may be the first response message and the second response message in the above embodiment; the second identification information may be the second identification information in the above embodiment.
  • the first identification information may include at least one of the following: SUCI and GUTI; and/or the second identification information may include SUPI.
  • both the first request message and the second request message may include: key request related messages.
  • Both the first response message and the second response message may include: key response related messages.
  • Security information includes: Intermediate discovery keys.
  • the key request related message includes: RSC indicating the relay service.
  • the key request related message includes at least one of the following:
  • Type indication information used to indicate the type of discovery message for relay communication
  • the first security indication information is used to indicate the security capability of the first UE.
  • the key response related message also includes at least one of the following:
  • Algorithm identifier includes at least one of the following:
  • the first algorithm identifier is used to indicate the algorithm for encrypting and decrypting the discovery message of the relay communication
  • the second algorithm identifier is used to indicate the algorithm for integrity protection of the discovery message of the relay communication
  • Time-dependent information used to determine whether the discovery message of the relay communication is subject to a replay attack.
  • the key request related message includes: RSC indicating relay service
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • the first AMF may send the second request message for requesting security to the first PCF, so that The security information required by the first UE can be obtained.
  • the first AMF may send the first response message including the security information to the first UE, so that the first UE can obtain the security information; so This allows security information to be used for security protection when the first UE and the second UE perform relay communication discovery, thereby improving the security of the relay communication between the first UE and the second UE.
  • Embodiments of the present disclosure provide a relay communication method, executed by the first AMF, including: determining the second identification information corresponding to the first UE based on the first identification information and the first mapping relationship; wherein , the first mapping relationship includes: the corresponding relationship between the first identification information and the second identification information.
  • the first mapping relationship includes: the corresponding relationship between SUCI and SUPI, and/or the corresponding relationship between GUTI and SUPI.
  • the first request message when the first UE sends the first request message to the first AMF, the first request message includes first identification information; the first identification information may be temporary or hidden related identification information.
  • the second request message When the first AMF sends the second request message to the first PCF, the second request message may be SUPI; the second identification information may be permanent identification information.
  • AMF mainly receives temporary identification, while PCF receives permanent identification.
  • the first identification information of the first UE corresponding to the first identification information of the first UE can be accurately determined based on the first identification information of the first UE and the first mapping table stored in the first AMF. 2. Identification information; so that the first PCF subsequently sends security information related to the first UE.
  • Embodiments of the present disclosure provide a relay communication method, executed by the first AMF, including:
  • the first RSC set includes: at least one first RSC, and the first RSC is an RSC of relay services that the first UE can provide;
  • the first RSC set may be the first RSC set in the above embodiments.
  • the first RSC set sent by the first PCF can be sent to the first UE through the first AMF, so that the first UE knows the relay service that the first UE is pre-configured to provide.
  • the following relay communication method is performed by the second UE, which is similar to the above description of the relay communication method performed by the first UE and/or the first AMF; and for the relay communication method performed by the second UE
  • the relay communication method example performed by the first UE and/or the first AMF please refer to the description of the relay communication method example performed by the first UE and/or the first AMF, which will not be described in detail here.
  • an embodiment of the present disclosure provides a relay communication method, which is executed by the second UE, including:
  • Step S91 Send a third request message to the second AMF, where the third request message is used to request security information for relay communication discovery between the first UE and the second UE; where the third request message includes the second UE The third identification information; the third identification information is used by the second AMF to send the fourth request information for requesting security information to the second PCF corresponding to the second UE.
  • the third identification information may be used to identify the second UE.
  • the third identification information includes at least one of the following: SUCI and GUTI.
  • the fourth request message is used to request security information for relay communication discovery between the first UE and the second UE.
  • the fourth request message carries fourth identification information of the first UE.
  • the fourth identification signal may be used to identify the first UE.
  • the fourth identification information includes SUPI corresponding to the third identification information.
  • a second mapping relationship may be set in the second AMF; the second mapping relationship includes: the corresponding relationship between the third identification information and the fourth identification information.
  • the second mapping relationship includes: the corresponding relationship between SUCI and SUPI, and/or the corresponding relationship between GUTI and SUPI.
  • the second AMF can determine the SUPI of the first UE based on the SUCI and/or SUPI of the first UE; in this way, the second AMF can know which first UE sent the first request message, and send the second request message to the second AMF. Sent to the first PCF corresponding to the first UE.
  • Embodiments of the present disclosure provide a relay communication method, executed by the second UE, including: receiving a third response message sent by the second AMF, wherein the third response message includes: security information included in the fourth response message; The fourth response message is sent by the second PCF based on the fourth identification information of the second UE included in the third response message.
  • the third request message includes: a key request related message; the third response message includes: a key response related message; and the security information includes: an intermediate discovery key.
  • the fourth request message may include a key request related message.
  • the difference between the third request message and the third request message is that: the third request message carries third identification information; the fourth request message carries fourth identification information.
  • the fourth response message may include a key response related message.
  • the difference between the third response message and the fourth response message is that: the fourth response message carries the fourth identification information; the third response message carries the third identification information or the third response information does not carry the third Identification information and fourth identification information.
  • the key request related message includes: a relay service code RSC indicating the relay service;
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • the key request related message also includes at least one of the following:
  • Type indication information used to indicate the type of discovery message for relay communication
  • the second security indication information is used to indicate the security capability of the second UE.
  • the key response related message includes at least one of the following:
  • Algorithm identifier includes at least one of the following:
  • the first algorithm identifier is used to indicate the algorithm for encrypting and decrypting the discovery message of the relay communication
  • the second algorithm identifier is used to indicate the algorithm for integrity protection of the discovery message of the relay communication
  • Time-dependent information used to determine whether the discovery message of the relay communication is subject to a replay attack.
  • Embodiments of the present disclosure provide a relay communication method, executed by the second UE, including:
  • the relay discovery key is determined based on the intermediate discovery key; where the relay discovery key includes at least one of the following:
  • the encryption key DUCK is used to encrypt and decrypt the discovery message of the relay communication
  • the integrity assurance key DUIK is used to protect the integrity of discovery messages for relay communications.
  • Embodiments of the present disclosure provide a relay communication method, executed by the second UE, including:
  • the relay discovery key is determined.
  • Embodiments of the present disclosure provide a relay communication method, executed by the second UE, including:
  • the first announcement message includes: a discovery message encrypted based on the relay discovery key and protected by integrity; the discovery message is used to indicate that the first UE supports discovery and provides relay services;
  • Embodiments of the present disclosure provide a relay communication method, executed by the second UE, including:
  • Send a second announcement message where the second announcement message includes: a discovery request message encrypted based on the relay discovery key and protected by integrity; the discovery request message is used to request the second UE to discover the requested relay service.
  • Embodiments of the present disclosure provide a relay communication method, executed by the second UE, including:
  • the third announcement message includes: a discovery response message encrypted based on the relay discovery key and protected by integrity, wherein the discovery response message is determined based on the discovery request message;
  • the third announcement message is decrypted and verified based on the relay discovery key to obtain a discovery response message.
  • the first announcement message, the second announcement message, and the third announcement message may be respectively the same as the first announcement message, the second announcement message, and the third announcement message in the above embodiments.
  • the encryption of discovery messages based on the relay discovery key and encryption algorithm and the integrity protection based on the integrity protection algorithm are similar to the corresponding methods in the above embodiments; and based on the relay discovery key
  • the method of decrypting the message and verifying the integrity of the message by the decryption algorithm corresponding to the encryption algorithm is similar to the method in the above embodiment.
  • Embodiments of the present disclosure provide a relay communication method, executed by the second UE, which may include: receiving a second RSC set sent by the second AMF; wherein the second RSC set includes: at least one second RSC; the second RSC is The RSC of the relay service that the second UE can obtain.
  • the second RSC set may be sent by the second PCF.
  • the second RSC set may also be sent by the DDNMF corresponding to the second UE.
  • the second UE receives the discovery parameter carrying the second RSC set sent by the second AMF; the discovery parameter is sent by the second PCF or the DDNMF corresponding to the second UE.
  • the second RSC set can be obtained from the second PCF and other core network elements through the second UE, so that the relay services that the second UE can obtain can be learned.
  • the following relay communication method is executed by the second AMF, which is similar to the above description of the relay communication method executed by the first UE, the second UE and/or the first AMF; and for the relay communication method executed by the second AMF
  • the relay communication method examples performed by the first UE, the second UE, and/or the first AMF, and will not be described in detail here.
  • the embodiment of the present disclosure provides a relay communication method, which is executed by the second AMF, including:
  • Step S101 Receive a third request message sent by the second UE, where the third request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • Step S102 Based on the third identification information of the second UE carried in the third request message, send the fourth request message for requesting security information to the second PCF corresponding to the third identification information.
  • Embodiments of the present disclosure provide a relay communication method, executed by the second AMF, including: receiving a fourth response message sent by the second PCF, wherein the fourth response message includes security information;
  • a third response message carrying security information is sent to the second UE.
  • the third request message and the fourth request message may be the third request message and the fourth request message respectively in step S91;
  • the security information may be the security information in the above embodiments;
  • the third identification information, The fourth identification information may be the third identification information and the fourth identification information in the above embodiment;
  • the third response message and the fourth response message may be the third response message and the fourth response message in the above embodiment.
  • the third identification information may include at least one of the following: SUCI and GUTI; and/or the fourth identification information may include SUPI.
  • both the third request message and the fourth request message may include: key request related messages.
  • Both the third response message and the fourth response message may include: key response related messages.
  • Security information includes: Intermediate discovery keys.
  • the key request related message includes: RSC indicating the relay service.
  • the key request related message includes at least one of the following:
  • Type indication information used to indicate the type of discovery message for relay communication
  • the second security indication information is used to indicate the security capability of the second UE.
  • the key response related message also includes at least one of the following:
  • Algorithm identifier includes at least one of the following:
  • the first algorithm identifier is used to indicate the algorithm for encrypting and decrypting the discovery message of the relay communication
  • the second algorithm identifier is used to indicate the algorithm for integrity protection of the discovery message of the relay communication
  • Time-dependent information used to determine whether the discovery message of the relay communication is subject to a replay attack.
  • the key request related message includes: RSC indicating the relay service
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • Embodiments of the present disclosure provide a relay communication method, executed by the second AMF, including: determining fourth identification information corresponding to the second UE based on the third identification information and the second mapping relationship; wherein the second mapping relationship includes : The corresponding relationship between the third identification information and the fourth identification information.
  • the second mapping relationship includes: the corresponding relationship between SUCI and SUPI, and/or the corresponding relationship between GUTI and SUPI.
  • the embodiment of the present disclosure provides a relay communication method, which is executed by the second AMF, including:
  • the second RSC set includes: at least one second RSC, and the second RSC is an RSC of relay services that the second UE can obtain;
  • the second RSC set may be the second RSC set in the above embodiment.
  • the second RSC set sent by the second PCF can be sent to the second UE through the second AMF, so that the second UE knows the relay service that can be obtained.
  • the following relay communication method is executed by the first PCF, which is similar to the description of the relay communication method executed by the first UE, the second UE, the first AMF and/or the second AMF; and for the relay communication method executed by the first UE, the second UE, the first AMF and/or the second AMF;
  • the relay communication method executed by the first UE, the second UE, the first AMF and/or the second AMF For technical details not disclosed in the embodiment of the relay communication method executed by a PCF, please refer to the description of the embodiment of the relay communication method executed by the first UE, the second UE, the first AMF and/or the second AMF, which will not be discussed here. Give a detailed description.
  • an embodiment of the present disclosure provides a relay communication method, which is executed by the first PCF and includes:
  • Step S11 Receive a second request message sent by the first AMF and/or receive a fourth request message sent by the second PCF, where the second request message and/or the fourth request message are used to request the first UE and the second UE. Relay communication between discovered security information.
  • the first request message, the second request message, the third request message and the fourth request message are respectively the first request message, the second request message, the third request message and the third request message in the above embodiments.
  • Four request messages; the first response message, the second response message, the third response message and the fourth response message are respectively the first response message, the second response message, the third response message and the fourth response message in the above embodiment;
  • the first identification information, the second identification information, the third identification information and the fourth identification information are respectively the first identification information, the second identification information, the third identification information and the fourth identification information in the above embodiment;
  • the security information is the first identification information in the above embodiment. safety information.
  • the second request message and/or the fourth request message includes: key request related message; the second response message and/or the fourth response message includes: key response related message; and the security information includes: the security information includes : Key found in the middle.
  • the key request related message includes: RSC indicating the relay service.
  • the key request related message includes at least one of the following:
  • Type indication information used to indicate the type of discovery message for relay communication
  • First security indication information used to indicate the security capabilities of the second UE
  • the second security indication information is used to indicate the security capability of the second UE.
  • the key response related message also includes at least one of the following:
  • Algorithm identifier includes at least one of the following:
  • the first algorithm identifier is used to indicate the algorithm for encrypting and decrypting the discovery message of the relay communication
  • the second algorithm identifier is used to indicate the algorithm for integrity protection of the discovery message of the relay communication
  • Time-dependent information used to determine whether the discovery message of the relay communication is subject to a replay attack.
  • the key request related message includes: RSC indicating the relay service
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • Embodiments of the present disclosure provide a relay communication method, executed by the first PCF, including: determining security information based on the second request message; and/or determining security information based on the fourth request message.
  • Embodiments of the present disclosure provide a relay communication method, executed by the first PCF, including: determining an intermediate discovery key based on the relay service indicated by the received RSC.
  • the first PCF receives the key request related message, and determines the intermediate discovery message of the relay service indicated by the RSC based on the RSC carried in the key request related message. In this way, the first PCF in the embodiment of the present disclosure can generate the intermediate discovery key corresponding to the RSC through the received RSC.
  • the first PCF may save the corresponding relationship between at least one RSC and the intermediate discovery key; the first PCF may determine the intermediate discovery key of the received RSC based on the corresponding relationship between the received RSC and the intermediate discovery key.
  • the first PCF in the embodiment of the present disclosure can determine the intermediate discovery key corresponding to the received RSC through the corresponding relationship between the locally stored RSC and the intermediate discovery key and the received RCS.
  • the first PCF can save the obtained intermediate discovery key corresponding to the RSC, so that the RSC's intermediate discovery key can be subsequently determined based on the saved information; thus, the power consumption generated by generating the intermediate discovery key can be reduced.
  • Embodiments of the present disclosure provide a relay communication method, executed by the first PCF, including: determining an encryption algorithm and/or an integrity algorithm based on the first security indication information; and/or determining an encryption algorithm based on the second security indication information. and/or integrity algorithms.
  • appropriate encryption algorithms and/or integrity protection algorithms for the first UE and the second UE may be determined based on the security capabilities of the first UE and/or the second UE.
  • the first PCF may also determine any implementable encryption algorithm and/or integrity protection algorithm.
  • the first PCF sends the first algorithm identifier indicating the encryption algorithm and/or the second algorithm identifier corresponding to the integrity protection algorithm to the first AMF and/or the second PCF, so that the first UE and the second UE can Obtaining the first algorithm identifier and the second algorithm identifier only requires that the obtained first algorithm identifier and/or the second algorithm identifier of the first UE and the second UE are consistent. There is no restriction on which encryption algorithm and/or integrity protection algorithm the first PCF determines.
  • the second request message includes second identification information of the first UE
  • the method includes: sending a second response message to the first AMF, where the second response message includes a second response message of second identification information and security information.
  • Embodiments of the present disclosure provide a relay communication method, executed by the first PCF, including: sending a second response message to the first AMF, where the second response message includes a second response message of second identification information and security information.
  • sending the second response message to the first AMF includes: in response to determining that the first UE is authorized to serve the relay service indicated by the RSC based on the received RSC, sending the second response message to the first AMF.
  • Embodiments of the present disclosure provide a relay communication method, executed by the first PCF, including: in response to determining that the first UE is authorized to serve the relay service indicated by the RSC based on the received RSC, sending a second response to the first AMF. information.
  • the fourth request message includes fourth identification information of the second UE
  • the method includes: sending a fourth response message to the second PCF, where the fourth response message includes a fourth response message of fourth identification information and security information.
  • Embodiments of the present disclosure provide a relay communication method, which is executed by the first PCF and includes: sending a fourth response message to the second PCF, where the fourth response message includes a fourth response message of fourth identification information and security information. .
  • sending a fourth response message to the second PCF includes:
  • a key response related message is sent to the second PCF.
  • Embodiments of the present disclosure provide a relay communication method, executed by a first PCF, including: in response to determining that the first UE is authorized to provide a relay service to a second UE, sending a key response related message to the second PCF.
  • Embodiments of the present disclosure provide a relay communication method, executed by the first PCF, including: sending a first RSC set to the first AMF; wherein the first RSC set includes: at least one first RSC, and the first RSC is a first RSC.
  • the above embodiments can be specifically expressed in terms of the first UE, the second UE, the first AMF and/or the second AMF side, and will not be described again here.
  • the following relay communication method is executed by the second PCF, which is similar to the above description of the relay communication method executed by the first UE, the second UE, the first AMF, the second AMF and/or the first PCF; And for technical details not disclosed in the embodiments of the relay communication method performed by the second PCF, please refer to the relay communication performed by the first UE, the second UE, the first AMF, the second AMF and/or the first PCF. The description of method examples will not be described in detail here.
  • the embodiment of the present disclosure provides a relay communication method, which is executed by the second PCF, including:
  • Step S1201 Receive a fourth request message sent by the second AMF, where the fourth request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • Step S1202 Send a fourth request message for requesting security information to the first PCF.
  • the fourth request message includes fourth identification information of the second UE
  • the method includes: sending a fourth response message to the first AMF, where the fourth response message includes fourth identification information and security information.
  • Embodiments of the present disclosure provide a relay communication method, executed by the second PCF, including: sending a fourth response message to the first AMF, where the fourth response message includes fourth identification information and security information.
  • the third request message and the fourth request message are respectively the third request message and the fourth request message in the above embodiment; the third response message and the fourth response message are respectively the third request message in the above embodiment.
  • the third response message and the fourth response message; the third identification information and the fourth identification information are respectively the third identification information and the fourth identification information in the above embodiment; the security information is the security information in the above embodiment.
  • the fourth request message includes: key request related message; the fourth response message includes: key response related message; and the security information includes: the security information includes: intermediate discovery key.
  • the key request related message includes: RSC indicating the relay service
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate information key for the RSC and the identification information of the intermediate information key.
  • step S1202 includes:
  • a fourth request message for requesting security information is sent to the first PCF.
  • Embodiments of the present disclosure provide a relay communication method, executed by the second PCF, including: if it is determined that the second UE is authorized to discover the relay service, sending a fourth request message for requesting security information to the first PCF.
  • the second PCF is configured with a mapping table of the RSC and the address of the PCF of the potential U2N relay that provides the relay service indicated by the RSC. In this way, the second PCF can determine the first PCF that needs to send the fourth request message based on the RSC included in the third request message.
  • Embodiments of the present disclosure provide a relay communication method, executed by the second PCF, including: sending a second RSC set to the second AMF; wherein the second RSC set includes: at least one second RSC, and the second RSC is a second RSC.
  • the RSC of the relay service that the UE can obtain.
  • the above embodiments can be specifically expressed as the first UE, the second UE, the first AMF, the second AMF and/or the first PCF side, and will not be described again here.
  • the following relay communication method is performed by a network device, and the description of the above relay communication method performed by the first UE, the second UE, the first AMF, the second AMF, the first PCF and/or the second PCF is: Similar; and for technical details not disclosed in the embodiments of the relay communication method performed by the network device, please refer to the first UE, the second UE, the first AMF, the second AMF, the first PCF and/or the network device.
  • the description of the implemented relay communication method example will not be described in detail here.
  • an embodiment of the present disclosure provides a relay communication method, which is executed by a network device and includes:
  • Step S131 Obtain the request message sent by the UE; the request message carries the identification information of the UE; the request message is used to request security information for relay communication discovery between the UE and the UE;
  • Step S132 Send a response message carrying security information to the UE.
  • the UE may be the first UE and/or the second UE in the above embodiments; if the UE is the first UE, the identification information of the UE may be the first identification information and/or the second UE in the above embodiments. or the second identification information; if the UE is the second UE, the identification information of the UE may be the third identification and/or the fourth identification information in the above embodiment. If the UE is the first UE, the request message may be the first request message and/or the second request message in the above embodiment; if the UE is the second UE, the request message may be the third request message and/or the third request message in the above embodiment. Four request messages.
  • the response message may be the first response message and/or the second response message in the above embodiment; if the UE is the second UE, the response message may be the third response message and/or the third response message in the above embodiment.
  • the security information in some embodiments of the present disclosure may be the security information in the above embodiments.
  • the UE includes: a first UE; the network device includes: a first AMF and a first PCF;
  • Step S131 includes: the first AMF obtains the first request message sent by the first UE; and based on the first identification information carried in the first request message, sends the second request message carrying the second identification information to the first PCF; Wherein, the first request message and/or the second request message are used to request security information for relay communication discovery between the first UE and the second UE;
  • Step S132 includes: the first AMF obtains the second response message sent by the first PCF, and sends the first response message to the first UE based on the second identification information of the second response message; wherein, the first response message and/ Or the second response message carries security information.
  • Embodiments of the present disclosure provide a relay communication method, which is executed by a network device.
  • the network device includes a first AMF and a first PCF, including:
  • the first AMF obtains the first request message sent by the first UE; and based on the first identification information carried in the first request message, sends the second request message carrying the second identification information to the first PCF; wherein, the first request The message and/or the second request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the first AMF obtains the second response message sent by the first PCF, and sends the first response message to the first UE based on the second identification information of the second response message; wherein the first response message and/or the second response message carry safety information.
  • the first request message and/or the second request message includes: a relay service code RSC indicating the relay service;
  • the first response message and/or the second response message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • the UE includes a second UE;
  • the network device includes: a second AMF, a first PCF, and a second PCF;
  • Step S131 includes:
  • the second AMF obtains the third request message sent by the second UE; and based on the third identification information carried in the third request message, sends the fourth request message carrying the fourth identification information to the second PCF; wherein, the third request message and/or the fourth request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the second PFC sends the fourth request message to the first PCF
  • Step S132 includes:
  • the first PCF sends the fourth response message to the second PCF
  • the second AMF obtains the fourth response message sent by the second PFC; and based on the fourth identification information of the fourth response message, sends the third response message to the second UE; wherein, the third response message and/or the fourth response message carry safety information.
  • Embodiments of the present disclosure provide a relay communication method, which is executed by a network device.
  • the network device includes a second AMF, a first PCF, and a second PCF, including:
  • the second AMF obtains the third request message sent by the second UE; and based on the third identification information carried in the third request message, sends the fourth request message carrying the fourth identification information to the second PCF; wherein, the third request message and/or the fourth request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the second PFC sends the fourth request message to the first PCF
  • the first PCF sends the fourth response message to the second PCF
  • the second AMF obtains the fourth response message sent by the second PFC; and based on the fourth identification information of the fourth response message, sends the third response message to the second UE; wherein, the third response message and/or the fourth response message carry safety information.
  • the second PFC sends a fourth request message to the first PCF, including:
  • the second PCF determines to authorize the second UE to discover the relay service, and sends the fourth request message to the first PCF;
  • the first PCF sends the fourth response message to the second PCF, including:
  • the first PCF determines that the first UE is authorized to provide relay services to the second UE, and sends a fourth response message to the second PCF.
  • Embodiments of the present disclosure provide a relay communication method, which is executed by a network device.
  • the network device includes a first PCF and a second PCF, including:
  • the second PCF determines to authorize the second UE to discover the relay service, and sends the fourth request message to the first PCF;
  • the first PCF determines that the first UE is authorized to provide relay services to the second UE, and sends a fourth response message to the second PCF.
  • the third request message and/or the fourth request message includes: an RSC indicating the relay service
  • the third response message and/or the fourth response message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • the above embodiments can be specifically expressed as the first UE, the second UE, the first AMF, the second AMF and/or the first PCF side, and will not be described again here.
  • an embodiment of the present disclosure provides a relay communication method, which is executed by a communication device.
  • the communication device includes: a first UE, a second UE, a first AMF, a second AMF, a first PCF, and a second PCF.
  • the first UE is the U2N relay
  • the second UE is the remote UE
  • the first AMF is the AMF of the U2N relay
  • the second AMF is the AMF of the remote UE
  • the first PCF is the PCF of the U2N relay
  • the third The second PCF is the PCF of the remote UE
  • the relay communication method has the following steps:
  • the PCF of the remote UE is configured with a mapping table of the RSC and the address of the PCF of the potential U2N relay that provides the relay service indicated by the RSC.
  • Step S1300a During the service authorization and information provision process, the U2N relay obtains discovery parameters from the PCF of the U2N relay;
  • the parameters discovered in step S1300a include at least one RSC; the parameters discovered in step S1300a may include the first RSC set in the above embodiment.
  • Step S1300b During the service authorization and information provision process, the remote UE obtains the discovery parameters from the PCF of the remote UE;
  • the parameters discovered in step S1300b include at least one RSC; the parameters discovered in step S1300b may include the second RSC set in the above embodiment.
  • Step S1301 The U2N relay sends a first request message to the AMF of the U2N relay.
  • the first request message includes: an RSC instructing the relay service, and an intermediate discovery key instructing the U2N relay to request relay discovery from the PCF of the U2N relay.
  • PRDK PRDK type indication information, security indication information indicating the security capabilities of the U2N relay, and the SUCI and/or 5G GUTI of the U2N relay;
  • the first request message is used to request an intermediate discovery key for relay communication discovery between the remote UE and the U2N relay.
  • Step S1302 The AMF of the U2N relay sends a Namf_Communication_N1 message to the PCF of the U2N relay.
  • the Namf_Communication_N1 message includes: RSC indicating the relay service, type indication information, security indication information indicating the security capability of the U2N relay, and U2N relay security indication information.
  • the Namf_Communication_N1 message in step S1302 may be the second request message in the above embodiment; the Namf_Communication_N1 message is used to request the intermediate discovery key for relay communication discovery between the remote UE and the U2N relay.
  • the method before step S1302, includes: the AMF of the U2N relay determines the SUPI of the U2N relay based on the SUCI and/or 5G GUTI of the U2N relay and the first mapping relationship; wherein, the first mapping relationship Including the predefined correspondence between SUCI and SUPI, and/or the predefined correspondence between GUTI and SUPI.
  • Step S1303 The PCF of the U2N relay sends security information to the AMF of the U2N relay;
  • the security information includes: the intermediate discovery key, the identification information of the intermediate discovery key, the first algorithm identification indicating the encryption algorithm, the second algorithm identification indicating the integrity protection algorithm, and the SUPI of the U2N relay.
  • sending the security information in step S1303 may be: sending a second response message carrying the security information.
  • the method before step S1303, includes: based on the received RSC, verifying that the U2N relay is a relay service indicated by the authorized service RSC.
  • the security information includes: time-related information, wherein the time-related information includes: at least one of current time, maximum offset, and valid timer.
  • the PCF of the U2N relay generates the intermediate discovery key (PRDK) and the identification information (ID) of the intermediate discovery key based on the RSC; the PCF of the U2N relay determines the user based on the security capability of the U2N relay. Encryption algorithm and integrity protection algorithm for protecting discovery messages broadcast between the remote UE and the U2N relay.
  • Step S1304 The AMF of the U2N relay sends security information to the U2N relay;
  • the security information includes: the intermediate discovery key, the identification information of the intermediate discovery key, the first algorithm identification indicating the encryption algorithm, and the second algorithm identification indicating the integrity protection algorithm. algorithm identification;
