WO2024068264A1 - Protection basée sur un jeton pour des communications de liaison latérale - Google Patents

Protection basée sur un jeton pour des communications de liaison latérale Download PDF

Info

Publication number
WO2024068264A1
WO2024068264A1 PCT/EP2023/075029 EP2023075029W WO2024068264A1 WO 2024068264 A1 WO2024068264 A1 WO 2024068264A1 EP 2023075029 W EP2023075029 W EP 2023075029W WO 2024068264 A1 WO2024068264 A1 WO 2024068264A1
Authority
WO
WIPO (PCT)
Prior art keywords
relay
authorization token
discovery
security key
communication
Prior art date
Application number
PCT/EP2023/075029
Other languages
English (en)
Inventor
Monica Wifvesson
Cheng Wang
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget Lm Ericsson (Publ) filed Critical Telefonaktiebolaget Lm Ericsson (Publ)
Publication of WO2024068264A1 publication Critical patent/WO2024068264A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/108Source integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/14Direct-mode setup
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/04Terminal devices adapted for relaying to or from another terminal or user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W92/00Interfaces specially adapted for wireless communication networks
    • H04W92/16Interfaces between hierarchically similar devices
    • H04W92/18Interfaces between hierarchically similar devices between terminal devices

Definitions

  • the present disclosure relates generally to wireless networks and devices, and more specifically to user equipment (UE) that can communicate with other UEs directly rather than (or in addition to) indirectly via a wireless network.
  • UE user equipment
  • NR New Radio
  • 3GPP Third-Generation Partnership Project
  • eMBB enhanced mobile broadband
  • MTC machine type communications
  • URLLC ultra-reliable low latency communications
  • D2D side-link device-to-device
  • Rel-15 3 GPP Release 15
  • NR uses CP-OFDM (Cyclic Prefix Orthogonal Frequency Division Multiplexing) in the downlink (DL) from network to user equipment (UE), and both CP-OFDM and DFT-spread OFDM (DFT-S-OFDM) in the uplink (UL) from UE to network.
  • CP-OFDM Cyclic Prefix Orthogonal Frequency Division Multiplexing
  • DFT-S-OFDM DFT-spread OFDM
  • NR DL and UL time-domain physical resources are organized into equal-sized 1-ms subframes. A subframe is divided into multiple slots of equal duration, with each slot including multiple OFDM-based symbols. Even so, time-frequency resources can be configured much more flexibly for an NR cell than for an LTE cell.
  • SL Sidelink
  • D2D device-to-device
  • ProSe proximity-based services
  • 3GPP Rel-16 specifies the NR SL interface.
  • Rel-16 NR SL targets advanced V2X services, which can be categorized into four use case groups: vehicles platooning, extended sensors, advanced driving, and remote driving.
  • the advanced V2X services require a new SL to meet the stringent requirements in terms of latency and reliability.
  • the NR SL is designed to provide higher system capacity and better coverage, and to allow for extension to support the future development of even more advanced V2X services and other related services. i Broadcast, groupcast, and unicast transmissions are desirable for the services targeted by NR SL.
  • the intended receiver of a message consists of only a subset of the possible recipients in proximity to the transmitter, whereas a unicast message is intended for only one recipient in proximity to the transmitter.
  • groupcast or multicast
  • the intended receiver of a message consists of only a subset of the possible recipients in proximity to the transmitter, whereas a unicast message is intended for only one recipient in proximity to the transmitter.
  • the platooning service there are certain messages that are only of interest of the members of the platoon, for which groupcast can be used.
  • Unicast is a natural fit for use cases involving only a pair of vehicles.
  • 3 GPP Rel-17 includes a work item for coverage extension for SL-based communication, including UE-to-network relay for cellular coverage extension and UE-to-UE relay for SL coverage extension. Additionally, improving performance of power-limited UEs (e.g., pedestrian UEs, first responder UEs, etc.) and improving the performance using resource coordination are also important goals for the Rel-17 work.
  • power-limited UEs e.g., pedestrian UEs, first responder UEs, etc.
  • resource coordination are also important goals for the Rel-17 work.
  • UE-to-Network (U2N) relay where a UE extends the network connectivity to another nearby UE by using direct communication
  • U2U UE-to-UE
  • U2U uses two direct communication links to connect two UEs in its proximity that otherwise are not able to communicate.
  • LTE U2N relay functionality uses a Layer 3 (L3) architecture in which the relay of data packets via the PC5 interface is performed at the network layer, and UEs connected to a L3 U2N relay are transparent to the network.
  • L3 Layer 3
  • NR SL U2N relay uses two different architectures: a L3 architecture similar to LTE, and a newly defined architecture in which PC5 relaying occurs within Layer 2 (L2), over the RLC sublayer.
  • 3GPP TR 23.752 (v2.0.0) section 6.10 describes ProSe 5G UE-to-UE (U2U) Relay.
  • a ProSe 5G UE-to-UE Relay is a (5G ProSe-enabled) UE that provides functionality to support connectivity between 5G ProSe U2U UEs.
  • the source UE, the target UE, and the UE-to-UE relay may be in or out of 3GPP coverage.
  • 3GPP TR 33.740 (v0.2.0) describes security solutions for PC5 links between source UE, UE-to-UE relay, and target UE when the UE-to-UE relay is in 3GPP coverage.
  • 3GPP TR 33.740 (v0.2.0) describes a security solution (called “solution 4”) based on using authorization tokens as in OAuth 2.0 to indicate that a source UE, a target UE, or a UE-to-UE relay is authorized to use or to serve a specific UE-to-UE service.
  • solution 4 a security solution based on using authorization tokens as in OAuth 2.0 to indicate that a source UE, a target UE, or a UE-to-UE relay is authorized to use or to serve a specific UE-to-UE service.
  • the source, target, or relay UE registers in the 3GPP network and is authorized to use a particular UE-to-UE service
  • the network provides a token indicating the UE-to-UE service it can use.
  • the token has an expiration time and is signed with a private key.
  • the network also provides the public key to the UEs for verifying the token when received from other UEs.
  • the authorization token Since the authorization token is sent in clear text, however, it may intercepted by an attacker who can replay the token. In this way, the attacker may gain unauthorize service from a relay UE or deceive a peer UE into attempting to obtain the UE-to-UE service from the attacker. This can cause various problems, issues, and/or difficulties.
  • An object of embodiments of the present disclosure is to improve security of sidelink communication between UEs, such as by providing, enabling, and/or facilitating solutions to overcome exemplary problems summarized above and described in more detail below.
  • Embodiments include exemplary methods (e.g., procedures) for a UE configured to operate as a relay UE for sidelink (SL) communication with a first UE.
  • exemplary methods e.g., procedures
  • These exemplary methods include identifying the first UE based on a SL discovery procedure performed by the UE or by the first UE, wherein the SL discovery procedure is performed using a discovery security key associated with a relay service code (RSC). These exemplary methods also include receiving, from the first UE, a first message that includes a first authorization token indicating that the first UE is authorized to obtain relay services, wherein the first authorization token is secured based on the discovery security key. These exemplary methods also include obtaining the first authorization token in clear text using the discovery security key.
  • RSC relay service code
  • these exemplary methods can also include sending to the first UE a second message that includes a second authorization token indicating that the UE is authorized to provide relay services.
  • the second authorization key is signed using the private key associated with the wireless network.
  • the first message also includes key establishment information and the exemplary method can also include obtaining a further security key (Knrp) based on the key establishment information.
  • the second authorization token is secured using the discovery security key or the further security key.
  • obtaining the further security key is based on a Direct Auth and Key Establish procedure performed with the first UE.
  • the first authorization token is signed using a private key associated with the wireless network.
  • the exemplary method can also include the following operations:
  • these exemplary methods can also include obtaining the following from the wireless network before the SL discovery procedure: the discovery security key associated with the RSC, the second authorization token, and the public key used to verify the first authorization token.
  • the second message is a direct security mode command. In other embodiments, the second message is a link establishment response. In some embodiments, the first message is a direct communication request. In other embodiments, the first message is a link establishment request.
  • the first UE is a target UE in relation to SL communication via the relay UE. In other embodiments, the first UE is a source UE in relation to SL communication via the relay UE. In some of these embodiments, the exemplary method can also include the following operations:
  • exemplary methods for a first UE configured for SL communication via a relay UE.
  • these exemplary methods are complementary to the exemplary methods for a relay UE, summarized above.
  • These exemplary methods include identifying the relay UE based on a SL discovery procedure performed by the relay UE or by the first UE.
  • the SL discovery procedure is performed using a discovery security key associated with an RSC.
  • These exemplary methods also include securing a first authorization token using the discovery security key.
  • the first authorization token indicates that the first UE is authorized to obtain relay services.
  • These exemplary methods also includes sending to the relay UE a first message including the secured first authorization token.
  • the first authorization token is signed using a private key associated with the wireless network.
  • these exemplary methods can also include receiving from the relay UE a second message that includes a second authorization token indicating that the relay UE is authorized to provide relay services.
  • the second authorization key is signed using the private key associated with the wireless network.
  • these exemplary method can also include verifying the second authorization token based on a public key associated with the private key used to sign the second authorization token.
  • the first message also includes key establishment information and the second authorization token is secured using a further security key (Knrp) obtained by the relay UE based on the key establishment information.
  • Knrp further security key
  • these exemplary methods can also include obtaining the second authorization token in clear text using the further security key.
  • these exemplary methods can also include obtaining the further security key based on a Direct Auth and Key Establish procedure performed with the first UE.
  • these exemplary methods can also include obtaining the following from the wireless network before the SL discovery procedure: the discovery security key associated with the RSC, the first authorization token, and the public key used to verify the second authorization token.
  • the second message is a direct security mode command. In other embodiments, the second message is a link establishment response. In some embodiments, the first message is a direct communication request. In other embodiments, the first message is a link establishment request.
  • these exemplary methods can also include sending to the relay a third message indicating that the first UE verified the second authorization token and, based on the verifications of the first and second authorization tokens, establishing a secure SL with the relay UE.
  • securing the first authorization token can include obtaining a direct communication request (DCR) confidentiality keystream based on the discovery security key, and obtaining the secured first authorization token based on a bit-by-bit exclusive OR (XOR) between the first authorization token and at least a portion of the DCR confidentiality key stream.
  • DCR direct communication request
  • XOR exclusive OR
  • UEs e.g., wireless devices
  • Other embodiments include non-transitory, computer-readable media storing program instructions that, when executed by processing circuitry, configure such UEs to perform operations corresponding to any of the exemplary methods described herein.
  • Figure 1 shows exemplary 5G/NR user plane (UP) and control plane (CP) protocol stacks.
  • UP user plane
  • CP control plane
  • Figure 2 shows an exemplary 5G/NR network architecture.
  • Figure 3 shows exemplary interfaces between two V2X UEs, a RAN, and other network functions.
  • Figure 4 shows three exemplary network coverage scenarios for two UEs and a gNB serving a cell.
  • Figure 5 shows a reference architecture for 5G ProSe U2N relay.
  • Figure 6-7 show signaling diagrams of UP and CP procedures, respectively, for authorization and secure PC5 link establishment for 5G ProSe U2N Relay.
  • Figures 8-9 show signaling diagrams for high-level procedures for PC5 link security between a source UE, a target UE, a UE-to-UE relay, and a 5GC network.
  • Figures 10-11 show signaling diagrams for security procedures between a source UE, a target UE, a UE-to-UE relay, and a 5GC network, according to various embodiments of the present disclosure
  • Figure 12 shows a flow diagram of an exemplary method for a relay UE (e.g., wireless device), according to various embodiments of the present disclosure.
  • a relay UE e.g., wireless device
  • Figure 13 shows a flow diagram of an exemplary method for a first UE (e.g., wireless device), according to various embodiments of the present disclosure.
  • a first UE e.g., wireless device
  • Figure 14 shows a communication system according to various embodiments of the present disclosure.
  • Figure 15 shows a UE according to various embodiments of the present disclosure.
