CN111194032B - Communication method and device thereof - Google Patents

Communication method and device thereof Download PDF

Info

Publication number
CN111194032B
CN111194032B CN201811353057.4A CN201811353057A CN111194032B CN 111194032 B CN111194032 B CN 111194032B CN 201811353057 A CN201811353057 A CN 201811353057A CN 111194032 B CN111194032 B CN 111194032B
Authority
CN
China
Prior art keywords
user plane
base station
pdu session
security protection
protection method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811353057.4A
Other languages
Chinese (zh)
Other versions
CN111194032A (en
Inventor
李�赫
李永翠
陈璟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201811353057.4A priority Critical patent/CN111194032B/en
Priority to PCT/CN2019/118197 priority patent/WO2020098719A1/en
Publication of CN111194032A publication Critical patent/CN111194032A/en
Application granted granted Critical
Publication of CN111194032B publication Critical patent/CN111194032B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W28/00Network traffic management; Network resource management
    • H04W28/02Traffic management, e.g. flow control or congestion control
    • H04W28/08Load balancing or load distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W28/00Network traffic management; Network resource management
    • H04W28/02Traffic management, e.g. flow control or congestion control
    • H04W28/08Load balancing or load distribution
    • H04W28/082Load balancing or load distribution among bearers or channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/12Setup of transport tunnels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/15Setup of multiple wireless link connections

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the application provides a communication method and a device thereof, wherein the method comprises the following steps: the user terminal determines that two pieces of uplink user plane data need to be sent through a first PDU session, and user plane safety end points of the two pieces of uplink user plane data are respectively located at a main base station and a secondary base station; according to a first user plane safety protection method between a user terminal and an auxiliary base station, carrying out safety protection on uplink user plane data needing to be sent by the auxiliary base station to obtain first uplink user plane data; according to a second user plane safety protection method between the user terminal and the main base station, carrying out safety protection on uplink user plane data needing to be sent through the main base station; and sending the first uplink user plane data to the auxiliary base station and sending the second uplink user plane data to the main base station. By adopting the embodiment of the application, the safety of the user plane between the user terminal and the main base station and between the user terminal and the auxiliary base station can be ensured, so that the confidentiality and the integrity of user plane data transmission are ensured.