  • sending the security information in step S1304 may be: sending a first response message carrying the security information.
  • the AMF of the U2N relay may send security information to which U2N relay based on the SUPI of the U2N relay.
  • Step S1305 The remote UE sends a third request message to the AMF of the remote UE.
  • the third request message includes: an RSC indicating the relay service, and an intermediate discovery key indicating the remote UE requests relay discovery from the PCF of the remote UE.
  • PRDK PRDK type indication information, security indication information indicating the security capabilities of the remote UE, and the SUCI and/or 5G GUTI of the remote UE;
  • the third request message is used to request an intermediate discovery key for relay communication discovery between the remote UE and the U2N relay.
  • Step S1306 The AMF of the remote UE sends a Namf_Communication_N1 message to the PCF of the remote UE.
  • the Namf_Communication_N1 message includes: RSC indicating the relay service, type indication information, security indication information indicating the security capability of the remote UE, and the security indication information of the remote UE.
  • the Namf_Communication_N1 message in step S1306 may be the fourth request message in the above embodiment; the Namf_Communication_N1 message is used to request the intermediate discovery key for relay communication discovery between the remote UE and the U2N relay.
  • the method before step S1306, includes: the AMF of the remote UE determines the SUPI of the remote UE based on the SUCI and/or 5G GUTI of the remote UE and the second mapping relationship; wherein, the second mapping relationship Including the predefined correspondence between SUCI and SUPI, and/or the predefined correspondence between GUTI and SUPI.
  • Step S1307 The PCF of the remote UE verifies that the remote UE is authorized to request the intermediate discovery key of the relay service indicated by the RSC;
  • Step S1308 The PCF of the remote UE determines the PCF of the potential U2N relay based on the received RSC, and sends the Namf_Communication_N1 message to the PCF of the U2N relay;
  • the Namf_Communication_N1 message includes: RSC indicating the relay service, type indication information, security indication information indicating the security capability of the U2N relay, and SUPI of the U2N relay.
  • Step S1309 The PCF of the U2N relay sends security information to the PCF of the remote UE; the security information includes: the intermediate discovery key, the identification information of the intermediate discovery key, the first algorithm identification indicating the encryption algorithm, and the integrity protection indicating The second algorithm identifier of the algorithm and the SUPI of the remote UE.
  • sending the security information in step S1309 may be: sending a fourth response message carrying the security information.
  • the process before step S1309, the process includes: the PCF of the U2N relay determines that the relay service indicated by the RSC authorization received can be served by the PCF of the U2N relay.
  • the PCF of the U2N relay generates the intermediate discovery key (PRDK) and the identification information (ID) of the intermediate discovery key based on the RSC; the PCF of the U2N relay determines the user based on the security capability of the U2N relay. Encryption algorithm and integrity protection algorithm for protecting discovery messages broadcast between the remote UE and the U2N relay.
  • the security information obtained in step S1309 can also be obtained directly based on the security information obtained in S1304.
  • the security information includes: time-related information, wherein the time-related information includes: at least one of current time, maximum offset, and valid timer.
  • Step S1310 The PCF of the remote UE sends security information to the AMF of the remote UE; the security information includes: the intermediate discovery key, the identification information of the intermediate discovery key, the first algorithm identification indicating the encryption algorithm, and the integrity protection indicating The second algorithm identifier of the algorithm and the SUPI of the remote UE.
  • sending the security information in step S1310 may be: sending a fourth response message carrying the security information.
  • Step S1311 The AMF of the remote UE sends security information to the remote UE; the security information includes: the intermediate discovery key, the identification information of the intermediate discovery key, the first algorithm identification indicating the encryption algorithm, and the first algorithm identification indicating the integrity protection algorithm. Second algorithm identification;
  • sending the security information in step S1311 may be: sending a third response message carrying the security information.
  • Step S1312 The U2N relay determines the relay discovery key based on the intermediate discovery key, the first algorithm identifier, and the second algorithm identifier; the relay discovery key includes: DUCK and DUIK;
  • the relay discovery key includes DUSK.
  • Step S1313 The U2N relay broadcasts a discovery announcement message, where the discovery announcement message includes a discovery announcement message encrypted using the relay discovery key and encryption algorithm and protected based on the integrity protection algorithm;
  • the discovery announcement message in step S1213 may be the first announcement message in the above embodiment.
  • Step S1314 The remote UE determines the relay discovery key based on the intermediate discovery key, the first algorithm identifier, and the second algorithm identifier; the relay discovery key includes: DUCK and DUIK;
  • Step S1315 The remote UE verifies and decrypts the discovery announcement message based on the relay discovery key
  • step S1315 the remote UE verifies and decrypts the discovery announcement message based on the relay discovery key to obtain the discovery message.
  • Step S1316 The remote UE and the U2N relay continue to perform the remaining process of the relay service.
  • an embodiment of the present disclosure provides a relay communication method, which is executed by a communication device.
  • the communication device includes: a first UE, a second UE, a first AMF, a second AMF, a first PCF, and a second PCF.
  • the first UE is the U2N relay
  • the second UE is the remote UE
  • the first AMF is the AMF of the U2N relay
  • the second AMF is the AMF of the remote UE
  • the first PCF is the PCF of the U2N relay
  • the third The second PCF is the PCF of the remote UE
  • the relay communication method has the following steps:
  • the PCF of the remote UE is configured with a mapping table of the RSC and the address of the PCF of the potential U2N relay that provides the relay service indicated by the RSC.
  • Steps S1400a to S1411 are the same as steps S1300a to S1411 in the above embodiment;
  • Step S1412 The U2N relay determines the relay discovery key based on the intermediate discovery key, the first algorithm identifier, and the second algorithm identifier; the relay discovery key includes: DUCK and DUIK;
  • the relay discovery key may include DUSK.
  • Step S1413 The remote UE determines the relay discovery key based on the intermediate discovery key, the first algorithm identifier, and the second algorithm identifier; the relay discovery key includes: DUCK and DUIK;
  • Step S1414 The remote UE broadcasts a request announcement message, where the request announcement message includes a discovery request message;
  • the announcement message requested in step S1414 is the second announcement message in the above embodiment.
  • the discovery request message included in the request announcement message is encrypted using the relay discovery key and encryption algorithm and protected based on the integrity protection algorithm.
  • Step S1415 The U2N relay decrypts and verifies the request announcement message based on the relay discovery key
  • Step S1416 The U2N relay broadcasts a response announcement message, and the response announcement message includes a discovery response message;
  • the response announcement message in step S1416 is the third announcement message in the above embodiment.
  • the discovery response message included in the response announcement message is encrypted using the relay discovery key and encryption algorithm and protected based on the integrity protection algorithm.
  • Step S1417 The remote UE decrypts and verifies the response announcement message based on the relay discovery key
  • Step S1418 The remote UE and the U2N relay continue to perform the remaining process of the relay service.
  • an embodiment of the present disclosure provides a relay communication device, which is executed by the first UE and includes:
  • the first sending module 21 is configured to send a first request message to the first AMF, where the first request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the first request message includes first identification information of the first UE; the first identification information is used by the first AMF to send the second request information for requesting security information to the first PCF corresponding to the first UE.
  • Embodiments of the present disclosure provide a relay communication device, executed by a first UE, including: a first receiving module configured to receive a first response message sent by the first AMF, wherein the first response message includes: a second response The security information included in the message; the second response message is sent by the first PCF based on the second identification information of the first UE included in the second response message.
  • the first identification information includes at least one of the following: SUCI; and GUTI;
  • the second identification information includes the SUPI corresponding to the first identification information.
  • the first request message includes: a key request related message; the first response message includes: a key response related message; and the security information includes: an intermediate discovery key.
  • the key request related message includes: indicating RSC;
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • the key request related message further includes at least one of the following:
  • Type indication information used to indicate the type of discovery message for relay communication
  • the first security indication information is used to indicate the security capability of the first UE.
  • the key response related message also includes at least one of the following:
  • Algorithm identifier includes at least one of the following:
  • the first algorithm identifier is used to indicate the algorithm for encrypting and decrypting the discovery message of the relay communication
  • the second algorithm identifier is used to indicate the algorithm for integrity protection of the discovery message of the relay communication
  • Time-dependent information used to determine whether the discovery message of the relay communication is subject to a replay attack.
  • Embodiments of the present disclosure provide a relay communication device, executed by a first UE, including: a first processing module configured to determine a relay discovery key based on an intermediate discovery key; wherein the relay discovery key includes at least the following: one:
  • the encryption key DUCK is used to encrypt and decrypt the discovery message of the relay communication
  • the integrity assurance key DUIK is used to protect the integrity of discovery messages for relay communications.
  • An embodiment of the present disclosure provides a relay communication device, executed by a first UE, including:
  • the first processing module is configured to determine the relay discovery key based on the intermediate discovery key and the algorithm identifier; or,
  • the first processing module is configured to determine the relay discovery key based on the intermediate discovery key, the algorithm identification and the RSC.
  • Embodiments of the present disclosure provide a relay communication device, executed by a first UE, including: a first sending module 21 configured to send a first announcement message, wherein the first announcement message includes: encryption based on the relay discovery key and an integrity-protected discovery message; the discovery message is used to indicate that the first UE supports discovery and provides relay services.
  • An embodiment of the present disclosure provides a relay communication device, executed by a first UE, including:
  • the first receiving module is configured to receive a second announcement message, where the second announcement message includes: a discovery request message encrypted based on the relay discovery key and protected by integrity; the discovery request message is used to request the second UE to discover the Requested relay service;
  • a first processing module configured to decrypt and verify the second announcement message based on the relay discovery key to obtain the discovery request message.
  • Embodiments of the present disclosure provide a relay communication device, executed by a first UE, including: a first sending module 21 configured to send a third announcement message, wherein the third announcement message includes: encryption based on the relay discovery key and an integrity-protected discovery response message, wherein the discovery response message is determined based on the discovery request message.
  • Embodiments of the present disclosure provide a relay communication device, executed by a first UE, including: a first receiving module configured to receive a first RSC set sent by a first AMF; wherein the first RSC set includes: at least a first One RSC; the first RSC is the RSC of the relay service that the first UE can provide.
  • an embodiment of the present disclosure provides a relay communication device, which is executed by the first AMF and includes:
  • the second receiving module 31 is configured to receive a first request message sent by the first user equipment UE, where the first request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the second sending module 32 is configured to send the second request message for requesting security information to the first policy control corresponding to the first identification information based on the first identification information of the first UE carried in the first request message. Function PCF.
  • An embodiment of the present disclosure provides a relay communication device, executed by the first AMF, including:
  • the second receiving module 31 is configured to receive a second response message sent by the first PCF, where the second response message includes security information;
  • the second sending module 32 is configured to send the first response message carrying the security information to the first UE based on the second identification information of the first UE carried in the second response message.
  • Embodiments of the present disclosure provide a relay communication device, executed by a first AMF, including: a second processing module configured to determine second identification information corresponding to the first UE based on the first identification information and the first mapping relationship. ; Wherein, the first mapping relationship includes: a corresponding relationship between the first identification information and the second identification information.
  • the first identification information includes at least one of the following: SUCI, and GUTI;
  • the second identification information includes: user subscription permanent identification SUPI.
  • the second request message includes: a key request related message; the second response message includes: a key response related message; and the security information includes: an intermediate discovery key.
  • the key request related message includes: a relay service code RSC indicating the relay service;
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • An embodiment of the present disclosure provides a relay communication device, executed by the first AMF, including:
  • the second receiving module 31 is configured to receive the first RSC set sent by the first PCF; wherein the first RSC set includes: at least one first RSC, and the first RSC is the RSC of the relay service that the first UE can provide;
  • the second sending module 32 is configured to send the first RSC set to the first UE.
  • an embodiment of the present disclosure provides a relay communication device, which is executed by the second UE and includes:
  • the third sending module 41 is configured to send a third request message to the second AMF, where the third request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the third request message includes third identification information of the second UE; the third identification information is used by the second AMF to send the fourth request information for requesting security information to the second PCF corresponding to the second UE.
  • Embodiments of the present disclosure provide a relay communication device, executed by a second UE, including: a third receiving module configured to receive a third response message sent by the second AMF, wherein the third response message includes: a fourth response The security information included in the message; the fourth response message is sent by the second PCF based on the fourth identification information of the second UE included in the third response message.
  • the third identification information includes at least one of the following: SUCI; and GUTI;
  • the fourth identification information includes SUPI corresponding to the third identification information.
  • the third request message includes: a key request related message; the third response message includes: a key response related message; and the security information includes: an intermediate discovery key.
  • the key request related message includes: a relay service code RSC indicating the relay service;
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • the key request related message also includes at least one of the following:
  • Type indication information used to indicate the type of discovery message for relay communication
  • the second security indication information is used to indicate the security capability of the second UE.
  • the key response related message includes at least one of the following:
  • Algorithm identifier includes at least one of the following:
  • the first algorithm identifier is used to indicate the algorithm for encrypting and decrypting the discovery message of the relay communication
  • the second algorithm identifier is used to indicate the algorithm for integrity protection of the discovery message of the relay communication
  • Time-dependent information used to determine whether the discovery message of the relay communication is subject to a replay attack.
  • Embodiments of the present disclosure provide a relay communication device, executed by a second UE, including: a third processing module configured to determine a relay discovery key based on an intermediate discovery key; wherein the relay discovery key includes at least the following: one:
  • the encryption key DUCK is used to encrypt and decrypt the discovery message of the relay communication
  • the integrity assurance key DUIK is used to protect the integrity of discovery messages for relay communications.
  • An embodiment of the present disclosure provides a relay communication device, executed by a second UE, including:
  • the third processing module is configured to determine the relay discovery key based on the intermediate discovery key and the algorithm identifier; or,
  • the third processing module is configured to determine the relay discovery key based on the intermediate discovery key, the algorithm identification and the RSC.
  • An embodiment of the present disclosure provides a relay communication device, executed by a second UE, including:
  • the third receiving module is configured to receive the first announcement message, wherein the first announcement message includes: a discovery message encrypted based on the relay discovery key and protected by integrity; the discovery message is used to indicate that the first UE supports discovery provision Relay services;
  • the third processing module is configured to decrypt and verify the first announcement message based on the relay discovery key to obtain the discovery message.
  • An embodiment of the present disclosure provides a relay communication device, executed by a second UE, including: a third sending module 41 configured to send a second announcement message, wherein the second announcement message includes: encryption based on the relay discovery key and an integrity-protected discovery request message; the discovery request message is used to request the second UE to discover the requested relay service.
  • An embodiment of the present disclosure provides a relay communication device, executed by a second UE, including:
  • the third receiving module is configured to receive a third announcement message, wherein the third announcement message includes: a discovery response message encrypted based on the relay discovery key and protected by integrity, wherein the discovery response message is determined based on the discovery request message;
  • the third processing module is configured to decrypt and verify the third announcement message based on the relay discovery key to obtain the discovery response message.
  • An embodiment of the present disclosure provides a relay communication device, executed by a second UE, including: a third receiving module configured to receive a second RSC set sent by the second AMF; wherein the second RSC set includes: at least a first Two RSCs; the second RSC is the RSC of the relay service that the second UE can obtain.
  • an embodiment of the present disclosure provides a relay communication device, which is executed by the second AMF and includes:
  • the fourth receiving module 51 is configured to receive a third request message sent by the second user equipment UE, where the third request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the fourth sending module 52 is configured to send the fourth request message for requesting security information to the second policy control corresponding to the third identification information based on the third identification information of the second UE carried in the third request message. Function PCF.
  • An embodiment of the present disclosure provides a relay communication device, executed by the second AMF, including:
  • the fourth receiving module 51 is configured to receive a fourth response message sent by the second PCF, where the fourth response message includes security information;
  • the fourth sending module 52 is configured to send the third response message carrying the security information to the second UE based on the fourth identification information of the second UE carried in the fourth response message.
  • Embodiments of the present disclosure provide a relay communication device, executed by the second AMF, including: a fourth processing module configured to determine fourth identification information corresponding to the second UE based on the third identification information and the second mapping relationship. ; Wherein, the second mapping relationship includes: a corresponding relationship between the third identification information and the fourth identification information.
  • the third identification information includes at least one of the following: SUCI, and GUTI;
  • the fourth identification information includes: SUPI.
  • the fourth request message includes: key request related message; the fourth response message includes: key response related message; and the security information includes: intermediate discovery key.
  • the key request related message includes: a relay service code RSC indicating the relay service;
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • An embodiment of the present disclosure provides a relay communication device, executed by the second AMF, including:
  • the fourth receiving module 51 is configured to receive the second RSC set sent by the second PCF; wherein the second RSC set includes: at least one second RSC, and the second RSC is the RSC of the relay service that the second UE can obtain;
  • the fourth sending module 52 is configured to send the second RSC set to the second UE.
  • an embodiment of the present disclosure provides a relay communication device, which is executed by the first PCF and includes:
  • the fifth receiving module 61 is configured to receive the second request message sent by the first AMF and/or receive the fourth request message sent by the second PCF, where the second request message and/or the fourth request message are used to request the third request message.
  • the second request message includes second identification information of the first UE.
  • An embodiment of the present disclosure provides a relay communication device, executed by a first PCF, including: a fifth sending module configured to send a second response message to the first AMF, where the second response message includes second identification information and Second response message for security information.
  • the fourth request message includes fourth identification information of the second UE
  • Embodiments of the present disclosure provide a relay communication device, executed by a first PCF, including: a fifth sending module configured to send a fourth response message to the second PCF, where the fourth response message includes fourth identification information and The fourth response message for security information.
  • the second request message and/or the fourth request message includes: a key request related message; the second response message and/or the fourth response message includes: a key response related message; and the security information includes: security Information includes: Intermediate discovery key.
  • the key request related message includes: an RSC indicating the relay service
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate information key for the RSC and the identification information of the intermediate information key.
  • Embodiments of the present disclosure provide a relay communication device, executed by a first PCF, including: a fifth sending module configured to send a message to the second PCF in response to determining that the first UE is authorized to provide a relay service to the second UE. Key response related messages.
  • An embodiment of the present disclosure provides a relay communication device, executed by a first PCF, including: a fifth sending module configured to send a first RSC set to the first AMF; wherein the first RSC set includes: at least one first RSC, the first RSC is the RSC of the relay service that the first UE can provide.
  • an embodiment of the present disclosure provides a relay communication device, which is executed by the second PCF and includes:
  • the sixth receiving module 71 is configured to receive a fourth request message sent by the second AMF, where the fourth request message is used to request security information for relay communication discovery between the first user equipment UE and the second UE;
  • the sixth sending module 72 is configured to send a fourth request message for requesting security information to the first PCF.
  • Embodiments of the present disclosure provide a relay communication device, executed by the second PCF, including: a sixth sending module 62 configured to send a request for security information to the first PCF if it is determined that the second UE is authorized to discover the relay service.
  • the fourth request message is configured to send a request for security information to the first PCF if it is determined that the second UE is authorized to discover the relay service.
  • the fourth request message includes fourth identification information of the second UE
  • Embodiments of the present disclosure provide a relay communication device, executed by the second PCF, including: a sixth sending module 62 configured to send a fourth response message to the first AMF, where the fourth response information includes fourth identification information. and safety information.
  • the fourth request message includes: a key request related message; the fourth response message includes: a key response related message; and the security information includes: an intermediate discovery key.
  • the key request related message includes: an RSC indicating the relay service
  • the key response related message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • the embodiment of the present disclosure provides a relay communication device, executed by the second PCF, including: a sixth sending module 62 configured to send a second RSC set to the second AMF; wherein the second RSC set includes: at least a first Two RSCs, the second RSC is the RSC of the relay service that the second UE can obtain.
  • an embodiment of the present disclosure provides a relay communication device, which is applied to network equipment and includes:
  • the seventh receiving module 81 is configured to obtain the request message sent by the UE; wherein the request message carries the identification information of the UE; the request message is used to request security information for relay communication discovery between the UE and the UE;
  • the seventh sending module 82 is configured to send a response message carrying security information to the UE.
  • An embodiment of the present disclosure provides a relay communication device applied to network equipment.
  • the network equipment includes a first AMF and a first PCF; wherein,
  • the first AMF obtains the first request message sent by the first UE; and based on the first identification information carried in the first request message, sends the second request message carrying the second identification information to the first PCF; wherein, the first request The message and/or the second request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the first AMF obtains the second response message sent by the first PCF, and sends the first response message to the first UE based on the second identification information of the second response message; wherein the first response message and/or the second response message carry safety information.
  • the first request message and/or the second request message includes: a relay service code RSC indicating the relay service;
  • the first response message and/or the second response message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • Embodiments of the present disclosure provide a relay communication device applied to network equipment.
  • the network equipment includes a second AMF, a first PCF, and a second PCF; wherein,
  • the second AMF obtains the third request message sent by the second UE; and based on the third identification information carried in the third request message, sends the fourth request message carrying the fourth identification information to the second PCF; wherein, the third request message and/or the fourth request message is used to request security information for relay communication discovery between the first UE and the second UE;
  • the second PFC sends the fourth request message to the first PCF
  • the first PCF sends the fourth response message to the second PCF
  • the second AMF obtains the fourth response message sent by the second PFC; and based on the fourth identification information of the fourth response message, sends the third response message to the second UE; wherein, the third response message and/or the fourth response message carry safety information.
  • Embodiments of the present disclosure provide a relay communication device applied to network equipment.
  • the network equipment includes a first PCF and a second PCF; wherein,
  • the second PCF determines to authorize the second UE to discover the relay service, and sends the fourth request message to the first PCF;
  • the first PCF determines that the first UE is authorized to provide relay services to the second UE, and sends a fourth response message to the second PCF.
  • the third request message and/or the fourth request message includes: an RSC indicating the relay service
  • the third response message and/or the fourth response message includes: the intermediate discovery key for the RSC, or the intermediate discovery key for the RSC and the identification information of the intermediate discovery key.
  • An embodiment of the present disclosure provides a communication device, including:
  • Memory used to store instructions executable by the processor
  • the processor is configured to implement the positioning method of any embodiment of the present disclosure when running executable instructions.
  • communication equipment may include but is not limited to at least one of: core network equipment, access network equipment, and UE.
  • the UE may be the first UE or the second UE in the above embodiment;
  • the core network device may be the first AMF, the second AMF, the first PCF or the second PCF in the above embodiment.
  • the processor may include various types of storage media, which are non-transitory computer storage media that can continue to memorize the information stored thereon after the user equipment is powered off.
  • the processor may be connected to the memory through a bus or the like, and be used to read the executable program stored on the memory, for example, at least one of the methods shown in FIGS. 4 to 15 .
  • An embodiment of the present disclosure also provides a computer storage medium.
  • the computer storage medium stores a computer executable program.
  • the executable program is executed by a processor, the positioning method of any embodiment of the present disclosure is implemented. For example, at least one of the methods shown in Figures 4 to 15.
  • Figure 23 is a block diagram of a user equipment 800 according to an exemplary embodiment.
  • the user device 800 may be a mobile phone, a computer, a digital broadcast user device, a messaging device, a game console, a tablet device, a medical device, a fitness device, a personal digital assistant, or the like.
  • the user device 800 may include one or more of the following components: a processing component 802 , a memory 804 , a power supply component 806 , a multimedia component 808 , an audio component 810 , an input/output (I/O) interface 812 , and a sensor component 814 , and communication component 816.
  • Processing component 802 generally controls the overall operations of user device 800, such as operations associated with display, phone calls, data communications, camera operations, and recording operations.
  • the processing component 802 may include one or more processors 820 to execute instructions to complete all or part of the steps of the above method.
  • processing component 802 may include one or more modules that facilitate interaction between processing component 802 and other components.
  • processing component 802 may include a multimedia module to facilitate interaction between multimedia component 808 and processing component 802.
  • Memory 804 is configured to store various types of data to support operations at user device 800 . Examples of such data include instructions for any application or method operating on user device 800, contact data, phonebook data, messages, pictures, videos, etc.
  • Memory 804 may be implemented by any type of volatile or non-volatile storage device, or a combination thereof, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EEPROM), Programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disk.
  • SRAM static random access memory
  • EEPROM electrically erasable programmable read-only memory
  • EEPROM erasable programmable read-only memory
  • EPROM Programmable read-only memory
  • PROM programmable read-only memory
  • ROM read-only memory
  • magnetic memory flash memory, magnetic or optical disk.
  • Power supply component 806 provides power to various components of user equipment 800.
  • Power supply components 806 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power to user device 800 .
  • Multimedia component 808 includes a screen that provides an output interface between the user device 800 and the user.
  • the screen may include a liquid crystal display (LCD) and a touch panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive input signals from the user.
  • the touch panel includes one or more touch sensors to sense touches, swipes, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide action.
  • multimedia component 808 includes a front-facing camera and/or a rear-facing camera.
  • the front camera and/or the rear camera may receive external multimedia data.
  • Each front-facing camera and rear-facing camera can be a fixed optical lens system or have a focal length and optical zoom capabilities.
  • Audio component 810 is configured to output and/or input audio signals.
  • audio component 810 includes a microphone (MIC) configured to receive external audio signals when user device 800 is in operating modes, such as call mode, recording mode, and voice recognition mode. The received audio signal may be further stored in memory 804 or sent via communication component 816 .
  • audio component 810 also includes a speaker for outputting audio signals.
  • the I/O interface 812 provides an interface between the processing component 802 and a peripheral interface module, which may be a keyboard, a click wheel, a button, etc. These buttons may include, but are not limited to: Home button, Volume buttons, Start button, and Lock button.
  • Sensor component 814 includes one or more sensors that provide various aspects of status assessment for user device 800 .
  • the sensor component 814 can detect the open/closed state of the device 800, the relative positioning of components, such as the display and keypad of the user device 800, the sensor component 814 can also detect the user device 800 or a component of the user device 800. position changes, the presence or absence of user contact with user device 800 , user device 800 orientation or acceleration/deceleration and temperature changes of user device 800 .
  • Sensor assembly 814 may include a proximity sensor configured to detect the presence of nearby objects without any physical contact.
  • Sensor assembly 814 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications.
  • the sensor component 814 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
  • Communication component 816 is configured to facilitate wired or wireless communication between user device 800 and other devices.
  • User equipment 800 may access a wireless network based on a communication standard, such as WiFi, 4G or 5G, or a combination thereof.
  • the communication component 816 receives broadcast signals or broadcast related information from an external broadcast management system via a broadcast channel.
  • the communications component 816 also includes a near field communications (NFC) module to facilitate short-range communications.
  • NFC near field communications
  • the NFC module can be implemented based on radio frequency identification (RFID) technology, infrared data association (IrDA) technology, ultra-wideband (UWB) technology, Bluetooth (BT) technology and other technologies.
  • RFID radio frequency identification
  • IrDA infrared data association
  • UWB ultra-wideband
  • Bluetooth Bluetooth
  • user equipment 800 may be configured by one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable A programmable gate array (FPGA), controller, microcontroller, microprocessor or other electronic component implementation is used to perform the above method.
  • ASICs application specific integrated circuits
  • DSPs digital signal processors
  • DSPDs digital signal processing devices
  • PLDs programmable logic devices
  • FPGA field programmable A programmable gate array
  • controller microcontroller, microprocessor or other electronic component implementation is used to perform the above method.
  • a non-transitory computer-readable storage medium including instructions such as a memory 804 including instructions, which can be executed by the processor 820 of the user device 800 to complete the above method is also provided.
  • the non-transitory computer-readable storage medium may be ROM, random access memory (RAM), CD-ROM, magnetic tape, floppy disk, optical data storage device, etc.
  • an embodiment of the present disclosure shows the structure of a base station.
  • the base station 900 may be provided as a network side device.
  • base station 900 includes a processing component 922, which further includes one or more processors, and memory resources represented by memory 932 for storing instructions, such as application programs, executable by processing component 922.
  • the application program stored in memory 932 may include one or more modules, each corresponding to a set of instructions.
  • the processing component 922 is configured to execute instructions to perform any of the foregoing methods applied to the base station.
  • Base station 900 may also include a power supply component 926 configured to perform power management of base station 900, a wired or wireless network interface 950 configured to connect base station 900 to a network, and an input/output (I/O) interface 958.
  • Base station 900 may operate based on an operating system stored in memory 932, such as Windows ServerTM, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM or the like.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本公开实施例提供一种中继通信方法、装置、通信设备及存储介质;该中继通信方法由第一UE执行,包括:向第一接入和移动性管理功能AMF发送第一请求消息,其中,第一请求消息用于请求第一UE及第二UE之间进行中继通信发现的安全信息;其中,第一请求消息包括第一UE的第一标识信息;第一标识信息用于第一AMF将用于请求安全信息的第二请求信息发送给与第一UE对应的第一策略控制功能PCF。