  • Radio Access Node As used herein, a “radio access node” (or equivalently “radio network node,” “radio access network node,” or “RAN node”) can be any node in a radio access network (RAN) that operates to wirelessly transmit and/or receive signals.
  • RAN radio access network
  • a radio access node examples include, but are not limited to, a base station (e.g., gNB in a 3 GPP 5G/NR network or an enhanced or eNB in a 3GPP LTE network), base station distributed components (e.g., CU and DU), a high-power or macro base station, a low-power base station (e.g., micro, pico, femto, or home base station, or the like), an integrated access backhaul (IAB) node, a transmission point (TP), a transmission reception point (TRP), a remote radio unit (RRU or RRH), and a relay node.
  • a base station e.g., gNB in a 3 GPP 5G/NR network or an enhanced or eNB in a 3GPP LTE network
  • base station distributed components e.g., CU and DU
  • a high-power or macro base station e.g., a low-power base station (e.g., micro
  • a “core network node” is any type of node in a core network.
  • Some examples of a core network node include, e.g., a Mobility Management Entity (MME), a serving gateway (SGW), a PDN Gateway (P-GW), a Policy and Charging Rules Function (PCRF), an access and mobility management function (AMF), a session management function (SMF), a user plane function (UPF), a Charging Function (CHF), a Policy Control Function (PCF), an Authentication Server Function (AUSF), a location management function (LMF), or the like.
  • MME Mobility Management Entity
  • SGW serving gateway
  • P-GW PDN Gateway
  • PCRF Policy and Charging Rules Function
  • AMF access and mobility management function
  • SMF session management function
  • UPF user plane function
  • Charging Function CHF
  • PCF Policy Control Function
  • AUSF Authentication Server Function
  • LMF location management function
  • Wireless Device As used herein, a “wireless device” (or “WD” for short) is any type of device that is capable, configured, arranged and/or operable to communicate wirelessly with network nodes and/or other wireless devices. Communicating wirelessly can involve transmitting and/or receiving wireless signals using electromagnetic waves, radio waves, infrared waves, and/or other types of signals suitable for conveying information through air.
  • wireless device is used interchangeably herein with the term “user equipment” (or “UE” for short), with both terms having a different meaning than the term “network node”.
  • Radio Node can be either a “radio access node” (or equivalent term) or a “wireless device.”
  • Network Node is any node that is either part of the radio access network (e.g., a radio access node or equivalent term) or of the core network (e.g., a core network node discussed above) of a cellular communications network.
  • a network node is equipment capable, configured, arranged, and/or operable to communicate directly or indirectly with a wireless device and/or with other network nodes or equipment in the cellular communications network, to enable and/or provide wireless access to the wireless device, and/or to perform other functions (e.g., administration) in the cellular communications network.
  • node can be any type of node that can in or with a wireless network (including RAN and/or core network), including a radio access node (or equivalent term), core network node, or wireless device.
  • a wireless network including RAN and/or core network
  • radio access node or equivalent term
  • core network node or wireless device.
  • node may be limited to a particular type (e.g., radio access node, IAB node) based on its specific characteristics in any given context.
  • Figure 1 shows an exemplary configuration of NR user plane (UP) and control plane (CP) protocol stacks between a UE (110), a gNodeB (gNB, e.g., base station, 120), and an access and mobility management function (AMF, 130) in a 5G core network (5GC).
  • UP user plane
  • CP control plane
  • PHY Physical
  • MAC Medium Access Control
  • RLC Radio Link Control
  • PDCP Packet Data Convergence Protocol
  • PDCP Packet Data Convergence Protocol
  • PDCP provides ciphering/deciphering, integrity protection, sequence numbering, reordering, and duplicate detection for both CP and UP, as well as header compression and retransmission for UP data.
  • IP Internet protocol
  • SDU service data units
  • PDU protocol data units
  • SDAP Service Data Adaptation Protocol
  • QoS quality-of-service
  • DRB Data Radio Bearers
  • QFI QoS flow identifiers
  • RLC transfers PDCP PDUs to MAC through logical channels (LCH).
  • LCH logical channels
  • MAC provides mapping between LCHs and PHY transport channels, LCH prioritization, multiplexing into or demultiplexing from transport blocks (TBs), hybrid ARQ (HARQ) error correction, and dynamic scheduling (in gNB).
  • PHY provides transport channel services to MAC and handles transfer over the NR radio interface, e.g., via modulation, coding, antenna mapping, and beam forming.
  • the non-access stratum (NAS) layer between UE and AMF handles UE/gNB authentication, mobility management, and security control.
  • RRC sits below NAS in the UE but terminates in the gNB rather than the AMF.
  • RRC controls communications between UE and gNB at the radio interface as well as the mobility of a UE between cells in the NG-RAN.
  • RRC also broadcasts system information (SI) and performs establishment, configuration, maintenance, and release of DRBs and Signaling Radio Bearers (SRBs) and used by UEs.
  • SI system information
  • SRBs Signaling Radio Bearers
  • RRC controls addition, modification, and release of carrier aggregation (CA) and dual -connectivity (DC) configurations for UEs, and performs various security functions such as key management.
  • CA carrier aggregation
  • DC dual -connectivity
  • a UE After a UE is powered ON it will be in the RRCJCDLE state until an RRC connection is established with the network, at which time the UE will transition to RRC CONNECTED state (e.g., where data transfer can occur). The UE returns to RRC IDLE after the connection with the network is released.
  • RRC IDLE state the UE’s radio is active on a discontinuous reception (DRX) schedule configured by upper layers.
  • DRX discontinuous reception
  • an RRC IDLE UE receives SI broadcast in the cell where the UE is camping, performs measurements of neighbor cells to support cell reselection, and monitors a paging channel on physical DL control channel (PDCCH) for pages from 5GC via gNB.
  • PDCCH physical DL control channel
  • a UE in RRC IDLE state is not known to the gNB serving the cell where the UE is camping.
  • NR RRC includes an RRC INACTIVE state in which a UE is known (e.g., via context) by the serving gNB.
  • Figure 2 shows a high-level view of an exemplary 5G network architecture, including a Next Generation Radio Access Network (NG-RAN, 299) and a 5GC (298).
  • the NG-RAN can include gNBs (e.g., 210a,b) and ng-eNBs (e.g., 220a, b) that are connected via respective Xn interfaces.
  • gNBs e.g., 210a,b
  • ng-eNBs e.g., 220a, b
  • the gNBs and ng-eNBs are also connected to the 5GC via the NG interfaces, more specifically to access and mobility management function (AMFs, e.g., 230a, b) via respective NG-C interfaces and to user plane functions (UPFs, e.g., 240a, b) via respective NG- U interfaces.
  • AMFs access and mobility management function
  • UPFs user plane functions
  • the AMFs can communicate with one or more policy control functions (PCFs, e.g., 250a, b) and network exposure functions (NEFs, e.g., 260a, b).
  • PCFs policy control functions
  • NEFs network exposure functions
  • Each of the gNBs can support the NR radio interface including frequency division duplexing (FDD), time division duplexing (TDD), or a combination thereof.
  • each of ng-eNBs can support the LTE radio interface but, unlike conventional LTE eNodeBs (eNBs), connect to the 5GC via the NG interface.
  • Each of the gNBs and ng-eNBs can serve a geographic coverage area including one more cells (e.g., 211a-b, 221a-b).
  • the gNBs and ng-eNBs can also use various directional beams to provide coverage in the respective cells.
  • a UE can communicate with the gNB or ng-eNB serving that cell via the NR or LTE radio interface, respectively.
  • Figure 2 shows gNBs and ng-eNBs separately, it is also possible that a single NG-RAN node provides both types of functionality.
  • the gNBs shown in Figure 2 can include a central (or centralized) unit (CU or gNB-CU) and one or more distributed (or decentralized) units (DU or gNB-DU), which can be viewed as logical nodes.
  • CUs host higher-layer protocols and perform various gNB functions such controlling the operation of DUs, which host lower-layer protocols and can include various subsets of the gNB functions.
  • a CU connects to its associated DUs over respective Fl logical interfaces.
  • Each of the CUs and DUs can include various circuitry needed to perform their respective functions, including processing circuitry, communication interface circuitry (e.g., for communication via Xn, NG, radio, etc. interfaces), and power supply circuitry.
  • 3GPP Rel-16 specifies the NR sidelink (SL) interface and targets advanced V2X services including use cases such as vehicles platooning, extended sensors, advanced driving, and remote driving.
  • the advanced V2X services require a new SL to meet service requirements of low latency and high reliability.
  • the NR SL is designed to provide higher system capacity and better coverage, and to allow for extension to support the future development of even more advanced V2X services and other related services.
  • a V2X UE can support unicast communication via the uplink/downlink radio interface (also referred to as “Uu”) to a 3 GPP RAN, such as the LTE Evolved-UTRAN (E- UTRAN) or the NG-RAN.
  • a V2X UE can also support SL unicast over the PC5 interface.
  • Figure 3 shows an exemplary arrangement of interfaces between two V2X UEs and a RAN.
  • the V2X UEs can communicate with a ProSe (PROximity-based SErvices) network function (NF) via respective PC3 interfaces.
  • ProSe PROximity-based SErvices
  • NF network function
  • Communication with the ProSe NF requires a UE to establish a connection with the RAN, either directly via the Uu interface or indirectly via PC5 and another UE’s Uu interface.
  • the ProSe function provides the UE various information for network related actions, such as service authorization and provisioning of PLMN-specific information (e.g., security parameters, group IDs, group IP addresses, out-of-coverage radio resources, etc.).
  • Figure 4 shows three exemplary network coverage scenarios for two UEs ( 10, 420) and a gNB (430) serving a cell.
  • both UEs are in the coverage of the cell, such that they both can communicate with the gNB via respective Uu interfaces and directly with each other via the PC5 interface.
  • the partial coverage scenario center
  • only one of the UEs is in coverage of the cell, but the out-of-coverage UE can still communicate with the gNB indirectly via the PC5 interface with the in-coverage UE.
  • both UEs can only communicate with each other via the PC5 interface.
  • the term “SL standalone” refers to direct communication between two SL- capable UEs (e.g., via PC5) in which source and destination are the UEs themselves.
  • the term “SL relay” refers to indirect communication between a network node and a remote UE via a first interface (e.g., Uu) between the network node an intermediate (or relay) UE and a second interface (e.g., PC5) between the relay UE and the remote UE. In this case the relay UE is neither the source nor the destination.
  • an “out-of-coverage UE” is one that cannot establish a direct connection to the network and must communicate via either SL standalone or SL relay.
  • UEs that are in coverage can be configured by the network (e.g., gNB) via RRC signaling and/or broadcast system information, either directly (via Uu interface) or indirectly (via PC5 interface and relay UE Uu interface).
  • Out-of-coverage UEs rely on a (pre-)configuration available in their SIMs. These preconfigurations are generally static but can be updated by the network when a UE is in coverage.
  • a “peer UE” refers to a UE that can communicate with the out-of-coverage UE via SL standalone or SL relay (in which case the peer UE is also a relay UE).
  • 3 GPP Rel-17 includes a work item for coverage extension for SL-based communication, including UE-to-network relay for cellular coverage extension and UE-to-UE relay for SL coverage extension. Additionally, improving performance of power-limited UEs (e.g., pedestrian UEs, first responder UEs, etc.) and improving the performance using resource coordination are also important goals for the Rel-17 work.
  • power-limited UEs e.g., pedestrian UEs, first responder UEs, etc.
  • resource coordination are also important goals for the Rel-17 work.
  • U2N relay Two UE-based relay capabilities were studied for NR SL in Rel-17: UE-to-Network (U2N) relay, where a UE extends the network connectivity to another nearby UE by using direct communication; and UE-to-UE (U2U) relay, where a UE uses two direct communication links to connect two UEs in its proximity that otherwise are not able to communicate.
  • U2N relay functionality is fundamental for network coverage extension for public safety in remote areas, for wearable devices tethering in commercial use cases (e.g., sensors, virtual reality headsets), etc.
  • U2U relay functionality was not part of the LTE ProSe specification, and its inclusion on NR ProSe can be beneficial for public safety communications range extension for both in-network and off-network use cases.
  • LTE U2N relay functionality uses a Layer 3 (L3) architecture in which the relay of data packets via the PC5 interface is performed at the network layer, and UEs connected to a L3 U2N relay are transparent to the network.
  • L3 U2N relay uses two different architectures: a L3 architecture similar to LTE, and a newly defined architecture in which PC5 relaying occurs within Layer 2 (L2), over the RLC sublayer.
  • 3GPP TR 23.752 (v2.0.0) section 6.7 describes L2 -based U2N relay functionality, which includes forwarding functionality that can relay any type of traffic over the PC5 interface between two UEs.
  • a L2 U2N Relay UE supports connectivity to the 5GS (i.e., NG-RAN and 5GC) for other UEs that have successfully established a PC5 link to the L2 U2N Relay UE.
  • a UE connected to a L2N relay will be seen by the network as a regular UE., as if it was directly connected to the network. This gives the network control of the connection and services, but requires the definition of several new mechanisms not present or needed in the L3 architecture.