Description

Communication method and device thereof
Technical Field
The embodiment of the application relates to the technical field of communication, in particular to a communication method and a device thereof.
Background
With the development of communication technology, fifth generation mobile communication (5)thGeneration, 5G) accredited, third generation partnership project (3)rd-generation partnership project, 3GPP) defines three major application scenarios of 5G, respectively massive machine type of communication (mtc)Ultra-reliable and ultra-low latency communication&low latency communication, urlllc) and enhanced mobile bandwidth (eMBB). The URLLC scene can save time, improve efficiency, save resources and meet the low-delay and high-reliability connection services of unmanned driving, industrial automation and the like.
In a URLLC scenario, referring to a network architecture schematic diagram in a urrllc scenario shown in fig. 1, User Equipment (UE) copies data to be sent to obtain two identical data, where one is directly transmitted to a primary base station and the other is directly transmitted to a secondary base station. The main base station and the auxiliary base station respectively transmit the data to a User Plane Function (UPF) network element. Before the method for respectively transmitting one part of data through the main base station and the auxiliary base station is provided, the UE only transmits one part of data to the UPF network element through one base station, and if the UPF network element does not receive the data, the UE retransmits the data, so that the transmission delay is increased. The method for respectively transmitting one part of data by the main base station and the auxiliary base station can reduce the data loss probability, thereby achieving the purposes of reducing transmission delay and improving transmission reliability. When the UE sends two pieces of data to the core network element, the primary base station and the secondary base station send one piece of data to the core network element respectively, which is equivalent to the primary base station and the secondary base station providing services for the UE, so that a scenario in which the UE sends two pieces of data to the core network element can be understood as a dual-connection scenario, and a URLLC scenario can also be understood as a dual-connection scenario.
In a URLLC scenario, when a UE transmits two pieces of data to a core network element through a main base station and an auxiliary base station, user plane security needs to be terminated on the main base station and the auxiliary base station. However, in the current dual-connection user plane security protection scheme, the user plane security can only be terminated on the main base station or the auxiliary base station. Therefore, the current dual-connection user plane security protection scheme cannot be applied to a scenario in which the UE sends two pieces of data to the core network element, and how to ensure the user plane security between the UE and the primary base station and between the UE and the secondary base station is an urgent technical problem to be solved in the scenario in which the UE sends two pieces of data to the core network element.
Disclosure of Invention
The technical problem to be solved in the embodiments of the present application is to provide a communication method and a device thereof, which can ensure the security of user planes between a user terminal and a primary base station and between the user terminal and a secondary base station in a scenario where a UE sends two pieces of data to a network element of a core network, thereby ensuring the confidentiality and integrity of user plane data transmission in the scenario.
A first aspect of an embodiment of the present application provides a communication method, including:
a user terminal determines that two pieces of uplink user plane data need to be sent through a first Packet Data Unit (PDU) session, and user plane security end points of the two pieces of uplink user plane data are respectively in a main base station and a secondary base station; then, according to a first user plane security protection method between the user terminal and the secondary base station, performing security protection on uplink user plane data which needs to be sent by the secondary base station in the two uplink user plane data to obtain first uplink user plane data; the first user plane safety protection method is used for indicating whether user plane encryption protection aiming at a first PDU session between a user terminal and a secondary base station is started and/or whether user plane integrity protection is started; according to a second user plane safety protection method between the user terminal and the main base station, safety protection is carried out on the uplink user plane data which needs to be sent by the main base station in the two uplink user plane data, and second uplink user plane data are obtained; the second user plane safety protection method is used for indicating whether the user plane encryption protection aiming at the first PDU conversation between the user terminal and the main base station is started and/or whether the user plane integrity protection is started; and then, sending the first uplink user plane data to the secondary base station and sending the second uplink user plane data to the main base station.
In the first aspect of the embodiment of the present application, when it is determined that two pieces of uplink user plane data need to be sent through a first PDU session and user plane security end points of the two pieces of uplink user plane data are respectively located in a main base station and an auxiliary base station, a user terminal performs security protection on the uplink user plane data that needs to be sent through the auxiliary base station according to a first user plane security protection method to obtain first uplink user plane data, sends the first uplink user plane data to the auxiliary base station, performs security protection on the uplink user plane data that needs to be sent through the main base station according to a second user plane security protection method to obtain second uplink user plane data, and sends the second uplink user plane data to the main base station, so that the user terminal can support the situation that the user plane security end points are located in the main base station and the auxiliary base station, and thus can ensure that the user terminal sends the two pieces of data to a core network element, and the user interfaces between the user terminal and the main base station and between the user terminal and the auxiliary base station are safe, so that the confidentiality and the integrity of user interface data transmission under the scene are ensured.
The ue sends two uplink user plane data through a PDU session, and the user plane security end points of the two uplink user plane data are respectively in the primary base station and the secondary base station, which may be a URLLC scenario. In a URLLC scenario, a user terminal needs to send two pieces of uplink user plane data to a core network element through a PDU session, and user plane security end points of the two pieces of uplink user plane data are respectively at a primary base station and a secondary base station, where the core network element refers to a user plane network element.
In a possible implementation manner, when the user terminal receives the first indication information from the primary base station, it may be determined that two pieces of uplink user plane data need to be sent through the first PDU session according to the first indication information, and user plane security end points of the two pieces of uplink user plane data are respectively at the primary base station and the secondary base station. The first indication information is used for indicating that the first PDU session is a URLLC PDU session. The first indication information may be carried in a Radio Resource Control (RRC) connection reconfiguration request, and the main base station informs the user terminal that the first PDU session is a URLLC PDU session through the RRC connection reconfiguration request, so that the user terminal performs security protection on uplink user plane data in view of the situation that the user plane security termination is in the main base station and the secondary base station.
In a possible implementation manner, when receiving the first indication information from the secondary base station, the user terminal may determine, according to the first indication information, that two pieces of uplink user plane data need to be sent through the first PDU session, and user plane security end points of the two pieces of uplink user plane data are respectively at the primary base station and the secondary base station. The first indication information is used for indicating that the first PDU session is a URLLC PDU session. The first indication information may be carried in the RRC connection reconfiguration request, and the secondary base station informs the user terminal through the RRC connection reconfiguration request that the first PDU session is a URLLC PDU session, so that the user terminal performs security protection on the uplink user plane data in response to the situation that the user plane security termination point is in the primary base station and the secondary base station.
In a possible implementation manner, when the user terminal requests to establish the first PDU session, it may be determined that two pieces of uplink user plane data need to be sent through the first PDU session and user plane security end points of the two pieces of uplink user plane data are respectively at the primary base station and the secondary base station according to that the first PDU session is the URLLC PDU session. When the user terminal is ready to establish the URLLC PDU session, it can request to establish the first PDU session in the URLLC scenario. The user terminal can determine the first PDU session as URLLC PDU session when establishing the first PDU session, so that the user terminal can respectively determine functional entities for performing security protection aiming at two user plane security end points in advance.
In a possible implementation manner, if the user terminal has activated the second user plane security protection method, it indicates that the user terminal has determined a second functional entity for performing security protection on uplink user plane data that needs to be sent through the primary base station according to the second user plane security protection method, and when the user terminal receives the first user plane security protection method from the primary base station or the secondary base station, the first functional entity is configured for the first PDU session, and the first functional entity is configured for performing security protection on the uplink user plane data that needs to be sent through the secondary base station according to the first user plane security protection method, so as to obtain the first uplink user plane data. Since the user terminal has activated the second user plane security protection method, the second functional entity has already determined that the user terminal is just configuring the first functional entity for the first PDU session. For example, the second functional entity is a PDCP entity 2, then the user terminal configures a PDCP entity 1 for the first PDU session as the first functional entity, or the user terminal configures two lower layer functional entities under the PDCP entity 2, where one lower layer functional entity serves as the first functional entity and the other lower layer functional entity serves as the second functional entity.
In a possible implementation manner, a user terminal first receives a second user plane security protection method from a main base station, and allocates a second functional entity to a first PDU session, where the second functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the main base station in two pieces of uplink user plane data according to the second user plane security protection method, to obtain second uplink user plane data; and then, when receiving a first user plane security protection method from the main base station or the auxiliary base station, the user terminal configures a first functional entity for the first PDU session, wherein the first functional entity is used for performing security protection on uplink user plane data needing to be sent by the auxiliary base station in the two pieces of uplink user plane data according to the first user plane security protection method to obtain the first uplink user plane data. The method is suitable for a scene that the second user plane safety protection method is activated firstly and then the first user plane safety protection method is activated.
In a possible implementation manner, when receiving the second user plane security protection method and the first user plane security protection method from the master base station, the user terminal configures the second functional entity and the first functional entity for the first PDU session. The main base station simultaneously carries the first user plane safety protection method and the second user plane safety protection method in one message, and the user terminal can simultaneously determine the first functional entity and the second functional entity so as to support the condition that two user plane safety end points are respectively arranged on the main base station and the auxiliary base station.
In one possible implementation manner, the first functional entity and the second functional entity may be different upper layer functional entities, for example, different PDCP entities, where the first functional entity is a PDCP entity 1, and the second functional entity is a PDCP entity 2. The first functional entity and the second functional entity may also be different lower layer functional entities of the same upper layer functional entity, for example, two different lower layer entities of the same PDCP entity. Through two different PDCP entities or two different lower layers of the PDCP entities, the user terminal can support two user plane safety termination points, so that the user plane safety between the user terminal and the auxiliary base station and between the user terminal and the main base station under the scene that the user terminal sends two data to the network element of the core network is ensured, and the confidentiality and the integrity of the user plane data transmission under the scene are ensured.
In a possible implementation manner, the user terminal sends the first uplink user plane data to the user plane network element through the auxiliary base station, and sends the second uplink user plane data to the user plane network element through the main base station, that is, the user terminal sends two uplink user plane data to the same user plane network element, so as to avoid data loss.
In a possible implementation manner, the user terminal sends the first uplink user plane data to the first user plane network element through the auxiliary base station, and sends the second uplink user plane data to the second user plane network element through the main base station, that is, the user terminal sends one copy of uplink user plane data to different user plane network elements, so that the safety termination point is on two user plane network elements, and the processing burden of one user plane network element can be reduced.
A second aspect of an embodiment of the present application provides a user terminal, where the user terminal has a function of implementing the method provided in the first aspect. The functions can be realized by hardware, and the functions can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the above-described functions.
In one possible implementation, the user terminal includes: a processing unit and a transceiver unit; the processing unit is used for determining that two pieces of uplink user plane data need to be sent through a first PDU session, and user plane safety end points of the two pieces of uplink user plane data are respectively located in the main base station and the auxiliary base station; according to a first user plane safety protection method between a user terminal and an auxiliary base station, carrying out safety protection on uplink user plane data needing to be sent by the auxiliary base station in the two uplink user plane data to obtain first uplink user plane data; the first user plane safety protection method is used for indicating whether user plane encryption protection aiming at a first PDU session between a user terminal and a secondary base station is started and/or whether user plane integrity protection is started; according to a second user plane safety protection method between the user terminal and the main base station, safety protection is carried out on the uplink user plane data which needs to be sent by the main base station in the two uplink user plane data, and second uplink user plane data are obtained; the second user plane safety protection method is used for indicating whether the user plane encryption protection aiming at the first PDU conversation between the user terminal and the main base station is started and/or whether the user plane integrity protection is started; and the transceiving unit is used for sending the first uplink user plane data to the auxiliary base station and sending the second uplink user plane data to the main base station.
In one possible implementation, the user terminal includes: a processor, a transceiver, and a memory, wherein the memory stores a computer program comprising program instructions, the processor configured to invoke the program code to perform the operations of: determining that two pieces of uplink user plane data need to be sent through a first PDU session, and user plane security end points of the two pieces of uplink user plane data are respectively located in a main base station and a secondary base station; according to a first user plane safety protection method between a user terminal and an auxiliary base station, carrying out safety protection on uplink user plane data needing to be sent by the auxiliary base station in the two uplink user plane data to obtain first uplink user plane data; the first user plane safety protection method is used for indicating whether user plane encryption protection aiming at a first PDU session between a user terminal and a secondary base station is started and/or whether user plane integrity protection is started; according to a second user plane safety protection method between the user terminal and the main base station, safety protection is carried out on the uplink user plane data which needs to be sent by the main base station in the two uplink user plane data, and second uplink user plane data are obtained; the second user plane safety protection method is used for indicating whether the user plane encryption protection aiming at the first PDU conversation between the user terminal and the main base station is started and/or whether the user plane integrity protection is started; the control transceiver transmits first uplink user plane data to the secondary base station and transmits second uplink user plane data to the primary base station.
Based on the same inventive concept, as the principle and the beneficial effects of the ue to solve the problem can refer to the method and the beneficial effects brought by the method in the first aspect, the implementation of the apparatus can refer to the implementation of the method, and repeated details are not repeated.
A third aspect of embodiments of the present application provides a computer-readable storage medium, in which a computer program is stored, the computer program comprising program instructions that, when executed on a computer, cause the computer to perform the method according to the first aspect.
A fourth aspect of the embodiments of the present application provides a computer program product containing instructions, which when run on a computer, causes the computer to perform the method according to the first aspect.
A fifth aspect of the embodiments of the present application provides a communication method, including:
the method comprises the steps that a main base station receives a first user plane safety protection method from an auxiliary base station, wherein the first user plane safety protection method is used for indicating whether user plane encryption protection aiming at a first PDU session between a user terminal and the auxiliary base station is started and/or whether user plane integrity protection is started;
and the main base station sends the first user plane security protection method to the user terminal.
In the fifth aspect of the embodiment of the present application, after determining the first user plane security protection method, the secondary base station sends the first user plane security protection method to the primary base station, and the primary base station sends the first user plane security protection method to the user terminal, so that the user terminal performs security protection on uplink user plane data that needs to be sent by the secondary base station according to the first user plane security protection method to obtain first uplink user plane data, and sends the first uplink user plane data to the secondary base station, so that the user terminal performs security protection on the two uplink user plane data respectively under the condition that the two uplink user plane data need to be sent, thereby ensuring user plane security between the user terminal and the primary base station and between the user terminal and the secondary base station.
In a possible implementation manner, the primary base station sends first indication information to the user terminal, where the first indication information is used to indicate that the first PDU session is a URLLC PDU session, so that the user terminal determines that two pieces of uplink user plane data need to be sent through the first PDU session, and user plane security end points of the two pieces of uplink user plane data are respectively at the primary base station and the secondary base station.
The main base station can send the first indication information and the first user plane security protection method together, so that the user terminal can simultaneously know that the first PDU session is a URLLC PDU session and the first user plane security protection method; or first indication information may be sent first, then the first user plane security protection method is sent, the user terminal determines that the first PDU session is the URLLC session first, and then when receiving the first user plane security protection method, the uplink user plane data that needs to be sent through the secondary base station is secured according to the first user plane security protection method.
In a possible implementation manner, before the primary base station receives the first user plane security protection method from the secondary base station, the primary base station obtains a first user plane security policy corresponding to the first PDU session, and then sends second indication information, the first user plane security policy, and a PDU session identifier of the first PDU session to the secondary base station, where the second indication information is used to indicate that the first PDU session is a URLLC PDU session, so that the secondary base station knows that the first PDU session is a URLLC PDU session, and the secondary base station determines the first user plane security protection method according to the first user plane security policy. This approach is applicable in scenarios where the primary base station has activated the second user plane security protection method.
In a possible implementation manner, before receiving a first user plane security protection method from a secondary base station, a primary base station receives a first user plane security policy corresponding to a first PDU session from a session management network element; the main base station determines a second user plane security protection method according to the first user plane security strategy under the condition that the first PDU session is determined to be URLLC PDU session, and the second user plane security protection method is used for indicating whether user plane encryption protection aiming at the first PDU session is started and/or whether user plane integrity protection is started between the user terminal and the main base station; and sending second indication information and the first user plane security policy to the secondary base station, wherein the second indication information is used for indicating that the first PDU session is a URLLC PDU session. The method is suitable for a scene that the main base station activates the second user plane safety protection method in the PDU session establishment process.
In one possible implementation manner, the main base station sends the second user plane security protection method to the user terminal, so that the user terminal activates the second user plane security protection method. The second user plane security protection method may be sent simultaneously with the first user plane security protection method, and at this time, the user terminal may activate the first user plane security protection method and the second user plane security protection method simultaneously; or the second user plane security protection method may be sent first, and then the first user plane security protection method may be sent, so that the user terminal activates the second user plane security protection method first, and then activates the first user plane security protection method.
In a possible implementation manner, before receiving a first user plane security protection method from a secondary base station, a primary base station receives a second user plane security policy corresponding to a first PDU session from a session management network element, where the second user plane security policy is a user plane security policy in a URLLC scene determined by the session management network element; the main base station determines a second user plane security protection method according to a second user plane security policy, wherein the second user plane security protection method is used for indicating whether user plane encryption protection and/or user plane integrity protection of the first PDU session between the user terminal and the main base station are/is started; sending second indication information to the secondary base station, wherein the second indication information is used for indicating that the first PDU session is a URLLC PDU session; and sending the second user plane security protection method to the user terminal. The second user plane security policy is a user plane security policy for the URLL PDU session generated by the session management network element, so that the user plane security protection method generated by the secondary base station or the primary base station according to the first user plane security policy better meets the requirements of the URLLC scene.
In a possible implementation manner, the main base station receives second uplink user plane data from the user terminal; performing safety relief on the second uplink user plane data according to a second user plane safety protection method; and sending the second uplink user plane data with the safety protection removed to the user plane network element. And the main base station sends one of the two uplink user plane data which needs to be sent by the user terminal to the user plane network element.
A sixth aspect of embodiments of the present application provides a master base station having a function of implementing the method provided in the fifth aspect. The functions can be realized by hardware, and the functions can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the above-described functions.
In one possible implementation, the master base station includes: a transceiver unit, configured to receive a first user plane security protection method from a secondary base station, where the first user plane security protection method is used to indicate whether user plane ciphering protection for a first PDU session between a user terminal and the secondary base station is started and/or whether user plane integrity protection is started; and sending the first user plane security protection method to the user terminal.
In one possible implementation, the master base station includes: a processor, a transceiver, and a memory, wherein the memory stores a computer program comprising program instructions, the processor configured to invoke the program code to perform the operations of: the control transceiver receives a first user plane security protection method from the auxiliary base station, wherein the first user plane security protection method is used for indicating whether user plane encryption protection aiming at a first PDU session between the user terminal and the auxiliary base station is started and/or whether user plane integrity protection is started; the transceiver is controlled to send a first user plane security protection method to the user terminal.
Based on the same inventive concept, as the principle and the beneficial effects of the main base station for solving the problems can be referred to the method and the beneficial effects thereof in the fifth aspect, the implementation of the apparatus can be referred to the implementation of the method, and repeated details are not repeated.
A seventh aspect of embodiments of the present application provides a computer-readable storage medium, in which a computer program is stored, the computer program comprising program instructions that, when executed on a computer, cause the computer to perform the method of the fifth aspect.
An eighth aspect of the embodiments of the present application provides a computer program product containing instructions, which when run on a computer, causes the computer to perform the method according to the fifth aspect.
A ninth aspect of the present application provides a communication method, including:
the method comprises the steps that a secondary base station determines a first user plane safety protection method under the condition that a first PDU session is determined to be a URLLC PDU session, wherein the first user plane safety protection method is used for indicating whether user plane encryption protection and/or user plane integrity protection for the first PDU session between the secondary base station and a user terminal are/is started or not;
and the auxiliary base station sends the first user plane safety protection method to the main base station.
In the ninth aspect of the embodiment of the present application, when determining that the first PDU session is a URLLC PDU session, the secondary base station determines the first user plane security protection method, so that the secondary base station activates the first user plane security protection method, and the secondary base station sends the first user plane security protection method to the primary base station, so that the primary base station sends the first user plane security protection method to the user terminal, so that the user terminal activates the first user plane security protection method.
In one possible implementation, the secondary base station determines a first user plane security protection method according to a first user plane security policy corresponding to the first PDU session received from the primary base station.
In a possible implementation manner, the secondary base station determines a first user plane security protection method according to a second user plane security policy corresponding to the first PDU session received from the session management network element, where the second user plane security policy is a user plane security policy in a URLLC scene determined by the session management network element, so that the first user plane security protection method determined by the secondary base station better conforms to the scene requirement of the URLLC.
In a possible implementation manner, the secondary base station receives second indication information from the primary base station, where the second indication information is used to indicate that the first PDU session is a URLLC PDU session, so that the secondary base station knows that the first PDU session is a URLLC PDU session.
In a possible implementation manner, under the condition that a signaling plane path exists between the secondary base station and the user terminal, the secondary base station directly sends the first user plane security protection method to the user terminal, and the primary base station is not required to forward, so that signaling can be saved.
In one possible implementation, the secondary base station receives a root key from the primary base station, and generates a first user plane security key between the secondary base station and the user terminal according to the root key. In this way, the master base station can know the root key, and the master base station can know the user plane security key used by the secondary base station.
In one possible implementation manner, the secondary base station receives a root key from the session management network element, and generates a first user plane security key between the secondary base station and the user terminal according to the root key. In this way, the main base station cannot acquire the root key and also cannot acquire the user plane security key used by the auxiliary base station, so that the user plane security key is isolated between the main base station and the auxiliary base station.
In one possible implementation, the secondary base station receives first uplink user plane data from the user terminal; performing safety relief on the first uplink user plane data according to a first user plane safety protection method; and sending the first uplink user plane data with the safety protection to a user plane network element. And the auxiliary base station sends one of the two uplink user plane data which needs to be sent by the user terminal to the user plane network element.
A tenth aspect of the embodiments of the present application provides a secondary base station having a function of implementing the method provided in the ninth aspect. The functions can be realized by hardware, and the functions can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the above-described functions.