Description

中继通信方法、装置、通信设备及存储介质 技术领域
本公开涉及但不限于通信技术领域,尤其涉及一种中继通信方法、装置、通信设备及存储介质。
背景技术
在中继通信是在远端用户设备(Remote UE)由于网络信号覆盖等原因不能够与网络进行通信时,可以利用中继UE,例如UE到网络(UE-to-Network,U2N)中继的中继功能与网络继续通信。在一种场景下,远端UE可以将需要传输至网络的信息先传输给中继UE后,由中继UE将该信息传输给网络;或者,网络可以将需要传输至远端UE的信息先传输给中继终端后,由中继UE将该信息传输给远端UE,从而实现远端UE和网络之间的通信。
相关技术中,在进行中继通信发现的过程中,远端UE与中继UE之间传输的发现消息缺少安全性保护,如需要对远端UE与中继UE之间的传输的发现消息缺少安全性保护;如此存在很大的安全隐患。
发明内容
本公开实施例公开一种中继通信方法、装置、通信设备及存储介质。
根据本公开的第一方面,提供一种中继通信方法,由第一UE执行,包括:
向第一接入和移动性管理功能(Access and Mobility Management Function,AMF)发送第一请求消息,其中,第一请求消息用于请求第一UE及第二UE之间进行中继通信发现的安全信息;其中,第一请求消息包括第一UE的第一标识信息;第一标识信息用于第一AMF将用于请求安全信息的第二请求信息发送给与第一UE对应的第一策略控制功能(Policy Control Function,PCF)。
根据本公开的第二方面,提供一种中继通信方法,由AMF执行,包括:
接收第一UE发送的第一请求消息,其中,第一请求消息用于请求第一UE及第二UE之间进行中继通信发现的安全信息;
基于第一请求消息中携带的第一UE的第一标识信息,将用于请求安全信息的第二请求消息发送给与第一标识信息对应的第一PCF。
根据本公开的第三方面,提供一种中继通信方法,由第二UE执行,包括:
向第二AMF发送第三请求消息,其中,第三请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;其中,第三请求消息包括第二UE的第三标识信息;第三标识信息用于第二AMF将用于请求安全信息的第四请求信息发送给第二UE对应的第二PCF。
根据本公开的第四方面,提供一种中继通信方法,由第二AMF执行,包括:
接收第二UE发送的第三请求消息,其中,第三请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
基于第三请求消息中携带的第二UE的第三标识信息,将用于请求安全信息的第四请求消息发送给与第三标识信息对应的第二PCF。
根据本公开的第五方面,提供一种中继通信方法,由第一PCF执行,包括:
接收第一AMF发送的第二请求消息和/或接收第二PCF发送的第四请求消息,其中,第二请求消息和/或第四请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息。
根据本公开的第六方面,提供一种中继通信方法,由第二PCF执行,包括:
接收第二AMF发送的第四请求消息,其中,第四请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
向第一PCF发送用于请求安全信息的第四请求消息。
根据本公开的第七方面,提供一种中继通信方法,由网络设备执行,包括:
获取UE发送的请求消息;其中,请求消息携带UE的标识信息;请求消息用于请求UE与UE之间进行中继通信发现的安全信息;
向UE发送携带安全信息的响应消息。
根据本公开的第八方面,提供一种中继通信装置,应用于第一UE,包括:
第一发送模块,被配置为向第一AMF发送第一请求消息,其中,第一请求消息用于请求第一UE及第二UE之间进行中继通信发现的安全信息;
其中,第一请求消息包括第一UE的第一标识信息;第一标识信息用于第一AMF将用于请求安全信息的第二请求信息发送给与第一UE对应的第一PCF。
根据本公开的第九方面,提供一种中继通信装置,应用于第一AMF,包括:
第二接收模块,被配置为接收第一UE发送的第一请求消息,其中,第一请求消息用于请求第一UE及第二UE之间进行中继通信发现的安全信息;
第二发送模块,被配置为基于第一请求消息中携带的第一UE的第一标识信息,将用于请求安全信息的第二请求消息发送给与第一标识信息对应的第一PCF。
根据本公开的第十方面,提供一种中继通信装置,应用于第二UE,包括:
第三发送模块,被配置为向第二AMF发送第三请求消息,其中,第三请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
其中,第三请求消息包括第二UE的第三标识信息;第三标识信息用于第二AMF将用于请求安全信息的第四请求信息发送给第二UE对应的第二PCF。
根据本公开的第十一方面,提供一种中继通信装置,应用于第二AMF,包括:
第四接收模块,被配置为接收第二UE发送的第三请求消息,其中,第三请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
第四发送模块,被配置为基于第三请求消息中携带的第二UE的第三标识信息,将用于请求安全信息的第四请求消息发送给与第三标识信息对应的第二PCF。
根据本公开的第十二方面,提供一种中继通信装置,应用于第一PCF,包括:
第五接收模块,被配置为接收第一AMF发送的第二请求消息和/或接收第二PCF发送的第四请求消息,其中,第二请求消息和/或第四请求消息用于请求第一用户设备UE与第二UE之间进行中继通信发现的安全信息。
根据本公开的第十三方面,提供一种中继通信装置,应用于第二PCF,包括:
第六接收模块,被配置为接收第二AMF发送的第四请求消息,其中,第四请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
第六发送模块,被配置为向第一PCF发送用于请求安全信息的第四请求消息。
根据本公开的第十四方面,提供一种通信设备,通信设备,包括:
处理器;
用于存储处理器可执行指令的存储器;
其中,处理器被配置为:用于运行可执行指令时,实现本公开任意实施例的中继通信方法。
根据本公开的第十五方面,提供一种计算机存储介质,计算机存储介质存储有计算机可执行程序,可执行程序被处理器执行时实现本公开任意实施例的中继通信方法。
本公开实施例提供的技术方案可以包括以下有益效果:
在本公开实施例中,可通过第一UE向第一AMF发送第一请求消息,其中,第一请求消息用于请求第一UE及第二UE之间进行中继通信发现的安全信息;其中,第一请求消息包括第一UE的第一标识信息;第一标识信息用于第一AMF将用于请求安全信息的第二请求信息发送给与第一UE对应的第一PCF。如此,在第一UE与第二UE进行中继通信发现时,可基于该安全信息进行安全性保护;如此相对于在进行中继通信发现时不能执行安全保护的方式来说,可以使得第一UE与第二UE之间的中继通信发现更加安全。并且,由于第一请求消息中携带第一UE的第一标识信息,可以使得第一AMF准确知晓是哪个第一UE需要获取进行中继通信发现的安全信息;并有利于第一AMF获得该安全信息后发送给该第一UE。
应当理解的是,以上的一般描述和后文的细节描述仅是示例性和解释性的,并不能限制本公开实施例。
附图说明
图1是根据一示例性实施例示出的一种无线通信系统的结构示意图。
图2是根据一示例性实施例示出的一种通过模型A的UE到网络中继发现方法的流程图。
图3是根据一示例性实施例示出的一种通过模型B的UE到网络中继发现方法的流程图。
图4是根据一示例性实施例示出的一种中继通信方法的流程图。
图5是根据一示例性实施例示出的一种中继通信方法的流程图。
图6是根据一示例性实施例示出的一种中继通信方法的流程图。
图7是根据一示例性实施例示出的一种中继通信方法的流程图。
图8是根据一示例性实施例示出的一种中继通信方法的流程图。
图9是根据一示例性实施例示出的一种中继通信方法的流程图。
图10是根据一示例性实施例示出的一种中继通信方法的流程图。
图11是根据一示例性实施例示出的一种中继通信方法的流程图。
图12是根据一示例性实施例示出的一种中继通信方法的流程图。
图13是根据一示例性实施例示出的一种中继通信方法的流程图。
图14是根据一示例性实施例示出的一种中继通信方法的流程图。
图15是根据一示例性实施例示出的一种中继通信方法的流程图。
图16是根据一示例性实施例示出的一种中继通信装置的框图。
图17是根据一示例性实施例示出的一种中继通信装置的框图。
图18是根据一示例性实施例示出的一种中继通信装置的框图。
图19是根据一示例性实施例示出的一种中继通信装置的框图。
图20是根据一示例性实施例示出的一种中继通信装置的框图。
图21是根据一示例性实施例示出的一种中继通信装置的框图。
图22是根据一示例性实施例示出的一种中继通信装置的框图。
图23是根据一示例性实施例示出的一种UE的框图。
图24是根据一示例性实施例示出的一种基站的框图。
具体实施方式
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本公开实施例相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本公开实施例的一些方面相一致的装置和方法的例子。
在本公开实施例使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本公开实施例。在本公开实施例和所附权利要求书中所使用的单数形式的“一种”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。
应当理解,尽管在本公开实施例可能采用术语第一、第二、第三等来描述各种信息,但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如,在不脱离本公开实施例范围的情况下,第一信息也可以被称为第二信息,类似地,第二信息也可以被称为第一信息。取决于语境,如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。
请参考图1,其示出了本公开实施例提供的一种无线通信系统的结构示意图。如图1所示,无线通信系统是基于蜂窝移动通信技术的通信系统,该无线通信系统可以包括:若干个用户设备110以及若干个基站120。
其中,用户设备110可以是指向用户提供语音和/或数据连通性的设备。用户设备110可以经无线接入网(Radio Access Network,RAN)与一个或多个核心网进行通信,用户设备110可以是物联网用户设备,如传感器设备、移动电话(或称为“蜂窝”电话)和具有物联网用户设备的计算机,例如,可以是固定式、便携式、袖珍式、手持式、计算机内置的或者车载的装置。例如,站(Station,STA)、订户单元(subscriber unit)、订户站(subscriber station),移动站(mobile station)、移动台(mobile)、远程站(remote station)、接入点、远程用户设备(remote terminal)、接入用户设备(access terminal)、用户装置(user terminal)、用户代理(user agent)、用户设备(user device)、或用户设备(user equipment)。或者,用户设备110也可以是无人飞行器的设备。或者,用户设备110也可以是车载设备,比如,可以是具有无线通信功能的行车电脑,或者是外接行车电脑的无线用户设备。或者,用户设备110也可以是路边设备,比如,可以是具有无线通信功能的路灯、信号灯或者其它路边设备等。
基站120可以是无线通信系统中的网络侧设备。其中,该无线通信系统可以是第四代移动通信技术(the 4th generation mobile communication,4G)系统,又称长期演进(Long Term Evolution,LTE)系统;或者,该无线通信系统也可以是5G系统,又称新空口系统或5G NR系统。或者,该无线通信系统也可以是5G系统的再下一代系统。其中,5G系统中的接入网可以称为新一代无线接入网(New Generation-Radio Access Network,NG-RAN)。
其中,基站120可以是4G系统中采用的演进型基站(eNB)。或者,基站120也可以是5G系统中采用集中分布式架构的基站(gNB)。当基站120采用集中分布式架构时,通常包括集中单元(central unit,CU)和至少两个分布单元(distributed unit,DU)。集中单元中设置有分组数据汇聚协议(Packet Data Convergence Protocol,PDCP)层、无线链路层控制协议(Radio Link Control,RLC)层、媒体接入控制(Medium Access Control,MAC)层的协议栈;分布单元中设置有物理(Physical,PHY)层协议栈,本公开实施例对基站120的具体实现方式不加以限定。
基站120和用户设备110之间可以通过无线空口建立无线连接。在不同的实施方式中,该无线空口是基于第四代移动通信网络技术(4G)标准的无线空口;或者,该无线空口是基于第五代移动通信网络技术(5G)标准的无线空口,比如该无线空口是新空口;或者,该无线空口也可以是基于5G的更下一代移动通信网络技术标准的无线空口。
在一些实施例中,用户设备110之间还可以建立E2E(End to End,端到端)连接。比如车联网通信(vehicle to everything,V2X)中的车对车(vehicle to vehicle,V2V)通信、车对路边设备(vehicle to Infrastructure,V2I)通信和车对人(vehicle to pedestrian,V2P)通信等场景。
这里,上述用户设备可认为是下面实施例的终端设备。
在一些实施例中,上述无线通信系统还可以包含网络管理设备130。
若干个基站120分别与网络管理设备130相连。其中,网络管理设备130可以是无线通信系统中的核心网设备,比如,该网络管理设备130可以是演进的数据分组核心网(Evolved Packet Core,EPC)中的移动性管理实体(Mobility Management Entity,MME)。或者,该网络管理设备也可以是其它的核心网设备,比如服务网关(Serving GateWay,SGW)、公用数据网网关(Public Data Network GateWay,PGW)、策略与计费规则功能单元(Policy and Charging Rules Function,PCRF)或者归属签约用户服务器(Home Subscriber Server,HSS)等。对于网络管理设备130的实现形态,本公开实施例不做限定。
为了便于本领域内技术人员理解,本公开实施例列举了多个实施方式以对本公开实施例的技术方案进行清晰地说明。当然,本领域内技术人员可以理解,本公开实施例提供的多个实施例,可以被单独执行,也可以与本公开实施例中其他实施例的方法结合后一起被执行,还可以单独或结合后与其他相关技术中的一些方法一起被执行;本公开实施例并不对此作出限定。
为了更好地理解本公开任一个实施例所描述的技术方案,首先,对相关技术中的中继通信进行部分说明:
在一个实施例中,为UE到网络中继提供控制面和用户面的解决方案。针对基于用户面的解决方案,5G邻近服务(Proximity-based Service,ProSe)密钥管理功能(ProSe Key Management Function,PKMF)用于支持5G ProSe间接或者中继通信的PC5连接的安全密钥管理。在5G邻近服务的安全过程中,引入了邻近通信服务名称管理功能(Direct Discovery Name Management Function,DDNMF),该DDNMF为邻近服务生成和提供了必要的发现安全参数。该DDNMF是为动态5G邻近服务直接发现分配和解析邻近服务应用ID,与邻近服务应用或者受限代码映射的逻辑功能。然而DDNMF中不一定涉及5G邻近服务UE到网络(UE-to-Network,U2N)中继的发现,其不需要分配和解析邻近服务应用ID与邻近服务应用ID或者受限代码之间的映射。
在一个实施例中,对于UE到网络(U2N)中继的发现,UE在业务授权和信息提供期间使用策略控制功能(Policy Control Function,PCF)预先配置或者提供发现参数。目前定义了由PCF提供给UE的发现参数包括针对每个邻近服务中继服务代码(Relay Service Code,RSC)的5G邻近服务U2N发现的安全相关内容。
在一个实施例中,提供一种模型A的方式实现支持UE到网络中继的发现;该模型A使用单个发现协议消息(例如公告消息)。如图2所示,模型A的方式由通信设备执行,通信设备包括远端UE及U2N中继;其中,远端UE包括远端UE1、远端UE2及远端UE3;通过模型A的UE到网络中继发现方法包括以下步骤:
步骤S21:U2N中继发送公告消息。这里,U2N中继发送公告消息,远端UE1、远端UE2及远端UE3均可监听公告消息。
可选地,步骤S22:U2N中继发送附加信息。这里,U2N中继发送附加信息,远端UE1、远端 UE2及远端UE3均可监听附加信息。
在另一个实施例中,提供一种模型B的方式实现支持UE到网络中继的发现;该模型B使用两个发现协议消息(例如请求消息和响应消息)。如图3所示,模型B的方式由通信设备执行,通信设备包括远端UE及U2N中继;其中,U2N中继包括:U2N中继1、U2N中继2及U2N中继3;通过模型B的UE到网络中继发现方法包括以下步骤:
步骤S31:远端UE发送发现请求消息;
这里,远端UE发送发现请求消息;U2N中继1、U2N中继2及U2N中继3均可监听发现请求消息。
步骤S32:远端UE接收发现响应消息。
这里,U2N中继1、U2N中继2及U2N中继3均可基于发现请求消息确定发现响应消息,并发送发现响应消息;远端UE可监听U2N中继1、U2N中继2和/或U2N中继3发送的发现响应消息。
如图4所示,本公开实施例提供一种中继通信方法,由第一UE执行,包括:
步骤S41:向第一AMF发送第一请求消息,其中,第一请求消息用于请求第一UE及第二UE之间进行中继通信发现的安全信息;其中,第一请求消息包括第一UE的第一标识信息;第一标识信息用于第一AMF将用于请求安全信息的第二请求信息发送给与第一UE对应的第一PCF。
在本公开实施例中,所涉及的UE可以是但不限于是移动终端或者固定终端;例如第一UE、及下述实施例中第二UE均可以是但不限于是手机、计算机、服务器、可穿戴设备、游戏控制平台或多媒体设备等。在一个实施例中,第一UE可以是中继UE,第二UE可以是远端UE。这里,该中继UE可以是5G中继UE或者6G中继UE等。这里,该中继UE可以是U2N中继。
在本公开实施例中,所涉及的第一AMF、第二AMF、第一PCF及第二PCF可以是但不限于是核心网设备或者核心网网元或者功能等;该第一AMF、第二AMF、第一PCF及第二PCF均可以由相同功能的其它核心网设备或者核心网网元或者功能替换。在一个实施例中,第一AMF可以是中继UE的AMF;第二AMF可以是远端UE的AMF;第一PCF可以是中继UE的PCF;和/或第二PCF可以是远端UE的PCF。
这里,第一标识信息可用于识别第一UE。
在一个实施例中,第一标识信息包括以下至少之一:
用户签约隐藏标识(Subscription Concealed Identifier,SUCI);
全球唯一临时标识(Globally Unique Temporary UE Identity,GUTI);
这里,第二请求消息,用于请求第一UE及第二UE之间进行中继通信发现的安全信息。
在一个实施例中,第二请求消息中携带第一UE的第二标识信息。该第二标识信可用于识别第一UE。
在一个实施例中,第二标识信息包括与第一标识信息对应的用户签约永久标识(Subscription Permanent Identifier,SUPI)。
这里,在第一AMF保存有第一映射关系;该第一映射关系包括:第一标识信息与第二标识信息的对应关系。例如,第一映射关系包括:SUCI与SUPI的对应关系,和/或GUTI与SUPI的对应关系。如此,第一AMF可基于第一UE的SUCI和/或SUPI,确定出第一UE的SUPI;如此,第一AMF可知晓是哪个第一UE发送的第一请求消息,并将第二请求消息发送给与第一UE对应的第一PCF。
本公开实施例提供一种中继通信方法,由第一UE执行,包括:
接收第一AMF发送的第一响应消息,其中,第一响应消息包括:第二响应消息中包括的安全信息;第二响应消息是第一PCF基于第二响应消息中包括的第一UE的第二标识信息发送的。
在一个实施例中,第一请求消息包括:密钥请求相关消息;第一响应消息包括:密钥响应相关消息;及所述安全信息包括:中间发现密钥。
当然,在其它实施例中,安全信息可以是任意一种用于保护第一UE与第二UE之间进行中继通信发现保护的安全性保护的信息。
这里,第二请求消息可包括密钥请求相关消息。在一个实施例中,第一请求消息与第二请求消息的区别在于:第一请求消息携带第一标识信息;第二请求消息携带第二标识信息。
这里,第二响应消息可包括密钥响应相关消息。在一个实施例中,第一响应消息及第二响应消息的区别在于:第二响应消息中携带第二标识信息;第一响应消息中携带第一标识信息或者第一响应信息不携带第一标识信息及第二标识信息。
在本公开实施例中,可通过第一UE向第一AMF发送第一请求消息,其中,第一请求消息用于请求第一UE及第二UE之间进行中继通信发现的安全信息;其中,第一请求消息包括第一UE的第一标识信息;第一标识信息用于第一AMF将用于请求安全信息的第二请求信息发送给与第一UE对应的第一PCF。如此,在第一UE与第二UE进行中继通信发现时,可基于该安全信息进行安全性保护;如此相对于在进行中继通信发现时不能执行安全保护的方式来说,可以使得第一UE与第二UE之间的中继通信发现更加安全。并且,由于第一请求消息中携带第一UE的第一标识信息,可以使得第一AMF准确知晓是哪个第一UE需要获取进行中继通信发现的安全信息;并有利于第一AMF获得该安全信息后发送给该第一UE。
在本公开实施例中,可通过第一UE接收第一AMF发送的第一响应消息,其中,第一响应消息包括:第二响应消息中包括的安全信息;第二响应消息是第一PCF基于第二响应消息中包括的第一UE的第二标识信息发送的。如此,可以通过第一AMF转发第一PCF确定的安全信息以使得第一UE获得第一UE与第二UE进行中继通信发现的安全信息,从而提高了第一UE和第二UE之间中继通信发现的安全性。并且,由于第二响应消息中携带第二标识信息,也可以使得第一AMF准确知晓哪个第一UE需要请求安全信息,并将该安全信息准确转发给该需要获得安全信息的第一UE。
在一些实施例中,密钥请求相关消息包括:指示中继服务的RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者,针对RSC的中间发现密钥及中间发现密钥的标识信息。
这里,不同的RSC对应不同的中间发现密钥。示例性的,一个RSC指示一个中继服务;一个 中继服务对应一个中间发现密钥。
示例性的,若第一UE接收到的密钥响应相关消息包括一个RSC的中间发现密钥时,则确定该中间发现密钥为第一UE与第二UE进行RSC指示的中继服务的中间发现密钥。如此当第一UE仅请求一个RSC的中间发现密钥时,可通过接收的中间发现密钥即可获取。
示例性的,若第一UE接收到的密钥响应相关消息包括两个或两个以上RSC指示的中间发现密钥及中间发现密钥的标识信息,则可通过中间发现密钥的标识信息确定出其中任意一个RSC对应的中间发现密钥。如此当第一UE请求多个RSC的中间发现密钥时,可通过获得多个RSC的中间发现密钥及中间发现密钥的标识信息,准确确定出任意一个RSC对应的中间发现密钥。在本公开的一些实施例中,多个是两个或两个以上。
在一些实施例中,密钥请求相关消息,还包括以下至少之一:
类型指示信息,用于指示中继通信的发现消息的类型;