  • 3GPP TR 23.752 (v2.0.0) section 6.6 describes L3-based U2N relay functionality (also referred to as “ProSe 5G U2N Relay”) that can be used for both public safety and commercial services.
  • a ProSe 5G U2N Relay UE supports connectivity to the 5GS (i.e., NG-RAN and 5GC) for other UEs that have successfully established a PC5 link to the ProSe 5G U2N Relay UE.
  • Figure 5 shows a reference architecture for 5G ProSe L3 U2N relay.
  • 3GPP TS 33.503 defines security procedures for 5G ProSe Communication via 5G ProSe U2N Relay, specifically user-plane (UP) based and control-plane (CP) procedures. Both can be used for 5G ProSe U2N Relay authorization and security establishment via PC5 interface.
  • UP user-plane
  • CP control-plane
  • Figure 6 shows a signaling diagram of the UP procedure for authorization and secure PC5 link establishment for 5G ProSe U2N Relay.
  • the UP procedure uses a UP connection to the 5G ProSe Key Management Function (PKMF) in the 5GC.
  • PKMF 5G ProSe Key Management Function
  • the 5G ProSe Remote UE is provisioned with the discovery security materials and Prose Remote User Key (UP-PRUK) when it is in coverage. These security materials are associated with an expiration time, after which they become invalid. If the UE does not have valid discovery security materials, the 5G ProSe Remote UE needs to connect to the 5G PKMF and obtain fresh ones to use the 5G ProSe UE-to-Network Relay services.
  • the operations of the procedure shown in Figure 6 are described in detail in 3GPP TS 33.503 (vl7.1.0) section 6.3.3.2.2.
  • Figure 7 shows a signaling diagram of the CP procedure for authorization and secure PC5 link establishment for 5G ProSe U2N Relay.
  • the CP procedure uses the ProSe authentication vehicle over NAS procedure towards AMF and authentication server function (AUSF) in the 5GC.
  • the procedure includes the 5G ProSe Remote UE being authenticated by the AUSF of the 5G ProSe Remote UE via the 5G ProSe UE-to-Network Relay and the AMF of the 5G ProSe UE-to- Network Relay during 5G ProSe PC5 establishment. This mechanism can be used when the 5G ProSe Remote UE is out of coverage.
  • the operations of the procedure show in Figure 7 are described in detail in 3GPP TS 33.503 (vl7.1.0) section 6.3.3.2.3.
  • 3GPP TR 23.752 (v2.0.0) section 6.10 describes ProSe 5G UE-to-UE (U2U) Relay.
  • a ProSe 5G UE-to-UE Relay is a (5G ProSe-enabled) UE that provides functionality to support L3 connectivity between 5G ProSe U2U UEs.
  • the source UE, the target UE, and the UE-to-UE relay may be in or out of 3GPP coverage.
  • UE-to-UE Relay and “relay UE” are used interchangeably herein.
  • 3GPP TR 33.740 (v0.2.0) describes a security solution for PC5 links between source UE, UE-to-UE relay, and target UE when the UE-to-UE relay is in 3GPP coverage.
  • This solution is referred to as “solution #3” and addresses two key issues: Security of UE-to-UE Relay and authorization in the UE-to-UE Relay Scenario.
  • This solution assumes that PKMF and 5G Direct Discovery Name Management Function (5GDDNMF) are deployed in the 5GC of the network.
  • 5GDDNMF 5G Direct Discovery Name Management Function
  • Figure 8 shows a signaling diagram for a high-level procedure of PC5 security between a source UE (810), target UE (830), UE-to-UE relay (820), and 5GC (840), according to solution #3, as further described in 3GPP TR 33.740 (v0.2.0) section 6.3.2.
  • the operations in Figure 8 are given numerical labels, this is intended to facilitate explanation rather than to require or imply any specific operational order, unless expressly stated otherwise.
  • the Source UE, the Target UE, and the UE-to-UE relay are provisioned with the discovery security materials and/or PRUK when they are in coverage.
  • the discovery procedure for UE-to-UE Relay is performed by the Source UE using the discovery parameters and discovery security material, based on the Relay Service Code for UE-to-UE Relay. If the UE-to-UE Relay is in 3GPP coverage, it also indicates whether network-based Relay service authentication and authorization is supported for UE-to-UE relay in the discovery announcement message.
  • the Source UE sends a Direct Communication Request (DCR) that contains PRUK ID or SUCI, Relay Service Code (RSC) of the UE-to-UE Relay service and KNRP freshness parameter 1 to the UE-to-UE Relay.
  • DCR Direct Communication Request
  • RSC Relay Service Code
  • the UE-to-UE Relay sends a Key Request message that contains PRUK ID or SUCI, RSC and KNRP freshness parameter 1 to the 5GC.
  • PRUK ID or SUCI PRUK ID or SUCI
  • RSC Radio Service Set
  • KNRP freshness parameter 1 PRUK ID or SUCI
  • 5GC 5G ProSe Communication via Layer-3 UE to-Network Relay
  • the 5GC sends the Key Response message to the UE-to- UE Relay, which includes KN P, KNRP freshness parameter 2.
  • the UE-to-UE Relay derives the session key (KNRP-SESS) from KNRP and then derives the confidentiality key (NRPEK) (if applicable) and integrity key (NRPIK) based on the PC5 security policies as specified in 3GPP TS 33.536 (vl7.1.0).
  • KNRP-SESS session key
  • NRPEK confidentiality key
  • NRPIK integrity key
  • the Source UE derives KNRP from its PRUK, RSC, KNRP Freshness Parameter 1 and the received KNRP Freshness Parameter 2 and then derives the session key (KN P- SESS) and the confidentiality key (NRPEK) (if applicable) and integrity key (NRPIK) based on the PC5 security policies in the same manner as the UE-to-UE Relay and processes the Direct Security Mode Command.
  • Successful verification of the Direct Security Mode Command assures the Source UE that the UE-to-UE Relay is authorized to provide the UE-to-UE relay service.
  • the Source UE responds with a Direct Security Mode Complete message to the UE-to-UE Relay.
  • the UE-to-UE Relay shall verify the Direct Security Mode Complete message. Successful verification of the Direct Security Mode Complete message assures the UE-to-UE Relay that the Source UE is authorized to get the UE-to-UE relay service.
  • the Source UE and UE-to-UE Relay continue the procedure for the UE-to- UE relay service over the secure PC5 link.
  • operations 1-6 described above are repeated for PC5 security establishment between the Target UE and UE-to-UE Relay.
  • PC5 security set up procedure between target UE and the UE-to-UE Relay may be performed in parallel to the PC5 security set up procedure between source UE and UE-to-UE Relay (operations 1-6). Note that it is for further study how the target UE determines whether this PC5 link is used for direct communication with the UE-to-UE Relay or for U2U communication with the Source UE.
  • the Source UE and the Target UE may establish an end-to-end Security via UE-to-UE relay. The detail is not described in this solution.
  • 3GPP TR 33.740 (vl7.1.0) also describes a solution for security of PC5 links between source UE, target UE, and L3 UE-to-UE relay based on Peer UE-to-Peer UE security, when the UEs are out of 3GPP coverage.
  • This solution is referred to as “solution #4” and addresses two key issues: 1) security of UE-to-UE Relay, and 2) authorization in the UE-to-UE Relay scenario.
  • This solution assumes long term credentials are provisioned into the UE(s) and form the root of the security of the PC5 unicast link as specified in 3GPP TS 33.536 (vl7.1.0).
  • Solution #4 uses authorization tokens as in OAuth 2.0 to indicate that a source UE, a target UE, or a L3 UE-to-UE relay is authorized to use or to serve a specific UE-to-UE service.
  • the source UE, the target UE, or the L3 UE-to-UE relay registers in the 3GPP network and is authorized to use the UE-to-UE service
  • the network provides a token stating what kind of UE-to- UE service it can use or serve.
  • the token has an expiration time and is signed with a private key.
  • the network also provides the public key to the UEs to be used for verifying the token from other parties.
  • Figure 9 shows a signaling diagram for a high-level procedure for PC5 security between source UE (910), target UE (930), UE-to-UE relay (920), and 5GC (940) according to solution #4, as further described in 3GPP TR 33.740 (v0.2.0) section 6.4.2.
  • the Source UE, Target UE, and UE-to-UE relay are provisioned with the discovery security materials and request authorization tokens when they are in coverage.
  • the discovery security materials can include a discovery security key associated with a Relay Service Code (RSC) for UE-to-UE Relay.
  • RSC Relay Service Code
  • the discovery procedure for UE-to-UE Relay is performed by the Source UE using the discovery parameters and discovery security material, based on the RSC for UE-to-UE Relay.
  • DCR Direct Communication Request
  • RSC Relay Service Code
  • Direct Auth and Key Establish procedure is performed as specified in 3GPP TS 33.536 (vl7.1.0).
  • the UE-to-UE Relay uses the public key provided by the network to verify the authorization token of the Source UE, i.e., that the Source UE is authorized to get the UE-to-UE relay service.
  • the UE-to-UE Relay derives KNRP and other security material as specified in 3GPP TS 33.536 (vl7.1.0) and sends a Direct Security Mode Command message to the Source UE including the authorization token of the UE-to-UE Relay, which was provisioned in operation 0.
  • the Source UE uses the public key provided by the network to verify the authorization token of the UE-to-UE Relay, i.e., that the UE-to-UE Relay is authorized to provide the UE-to-UE relay service.
  • the Source UE derives KNRP and other security material in a similar manner as the UE-to-UE Relay in operation 5.
  • the Source UE sends the Direct Security Mode Complete message to the UE-to-UE.
  • the Source UE and UE-to-UE Relay continue with the rest of procedure for the UE-to-UE relay service over the secure PC5 link.
  • operations 1-8 described above are repeated for PC5 security establishment between the Target UE and UE-to-UE Relay. It is currently unclear whether the PC5 security set up procedure between target UE and UE-to-UE Relay (operation 9) can be performed after or in parallel with the PC5 security set up procedure between source UE and UE-to-UE Relay (operations 1-8). It is also currently unclear how the target UE determines whether this PC5 link is used for direct communication with the UE-to-UE Relay or for U2U communication with Source UE.
  • the Source UE and the Target UE may establish an end-to-end Security via UE-to-UE relay.
  • the detail is not described in this solution.
  • Various aspects require further study, including the method for providing End to End IP security, the need of End-to-end security in L3 relay, and the impact on the protocol stack to support end-to-end security for a L3 relay.
  • solution #4 is based on using authorization tokens as in OAuth 2.0 to indicate that a source UE, a target UE, or a UE-to-UE relay is authorized to use or to serve a specific UE-to-UE service.
  • the source, target, or relay UE registers in the 3GPP network and is authorized to use a particular UE-to-UE service
  • the network provides a token indicating the UE-to-UE service it can use.
  • the token has an expiration time and is signed with a private key.
  • the network also provides the public key to the UEs for verifying the token when received from other UEs.
  • the authorization token is sent in clear text, it can be intercepted by an attacker who can then replay the token. In this way, the attacker may gain unauthorize service from a relay UE or deceive a peer UE into attempting to obtain the UE-to-UE service from the attacker. This can cause various problems, issues, and/or difficulties.
  • Embodiments of the present disclosure provide flexible and efficient techniques whereby an authorization token sent during direct communication between UEs is protected with the keys used during a discovery procedure between the UEs. By keeping the authorization token secure in this manner, embodiments prevent various threats by attackers, such as described above. Accordingly, communications between a source UE and a target UE via a relay UE are made more secure.
  • Figure 10 shows a signaling diagram for a security procedure between a source UE (1010), a target UE (1030), a UE-to-UE relay (1020), and a 5GC (1040), according to some embodiments of the present disclosure.
  • Operations 0-1 are the same as operations 0-1 of Figure 9, described above.
  • the Source UE sends a Direct Communication Request (DCR) that contains Relay Service Code (RSC) of the UE-to-UE Relay service and authorization token of Source UE, which was provisioned/received in operation 0.
  • DCR Direct Communication Request
  • RSC Relay Service Code
  • the message also includes the Key Est lnfo used for direct authentication and key establishment.
  • the RSC and authorization token sent in operation 2 are confidentiality protected with discovery security materials that were provisioned/received in operation 0.
  • the following parameters can be used to form the input S to the key derivation function (KDF) specified in 3GPP TS 33.220 (vl7.3.0) Annex B:
  • L0 length of UTC-based counter (i.e., 0x00 0x04);
  • LI length of RSC (i.e., 0x00 0x03).
  • the input key can be the discovery security key mentioned above.
  • the length-L RSC can be protected by exclusive or (XOR) with the first L bits of the DCR confidentiality keystream.
  • the length-Ll authorization token can be protected according to one of the following:
  • KDF output keystream as building block to generate an extended key stream that is the length of the authorization token (L, e.g., by concatenation/repetition of the KDF output keystream), then XOR the extended keystream with the authorization token.
  • Direct Auth and Key Establish procedure is performed as specified in 3 GPP TS 33.536 (vl7.1.0).
  • the UE-to-UE Relay uses the public key provided by the network to verify the authorization token of the Source UE, i.e., that the Source UE is authorized to get the UE-to-UE relay service.
  • the UE-to-UE Relay derives KNRP and other security material as specified in 3GPP TS 33.536 (vl7.1.0), and sends a Direct Security Mode Command message to the Source UE including the authorization token of UE-to-UE Relay, which was provisioned/received in operation 0.
  • the authorization token sent in operation 5 is confidentiality protected with the security materials that were derived in operation 5, in a similar manner as the authorization token sent in operation 2 (described above).
  • Operations 6-10 are the same as operations 6-10 of Figure 9, described above. However, different variants are possible with respect to operation 9.