In one possible implementation, the secondary base station includes: a processing unit and a transceiver unit; the processing unit is used for determining a first user plane security protection method under the condition that the first PDU session is determined to be the URLLC PDU session, wherein the first user plane security protection method is used for indicating whether the user plane encryption protection and/or the user plane integrity protection for the first PDU session between the auxiliary base station and the user terminal are/is started; and the transceiving unit is used for sending the first user plane security protection method to the main base station.
In one possible implementation, the secondary base station includes: a processor, a transceiver, and a memory, wherein the memory stores a computer program comprising program instructions, the processor configured to invoke the program code to perform the operations of: determining a first user plane security protection method under the condition that the first PDU session is determined to be URLLC PDU session, wherein the first user plane security protection method is used for indicating whether the user plane encryption protection and/or the user plane integrity protection for the first PDU session between the auxiliary base station and the user terminal are/is started; and controlling the transceiver to send the first user plane security protection method to the main base station.
Based on the same inventive concept, as the principle and the beneficial effects of the secondary base station for solving the problems can refer to the method and the beneficial effects brought by the method described in the ninth aspect, the implementation of the device can refer to the implementation of the method, and repeated details are not repeated.
An eleventh aspect of embodiments of the present application provides a computer-readable storage medium, in which a computer program is stored, the computer program comprising program instructions that, when run on a computer, cause the computer to perform the method of the ninth aspect.
A twelfth aspect of embodiments of the present application provides a computer program product comprising instructions that, when run on a computer, cause the computer to perform the method of the ninth aspect described above.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments or the background art of the present application, the drawings required to be used in the embodiments or the background art of the present application will be described below.
Fig. 1 is a schematic diagram of a network architecture in a URLLC scenario;
FIG. 2 is a schematic diagram of a network architecture in a dual connectivity scenario;
FIG. 3 is a schematic diagram of a network architecture to which embodiments of the present application are applied;
fig. 4 is a flowchart illustrating a communication method according to an embodiment of the present application;
fig. 5 is a flowchart illustrating a communication method according to a second embodiment of the present application;
fig. 6 is a schematic flowchart of a communication method according to a third embodiment of the present application;
fig. 7 is a flowchart illustrating a communication method according to a fourth embodiment of the present application;
fig. 8 is a schematic flowchart of a communication method according to a fifth embodiment of the present application;
fig. 9 is a schematic logical structure diagram of a communication apparatus according to an embodiment of the present application;
fig. 10 is a simplified block diagram of a communication device according to an embodiment of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application. Where in the description of the present application, "/" indicates a relationship where the objects associated before and after are an "or", unless otherwise stated, for example, a/B may indicate a or B; in the present application, "and/or" is only an association relationship describing an associated object, and means that there may be three relationships, for example, a and/or B, and may mean: a exists alone, A and B exist simultaneously, and B exists alone, wherein A and B can be singular or plural. Also, in the description of the present application, "a plurality" means two or more than two unless otherwise specified. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of the singular or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, a-b, a-c, b-c, or a-b-c, wherein a, b, c may be single or multiple. In addition, in order to facilitate clear description of technical solutions of the embodiments of the present application, in the embodiments of the present application, terms such as "first" and "second" are used to distinguish the same items or similar items having substantially the same functions and actions. Those skilled in the art will appreciate that the terms "first," "second," etc. do not denote any order or quantity, nor do the terms "first," "second," etc. denote any order or importance.
In addition, the network architecture and the service scenario described in the embodiment of the present application are for more clearly illustrating the technical solution of the embodiment of the present application, and do not constitute a limitation to the technical solution provided in the embodiment of the present application, and it can be known by a person skilled in the art that the technical solution provided in the embodiment of the present application is also applicable to similar technical problems along with the evolution of the network architecture and the appearance of a new service scenario.
Reference will now be made in detail to the names or terms to which the embodiments of the present application relate:
a master base station (MN) refers to a base station initiating dual connectivity as a master base station in a dual connectivity scenario, and may also be referred to as a master network Node, a first base station, or a first network Node.
In a dual connectivity scenario, a secondary base Station (SN) refers to another base station selected by a primary base station to cooperatively serve a ue as a secondary base station, which may also be referred to as a secondary base station, a secondary network Node, a second base station, or a second network Node.
And the user plane security policy comprises user plane encryption protection indication information and user plane integrity protection indication information. The user plane encryption protection indication information is used for indicating three possible values, which are not needed, predicted and required respectively, and the user plane integrity protection indication information is used for indicating three possible values, which are not needed, predicted and required respectively. Wherein not needed indicates that activation is not needed, preferred indicates that activation may or may not be performed, and required indicates that activation is necessary. The three possible values may be indicated with 2 bits (bit), e.g. 00 indicating no activation is required, 01 indicating activation is possible or not, and 11 indicating activation is necessary. The user plane encryption protection indication information and the user plane integrity protection indication information specifically indicate three possible values in what manner, which is not limited in the embodiment of the present application.
User plane encryption protection is to protect the confidentiality of data in transmission (which may also be referred to as user plane confidentiality protection), and the confidentiality means that the real content cannot be directly seen. User plane integrity protection, i.e. protecting the integrity of data during user plane transmission, integrity means that the data is original and has not been tampered.
The user plane security protection method refers to whether user plane encryption protection on a user terminal side, a main base station side or an auxiliary base station side is started and/or whether user plane integrity protection is started. For example, the secondary base station may determine the user plane security protection method of the secondary base station by combining the user plane security policy and the user plane security protection method configured by the secondary base station, and assume that the user plane security protection method configured by the secondary base station is user plane encryption protection on start + user plane integrity protection off start. If the user plane encryption protection indication information included in the user plane security strategy is required, user plane encryption protection is started, and the auxiliary base station determines that the user plane security protection method is started and does not start user plane integrity protection; if the user plane encryption protection indication information included in the user plane security strategy is 'not required', the user plane encryption protection is not started, and the auxiliary base station determines that the user plane security protection method is not started and does not start the user plane encryption protection plus the user plane integrity protection; if the user plane encryption protection indication information included in the user plane security policy is "preferred", the secondary base station determines whether to start user plane encryption protection according to some conditions, for example, the user plane encryption protection may be started under the condition that the secondary base station resources are sufficient.
In the embodiment of the present application, a user plane security protection method for a first Packet Data Unit (PDU) session between a user terminal and a secondary base station is referred to as a first user plane security protection method, and is used to indicate a first user plane security protection for a first PDU session between the user terminal and the secondary base station; the user plane security protection method for the first PDU session between the user terminal and the main base station is called a second user plane security protection method, and is used for indicating the second user plane security protection for the first PDU session between the user terminal and the main base station. User plane security protection refers to whether user plane encryption protection is started and/or whether user plane integrity protection is started.
The security algorithm may include a user plane security algorithm (i.e., a security algorithm used by the user plane) and a signaling plane security algorithm (i.e., a security algorithm used by the signaling plane). The security algorithm used by the user plane is used for protecting the user plane data, and may include a user plane encryption algorithm and a user plane integrity algorithm. The security algorithm used by the signaling plane is used for protecting signaling, and can comprise a signaling plane encryption algorithm and a signaling plane integrity algorithm. The security algorithm used by the user plane may or may not be the same as the security algorithm used by the signaling plane. The same concrete meaning is that if the user plane integrity protection is started, the integrity algorithm used by the user plane is the same as the integrity algorithm used by the signaling plane; if the user plane encryption protection is opened, the encryption algorithm used by the user plane is the same as the encryption algorithm used by the signaling plane. The security algorithm used by the signaling plane is different from that used by the user plane, i.e., different, for example, the encryption algorithm used by the user plane is encryption algorithm a, the encryption algorithm used by the signaling plane is encryption algorithm B, but the integrity algorithm C is used by both the user plane and the signaling plane, and at this time, the security algorithm used by the user plane is different from the security algorithm used by the signaling plane.
In the embodiment of the present application, a security algorithm used between the user terminal and the secondary base station is referred to as a first security algorithm, and a security algorithm used between the user terminal and the primary base station is referred to as a second security algorithm.
The security key may include a user plane security key and a signaling plane security key. The user plane security key is used to protect user plane data, and may include a user plane encryption key and a user plane integrity protection key. The signaling plane security key is used for protecting signaling, and may be, for example, a key for protecting Radio Resource Control (RRC) signaling, and the key for protecting RRC signaling may include an integrity protection key and a ciphering key for protecting RRC signaling.
In the embodiment of the present application, a user plane security key between a user terminal and a secondary base station is referred to as a first user plane security key, and a user plane security key between the user terminal and a primary base station is referred to as a second user plane security key.
And safety protection, for a node executing a safety function, a user plane/signaling plane safety algorithm and a key for protecting user plane/signaling plane data are used together for protecting the user plane data. Specifically, encryption protection is carried out on user plane/signaling plane data by using an encryption key and an encryption algorithm; and integrity protection is carried out on the data of the user plane/the signaling plane by using an integrity protection key and an integrity protection algorithm. The embodiment of the application does not limit the sequential relationship of encryption protection and integrity protection, namely, the data of the user plane/signaling plane can be encrypted and protected first, and then the integrity protection is carried out; or the integrity protection can be performed on the user plane/signaling plane first, and then the encryption protection can be performed on the user plane/signaling plane data. Of course, the user plane and the signaling plane may not use the same execution order.
And (4) performing security protection, wherein for a node executing a security function, a user plane/signaling plane security algorithm and a key for protecting user plane/signaling plane data are used together for obtaining original user plane data. Specifically, the encrypted user plane/signaling plane data is decrypted using an encryption key and an encryption algorithm; and carrying out integrity protection verification on the user plane data by using an integrity protection key and an integrity protection algorithm. The embodiment of the invention does not limit the sequence of decryption and verification integrity protection. However, it should be understood that if the user plane/signaling plane data is encrypted for protection first and then integrity protected, the user plane/signaling plane data is decrypted after integrity protection is performed on the user plane/signaling plane data; if the user plane/signaling plane data is integrity protected first and then encrypted, the sequence of the security protection is to decrypt the encrypted data first and then perform integrity protection verification.
Activating the user plane/signaling plane security protection means activating the user plane/signaling plane security protection by using a user plane/signaling plane security algorithm and a user plane/signaling plane security key under the condition that the user plane/signaling plane security protection is determined, that is, the user plane/signaling plane security protection, the user plane/signaling plane security algorithm and the user plane/signaling plane security key can be used to perform security protection on user plane data/signaling to be transmitted. For example, the determined user plane security protection method is to start user plane encryption protection + not start user plane integrity protection, the user plane encryption algorithm is encryption algorithm a, and the user plane encryption key is key K, and then for the user plane data to be transmitted, the user plane data is subjected to user plane encryption protection by using the encryption algorithm a and the key K. The effect that the user plane security protection method is activated can be that a node which activates and executes the user plane security protection method can start to perform security protection on user plane data and start to perform security relief protection on the user plane data. It is to be understood that the two actions of security protection and unsecure protection may be further separately activated. For example, after the base station sends the security activation message, the base station activates the security protection; and after the base station receives the security activation confirmation message, the base station activates security protection.
The functional entity refers to an entity that performs security protection and de-security protection on user plane data, and in the embodiment of the present application, the functional entity is described by taking a Packet Data Convergence Protocol (PDCP) entity as an example, and with the development of a future network, the functional entity having the function of performing security protection and de-security protection should fall into the protection scope of the embodiment of the present application. The PDCP entity is located in a PDCP layer, and a main purpose of the PDCP layer is to transmit or receive packet data of a peer PDCP entity.
Fig. 2 is a schematic diagram of a network architecture in a dual connectivity scenario, where the network architecture includes a primary base station, a secondary base station, and a user terminal. The solid black lines in fig. 2 represent signaling plane paths and the dashed black lines represent user plane paths.
Generally, there is signaling plane interaction between the user terminal and the primary base station, and there is no signaling plane interaction with the secondary base station. The network architecture shown in fig. 2 does not exclude that, with the evolution of standardization, there is signaling plane message transmission between the user terminal and the secondary base station, that is, it does not exclude that the signaling plane message between the user terminal and the secondary base station in the future has security related procedures such as security negotiation and security activation, which can only be performed by the main base station in the prior art.
User interface interaction exists between the user terminal and the main base station and between the user terminal and the auxiliary base station, and user interface data can be sent to the main base station and the auxiliary base station simultaneously. However, in the current dual connectivity scenario, the user plane security endpoint is at the primary or secondary base station.
If the user plane security termination point is at the main base station, when receiving the downlink user plane data, the main base station firstly performs security protection on the downlink user plane data, then transmits a part of the downlink user plane data after security protection to the user terminal through the auxiliary base station, and directly transmits the other part of the downlink user plane data after security protection to the user terminal. For the uplink user plane data of the user terminal, after the user terminal performs security protection on the uplink user plane data, one part of the uplink user plane data after security protection is directly transmitted to the main base station, and the other part of the uplink user plane data after security protection is transmitted to the main base station through the auxiliary base station. And after receiving all the uplink user plane data, the main base station performs the safety relief on the uplink user plane data, and then transmits the uplink user plane data subjected to the safety relief to other network element equipment for processing the user plane data.
If the user plane security endpoint is at the secondary base station, the secondary base station firstly performs security protection on the downlink user plane data when receiving the downlink user plane data, then transmits a part of the downlink user plane data after security protection to the user terminal through the main base station, and directly transmits the other part of the downlink user plane data after security protection to the user terminal. For the uplink user plane data of the user terminal, after the user terminal performs security protection on the uplink user plane data, one part of the uplink user plane data after security protection is directly transmitted to the auxiliary base station, and the other part of the uplink user plane data after security protection is transmitted to the auxiliary base station through the main base station. And after receiving all the uplink user plane data, the auxiliary base station performs security relief on the uplink user plane data, and then transmits the uplink user plane data subjected to security relief to other network element equipment for processing the user plane data.
The user plane security termination point is at the main base station or the auxiliary base station, and the user terminal only performs security protection on user plane data transmitted to the peer PDCP entity or performs security relief protection on the user plane data from the peer PDCP entity on one PDCP entity, wherein the peer PDCP entity is the PDCP entity on the main base station or the auxiliary base station. However, in a scenario where the UE transmits two pieces of data to the core network element through the primary base station and the secondary base station respectively and requires the user plane security end point to be in the primary base station and the secondary base station, for example, in a URLLC scenario, the UE transmits one piece of data to the core network element through the primary base station and transmits the same other piece of data to the core network element through the secondary base station. In view of this, the embodiments of the present application provide a communication method and apparatus, which are applied to a scenario where a UE transmits two pieces of data to a core network element through a primary base station and a secondary base station respectively and requires a user plane security endpoint to be in the primary base station and the secondary base station, so that user plane security between a user terminal and the secondary base station and between the user terminal and the primary base station in the scenario can be ensured, and confidentiality and integrity of user plane data transmission in the scenario are ensured.
The UE transmits two pieces of data to a core network element, specifically, the UE transmits two pieces of data to a user plane network element in the core network, may transmit two pieces of data to the same user plane network element through a main base station and an auxiliary base station, or may transmit one piece of data to two different user plane network elements through the main base station and the auxiliary base station (that is, the UE transmits one piece of data to one user plane network element through the main base station and transmits the other piece of data to the other user plane network element through the auxiliary base station).
In the embodiment of the present application, a scenario in which the UE transmits two pieces of data to the core network element is described by taking a URLLC scenario as an example, and a scenario in which other UEs transmit two pieces of data to the core network element is similar to the URLLC scenario. The two data transmitted by the UE to the core network element may be the same, different, or partially the same, which is not limited in this embodiment of the present application.
Please refer to fig. 3, which is a schematic diagram of a network architecture to which an embodiment of the present application is applied, where the network architecture includes a main base station, an auxiliary base station, a user terminal, an access management network element, a session management network element, and a user plane network element. In fig. 3, the solid black line represents a signaling plane path, and the dashed black line represents a user plane path, and in a special case or along with the evolution of the standardization, a signaling plane path may exist between the user equipment and the secondary base station, and a signaling plane path may exist between the secondary base station and the access management network element, as shown by the solid gray line in fig. 3.
Wherein the main base station and the auxiliaryThe base station may be an evolved Node base station (eNB or eNodeB) in a Long Term Evolution (LTE) system, an upgraded eNB, i.e., a next generation evolved Node base station (next-eNB), a fifth generation mobile communication (5)th-generation, 5G) system, and may also be an access network device in a future communication system. The main base station is a base station initiating double connection, and the auxiliary base station is another base station selected by the main base station and cooperatively serving the user terminal.
In fig. 3, since the embodiment of the present application is applied to the URLLC scenario, the user plane security end point is at the main base station and the secondary base station at the same time, so that a user plane path exists between both the main base station and the secondary base station and the user plane network element, the main base station may perform user plane data transmission with the user plane network element, and the secondary base station may also perform user plane data transmission with the user plane network element. Since the main base station and the secondary base station can directly transmit the user plane data with the user plane network element, no user plane path exists between the main base station and the secondary base station, but the user plane path exists between the main base station and the secondary base station under the condition that the main base station forwards the user plane data between the user terminal and the secondary base station or the secondary base station forwards the user plane data between the user terminal and the main base station.
The user terminal according to the embodiments of the present application may include various handheld devices, vehicle-mounted devices, wearable devices, computing devices, or other processing devices connected to a wireless modem, which have wireless communication functions; it may also include a UE, a subscriber unit (MS), a cellular phone (cellular phone), a smart phone (smart phone), a wireless data card, a Personal Digital Assistant (PDA) computer, a tablet computer, a wireless modem (modem), a handheld device (hand held), a laptop computer (laptop computer), a cordless phone (cordless phone) or a Wireless Local Loop (WLL) station, a Machine Type Communication (MTC) terminal, a UE, a Mobile Station (MS), a terminal device (terminal device) or a relay user equipment, etc. The relay user equipment may be, for example, a 5G home gateway (RG). For convenience of description, in the embodiments of the present application, the above-mentioned devices are collectively referred to as a user terminal. In this embodiment, the user equipment may configure two PDCP entities, one being a location for executing the first user plane security protection method, and the other being a location for executing the second user plane security protection method; or the user terminal creates two PDCP lower layers for the PDCP entity executing the user plane security protection method, wherein one PDCP lower layer is the position for executing the first user plane security protection method, and the other PDCP lower layer is the position for executing the second user plane security protection method.
The access management network element in fig. 3 is responsible for mobility management, and may be an access and mobility management function (AMF) in a 5G core network, or may be a network element responsible for mobility management in a future core network.
The session management network element in fig. 3 is used to allocate session resources to the user plane, and may be a Session Management Function (SMF) in a 5G core network, or may be a network element that allocates session resources to the user plane in a future core network.
The user plane network element in fig. 3 is used to transmit user plane data, and may be a User Plane Function (UPF) in a 5G core network, or may be a network element having the same function as the UPF in a future core network.
In the embodiment of the application, the user terminal determines the functional entities respectively executing the user plane security protection method on the uplink user plane data under the condition that the user terminal determines that two pieces of uplink user plane data need to be sent aiming at the first PDU session. For example, a first piece of uplink user plane data is sent through the secondary base station, and a first functional entity needs to be used to execute a first user plane security protection method, so as to obtain the first uplink user plane data after security protection; and the second uplink user plane data is sent through the main base station, and a second functional entity is required to execute a second user plane security protection method to obtain the second uplink user plane data after security protection. And then the user terminal sends the first uplink user plane data after the safety protection to the auxiliary base station and sends the second uplink user plane data after the safety protection to the main base station. In the following, without special description, the first uplink user plane data refers to the first uplink user plane data after security protection, and the second uplink user plane data refers to the second uplink user plane data after security protection.
The first user plane security protection method can be sent to the user terminal through the main base station and can also be sent to the user terminal through the auxiliary base station; the second user plane security protection may be sent to the user terminal via the master base station. The main base station can simultaneously send the first user surface safety protection method and the second user surface safety protection method to the user terminal, or can first send the second user surface safety protection method to the user terminal, and after the user terminal activates the second user surface safety protection method, the first user surface safety protection method is sent to the user terminal.
And when receiving the first uplink user plane data, the auxiliary base station performs security relief on the first uplink user plane data according to the first user plane security protection method, and transmits the uplink user plane data subjected to security relief to the user plane network element. When receiving downlink user plane data from a user plane network element, an auxiliary base station carries out safety protection on the downlink user plane data according to a first user plane safety protection method and sends the downlink user plane data after safety protection to a user terminal, and when receiving the downlink user plane data from the auxiliary base station, the user terminal carries out safety protection relief on the downlink user plane data according to the first user plane safety protection method at a first functional entity.
And when receiving the second uplink user plane data, the main base station performs safety relief protection on the uplink user plane data according to a second user plane safety protection method, and transmits the uplink user plane data subjected to safety relief protection to a user plane network element. When the main base station receives the downlink user plane data from the user plane network element, the main base station carries out safety protection on the downlink user plane data according to a second user plane safety protection method, the downlink user plane data after safety protection is sent to the user terminal, and when the user terminal receives the downlink user plane data from the main base station, the user terminal carries out safety relief protection on the downlink user plane data according to the second user plane safety protection method at the second functional entity.
After performing the security relief, the auxiliary base station and the main base station may send the uplink user plane data subjected to the security relief to the same user plane network element, or may send the uplink user plane data subjected to the security relief to different user plane network elements, for example, the auxiliary base station sends the uplink user plane data subjected to the security relief to the user plane network element 1, and the main base station sends the uplink user plane data subjected to the security relief to the user plane network element 2.
The first functional entity and the second functional entity may be two different upper layer functional entities, for example, two different PDCP entities, or different lower layer functional entities of the same upper layer functional entity, for example, two different lower layer entities of the same PDCP entity. Through two different PDCP entities or two different lower-layer entities of the same PDCP entity, the user terminal can support two user plane safety termination points, so that the user plane safety between the user terminal and the auxiliary base station and between the user terminal and the main base station in a scene that the UE sends two data to a core network element is ensured, and the confidentiality and the integrity of user plane data transmission in the scene are ensured.
The following will specifically explain the communication method provided in the embodiment of the present application.
It should be noted that, in the following embodiments of the present application, names of messages between network elements or names of parameters in messages are only an example, and other names may also be used in a specific implementation, which is not specifically limited in this embodiment of the present application.