第一安全指示信息,用于指示第一UE的安全能力。
这里,发现消息类型包括但不限限于:直接发现类型,或者中继发现类型。示例性的,类型指示信息包括:第一类型指示信息,用于指示发现消息类型为直接发现类型;第二类型指示信息,用于指示发现消息类型为中继发现类型。
这里,第一安全指示信息,用于第一PCF确定加解密算法和/或完整性保护算法。这里该加解密算法和/或完整性保护算法可为针对中继通信的发现消息的加解密算法和/或完整性保护算法。
如此,在本公开实施例中,可通过发送包括类型指示信息和/或第一安全指示信息等的密钥请求相关消息,可以使得第一PCF确定出中继通信的发现消息类型和/或确定中继通信的发现消息的加解密算法及完整性保护算法等。
在一些实施例中,密钥响应相关消息,还包括以下至少之一:
算法标识;其中,算法标识包括以下至少之一:
第一算法标识,用于指示加解密中继通信的发现消息的算法;
第二算法标识,用于指示对中继通信的发现消息进行完整性保护的算法;
时间相关信息,用于确定中继通信的发现消息是否遭受重放攻击。
这里,时间相关信息,包括但不限于以下至少之一:当前时间、最大偏移量及有效性定时器。
这里,第一UE可基于当前时间和有效性定时器,确定接收到信息(例如公告消息)是否遭受重放攻击。示例性的,例如第一UE接收到第二UE的发现请求消息;第一UE若确定当前时间不在有效性定时器的定时时间内,则可确定发现请求消息遭受重放攻击;或者,若确定当前时间在有效性定时器的定时时间内,则可确定发现消息未遭受重放攻击。或者,第一UE基于当前时间与最大偏移量和或者基于当前时间与最大偏移量的差值,确定第一时间范围;若第一时间范围不在有效性定时器的定时时间内,则可确定发现消息遭受重放攻击,或者,若第一时间范围在有效性定时器的定时时间内,则可确定发现消息未遭受重放攻击。
如此,在本公开实施例中,可以通过接收第一AMF转发的第一PCF的包括算法标识及时间相 关信息的其中之一的密钥响应相关消息,可以使得第一UE获取用于加密或者解密发现消息等的加解密算法、完整性保护算法和/或确定发现消息是否遭受过重放攻击。如此可以进一步提高第一UE与第二UE进行中继通信发现的安全性等。
本公开实施例提供一种中继通信方法,由第一UE执行,包括:接收第一AMF发送的第一RSC集合;其中,第一RSC集合包括:至少一个第一RSC;第一RSC为第一UE能够提供的中继服务的RSC。
这里,该第一RSC集合可以是第一PCF发送的。这里,该第一RSC集合也可以是与第一UE对应的DDNMF发送的。
在一个实施例中,第一UE接收第一AMF发送的携带第一RSC集合的发现参数;该发现参数是第一PCF或者与第一UE对应的DDNMF发送的。
如此,在本公开实施例中,可以通过第一UE从第一PCF等核心网网元获取第一RSC集合,从而可以获知第一UE可以提供的中继服务。
需要说明的是,本领域内技术人员可以理解,本公开实施例提供的方法,可以被单独执行,也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。
如图5所示,本公开实施例提供一种中继通信方法,由第一UE执行,包括:
步骤S51:基于中间发现密钥确定中继发现密钥;
其中,中继发现密钥包括以下至少之一:
加密密钥(DUCK),用于加解密中继通信的发现消息;
完整性保证密钥(DUIK),用于保护中继通信的发现消息的完整性。
在一个可选实施例中,中继发现密钥可包括:加扰密钥(DUSK),用于加扰中继通信的发现消息。
在一些实施例中,步骤S51,包括以下之一:
基于中间发现密钥及算法标识,确定中继发现密钥;
基于中间发现密钥、算法标识及RSC,确定中继发现密钥。
在本公开的实施例中,算法标识可包括上述实施例中第一算法标识和/获得第二算法标识;RSC可以为上述实施例中RSC;中间发现密钥可以为上述实施例中的中间发现密钥。
本公开实施例提供一种中继通信方法,由第一UE执行,包括:基于中间发现密钥及算法标识,确定中继发现密钥。
本公开实施例提供一种中继通信方法,由第一UE执行,包括:基于中间发现密钥、算法标识及RSC,确定中继发现密钥。
示例性的,中继发现密钥的推导可以如下所示,这里将RSC及中间发现密钥作为输入参数:
FC=TBD
P0=0x00 if DUSK is being derived,0x01 if DUCK is being derived,or 0x02 if DUIK is being  derived;
L0=length of P0(i.e.0x00 0x01)
P1=algorithm identity
L1=length of algorithm identity(i.e.0x00 0x01)
P2=Relay Service Code(RSC)
L2=length of RSC(i.e.0x00 0x03).
这里,P0为0x00时,正在导出DUSK;P0为0x01时,正在导出DUCK;或者P0为0x02时,正在导出DUIK。
这里,可按照任意可实现方式设置加密算法及完整性保护算法。
这里,输入密钥为256K的近场服务中继发现密钥(PRDK);该PRDK可以为上述实施例中间发现密钥。
如此,在本公开实施例中,可以通过在确定中继发现密钥时在输入参数增加RSC,如此可以获针对具体哪个中继服务进行绑定的中继发现密钥。
需要说明的是,本领域内技术人员可以理解,本公开实施例提供的方法,可以被单独执行,也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。
如图6所示,本公开实施例提供一种中继通信方法,由第一UE执行,包括:
步骤S61:发送第一公告消息,其中,第一公告消息包括:基于中继发现密钥加密并受完整性保护的发现消息;发现消息用于指示第一UE支持被发现提供中继服务。
这里,第一公告消息中包括的发现消息可以是:基于中继发现密钥及加密算法进行加密且基于完整性保护算法进行完整性保护后的发现消息。
该步骤S61中发送第一公告消息,可以是:广播第一公告消息。
在一个实施例中,发现消息包括至少一个RSC。如此第一UE可以通知其他UE:第一UE支持哪个或者哪些RSC所指示的中继服务。该其它UE可以是但不限于是第二UE。
在另一个实施例中,发现消息包括但不限于:至少一个RSC及第一UE的标识信息。该标识信息可以是但不限于是上述实施例中的第一标识信息;例如该标识信息可以是任意可以唯一标识第一UE的信息,如一串字符串等。如此第一UE可以告知其它UE:是哪个第一UE支持RSC指示的中继服务。
如此,本公开实施例中可通过第一UE广播第一公告消息,使得监听到第一公告消息的第二UE等可以知晓第一UE所能提供的中继服务。且该第一公告消息中的发现消息是经过中继发现密钥加密并受完整性保护的发现消息,从而能够提高第一UE与第二UE之间中继通信发现的安全性。
如图7所示,本公开实施例提供一种中继通信方法,由第一UE执行,包括:
步骤S71:接收第二公告消息,其中,第二公告消息包括:基于中继发现密钥加密并受完整性保护的发现请求消息;发现请求消息用于请求第二UE发现所请求的中继服务;
步骤S72:基于中继发现密钥解密并验证第二公告消息以获得发现请求消息。
这里,第二公告消息中发现请求消息可以是:基于中继发现密钥及加密算法进行加密且基于完 整性保护算法进行完整性保护后的发现请求消息。
该步骤S71中接收第二公告消息,可以是:接收第二UE发送的第二公告消息。
在一个实施例中,发现请求消息包括至少一个RSC。如此第一UE可以获知第二UE所需请求的那个或者哪些RSC所指示的中继服务。
在另一个实施例中,发现请求消息包括但不限于:RSC及第二UE的标识信息。如此第一UE可以获知是哪个第二UE所需请求的RSC指示的中继服务。
该步骤S72中基于中继发现密钥解密并验证第二公告消息,包括:基于中继发现密钥及加密算法所对应的解密算法解密第二公告消息,并通过完整性保护算法对第二公告消息进行完整性验证。
本公开实施例中,第一UE可以接收第二UE发送的发现请求消息获知第二UE需要请求的中继服务。并且,该发现请求消息是通过中继发现密钥加密并受完整性保护的消息,如此可以提高第一UE与第二UE之间的中继通信发现的安全性。
本公开实施例提供一种中继通信方法,由第一UE执行,包括:发送第三公告消息,其中,第三公告消息包括:基于中继发现密钥加密并受完整性保护的发现响应消息,其中,发现响应消息基于发现请求消息确定。
这里,第三公告消息中发现响应消息可以是:基于中继发现密钥及加密算法进行加密且基于完整性保护算法进行完整性保护后的发现响应消息。
这里,若第一UE确定第一UE授权提供的中继服务包括发现请求消息所请求的中继服务,则第一UE发送的发现响应消息可以是确认的响应消息。或者,若第一UE确定第一UE授权的中继服务不包括发现请求消息所请求的中继服务,则第一UE不发送发现响应消息。
本公开实施例中,可以根据第一UE发送的发现响应消息,以告知第二UE是否能够提供第二UE所请求的中继服务。并且,该发现响应消息可以是通过中继发现密钥加密并受完整性保护的消息,如此可以提高第一UE与第二UE之间的中继通信发现的安全性。
并且,当第一UE接收到第二UE发送的通过中继发现密钥加密并受完整性保护后的公告消息,可以通过相同的中继发现密钥等解密并验证该公告消息的完整性,可以准确得到公告消息中内容。
需要说明的是,本领域内技术人员可以理解,本公开实施例提供的方法,可以被单独执行,也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。
以下一种中继通信方法,是第一AMF执行,与上述由第一UE执行的中继通信方法的描述是类似的;且对于由第一AMF执行的中继通信方法实施例中未披露的技术细节,请参照由第一UE执行的中继通信方法示例的描述,在此不做详细描述说明。
如图8所示,本公开实施例提供一种中继通信方法,由第一AMF执行,包括:
步骤S81:接收第一UE发送的第一请求消息,其中,第一请求消息用于请求第一UE及第二UE之间进行中继通信发现的安全信息;
步骤S82:基于第一请求消息中携带的第一UE的第一标识信息,将用于请求安全信息的第二请 求消息发送给与第一标识信息对应的第一PCF。
本公开实施例提供一种中继通信方法,由第一AMF执行,包括:
接收所述第一PCF发送的第二响应消息,其中,所述第二响应消息包括所述安全信息;
基于所述第二响应消息中携带的所述第一UE的第二标识信息,将携带所述安全信息的第一响应消息发送给所述第一UE。
在本公开的一些实施例中,第一请求消息、第二请求消息分别可以是步骤S41中第一请求消息、第二请求消息;安全信息可以是上述步骤S41中安全信息;第一标识信息可以是步骤S41中第一标识信息。
在本公开的一些实施例中,第一响应消息、第二响应消息可以是上述实施例中第一响应消息及第二响应消息;第二标识信息可以是上述实施例中第二标识信息。
示例性的,第一标识信息可包括以下至少之一:SUCI及GUTI;和/或第二标识信息可包括SUPI。
示例性的,第一请求消息、第二请求消息均可包括:密钥请求相关消息。第一响应消息、第二响应消息均可包括:密钥响应相关消息。安全信息包括:中间发现密钥。
示例性的,密钥请求相关消息包括:指示中继服务的RSC。
示例性的,密钥请求相关消息包括以下至少之一:
类型指示信息,用于指示中继通信的发现消息的类型;
第一安全指示信息,用于指示第一UE的安全能力。
示例性的,密钥响应相关消息,还包括以下至少之一:
算法标识;其中,算法标识包括以下至少之一:
第一算法标识,用于指示加解密中继通信的发现消息的算法;
第二算法标识,用于指示对中继通信的发现消息进行完整性保护的算法;
时间相关信息,用于确定中继通信的发现消息是否遭受重放攻击。
实施例性的,密钥请求相关消息包括:指示中继服务的RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者针对RSC的中间发现密钥及中间发现密钥的标识信息。
如此,在本公开实施例中,第一AMF可以在接收到第一UE发送的用于请求安全信息的第一请求消息后,将用于请求安全的第二请求消息发送给第一PCF,以便能够获取到第一UE所需的安全信息。
并且,第一AMF可以在接收到第一PCF发送的包括安全信息的第二响应消息后,将包括安全信息的第一响应消息发送给第一UE,以使得第一UE可以获得安全信息;如此可以使得在第一UE与第二UE进行中继通信发现时,可以通过安全信息进行安全性保护,提高第一UE与第二UE进行中继通信的安全性。
本公开实施例提供一种中继通信方法,由第一AMF执行,包括:基于所述第一标识信息及第一映射关系,确定与所述第一UE对应的所述第二标识信息;其中,所述第一映射关系包括:第一标 识信息与第二标识信息的对应关系。
这里,第一映射关系包括:SUCI与SUPI的对应关系,和/或GUTI与SUPI的对应关系。
可以理解的是,当第一UE给第一AMF发送第一请求消息时,该第一请求消息包括第一标识信息;该第一标识信息可以是临时的或者隐藏的相关的标识信息。而当第一AMF发送第二请求消息发送给第一PCF时,该第二请求消息可以是SUPI;该第二标识信息可以永久的标识信息。通常是AMF主要接收临时的标识,而PCF接收永久的标识。
如此,在本公开实施例中,可以基于第一UE的第一标识信息及第一AMF存储的第一映射表等,准确确定出与第一UE的第一标识信息对应的第一UE的第二标识信息;以便于后续第一PCF发送第一UE相关的安全信息。
本公开实施例提供一种中继通信方法,由第一AMF执行,包括:
接收第一PCF发送的第一RSC集合;其中,第一RSC集合包括:至少一个第一RSC,第一RSC为第一UE能够提供的中继服务的RSC;
将第一RSC集合发送给第一UE。
在本公开的一些实施例中,第一RSC集合可以为上述实施例中第一RSC集合。
如此,在本公开实施例中,可以通过第一AMF将第一PCF发送的第一RSC集合发送给第一UE,以使得第一UE知晓第一UE预先配置可以提供的中继服务。
以上实施方式,具体可以第一UE侧的表述,在此不再赘述。
需要说明的是,本领域内技术人员可以理解,本公开实施例提供的方法,可以被单独执行,也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。
以下一种中继通信方法,是第二UE执行,与上述由第一UE和/或第一AMF执行的中继通信方法的描述是类似的;且对于由第二UE执行的中继通信方法实施例中未披露的技术细节,请参照由第一UE和/或第一AMF执行的中继通信方法示例的描述,在此不做详细描述说明。
如图9所示,本公开实施例提供一种中继通信方法,由第二UE执行,包括:
步骤S91:向第二AMF发送第三请求消息,其中,第三请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;其中,第三请求消息包括第二UE的第三标识信息;第三标识信息用于第二AMF将用于请求安全信息的第四请求信息发送给第二UE对应的第二PCF。
这里,第三标识信息可用于识别第二UE。
在一个实施例中,第三标识信息包括以下至少之一:SUCI及GUTI。
这里,第四请求消息,用于请求第一UE及第二UE之间进行中继通信发现的安全信息。
在一个实施例中,第四请求消息中携带第一UE的第四标识信息。该第四标识信可用于识别第一UE。
在一个实施例中,第四标识信息包括与第三标识信息对应的SUPI。
这里,在第二AMF可设置第二映射关系;该第二映射关系包括:第三标识信息与第四标识信息 的对应关系。例如,第二映射关系包括:SUCI与SUPI的对应关系,和/或GUTI与SUPI的对应关系。如此,第二AMF可基于第一UE的SUCI和/或SUPI,确定出第一UE的SUPI;如此,第二AMF可知晓是哪个第一UE发送的第一请求消息,并将第二请求消息发送给与第一UE对应的第一PCF。
本公开实施例提供一种中继通信方法,由第二UE执行,包括:接收第二AMF发送的第三响应消息,其中,第三响应消息包括:第四响应消息中包括的安全信息;第四响应消息是第二PCF基于第三响应消息中包括的第二UE的第四标识信息发送的。
在一个实施例中,第三请求消息包括:密钥请求相关消息;第三响应消息,包括:密钥响应相关消息;及安全信息包括:中间发现密钥。
这里,第四请求消息可包括密钥请求相关消息。在一个实施例中,第三请求消息与第三请求消息的区别在于:第三请求消息携带第三标识信息;第四请求消息携带第四标识信息。
这里,第四响应消息可包括密钥响应相关消息。在一个实施例中,第三响应消息及第四响应消息的区别在于:第四响应消息中携带第第四标识信息;第三响应消息中携带第三标识信息或者第三响应信息不携带第三标识信息及第四标识信息。
在一些实施例中,密钥请求相关消息包括:指示中继服务的中继服务代码RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者针对RSC的中间发现密钥及中间发现密钥的标识信息。
在一些实施例中,密钥请求相关消息,还包括以下至少之一:
类型指示信息,用于指示中继通信的发现消息的类型;
第二安全指示信息,用于指示第二UE的安全能力。
在一些实施例中,密钥响应相关消息,包括以下至少之一:
算法标识;其中,算法标识包括以下至少之一:
第一算法标识,用于指示加解密中继通信的发现消息的算法;
第二算法标识,用于指示对中继通信的发现消息进行完整性保护的算法;
时间相关信息,用于确定中继通信的发现消息是否遭受重放攻击。
本公开实施例提供一种中继通信方法,由第二UE执行,包括:
基于中间发现密钥确定中继发现密钥;其中,中继发现密钥包括以下至少之一:
加密密钥DUCK,用于加解密中继通信的发现消息;
完整性保证密钥DUIK,用于保护中继通信的发现消息的完整性。
本公开实施例提供一种中继通信方法,由第二UE执行,包括:
基于中间发现密钥及算法标识,确定中继发现密钥;或者,
基于中间发现密钥、算法标识及RSC,确定中继发现密钥。
本公开实施例提供一种中继通信方法,由第二UE执行,包括:
接收第一公告消息,其中,第一公告消息包括:基于中继发现密钥加密并受完整性保护的发现消息;发现消息用于指示第一UE支持被发现提供中继服务;
基于中继发现密钥解密并验证第一公告消息以获得发现消息。
本公开实施例提供一种中继通信方法,由第二UE执行,包括:
发送第二公告消息,其中,第二公告消息包括:基于中继发现密钥加密并受完整性保护的发现请求消息;发现请求消息用于请求第二UE发现所请求的中继服务。
本公开实施例提供一种中继通信方法,由第二UE执行,包括:
接收第三公告消息,其中,第三公告消息包括:基于中继发现密钥加密并受完整性保护的发现响应消息,其中,发现响应消息基于发现请求消息确定;
基于中继发现密钥解密并验证第三公告消息以获得发现响应消息。
在本公开的一些实施例中,第一公告消息、第二公告消息、及第三公告消息可以分别与上述实施例中第一公告消息、第二公告消息及第三公告消息相同。且,在本公开实例中基于中继发现密钥及加密算法进行发现消息等的加密及基于完整性保护算法进行完整性保护的方式与上述实施例中相应方式类似;以及基于中继发现密钥及与加密算法对应的解密算法解密消息及验证消息的完整性的方式与上述实施例中方式类似。
本公开实施例提供一种中继通信方法,由第二UE执行,可包括:接收第二AMF发送的第二RSC集合;其中,第二RSC集合包括:至少一个第二RSC;第二RSC为第二UE能够获得的中继服务的RSC。
这里,该第二RSC集合可以是第二PCF发送的。这里,该第二RSC集合也可以是与第二UE对应的DDNMF发送的。
在一个实施例中,第二UE接收第二AMF发送的携带第二RSC集合的发现参数;该发现参数是第二PCF或者与第二UE对应的DDNMF发送的。
如此,在本公开实施例中,可以通过第二UE从第二PCF等核心网网元获取第二RSC集合,从而可以获知第二UE能够获得的中继服务。
以上实施方式,具体可以第一UE和/或第一AMF侧的表述,在此不再赘述。
需要说明的是,本领域内技术人员可以理解,本公开实施例提供的方法,可以被单独执行,也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。
以下一种中继通信方法,是第二AMF执行,与上述由第一UE、第二UE和/或第一AMF执行的中继通信方法的描述是类似的;且对于由第二AMF执行的中继通信方法实施例中未披露的技术细节,请参照由第一UE、第二UE和/或第一AMF执行的中继通信方法示例的描述,在此不做详细描述说明。
如图10所示,本公开实施例提供一种中继通信方法,由第二AMF执行,包括:
步骤S101:接收第二UE发送的第三请求消息,其中,第三请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
步骤S102:基于第三请求消息中携带的第二UE的第三标识信息,将用于请求安全信息的第四 请求消息发送给与第三标识信息对应的第二PCF。
本公开实施例提供一种中继通信方法,由第二AMF执行,包括:接收第二PCF发送的第四响应消息,其中,第四响应消息包括安全信息;
基于第四响应消息中携带的第二UE的第四标识信息,将携带安全信息的第三响应消息发送给第二UE。
在本公开的一些实施例中,第三请求消息、第四请求消息分别可以是步骤S91中第三请求消息、第四请求消息;安全信息可以是上述实施例中安全信息;第三标识信息、第四标识信息可以是上述实施例中第三标识信息、第四标识信息;第三响应消息、第四响应消息可以是上述实施例中第三响应消息及第四响应消息。
示例性的,第三标识信息可包括以下至少之一:SUCI及GUTI;和/或第四标识信息可包括SUPI。
示例性的,第三请求消息、第四请求消息均可包括:密钥请求相关消息。第三响应消息、第四响应消息均可包括:密钥响应相关消息。安全信息包括:中间发现密钥。
示例性的,密钥请求相关消息包括:指示中继服务的RSC。
示例性的,密钥请求相关消息包括以下至少之一:
类型指示信息,用于指示中继通信的发现消息的类型;
第二安全指示信息,用于指示第二UE的安全能力。
示例性的,密钥响应相关消息,还包括以下至少之一:
算法标识;其中,算法标识包括以下至少之一:
第一算法标识,用于指示加解密中继通信的发现消息的算法;
第二算法标识,用于指示对中继通信的发现消息进行完整性保护的算法;
时间相关信息,用于确定中继通信的发现消息是否遭受重放攻击。
示例性的,密钥请求相关消息包括:指示中继服务的RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者针对RSC的中间发现密钥及中间发现密钥的标识信息。
本公开实施例提供一种中继通信方法,由第二AMF执行,包括:基于第三标识信息及第二映射关系,确定与第二UE对应的第四标识信息;其中,第二映射关系包括:第三标识信息与第四标识信息的对应关系。
这里,第二映射关系包括:SUCI与SUPI的对应关系,和/或GUTI与SUPI的对应关系。
本公开实施例提供一种中继通信方法,由第二AMF执行,包括:
接收第二PCF发送的第二RSC集合;其中,第二RSC集合包括:至少一个第二RSC,第二RSC为第二UE能够获得的中继服务的RSC;
将第二RSC集合发送给第二UE。
在本公开的一些实施例中,第二RSC集合可以为上述实施例中第二RSC集合。
如此,在本公开实施例中,可以通过第二AMF将第二PCF发送的第二RSC集合发送给第二 UE,以使得第二UE知晓能够获得的中继服务。
以上实施方式,具体可以第一UE、第二UE和/或第一AMF侧的表述,在此不再赘述。
需要说明的是,本领域内技术人员可以理解,本公开实施例提供的方法,可以被单独执行,也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。
以下一种中继通信方法,是第一PCF执行,与上述由第一UE、第二UE、第一AMF和/或第二AMF执行的中继通信方法的描述是类似的;且对于由第一PCF执行的中继通信方法实施例中未披露的技术细节,请参照由第一UE、第二UE、第一AMF和/或第二AMF执行的中继通信方法示例的描述,在此不做详细描述说明。
如图11所示,本公开实施例提供一种中继通信方法,由第一PCF执行,包括:
步骤S11:接收第一AMF发送的第二请求消息和/或接收第二PCF发送的第四请求消息,其中,第二请求消息和/或第四请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息。
在本公开的一些实施例中,第一请求消息、第二请求消息、第三请求消息及第四请求消息分别为上述实施例中第一请求消息、第二请求消息、第三请求消息及第四请求消息;第一响应消息、第二响应消息、第三响应消息及第四响应消息分别为上述实施例中第一响应消息、第二响应消息、第三响应消息及第四响应消息;第一标识信息、第二标识信息、第三标识信息及第四标识信息分别为上述实施例中第一标识信息、第二标识信息、第三标识信息及第四标识信息;安全信息为上述实施例中安全信息。
示例性的,第二请求消息和/或第四请求消息包括:密钥请求相关消息;第二响应消息和/或第四响应消息包括:密钥响应相关消息;及安全信息包括:安全信息包括:中间发现密钥。
示例性的,密钥请求相关消息包括:指示中继服务的RSC。
示例性的,密钥请求相关消息包括以下至少之一:
类型指示信息,用于指示中继通信的发现消息的类型;
第一安全指示信息,用于指示第二UE的安全能力;
第二安全指示信息,用于指示第二UE的安全能力。
示例性的,密钥响应相关消息,还包括以下至少之一:
算法标识;其中,算法标识包括以下至少之一:
第一算法标识,用于指示加解密中继通信的发现消息的算法;
第二算法标识,用于指示对中继通信的发现消息进行完整性保护的算法;
时间相关信息,用于确定中继通信的发现消息是否遭受重放攻击。
示例性的,密钥请求相关消息包括:指示中继服务的RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者,针对RSC的中间发现密钥及中间发现密钥的标识信息。
本公开实施例提供一种中继通信方法,由第一PCF执行,包括:基于第二请求消息,确定安全 信息;和/或,基于第四请求消息,确定安全信息。
本公开实施例提供一种中继通信方法,由第一PCF执行,包括:基于接收的RSC指示的中继服务,确定中间发现密钥。
示例性的,第一PCF接收到密钥请求相关消息,基于密钥请求相关消息中携带的RSC,确定RSC指示的中继服务的中间发现消息。如此,本公开实施例的第一PCF可以通过接收的RSC生成与RSC对应的中间发现密钥。
示例性的,第一PCF可以保存至少一个RSC与中间发现密钥的对应关系;第一PCF可基于接收的RSC与中间发现密钥的对应关系,确定出该接收的RSC的中间发现密钥。如此,本公开实施例的第一PCF可以通过本地存储的RSC与中间发现密钥的对应关系与接收到的RCS,确定接收到的RSC对应的中间发现密钥。如此,第一PCF可以将获得的RSC对应的中间发现密钥进行保存,以便于后续可以基于保存的信息确定出RSC的中间发现密钥;从而可以降低生成中间发现密钥所产生的功耗等。
本公开实施例提供一种中继通信方法,由第一PCF执行,包括:基于第一安全指示信息,确定加密算法和/或完整性算法;和/或基于第二安全指示信息,确定加密算法和/或完整性算法。
如此,在本公开实施例中,可以基于第一UE和/或第二UE的安全能力,确定出第一UE和第二UE的合适的加密算法和/或完整性保护算法。
当然,在其它的实施例,第一PCF也可以确定出任意一种可实现的加密算法和/或完整性保护算法。第一PCF将指示该加密算法的第一算法标识和/或指示该完整性保护算法对应的第二算法标识发送给第一AMF和/或第二PCF,以使得第一UE和第二UE可以获得该第一算法标识及第二算法标识;只需满足第一UE与第二UE的获得的第一算法标识和/或第二算法标识一致即可。对第一PCF确定出何种加密算法和/或完整性保护算法不作限制。
在一些实施例中,第二请求消息中包括第一UE的第二标识信息;
方法包括:向第一AMF发送第二响应消息,其中,第二响应消息包括第二标识信息及安全信息的第二响应消息。
本公开实施例提供一种中继通信方法,由第一PCF执行,包括:向第一AMF发送第二响应消息,其中,第二响应消息包括第二标识信息及安全信息的第二响应消息。
在一些实施例中,向第一AMF发送第二响应消息,包括:响应于基于接收到的RSC确定第一UE是被授权服务RSC指示的中继服务,向第一AMF发送第二响应消息。
本公开实施例提供一种中继通信方法,由第一PCF执行,包括:响应于基于接收到的RSC确定第一UE是被授权服务RSC指示的中继服务,向第一AMF发送第二响应消息。
在一些实施例中,第四请求消息中包括第二UE的第四标识信息;
方法包括:向第二PCF发送第四响应消息,其中,第四响应消息包括第四标识信息及安全信息的第四响应消息。
本公开实施例提供过一种中继通信方法,由第一PCF执行,包括:向第二PCF发送第四响应消 息,其中,第四响应消息包括第四标识信息及安全信息的第四响应消息。
在一些实施例中,向第二PCF发送携带第四响应消息,包括:
响应于确定授权由第一UE提供中继服务给第二UE,向第二PCF发送密钥响应相关消息。
本公开实施例提供一种中继通信方法,由第一PCF执行,包括:响应于确定授权由第一UE提供中继服务给第二UE,向第二PCF发送密钥响应相关消息。
本公开实施例提供一种中继通信方法,由第一PCF执行,包括:向第一AMF发送第一RSC集合;其中,第一RSC集合包括:至少一个第一RSC,第一RSC为第一UE能够提供的中继服务的RSC。
以上实施方式,具体可以第一UE、第二UE、第一AMF和/或第二AMF侧的表述,在此不再赘述。
需要说明的是,本领域内技术人员可以理解,本公开实施例提供的方法,可以被单独执行,也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。
以下一种中继通信方法,是第二PCF执行,与上述由第一UE、第二UE、第一AMF、第二AMF和/或第一PCF执行的中继通信方法的描述是类似的;且对于由第二PCF执行的中继通信方法实施例中未披露的技术细节,请参照由第一UE、第二UE、第一AMF、第二AMF和/或第一PCF执行的中继通信方法示例的描述,在此不做详细描述说明。
如图12所示,本公开实施例提供一种中继通信方法,由第二PCF执行,包括:
步骤S1201:接收第二AMF发送的第四请求消息,其中,第四请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
步骤S1202:向第一PCF发送用于请求安全信息的第四请求消息。
在一些实施例中,第四请求消息中包括第二UE的第四标识信息;
方法包括:向第一AMF发送第四响应消息,其中,第四响应信息包括第四标识信息及安全信息。
本公开实施例提供一种中继通信方法,由第二PCF执行,包括:向第一AMF发送第四响应消息,其中,第四响应信息包括第四标识信息及安全信息。
在本公开的一些实施例中,第三请求消息及第四请求消息分别为上述实施例中第三请求消息及第四请求消息;第三响应消息及第四响应消息分别为上述实施例中第三响应消息及第四响应消息;第三标识信息及第四标识信息分别为上述实施例中、第三标识信息及第四标识信息;安全信息为上述实施例中安全信息。
示例性的,第四请求消息包括:密钥请求相关消息;第四响应消息包括:密钥响应相关消息;及安全信息包括:安全信息包括:中间发现密钥。
示例性的,密钥请求相关消息包括:指示中继服务的RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者,针对RSC的中间信息密钥及中间信息密钥的标识信息。
在一些实施例中,所述步骤S1202,包括:
若确定授权第二UE发现中继服务,向第一PCF发送用于请求安全信息的第四请求消息。
本公开实施例提供一种中继通信方法,由第二PCF执行,包括:若确定授权第二UE发现中继服务,向第一PCF发送用于请求安全信息的第四请求消息。
这里,第二PCF配置有RSC与提供RSC指示的中继服务的潜在U2N中继的PCF的地址的映射表。如此,第二PCF可基于第三请求消息中包括的RSC,确定出需要发送第四请求消息的第一PCF。
本公开实施例提供一种中继通信方法,由第二PCF执行,包括:向第二AMF发送第二RSC集合;其中,第二RSC集合包括:至少一个第二RSC,第二RSC为第二UE能够获得的中继服务的RSC。
以上实施方式,具体可以第一UE、第二UE、第一AMF、第二AMF和/或第一PCF侧的表述,在此不再赘述。
需要说明的是,本领域内技术人员可以理解,本公开实施例提供的方法,可以被单独执行,也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。
以下一种中继通信方法,是网络设备执行,与上述由第一UE、第二UE、第一AMF、第二AMF、第一PCF和/或第二PCF执行的中继通信方法的描述是类似的;且对于由网络设备执行的中继通信方法实施例中未披露的技术细节,请参照由第一UE、第二UE、第一AMF、第二AMF、第一PCF和/或网络设备执行的中继通信方法示例的描述,在此不做详细描述说明。
如图13所示,本公开实施例提供一种中继通信方法,由网络设备执行,包括:
步骤S131:获取UE发送的请求消息;其中,请求消息携带UE的标识信息;请求消息用于请求UE与UE之间进行中继通信发现的安全信息;
步骤S132:向UE发送携带安全信息的响应消息。
在本公开的一些实施例中,UE可以为上述实施例中第一UE和/或第二UE;若UE为第一UE时,UE的标识信息可以为上述实施例中第一标识信息和/或第二标识信息;若UE为第二UE时,UE的标识信息可以为上述实施例中第三标识和/或第四标识信息。若UE为第一UE,请求消息可以为上述实施例中第一请求消息和/或第二请求消息;若UE为第二UE,请求消息可以为上述实施例中第三请求消息和/或第四请求消息。若UE为第一UE,响应消息可以为上述实施例中第一响应消息和/或第二响应消息;若UE为第二UE,响应消息可以为上述实施例中第三响应消息和/或第四响应消息。本公开一些实施例中安全信息,可以为上述实施例中安全信息。
在一些实施例中,UE包括:第一UE;网络设备包括:第一AMF及第一PCF;
步骤S131,包括:第一AMF获取第一UE发送的第一请求消息;并基于第一请求消息中携带的第一标识信息,将携带第二标识信息的第二请求消息发送给第一PCF;其中,第一请求消息和/或第二请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
步骤S132,包括:第一AMF获取第一PCF发送的第二响应消息,并基于第二响应消息的第二标识信息,将第一响应消息发送给第一UE;其中,第一响应消息和/或第二响应消息中携带安全信息。
本公开实施例提供一种中继通信方法,由网络设备执行,网络设备包括第一AMF及第一PCF,包括:
第一AMF获取第一UE发送的第一请求消息;并基于第一请求消息中携带的第一标识信息,将携带第二标识信息的第二请求消息发送给第一PCF;其中,第一请求消息和/或第二请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
第一AMF获取第一PCF发送的第二响应消息,并基于第二响应消息的第二标识信息,将第一响应消息发送给第一UE;其中,第一响应消息和/或第二响应消息中携带安全信息。
在一些实施例中,第一请求消息和/或第二请求消息包括:指示中继服务的中继服务代码RSC;
第一响应消息和/或第二响应消息包括:针对RSC的中间发现密钥,或者,针对RSC的中间发现密钥及中间发现密钥的标识信息。
在一些实施例中,UE包括第二UE;网络设备包括:第二AMF、第一PCF及第二PCF;
步骤S131,包括:
第二AMF获取第二UE发送的第三请求消息;并基于第三请求消息中携带的第三标识信息,将携带第四标识信息的第四请求消息发送给第二PCF;其中,第三请求消息和/或第四请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
第二PFC将第四请求消息发送给第一PCF;
步骤S132,包括:
第一PCF将第四响应消息发送给第二PCF;
第二AMF获取第二PFC发送的第四响应消息;并基于第四响应消息的第四标识信息,将第三响应消息发送给第二UE;其中,第三响应消息和/或第四响应消息中携带安全信息。
本公开实施例提供一种中继通信方法,由网络设备执行,网络设备包括第二AMF、第一PCF及第二PCF,包括:
第二AMF获取第二UE发送的第三请求消息;并基于第三请求消息中携带的第三标识信息,将携带第四标识信息的第四请求消息发送给第二PCF;其中,第三请求消息和/或第四请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
第二PFC将第四请求消息发送给第一PCF
第一PCF将第四响应消息发送给第二PCF;
第二AMF获取第二PFC发送的第四响应消息;并基于第四响应消息的第四标识信息,将第三响应消息发送给第二UE;其中,第三响应消息和/或第四响应消息中携带安全信息。
在一些实施例中,第二PFC将第四请求消息发送给第一PCF,包括:
第二PCF确定授权第二UE发现中继服务,将第四请求消息发送给第一PCF;
第一PCF将第四响应消息发送给第二PCF,包括:
第一PCF确定授权由第一UE提供中继服务给第二UE,向第二PCF发送第四响应消息。
本公开实施例提供一种中继通信方法,由网络设备执行,网络设备包括第一PCF及第二PCF,包括:
第二PCF确定授权第二UE发现中继服务,将第四请求消息发送给第一PCF;
第一PCF确定授权由第一UE提供中继服务给第二UE,向第二PCF发送第四响应消息。
在一些实施例中,第三请求消息和/或第四请求消息包括:指示中继服务的RSC;
第三响应消息和/或第四响应消息包括:针对RSC的中间发现密钥,或者,针对RSC的中间发现密钥及中间发现密钥的标识信息。
以上实施方式,具体可以第一UE、第二UE、第一AMF、第二AMF和/或第一PCF侧的表述,在此不再赘述。
需要说明的是,本领域内技术人员可以理解,本公开实施例提供的方法,可以被单独执行,也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。
为了进一步解释本公开任意实施例,以下提供几个具体实施例。
示例一:
如图14所示,本公开实施例提供一种中继通信方法,由通信设备执行,通信设备包括:第一UE、第二UE、第一AMF、第二AMF、第一PCF及第二PCF;这里,第一UE为U2N中继,第二UE为远端UE,第一AMF为U2N中继的AMF,第二AMF为远端UE的AMF,第一PCF为U2N中继的PCF及第二PCF为远端UE的PCF;该中继通信方法以下步骤:
这里,远端UE的PCF配置有RSC与提供RSC指示的中继服务的潜在U2N中继的PCF的地址的映射表。
步骤S1300a:在服务授权和信息提供过程期间,U2N中继从U2N中继的PCF获得发现参数;
该步骤S1300a中发现参数包括至少一个RSC;该步骤S1300a中发现参数可以是包括上述实施例中的第一RSC集合。
步骤S1300b:在服务授权和信息提供过程期间,远端UE从远端UE的PCF获得发现参数;
该步骤S1300b中发现参数包括至少一个RSC;该步骤S1300b中发现参数可以是包括上述实施例中的第二RSC集合。
步骤S1301:U2N中继向U2N中继的AMF发送第一请求消息,第一请求消息包括:指示中继服务的RSC、指示U2N中继向U2N中继的PCF请求中继发现的中间发现密钥(PRDK)的类型指示信息、指示U2N中继的安全能力的安全指示信息、以及U2N中继的SUCI和/或5G GUTI;
这里,第一请求消息用于请求远端UE与U2N中继进行中继通信发现的中间发现密钥。
步骤S1302:U2N中继的AMF向U2N中继的PCF发送Namf_Communication_N1消息,Namf_Communication_N1消息包括:指示中继服务的RSC、类型指示信息、指示U2N中继的安全 能力的安全指示信息、以及U2N中继的SUPI;
这里,步骤S1302中的Namf_Communication_N1消息可以为上述实施例中第二请求消息;该Namf_Communication_N1消息用于请求远端UE与U2N中继进行中继通信发现的中间发现密钥。
在一个可选实施例中,在步骤S1302之前,包括:U2N中继的AMF基于U2N中继的SUCI和/或5G GUTI与第一映射关系,确定U2N中继的SUPI;其中,第一映射关系包括预定义的SUCI与SUPI的对应关系,和/或预定义的GUTI与SUPI的对应关系。
步骤S1303:U2N中继的PCF向U2N中继的AMF发送安全信息;
其中,安全信息包括:中间发现密钥、中间发现密钥的标识信息、指示加密算法的第一算法标识、指示完整性保护算法的第二算法标识及U2N中继的SUPI。
这里,该步骤S1303中发送安全信息,可以是:发送携带安全信息的第二响应消息。
在一个可选实施例中,在步骤S1303之前,包括:基于收到的RSC,验证U2N中继是被授权服务RSC指示的中继服务。
在一个可选实施例中,安全信息包括:时间相关信息,其中,时间相关信息包括:当前时间、最大偏移量及有效定时器的其中至少之一。
在一个可选实施例中,U2N中继的PCF基于RSC生成中间发现密钥(PRDK)及中间发现密钥的标识信息(ID);U2N中继的PCF基于U2N中继的安全能力,确定用于保护远端UE与U2N中继中间广播的发现消息的加密算法及完整性保护算法。
步骤S1304:U2N中继的AMF向U2N中继发送安全信息;安全信息包括:中间发现密钥、中间发现密钥的标识信息、指示加密算法的第一算法标识及指示完整性保护算法的第二算法标识;
这里,该步骤S1304中发送安全信息,可以是:发送携带安全信息的第一响应消息。
在一个可选实施例中,在步骤S1304之前,U2N中继的AMF可基于U2N中继的SUPI向哪个U2N中继发送安全信息。
步骤S1305:远端UE向远端UE的AMF发送第三请求消息,第三请求消息包括:指示中继服务的RSC、指示远端UE向远端UE的PCF请求中继发现的中间发现密钥(PRDK)的类型指示信息、指示远端UE的安全能力的安全指示信息、以及远端UE的SUCI和/或5G GUTI;
这里,第三请求消息用于请求远端UE与U2N中继进行中继通信发现的中间发现密钥。
步骤S1306:远端UE的AMF向远端UE的PCF发送Namf_Communication_N1消息,Namf_Communication_N1消息包括:指示中继服务的RSC、类型指示信息、指示远端UE的安全能力的安全指示信息、以及远端UE的SUPI;
这里,步骤S1306中的Namf_Communication_N1消息可以为上述实施例中第四请求消息;该Namf_Communication_N1消息用于请求远端UE与U2N中继进行中继通信发现的中间发现密钥。
在一个可选实施例中,在步骤S1306之前,包括:远端UE的AMF基于远端UE的SUCI和/或5G GUTI与第二映射关系,确定远端UE的SUPI;其中,第二映射关系包括预定义的SUCI与SUPI的对应关系,和/或预定义的GUTI与SUPI的对应关系。
步骤S1307:远端UE的PCF验证远端UE被授权请求RSC指示的中继服务的中间发现密钥;
步骤S1308:远端UE的PCF基于接收到的RSC确定潜在的U2N中继的PCF,并向U2N中继的PCF发送Namf_Communication_N1消息;
其中,Namf_Communication_N1消息包括:指示中继服务的RSC、类型指示信息、指示U2N中继的安全能力的安全指示信息、以及U2N中继的SUPI。
步骤S1309:U2N中继的PCF向远端UE的PCF发送安全信息;其中,安全信息包括:中间发现密钥、中间发现密钥的标识信息、指示加密算法的第一算法标识、指示完整性保护算法的第二算法标识及远端UE的SUPI。
这里,该步骤S1309中发送安全信息,可以是:发送携带安全信息的第四响应消息。
在一个可选实施例中,在步骤S1309之前,包括:U2N中继的PCF确定授权接收的RSC指示的中继服务可由U2N中继的PCF服务。
在一个可选实施例中,U2N中继的PCF基于RSC生成中间发现密钥(PRDK)及中间发现密钥的标识信息(ID);U2N中继的PCF基于U2N中继的安全能力,确定用于保护远端UE与U2N中继中间广播的发现消息的加密算法及完整性保护算法。
这里,步骤S1309中获得安全信息也可以直接基于S1304中获得的安全信息获得。
在一个可选实施例中,安全信息包括:时间相关信息,其中,时间相关信息包括:当前时间、最大偏移量及有效定时器的其中至少之一。
步骤S1310:远端UE的PCF向远端UE的AMF发送安全信息;其中,安全信息包括:中间发现密钥、中间发现密钥的标识信息、指示加密算法的第一算法标识、指示完整性保护算法的第二算法标识及远端UE的SUPI。
这里,该步骤S1310中发送安全信息,可以是:发送携带安全信息的第四响应消息。
步骤S1311:远端UE的AMF向远端UE发送安全信息;其中,安全信息包括:中间发现密钥、中间发现密钥的标识信息、指示加密算法的第一算法标识及指示完整性保护算法的第二算法标识;
这里,该步骤S1311中发送安全信息,可以是:发送携带安全信息的第三响应消息。
步骤S1312:U2N中继基于中间发现密钥、第一算法标识及第二算法标识,确定中继发现密钥;中继发现密钥包括:DUCK和DUIK;
在一可选实施例中,中继发现密钥包括DUSK。
步骤S1313:U2N中继广播发现公告消息,其中,发现公告消息包括使用中继发现密钥及加密算法加密并基于完整性保护算法保护的发现公告消息;
该步骤S1213中发现公告消息可以是上述实施例中第一公告消息。
步骤S1314:远端UE基于中间发现密钥、第一算法标识及第二算法标识,确定中继发现密钥;中继发现密钥包括:DUCK和DUIK;
步骤S1315:远端UE基于中继发现密钥验证并解密发现公告消息;
这里,该步骤S1315中远端UE基于中继发现密钥验证并解密发现公告消息,可获得发现消息。
步骤S1316:远端UE和U2N中继继续进行中继服务的剩余过程。
示例二:
如图15所示,本公开实施例提供一种中继通信方法,由通信设备执行,通信设备包括:第一UE、第二UE、第一AMF、第二AMF、第一PCF及第二PCF;这里,第一UE为U2N中继,第二UE为远端UE,第一AMF为U2N中继的AMF,第二AMF为远端UE的AMF,第一PCF为U2N中继的PCF及第二PCF为远端UE的PCF;该中继通信方法以下步骤:
这里,远端UE的PCF配置有RSC与提供RSC指示的中继服务的潜在U2N中继的PCF的地址的映射表。
步骤S1400a至步骤S1411,与上述实施例中步骤S1300a至步骤S1411相同;
步骤S1412:U2N中继基于中间发现密钥、第一算法标识及第二算法标识,确定中继发现密钥;中继发现密钥包括:DUCK和DUIK;
在一可选实施例中,中继发现密钥可包括DUSK。
步骤S1413:远端UE基于中间发现密钥、第一算法标识及第二算法标识,确定中继发现密钥;中继发现密钥包括:DUCK和DUIK;
步骤S1414:远端UE广播请求公告消息,请求公告消息包括发现请求消息;
该步骤S1414中请求公告消息为上述实施例中第二公告消息。这里,该请求公告消息包括的发现请求消息使用中继发现密钥及加密算法加密并基于完整性保护算法保护。
步骤S1415:U2N中继基于中继发现密钥解密并验证请求公告消息;
步骤S1416:U2N中继广播响应公告消息,响应公告消息包括发现响应消息;
该步骤S1416中响应公告消息为上述实施例中第三公告消息。这里,该响应公告消息包括的发现响应消息使用中继发现密钥及加密算法加密并基于完整性保护算法保护。
步骤S1417:远端UE基于中继发现密钥解密并验证响应公告消息;
步骤S1418:远端UE和U2N中继继续进行中继服务的剩余过程。
需要说明的是,本领域内技术人员可以理解,本公开实施例提供的方法,可以被单独执行,也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。