  • the target UE behaves as the source UE in operations 1-8, sending the initial Direct Communication Request message to the relay UE.
  • the relay UE and target UE behave in operation 9 as the source UE and the relay UE, respectively, in operations 1-8. In these variants, the relay UE sends the initial Direct Communication Request message to the target UE.
  • Figure 11 shows a signaling diagram for another security procedure between a source UE (1110), a target UE (1130), UE-to-UE relay (1120), and a 5GC (1140), according to other embodiments of the present disclosure.
  • a source UE (1110) a target UE (1130), UE-to-UE relay (1120), and a 5GC (1140)
  • the operations shown in Figure 11 are given numerical labels, this is intended to facilitate explanation rather than to require or imply any specific operational order, unless expressly stated otherwise.
  • Operations 0-1 are the same as operations 0-1 of Figure 9, described above.
  • the Source UE sends a Direct Communication Request (DCR) that includes the Key Est lnfo used for direct authentication and key establishment.
  • DCR Direct Communication Request
  • DCR Direct Auth and Key Establish procedure is performed as specified in 3GPP TS 33.536 (vl7.1.0).
  • the UE-to-UE Relay derives KNRP and other security material and sends a Direct Security Mode Command message to the Source UE to setup security context for the relay UE and the source UE, as specified in 3GPP TS 33.536 (V17.1.0).
  • the Source UE sends a Link Establishment Request that includes a Relay Service Code (RSC) of the UE-to-UE Relay service and the authorization token of Source UE, which was provisioned/received in operation 0.
  • RSC Relay Service Code
  • the RSC and the token are protected using the security context set up in operation 4.
  • the UE-to-UE Relay uses the public key provided by the network to verify the authorization token of the Source UE, i.e., that the Source UE is authorized to obtain the UE-to-UE relay service.
  • the UE-to-UE Relay sends a Link Establishment Response to the Source UE, including the UE-to-UE Relay’s authorization token that provisioned/received in operation 0.
  • the token is protected with the security context set up in operation 4.
  • the Source UE uses the public key provided by the network to verify the authorization token of the UE-to-UE Relay, i.e., that the UE-to-UE Relay is authorized to provide the UE-to-UE relay service.
  • the Source UE sends the Link Establishment Complete message to the 5G ProSe UE-to-UE relay.
  • Operations 8-10 are the same as operations 8-10 of Figure 9, described above.
  • operations 5 and 6 can be reversed in order.
  • the UE-to-UE Relay sends a Link Establishment Request in operation 5a with its own authorization token, which is verified by the source UE in operation 5b, after which in operation 6a the source UE sends a Link Establishment Response with its own authorization token, which is verified by the UE-to-UE relay in operation 6b.
  • the UE-to-UE relay may send a Link Establishment Complete message to the source LE in operation 7.
  • the UE-to-UE relay includes its own authorization token in the Direct Security Mode Command, which is then verified by the source UE (e.g., an alternative operation 5). Subsequently, the source UE sends a Direct Security Mode Complete message with its own authorization token (e.g., an alternative operation 6), which is verified by the relay UE (e.g., an alternative operation 7).
  • Figures 12-13 show exemplary methods (e.g., procedures) for a relay UE and a source or target UE, respectively.
  • various features of the operations described below correspond to various embodiments described above.
  • the exemplary methods shown in Figures 12-13 can be used cooperatively to provide various benefits, advantages, and/or solutions to problems described herein.
  • Figures 12-13 show specific blocks in particular orders, the operations of the exemplary methods can be performed in different orders than shown and can be combined and/or divided into blocks having different functionality than shown. Optional blocks or operations are indicated by dashed lines.
  • Figure 12 shows an exemplary method (e.g., procedure) for a UE configured to operate as a relay UE for SL communication with a first UE, according to various embodiments of the present disclosure.
  • the exemplary method can be performed by a UE (e.g., wireless device) such as described elsewhere herein.
  • the exemplary method includes the operations of block 1210, where the UE can identify the first UE based on a SL discovery procedure performed by the UE or by the first UE, wherein the SL discovery procedure is performed using a discovery security key associated with a relay service code (RSC).
  • the exemplary method also includes the operations of block 1220, where the UE can receive, from the first UE, a first message that includes a first authorization token indicating that the first UE is authorized to obtain relay services, wherein the first authorization token is secured based on the discovery security key.
  • the exemplary method also includes the operations of block 1230, where the UE can obtain the first authorization token in clear text using the discovery security key.
  • the exemplary method can also include the operations of block 1260, where the UE can send to the first UE a second message that includes a second authorization token indicating that the UE is authorized to provide relay services.
  • the second authorization key is signed using the private key associated with the wireless network.
  • Figure 10 operation 5 and Figure 11 operation 6a are examples of the operations of block 1260.
  • the first message also includes key establishment information and the exemplary method can also include the operations of block 1250, where the UE can obtain a further security key (Knrp) based on the key establishment information.
  • the second authorization token i.e., sent in block 1260
  • obtaining the further security key in block 1250 is based on a Direct Auth and Key Establish procedure performed with the first UE (e.g., as shown in Figures 10-11).
  • the first authorization token is signed using a private key associated with the wireless network.
  • the exemplary method can also include the following operations, labelled by corresponding block numbers:
  • Figure 10 operations 4, 7, and 8 are one example of these operations.
  • Figure 11 operations 5b, 7, and 8 are another example of these operations.
  • the exemplary method can also include the operations of block 1205, where the UE can obtain the following from the wireless network before the SL discovery procedure: the discovery security key associated with the RSC, the second authorization token, and the public key used to verify the first authorization token.
  • Figures 10-11 operation 0 are examples of the operations of block 1205.
  • the second message is a direct security mode command (e.g., as in Figure 10). In other embodiments, the second message is a link establishment response (e.g., as in Figure 11). In some embodiments, the first message is a direct communication request (e.g., as in Figure 10). In other embodiments, the first message is a link establishment request (e.g., as in Figure 11).
  • the first UE is a target UE in relation to SL communication via the relay UE. In other embodiments, the first UE is a source UE in relation to SL communication via the relay UE. In some of these embodiments, the exemplary method can also include the following operations, labelled with corresponding block numbers:
  • Figure 13 shows an exemplary method (e.g., procedure) for a first UE configured for SL communication via a relay UE, according to various embodiments of the present disclosure.
  • the exemplary method can be performed by a source or target UE (e.g., wireless device) such as described elsewhere herein.
  • the first UE may be a source UE or a target UE (i.e., in relation to SL communication via the relay UE) in various embodiments.
  • the exemplary method includes the operations of block 1310, where the first UE can identify the relay UE based on a SL discovery procedure performed by the relay UE or by the first UE.
  • the SL discovery procedure is performed using a discovery security key associated with an RSC.
  • the exemplary method also includes the operations of block 1320, where the first UE can secure a first authorization token using the discovery security key.
  • the first authorization token indicates that the first UE is authorized to obtain relay services.
  • the exemplary method also includes the operations of block 1330, where the first UE can send to the relay UE a first message including the secured first authorization token.
  • the first authorization token is signed using a private key associated with the wireless network.
  • the exemplary method can include the operations of block 1340, where the first UE can receive from the relay UE a second message that includes a second authorization token indicating that the relay UE is authorized to provide relay services.
  • the second authorization key is signed using the private key associated with the wireless network.
  • the exemplary method can include the operations of block 1370, where the first UE can verify the second authorization token based on a public key associated with the private key used to sign the second authorization token.
  • Figure 10 operations 5-6 and Figure 11 operations 6a-7 are examples of the operations of blocks 1340 and 1370.
  • the first message also includes key establishment information and the second authorization token is secured using a further security key (Knrp) obtained by the relay UE based on the key establishment information.
  • the exemplary method can also include the operations of block 1360, where the first UE can obtain the second authorization token in clear text using the further security key.
  • the exemplary method can also include the operations of block 1350, where the first UE can obtain the further security key based on a Direct Auth and Key Establish procedure performed with the first UE.
  • the exemplary method can also include the operations of block 1305, where the first UE can obtain the following from the wireless network before the SL discovery procedure: the discovery security key associated with the RSC, the first authorization token, and the public key used to verify the second authorization token.
  • Figures 10-11 operation 0 are examples of the operations of block 1305.
  • the second message is a direct security mode command (e.g., as in Figure 10). In other embodiments, the second message is a link establishment response (e.g., as in Figure 11). In some embodiments, the first message is a direct communication request (e.g., as in Figure 10). In other embodiments, the first message is a link establishment request (e.g., as in Figure 11).
  • the exemplary method can also include the operations of blocks 1380-1390, where the first UE can send to the relay a third message indicating that the first UE verified the second authorization token and, based on the verifications of the first and second authorization tokens, establish a secure SL with the relay UE.
  • Figures 10-11 operations 7-8 are examples of the operations of blocks 1380-1390.
  • securing the first authorization token in block 1320 can include the following operations, labelled with corresponding sub-block numbers:
  • FIG. 14 shows an example of a communication system 1400 in accordance with some embodiments.
  • communication system 1400 includes telecommunication network 1402 that includes access network 1404 (e.g., RAN) and core network 1406, which includes one or more core network nodes 1408.
  • Access network 1404 includes one or more access network nodes, such as network nodes 1410a-b (one or more of which may be generally referred to as network nodes 1410), or any other similar 3 GPP access node or non-3GPP access point.
  • Network nodes 1410 facilitate direct or indirect connection of UEs, such as by connecting UEs 1412a-d (one or more of which may be generally referred to as UEs 1412) to core network 1406 over one or more wireless connections.
  • Example wireless communications over a wireless connection include transmitting and/or receiving wireless signals using electromagnetic waves, radio waves, infrared waves, and/or other types of signals suitable for conveying information without the use of wires, cables, or other material conductors.
  • communication system 1400 may include any number of wired or wireless networks, network nodes, UEs, and/or any other components or systems that may facilitate or participate in the communication of data and/or signals whether via wired or wireless connections.
  • Communication system 1400 may include and/or interface with any type of communication, telecommunication, data, cellular, radio network, and/or other similar type of system.
  • UEs 1412 may be any of a wide variety of communication devices, including wireless devices arranged, configured, and/or operable to communicate wirelessly with network nodes 1410 and other communication devices.
  • network nodes 1410 are arranged, capable, configured, and/or operable to communicate directly or indirectly with UEs 1412 and/or with other network nodes or equipment in telecommunication network 1402 to enable and/or provide network access, such as wireless network access, and/or to perform other functions, such as administration in telecommunication network 1402.
  • core network 1406 connects network nodes 1410 to one or more hosts, such as host 1416. These connections may be direct or indirect via one or more intermediary networks or devices. In other examples, network nodes may be directly coupled to hosts.
  • Core network 1406 includes one or more core network nodes (e.g., 1408) that are structured with hardware and software components. Features of these components may be substantially similar to those described with respect to the UEs, network nodes, and/or hosts, such that the descriptions thereof are generally applicable to the corresponding components of core network node 1408.
  • Example core network nodes include functions of one or more of a Mobile Switching Center (MSC), Mobility Management Entity (MME), Home Subscriber Server (HSS), Access and Mobility Management Function (AMF), Session Management Function (SMF), Authentication Server Function (AUSF), Subscription Identifier De-concealing function (SIDF), Unified Data Management (UDM), Security Edge Protection Proxy (SEPP), Network Exposure Function (NEF), and/or a User Plane Function (UPF).