Taking the network architecture shown in fig. 3 as an example in the embodiment of the present application, as shown in fig. 4, a flowchart of a communication method provided in the embodiment of the present application is shown, in which a UE is taken as an example for a user equipment, an AMF is taken as an example for an access management network element, an SMF is taken as an example for a session management network element, and a UPF is taken as an example for a user plane network element. The method may include, but is not limited to, the steps of:
step S401, MN obtains the first user plane security policy.
In one possible implementation, the MN may obtain a first user-plane security policy from the SMF. The MN may obtain a first user plane security policy from the SMF during a Packet Data Unit (PDU) session (session) setup or modification. The MN may also obtain the first user plane security policy from the SMF after the PDU session establishment or modification is complete.
The process of establishing the PDU session may include: UE sends PDU conversation to SMF through MN and sets up the request, PDU conversation sets up the request and transmits through AMF, AMF sends the PDU conversation to set up the request the relevant content of conversation in the request to SMF when receiving the PDU conversation sets up the request; when receiving content related to a session establishment request, the SMF may obtain subscription information related to the session from a Unified Data Management (UDM), the SMF may obtain a first user plane security policy from the subscription information related to the session, or the SMF obtains the first user plane security policy from local configuration information of the SMF, and the optional SMF further allocates a PDU session Identifier (ID) to the PDU session requested to be established, or the SMF obtains a PDU session identifier from the PDU session establishment request; SMF sends PDU conversation establishing completing information to MN through AMF, the PDU conversation establishing completing information includes first user surface safety strategy and PDU conversation mark of the PDU conversation; then the MN sends a PDU session establishment completion message to the UE, wherein the PDU session establishment completion message comprises the PDU session identification of the PDU session, and the PDU session establishment is completed.
The first user plane security policy acquired by the SMF is a user plane security policy for the UE, and specifically may be a user plane security policy for a PDU session of the UE. The user plane security policy is different for different PDU sessions, and the PDU session identification of the PDU session can be used for distinguishing. For example, the user plane security policy of PDU session 1 is that the user plane integrity protection indication information is "required", and the user plane cipher protection indication information is "required"; the user plane security policy of PDU session 2 is that the user plane integrity protection indication information is "preferred" and the user plane cipher protection indication information is "required".
It is to be appreciated that the user plane security policy can be tied to the PDU session granularity. The user plane security policy may be bound to the PDU session granularity, and may also be bound to other user plane security protection granularities, where the user plane security protection granularities may be granularities such as a data radio bearer identifier (DRB ID), a 5G quality of service indicator (5 QI), a quality of service flow identifier (QFI), and a network slice identifier. The user plane security policy varies with the granularity of user plane security protection, e.g., the user plane security policy varies for different PDU sessions as described above. In the embodiment of the present application, the user plane security policy is described by taking PDU session granularity as an example, and it can be understood that the PDU session identifier may be changed to a corresponding identifier of other granularities.
In a possible implementation manner, when the MN is used as a target base station in a base station handover process, the first user plane security policy and a PDU session identifier of a PDU session corresponding to the first user plane security policy may be acquired from a source base station. The base station switching process is a process of switching from a source base station to a target base station, the source base station is a base station to which the UE is connected before switching, and the target base station is a base station to which the UE is connected after switching.
In the embodiment of the present application, a PDU session corresponding to a first user plane security policy acquired by an MN is referred to as a first PDU session.
Step S402, the MN sends a first message to the SN, wherein the first message comprises second indication information, a first user plane security policy and a PDU session identifier of a first PDU session. Accordingly, the SN receives a first message from the MN.
The first message may be an SN addition request (SN addition request), for example, when the radio bearer is initially shunted to the SN, the first message is the SN addition request. The first message may also be an SN modification request (SN modification request). The MN sends a first message to the SN when determining to initiate the dual connectivity procedure.
The MN can initiate the double connection flow after the PDU session is established, and can also initiate the double connection flow in the PDU session establishment process. If the MN initiates the dual connectivity procedure after the PDU session is established, step S401 may be performed after the PDU session is established; if the MN initiates the double-connection flow in the PDU session establishment process, the SMF sends a PDU session establishment completion message to the MN through the AMF, and the MN sends the PDU session establishment completion message to the UE when receiving the RRC connection reconfiguration response from the UE.
The first user plane security policy included in the first message is a first user plane security policy acquired by the MN, and the MN sends the acquired first user plane security policy and a PDU session identifier of the first PDU session to the SN, so that the SN can determine a first user plane security protection method for the first PDU session according to the first user plane security policy.
The second indication information included in the first message is used to indicate that the first PDU session is a URLLC PDU session, that is, the first PDU session is a PDU session in a URLLC scenario. Another possible scenario is that the second indication information is used to indicate that data transmitted via the first PDU session needs to establish user plane security termination at the primary base station and the secondary base station, respectively. The second indication information may be a quality of service (QoS) parameter (e.g. QFI, 5QI or a newly defined QoS parameter) to indicate, e.g. by QFI, i.e. the particular QFI indicates a URLLC session. The second indication information can also be indicated by a special PDU session identifier; it may also be indicated by a bit, for example, a bit of "1" indicates that the first PDU session is a URLLC PDU session, and the bit may be a bit added based on an SN addition request or an SN modification request, or may be multiplexed with a bit. The second indication information may also be indicated by other information, and the indication manner of the second indication information is not limited in the embodiment of the present application. The MN sends second indication information to the SN so that the SN can know that the first PDU session is a URLLC PDU session.
Optionally, the first message further comprises a root key Ksn, Ksn for generating security keys used by the SN with the UE. This Ksn is calculated by the MN using the root key Kmn between the MN and the base station. Specifically, the SN and the UE may generate a first user plane security key between the UE and the SN according to Ksn, for protecting user plane security between the UE and the SN, such as a user plane ciphering key and a user plane integrity protection key. The SN may also generate a key to protect the signaling plane between the UE and the SN from Ksn, in case there may be a signaling plane path between the SN and the UE. Keys that protect the signaling plane, such as RRC integrity keys and RRC ciphering keys.
Optionally, the first message further includes security capabilities of the UE. The security capability of the UE includes security algorithms supported by the UE in the LTE system and/or security algorithms supported in the 5G system. In particular, the security capabilities of the UE are communicated between the access network and the core network in the form of an identifier. The security capabilities of the UE refer to which ciphering algorithms and which integrity protection algorithms the UE supports. The first message carries the security capabilities of the UE so that the SN selects the security algorithm to be used between the SN and the UE from the security capabilities of the UE according to which system the base station is under, e.g. the SN is a gbb, and the SN is selected from among the security algorithms supported by the UE in the 5G system, i.e. the SN is represented by an identifier beginning with "N". For another example, the SN is ng-eNB, and the SN selects a security algorithm between the SN and the UE according to a security algorithm supported by the UE in the LTE system, that is, the SN is selected from among algorithms represented by identifiers beginning with "E".
In step S403, the SN determines a first user plane security protection method.
And when receiving a first message from the MN, the SN determines a first PDU session according to the PDU session identifier of the first PDU session, can know that the first PDU session is the URLLC PDU session according to the second indication information, and then determines a first user plane security protection method between the SN and the UE aiming at the first PDU session according to a first user plane security policy.
Specifically, if at least one of the user plane encryption protection indication information and the user plane integrity protection indication information included in the first user plane security policy is "preferred", the SN determines the first user plane security protection method according to one or more of the current resource usage of the SN, the resource usage of the UE, and a user plane security protection method preconfigured by the SN. If the current resource use condition of the SN allows the user plane encryption protection and/or the user plane integrity protection to be used, the SN may determine that the first user plane security protection method is to start the user plane encryption protection + start the user plane integrity protection. If the resource usage of the UE allows the user plane ciphering protection and/or user plane integrity protection, the SN may determine that the first user plane security protection method is to open user plane ciphering protection + open user plane integrity protection. If the requirements of the user plane security protection method pre-configured by the SN are user plane encryption protection and user plane integrity protection, the SN may determine that the first user plane security protection method is not to turn on user plane encryption protection and not to turn on user plane integrity protection. And if the first user plane security policy cannot realize the user plane encryption protection without starting and the user plane integrity protection without starting, the SN refuses the dual-connection access flow. The SN preconfigured user plane security protection method may be a SN preconfigured user plane security protection method for a URLLC scenario. The SN may be configured with the user plane security protection method in advance in the case that the SN is ng-eNB and the MN is gbb.
In the case where the first message includes the security capability of the UE, the SN may select a first security algorithm between the SN and the UE according to the security capability of the UE. For example, if the SN is a gbb, the SN may select a first security algorithm between the SN and the UE according to a security algorithm supported by the UE in the 5G system. The SN may also select the first security algorithm between the SN and the UE in other ways.
In a possible implementation manner, the SN determines the first user plane security protection method first, and then selects the first security algorithm, so at this time, the SN only needs to select the user plane security algorithm, and the signaling plane security algorithm needs to be reselected. In this case, the signaling plane security algorithm and the user plane security algorithm may be the same or different. The same concrete meaning is that if the user plane encryption protection is started, the used user plane security algorithm is the same as the used signaling plane security algorithm; and if the user plane integrity protection is started, the integrity algorithm used by the user plane is the same as the integrity algorithm used by the signaling plane. If the two are different, the security algorithm used by the signaling plane and the security algorithm used by the user plane are different, that is, different, for example, the user plane encryption algorithm uses encryption algorithm a, the encryption algorithm used by the signaling plane is encryption algorithm B, but both the user plane and the signaling plane use integrity algorithm C.
In a possible implementation manner, the SN selects a first security algorithm first, and then determines a first user plane security protection method. Since the SN selects the first security algorithm first, the selected security algorithm is used for both signaling plane protection and user plane protection. And after the SN determines the first user plane security protection method, the SN determines which selected security algorithm is used for user plane security protection according to the determined first user plane security protection method. For example, the SN selects an encryption algorithm and an integrity protection algorithm, and then the SN determines that the user plane security protection method is user plane encryption on + user plane integrity protection is not on, and then the SN determines that the encryption protection algorithm is used on the user plane and the user plane integrity protection algorithm is not used.
In step S404, the SN determines a first user plane security key.
The SN may determine a first user plane security key according to a first user plane security protection method. Specifically, the SN may generate a first user plane security key according to Ksn, a first security algorithm, and a first user plane security protection method. The first user plane security key may include a user plane encryption key and/or a user plane integrity protection key, which may be specific to the first user plane security protection method. For example, if the first user plane security protection method is user plane encryption protection on start + user plane integrity protection off, the first user plane security key includes a user plane encryption key. If the first user plane security protection method is not to start user plane encryption protection and not to start user plane integrity protection, the SN does not need to determine the first user plane security key.
Optionally, if the SN has already determined the user plane security key between the SN and the UE before, the SN may choose to continue to use the user plane security key as the first user plane security key, and at this time, the first user plane security key does not need to be determined again; or the SN can re-determine the first user plane security key according to the first user plane security protection method on the basis of the user plane security key. For example, if the SN has previously generated a user plane security key for another PDU session with the UE, the SN may choose to continue using the user plane security key, or the SN re-determines the first user plane security key according to a first user plane security protection method between the SN and the UE currently on the basis of the user plane security key.
Step S405, the SN sends a second message to the MN, where the second message includes the first user plane security protection method. Accordingly, the MN receives a second message from the SN.
The second message is used for responding to the first message, and may be a SN addition response or a SN modification response. Namely, if the first message is an SN adding request, the second message is an SN adding response; the first message is a SN modification request and the second message is a SN modification response.
The first user plane security protection method included in the second message may be indicated by using 2 bits, where 1 bit indicates whether the user plane encryption protection is turned on or not, and another bit indicates whether the user plane integrity protection is turned on or not. For example, if the first bit is "1" to indicate that the user plane encryption protection is on, and the second bit is "1" to indicate that the user plane integrity protection is on, assuming that the SN determines that the first user plane security protection method is user plane encryption protection on + user plane integrity protection not on, then the first user plane security protection method may be indicated by "10". The second message carries the first user plane security protection method, so that the MN carries the first user plane security protection method in the RRC connection reconfiguration response and sends the RRC connection reconfiguration response to the UE, and the UE can conveniently know the first user plane security protection method between the SN and the UE.
Step S406, the MN sends a third message to the UE, where the third message includes the first user plane security protection method. Accordingly, the UE receives a first message from the MN.
After receiving the first user plane security protection method from the SN, the MN sends a first message to the UE. The first message may be an RRC connection reconfiguration (connection reconfiguration) request, that is, the MN sends the first user plane security protection method to the UE through the RRC connection reconfiguration request.
Optionally, the first message further carries first indication information, where the first indication information is used to indicate that the first PDU session is a URLLC PDU session, and is used to inform the UE that the first PDU session is a URLLC PDU session. The first indication information may be indicated by an existing QoS parameter (e.g. QFI or 5QI) or a newly defined QoS parameter, may be indicated by a special PDU session identifier, or may be indicated by a bit, for example, the bit is "1" to indicate that the first PDU session is a URLLC PDU session, and the bit may be a bit added based on the RRC connection reconfiguration request, or may be multiplexed with a bit. If the step S406 carries the first indication information, the first indication information in the step S406 and the second indication information in the step S402 are both used to indicate that the first PDU session is a URLLC PDU session, and the first indication information and the second indication information may be the same, for example, both indicated by an existing QoS parameter or a newly defined QoS parameter, or may be different, for example, the second indication information is indicated by a QFI, and the first indication information is indicated by one bit. For another example, if the first indication information is a special PDU session ID, the second indication information may be a special DRB ID.
If the first message does not carry the first indication information, the UE knows or may know through other contents that the current PDU session, i.e. the first PDU session, is a session of the URLLC.
Optionally, the first message further includes a first security algorithm, i.e. a security algorithm determined by the SN with the UE, so that the UE knows the security algorithm with the SN.
Optionally, the first message further includes an SN counter, the SN counter is used for the UE to generate Ksn, where Ksn is the same as Ksn sent by the MN to the SN, and then the UE may generate a user plane security key according to Ksn, and since Ksn is the same as Ksn sent by the MN to the SN, the user plane security key generated by the UE is the same as the user plane security key generated by the SN, so that the UE and the SN employ the same user plane security key to protect user plane data. In the case that a signaling plane path may exist between the SN and the UE, the UE may also generate a signaling plane security key from the Ksn, which is the same as the signaling plane security key generated by the SN.
In step S407, the UE determines a first functional entity that executes the first user plane security protection method.
The method comprises the steps that the UE acquires a first user plane security protection method from an RRC connection reconfiguration request under the condition that the RRC connection reconfiguration request from the MN is received, determines a first user plane security key according to the first user plane security protection method, and acquires a security algorithm between the UE and the SN according to the first security algorithm. Specifically, the UE may generate a first user plane security key according to the generated Ksn, the first security algorithm, and the first user plane security protection method. The first user plane security key generated by the UE is the same as the first user plane security key generated by the SN.
The UE may activate the first user plane security protection method by using the first security algorithm and the first user plane security key when determining the first user plane security key, that is, may perform security protection on the uplink user plane data and perform security protection on the downlink user plane data by using the first security algorithm, the first user plane security key, and the first user plane security protection method.
Before activating the first user plane security protection method, the UE needs to determine a first functional entity for executing the first user plane security protection method, and then can use the first security algorithm and the first user plane security key for the first functional entity, so that the UE can activate the first user plane security protection method at the first functional entity by using the first security algorithm and the first user plane security key, thereby performing security protection on uplink user plane data and performing security protection on downlink user plane data according to the first user plane security protection method. Similarly, before activating the second user plane security protection method, the UE needs to determine a second functional entity for executing the second user plane security protection method.
Under the condition that the UE knows that the first PDU session is the URLLC PDU session, the UE can determine that aiming at the first PDU session, the UE needs to send two pieces of uplink user plane data to a core network element, specifically, two pieces of same uplink user plane data are sent, one piece of same uplink user plane data is sent to the core network element through a main base station, the other piece of same uplink user plane data is sent to the core network element through a secondary base station, and the user plane is safely ended on MN and SN at the same time. The core network element is specifically a UPF, the two pieces of data may be sent to the same UPF or to different UPFs, and fig. 4 illustrates sending to the same UPF as an example.
Under the condition that the UE activates the second user plane safety protection method between the UE and the MN aiming at the first PDU session, the first user plane safety protection method aiming at the first PDU session between the UE and the SN is still activated after the first PDU session is known to be the URLLC PDU session. Since the UE has activated the second user plane security protection method, the UE has determined a second functional entity that performs the second user plane security protection method, i.e. the second functional entity of the second user plane security protection method is activated using the second security algorithm and the second user plane security key. Under the condition that the UE does not activate the second user plane security protection method between the UE and the MN, the UE can only activate the first user plane security protection method between the UE and the SN, and can also simultaneously activate the second user plane security protection method between the UE and the MN and the first user plane security protection method between the UE and the SN.
The functional entity in the embodiment of the present application takes a PDCP entity as an example for description, and the PDCP entity is an entity that performs user plane security protection and can also be used to perform user plane security protection solution. The PDCP entity is determined, i.e., which PDCP entity is used to perform user plane security protection. With the development of future networks, functional entities having functions of performing user plane security protection and user plane security protection are all within the scope of protection of the embodiments of the present application.
In this embodiment, the first functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the secondary base station in the two pieces of uplink user plane data according to the first user plane security protection method, so as to obtain first uplink user plane data; and the second functional entity is used for carrying out safety protection on the uplink user plane data which needs to be sent by the main base station in the two uplink user plane data according to a second user plane safety protection method to obtain second uplink user plane data.
In case that the UE has activated the second user plane security protection method, a PDCP entity which activates the second user plane security protection method using the second user plane security key and the second security algorithm is referred to as a second PDCP entity. When the UE activates the second user plane security protection method, it is unclear whether the UE will access the dual connectivity procedure, and since one PDU session corresponds to one PDCP entity in the prior art, the second PDCP entity is a location where the second user plane security protection method for the first PDU session is activated.
If the UE does not activate the second user plane security protection method, the UE only needs to determine one PDCP entity, i.e., the first PDCP entity, when activating the first user plane security protection method. Thereafter, when the UE activates the second user plane security protection method, the second PDCP entity needs to be determined. The specific determination method for the UE to determine the first PDCP entity is consistent with the description of the previous paragraph for the UE to determine the second PDCP entity.
In case that the second user plane security protection method has been activated, i.e., in case that the second PDCP entity has been determined, the first PDCP entity can be determined in the following two ways.
In a first mode, the UE configures two PDCP entities for a first PDU session, where one PDCP entity is a location where a first user plane security protection method is activated, and the other PDCP entity is a location where a second user plane security protection method is activated. In other words, the UE configures two PDCP entities for the same PDU session, unlike the related art in which one PDU session corresponds to one PDCP entity. Since the UE has activated the second user plane security protection method, and has determined which PDCP entity is the second PDCP entity, the unused PDCP entity is determined as the first PDCP entity that activated the first user plane security protection method. It can be understood that the UE configures two PDCP entities for the same PDU session in advance, and in case one PDCP entity is already used by the second user plane security key and the second security algorithm, gives the other PDCP entity to the first user plane security key and the first security algorithm. Or, under the condition that the UE determines the second PDCP entity, the UE configures one PDCP entity for the first PDU session, and the PDCP entity is used for the first user plane security key and the first security algorithm. The first PDCP entity and the second PDCP entity belong to upper PDCP entities, but are different upper PDCP entities, that is, the UE uses two different PDCP entities for security protection or security release.
Optionally, the PDU session identifiers of the first PDU session for which the first user plane security protection method and the second user plane security protection method are the same. For example, the expression of { PDU session ID ═ 1, [ PDCP ID ═ 1, first user plane security protection method ], [ PDCP ID ═ 2, second user plane security protection method ] } may be adopted to represent the association relationship between the PDU session and the PDCP entity, user plane security protection method. For another example, the association relationship between the PDU session and the PDCP entity and the user plane security key may be expressed in an expression { PDU session ID is 1, [ PDCP ID is 1, first user plane security key ], [ PDCP ID is 2, second user plane security key ] }.
Optionally, the first user plane security protection method and the second user plane security protection method are for the same PDU session, i.e. the first PDU session, and for convenience of differentiation, different PDU session identifications may be allocated to the first PDU session, but the PDU session identifications are different, but represent the same PDU session. For example, the association relationship between the PDU session and the PDCP entity and the user plane security protection method may be expressed by using an expression { [ PDU session ID ═ 1, PDCP ID ═ 1, and first user plane security protection method ], [ PDU session ID ═ 2, PDCP ID ═ 2, and second user plane security protection method ] }. For another example, the association relationship between the PDU session and the PDCP entity and the user plane security key may be expressed by using an expression { [ PDU session ID ═ 1, PDCP ID ═ 1, and first user plane security key ], [ PDU session ID ═ 2, PDCP ID ═ 2, and second user plane security key ] }. And the PDU session ID of 1 and the PDU session ID of 2 are different PDU session identifications of the first PDU session.
Assigning different PDU session identities to the same PDU session may be implemented at the UE and the SMF. I.e. the UE and SMF know 2 different PDU session identities for transmitting URLLC traffic data of the same PDU session. In another possible implementation manner, the UE and any network element of the SMF, MN, and SN may map out PDU session ID, DRB ID, and other information. At this time, the UE, MN, SN, SMF may associate 2 PDU session IDs with the same PDU session ID through some internal association, and further associate with URLLC traffic. For example, if the session in which the PDU session ID is 1 is stored in the UE is a URLLC session, the UE may map the PDU session ID to 1.1 and the PDU session ID to 1.2, and use an expression of { [ PDU session ID to 1.1, PDCP ID to 1, first user plane security protection method ], [ PDU session ID to 1.2, PDCP ID to 2, second user plane security protection method ] } to represent the association relationship between the PDU session and the PDCP entity, user plane security protection method.
In the second mode, the UE creates two PDCP lower layers for the PDCP entity corresponding to the first PDU session, where one PDCP lower layer is a location where the first user plane security protection method is activated, and the other PDCP lower layer is a location where the second user plane security protection method is activated, but the two PDCP lower layers correspond to the same PDCP upper layer, and as a whole, the UE only uses one PDCP entity to perform security protection or security relief. Since the UE has activated the second user plane security protection method and determined which PDCP entity, the UE creates two PDCP lower layers for the PDCP entity, moves the location where the second user plane security protection method is activated from the upper layer of the PDCP entity to one PDCP lower layer of the PDCP entity, and the other PDCP lower layer is used to activate the first user plane security protection method, that is, the other PDCP lower layer is used for the first user plane security key and the first security algorithm. The PDCP lower layer used for the first user plane security key and the first security algorithm is referred to as a first lower layer PDCP entity, and the other PDCP lower layer is referred to as a second lower layer PDCP entity, where the first lower layer PDCP entity and the second lower layer PDCP entity correspond to the same upper layer PDCP entity.
Optionally, the session identifier of the first PDU session for which the first user plane security protection method and the second user plane security protection method are directed is the same. For example, the association relationship between the PDU session and the PDCP lower layer entity and the user plane security protection method may be expressed in an expression { PDU session ID is 1, PDCP ID is 1, [ PDCP status is 1, first user plane security protection method ], [ PDCP status is 2, second user plane security protection method ] }.
Optionally, the PDU session identifications of the first PDU session for which the first user plane security protection method and the second user plane security protection method are different. For example, the association relationship between the PDU session and the PDCP lower layer entity and the user plane security protection method may be expressed in an expression { [ PDU session ID ═ 1, PDCP ID ═ 1, PDCPsub ═ 1, first user plane security protection method ], [ PDU session ID ═ 2, PDCP ID ═ 1, PDCPsub ═ 2, second user plane security protection method ] }. The PDU session ID 1 and PDU session ID 2 are different PDU session identifications of the first PDU session. Alternatively, the association relationship between the PDU session and the PDCP lower layer entity and the user plane security protection method may be expressed by using an expression { [ PDU session ID ═ 1.1, PDCP ID ═ 1, PDCP sub ═ 1, first user plane security protection method ], [ PDU session ID ═ 1.2, PDCP ID ═ 1, PDCP sub ═ 2, second user plane security protection method ] }. The PDU session ID 1.1 and PDU session ID 1.2 are different PDU session identifications of the first PDU session.