如图16所示,本公开实施例提供一种中继通信装置,由第一UE执行,包括:
第一发送模块21,被配置为向第一AMF发送第一请求消息,其中,第一请求消息用于请求第一UE及第二UE之间进行中继通信发现的安全信息;
其中,第一请求消息包括第一UE的第一标识信息;第一标识信息用于第一AMF将用于请求安全信息的第二请求信息发送给与第一UE对应的第一PCF。
本公开实施例提供一种中继通信装置,由第一UE执行,包括:第一接收模块,被配置为接收第一AMF发送的第一响应消息,其中,第一响应消息包括:第二响应消息中包括的安全信息;第二 响应消息是第一PCF基于第二响应消息中包括的第一UE的第二标识信息发送的。
在一些实施例中,第一标识信息包括以下至少之一:SUCI;及GUTI;
和/或,
第二标识信息包括与第一标识信息对应的SUPI。
在一些实施例中,第一请求消息包括:密钥请求相关消息;第一响应消息包括:密钥响应相关消息;及安全信息包括:中间发现密钥。
在一些实施例中,密钥请求相关消息包括:指示RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者,针对RSC的中间发现密钥及中间发现密钥的标识信息。
在一些实施例中,其中,密钥请求相关消息,还包括以下至少之一:
类型指示信息,用于指示中继通信的发现消息的类型;
第一安全指示信息,用于指示第一UE的安全能力。
在一些实施例中,密钥响应相关消息,还包括以下至少之一:
算法标识;其中,算法标识包括以下至少之一:
第一算法标识,用于指示加解密中继通信的发现消息的算法;
第二算法标识,用于指示对中继通信的发现消息进行完整性保护的算法;
时间相关信息,用于确定中继通信的发现消息是否遭受重放攻击。
本公开实施例提供一种中继通信装置,由第一UE执行,包括:第一处理模块,被配置为基于中间发现密钥确定中继发现密钥;其中,中继发现密钥包括以下至少之一:
加密密钥DUCK,用于加解密中继通信的发现消息;
完整性保证密钥DUIK,用于保护中继通信的发现消息的完整性。
本公开实施例提供一种中继通信装置,由第一UE执行,包括:
第一处理模块,被配置为基于中间发现密钥及算法标识,确定中继发现密钥;或者,
第一处理模块,被配置为基于中间发现密钥、算法标识及RSC,确定中继发现密钥。
本公开实施例提供一种中继通信装置,由第一UE执行,包括:第一发送模块21,被配置为发送第一公告消息,其中,第一公告消息包括:基于中继发现密钥加密并受完整性保护的发现消息;发现消息用于指示第一UE支持被发现提供中继服务。
本公开实施例提供一种中继通信装置,由第一UE执行,包括:
第一接收模块,被配置为接收第二公告消息,其中,第二公告消息包括:基于中继发现密钥加密并受完整性保护的发现请求消息;发现请求消息用于请求第二UE发现所请求的中继服务;
第一处理模块,被配置为基于中继发现密钥解密并验证第二公告消息以获得发现请求消息。
本公开实施例提供一种中继通信装置,由第一UE执行,包括:第一发送模块21,被配置为发送第三公告消息,其中,第三公告消息包括:基于中继发现密钥加密并受完整性保护的发现响应消息,其中,发现响应消息基于发现请求消息确定。
本公开实施例提供一种中继通信装置,由第一UE执行,包括:第一接收模块,被配置为接收第一AMF发送的第一RSC集合;其中,第一RSC集合包括:至少一个第一RSC;第一RSC为第一UE能够提供的中继服务的RSC。
如图17所示,本公开实施例提供一种中继通信装置,由第一AMF执行,包括:
第二接收模块31,被配置为接收第一用户设备UE发送的第一请求消息,其中,第一请求消息用于请求第一UE及第二UE之间进行中继通信发现的安全信息;
第二发送模块32,被配置为基于第一请求消息中携带的第一UE的第一标识信息,将用于请求安全信息的第二请求消息发送给与第一标识信息对应的第一策略控制功能PCF。
本公开实施例提供一种中继通信装置,由第一AMF执行,包括:
第二接收模块31,被配置为接收第一PCF发送的第二响应消息,其中,第二响应消息包括安全信息;
第二发送模块32,被配置为基于第二响应消息中携带的第一UE的第二标识信息,将携带安全信息的第一响应消息发送给第一UE。
本公开实施例提供一种中继通信装置,由第一AMF执行,包括:第二处理模块,被配置为基于第一标识信息及第一映射关系,确定与第一UE对应的第二标识信息;其中,第一映射关系包括:第一标识信息与第二标识信息的对应关系。
在一些实施例中,第一标识信息包括以下至少之一:SUCI,及GUTI;
第二标识信息包括:用户签约永久标识SUPI。
在一些实施例中,第二请求消息包括:密钥请求相关消息;第二响应消息包括:密钥响应相关消息;安全信息包括:中间发现密钥。
在一些实施例中,密钥请求相关消息包括:指示中继服务的中继服务代码RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者针对RSC的中间发现密钥及中间发现密钥的标识信息。
本公开实施例提供一种中继通信装置,由第一AMF执行,包括:
第二接收模块31,被配置为接收第一PCF发送的第一RSC集合;其中,第一RSC集合包括:至少一个第一RSC,第一RSC为第一UE能够提供的中继服务的RSC;
第二发送模块32,被配置为将第一RSC集合发送给第一UE。
如图18所示,本公开实施例提供一种中继通信装置,由第二UE执行,包括:
第三发送模块41,被配置为向第二AMF发送第三请求消息,其中,第三请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
其中,第三请求消息包括第二UE的第三标识信息;第三标识信息用于第二AMF将用于请求安全信息的第四请求信息发送给第二UE对应的第二PCF。
本公开实施例提供一种中继通信装置,由第二UE执行,包括:第三接收模块,被配置为接收第二AMF发送的第三响应消息,其中,第三响应消息包括:第四响应消息中包括的安全信息;第四 响应消息是第二PCF基于第三响应消息中包括的第二UE的第四标识信息发送的。
在一些实施例中,第三标识信息包括以下至少之一:SUCI;及GUTI;
和/或,
第四标识信息包括与第三标识信息对应的SUPI。
在一些实施例中,第三请求消息包括:密钥请求相关消息;第三响应消息,包括:密钥响应相关消息;及安全信息包括:中间发现密钥。
在一些实施例中,密钥请求相关消息包括:指示中继服务的中继服务代码RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者针对RSC的中间发现密钥及中间发现密钥的标识信息。
在一些实施例中,密钥请求相关消息,还包括以下至少之一:
类型指示信息,用于指示中继通信的发现消息的类型;
第二安全指示信息,用于指示第二UE的安全能力。
在一些实施例中,密钥响应相关消息,包括以下至少之一:
算法标识;其中,算法标识包括以下至少之一:
第一算法标识,用于指示加解密中继通信的发现消息的算法;
第二算法标识,用于指示对中继通信的发现消息进行完整性保护的算法;
时间相关信息,用于确定中继通信的发现消息是否遭受重放攻击。
本公开实施例提供一种中继通信装置,由第二UE执行,包括:第三处理模块,被配置为基于中间发现密钥确定中继发现密钥;其中,中继发现密钥包括以下至少之一:
加密密钥DUCK,用于加解密中继通信的发现消息;
完整性保证密钥DUIK,用于保护中继通信的发现消息的完整性。
本公开实施例提供一种中继通信装置,由第二UE执行,包括:
第三处理模块,被配置为基于中间发现密钥及算法标识,确定中继发现密钥;或者,
第三处理模块,被配置为基于中间发现密钥、算法标识及RSC,确定中继发现密钥。
本公开实施例提供一种中继通信装置,由第二UE执行,包括:
第三接收模块,被配置为接收第一公告消息,其中,第一公告消息包括:基于中继发现密钥加密并受完整性保护的发现消息;发现消息用于指示第一UE支持被发现提供中继服务;
第三处理模块,被配置为基于中继发现密钥解密并验证第一公告消息以获得发现消息。
本公开实施例提供一种中继通信装置,由第二UE执行,包括:第三发送模块41,被配置为发送第二公告消息,其中,第二公告消息包括:基于中继发现密钥加密并受完整性保护的发现请求消息;发现请求消息用于请求第二UE发现所请求的中继服务。
本公开实施例提供一种中继通信装置,由第二UE执行,包括:
第三接收模块,被配置为接收第三公告消息,其中,第三公告消息包括:基于中继发现密钥加密并受完整性保护的发现响应消息,其中,发现响应消息基于发现请求消息确定;
第三处理模块,被配置为基于中继发现密钥解密并验证第三公告消息以获得发现响应消息。
本公开实施例提供一种中继通信装置,由第二UE执行,包括:第三接收模块,被配置为接收第二AMF发送的第二RSC集合;其中,第二RSC集合包括:至少一个第二RSC;第二RSC为第二UE能够获得的中继服务的RSC。
如图19所示,本公开实施例提供一种中继通信装置,由第二AMF执行,包括:
第四接收模块51,被配置为接收第二用户设备UE发送的第三请求消息,其中,第三请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
第四发送模块52,被配置为基于第三请求消息中携带的第二UE的第三标识信息,将用于请求安全信息的第四请求消息发送给与第三标识信息对应的第二策略控制功能PCF。
本公开实施例提供一种中继通信装置,由第二AMF执行,包括:
第四接收模块51,被配置为接收第二PCF发送的第四响应消息,其中,第四响应消息包括安全信息;
第四发送模块52,被配置为基于第四响应消息中携带的第二UE的第四标识信息,将携带安全信息的第三响应消息发送给第二UE。
本公开实施例提供一种中继通信装置,由第二AMF执行,包括:第四处理模块,被配置为基于第三标识信息及第二映射关系,确定与第二UE对应的第四标识信息;其中,第二映射关系包括:第三标识信息与第四标识信息的对应关系。
在一些实施例中,第三标识信息包括以下至少之一:SUCI,及GUTI;
第四标识信息包括:SUPI。
在一些实施例中,第四请求消息中包括:密钥请求相关消息;第四响应消息包括:密钥响应相关消息;安全信息包括:中间发现密钥。
在一些实施例中,密钥请求相关消息包括:指示中继服务的中继服务代码RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者针对RSC的中间发现密钥及中间发现密钥的标识信息。
本公开实施例提供一种中继通信装置,由第二AMF执行,包括:
第四接收模块51,被配置为接收第二PCF发送的第二RSC集合;其中,第二RSC集合包括:至少一个第二RSC,第二RSC为第二UE能够获得的中继服务的RSC;
第四发送模块52,被配置为将第二RSC集合发送给第二UE。
如图20所示,本公开实施例提供一种中继通信装置,由第一PCF执行,包括:
第五接收模块61,被配置为接收第一AMF发送的第二请求消息和/或接收第二PCF发送的第四请求消息,其中,第二请求消息和/或第四请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息。
在一些实施例中,第二请求消息中包括第一UE的第二标识信息。
本公开实施例提供一种中继通信装置,由第一PCF执行,包括:第五发送模块,被配置为向第 一AMF发送第二响应消息,其中,第二响应消息包括第二标识信息及安全信息的第二响应消息。
在一些实施例中,第四请求消息中包括第二UE的第四标识信息;
本公开实施例提供一种中继通信装置,由第一PCF执行,包括:第五发送模块,被配置为向第二PCF发送第四响应消息,其中,第四响应消息包括第四标识信息及安全信息的第四响应消息。
在一些实施例中,第二请求消息和/或第四请求消息包括:密钥请求相关消息;第二响应消息和/或第四响应消息包括:密钥响应相关消息;及安全信息包括:安全信息包括:中间发现密钥。
在一些实施例中,密钥请求相关消息包括:指示中继服务的RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者,针对RSC的中间信息密钥及中间信息密钥的标识信息。
本公开实施例提供一种中继通信装置,由第一PCF执行,包括:第五发送模块,被配置为响应于确定授权由第一UE提供中继服务给第二UE,向第二PCF发送密钥响应相关消息。
本公开实施例提供一种中继通信装置,由第一PCF执行,包括:第五发送模块,被配置为向第一AMF发送第一RSC集合;其中,第一RSC集合包括:至少一个第一RSC,第一RSC为第一UE能够提供的中继服务的RSC。
如图21所示,本公开实施例提供一种中继通信装置,由第二PCF执行,包括:
第六接收模块71,被被配置为接收第二AMF发送的第四请求消息,其中,第四请求消息用于请求第一用户设备UE与第二UE之间进行中继通信发现的安全信息;
第六发送模块72,被配置为向第一PCF发送用于请求安全信息的第四请求消息。
本公开实施例提供一种中继通信装置,由第二PCF执行,包括:第六发送模块62,被配置为若确定授权第二UE发现中继服务,向第一PCF发送用于请求安全信息的第四请求消息。
在一些实施例中;第四请求消息中包括第二UE的第四标识信息;
本公开实施例提供一种中继通信装置,由第二PCF执行,包括:第六发送模块62,被配置为向第一AMF发送第四响应消息,其中,第四响应信息包括第四标识信息及安全信息。
在一些实施例中,第四请求消息包括:密钥请求相关消息;第四响应消息包括:密钥响应相关消息;及安全信息包括:中间发现密钥。
在一些实施例中,密钥请求相关消息包括:指示中继服务的RSC;
密钥响应相关消息包括:针对RSC的中间发现密钥,或者针对RSC的中间发现密钥及中间发现密钥的标识信息。
本公开实施例提供一种中继通信装置,由第二PCF执行,包括:第六发送模块62,被配置为向第二AMF发送第二RSC集合;其中,第二RSC集合包括:至少一个第二RSC,第二RSC为第二UE能够获得的中继服务的RSC。
如图22所示,本公开实施例提供一种中继通信装置,应用于网络设备,包括:
第七接收模块81,被配置为获取UE发送的请求消息;其中,请求消息携带UE的标识信息;请求消息用于请求UE与UE之间进行中继通信发现的安全信息;
第七发送模块82,被配置为向UE发送携带安全信息的响应消息。
本公开实施例中提供一种中继通信装置,应用于网路设备,网路设备包括第一AMF及第一PCF;其中,
第一AMF获取第一UE发送的第一请求消息;并基于第一请求消息中携带的第一标识信息,将携带第二标识信息的第二请求消息发送给第一PCF;其中,第一请求消息和/或第二请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
第一AMF获取第一PCF发送的第二响应消息,并基于第二响应消息的第二标识信息,将第一响应消息发送给第一UE;其中,第一响应消息和/或第二响应消息中携带安全信息。
在一些实施例中,第一请求消息和/或第二请求消息包括:指示中继服务的中继服务代码RSC;
第一响应消息和/或第二响应消息包括:针对RSC的中间发现密钥,或者,针对RSC的中间发现密钥及中间发现密钥的标识信息。
本公开实施例提供一种中继通信装置,应用于网络设备,网络设备包括第二AMF、第一PCF及第二PCF;其中,
第二AMF获取第二UE发送的第三请求消息;并基于第三请求消息中携带的第三标识信息,将携带第四标识信息的第四请求消息发送给第二PCF;其中,第三请求消息和/或第四请求消息用于请求第一UE与第二UE之间进行中继通信发现的安全信息;
第二PFC将第四请求消息发送给第一PCF;
第一PCF将第四响应消息发送给第二PCF;
第二AMF获取第二PFC发送的第四响应消息;并基于第四响应消息的第四标识信息,将第三响应消息发送给第二UE;其中,第三响应消息和/或第四响应消息中携带安全信息。
本公开实施例提供一种中继通信装置,应用于网络设备,网络设备包括第一PCF及第二PCF;其中,
第二PCF确定授权第二UE发现中继服务,将第四请求消息发送给第一PCF;
第一PCF确定授权由第一UE提供中继服务给第二UE,向第二PCF发送第四响应消息。
在一些实施例中,第三请求消息和/或第四请求消息包括:指示中继服务的RSC;
第三响应消息和/或第四响应消息包括:针对RSC的中间发现密钥,或者,针对RSC的中间发现密钥及中间发现密钥的标识信息。
需要说明的是,本领域内技术人员可以理解,本公开实施例提供的装置,可以被单独执行,也可以与本公开实施例中一些装置或相关技术中的一些装置一起被执行。
关于上述实施例中的装置,其中各个模块执行操作的具体方式已经在有关该方法的实施例中进行了详细描述,此处将不做详细阐述说明。
本公开实施例提供一种通信设备,包括:
处理器;
用于存储处理器可执行指令的存储器;
其中,处理器被配置为:用于运行可执行指令时,实现本公开任意实施例的定位方法。
在一个实施例中,通信设备可以包括但不限于至少之一:核心网设备、接入网设备、及UE。该UE可以为上述实施例中第一UE或者第二UE;核心网设备可以为上述实施例中第一AMF、第二AMF、第一PCF或者第二PCF。
其中,处理器可包括各种类型的存储介质,该存储介质为非临时性计算机存储介质,在用户设备掉电之后能够继续记忆存储其上的信息。
处理器可以通过总线等与存储器连接,用于读取存储器上存储的可执行程序,例如,如图4至图15所示的方法的至少其中之一。
本公开实施例还提供一种计算机存储介质,计算机存储介质存储有计算机可执行程序,可执行程序被处理器执行时实现本公开任意实施例的定位方法。例如,如图4至图15所示的方法的至少其中之一。
关于上述实施例中的装置或者存储介质,其中各个模块执行操作的具体方式已经在有关该方法的实施例中进行了详细描述,此处将不做详细阐述说明。
图23是根据一示例性实施例示出的一种用户设备800的框图。例如,用户设备800可以是移动电话,计算机,数字广播用户设备,消息收发设备,游戏控制台,平板设备,医疗设备,健身设备,个人数字助理等。
参照图23,用户设备800可以包括以下一个或多个组件:处理组件802,存储器804,电源组件806,多媒体组件808,音频组件810,输入/输出(I/O)的接口812,传感器组件814,以及通信组件816。
处理组件802通常控制用户设备800的整体操作,诸如与显示,电话呼叫,数据通信,相机操作和记录操作相关联的操作。处理组件802可以包括一个或多个处理器820来执行指令,以完成上述的方法的全部或部分步骤。此外,处理组件802可以包括一个或多个模块,便于处理组件802和其他组件之间的交互。例如,处理组件802可以包括多媒体模块,以方便多媒体组件808和处理组件802之间的交互。
存储器804被配置为存储各种类型的数据以支持在用户设备800的操作。这些数据的示例包括用于在用户设备800上操作的任何应用程序或方法的指令,联系人数据,电话簿数据,消息,图片,视频等。存储器804可以由任何类型的易失性或非易失性存储设备或者它们的组合实现,如静态随机存取存储器(SRAM),电可擦除可编程只读存储器(EEPROM),可擦除可编程只读存储器(EPROM),可编程只读存储器(PROM),只读存储器(ROM),磁存储器,快闪存储器,磁盘或光盘。
电源组件806为用户设备800的各种组件提供电力。电源组件806可以包括电源管理系统,一个或多个电源,及其他与为用户设备800生成、管理和分配电力相关联的组件。
多媒体组件808包括在所述用户设备800和用户之间的提供一个输出接口的屏幕。在一些实施 例中,屏幕可以包括液晶显示器(LCD)和触摸面板(TP)。如果屏幕包括触摸面板,屏幕可以被实现为触摸屏,以接收来自用户的输入信号。触摸面板包括一个或多个触摸传感器以感测触摸、滑动和触摸面板上的手势。所述触摸传感器可以不仅感测触摸或滑动动作的边界,而且还检测与所述触摸或滑动操作相关的持续时间和压力。在一些实施例中,多媒体组件808包括一个前置摄像头和/或后置摄像头。当用户设备800处于操作模式,如拍摄模式或视频模式时,前置摄像头和/或后置摄像头可以接收外部的多媒体数据。每个前置摄像头和后置摄像头可以是一个固定的光学透镜系统或具有焦距和光学变焦能力。
音频组件810被配置为输出和/或输入音频信号。例如,音频组件810包括一个麦克风(MIC),当用户设备800处于操作模式,如呼叫模式、记录模式和语音识别模式时,麦克风被配置为接收外部音频信号。所接收的音频信号可以被进一步存储在存储器804或经由通信组件816发送。在一些实施例中,音频组件810还包括一个扬声器,用于输出音频信号。
I/O接口812为处理组件802和外围接口模块之间提供接口,上述外围接口模块可以是键盘,点击轮,按钮等。这些按钮可包括但不限于:主页按钮、音量按钮、启动按钮和锁定按钮。
传感器组件814包括一个或多个传感器,用于为用户设备800提供各个方面的状态评估。例如,传感器组件814可以检测到设备800的打开/关闭状态,组件的相对定位,例如所述组件为用户设备800的显示器和小键盘,传感器组件814还可以检测用户设备800或用户设备800一个组件的位置改变,用户与用户设备800接触的存在或不存在,用户设备800方位或加速/减速和用户设备800的温度变化。传感器组件814可以包括接近传感器,被配置用来在没有任何的物理接触时检测附近物体的存在。传感器组件814还可以包括光传感器,如CMOS或CCD图像传感器,用于在成像应用中使用。在一些实施例中,该传感器组件814还可以包括加速度传感器,陀螺仪传感器,磁传感器,压力传感器或温度传感器。
通信组件816被配置为便于用户设备800和其他设备之间有线或无线方式的通信。用户设备800可以接入基于通信标准的无线网络,如WiFi,4G或5G,或它们的组合。在一个示例性实施例中,通信组件816经由广播信道接收来自外部广播管理系统的广播信号或广播相关信息。在一个示例性实施例中,所述通信组件816还包括近场通信(NFC)模块,以促进短程通信。例如,在NFC模块可基于射频识别(RFID)技术,红外数据协会(IrDA)技术,超宽带(UWB)技术,蓝牙(BT)技术和其他技术来实现。
在示例性实施例中,用户设备800可以被一个或多个应用专用集成电路(ASIC)、数字信号处理器(DSP)、数字信号处理设备(DSPD)、可编程逻辑器件(PLD)、现场可编程门阵列(FPGA)、控制器、微控制器、微处理器或其他电子元件实现,用于执行上述方法。
在示例性实施例中,还提供了一种包括指令的非临时性计算机可读存储介质,例如包括指令的存储器804,上述指令可由用户设备800的处理器820执行以完成上述方法。例如,所述非临时性计算机可读存储介质可以是ROM、随机存取存储器(RAM)、CD-ROM、磁带、软盘和光数据存储设备等。
如图24所示,本公开一实施例示出一种基站的结构。例如,基站900可以被提供为一网络侧设备。参照图24,基站900包括处理组件922,其进一步包括一个或多个处理器,以及由存储器932所代表的存储器资源,用于存储可由处理组件922的执行的指令,例如应用程序。存储器932中存储的应用程序可以包括一个或一个以上的每一个对应于一组指令的模块。此外,处理组件922被配置为执行指令,以执行上述方法前述应用在所述基站的任意方法。
基站900还可以包括一个电源组件926被配置为执行基站900的电源管理,一个有线或无线网络接口950被配置为将基站900连接到网络,和一个输入输出(I/O)接口958。基站900可以操作基于存储在存储器932的操作系统,例如Windows Server TM,Mac OS XTM,UnixTM,LinuxTM,FreeBSDTM或类似。
本领域技术人员在考虑说明书及实践这里公开的发明后,将容易想到本发明的其它实施方案。本公开旨在涵盖本发明的任何变型、用途或者适应性变化,这些变型、用途或者适应性变化遵循本发明的一般性原理并包括本公开未公开的本技术领域中的公知常识或惯用技术手段。说明书和实施例仅被视为示例性的,本发明的真正范围和精神由下面的权利要求指出。
应当理解的是,本发明并不局限于上面已经描述并在附图中示出的精确结构,并且可以在不脱离其范围进行各种修改和改变。本发明的范围仅由所附的权利要求来限制。