  • MSC Mobile Switching Center
  • MME Mobility Management Entity
  • HSS Home Subscriber Server
  • AMF Access and Mobility Management Function
  • SMF Session Management Function
  • AUSF Authentication Server Function
  • SIDF Subscription Identifier De-concealing function
  • UDM Unified Data Management
  • SEPP Security Edge Protection Proxy
  • NEF Network Exposure Function
  • UPF User Plane Function
  • Host 1416 may be under the ownership or control of a service provider other than an operator or provider of access network 1404 and/or telecommunication network 1402, and may be operated by the service provider or on behalf of the service provider.
  • Host 1416 may host a variety of applications to provide one or more service. Examples of such applications include live and pre-recorded audio/video content, data collection services such as retrieving and compiling data on various ambient conditions detected by a plurality of UEs, analytics functionality, social media, functions for controlling or otherwise interacting with remote devices, functions for an alarm and surveillance center, or any other such function performed by a server.
  • communication system 1400 of Figure 14 enables connectivity between the UEs, network nodes, and hosts.
  • the communication system may be configured to operate according to predefined rules or procedures, such as specific standards that include, but are not limited to: Global System for Mobile Communications (GSM); Universal Mobile Telecommunications System (UMTS); Long Term Evolution (LTE), and/or other suitable 2G, 3G, 4G, 5G standards, or any applicable future generation standard (e.g., 6G); wireless local area network (WLAN) standards, such as the Institute of Electrical and Electronics Engineers (IEEE) 802.11 standards (WiFi); and/or any other appropriate wireless communication standard, such as the Worldwide Interoperability for Microwave Access (WiMax), Bluetooth, Z-Wave, Near Field Communication (NFC) ZigBee, LiFi, and/or any low-power wide-area network (LPWAN) standards such as LoRa and Sigfox.
  • GSM Global System for Mobile Communications
  • UMTS Universal Mobile Telecommunications System
  • LTE Long Term Evolution
  • telecommunication network 1402 is a cellular network that implements 3 GPP standardized features. Accordingly, telecommunication network 1402 may support network slicing to provide different logical networks to different devices that are connected to telecommunication network 1402. For example, telecommunication network 1402 may provide Ultra Reliable Low Latency Communication (URLLC) services to some UEs, while providing Enhanced Mobile Broadband (eMBB) services to other UEs, and/or Massive Machine Type Communication (mMTC)/Massive loT services to yet further UEs.
  • URLLC Ultra Reliable Low Latency Communication
  • eMBB Enhanced Mobile Broadband
  • mMTC Massive Machine Type Communication
  • UEs 1412 are configured to transmit and/or receive information without direct human interaction.
  • a UE may be designed to transmit information to access network 1404 on a predetermined schedule, when triggered by an internal or external event, or in response to requests from access network 1404.
  • a UE may be configured for operating in single- or multi-RAT or multi-standard mode.
  • a UE may operate with any one or combination of Wi-Fi, NR (New Radio) and LTE, i.e. being configured for multi-radio dual connectivity (MR-DC), such as E-UTRAN (Evolved-UMTS Terrestrial Radio Access Network) New Radio - Dual Connectivity (EN-DC).
  • MR-DC multi-radio dual connectivity
  • hub 1414 communicates with access network 1404 to facilitate indirect communication between one or more UEs (e.g., 1412c and/or 1412d) and network nodes (e.g., 1410b).
  • hub 1414 may be a controller, router, content source and analytics, or any of the other communication devices described herein regarding UEs.
  • hub 1414 may be a broadband router enabling access to core network 1406 for the UEs.
  • hub 1414 may be a controller that sends commands or instructions to one or more actuators in the UEs. Commands or instructions may be received from the UEs, network nodes 1410, or by executable code, script, process, or other instructions in hub 1414.
  • hub 1414 may be a data collector that acts as temporary storage for UE data and, in some embodiments, may perform analysis or other processing of the data.
  • hub 1414 may be a content source. For example, for a UE that is a VR headset, display, loudspeaker or other media delivery device, hub 1414 may retrieve VR assets, video, audio, or other media or data related to sensory information via a network node, which hub 1414 then provides to the UE either directly, after performing local processing, and/or after adding additional local content.
  • hub 1414 acts as a proxy server or orchestrator for the UEs, e.g., if one or more of the UEs are low energy loT devices.
  • Hub 1414 may have a constant/persistent or intermittent connection to network node 1410b. Hub 1414 may also allow for a different communication scheme and/or schedule between hub 1414 and UEs (e.g., 1412c and/or 1412d), and between hub 1414 and core network 1406. In other examples, hub 1414 is connected to core network 1406 and/or one or more UEs via a wired connection. Moreover, hub 1414 may be configured to connect to an M2M service provider over access network 1404 and/or to another UE over a direct connection. In some scenarios, UEs may establish a wireless connection with network nodes 1410 while still connected via hub 1414 via a wired or wireless connection.
  • UEs may establish a wireless connection with network nodes 1410 while still connected via hub 1414 via a wired or wireless connection.
  • hub 1414 may be a dedicated hub - that is, a hub whose primary function is to route communications to/from the UEs from/to network node 1410b.
  • hub 1414 may be a non-dedicated hub - that is, a device which can route communications between the UEs and network node 1410b, but which is additionally capable of operating as a communication start and/or end point for certain data channels.
  • FIG. 15 shows a UE 1500 in accordance with some embodiments.
  • a UE include, but are not limited to, a smart phone, mobile phone, cell phone, voice over IP (VoIP) phone, wireless local loop phone, desktop computer, personal digital assistant (PDA), wireless cameras, gaming console or device, music storage device, playback appliance, wearable terminal device, wireless endpoint, mobile station, tablet, laptop, laptop-embedded equipment (LEE), laptop-mounted equipment (LME), smart device, wireless customer-premise equipment (CPE), vehicle-mounted or vehicle embedded/integrated wireless device, etc.
  • Other examples include any UE identified by 3 GPP, including a narrow band internet of things (NB-IoT) UE, a machine type communication (MTC) UE, and/or an enhanced MTC (eMTC) UE.
  • NB-IoT narrow band internet of things
  • MTC machine type communication
  • eMTC enhanced MTC
  • a UE may support device-to-device (D2D) communication, for example by implementing a 3GPP standard for sidelink communication, Dedicated Short-Range Communication (DSRC), vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I), or vehicle-to-everything (V2X).
  • D2D device-to-device
  • DSRC Dedicated Short-Range Communication
  • V2V vehicle-to-vehicle
  • V2I vehicle-to-infrastructure
  • V2X vehicle-to-everything
  • a UE may not necessarily have a user in the sense of a human user who owns and/or operates the relevant device.
  • a UE may represent a device that is intended for sale to, or operation by, a human user but which may not, or which may not initially, be associated with a specific human user (e.g., a smart sprinkler controller).
  • a UE may represent a device that is not intended for sale
  • UE 1500 includes processing circuitry 1502 that is operatively coupled via bus 1504 to input/output interface 1506, power source 1508, memory 1510, communication interface 1512, and optionally to one or more other components not explicitly shown. Moreover, certain UEs may utilize all or a subset of the components shown in Figure 15. The level of integration between the components may vary from one UE to another UE. Further, certain UEs may contain multiple instances of a component, such as multiple processors, memories, transceivers, transmitters, receivers, etc.
  • Processing circuitry 1502 is configured to process instructions and data and may be configured to implement any sequential state machine operative to execute instructions stored as machine-readable computer programs in memory 1510.
  • Processing circuitry 1502 may be implemented as one or more hardware-implemented state machines (e.g., in discrete logic, field- programmable gate arrays (FPGAs), application specific integrated circuits (ASICs), etc.); programmable logic together with appropriate firmware; one or more stored computer programs, general -purpose processors, such as a microprocessor or digital signal processor (DSP), together with appropriate software; or any combination of the above.
  • processing circuitry 1502 may include multiple central processing units (CPUs).
  • input/output interface 1506 may be configured to provide an interface or interfaces to an input device, output device, or one or more input and/or output devices.
  • Examples of an output device include a speaker, a sound card, a video card, a display, a monitor, a printer, an actuator, an emitter, a smartcard, another output device, or any combination thereof.
  • An input device may allow a user to capture information into UE 1500.
  • Examples of an input device include a touch-sensitive or presence-sensitive display, a camera (e.g., a digital camera, a digital video camera, a web camera, etc.), a microphone, a sensor, a mouse, a trackball, a directional pad, a trackpad, a scroll wheel, a smartcard, and the like.
  • the presence-sensitive display may include a capacitive or resistive touch sensor to sense input from a user.
  • a sensor may be, for instance, an accelerometer, a gyroscope, a tilt sensor, a force sensor, a magnetometer, an optical sensor, a proximity sensor, a biometric sensor, etc., or any combination thereof.
  • An output device may use the same type of interface port as an input device.
  • a Universal Serial Bus (USB) port may be used to provide an input device and an output device.
  • power source 1508 is structured as a battery or battery pack.
  • Other types of power sources such as an external power source (e.g., an electricity outlet), photovoltaic device, or power cell, may be used.
  • Power source 1508 may further include power circuitry for delivering power from power source 1508 itself, and/or an external power source, to the various parts of UE 1500 via input circuitry or an interface such as an electrical power cable. Delivering power may be, for example, for charging power source 1508.
  • Power circuitry may perform any formatting, converting, or other modification to the power from power source 1508 to make the power suitable for the respective components of UE 1500 to which power is supplied.
  • Memory 1510 may be or be configured to include memory such as random access memory (RAM), read-only memory (ROM), programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), electrically erasable programmable read-only memory (EEPROM), magnetic disks, optical disks, hard disks, removable cartridges, flash drives, and so forth.
  • memory 1510 includes one or more application programs 1514, such as an operating system, web browser application, a widget, gadget engine, or other application, and corresponding data 1516.
  • Memory 1510 may store, for use by UE 1500, any of a variety of various operating systems or combinations of operating systems.
  • Memory 1510 may be configured to include a number of physical drive units, such as redundant array of independent disks (RAID), flash memory, USB flash drive, external hard disk drive, thumb drive, pen drive, key drive, high-density digital versatile disc (HD-DVD) optical disc drive, internal hard disk drive, Blu-Ray optical disc drive, holographic digital data storage (HDDS) optical disc drive, external mini-dual in-line memory module (DIMM), synchronous dynamic random access memory (SDRAM), external micro-DIMM SDRAM, smartcard memory such as tamper resistant module in the form of a universal integrated circuit card (UICC) including one or more subscriber identity modules (SIMs), such as a USIM and/or ISIM, other memory, or any combination thereof.
  • RAID redundant array of independent disks
  • HD-DVD high-density digital versatile disc
  • HDDS holographic digital data storage
  • DIMM external mini-dual in-line memory module
  • SDRAM synchronous dynamic random access memory
  • SDRAM synchronous dynamic random access memory
  • the UICC may for example be an embedded UICC (eUICC), integrated UICC (iUICC) or a removable UICC commonly known as “SIM card.”
  • Memory 1510 may allow UE 1500 to access instructions, application programs and the like, stored on transitory or non- transitory memory media, to off-load data, or to upload data.
  • An article of manufacture, such as one utilizing a communication system may be tangibly embodied as or in memory 1510, which may be or comprise a device-readable storage medium.
  • Processing circuitry 1502 may be configured to communicate with an access network or other network using communication interface 1512.
  • Communication interface 1512 may comprise one or more communication subsystems and may include or be communicatively coupled to an antenna 1522.
  • Communication interface 1512 may include one or more transceivers used to communicate, such as by communicating with one or more remote transceivers of another device capable of wireless communication (e.g., another UE or a network node in an access network).
  • Each transceiver may include transmitter 1518 and/or receiver 1520 appropriate to provide network communications (e.g., optical, electrical, frequency allocations, and so forth).
  • transmitter 1518 and/or receiver 1520 may be coupled to one or more antennas (e.g., 1522) and may share circuit components, software, or firmware, or alternatively be implemented separately.
  • communication functions of communication interface 1512 may include cellular communication, Wi-Fi communication, LPWAN communication, data communication, voice communication, multimedia communication, short-range communications such as Bluetooth, near-field communication, location-based communication such as the use of the global positioning system (GPS) to determine a location, another like communication function, or any combination thereof.