In a possible implementation manner, after activating the first user plane security protection method, the UE may send an RRC connection reconfiguration response to the MN, for responding to the RRC connection reconfiguration request. And the MN sends a SN reconfiguration completion message to the SN under the condition of receiving the RRC connection reconfiguration response from the UE. The SN may activate the first user plane security protection method when receiving the SN reconfiguration complete message, or may activate the first user plane security protection method after determining the first user plane security protection method, the first user plane security key, and the first security algorithm.
Step S408, the UE performs security protection on the uplink user plane data according to the first user plane security protection method in the first functional entity.
And under the condition that the first functional entity is determined, the UE activates a first user plane security protection method on the first functional entity by using the first user plane security key and the first security algorithm, and after the activation, performs security protection on the uplink user plane data on the first functional entity by using the first user plane security key, the first security algorithm and the first user plane security protection method. The uplink user plane data is one of two same uplink user plane data which needs to be sent to a core network element by the UE.
For example, the first user plane security protection method is user plane encryption protection on + user plane integrity protection off, the first security algorithm is user plane encryption protection algorithm a, and the user plane integrity protection algorithm is not used, so that the UE uses the user plane encryption protection algorithm a and the generated user plane encryption key to perform encryption protection on the uplink user plane data, and does not perform integrity protection on the uplink user plane data subjected to encryption protection.
Step S409, the UE sends the first uplink user plane data to the SN. Accordingly, the SN receives first uplink user plane data from the UE.
The first uplink user plane data is user plane data obtained after the UE performs security protection on the uplink user plane data by using a first user plane security key, a first security algorithm and a first user plane security protection method. For example, the first user plane security protection method is user plane encryption protection on + user plane integrity protection off, the first security algorithm is user plane encryption protection algorithm a, and a user plane integrity protection algorithm is not used, the UE uses the user plane encryption protection algorithm a and the generated user plane encryption key to perform encryption protection on the uplink user plane data, and does not perform integrity protection on the uplink user plane data subjected to encryption protection, and then the first uplink user plane data is user plane data subjected to encryption protection on the uplink user plane data by using the user plane encryption protection algorithm a and the generated user plane encryption key, and does not perform integrity protection on the uplink user plane data subjected to encryption protection.
It is understood that step S409 is that the UE directly transmits all the first uplink user plane data to the SN.
Optionally, the UE sends a part of the first uplink user plane data directly to the SN, and sends another part to the SN through the MN. When receiving part of the first uplink user plane data from the UE, the MN directly forwards the part of the first uplink user plane data to the SN without any security operation.
And step S410, the SN performs security relief protection on the first uplink user plane data.
And the SN performs security relief protection on the first uplink user plane data under the condition of receiving all the first uplink user plane data. Specifically, the SN performs a deserving protection on the first uplink user plane data using a first user plane security protection method, a first security algorithm, and a first user plane security key.
If the first uplink user plane data sent by the UE is firstly encrypted for protection and then is subjected to integrity protection, the SN firstly performs integrity protection verification and then decrypts when receiving the first uplink user plane data. If the first uplink user plane data sent by the UE is integrity protected firstly and then encryption protected, the SN decrypts the first uplink user plane data firstly when receiving the first uplink user plane data and then verifies the integrity protection.
And step S411, the SN sends the uplink user plane data after the safety protection is removed to the UPF.
And the SN sends the uplink user plane data subjected to the safety protection relief to the UPF so that the UPF can send the uplink user plane data to a corresponding data network.
Step S412, the UE performs security protection on the uplink user plane data according to the second user plane security protection method in the second functional entity.
Since the UE has activated the second user plane security protection method, the UE may perform security protection on the uplink user plane data at the second functional entity according to the second user plane security protection method. Specifically, the UE uses a second user plane security key, a second security algorithm, and a second user plane security protection method to perform security protection on the uplink user plane data. The uplink user plane data is the other of the two same uplink user plane data which the UE needs to send to the core network element.
The second user plane security key may be directly notified to the UE by the MN, or may be generated by the UE according to the Kmn, and the MN may notify the UE of the Kmn.
Wherein the second security algorithm is obtained by the UE in an Access Stratum (AS) Security Mode Command (SMC) flow. The AS SMC includes a second security algorithm between the MN selected by the MN and the UE, the second security algorithm may include a signaling plane security algorithm and a user plane security algorithm, and the signaling plane security algorithm and the user plane security algorithm may be the same or different. If the same, the passed selected security algorithm is used for both the control plane and the user plane. And the MN can determine a user plane security algorithm according to a security algorithm used by the signaling plane under the condition of determining the second user plane security protection method.
Step S408 and step S412 may be concurrent, i.e. performed simultaneously, or performed with negligible time difference.
Step S413, the UE sends the second uplink user plane data to the MN. Accordingly, the primary base station receives second uplink user plane data from the UE.
And the second uplink user plane data is the user plane data obtained after the UE performs security protection on the uplink user plane data by using a second user plane security key, a second security algorithm and a second user plane security protection method.
Step S409 and step S413 may be concurrent, i.e. performed simultaneously, or performed with a negligible time difference.
Step S414, the MN performs security relief on the second uplink user plane data.
It is understood that step S414 is that the UE directly sends all the second uplink user plane data to the MN.
Optionally, the UE sends a part of the first uplink user plane data directly to the MN, and sends another part to the MN through the SN. When receiving part of the first uplink user plane data from the UE, the SN directly forwards the part of the first uplink user plane data to the MN without any security operation.
Step S410 and step S414 may be concurrent, i.e. performed simultaneously, or performed with negligible time difference.
In step S415, the MN sends the uplink user plane data after the security protection is released to the UPF.
And the MN sends the uplink user plane data subjected to the safety protection relief to the UPF so that the UPF sends the uplink user plane data to a corresponding data network.
Steps S408-S411 and steps S412-S415 may be concurrent, i.e. performed simultaneously, or performed with a negligible time difference.
The above steps S408 to S411 and steps S412 to S415 are processes of uplink user plane data transmission, and the processes of downlink user plane data transmission may include:
for downlink user plane data transmission between the SN and the UE: when receiving downlink user plane data from the UPF, the SN uses a first user plane security protection method, a first user plane security key and a first security algorithm to perform security protection on the downlink user plane data to obtain first downlink user plane data, then directly sends the first downlink user plane data to the UE, and when receiving the first downlink user plane data, the UE uses the first user plane security protection method, the first user plane security key and the first security algorithm to perform security protection relief on the first downlink user plane data, so that the downlink user plane data is obtained.
For downlink user plane data transmission between the MN and the UE: when receiving downlink user plane data from the UPF, the MN uses a second user plane security protection method, a second user plane security key and a second security algorithm to perform security protection on the downlink user plane data to obtain second downlink user plane data, then the second downlink user plane data is directly sent to the UE, and when receiving the second downlink user plane data, the UE uses the second user plane security protection method, the second user plane security key and the second security algorithm to perform security protection on the second downlink user plane data, so that the downlink user plane data is obtained.
In a possible implementation manner, when executing step S411, the SN sends the uplink user plane data after the security protection is released to the UPF1, and when executing step S415, the MN sends the uplink user plane data after the security protection is released to the UPF2, so that two uplink user plane data sent by the UE to the core network element are sent to different UPFs, so that the security termination point is on the two UPFs, and the processing load of the UPFs can be reduced.
In the first embodiment shown in fig. 4, in a URLLC scenario, before activating the first user plane security protection method, the UE has activated the second user plane security protection method, and determines the first functional entity that executes the first user plane security protection method to distinguish the second functional entity that executes the second user plane security protection method, so that the UE can support user plane security to terminate user plane data transmission on MN and SN, thereby ensuring user plane security between UE and SN and between UE and MN in the URLLC scenario, and ensuring confidentiality and integrity of user plane data transmission in the URLLC scenario.
Taking the network architecture shown in fig. 3 as an example of the application embodiment, as shown in fig. 5, a flowchart of the communication method provided in the second embodiment of the application is shown, in this embodiment, a UE is taken as an example of a user terminal, an AMF is taken as an example of an access management network element, an SMF is taken as an example of a session management network element, and a UPF is taken as an example of a user plane network element. The method may include, but is not limited to, the steps of:
in step S501, the UE sends a PDU session setup/modification request to the SMF via the MN.
The PDU session establishment request requests establishment of a PDU session, and the PDU session modification request requests modification of the established PDU session. In the embodiment of the present application, the PDU session requested to be established or modified by the PDU session establishment/modification request is referred to as a first PDU session.
Specifically, the UE sends a PDU session setup/modification request to the AMF through the MN, and the AMF between the MN and the SMF is not shown in fig. 5 when receiving the PDU session setup/modification request. It should be noted that, in the embodiment shown in fig. 5, the AMF between the MN and the SMF is omitted, but in practical applications, messages between the MN and the SMF are sent from the MN to the AMF and then sent from the AMF to the SMF, or sent from the SMF to the AMF and then sent from the AMF to the MN.
Optionally, the PDU session setup/modification request carries a PDU session identifier of the first PDU session, and when the PDU session setup request carries the PDU session identifier of the first PDU session, it indicates that the UE may allocate the PDU session identifier for the first PDU session.
Optionally, the PDU session setup/modification request carries indication information, where the indication information is used to indicate that the first PDU session is a URLLC PDU session. It can be understood that the PDU session establishment request carries indication information indicating that the PDU session requested to be established by the UE is a URLLC PDU session, and at this time, the UE is ready to establish the URLLC PDU session. Or after the UE is ready to establish the URLLC PDU session, the UE may determine to request establishment of the URLLC PDU session, and at this time, the PDU session establishment request carries indication information to inform the MN, the SN, or the SMF that the PDU session is the URLLC PDU session. In the embodiment of the present application, the preparation performed by the UE is not limited to the preparation for establishing the URLLC PDU session, and for the URLLC scenario, the preparation performed by the UE is the preparation for establishing the URLLC PDU session, and in the scenario where other UEs send two identical uplink user plane data to the network element of the core network, the preparation performed by the UE may be different.
Under the condition that the PDU session establishment/modification request does not carry indication information, the UE can know that the first PDU session is a URLLC PDU session by receiving a message from MN, SN or SMF. For example, the UE learns that the first PDU session is a URLLC PDU session by receiving an RRC connection reconfiguration request from the MN or the SN; for another example, the UE obtains that the first PDU session is a URLLC PDU session by receiving a PDU session completion message from the SMF, specifically, the SMF sends the PDU session completion message to the MN, and then the MN sends the PDU session completion message to the UE, where the PDU session completion message carries indication information for indicating that the first PDU session is a URLLC PDU session. The UE may determine that the first PDU session is a URLLC PDU session through one or more indication information.
In step S502, the SMF obtains a first user plane security policy.
When receiving a PDU session establishment/modification request, the SMF acquires the signing information related to the PDU session from a Unified Data Management (UDM), and acquires a first user plane security policy from the signing information related to the PDU session; or the SMF acquires the first user plane security policy from the local configuration information of the SMF.
The SMF can also allocate PDU session identification for the PDU session requested to be established when receiving the PDU session establishment request. Alternatively, the SMF obtains the PDU session identification from the PDU session setup/modify request.
In step S503, the SMF sends a PDU session complete message to the MN, where the PDU session complete message includes the first user plane security policy. Accordingly, the MN receives the PDU session complete message from the SMF.
The PDU session complete message may be carried in the N2 message, and the PDU session complete message includes the user plane security policy, or the N2 message carries the user plane security policy. The first user plane security policy is obtained by the SMF in step S502.
Optionally, the PDU session complete message includes third indication information, where the third indication information is used to indicate that the first PDU session is a URLLC PDU session.
In step S504, the MN determines a second user plane security protection method and a second user plane security key.
When the MN receives the PDU session complete message and knows that the first PDU session is a URLLC PDU session, the MN can determine that the second user plane security protection method must be activated. Before activating the second user plane security protection method, the MN determines the second user plane security protection method and the second user plane security key, and also determines a second security algorithm.
The method for determining the second user plane security protection method and the second user plane security key by the MN may refer to the SN in the embodiment shown in fig. 4 to determine the first user plane security protection method and the first user plane security key, that is, the specific description of step S403 and step S404 in fig. 4, which is not described herein again.
After determining the second user plane security protection method, the MN may activate the second user plane security protection method, so that the MN performs security protection on the uplink user plane data sent by the UE or performs security protection on the downlink user plane data sent to the UE.
Step S505, the MN sends a first message to the SN, where the first message includes the second indication information and the first user plane security policy. Accordingly, the SN receives a first message from the MN.
The first message may be an SN addition request, and the MN initiates a dual connectivity procedure and sends the SN addition request to the SN when knowing that the first PDU session is a URLLC PDU session. The first user plane security policy carried in the first message is the first user plane security policy obtained by the SMF in step S502, and the second indication information is used to indicate that the first PDU session is a URLLC PDU session. Optionally, the first message further includes a PDU session identifier of the first PDU session.
Step S506, the SN determines a first user plane security protection method and a first user plane security key.
Step S507, the SN sends a second message to the MN, where the second message includes the first user plane security protection method. Accordingly, the MN receives a second message from the SN.
The specific implementation processes of step S506 and step S507 may refer to the specific descriptions of step S403 to step S405 in the embodiment shown in fig. 4, and are not described herein again.
Step S508, the MN sends a third message to the UE, where the third message includes the first user plane security protection method and the second user plane security protection method. Accordingly, the UE receives a third message from the MN.
Wherein the first message may be an RRC connection reconfiguration request.
Step S508 is similar to step S406 in the embodiment shown in fig. 4, and can refer to the detailed description of step S406 in the figure, which is not repeated herein. However, the difference between step S508 and step S406 is that the first message in step S508 carries a second user plane security protection method in addition to the first user plane security protection method, so that the UE knows the first user plane security protection method and the second user plane security protection method, and the UE can activate the first user plane security protection method and the second user plane security protection method.
In step S509, the UE determines a first functional entity that executes the first user plane security protection method and a second functional entity that executes the second user plane security protection method.
The UE may determine the first functional entity and the second functional entity in the following two ways.
In a first mode, the UE configures two PDCP entities for a first PDU session, where one PDCP entity is a location where a first user plane security protection method is activated, and the other PDCP entity is a location where a second user plane security protection method is activated. In other words, the UE configures two PDCP entities for the same PDU session, one PDCP entity being the first functional entity and the other PDCP entity being the second functional entity.
In the second mode, the UE creates two PDCP lower layers for the PDCP entity corresponding to the first PDU session, where one PDCP lower layer is a location where the first user plane security protection method is activated, and the other PDCP lower layer is a location where the second user plane security protection method is activated, but the two PDCP lower layers correspond to the same PDCP upper layer, and as a whole, the UE only uses one PDCP entity to perform security protection or security relief. The location where the first user plane security protection method is activated is called a first lower layer PDCP entity, another PDCP lower layer is called a second lower layer PDCP entity, and the first lower layer PDCP entity and the second lower layer PDCP entity correspond to the same upper layer PDCP entity.
In a possible implementation manner, after activating the first user plane security protection method and the second user plane security protection method, the UE may send an RRC connection reconfiguration response to the MN, for responding to the RRC connection reconfiguration request. And the MN sends a SN reconfiguration completion message to the SN under the condition of receiving the RRC connection reconfiguration response from the UE. The MN can also send a PDU session completion message to the UE under the condition of receiving the RRC connection reconfiguration response from the UE, wherein the PDU session completion message is used for responding the PDU session establishment/modification request and indicating the completion of the PDU session establishment/modification between the UE and the MN and the SN.
Step S510, the UE performs security protection on the uplink user plane data according to the first user plane security protection method in the first functional entity.
Step S511, the UE sends the first uplink user plane data to the SN. Accordingly, the SN receives first uplink user plane data from the UE.
And step S512, the SN performs security relief protection on the first uplink user plane data.
Step S513, the SN sends the uplink user plane data after the security protection is released to the UPF.
Step S514, the UE performs security protection on the uplink user plane data according to the second user plane security protection method in the second functional entity.
Step S515, the UE sends the second uplink user plane data to the MN. Accordingly, the MN receives second uplink user plane data from the UE.
Step S516, the MN performs security relief on the second uplink user plane data.
And step S517, the MN sends the uplink user plane data after the safety protection is removed to the UPF.
The specific implementation process of step S510 to step S517 may refer to the specific description of step S408 to step S415 in the embodiment shown in fig. 4, and is not described herein again.
In the second embodiment shown in fig. 5, a URLLC scenario is bound with a PDU session establishment/modification process, and when the MN knows that the first PDU session is a URLLC PDU session, a dual connection is initiated, and the first user plane security protection method and the second user plane security protection method are sent to the UE, so that the UE activates the first user plane security protection method at the first functional entity and activates the second user plane security protection method at the second functional entity, thereby ensuring the user plane security between the UE and the SN, and between the UE and the MN in the URLLC scenario, and ensuring the confidentiality and integrity of user plane data transmission in the URLLC scenario.
Taking the network architecture shown in fig. 3 as an example of the application embodiment, as shown in fig. 6, a flowchart of the communication method provided in the third embodiment of the application is shown, in this embodiment, a UE is taken as an example of a user terminal, an AMF is taken as an example of an access management network element, an SMF is taken as an example of a session management network element, and a UPF is taken as an example of a user plane network element. The method may include, but is not limited to, the steps of:
in step S601, the UE sends a PDU session setup/modification request to the SMF via the MN.
In step S602, the SMF obtains a first user plane security policy.
Step S603, the SMF sends a PDU session complete message to the MN, where the PDU session complete message includes the first user plane security policy. Accordingly, the MN receives the PDU session complete message from the SMF.
In step S604, the MN determines a second user plane security protection method and a second user plane security key.
The specific entity processes of step S601 to step S604 can refer to the specific descriptions of step S501 to step S504 in the embodiment shown in fig. 5, and are not described herein again.
Step S605, the MN sends a fourth message to the UE, where the fourth message includes a second user plane security protection method. Accordingly, the UE receives a fourth message from the MN.
The fourth message may be an RRC connection reconfiguration request, and the fourth message carries the second user plane security protection method for informing the UE of the second user plane security protection method, so that the UE activates the second user plane security protection method.
Step S606, the UE activates the second user plane security protection method.
And the UE activates the second user plane security protection method by using the second user plane security key and the second security algorithm, and at the moment, a second functional entity for executing the second user plane security protection method is determined.
And after activating the second user plane security protection method, the UE sends an RRC connection reconfiguration response to the MN. And the MN sends a PDU session completion message to the UE under the condition of receiving the RRC connection reconfiguration response, wherein the PDU session completion message is used for indicating that the PDU session establishment/modification between the UE and the MN is completed.
Step S607, the MN sends a first message to the SN, where the first message includes the second indication information and the user plane security policy. Accordingly, the SN receives a first message from the MN.
In step S608, the SN determines the first user plane security protection method and the first user plane security key.
Step S609, the SN sends a second message to the MN, where the second message includes the first user plane security protection method. Accordingly, the MN receives a second message from the SN.
Step S610, the MN sends a third message to the UE, where the third message includes the first user plane security protection method. Accordingly, the UE receives a third message from the MN.
Optionally, the third message further includes first indication information, where the first indication information is used to indicate that the first PDU session is a URLLC PDU session.
In step S611, the UE determines a first functional entity that executes the first user plane security protection method.
Step S612, the UE performs security protection on the uplink user plane data according to the first user plane security protection method in the first functional entity.
In a possible implementation manner, after activating the first user plane security protection method, the UE may send an RRC connection reconfiguration response to the MN for responding to step S610. And the MN sends a SN reconfiguration completion message to the SN under the condition of receiving the RRC connection reconfiguration response from the UE. The MN, upon receiving the RRC connection reconfiguration response from the UE, may also send a PDU session complete message to the UE indicating that the PDU session establishment/modification between the UE and the SN is complete.
Step S613, the UE sends the first uplink user plane data to the SN. Accordingly, the SN receives first uplink user plane data from the UE.
And step S614, the SN performs security relief protection on the first uplink user plane data.
And step S615, the SN sends the uplink user plane data subjected to the safety protection relief to the UPF.
Step S616, the UE performs security protection on the uplink user plane data according to the second user plane security protection method in the second functional entity.
In step S617, the UE sends the second uplink user plane data to the MN. Accordingly, the MN receives second uplink user plane data from the UE.
Step S618, the MN performs security relief on the second uplink user plane data.
And step S619, the MN sends the uplink user plane data subjected to the safety protection relief to the UPF.
The specific implementation process of steps S607-S619 can refer to the specific description of steps S402-S415 in the embodiment shown in fig. 4, and is not described herein again.
In the third embodiment shown in fig. 6, the UE and the MN activate the second user plane security protection method in the PDU session establishment/modification process, and then the UE and the SN activate the first user plane security protection method through the SN addition process, so that the user plane security between the UE and the SN and between the UE and the MN in the URLLC scene can be ensured, and the confidentiality and integrity of user plane data transmission in the URLLC scene can be ensured.
The third embodiment shown in fig. 6 is different from the first embodiment shown in fig. 4 in that the third embodiment definitely activates the second user plane security protection method during the PDU session establishment/modification process, but the third embodiment does not limit when the second user plane security protection method is activated by the UE.
Taking the network architecture shown in fig. 3 as an example of the application embodiment, as shown in fig. 7, a flowchart of the communication method provided in the fourth embodiment of the application is shown, in this embodiment, a UE is taken as an example of a user terminal, an AMF is taken as an example of an access management network element, an SMF is taken as an example of a session management network element, and a UPF is taken as an example of a user plane network element. The method may include, but is not limited to, the steps of:
in step S701, the UE sends a PDU session setup/modification request to the SMF via the MN.
Optionally, the PDU session setup/modification request carries a first PDU session identifier allocated by the UE for the first PDU session.
In step S702, the SMF obtains a first user plane security policy.
In step S703, the SMF sends a PDU session complete message to the MN, where the PDU session complete message includes the user plane security policy. Accordingly, the MN receives the PDU session complete message from the SMF.
In step S704, the MN determines a second user plane security protection method and a second user plane security key.
Step S705, the MN sends a fourth message to the UE, where the fourth message includes a second user plane security protection method. Accordingly, the UE receives a fourth message from the MN.
Step S706, the UE activates the second user plane security protection method.
The specific implementation process of step S701 to step S706 can refer to the specific description of step S601 to step S606 in the embodiment shown in fig. 6, and is not described herein again. However, in step S702, the SMF may allocate a first PDU session identifier to the first PDU session or the PDU session setup/modification request carries the first PDU session identifier allocated by the UE for the first PDU session.
Step S707, the MN sends a first message to the SN, where the first message includes the second indication information and the first user plane security policy. Accordingly, the SN receives a first message from the MN.
Step S708, the MN sends an RRC connection reconfiguration message to the UE, where the RRC connection reconfiguration message includes the second security algorithm. Accordingly, the UE receives the RRC connection reconfiguration message from the MN.
The second security algorithm is a security algorithm between the MN and the UE determined by the MN, and the specific selection method can determine the first security algorithm by referring to the SN.
Step S709, the UE sends a PDU session setup/modification request message to the SN, where the PDU session setup/modification completion message includes the first session identifier and the indication information of the first PDU session. Accordingly, the SN receives a PDU session setup/modification request message from the UE.
Step S709 is that the UE directly sends a PDU session setup/modification request message to the SN, in another possible implementation manner, the UE sends an RRC connection reconfiguration message to the MN, and then the MN sends a SN reconfiguration complete message to the SN, where the RRC connection reconfiguration message and the SN reconfiguration complete message include a first session identifier and indication information of the first PDU session.
The indication information is used for indicating that the first PDU session is a URLLC PDU session. The indication information may be determined by the UE when the preparation of the URLLC PDU session is completed, or may be determined by the UE when the PDU session completion message is received, where the PDU session completion message carries indication information for indicating that the first PDU session is the URLLC PDU session.