Claims (67)

  1. 一种中继通信方法,其中,由第一用户设备UE执行,包括:
    向第一接入和移动性管理功能AMF发送第一请求消息,其中,第一请求消息用于请求所述第一UE及第二UE之间进行中继通信发现的安全信息;
    其中,所述第一请求消息包括所述第一UE的第一标识信息;所述第一标识信息用于所述第一AMF将用于请求所述安全信息的第二请求信息发送给与所述第一UE对应的第一策略控制功能PCF。
  2. 根据权利要求1所述的方法,其中,所述方法包括:
    接收所述第一AMF发送的第一响应消息,其中,所述第一响应消息包括:第二响应消息中包括的所述安全信息;所述第二响应消息是所述第一PCF基于所述第二响应消息中包括的所述第一UE的第二标识信息发送的。
  3. 根据权利要求2所述的方法,其中,所述第一标识信息包括以下至少之一:
    用户签约隐藏标识SUCI;
    全球唯一临时标识GUTI;
    和/或,
    所述第二标识信息包括与所述第一标识信息对应的用户签约永久标识SUPI。
  4. 根据权利要求1至3任一项所述的方法,其中,所述第一请求消息包括:密钥请求相关消息;所述第一响应消息包括:密钥响应相关消息;及所述安全信息包括:中间发现密钥。
  5. 根据权利要求4所述的方法,其中,所述密钥请求相关消息包括:指示中继服务的中继服务代码RSC;
    所述密钥响应相关消息包括:针对所述RSC的所述中间发现密钥,或者,针对所述RSC的所述中间发现密钥及所述中间发现密钥的标识信息。
  6. 根据权利要求4所述的方法,其中,所述密钥请求相关消息,还包括以下至少之一:
    类型指示信息,用于指示中继通信的发现消息的类型;
    第一安全指示信息,用于指示所述第一UE的安全能力。
  7. 根据权利要求4所述的方法,其中,所述密钥响应相关消息,还包括以下至少之一:
    算法标识;其中,所述算法标识包括以下至少之一:
    第一算法标识,用于指示加解密中继通信的发现消息的算法;
    第二算法标识,用于指示对中继通信的发现消息进行完整性保护的算法;
    时间相关信息,用于确定中继通信的发现消息是否遭受重放攻击。
  8. 根据权利要求4所述的方法,其中,所述方法包括:
    基于所述中间发现密钥确定中继发现密钥;其中,所述中继发现密钥包括以下至少之一:
    加密密钥DUCK,用于加解密中继通信的发现消息;
    完整性保证密钥DUIK,用于保护中继通信的发现消息的完整性。
  9. 根据权利要求8所述的方法,其中,所述基于所述中间发现密钥确定中继发现密钥,包括以下之一:
    基于所述中间发现密钥及算法标识,确定所述中继发现密钥;
    基于所述中间发现密钥、算法标识及RSC,确定所述中继发现密钥。
  10. 根据权利要求8所述的方法,其中,所述方法包括:
    发送第一公告消息,其中,所述第一公告消息包括:基于所述中继发现密钥加密并受完整性保护的所述发现消息;所述发现消息用于指示所述第一UE支持被发现提供中继服务。
  11. 根据权利要求8所述的方法,其中,所述方法包括:
    接收第二公告消息,其中,所述第二公告消息包括:基于所述中继发现密钥加密并受完整性保护的发现请求消息;所述发现请求消息用于请求所述第二UE发现所请求的中继服务;
    基于所述中继发现密钥解密并验证所述第二公告消息以获得所述发现请求消息。
  12. 根据权利要求11所述的方法,其中,所述方法包括:
    发送第三公告消息,其中,所述第三公告消息包括:基于所述中继发现密钥加密并受完整性保护的发现响应消息,其中,所述发现响应消息基于所述发现请求消息确定。
  13. 根据权利要求4至12任一项所述的方法,其中,所述方法包括:
    接收所述第一AMF发送的第一RSC集合;其中,所述第一RSC集合包括:至少一个第一RSC;所述第一RSC为所述第一UE能够提供的中继服务的RSC。
  14. 一种中继通信方法,其中,由第一接入和移动性管理功能AMF执行,包括:
    接收第一用户设备UE发送的第一请求消息,其中,所述第一请求消息用于请求所述第一UE及第二UE之间进行中继通信发现的安全信息;
    基于所述第一请求消息中携带的所述第一UE的第一标识信息,将用于请求所述安全信息的第二请求消息发送给与所述第一标识信息对应的第一策略控制功能PCF。
  15. 根据权利要求14所述的方法,其中,所述方法包括:
    接收所述第一PCF发送的第二响应消息,其中,所述第二响应消息包括所述安全信息;
    基于所述第二响应消息中携带的所述第一UE的第二标识信息,将携带所述安全信息的第一响应消息发送给所述第一UE。
  16. 根据权利要求15所述的方法,其中,所述方法包括:
    基于所述第一标识信息及第一映射关系,确定与所述第一UE对应的所述第二标识信息;其中,所述第一映射关系包括:所述第一标识信息与所述第二标识信息的对应关系。
  17. 根据权利要求15或16所述的方法,其中,
    所述第一标识信息包括以下至少之一:用户签约隐藏标识SUCI,及全球唯一临时标识GUTI;
    所述第二标识信息包括:用户签约永久标识SUPI。
  18. 根据权利要求14至16任一项所述的方法,其中,所述第二请求消息包括:密钥请求相关消息;所述第二响应消息包括:密钥响应相关消息;所述安全信息包括:中间发现密钥。
  19. 根据权利要求18所述的方法,其中,所述密钥请求相关消息包括:指示中继服务的中继服务代码RSC;
    所述密钥响应相关消息包括:针对所述RSC的所述中间发现密钥,或者针对所述RSC的所述中间发现密钥及所述中间发现密钥的标识信息。
  20. 根据权利要求14所述的方法,其中,所述方法包括:
    接收所述第一PCF发送的第一RSC集合;其中,所述第一RSC集合包括:至少一个第一RSC,所述第一RSC为所述第一UE能够提供的中继服务的RSC;
    将所述第一RSC集合发送给所述第一UE。
  21. 一种中继通信方法,其中,由第二用户设备UE执行,包括:
    向第二接入和移动性管理功能AMF发送第三请求消息,其中,所述第三请求消息用于请求第一UE与所述第二UE之间进行中继通信发现的安全信息;其中,所述第三请求消息包括所述第二UE的第三标识信息;所述第三标识信息用于所述第二AMF将用于请求所述安全信息的第四请求信息发送给所述第二UE对应的第二策略控制功能PCF。
  22. 根据权利要求21所述的方法,其中,所述方法包括:
    接收所述第二AMF发送的第三响应消息,其中,所述第三响应消息包括:第四响应消息中包括的所述安全信息;所述第四响应消息是第二PCF基于所述第三响应消息中包括的所述第二UE的第四标识信息发送的。
  23. 根据权利要求22所述的方法,其中,所述第三标识信息包括以下至少之一:
    用户签约隐藏标识SUCI;
    全球唯一临时标识GUTI;
    和/或,
    所述第四标识信息包括与所述第三标识信息对应的用户签约永久标识SUPI。
  24. 根据权利要求21至23任一项所述的方法,其中,所述第三请求消息包括:密钥请求相关消息;所述第三响应消息,包括:密钥响应相关消息;及所述安全信息包括:中间发现密钥。
  25. 根据权利要求24所述的方法,其中,所述密钥请求相关消息包括:指示中继服务的中继服务代码RSC;
    所述密钥响应相关消息包括:针对所述RSC的所述中间发现密钥,或者针对所述RSC的所述中间发现密钥及所述中间发现密钥的标识信息。
  26. 根据权利要求24所述的方法,其中,所述密钥请求相关消息,还包括以下至少之一:
    类型指示信息,用于指示中继通信的发现消息的类型;
    第二安全指示信息,用于指示所述第二UE的安全能力。
  27. 根据权利要求24所述的方法,其中,所述密钥响应相关消息,包括以下至少之一:
    算法标识;其中,所述算法标识包括以下至少之一:
    第一算法标识,用于指示加解密中继通信的发现消息的算法;
    第二算法标识,用于指示对中继通信的发现消息进行完整性保护的算法;
    时间相关信息,用于确定中继通信的发现消息是否遭受重放攻击。
  28. 根据权利要求4所述的方法,其中,所述方法包括:
    基于所述中间发现密钥确定中继发现密钥;其中,所述中继发现密钥包括以下至少之一:
    加密密钥DUCK,用于加解密中继通信的发现消息;
    完整性保证密钥DUIK,用于保护中继通信的发现消息的完整性。
  29. 根据权利要求28所述的方法,其中,所述基于所述中间发现密钥确定中继发现密钥,包括以下之一:
    基于所述中间发现密钥及算法标识,确定所述中继发现密钥;
    基于所述中间发现密钥、算法标识及RSC,确定所述中继发现密钥。
  30. 根据权利要求28所述的方法,其中,所述方法包括:
    接收第一公告消息,其中,所述第一公告消息包括:基于所述中继发现密钥加密并受完整性保护的所述发现消息;所述发现消息用于指示所述第一UE支持被发现提供中继服务;
    基于所述中继发现密钥解密并验证所述第一公告消息以获得所述发现消息。
  31. 根据权利要求28所述的方法,其中,所述方法包括:
    发送第二公告消息,其中,所述第二公告消息包括:基于所述中继发现密钥加密并受完整性保护的发现请求消息;所述发现请求消息用于请求所述第二UE发现所请求的中继服务。
  32. 根据权利要求31所述的方法,其中,所述方法包括:
    接收第三公告消息,其中,所述第三公告消息包括:基于所述中继发现密钥加密并受完整性保护的发现响应消息,其中,所述发现响应消息基于所述发现请求消息确定;
    基于所述中继发现密钥解密并验证所述第三公告消息以获得所述发现响应消息。
  33. 根据权利要求24至32任一项所述的方法,其中,所述方法包括:
    接收所述第二AMF发送的第二RSC集合;其中,所述第二RSC集合包括:至少一个第二RSC;所述第二RSC为所述第二UE能够获得的中继服务的RSC。
  34. 一种中继通信方法,其中,由第二接入和移动性管理功能AMF执行,包括:
    接收第二用户设备UE发送的第三请求消息,其中,所述第三请求消息用于请求第一UE与所述第二UE之间进行中继通信发现的安全信息;
    基于所述第三请求消息中携带的所述第二UE的第三标识信息,将用于请求所述安全信息的第四请求消息发送给与所述第三标识信息对应的第二策略控制功能PCF。
  35. 根据权利要求34所述的方法,其中,所述方法包括:
    接收所述第二PCF发送的第四响应消息,其中,所述第四响应消息包括所述安全信息;
    基于所述第四响应消息中携带的所述第二UE的第四标识信息,将携带所述安全信息的第三响应消息发送给所述第二UE。
  36. 根据权利要求35所述的方法,其中,所述方法包括:
    基于所述第三标识信息及第二映射关系,确定与所述第二UE对应的所述第四标识信息;其中,所述第二映射关系包括:所述第三标识信息与所述第四标识信息的对应关系。
  37. 根据权利要求35或36所述的方法,其中,
    所述第三标识信息包括以下至少之一:用户签约隐藏标识SUCI,及全球唯一临时标识GUTI;
    所述第四标识信息包括:用户签约永久标识SUPI。
  38. 根据权利要求14至16任一项所述的方法,其中,所述第四请求消息中包括:密钥请求相关消息;所述第四响应消息包括:密钥响应相关消息;所述安全信息包括:中间发现密钥。
  39. 根据权利要求38所述的方法,其中,所述密钥请求相关消息包括:指示中继服务的中继服务代码RSC;
    所述密钥响应相关消息包括:针对所述RSC的所述中间发现密钥,或者针对所述RSC的所述中间发现密钥及所述中间发现密钥的标识信息。
  40. 根据权利要求34所述的方法,其中,所述方法包括:
    接收所述第二PCF发送的第二RSC集合;其中,所述第二RSC集合包括:至少一个第二RSC,所述第二RSC为所述第二UE能够获得的中继服务的RSC;
    将所述第二RSC集合发送给所述第二UE。
  41. 一种中继通信方法,其中,由第一策略控制功能PCF执行,包括:
    接收第一接入和移动性管理功能AMF发送的第二请求消息和/或接收第二PCF发送的第四请求消息,其中,所述第二请求消息和/或所述第四请求消息用于请求第一用户设备UE与第二UE之间进行中继通信发现的安全信息。
  42. 根据权利要求41所述的方法,其中,所述第二请求消息中包括第一UE的第二标识信息;
    所述方法包括:
    向所述第一AMF发送第二响应消息,其中,所述第二响应消息包括第二标识信息及所述安全信息的第二响应消息。
  43. 根据权利要求41所述的方法,其中,所述第四请求消息中包括第二UE的第四标识信息;
    所述方法包括:
    向所述第二PCF发送第四响应消息,其中,所述第四响应消息包括第四标识信息及所述安全信息的第四响应消息。
  44. 根据权利要求41至43任一项所述的方法,其中,所述第二请求消息和/或第四请求消息包括:密钥请求相关消息;第二响应消息和/或第四响应消息包括:密钥响应相关消息;及所述安全信息包括:所述安全信息包括:中间发现密钥。
  45. 根据权利要求44所述的方法,其中,所述密钥请求相关消息包括:指示中继服务的中继服务代码RSC;
    所述密钥响应相关消息包括:针对所述RSC的所述中间发现密钥,或者,针对所述RSC的所述中间信息密钥及所述中间信息密钥的标识信息。
  46. 根据权利要求44所述的方法,其中,所述向所述第二PCF发送携带第四响应消息,包括:
    响应于确定授权由所述第一UE提供所述中继服务给所述第二UE,向所述第二PCF发送所述密钥响应相关消息。
  47. 根据权利要求44所述的方法,其中,所述方法包括:
    向所述第一AMF发送第一RSC集合;其中,所述第一RSC集合包括:至少一个第一RSC,所述第一RSC为所述第一UE能够提供的中继服务的RSC。
  48. 一种中继通信方法,其中,由第二策略控制功能PCF执行,包括:
    接收第二接入和移动性管理功能AMF发送的第四请求消息,其中,所述第四请求消息用于请求第一用户设备UE与第二UE之间进行中继通信发现的安全信息;
    向第一PCF发送用于请求所述安全信息的第四请求消息。
  49. 根据权利要求48所述的方法,其中,所述向第一PCF发送用于请求所述安全信息的第四请求消息,包括:
    若确定授权所述第二UE发现中继服务,向所述第一PCF发送用于请求所述安全信息的所述第四请求消息。
  50. 根据权利要求48或49所述的方法,其中,所述第四请求消息中包括第二UE的第四标识信息;
    所述方法包括:
    向第一AMF发送第四响应消息,其中,所述第四响应信息包括所述第四标识信息及所述安全信息。
  51. 根据权利要求50所述的方法,其中,所述第四请求消息包括:密钥请求相关消息;所述第四响应消息包括:密钥响应相关消息;及所述安全信息包括:中间发现密钥。
  52. 根据权利要求51所述的方法,其中,所述密钥请求相关消息包括:指示中继服务的中继服务代码RSC;
    所述密钥响应相关消息包括:针对所述RSC的所述中间发现密钥,或者针对所述RSC的所述中间发现密钥及所述中间发现密钥的标识信息。
  53. 根据权利要求48所述的方法,其中,所述方法包括:
    向所述第二AMF发送第二RSC集合;其中,所述第二RSC集合包括:至少一个第二RSC,所述第二RSC为所述第二UE能够获得的中继服务的RSC。
  54. 一种中继通信方法,其中,由网络设备执行,包括:
    获取用户设备UE发送的请求消息;其中,所述请求消息携带所述UE的标识信息;所述请求消息用于请求UE与UE之间进行中继通信发现的安全信息;
    向所述UE发送携带所述安全信息的响应消息。
  55. 根据权利要求55所述的方法,其中,所述网络设备包括:第一AMF及第一PCF;
    所述获取用户设备UE发送的请求消息,包括:
    所述第一AMF获取第一UE发送的第一请求消息;并基于所述第一请求消息中携带的第一标识信息,将携带第二标识信息的第二请求消息发送给所述第一PCF;其中,所述第一请求消息和/或所述第二请求消息用于请求所述第一UE与第二UE之间进行中继通信发现的所述安全信息;
    所述向所述UE发送携带所述安全信息的响应消息,包括:
    所述第一AMF获取所述第一PCF发送的第二响应消息,并基于所述第二响应消息的第二标识信息,将第一响应消息发送给所述第一UE;其中,所述第一响应消息和/或所述第二响应消息中携带所述安全信息。
  56. 根据权利要求55所述的方法,其中,所述第一请求消息和/或所述第二请求消息包括:指示中继服务的中继服务代码RSC;
    所述第一响应消息和/或所述第二响应消息包括:针对所述RSC的所述中间发现密钥,或者,针对所述RSC的所述中间发现密钥及所述中间发现密钥的标识信息。
  57. 根据权利要求54所述的方法,其中,所述网络设备包括:第二AMF、第一PCF及第二PCF;
    所述获取用户设备UE发送的请求消息,包括:
    所述第二AMF获取第二UE发送的第三请求消息;并基于所述第三请求消息中携带的第三标识信息,将携带第四标识信息的第四请求消息发送给所述第二PCF;其中,所述第三请求消息和/或所述第四请求消息用于请求第一UE与所述第二UE之间进行中继通信发现的所述安全信息;
    所述第二PFC将所述第四请求消息发送给所述第一PCF;
    所述向所述UE发送携带所述安全信息的响应消息,包括:
    所述第一PCF将第四响应消息发送给所述第二PCF;
    所述第二AMF获取所述第二PFC发送的所述第四响应消息;并基于所述第四响应消息的第四标识信息,将第三响应消息发送给所述第二UE;其中,所述第三响应消息和/或所述第四响应消息中携带所述安全信息。
  58. 根据权利要求57所述的方法,其中,所述第二PFC将所述第四请求消息发送给所述第一PCF,包括:
    所述第二PCF确定授权所述第二UE发现中继服务,将所述第四请求消息发送给所述第一PCF;
    所述第一PCF将第四响应消息发送给所述第二PCF,包括:
    所述第一PCF确定授权由所述第一UE提供中继服务给所述第二UE,向所述第二PCF发送所述第四响应消息。
  59. 根据权利要求57或58,其中,所述第三请求消息和/或所述第四请求消息包括:指示中继服务的RSC;
    所述第三响应消息和/或所述第四响应消息包括:针对所述RSC的所述中间发现密钥,或者,针对所述RSC的所述中间发现密钥及所述中间发现密钥的标识信息。
  60. 一种中继通信装置,其中,应用于第一用户设备UE,包括:
    第一发送模块,被配置为向第一接入和移动性管理功能AMF发送第一请求消息,其中,第一请 求消息用于请求所述第一UE及第二UE之间进行中继通信发现的安全信息;
    其中,所述第一请求消息包括所述第一UE的第一标识信息;所述第一标识信息用于所述第一AMF将用于请求所述安全信息的第二请求信息发送给与所述第一UE对应的第一策略控制功能PCF。
  61. 一种中继通信装置,其中,应用于第一接入和移动性管理功能AMF,包括:
    第二接收模块,被配置为接收第一用户设备UE发送的第一请求消息,其中,所述第一请求消息用于请求所述第一UE及第二UE之间进行中继通信发现的安全信息;
    第二发送模块,被配置为基于所述第一请求消息中携带的所述第一UE的第一标识信息,将用于请求所述安全信息的第二请求消息发送给与所述第一标识信息对应的第一策略控制功能PCF。
  62. 一种中继通信装置,其中,应用于第二用户设备UE,包括:
    第三发送模块,被配置为向第二接入和移动性管理功能AMF发送第三请求消息,其中,所述第三请求消息用于请求第一UE与所述第二UE之间进行中继通信发现的安全信息;
    其中,所述第三请求消息包括所述第二UE的第三标识信息;所述第三标识信息用于所述第二AMF将用于请求所述安全信息的第四请求信息发送给所述第二UE对应的第二策略控制功能PCF。
  63. 一种中继通信装置,其中,应用于第二接入和移动性管理功能AMF,包括:
    第四接收模块,被配置为接收第二用户设备UE发送的第三请求消息,其中,所述第三请求消息用于请求第一UE与所述第二UE之间进行中继通信发现的安全信息;
    第四发送模块,被配置为基于所述第三请求消息中携带的所述第二UE的第三标识信息,将用于请求所述安全信息的第四请求消息发送给与所述第三标识信息对应的第二策略控制功能PCF。
  64. 一种中继通信装置,其中,应用于第一策略控制功能PCF,包括:
    第五接收模块,被配置为接收第一接入和移动性管理功能发送的第二请求消息和/或接收第二PCF发送的第四请求消息,其中,所述第二请求消息和/或所述第四请求消息用于请求第一用户设备UE与第二UE之间进行中继通信发现的安全信息。
  65. 一种中继通信装置,其中,应用于第二策略控制功能PCF,包括:
    第六接收模块,被配置为接收第二接入和移动性管理功能AMF发送的第三请求消息,其中,所述第三请求消息用于请求第一用户设备UE与第二UE之间进行中继通信发现的安全信息;
    第六发送模块,被配置为向第一PCF发送用于请求所述安全信息的第四请求消息。
  66. 一种通信设备,其中,所述通信设备,包括:
    处理器;
    用于存储所述处理器可执行指令的存储器;
    其中,所述处理器被配置为:用于运行所述可执行指令时,实现权利要求1至13、或者权利要求14至20、权利要求21至33、权利要求34至40、权利要求41至47、权利要求48至53、或者权利要求54至59任一项所述的中继通信方法。
  67. 一种计算机存储介质,其中,所述计算机存储介质存储有计算机可执行程序,所述可执行 程序被处理器执行时实现权利要求1至13、或者权利要求14至20、权利要求21至33、权利要求34至40、权利要求41至47、权利要求48至53、或者权利要求54至59任一项所述的中继通信方法。
PCT/CN2022/087316 2022-04-18 2022-04-18 中继通信方法、装置、通信设备及存储介质 WO2023201454A1 (zh)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2022/087316 WO2023201454A1 (zh) 2022-04-18 2022-04-18 中继通信方法、装置、通信设备及存储介质
CN202280001218.1A CN117296351A (zh) 2022-04-18 2022-04-18 中继通信方法、装置、通信设备及存储介质

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2022/087316 WO2023201454A1 (zh) 2022-04-18 2022-04-18 中继通信方法、装置、通信设备及存储介质

Publications (1)

Publication Number Publication Date
WO2023201454A1 true WO2023201454A1 (zh) 2023-10-26

Family

ID=88418727

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/087316 WO2023201454A1 (zh) 2022-04-18 2022-04-18 中继通信方法、装置、通信设备及存储介质

Country Status (2)

Country Link
CN (1) CN117296351A (zh)
WO (1) WO2023201454A1 (zh)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113079498A (zh) * 2020-01-06 2021-07-06 英特尔公司 5gs中eas发现和ue到ue中继操作的装置和方法
CN113133085A (zh) * 2019-12-30 2021-07-16 华为技术有限公司 建立连接和获取中继服务代码的方法和通信装置
CN113543135A (zh) * 2020-04-13 2021-10-22 华为技术有限公司 授权方法、策略控制功能设备和接入和移动管理功能设备
CN114339814A (zh) * 2020-09-29 2022-04-12 维沃移动通信有限公司 中继通信信息配置方法、装置及电子设备

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113133085A (zh) * 2019-12-30 2021-07-16 华为技术有限公司 建立连接和获取中继服务代码的方法和通信装置
CN113079498A (zh) * 2020-01-06 2021-07-06 英特尔公司 5gs中eas发现和ue到ue中继操作的装置和方法
CN113543135A (zh) * 2020-04-13 2021-10-22 华为技术有限公司 授权方法、策略控制功能设备和接入和移动管理功能设备
CN114339814A (zh) * 2020-09-29 2022-04-12 维沃移动通信有限公司 中继通信信息配置方法、装置及电子设备

Also Published As

Publication number Publication date
CN117296351A (zh) 2023-12-26

Similar Documents

Publication Publication Date Title
WO2023184561A1 (zh) 中继通信方法、装置、通信设备及存储介质
US10673611B2 (en) Data transmission method, device, and system
CN112383532A (zh) 设备联网方法及装置、电子设备、存储介质
WO2024021142A1 (zh) 应用程序接口api认证方法、装置、通信设备及存储介质
WO2023201454A1 (zh) 中继通信方法、装置、通信设备及存储介质
WO2023142093A1 (zh) Ue发现消息保护方法、装置、通信设备及存储介质
WO2023142090A1 (zh) 信息传输方法、装置、通信设备和存储介质
WO2023142089A1 (zh) 信息传输方法、装置、通信设备和存储介质
WO2023197178A1 (zh) 信息处理方法及装置、通信设备及存储介质
WO2024164202A1 (zh) 信息处理方法以及装置、通信设备及存储介质
WO2022027484A1 (zh) 随机接入的方法、装置、通信设备及存储介质
WO2023070685A1 (zh) 中继通信的方法、装置、通信设备及存储介质
WO2023226051A1 (zh) 为个人物联网设备选择认证机制的方法及装置、ue、网络功能及存储介质
WO2023142095A1 (zh) Ue发现消息保护方法、装置、通信设备及存储介质
WO2023231018A1 (zh) 个人物联网pin基元凭证配置方法、装置、通信设备及存储介质
WO2023240575A1 (zh) 一种中继通信方法、通信装置及通信设备
WO2023245354A1 (zh) 安全保护方法、装置、通信设备及存储介质
WO2023240657A1 (zh) 认证与授权方法、装置、通信设备及存储介质
WO2023070560A1 (zh) 信息传输方法、装置、通信设备和存储介质
WO2024031399A1 (zh) Ue加入pin的方法及装置、通信设备及存储介质
WO2024092735A1 (zh) 通信控制方法、系统及装置、通信设备及存储介质
WO2024000123A1 (zh) 密钥生成方法及装置、通信设备及存储介质
WO2024031523A1 (zh) 信息处理方法及装置、通信设备及存储介质
EP4436306A1 (en) Connection recovery method and apparatus, and communication device and storage medium
WO2023098209A1 (zh) 一种数据传输保护方法、设备及系统

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 202280001218.1

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22937695

Country of ref document: EP

Kind code of ref document: A1