  • Communications may be implemented in according to one or more communication protocols and/or standards, such as IEEE 802.15, Code Division Multiplexing Access (CDMA), Wideband Code Division Multiple Access (WCDMA), GSM, LTE, New Radio (NR), UMTS, WiMax, Ethernet, transmission control protocol/internet protocol (TCP/IP), synchronous optical networking (SONET), Asynchronous Transfer Mode (ATM), QUIC, Hypertext Transfer Protocol (HTTP), and so forth.
  • a UE may provide an output of data captured by its sensors, through its communication interface 1512, via a wireless connection to a network node.
  • Data captured by sensors of a UE can be communicated through a wireless connection to a network node via another UE.
  • the output may be periodic (e.g., once every 15 minutes if it reports the sensed temperature), random (e.g., to even out the load from reporting from several sensors), in response to a triggering event (e.g., an alert is sent when moisture is detected), in response to a request (e.g., a user initiated request), or a continuous stream (e.g., a live video feed of a patient).
  • a UE comprises an actuator, a motor, or a switch, related to a communication interface configured to receive wireless input from a network node via a wireless connection.
  • the states of the actuator, the motor, or the switch may change.
  • the UE may comprise a motor that adjusts the control surfaces or rotors of a drone in flight according to the received input or to a robotic arm performing a medical procedure according to the received input.
  • a UE When in the form of an Internet of Things (loT) device, a UE may be used in one or more application domains such as wearable technology, extended industrial application, and healthcare.
  • an loT device can be (or be embedded in) a connected refrigerator or freezer, a TV, a connected lighting device, an electricity meter, a robot vacuum cleaner, a voice controlled smart speaker, a home security camera, a motion detector, a thermostat, a smoke detector, a door/window sensor, a flood/moisture sensor, an electrical door lock, a connected doorbell, an air conditioning system like a heat pump, an autonomous vehicle, a surveillance system, a weather monitoring device, a vehicle parking monitoring device, an electric vehicle charging station, a smart watch, a fitness tracker, a head-mounted display for Augmented Reality (AR) or Virtual Reality (VR), a wearable for tactile augmentation or sensory enhancement, a water sprinkler, an animal- or item-tracking device, a sensor for monitoring a plant or animal, an industrial
  • a UE may represent a machine or other device that performs monitoring and/or measurements, and transmits the results of such monitoring and/or measurements to another UE and/or a network node.
  • the UE may in this case be an M2M device, which may in a 3GPP context be referred to as an MTC device. Additionally or alternatively, the UE may implement the 3GPP NB-IoT standard.
  • a UE may represent a vehicle, such as a car, a bus, a truck, a ship and an airplane, or other equipment that is capable of monitoring and/or reporting on its operational status or other functions associated with its operation.
  • any number of UEs may be used together with respect to a single use case.
  • a first UE might be or be integrated in a drone and provide the drone’s speed information (obtained through a speed sensor) to a second UE that is a remote controller operating the drone.
  • the first UE may adjust the throttle on the drone (e.g., by controlling an actuator) to increase or decrease the drone’s speed.
  • the first and/or the second UE can also include more than one of the functionalities described above.
  • a UE might comprise the sensor and the actuator, and handle communication of data for both the speed sensor and the actuators.
  • the term unit can have conventional meaning in the field of electronics, electrical devices and/or electronic devices and can include, for example, electrical and/or electronic circuitry, devices, modules, processors, memories, logic solid state and/or discrete devices, computer programs or instructions for carrying out respective tasks, procedures, computations, outputs, and/or displaying functions, and so on, as such as those that are described herein.
  • any appropriate steps, methods, features, functions, or benefits disclosed herein may be performed through one or more functional units or modules of one or more virtual apparatuses.
  • Each virtual apparatus may comprise a number of these functional units.
  • These functional units may be implemented via processing circuitry, which may include one or more microprocessor or microcontrollers, as well as other digital hardware, which may include Digital Signal Processor (DSPs), special-purpose digital logic, and the like.
  • the processing circuitry may be configured to execute program code stored in memory, which may include one or several types of memory such as Read Only Memory (ROM), Random Access Memory (RAM), cache memory, flash memory devices, optical storage devices, etc.
  • Program code stored in memory includes program instructions for executing one or more telecommunications and/or data communications protocols as well as instructions for carrying out one or more of the techniques described herein.
  • the processing circuitry may be used to cause the respective functional unit to perform corresponding functions according to one or more embodiments of the present disclosure.
  • device and/or apparatus can be represented by a semiconductor chip, a chipset, or a (hardware) module comprising such chip or chipset; this, however, does not exclude the possibility that a functionality of a device or apparatus, instead of being hardware implemented, be implemented as a software module such as a computer program or a computer program product comprising executable software code portions for execution or being run on a processor.
  • functionality of a device or apparatus can be implemented by any combination of hardware and software.
  • a device or apparatus can also be regarded as an assembly of multiple devices and/or apparatuses, whether functionally in cooperation with or independently of each other.
  • devices and apparatuses can be implemented in a distributed fashion throughout a system, so long as the functionality of the device or apparatus is preserved. Such and similar principles are considered as known to a skilled person.
  • Embodiments of the present disclosure also include, but are not limited to, the following enumerated examples.
  • a method for a user equipment (UE) configured to operate as a relay UE for sidelink (SL) communication in a wireless network, the method comprising: identifying a first UE based on a SL discovery procedure performed by the relay UE or by the first UE, wherein the SL discovery procedure is performed using a discovery security key associated with a relay service code (RSC); receiving, from the first UE, a first message that includes a first authorization token indicating that the first UE is authorized to obtain relay services, wherein the first authorization token is secured based on the discovery security key; and obtaining the first authorization token in clear text using the discovery security key.
  • RSC relay service code
  • the method of embodiment Al further comprising sending, to the first UE, a second message that includes a second authorization token indicating that the relay UE is authorized to provide relay services, wherein the second authorization key is signed using the private key associated with the wireless network.
  • the first message also includes key establishment information; the method further comprises obtaining a further security key (KNRP) based on the key establishment information; and the second authorization token is secured using the discovery security key or the further security key.
  • KNRP further security key
  • A5 The method of any of embodiments A2-A5, wherein the first authorization token is signed using a private key associated with the wireless network.
  • A5a The method of embodiment A6, further comprising: verifying the first authorization token based on a public key associated with the private key used to sign the first authorization token; receiving from the first UE a third message indicating that the first UE verified the second authorization token; and based on the verifications of the first and second authorization tokens, establishing a secure SL with the first UE.
  • A6 The method of embodiment A5a, further comprising obtaining the following from the wireless network before the SL discovery procedure: the discovery security key associated with the RSC; the second authorization token; and the public key used to verify the first authorization token;
  • A7 The method of any of embodiments A2-A6, wherein the second message is one of the following: a direct communication request, or a link establishment response.
  • A8 The method of any of embodiments A1-A7, wherein the first message is one of the following: a direct communication request, or a link establishment request.
  • A9 The method of any of embodiments A1-A8, wherein the first UE is one of the following: a source UE, or a target UE.
  • a method for a first user equipment (UE) configured for sidelink (SL) communication via a relay UE in a wireless network comprising: identifying the relay UE based on a SL discovery procedure performed by the relay UE or by the first UE, wherein the SL discovery procedure is performed using a discovery security key associated with a relay service code (RSC); securing a first authorization token using the discovery security key, wherein the first authorization token indicates that the first UE is authorized to obtain relay services; and sending, to the relay UE, a first message including the secured first authorization token.
  • UE user equipment
  • SL sidelink
  • Bia The method of embodiment Bl, wherein the first authorization token is signed using a private key associated with the wireless network.
  • B2. The method of embodiment Bia, further comprising: receiving, from the relay UE, a second message that includes a second authorization token indicating that the relay UE is authorized to provide relay services, wherein the second authorization key is signed using the private key associated with the wireless network; and verifying the second authorization token based on a public key associated with the private key used to sign the second authorization token.
  • the first message also includes key establishment information
  • the second authorization token is secured using a further security key (KNRP) obtained by the relay UE based on the key establishment information
  • the method further comprises obtaining the second authorization token in clear text using the further security key.
  • KNRP further security key
  • securing the first authorization token using the discovery security key comprises: obtaining a direct communication request (DCR) confidentiality keystream based on the discovery security key; and obtaining the secured first authorization token based on a bit-by-bit exclusive OR (XOR) between the first authorization token and at least a portion of the DCR confidentiality keystream.
  • DCR direct communication request
  • XOR exclusive OR
  • BIO The method of any of embodiments B1-B9, wherein the first UE is one of the following: a source UE, or a target UE.
  • a user equipment configured to operate as a relay UE for sidelink (SL) communication between a source UE and a target UE in a wireless network, the UE comprising: communication interface circuitry configured to communicate with the source UE and the target UE; and processing circuitry operatively coupled to the communication interface circuitry, whereby the processing circuitry and the communication interface circuitry are configured to perform operations corresponding to any of the methods of embodiments A1-A9.
  • a user equipment configured to operate as a relay UE for sidelink (SL) communication between a source UE and a target UE in a wireless network, the UE being further configured to perform operations corresponding to any of the methods of embodiments A1-A9.
  • a non-transitory, computer-readable medium storing computer-executable instructions that, when executed by processing circuitry of a user equipment (UE) configured to operate as a relay UE for sidelink (SL) communication between a source UE and a target UE in a wireless network, the UE, configure the UE to perform operations corresponding to any of the methods of embodiments A1-A9.
  • UE user equipment
  • SL sidelink
  • a computer program product comprising computer-executable instructions that, when executed by processing circuitry of a user equipment (UE) configured to operate as a relay UE for sidelink (SL) communication between a source UE and a target UE in a wireless network, the UE, configure the UE to perform operations corresponding to any of the methods of embodiments A1-A9.
  • UE user equipment
  • SL sidelink
  • a first user equipment (UE) configured for sidelink (SL) communication with a second UE via a relay UE in a wireless network
  • the first UE comprising: communication interface circuitry configured to communicate with the relay UE and with the wireless network; and processing circuitry operatively coupled to the communication interface circuitry, whereby the processing circuitry and the communication interface circuitry are configured to perform operations corresponding to any of the methods of embodiments Bl -BIO.
  • a first user equipment (UE) configured for sidelink (SL) communication with a second UE via a relay UE in a wireless network, the first UE being further configured to perform operations corresponding to any of the methods of embodiments Bl -BIO.
  • a non-transitory, computer-readable medium storing computer-executable instructions that, when executed by processing circuitry of a first user equipment (UE) configured for sidelink (SL) communication with a second UE via a relay UE in a wireless network, configure the first UE to perform operations corresponding to any of the methods of embodiments Bl- B10.
  • UE user equipment
  • SL sidelink
  • a computer program product comprising computer-executable instructions that, when executed by processing circuitry of a first user equipment (UE) configured for sidelink (SL) communication with a second UE via a relay UE in a wireless network, configure the first UE to perform operations corresponding to any of the methods of embodiments Bl -BIO.
  • UE user equipment
  • SL sidelink

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne, dans des modes de réalisation, des procédés pour un équipement utilisateur (UE) configuré pour fonctionner en tant qu'UE relais pour une communication de liaison latérale (SL) dans un réseau sans fil. De tels procédés consistent à identifier un premier UE sur la base d'une procédure de découverte de SL effectuée par l'UE relais ou par le premier UE. La procédure de découverte de SL est effectuée à l'aide d'une clé de sécurité de découverte associée à un code de service de relais (RSC). De tels procédés consistent à recevoir, du premier UE, un premier message qui comprend un premier jeton d'autorisation indiquant que le premier UE est autorisé à obtenir des services de relais. Le premier jeton d'autorisation est sécurisé sur la base de la clé de sécurité de découverte. De tels procédés consistent à obtenir le premier jeton d'autorisation dans un texte clair à l'aide de la clé de sécurité de découverte. D'autres modes de réalisation comprennent des procédés complémentaires pour le premier UE, ainsi que des UE configurés pour réaliser de tels procédés.
PCT/EP2023/075029 2022-09-30 2023-09-12 Protection basée sur un jeton pour des communications de liaison latérale WO2024068264A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2022123384 2022-09-30
CNPCT/CN2022/123384 2022-09-30

Publications (1)

Publication Number Publication Date
WO2024068264A1 true WO2024068264A1 (fr) 2024-04-04

Family

ID=88020825

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2023/075029 WO2024068264A1 (fr) 2022-09-30 2023-09-12 Protection basée sur un jeton pour des communications de liaison latérale

Country Status (1)

Country Link
WO (1) WO2024068264A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022070170A1 (fr) * 2020-10-02 2022-04-07 Telefonaktiebolaget Lm Ericsson (Publ) Gestion des clés pour l'accès relais ue-à-réseau
WO2022079572A1 (fr) * 2020-10-12 2022-04-21 Telefonaktiebolaget Lm Ericsson (Publ) Ue relais et autorisation d'ue distant

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022070170A1 (fr) * 2020-10-02 2022-04-07 Telefonaktiebolaget Lm Ericsson (Publ) Gestion des clés pour l'accès relais ue-à-réseau
WO2022079572A1 (fr) * 2020-10-12 2022-04-21 Telefonaktiebolaget Lm Ericsson (Publ) Ue relais et autorisation d'ue distant

Non-Patent Citations (7)

* Cited by examiner, † Cited by third party
Title
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Study on security aspects of enhancement for proximity based services in the 5G System (5GS) (Release 17)", no. V17.1.0, 24 March 2022 (2022-03-24), pages 1 - 166, XP052144810, Retrieved from the Internet <URL:https://ftp.3gpp.org/Specs/archive/33_series/33.847/33847-h10.zip 33847-h10.docx> [retrieved on 20220324] *
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Study on security aspects of Proximity Based Services (ProSe) in 5G System (5GS) phase 2 (Release 18)", no. V0.2.0, 1 September 2022 (2022-09-01), pages 1 - 38, XP052210640, Retrieved from the Internet <URL:https://ftp.3gpp.org/Specs/archive/33_series/33.740/33740-020.zip S3-222344-r1 TR33.740-v0.2.0-rm.docx> [retrieved on 20220901] *
3GPP TR 23.752
3GPP TR 33.740
3GPP TS 33.220
3GPP TS 33.503
3GPP TS 33.536

Similar Documents

Publication Publication Date Title
ES2848119T3 (es) Un método y un sistema para indicar una suscripción SMS al UE tras un cambio en la suscripción SMS en una red
US10952051B2 (en) Core network connectionless small data transfer
EP3643098A1 (fr) Systèmes et procédés de protection de la confidentialité d&#39;un identifiant de tranche 5g
JP7127689B2 (ja) コアネットワーク装置、通信端末、及び通信方法
TWI771469B (zh) 無線電鏈路控制未經認可模式接收技術
WO2021132096A1 (fr) Nœud amf et procédé associé
US20210051477A1 (en) Apparatus and method for access control, management, and protection in wireless communication system
CN110383868A (zh) 无线通信系统中的非活动状态安全支持
JP2023040195A (ja) 通信方法、及びユーザ装置
WO2024068264A1 (fr) Protection basée sur un jeton pour des communications de liaison latérale
JP2024531869A (ja) 5g非シームレスワイヤレスローカルエリアネットワークオフロード
WO2024068338A1 (fr) Sécurité pour relais d&#39;ue à ue de liaison latérale (sl)
TWI827287B (zh) 基於混合arq考量之控制通道監控
EP4007330A1 (fr) Procédé et appareil pour la protection des informations dans un système de communication sans fil
US20240323689A1 (en) Protection of bap transmissions
WO2023098209A1 (fr) Procédé, dispositif et système de protection de transmission de données
WO2023054568A1 (fr) Nœud amf, uav, nœud smf, procédé et support lisible par ordinateur non transitoire
US20240292478A1 (en) Handling of secondary node (sn) configurations during multi-rat dual connectivity (mr-dc) release
US20220124862A1 (en) Method and device for processing nas message information in wireless communication system
WO2024175369A1 (fr) Authentification secondaire pour équipement utilisateur distant
WO2023016698A1 (fr) Protection de transmissions bap
KR20230018204A (ko) 무선 통신 시스템에서 단말의 프로토콜 데이터 유닛 세션의 관리를 위한 방법 및 장치
WO2024072286A1 (fr) Déclenchement de positionnement basé sur liaison latérale
KR20240039208A (ko) 연결 셋업 메시지에 대한 응답으로 구성된 애플리케이션-레이어 측정 관리
EP4409966A1 (fr) Indication de prise en charge de réseau de diverses fonctionnalités de liaison latérale (sl)

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23768881

Country of ref document: EP

Kind code of ref document: A1