Optionally, the UE may allocate a second PDU session identifier for the first PDU session when knowing that the first PDU session is a URLLC PDU session and when the first PDU session identifier has already been allocated for the first PDU session.
Step S710, the SN sends a PDU session setup/modify request message to the MN, where the PDU session setup/modify complete message includes the first session identifier and the indication information of the first PDU session. Accordingly, the MN receives the PDU session setup/modification request message from the SN.
In step S711, the MN sends a PDU session setup/modification request message to the SMF, where the PDU session setup/modification complete message includes the first session identifier and the indication information of the first PDU session. Accordingly, the SMF receives a PDU session setup/modification request message from the MN.
In step S712, the SMF obtains a first user plane security policy.
The first user plane security policy obtained by the SMF in step S712 is the same as the first user plane security policy obtained in step S702. Optionally, in the process of executing step S712, the SMF may allocate a second PDU session identifier to the first PDU session, where the UE does not allocate the first PDU session identifier to the first PDU session. Although different PDU session identities are assigned, the first and second PDU session identities are used to identify the same PDU session, i.e. the first PDU session.
In step S713, the SMF sends a PDU session complete message to the MN. Accordingly, the MN receives the PDU session complete message from the SMF.
Wherein the PDU session complete message includes a first user plane security policy. In case the SMF assigns a second PDU session identity for the first PDU session, the PDU session complete message further comprises the second PDU session identity of the first PDU session.
In step S714, the MN sends a PDU session complete message to the SN. Accordingly, the SN receives a PDU session complete message from the MN.
Wherein, the PDU session completion message also includes a user plane security policy. In case the SMF assigns a second PDU session identity for the first PDU session, the PDU session complete message further comprises the second PDU session identity of the first PDU session.
Step S715, the SN determines the first user plane security protection method and the first user plane security key.
The specific implementation process of step S715 may refer to the specific description of step S403 and step S404 in the embodiment shown in fig. 4, and is not described herein again.
Step S716, the SN sends a second message to the UE, where the second message includes the first user plane security protection method. Accordingly, the UE receives a first message from the SN.
In the embodiment shown in fig. 7, a signaling plane path exists between the SN and the UE, and the SN and the UE may directly perform transmission of a message.
Wherein the second message may be an RRC connection reconfiguration request. The second message may also include the first security algorithm.
The UE may generate a first user plane security key according to the generated Ksn, the first security algorithm, and the first user plane security protection method. Therein, the UE may generate Ksn according to the SN counter, which may be carried in the RRC connection reconfiguration message of step S708.
After step S716, the method may further include the UE sending an RRC connection reconfiguration response to the SN, and the SN, upon receiving the RRC connection reconfiguration response, may send a PDU session complete message to the UE for indicating that the SN joins the first PDU session.
In step S717, the UE determines a first functional entity that performs the first user plane security protection method.
Step S718, the UE performs security protection on the uplink user plane data according to the first user plane security protection method in the first functional entity.
In step S719, the UE sends the first uplink user plane data to the SN. Accordingly, the SN receives first uplink user plane data from the UE.
Step S720, the SN performs security relief on the first uplink user plane data.
In step S721, the SN sends the uplink user plane data after the security protection is released to the UPF.
Step S722, the UE performs security protection on the uplink user plane data according to the second user plane security protection method in the second functional entity.
Step S723, the UE sends the second uplink user plane data to the MN. Accordingly, the MN receives second uplink user plane data from the UE.
Step S724, the MN performs security relief on the second uplink user plane data.
Step S725, the MN sends the uplink user plane data after the security protection is released to the UPF.
The specific implementation process of step S717 and step S725 may refer to the specific description of step S407-step S415 in the embodiment shown in fig. 4, and is not described herein again.
In the fourth embodiment shown in fig. 7, a first PDU session identifier and a second PDU session identifier are allocated to the first PDU session, so as to distinguish the PDU session between the UE and the MN from the PDU session between the UE and the SN. Similarly, the fourth embodiment shown in fig. 7 can ensure the security of the user plane between the UE and the SN and between the UE and the MN in the URLLC scenario, and ensure the confidentiality and integrity of user plane data transmission in the URLLC scenario.
Taking the network architecture shown in fig. 3 as an example of the application embodiment, as shown in fig. 8, a flowchart of the communication method provided in the fifth embodiment of the application is shown, in this embodiment, a UE is taken as an example of a user terminal, an AMF is taken as an example of an access management network element, an SMF is taken as an example of a session management network element, and a UPF is taken as an example of a user plane network element. The method may include, but is not limited to, the steps of:
in step S801, the UE sends a PDU session setup/modification request to the SMF through the MN.
In step S802, the SMF determines that the first PDU session is a URLLC PDU session.
The SMF may determine that the first PDU session is a URLLC PDU session when receiving a PDU session establishment/modification request carrying indication information, or the SMF determines that the first PDU session is a URLLC PDU session according to other methods.
In step S803, the SMF generates a second user plane security policy. The second user plane security policy is a user plane security policy related to URLLC.
The SMF may generate a second user plane security policy according to the scenario requirements of URLLC. For example, if the scene requirement is an ultra-low delay, the second user plane security policy is a user plane encryption protection switch + a user plane integrity protection switch; as another example, if the scenario requirement is ultra-reliable, user plane integrity protection must be turned on in the second user plane security policy. Further, the SMF may generate the second user plane security policy based on certain information, which is not limited to scenario requirements, resource usage, etc.
Optionally, the second user plane security policy generated by the SMF does not include the preferred, so that determining actions of the MN and the SN for the preferred may be reduced, that is, in a case that the second user plane security policy does not include the preferred, the MN and the SN cannot consider to determine whether the user plane encryption protection is on or off, and whether the user plane integrity protection is on or off, so that processing delay may be reduced.
Step S804, the SMF sends a PDU session flow message to the MN, where the PDU session flow message includes the second user plane security policy. Accordingly, the MN receives the PDU session flow message from the SMF.
Step S805, the MN activates a user plane security protection method between the MN and the UE.
And the MN can activate a user plane security protection method between the MN and the UE according to the second user plane security policy under the condition of receiving the second user plane security policy from the SMF. At this time, the MN does not generate Ksn, that is, the MN no longer knows the security key used by the SN, so that the isolation of the security key between the MN and the SN can be achieved, and at this time, the security capability of the UE does not need to be transferred to the SN.
At step S806, the MN sends a first message to the SN, where the first message includes the second indication information. Accordingly, the SN receives a first message from the MN. Wherein the first message may be a SN addition request.
In step S807, the SN sends a second message to the MN, the second message being used to respond to the first message. Accordingly, the MN receives a second message from the SN. Wherein the second message may be a SN addition response.
Step S808, the MN sends a third message to the UE, where the third message includes a user plane security protection method activated by the MN. Accordingly, the UE receives a third message from the MN. Optionally, the third message further includes the first indication information.
And the UE can activate a user plane security protection method with the MN when receiving the third message.
Step S809, the UE sends a PDU session modification request to the SN, where the PDU session modification request includes indication information. Accordingly, the SN receives a PDU session modification request from the UE.
The indication information is used for indicating that the first PDU session is a URLLC PDU session.
In step S810, the SN sends a PDU session modification request to the SMF. Accordingly, the SMF receives a PDU session modification request from the SN.
In step S811, the SMF obtains a second user plane security policy.
In step S812, the SMF sends a PDU session flow message to the SN, where the PDU session flow message includes the second user plane security policy, the security capability of the UE, and the KgNB. Accordingly, the SN receives a PDU session flow message from the SMF.
Step S813, the SN activates a user plane security protection method with the UE.
And the SN can activate a user plane security protection method between the SN and the UE according to the second user plane security policy under the condition of receiving the second user plane security policy from the SMF. Before activation, the SN determines a security algorithm with the UE, and determines a security key with the UE according to the KgNB.
Step S814, the SN sends an AS SMC to the UE. Accordingly, the UE receives the AS SMC from the SN.
In step S815, the UE sends AS security mode complete (SMP) to the SN. Accordingly, the SN receives the AS SMP from the UE.
If the UE is connected to the SN for the first time, i.e. the signaling plane security protection is not activated, step S814 and step S815 are performed. If the UE is not connected to the SN for the first time, steps S814 and S815 may not be performed.
In step S816, the SN sends an RRC connection reconfiguration request to the UE. Accordingly, the UE receives an RRC connection reconfiguration request from the SN.
Step S817, the UE activates the user plane security protection method with the SN.
Step S818, the UE sends the SN reconfiguration complete to the SN. Accordingly, the SN receives a SN reconfiguration complete from the UE.
Step S819, the SN sends a PDU session modification complete message to the UE. Accordingly, the UE receives a PDU session modification complete message from the SN.
When the UE activates the user plane security protection method with the MN and the user plane security protection method with the SN, the first functional entity and the second functional entity need to be determined. After step S819, the UE may perform steps S408-S415 in the embodiment shown in fig. 4.
In the fifth embodiment shown in fig. 8, the SMF generates a user plane security policy related to the URLLC, and sends the user plane security policy to the MN and the SN, so that the MN and the SN determine a user plane security protection method between the UE and the UE in the URLLC scene, which can also ensure the user plane security between the UE and the SN and between the UE and the MN in the URLLC scene, and ensure the confidentiality and integrity of user plane data transmission in the URLLC scene.
In the embodiments shown in fig. 4-8, fig. 4 does not define when the UE activates the second user plane security protection method with the MN; in fig. 5, the URLLC scenario is bound with the PDU session establishment/modification process, and the MN simultaneously informs the UE of the first user plane security protection method and the second user plane security protection method; in fig. 6, the URLLC scenario is bound with the PDU session establishment/modification process, the UE activates the second user plane security protection method first, and then activates the first user plane security protection method, and the first user plane security protection method is notified to the UE by the MN; in fig. 7, a URLLC scenario is bound with a PDU session establishment/modification process, and a UE first activates a second user plane security protection method and then activates a first user plane security protection method, but the first user plane security protection method directly informs the UE of an SN, and a signaling plane path exists between the UE and the SN; in fig. 8, SMF generates a user plane security policy related to URLLC, and MN and SN determine a user plane security protection method with UE according to the user plane security policy. In fig. 4-7, the SN determines the user plane security key with the UE from Ksn from the MN, and in fig. 8, the SN determines the user plane security key with the UE from the KgNB from the SMF.
The method of the embodiments of the present application is set forth above in detail and the apparatus of the embodiments of the present application is provided below.
Referring to fig. 9, which is a schematic diagram of a logical structure of a communication device according to an embodiment of the present disclosure, the communication device 90 may include a transceiver 901 and a processing unit 902. The communication device 90 may be a user terminal, a main base station, or a secondary base station.
For the case where the communication device is a user terminal:
a processing unit 902, configured to determine that two pieces of uplink user plane data need to be sent through a first PDU session, and user plane security end points of the two pieces of uplink user plane data are respectively in a primary base station and a secondary base station; according to a first user plane safety protection method between a user terminal and an auxiliary base station, carrying out safety protection on uplink user plane data needing to be sent by the auxiliary base station in the two uplink user plane data to obtain first uplink user plane data; the first user plane safety protection method is used for indicating whether user plane encryption protection aiming at a first PDU session between a user terminal and a secondary base station is started and/or whether user plane integrity protection is started; according to a second user plane safety protection method between the user terminal and the main base station, safety protection is carried out on the uplink user plane data which needs to be sent by the main base station in the two uplink user plane data, and second uplink user plane data are obtained; the second user plane security protection method is used for indicating whether user plane encryption protection aiming at the first PDU session between the user terminal and the main base station is started and/or whether user plane integrity protection is started.
A transceiver 901, configured to send first uplink user plane data to the secondary base station, and send second uplink user plane data to the primary base station.
In a possible implementation manner, the transceiver unit 901 is further configured to receive first indication information from the primary base station or the secondary base station, where the first indication information is used to indicate that the first PDU session is a URLLC PDU session; the processing unit 902 is specifically configured to determine, according to the first indication information, that two pieces of uplink user plane data need to be sent through the first PDU session, and user plane security end points of the two pieces of uplink user plane data are respectively located in the primary base station and the secondary base station.
In a possible implementation manner, the processing unit 902 is specifically configured to, when requesting to establish a first PDU session, determine, according to that the first PDU session is a URLLC PDU session, that two pieces of uplink user plane data need to be sent through the first PDU session, and that user plane security end points of the two pieces of uplink user plane data are respectively at the primary base station and the secondary base station.
In a possible implementation manner, the processing unit 902 is specifically configured to, when receiving a second user plane security protection method from the master base station, allocate a second functional entity to the first PDU session; configuring a first functional entity for a first PDU session after receiving a first user plane security protection method from a main base station or a secondary base station;
the second functional entity is used for carrying out safety protection on the uplink user plane data which needs to be sent by the main base station in the two uplink user plane data according to a second user plane safety protection method to obtain second uplink user plane data; the first functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the secondary base station in the two pieces of uplink user plane data according to the first user plane security protection method, so as to obtain the first uplink user plane data.
In a possible implementation manner, the processing unit 902 is specifically configured to configure a second functional entity and a first functional entity for a first PDU session when receiving a second user plane security protection method and a first user plane security protection method from a master base station; the second functional entity is used for carrying out safety protection on the uplink user plane data which needs to be sent by the main base station in the two uplink user plane data according to a second user plane safety protection method to obtain second uplink user plane data; the first functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the secondary base station in the two pieces of uplink user plane data according to the first user plane security protection method, so as to obtain the first uplink user plane data.
In a possible implementation manner, the first functional entity and the second functional entity are different upper layer functional entities, or the first functional entity and the second functional entity are different lower layer functional entities of the same upper layer functional entity.
In a possible implementation manner, the transceiver 901 is specifically configured to send first uplink user plane data to a user plane network element through the secondary base station, and send second uplink user plane data to the user plane network element through the primary base station.
When the communication device 90 is a user equipment, the functions of the UE in the method embodiments described in fig. 4 to fig. 8 may be implemented, and for the detailed process executed by each unit in the communication device 90, reference may be made to the execution steps of the UE in the foregoing method embodiments, which are not described herein again.
For the case where the communication device is the master base station:
a transceiver unit 901, configured to receive a first user plane security protection method from a secondary base station, where the first user plane security protection method is used to indicate whether user plane ciphering protection for a first PDU session between a user terminal and the secondary base station is started and/or whether user plane integrity protection is started; and sending the first user plane security protection method to the user terminal.
In a possible implementation manner, the transceiving unit 901 is further configured to send first indication information to the user terminal, where the first indication information is used to indicate that the first PDU session is a URLLC PDU session.
In a possible implementation manner, the transceiver 901 is further configured to obtain a first user plane security policy corresponding to the first PDU session; and sending second indication information, the first user plane security policy and a PDU session identifier of the first PDU session to the secondary base station, wherein the second indication information is used for indicating that the first PDU session is a URLLC PDU session.
In a possible implementation manner, the transceiver 901 is further configured to receive a first user plane security policy corresponding to a first PDU session from a session management network element, where the first user plane security policy corresponds to the first PDU session;
a processing unit 902, configured to determine, according to a first user plane security policy, a second user plane security protection method when it is determined that the first PDU session is a URLLC PDU session, where the second user plane security protection method is used to indicate whether user plane ciphering protection and/or user plane integrity protection for the first PDU session between the user terminal and the master base station is/are turned on;
the transceiving unit 901 is further configured to send second indication information and the first user plane security policy to the secondary base station, where the second indication information is used to indicate that the first PDU session is a URLLC PDU session.
In a possible implementation manner, the transceiver 901 is further configured to send a second user plane security protection method to the user terminal.
In a possible implementation manner, the transceiver 901 is further configured to receive a second user plane security policy corresponding to the first PDU session from the session management network element, where the second user plane security policy is a user plane security policy in a URLLC scenario determined by the session management network element;
the processing unit 902 is further configured to determine a second user plane security protection method according to a second user plane security policy, where the second user plane security protection method is used to indicate whether user plane ciphering protection and/or user plane integrity protection for the first PDU session between the user terminal and the primary base station is/are turned on;
the transceiving unit 901 is further configured to send second indication information to the secondary base station, where the second indication information is used to indicate that the first PDU session is a URLLC PDU session;
the transceiving unit 901 is further configured to send a second user plane security protection method to the user terminal.
When the communication device 90 is a master base station, the functions of the MN in the method embodiments of fig. 4 to 8 can be implemented, and for the detailed process executed by each unit in the communication device 90, reference may be made to the execution steps of the MN in the foregoing method embodiments, which are not described herein again.
For the case where the communication device is a secondary base station:
a processing unit 902, configured to determine a first user plane security protection method when it is determined that the first PDU session is a URLLC PDU session, where the first user plane security protection method is used to indicate whether user plane ciphering protection and/or user plane integrity protection for the first PDU session between the secondary base station and the user terminal is/are turned on;
a transceiver 901, configured to send a first user plane security protection method to a main base station.
In a possible implementation manner, the processing unit 902 is specifically configured to determine a first user plane security protection method according to a first user plane security policy corresponding to a first PDU session received from the master base station, where the first user plane security policy corresponds to the first PDU session.
In a possible implementation manner, the processing unit 902 is specifically configured to determine a first user plane security protection method according to a second user plane security policy corresponding to the first PDU session received from the session management network element, where the second user plane security policy is a user plane security policy in a URLLC scenario determined by the session management network element.
In a possible implementation manner, the transceiving unit 901 is further configured to receive second indication information from the primary base station, where the second indication information is used to indicate that the first PDU session is a URLLC PDU session.
In a possible implementation manner, the transceiver 901 is further configured to send the first user plane security protection method to the user terminal.
In a possible implementation manner, the transceiving unit 901 is further configured to receive a root key from the master base station; the processing unit 902 is further configured to generate a first user plane security key between the secondary base station and the user terminal according to the root key.
In a possible implementation manner, the transceiving unit 901 is further configured to receive a root key from the session management network element; the processing unit 902 is further configured to generate a first user plane security key between the secondary base station and the user terminal according to the root key.
When the communication device 90 is a secondary base station, the function of the SN in the method embodiments of fig. 4 to 8 may be implemented, and for the detailed process executed by each unit in the communication device 90, reference may be made to the execution steps of the SN in the foregoing method embodiments, which are not described herein again.
Please refer to fig. 10, which is a simplified block diagram of an embodiment of a communication apparatus according to the present disclosure. The communication apparatus 100 may be a user terminal, a main base station, or a secondary base station.
The communication device 100 includes a transceiver 1001, a processor 1002, and a memory 1003. The transceiver 1001, the processor 1002, and the memory 1003 may be connected to each other by the bus 1004, or may be connected by other means. The relevant functions performed by the transceiver unit 901 shown in fig. 9 may be performed by the transceiver 1001. The related functions performed by the processing unit 902 shown in fig. 9 may be performed by one or more processors 1002.
The memory 1003 includes, but is not limited to, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM), or a portable read-only memory (CD-ROM), and the memory 1003 is used for related instructions and data.
Transceiver 1001 is used to transmit data and/or signaling and to receive data and/or signaling.
If the communication device 100 is a UE in the embodiment shown in fig. 4-8, the transceiver 1001 may be used to communicate with the MN, SN, for example, to perform steps S406, S409 and S413 in the embodiment shown in fig. 4; step S501, step S508, step S511, and step S515 in the embodiment shown in fig. 5 are performed; step S601, step S605, step S610, step S613, and step S617 in the embodiment shown in fig. 6 are performed; step S701, step S705, step S708, step S709, step S716, step S719, and step S723 in the embodiment shown in fig. 7 are performed; step S801, step S809, step S810, step S815-step S817, step S819, and step S820 in the embodiment shown in fig. 8 are performed.
If the communication device 100 is a MN in the embodiment shown in fig. 4-8, the transceiver 1001 may be used to communicate with a UE, a SN, a SMF and a UPF, for example, to perform steps S402, S405, S406, S413 and S415 in the embodiment shown in fig. 4; step S501, step S503, step S505, step S507, step S508, step S515, and step S517 in the embodiment shown in fig. 5 are performed; step S601, step S603, step S605, step S607, step S609, step S610, step S617, and step S619 in the embodiment shown in fig. 6 are performed; step S701, step S703, step S705, step S707, step S708, step S710, step S711, step S713, step S714, step S723, and step S725 in the embodiment shown in fig. 7 are performed; step S801, step S804, step S806, step S807, and step S808 in the embodiment shown in fig. 8 are performed.
The communication device 100 is a SN in the embodiment shown in fig. 4-8, the transceiver 1001 may be used to communicate with UEs, MNs, SMFs, and UPFs, for example, to perform steps S402, S405, S409, and S411 in the embodiment shown in fig. 4; step S505, step S507, step S511, and step S513 in the embodiment shown in fig. 5 are performed; step S607, step S609, step S613 and step S615 in the embodiment shown in fig. 6 are performed; step S707, step S709, step S710, step S714, step S716, step S719, and step S721 in the embodiment shown in fig. 7 are executed; step S806, step S807, step S810, step S812, step S814-step S816, step S818, and step S819 in the embodiment shown in fig. 8 are executed.
The processor 1002 may include one or more processors, such as one or more Central Processing Units (CPUs), and in the case that the processor 1002 is one CPU, the CPU may be a single-core CPU or a multi-core CPU.
If the communication device 100 is a UE in the embodiment shown in fig. 4-8, the processor 1002 may be configured to perform operations for controlling the UE, such as performing step S407, step S408, and step S412 in the embodiment shown in fig. 4; step S509, step S510, and step S514 in the embodiment shown in fig. 5 are performed; step S606, step S611, step S612, and step S616 in the embodiment shown in fig. 6 are performed; step S706, step S717, step S718, and step S722 in the embodiment shown in fig. 7 are performed; step S817 in the embodiment shown in fig. 8 is performed.
If the communication device 100 is an MN in the embodiment shown in fig. 4-8, the processor 1002 may be configured to perform operations for controlling the MN, such as performing steps S401 and S414 in the embodiment shown in fig. 4; step S504 and step S516 in the embodiment shown in fig. 5 are performed; step S604 and step S618 in the embodiment shown in fig. 6 are executed; step S704 and step S724 in the embodiment shown in fig. 7 are performed; step S805 in the embodiment shown in fig. 8 is performed.
If the communication device 100 is the SN in the embodiment shown in fig. 4-8, the processor 1002 may be configured to perform operations for controlling the SN, such as performing step S403, step S404, and step S410 in the embodiment shown in fig. 4; step S506 and step S512 in the embodiment shown in fig. 5 are performed; step S608 and step S614 in the embodiment shown in fig. 6 are performed; step S715 and step S820 in the embodiment shown in fig. 7 are performed; step S813 in the embodiment shown in fig. 8 is executed.
The memory 1003 is used to store program codes and data of the communication apparatus 100.
For the steps executed by the processor 1002 and the transceiver 1001, reference may be specifically made to the descriptions of the embodiments shown in fig. 4 to fig. 8, which are not described herein again.
It will be appreciated that fig. 10 only shows a simplified design of the communication device. In practical applications, the communication device may also include necessary other components, including but not limited to any number of transceivers, processors, controllers, memories, communication units, etc., respectively, and all devices that can implement the present application are within the scope of the present application.
The embodiment of the present application further provides a communication system, which may include a user terminal, a main base station, and a secondary base station, where the user terminal may be configured to implement the functions of the UE in the embodiments shown in fig. 4 to 8, and the main base station and the secondary base station may be configured to implement the functions of the MN and the SN in the embodiments shown in fig. 4 to 8.
The communication system may further include a user plane network element, the user plane network element being operable to interact with the secondary base station, receive uplink user plane data from the secondary base station and send downlink user plane data to the secondary base station; the user plane network element can be used for interacting with the main base station, receiving uplink user plane data from the main base station and sending downlink user plane data to the main base station.
The communication system may further include a session management network element, where the session management network element may be configured to interact with the primary base station and the secondary base station to implement the functions of the SMF in the embodiments shown in fig. 5 to 8.
One of ordinary skill in the art will appreciate that all or part of the processes in the methods of the above embodiments may be implemented by hardware related to instructions of a computer program, which may be stored in a computer-readable storage medium, and when executed, may include the processes of the above method embodiments. And the aforementioned storage medium includes: various media capable of storing program codes, such as ROM or RAM, magnetic or optical disks, etc. Accordingly, a further embodiment of the present application provides a computer-readable storage medium having stored therein instructions, which, when executed on a computer, cause the computer to perform the method of the above aspects.
Yet another embodiment of the present application provides a computer program product containing instructions which, when run on a computer, cause the computer to perform the method of the above aspects.
Those of ordinary skill in the art would appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in or transmitted over a computer-readable storage medium. The computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)), or wirelessly (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.

Claims (26)

1. A method of communication, comprising:
a user terminal determines that two pieces of uplink user plane data need to be sent through a first Packet Data Unit (PDU) session, and user plane safety end points of the two pieces of uplink user plane data are respectively at a main base station and a secondary base station;
the user terminal performs security protection on uplink user plane data which needs to be sent by the auxiliary base station in the two uplink user plane data according to a first user plane security protection method between the user terminal and the auxiliary base station to obtain first uplink user plane data; the first user plane security protection method is used for indicating whether user plane encryption protection for a first PDU session is started and/or whether user plane integrity protection is started between the user terminal and the secondary base station;
the user terminal performs security protection on uplink user plane data needing to be sent by the main base station in the two uplink user plane data according to a second user plane security protection method between the user terminal and the main base station to obtain second uplink user plane data; the second user plane security protection method is used for indicating whether user plane encryption protection and/or user plane integrity protection for the first PDU session between the user terminal and the main base station are/is started;
and the user terminal sends the first uplink user plane data to the auxiliary base station and sends the second uplink user plane data to the main base station.
2. The method of claim 1, further comprising:
the user terminal receives first indication information from the main base station or the auxiliary base station, wherein the first indication information is used for indicating that the first PDU session is an ultra-reliable URLLC PDU session with ultra-low time delay communication;
the user terminal determines that two pieces of uplink user plane data need to be sent through a first PDU session, and user plane security end points of the two pieces of uplink user plane data are respectively located at a main base station and a secondary base station, and the method comprises the following steps:
and the user terminal determines that two pieces of uplink user plane data need to be sent through a first PDU session according to the first indication information, and user plane safety end points of the two pieces of uplink user plane data are respectively at the main base station and the auxiliary base station.
3. The method of claim 1, wherein the determining, by the ue, that two uplink user plane data packets need to be sent through a first PDU session and the user plane security end points of the two uplink user plane data packets are at the primary and secondary base stations, respectively, comprises:
when the user terminal requests to establish a first PDU session, according to the fact that the first PDU session is a URLLC PDU session, it is determined that two pieces of uplink user plane data need to be sent through the first PDU session, and user plane safety end points of the two pieces of uplink user plane data are respectively located in a main base station and a secondary base station.
4. The method of claim 1, further comprising:
the user terminal receives the second user plane security protection method from the main base station and distributes a second functional entity for the first PDU session; the second functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the master base station in the two pieces of uplink user plane data according to the second user plane security protection method, so as to obtain the second uplink user plane data;
the user terminal receives the first user plane security protection method from the main base station or the auxiliary base station, and configures a first functional entity for the first PDU session; the first functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the secondary base station in the two pieces of uplink user plane data according to the first user plane security protection method, so as to obtain the first uplink user plane data.
5. The method of claim 1, further comprising:
the user terminal receives the second user plane security protection method and the first user plane security protection method from the main base station, and the user terminal configures a second functional entity and a first functional entity for the first PDU session; the second functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the master base station in the two pieces of uplink user plane data according to the second user plane security protection method, so as to obtain the second uplink user plane data; and the first functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the secondary base station in the two pieces of uplink user plane data according to the first user plane security protection method, so as to obtain the first uplink user plane data.
6. The method according to claim 4 or 5, wherein the first functional entity and the second functional entity are different upper layer functional entities.
7. The method according to claim 4 or 5, wherein the first functional entity and the second functional entity are different lower layer functional entities of the same upper layer functional entity.
8. A method of communication, comprising:
the main base station receives a first user plane security policy corresponding to a first PDU session from a session management network element;
the master base station determines a second user plane security protection method according to the first user plane security strategy under the condition that the first PDU session is determined to be URLLC PDU session; the second user plane security protection method is used for indicating whether user plane encryption protection and/or user plane integrity protection for the first PDU session between the user terminal and the main base station are/is started;
the master base station receives a first user plane security protection method from an auxiliary base station, wherein the first user plane security protection method is used for indicating whether user plane encryption protection aiming at a first PDU session between a user terminal and the auxiliary base station is started and/or whether user plane integrity protection is started;
and the main base station sends the first user plane security protection method to the user terminal.
9. The method of claim 8, further comprising:
and the master base station sends first indication information to the user terminal, wherein the first indication information is used for indicating that the first PDU session is a URLLC PDU session.
10. The method of claim 8 or 9, wherein before the main base station receives the first user plane security protection method from the secondary base station, the method further comprises:
the master base station acquires a first user plane security policy corresponding to the first PDU session;
and the master base station sends second indication information, the first user plane security policy and a PDU session identifier of the first PDU session to the secondary base station, wherein the second indication information is used for indicating that the first PDU session is a URLLC PDU session.
11. The method of claim 8 or 9, wherein before the main base station receives the first user plane security protection method from the secondary base station, the method further comprises:
and the main base station sends second indication information and the first user plane security policy to the secondary base station, wherein the second indication information is used for indicating that the first PDU session is a URLLC PDU session.
12. The method of claim 11, further comprising:
and the main base station sends the second user plane security protection method to the user terminal.
13. The method of claim 8 or 9, wherein before the main base station receives the first user plane security protection method from the secondary base station, the method further comprises:
the master base station receives a second user plane security policy corresponding to the first PDU session from a session management network element, wherein the second user plane security policy is a user plane security policy under a URLLC scene determined by the session management network element;
the master base station determines a second user plane security protection method according to the second user plane security policy, wherein the second user plane security protection method is used for indicating whether user plane encryption protection for the first PDU session is started and/or whether user plane integrity protection is started between the user terminal and the master base station;
and the main base station sends the second user plane security protection method to the user terminal.
14. A user terminal is characterized by comprising a processing unit and a transceiving unit;
the processing unit is configured to determine that two pieces of uplink user plane data need to be sent through a first PDU session, and user plane security end points of the two pieces of uplink user plane data are respectively in a primary base station and a secondary base station; according to a first user plane security protection method between the user terminal and the auxiliary base station, performing security protection on uplink user plane data which needs to be sent by the auxiliary base station in the two pieces of uplink user plane data to obtain first uplink user plane data; the first user plane security protection method is used for indicating whether user plane encryption protection for a first PDU session is started and/or whether user plane integrity protection is started between the user terminal and the secondary base station; according to a second user plane security protection method between the user terminal and the main base station, performing security protection on uplink user plane data which needs to be sent by the main base station in the two uplink user plane data to obtain second uplink user plane data; the second user plane security protection method is used for indicating whether user plane encryption protection and/or user plane integrity protection for the first PDU session between the user terminal and the main base station are/is started;
the transceiver unit is configured to send the first uplink user plane data to the secondary base station, and send the second uplink user plane data to the primary base station.
15. The user terminal of claim 14,
the transceiver unit is further configured to receive first indication information from the master base station or the secondary base station, where the first indication information is used to indicate that the first PDU session is a URLLC PDU session;
the processing unit is specifically configured to determine, according to the first indication information, that two pieces of uplink user plane data need to be sent through a first PDU session, and user plane security end points of the two pieces of uplink user plane data are respectively located in the primary base station and the secondary base station.
16. The user terminal of claim 14,
the processing unit is specifically configured to, when a request for establishing a first PDU session is made, determine that two pieces of uplink user plane data need to be sent through the first PDU session according to the fact that the first PDU session is a URLLC PDU session, and that user plane security end points of the two pieces of uplink user plane data are respectively at a primary base station and a secondary base station.
17. The user terminal of claim 14,
the processing unit is specifically configured to allocate a second functional entity to the first PDU session when receiving the second user plane security protection method from the master base station; configuring a first functional entity for the first PDU session after receiving the first user plane security protection method from the master base station or the secondary base station;
the second functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the master base station in the two pieces of uplink user plane data according to the second user plane security protection method, so as to obtain the second uplink user plane data; and the first functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the secondary base station in the two pieces of uplink user plane data according to the first user plane security protection method, so as to obtain the first uplink user plane data.
18. The user terminal of claim 14,
the processing unit is specifically configured to configure a second functional entity and a first functional entity for the first PDU session when receiving a second user plane security protection method and a first user plane security protection method from the master base station; the second functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the master base station in the two pieces of uplink user plane data according to the second user plane security protection method, so as to obtain the second uplink user plane data; and the first functional entity is configured to perform security protection on uplink user plane data that needs to be sent by the secondary base station in the two pieces of uplink user plane data according to the first user plane security protection method, so as to obtain the first uplink user plane data.
19. The ue according to claim 17 or 18, wherein the first functional entity and the second functional entity are different upper layer functional entities.
20. The ue according to claim 17 or 18, wherein the first functional entity and the second functional entity are different lower layer functional entities of a same upper layer functional entity.
21. A master base station includes a transceiver unit and a processing unit;
the receiving and sending unit is used for receiving a first user plane security policy corresponding to a first PDU session from a session management network element;
the processing unit is configured to determine a second user plane security protection method according to the first user plane security policy when it is determined that the first PDU session is a URLLC PDU session; the second user plane security protection method is used for indicating whether user plane encryption protection and/or user plane integrity protection for the first PDU session between the user terminal and the main base station are/is started;
the receiving and sending unit is configured to receive a first user plane security protection method from an auxiliary base station, where the first user plane security protection method is used to indicate whether user plane encryption protection and/or user plane integrity protection for a first PDU session between a user terminal and the auxiliary base station is enabled; and sending the first user plane security protection method to the user terminal.
22. The master base station according to claim 21, wherein the transceiver unit is further configured to send a first indication message to the user terminal, the first indication message indicating that the first PDU session is a URLLC PDU session.
23. The master base station according to claim 21 or 22, further comprising a processing unit;
the processing unit is used for acquiring a first user plane security policy corresponding to the first PDU session;
the transceiver unit is further configured to send second indication information, the first user plane security policy, and a PDU session identifier of the first PDU session to the secondary base station, where the second indication information is used to indicate that the first PDU session is a URLLC PDU session.
24. The master base station according to claim 21 or 22,
the transceiver unit is further configured to send second indication information and the first user plane security policy to the secondary base station, where the second indication information is used to indicate that the first PDU session is a URLLC PDU session.
25. The master base station of claim 24, wherein the transceiver unit is further configured to send the second user plane security protection method to the user terminal.
26. The master base station according to claim 21 or 22, further comprising a processing unit;
the transceiver unit is further configured to receive a second user plane security policy corresponding to the first PDU session from a session management network element, where the second user plane security policy is a user plane security policy in a URLLC scenario determined by the session management network element;
the processing unit is configured to determine a second user plane security protection method according to the second user plane security policy, where the second user plane security protection method is used to indicate whether user plane ciphering protection and/or user plane integrity protection for the first PDU session between the user terminal and the master base station is/are turned on;
the transceiver unit is further configured to send the second user plane security protection method to the user terminal.
CN201811353057.4A 2018-11-14 2018-11-14 Communication method and device thereof Active CN111194032B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201811353057.4A CN111194032B (en) 2018-11-14 2018-11-14 Communication method and device thereof
PCT/CN2019/118197 WO2020098719A1 (en) 2018-11-14 2019-11-13 Communication method and apparatus therefor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811353057.4A CN111194032B (en) 2018-11-14 2018-11-14 Communication method and device thereof

Publications (2)

Publication Number Publication Date
CN111194032A CN111194032A (en) 2020-05-22
CN111194032B true CN111194032B (en) 2021-08-13

Family

ID=70708938

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811353057.4A Active CN111194032B (en) 2018-11-14 2018-11-14 Communication method and device thereof

Country Status (2)

Country Link
CN (1) CN111194032B (en)
WO (1) WO2020098719A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112788594B (en) * 2020-06-03 2023-06-27 中兴通讯股份有限公司 Data transmission method, device and system, electronic equipment and storage medium
CN113132924B (en) * 2021-04-19 2022-01-21 北京达源环保科技有限公司 Information transmission method and system for high-deployment-density sludge anaerobic digestion monitoring terminal
CN113873680A (en) * 2021-10-18 2021-12-31 中国电信股份有限公司 Session management method, session management function network element and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103959829A (en) * 2013-11-01 2014-07-30 华为技术有限公司 Key processing method and device in double-connection mode
CN104956644A (en) * 2013-01-30 2015-09-30 瑞典爱立信有限公司 Security key generation for dual connectivity
CN108282817A (en) * 2017-01-05 2018-07-13 华为技术有限公司 The method and apparatus of information transmission
CN108633018A (en) * 2017-03-23 2018-10-09 华为技术有限公司 Configuration method, apparatus and system
CN110830992A (en) * 2018-08-10 2020-02-21 华为技术有限公司 Dual-connection communication method, device and system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102811468B (en) * 2011-06-01 2015-04-29 华为技术有限公司 Relay switch security protection method, base station and relay system
US20180083972A1 (en) * 2016-09-20 2018-03-22 Lg Electronics Inc. Method and apparatus for security configuration in wireless communication system
US10757754B2 (en) * 2016-10-27 2020-08-25 Qualcomm Incorporated Techniques for securing PDCP control PDU
KR20190139269A (en) * 2017-05-02 2019-12-17 엘지전자 주식회사 Method and apparatus for supporting bearer type change in wireless communication system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104956644A (en) * 2013-01-30 2015-09-30 瑞典爱立信有限公司 Security key generation for dual connectivity
CN103959829A (en) * 2013-11-01 2014-07-30 华为技术有限公司 Key processing method and device in double-connection mode
CN108282817A (en) * 2017-01-05 2018-07-13 华为技术有限公司 The method and apparatus of information transmission
CN108633018A (en) * 2017-03-23 2018-10-09 华为技术有限公司 Configuration method, apparatus and system
CN110830992A (en) * 2018-08-10 2020-02-21 华为技术有限公司 Dual-connection communication method, device and system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
《3GPP》.《3rd Generation Partnership Project *
》.《3GPP TR 23.799 V1》.2016,全文. *

Also Published As

Publication number Publication date
CN111194032A (en) 2020-05-22
WO2020098719A1 (en) 2020-05-22

Similar Documents

Publication Publication Date Title
KR102346419B1 (en) Method, apparatus and system for dual link communication
KR102162678B1 (en) Communication method and related device
CN107950048B (en) Apparatus and method for routing data packets to user equipment in LTE-WLAN aggregation system
CN111148245B (en) Communication method, network device, user equipment and communication system
CN111194032B (en) Communication method and device thereof
JP2014533908A (en) Method and apparatus for managing security key for communication authentication with terminal in wireless communication system
JP7422167B2 (en) Communication method and communication device
CN111052701B (en) Communication method, apparatus, system, and computer-readable storage medium
KR20200033332A (en) Method and base station for obtaining data radio bearer identifier
CN111641947A (en) Key configuration method, device and terminal
EP3396981A1 (en) Security parameter transmission method and related device
CN114079915A (en) Method, system and device for determining user plane security algorithm
EP4145760A1 (en) Method and apparatus for obtaining key
CN112087816B (en) Security activation state determining method and related product
CN111356189A (en) Terminal switching indication, switching forwarding and switching processing method and device
EP3506699B1 (en) Data transmission methods, radio access network device and mobile terminal for configuring a preset data bearer
CN116941263A (en) Communication method and device
CN115835420A (en) Communication method and device
CN116684865A (en) Communication method and device
CN115707046A (en) Cell access method, communication device and network equipment
CN116367153A (en) Communication method, device and system
CN115567991A (en) Method and related device for switching transmission modes
CN115734219A (en) Communication method, device and system
CN116567590A (en) Authorization method and device
CN113810903A (en) Communication method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant