WO2020248749A1 - Key update method and device - Google Patents

Key update method and device Download PDF

Info

Publication number
WO2020248749A1
WO2020248749A1 PCT/CN2020/089289 CN2020089289W WO2020248749A1 WO 2020248749 A1 WO2020248749 A1 WO 2020248749A1 CN 2020089289 W CN2020089289 W CN 2020089289W WO 2020248749 A1 WO2020248749 A1 WO 2020248749A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
terminal
updated
sent
entity
Prior art date
Application number
PCT/CN2020/089289
Other languages
French (fr)
Chinese (zh)
Inventor
毕晓宇
侯云静
Original Assignee
大唐移动通信设备有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 大唐移动通信设备有限公司 filed Critical 大唐移动通信设备有限公司
Publication of WO2020248749A1 publication Critical patent/WO2020248749A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • This application relates to the field of communication technology, and in particular to a key update method and device.
  • the network architecture supporting location services is shown in Figure 1.
  • the main network functions in the figure are introduced as follows:
  • Gateway Mobile Location Center a functional entity that receives a location request from a location service (LoCation Services, LCS) client, triggers the location process, and returns the location of the user equipment (UE) to the LCS client.
  • LCS Location Services
  • Unified Data Management (UDM) entity a functional entity that stores UE information, such as subscription information, and information about established protocol data unit (Protocol Data Unit, PDU) sessions.
  • UE information such as subscription information, and information about established protocol data unit (Protocol Data Unit, PDU) sessions.
  • PDU Protocol Data Unit
  • Mobility Management Function Access and Mobility Management Function, AMF
  • AMF Access and Mobility Management Function
  • LMF Location Management Function
  • the issuance of positioning assistance data and encryption keys mainly involves entities such as LMF entities, UDM and AMF entities.
  • the LMF entity is responsible for formulating encryption keys and positioning assistance data.
  • the UDM entity stores the auxiliary data type subscribed by the UE.
  • the AMF entity receives the assistance data and the key issued by the LMF entity, where the assistance data will be broadcast through the Radio Access Network (RAN), and the AMF entity sends the key to the UE through the registration process. After the UE receives the key, the key can be used to decrypt the received broadcast auxiliary data.
  • RAN Radio Access Network
  • Step 201 The LMF entity sends a network assistance data (Network Assistance Data) to the AMF entity through an AMF communication N1N2 message transfer message (Namf_Communication_N1N2MessageTransfer).
  • Network Assistance Data Network Assistance Data
  • Step 202 The AMF entity sends network assistance data to the 5G radio access network (NG-RAN) through the N2Transport.
  • NG-RAN 5G radio access network
  • Step 203 The NG-RAN sends network assistance data to the UE through a broadcast message (Broadcast Message).
  • the LMF entity change process supports the change of the service LMF entity in the 5G core network mobile terminal location request (5th-Generation Core Network Mobile Terminated Location Request, 5GC-MT-LR) process.
  • the mobility of the target UE may cause changes to the serving AMF entity that the original serving LMF entity is not suitable for.
  • the serving LMF entity may be far away from the new serving AMF entity, resulting in higher resource utilization of the AMF entity-to-LMF entity signaling, or the LMF entity may not be configured with information (e.g., cell database) for the UE's current access network. In this case, the serving LMF entity may need to be changed.
  • the embodiments of the present application provide a key update method and device to provide a solution for how to update the key used to decrypt the positioning assistance data when the LMF entity serving the terminal changes.
  • a key update method provided in an embodiment of the present application includes:
  • the corresponding updated key is determined when the location management function LMF entity serving the terminal is updated, and the key is used to decrypt the positioning assistance data; the key is sent to the terminal to provide When the LMF entity serving the terminal changes, how to update the key used to decrypt the positioning assistance data, so that the updated key can be sent to the terminal.
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the terminal.
  • the key is sent to the terminal through a downlink positioning message.
  • a key update method provided in an embodiment of the present application includes:
  • the corresponding updated key is received when the location management function LMF entity serving the terminal is updated, the key is used to decrypt positioning assistance data; the key is sent to the terminal, Therefore, a solution is provided for how to update the key used to decrypt the positioning assistance data when the LMF entity serving the terminal changes, so that the updated key can be sent to the terminal.
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the method when the key is received through a non-access stratum NAS message, the method further includes managing and saving the key.
  • a key update method provided by an embodiment of the present application includes:
  • the corresponding updated key is received when the location management function LMF entity serving the terminal is updated, the key is used to decrypt the positioning assistance data; the key is saved so that the terminal can obtain
  • the updated key of the LMF entity is the key used to decrypt the positioning assistance data generated by the latest LMF entity currently serving the terminal.
  • the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is received, and the service request message includes the key request and key type information.
  • the service request message is a non-access stratum NAS message or an event report message.
  • a key update device provided in an embodiment of the present application includes:
  • Memory used to store program instructions
  • the processor is used to call the program instructions stored in the memory and execute according to the obtained program:
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the terminal.
  • the key is sent to the terminal through a downlink positioning message.
  • a key update device provided in an embodiment of the present application includes:
  • Memory used to store program instructions
  • the processor is used to call the program instructions stored in the memory and execute according to the obtained program:
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the processor when receiving the key through a non-access stratum NAS message, is further configured to call program instructions stored in the memory, and execute according to the obtained program: manage the key and save.
  • a key update device provided in an embodiment of the present application includes:
  • Memory used to store program instructions
  • the processor is used to call the program instructions stored in the memory and execute according to the obtained program:
  • the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is received, and the service request message includes the key request and key type information.
  • the service request message is a non-access stratum NAS message or an event report message.
  • another key update device provided in an embodiment of the present application includes:
  • the determining unit is configured to determine the updated key corresponding to the location management function LMF entity serving the terminal when the updated key is used to decrypt the positioning assistance data;
  • the sending unit is configured to send the key to the terminal.
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the terminal.
  • the key is sent to the terminal through a downlink positioning message.
  • another key update device provided in this embodiment of the present application includes:
  • the receiving unit is configured to receive the updated key corresponding to the location management function LMF entity serving the terminal when the LMF entity is updated, and the key is used to decrypt the positioning assistance data;
  • the sending unit is configured to send the key to the terminal.
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the processor when receiving the key through a non-access stratum NAS message, is further configured to call program instructions stored in the memory, and execute according to the obtained program: manage the key and save.
  • another key update device provided by an embodiment of the present application includes:
  • the receiving unit is configured to receive the updated key corresponding to the location management function LMF entity serving the terminal when the LMF entity is updated, and the key is used to decrypt the positioning assistance data;
  • the saving unit is used to save the key.
  • the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is received, and the service request message includes the key request and key type information.
  • the service request message is a non-access stratum NAS message or an event report message.
  • Another embodiment of the present application provides a computing device, which includes a memory and a processor, wherein the memory is used to store program instructions, and the processor is used to call the program instructions stored in the memory, according to the obtained program Perform any of the above methods.
  • Another embodiment of the present application provides a computer storage medium that stores computer-executable instructions, and the computer-executable instructions are used to make the computer execute any of the above methods.
  • Figure 1 is a schematic diagram of a network architecture supporting location services in the prior art
  • Figure 2 is a schematic diagram of a specific process of broadcasting network auxiliary data in the prior art
  • FIG. 3 is a schematic diagram of the LMF change process provided by an embodiment of the application.
  • Figure 4 is a schematic diagram of the LMF change process provided by an embodiment of the application.
  • FIG. 5 is a schematic diagram of the LMF change process provided by an embodiment of the application.
  • Figure 6 is a schematic diagram of the LMF change process provided by an embodiment of the application.
  • Figure 7 is a schematic diagram of the LMF change process provided by an embodiment of the application.
  • FIG. 8 is a schematic flowchart of a key update method on the LMF entity side provided by an embodiment of the application.
  • FIG. 9 is a schematic flowchart of a key update method on the AMF entity side according to an embodiment of the application.
  • FIG. 10 is a schematic flowchart of a key update method on the terminal side according to an embodiment of the application.
  • FIG. 11 is a schematic structural diagram of a key update device on the LMF entity side provided by an embodiment of the application.
  • FIG. 12 is a schematic structural diagram of a key update apparatus on the AMF entity side according to an embodiment of the application.
  • FIG. 13 is a schematic structural diagram of a key update device on the terminal side according to an embodiment of the application.
  • FIG. 14 is a schematic structural diagram of another key update apparatus on the LMF entity side provided by an embodiment of the application.
  • 15 is a schematic structural diagram of another key update apparatus on the AMF entity side provided by an embodiment of the application.
  • FIG. 16 is a schematic structural diagram of another key update apparatus on the terminal side according to an embodiment of the application.
  • the UE when the deferred 5GC-MT-LR positioning method is adopted, the UE will not report the location information immediately.
  • the positioning is triggered (may be the positioning triggered by an event or the positioning triggered periodically)
  • the external The client initiates a location request for the target user to the GMLC, and performs privacy verification between the GMLC and the UDM.
  • the GMLC sends a location request to the AMF entity.
  • the AMF entity selects an LMF entity, and a positioning procedure is performed between the UE and the LMF entity.
  • the UE may need to obtain the positioning assistance information sent by the LMF entity from the network.
  • the AMF entity selects a new LMF entity for the UE. See Figure 3, which specifically includes the following steps:
  • the UE triggered a service request (UE Triggered Service Request).
  • the UE sends a non-access stratum (NAS) transmission message containing an event report message to the serving AMF entity.
  • the NAS transmission message includes an identifier (Identity document, ID) and an event report (Event Report) indicating LMF 1 (the original LMF entity before update).
  • the AMF entity can evaluate and determine that LMF 1 is not suitable or cannot support the current UE access network or serving cell location, and determine that LMF 2 (updated target LMF entity) is a more suitable LMF entity.
  • the AMF entity invokes the AMF communication N1 message notification (Namf_Communication_N1MessageNotify) service operation to the LMF 1.
  • the service operation includes the event report received in step 302. If the AMF entity determines in step 303 that the new LMF 2 should be used, it also indicates to LMF 1.
  • the LMF 1 can evaluate and determine that it is not suitable or cannot support the location of the current UE to access the network or serving cell and determine the LMF 2 It is a more suitable LMF entity.
  • the LMF 1 calls the LMF Location Context Transfer (Nlmf_LocationContextTransfer) to the LMF 2 to request a service operation to provide the current location context of the UE, and includes the event report message received in step 304.
  • the service operation includes the AMF entity identifier and LMF 1 initially periodically received information or all information.
  • the location request is triggered according to the AMF entity, or the location request is triggered from the LMF entity that was served earlier according to this process.
  • the service operation may also include the current status of the event report (for example, the number of event reports received from the UE so far and/or the duration of the event report so far), and may include UE location related information, such as previous Location estimation.
  • the LMF2 notifies the LMF1 of the location context transfer operation result (Nlmf_LocationContextTransferResponse). Then LMF 1 releases all resources of the process.
  • the LMF 2 invokes the AMF communication N1N2 message transmission (Namf_Communication_N1N2MessageTransfer) service operation to the AMF entity to request the transmission of an Event Report Acknowledgment message to the UE.
  • the event report confirmation indicates the change of the LMF entity and includes an identifier indicating the LMF2.
  • the AMF entity forwards the event report confirmation to the UE in the NAS transmission message.
  • the AMF entity also notifies the LMF 2 of the delivery result of the event report confirmation.
  • the LMF 2 can perform the UE Positioning Procedure (UE Positioning Procedure) to determine the UE position.
  • UE Positioning Procedure UE Positioning Procedure
  • the positioning context is stored in the LMF entity. If the LMF entity is responsible for generating the key for auxiliary data broadcast, when the location of the UE changes, the auxiliary data will also occur. Change (the assistance data contains information such as the location information of the UE, the ID of the cell, and timing).
  • the LMF entity is responsible for the selection of the positioning method.
  • the LMF 1 selects several positioning methods according to the Public Land Mobile Network (PLMN) and Quality of Service (QoS), and generates the corresponding key for Positioning of auxiliary data.
  • PLMN Public Land Mobile Network
  • QoS Quality of Service
  • the LMF 1 will pass the previous key to the LMF 2 for subsequent encryption when sending auxiliary data to the UE. But there are such problems:
  • LMF 1 selects different positioning methods according to the QoS of the service and PLMN, and these positioning methods are different from the positioning methods previously selected by LMF 1, and the UE does not have a new secret. The key will not be able to obtain assistance data and perform UE positioning.
  • the NG-RAN sends encrypted network assistance data through broadcast, and the UE decrypts the data according to the encryption key received from the network.
  • the problem of LMF change will be involved.
  • the embodiment of the present application provides a key update method and device for Provides a key update solution for decrypting positioning assistance data when the LMF entity serving the terminal changes.
  • the method and the device are based on the same application conceived. Since the principles of the method and the device to solve the problem are similar, the implementation of the device and the method can be referred to each other, and the repetition will not be repeated.
  • the applicable system can be the global system of mobile communication (GSM) system, code division multiple access (CDMA) system, wideband code division multiple access (WCDMA), general Packet radio service (general packet radio service, GPRS) system, long term evolution (LTE) system, LTE frequency division duplex (FDD) system, LTE time division duplex (TDD), Universal mobile telecommunication system (UMTS), worldwide interoperability for microwave access (WiMAX) system, 5G system, and 5G New Radio (NR) system, etc.
  • GSM global system of mobile communication
  • CDMA code division multiple access
  • WCDMA wideband code division multiple access
  • GPRS general Packet radio service
  • LTE long term evolution
  • FDD frequency division duplex
  • TDD LTE time division duplex
  • UMTS Universal mobile telecommunication system
  • WiMAX worldwide interoperability for microwave access
  • 5G system 5G system
  • 5G New Radio (NR) system etc.
  • the terminal device involved in the embodiments of the present application may be a device that provides voice and/or data connectivity to a user, a handheld device with a wireless connection function, or other processing devices connected to a wireless modem.
  • the terminal equipment may have different names.
  • the terminal equipment may be called UE.
  • the wireless terminal device can communicate with one or more core networks via the RAN.
  • the wireless terminal device can be a mobile terminal device, such as a mobile phone (or “cellular” phone) and a computer with a mobile terminal device, for example, a portable , Pocket, handheld, computer built-in or vehicle-mounted mobile devices that exchange language and/or data with the wireless access network.
  • Wireless terminal equipment can also be referred to as system, subscriber unit, subscriber station, mobile station, mobile station, remote station, and access point , Remote terminal equipment (remote terminal), access terminal equipment (access terminal), user terminal equipment (user terminal), user agent (user agent), user device (user device), which are not limited in the embodiments of the present application.
  • the network device involved in the embodiment of the present application may be a core network device, such as an LMF entity and an AMF entity.
  • the key set information can be updated during the process of updating the key (that is, not only the updated key can be issued, but also information related to the updated key can be sent below)
  • the key set information can include key type, key, validity period, key identification and other information.
  • the key and its related information content can be carried in a Non-Access Stratum (NAS) message, and the AMF entity can be seen at this time; it can also be used in the Long Term Evolution Positioning Protocol (Long Term Evolution Positioning Protocol). , LPP) message, if carried in an event report (event report) message, the AMF entity is not visible.
  • NAS Non-Access Stratum
  • LPP Long Term Evolution Positioning Protocol
  • the network directly issues the updated key to the UE through the LMF entity change process and instructs the UE to change, which specifically includes:
  • Steps 401 to 406 are the same as the related descriptions of steps 301 to 306 in the LMF entity change process shown in FIG. 3, and will not be repeated here.
  • Step 4X LMF 2 generates a new key (Key generation) after receiving the NLMF_LocationContextTransfer request service operation.
  • Step 407. Same as step 307 in the LMF entity change process shown in FIG. 3.
  • Step 408 The LMF 2 sends the updated key to the AMF entity through a NAS message, and the NAS message carries a key update indication and/or a new key set (key update indication and/or new key set).
  • Step 409 The AMF entity sends the key update indication and/or new key set to the UE through the NAS message; or step 410.
  • LMF 2 transparently transmits the key update indication and/or new key set to the AMF entity through the event report message, The AMF entity forwards the key update indication and/or new key set to the UE through the NAS message.
  • the AMF entity selects a new LMF entity, and the AMF entity, as the key applicant, requests the key from the LMF 2 through the LMF 1.
  • the specific process is as follows:
  • Steps 501 to 503 are the same as steps 301 to 303 in the LMF entity change process shown in FIG. 3, and will not be repeated here.
  • Step 504 After the AMF entity selects the new LMF entity, it forwards the key request to the source LMF entity (the request may also include the type of the key).
  • Step 505 is the same as step 305 in the LMF entity change process shown in FIG. 3.
  • Step 506 The source LMF entity forwards the key request to the target LMF entity (the request may also include the type of the key).
  • Step 5x The target LMF entity generates a new key.
  • Step 507 to step 510 are the same as step 407 to step 410 in the first embodiment, and will not be repeated here.
  • the UE carries the key request in the event report. Refer to Figure 6 for the specific process, including:
  • Step 601 is the same as step 301 of the LMF entity change process shown in FIG. 3.
  • Step 602 The UE carries the key request in the event report, and may also carry the requested key type;
  • Step 603 to step 610 are the same as step 503 to step 510 in the second embodiment, and will not be repeated here.
  • AMF entity transparent transmission (similar to the 2G/3G method).
  • the AMF entity has just selected a new LMF entity and a new service initiates positioning, it needs to transmit the key based on the LPP protocol.
  • the specific process is shown in Figure 7, including:
  • Steps 701 to 705 are the same as steps 301 to 305 described in the LMF entity change process shown in FIG. 3.
  • Step 706 includes steps 706a and 706b, that is, the LMF 2 issues a key through a downlink positioning message, and the downlink positioning message carries a key update indication and/or new key set.
  • Steps 707 to 710 are the same as steps 306 to 309 described in the LMF entity change process shown in FIG. 3.
  • the source LMF can request the key from the target LMF. If the target LMF has sent the updated key through the downlink positioning message, the key information will be carried in the response message steps 708-710, if If the requested key type is the same as that of step 706, the same key ID is returned.
  • a key update method provided in an embodiment of the present application includes:
  • This method provides a solution for how to update the key used to decrypt positioning assistance data when the LMF entity serving the terminal changes, so that the updated key can be sent to the terminal.
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the terminal.
  • the key is sent to the terminal through a downlink positioning message.
  • a key update method provided in an embodiment of the present application includes:
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the method when the key is received through a non-access stratum NAS message, the method further includes managing and saving the key.
  • a key update method provided by an embodiment of the present application includes:
  • the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is received, and the service request message includes the key request and key type information.
  • the service request message is a non-access stratum NAS message or an event report message.
  • a key update apparatus provided in an embodiment of the present application includes:
  • the memory 141 is used to store program instructions
  • the processor 140 is configured to call the program instructions stored in the memory 141 and execute according to the obtained program:
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the terminal.
  • the key is sent to the terminal through a downlink positioning message.
  • the transceiver 142 is used to receive and send data under the control of the processor 140.
  • the bus architecture may include any number of interconnected buses and bridges. Specifically, one or more processors represented by the processor 140 and various circuits of the memory represented by the memory 141 are linked together.
  • the bus architecture can also link various other circuits such as peripherals, voltage regulators, power management circuits, etc., which are all known in the art, and therefore, no further descriptions are provided herein.
  • the bus interface provides the interface.
  • the transceiver 142 may be a plurality of elements, that is, including a transmitter and a transceiver, and provide a unit for communicating with various other devices on the transmission medium.
  • the processor 140 is responsible for managing the bus architecture and general processing, and the memory 141 can store data used by the processor 140 when performing operations.
  • the processor 140 may be a central processing unit (CPU), an application specific integrated circuit (ASIC), a field programmable gate array (Field-Programmable Gate Array, FPGA) or a complex programmable logic device (Complex Programmable Logic Device, CPLD).
  • CPU central processing unit
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • CPLD complex programmable logic device
  • a key update device provided in an embodiment of the present application includes:
  • the memory 155 is used to store program instructions
  • the processor 154 is configured to call the program instructions stored in the memory 155 and execute according to the obtained program:
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the processor 154 when receiving the key through a non-access stratum NAS message, is further configured to call the program instructions stored in the memory 155, and execute according to the obtained program: Manage and save.
  • the transceiver 151 is used to receive and send data under the control of the processor 154.
  • the bus architecture (represented by the bus 156), the bus 156 can include any number of interconnected buses and bridges, the bus 156 will include one or more processors represented by the processor 154 and the memory represented by the memory 155
  • the various circuits are linked together.
  • the bus 156 may also link various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are all known in the art, and therefore, no further descriptions thereof are provided herein.
  • the bus interface 153 provides an interface between the bus 156 and the transceiver 151.
  • the transceiver 151 may be one element or multiple elements, such as multiple receivers and transmitters, providing a unit for communicating with various other devices on a transmission medium.
  • the data processed by the processor 154 is transmitted on the wireless medium through the antenna 152, and further, the antenna 152 also receives the data and transmits the data to the processor 154.
  • the processor 154 is responsible for managing the bus 156 and general processing, and can also provide various functions, including timing, peripheral interfaces, voltage regulation, power management, and other control functions.
  • the memory 155 may be used to store data used by the processor 154 when performing operations.
  • the processor 154 may be a CPU, ASIC, FPGA or CPLD.
  • a key update device provided in an embodiment of the present application includes:
  • the memory 160 is used to store program instructions
  • the processor 161 is configured to call the program instructions stored in the memory 160 and execute according to the obtained program:
  • the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is received, and the service request message includes the key request and key type information.
  • the service request message is a non-access stratum NAS message or an event report message.
  • the transceiver 162 is used to receive and send data under the control of the processor 161.
  • the bus architecture may include any number of interconnected buses and bridges. Specifically, one or more processors represented by the processor 161 and various circuits of the memory represented by the memory 160 are linked together.
  • the bus architecture can also link various other circuits such as peripherals, voltage regulators, power management circuits, etc., which are all known in the art, and therefore, no further descriptions are provided herein.
  • the bus interface provides the interface.
  • the transceiver 162 may be a plurality of elements, that is, including a transmitter and a receiver, and provide a unit for communicating with various other devices on the transmission medium.
  • the user interface 163 may also be an interface capable of connecting externally and internally with the required equipment.
  • the connected equipment includes but not limited to a keypad, a display, a speaker, a microphone, a joystick, etc.
  • the processor 161 is responsible for managing the bus architecture and general processing, and the memory 160 can store data used by the processor 161 when performing operations.
  • the processor 161 may be a CPU, ASIC, FPGA, or CPLD.
  • another key update device provided in an embodiment of the present application includes:
  • the determining unit 11 is configured to determine the corresponding updated key when the location management function LMF entity serving the terminal is updated, and the key is used to decrypt the positioning assistance data;
  • the sending unit 12 is configured to send the key to the terminal.
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
  • the key is sent to the terminal.
  • the key is sent to the terminal through a downlink positioning message.
  • another key update device provided in an embodiment of the present application includes:
  • the receiving unit 21 is configured to receive a corresponding updated key when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt positioning assistance data;
  • the sending unit 22 is configured to send the key to the terminal.
  • the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the sending unit 22 when receiving the key through a non-access stratum NAS message, is further configured to manage and save the key.
  • another key update device provided by an embodiment of the present application includes:
  • the receiving unit 31 is configured to receive a corresponding updated key when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt positioning assistance data;
  • the saving unit 32 is used to save the key.
  • the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
  • the key is received, and the service request message includes the key request and key type information.
  • the service request message is a non-access stratum NAS message or an event report message.
  • each embodiment of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.
  • the above-mentioned integrated unit can be implemented in the form of hardware or software functional unit.
  • the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium.
  • the technical solution of this application essentially or the part that contributes to the existing technology or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , Including a number of instructions to make a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor (processor) execute all or part of the steps of the method described in each embodiment of the present application.
  • the aforementioned storage media include: U disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk and other media that can store program code .
  • the embodiments of the present application provide a computing device, and the computing device may specifically be a desktop computer, a portable computer, a smart phone, a tablet computer, a personal digital assistant (Personal Digital Assistant, PDA), etc.
  • the computing device may include CPU, memory, input/output devices, etc.
  • input devices may include keyboards, mice, touch screens, etc.
  • output devices may include display devices, such as liquid crystal displays (LCD), cathode ray tubes (Cathode Ray) Tube, CRT) etc.
  • LCD liquid crystal displays
  • Cathode Ray Cathode Ray
  • CRT cathode Ray Tube
  • the memory may include read-only memory (ROM) and random access memory (RAM), and provides the processor with program instructions and data stored in the memory.
  • ROM read-only memory
  • RAM random access memory
  • the memory can be used to store the program of any of the methods provided in the embodiment of the present application.
  • the processor calls the program instructions stored in the memory, and the processor is configured to execute any of the methods provided in the embodiments of the present application according to the obtained program instructions.
  • the embodiment of the present application provides a computer storage medium for storing computer program instructions used by the device provided in the foregoing embodiment of the present application, which includes a program for executing any method provided in the foregoing embodiment of the present application.
  • the computer storage medium may be any available medium or data storage device that can be accessed by a computer, including but not limited to magnetic storage (such as floppy disk, hard disk, magnetic tape, magneto-optical (MO), etc.), optical storage (such as CD, DVD, BD, HVD, etc.), and semiconductor memory (such as ROM, EPROM, EEPROM, non-volatile memory (NAND FLASH), solid state drive (SSD)), etc.
  • magnetic storage such as floppy disk, hard disk, magnetic tape, magneto-optical (MO), etc.
  • optical storage such as CD, DVD, BD, HVD, etc.
  • semiconductor memory such as ROM, EPROM, EEPROM, non-volatile memory (NAND FLASH), solid state drive (SSD)
  • the method provided in the embodiments of the present application can be applied to terminal equipment, and can also be applied to network equipment.
  • the terminal equipment can also be called UE, mobile station (Mobile Station, referred to as "MS"), mobile terminal (Mobile Terminal), etc.
  • the terminal can be equipped with one or more core networks via RAN.
  • Communication capabilities for example, the terminal can be a mobile phone (or called a "cellular" phone), or a mobile computer, etc., for example, the terminal can also be portable, pocket-sized, hand-held, built-in computer, or mobile Device.
  • the network device may be a core network device.
  • the processing flow of the above method can be implemented by a software program, which can be stored in a storage medium, and when the stored software program is called, the above method steps are executed.
  • the updated key can be issued through an extended NAS message, or can be issued through an extended LPP message.
  • the target LMF entity sends the key to the AMF entity, and the AMF entity sends the new key to the UE through a NAS/LPP message.
  • the AMF entity manages and saves the keys; when sending through LPP messages, LPP manages and saves the keys.
  • the AMF entity sends a key application to request a new key from the updated target LMF entity, and the target LMF entity sends a NAS message to the UE via the AMF entity.
  • the UE carries the key request when reporting the event.
  • the LMF entity changes, the UE initiates a service request to the network, carrying the key request and key type, and the target LMF entity receives the location request for the target UE, and directly issues the updated key through the NAS or LPP message. If the UE carries the key request in the NAS message, the AMF entity is visible. When the key is returned, the key is returned through the NAS message; if the UE carries the key request in the event report message, the AMF entity is not visible, but only transparently transmitted. When the key is returned, it is returned through an LPP message.
  • the target LMF entity receives an instant location request for the new service at the same time, and will send the updated key to the UE through a downlink location message.
  • the AMF entity When issued through a NAS message, the AMF entity is visible to the key; when issued through an LPP message, the AMF entity is invisible to the key.
  • the technical solution provided by the embodiment of the present application solves the related problem of key update when the LMF entity changes.
  • the embodiments of the present application can be provided as methods, systems, or computer program products. Therefore, the present application may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, this application may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, optical storage, etc.) containing computer-usable program codes.
  • a computer-usable storage media including but not limited to disk storage, optical storage, etc.
  • These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device.
  • the device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
  • These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment.
  • the instructions provide steps for implementing functions specified in a flow or multiple flows in the flowchart and/or a block or multiple blocks in the block diagram.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed are a key update method and device, for providing a solution how to update a key for decrypting positioning assistance data when a Location Management Function (LMF) entity serving a terminal changes. The key update method provided in embodiments of the present application comprises: determining a corresponding updated key when updating the LMF entity serving the terminal, the key being used for decrypting the positioning assistance data; sending the key to the terminal.

Description

密钥更新方法及装置Key update method and device
相关申请的交叉引用Cross references to related applications
本申请要求在2019年06月11日提交中国专利局、申请号为201910503450.5、申请名称为“密钥更新方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the Chinese Patent Office, the application number is 201910503450.5, and the application name is "Key Renewal Method and Device" on June 11, 2019, the entire content of which is incorporated into this application by reference.
技术领域Technical field
本申请涉及通信技术领域,尤其涉及密钥更新方法及装置。This application relates to the field of communication technology, and in particular to a key update method and device.
背景技术Background technique
支持定位服务的网络架构如图1所示,对图中主要的网络功能的介绍如下:The network architecture supporting location services is shown in Figure 1. The main network functions in the figure are introduced as follows:
网关移动位置中心(Gateway Mobile Location Center,GMLC):接收位置服务(LoCation Services,LCS)客户端的定位请求的功能实体,触发定位过程,并向LCS客户端返回用户设备(User Equipment,UE)位置。Gateway Mobile Location Center (GMLC): a functional entity that receives a location request from a location service (LoCation Services, LCS) client, triggers the location process, and returns the location of the user equipment (UE) to the LCS client.
统一数据管理功能(Unified Data Management,UDM)实体:存储UE的信息的功能实体,例如签约信息,已建立协议数据单元(Protocol Data Unit,PDU)会话的信息。Unified Data Management (UDM) entity: a functional entity that stores UE information, such as subscription information, and information about established protocol data unit (Protocol Data Unit, PDU) sessions.
移动性管理功能(Access and Mobility Management Function,AMF)实体:接入认证和跟踪UE的位置。Mobility Management Function (Access and Mobility Management Function, AMF) entity: access authentication and tracking UE location.
位置管理功能(Location Management Function,LMF)实体:获取UE的位置。Location Management Function (LMF) entity: Obtain the location of the UE.
定位辅助数据和加密密钥的下发主要涉及LMF实体、UDM和AMF实体等实体。其中LMF实体负责制定加密密钥和定位辅助数据。UDM实体存储UE签约的辅助数据类型。AMF实体接收LMF实体下发的辅助数据和密钥,其中辅助数据将通过无线接入网(Radio Access Network,RAN)广播出去, AMF实体通过注册过程将密钥发送给UE。当UE接收到密钥之后,可使用密钥对接收到的广播的辅助数据进行解密。The issuance of positioning assistance data and encryption keys mainly involves entities such as LMF entities, UDM and AMF entities. The LMF entity is responsible for formulating encryption keys and positioning assistance data. The UDM entity stores the auxiliary data type subscribed by the UE. The AMF entity receives the assistance data and the key issued by the LMF entity, where the assistance data will be broadcast through the Radio Access Network (RAN), and the AMF entity sends the key to the UE through the registration process. After the UE receives the key, the key can be used to decrypt the received broadcast auxiliary data.
广播网络辅助数据的具体过程如图2所示,描述如下:The specific process of broadcasting network auxiliary data is shown in Figure 2, and is described as follows:
步骤201、LMF实体通过AMF通信N1N2消息传输消息(Namf_Communication_N1N2MessageTransfer),向AMF实体发送网络辅助数据(Network Assistance Data)。Step 201: The LMF entity sends a network assistance data (Network Assistance Data) to the AMF entity through an AMF communication N1N2 message transfer message (Namf_Communication_N1N2MessageTransfer).
步骤202、AMF实体通过N2Transport,向5G无线接入网(NG-RAN)发送网络辅助数据。Step 202: The AMF entity sends network assistance data to the 5G radio access network (NG-RAN) through the N2Transport.
步骤203、NG-RAN通过广播消息(Broadcast Message)向UE发送网络辅助数据。Step 203: The NG-RAN sends network assistance data to the UE through a broadcast message (Broadcast Message).
目前,LMF实体变更流程支持服务LMF实体在5G核心网移动终端位置请求(5th-Generation Core Network Mobile Terminated Location Request,5GC-MT-LR)流程中变更。目标UE的移动性可能导致原始服务LMF实体不适合的服务AMF实体的改变。例如,服务LMF实体可以远离新服务AMF实体,导致AMF实体到LMF实体信令的更高资源利用率,或者LMF实体可以不配置用于UE的当前接入网络的信息(例如,小区数据库)。在这种情况下,服务的LMF实体可能需要改变。Currently, the LMF entity change process supports the change of the service LMF entity in the 5G core network mobile terminal location request (5th-Generation Core Network Mobile Terminated Location Request, 5GC-MT-LR) process. The mobility of the target UE may cause changes to the serving AMF entity that the original serving LMF entity is not suitable for. For example, the serving LMF entity may be far away from the new serving AMF entity, resulting in higher resource utilization of the AMF entity-to-LMF entity signaling, or the LMF entity may not be configured with information (e.g., cell database) for the UE's current access network. In this case, the serving LMF entity may need to be changed.
发明内容Summary of the invention
本申请实施例提供了密钥更新方法及装置,用以提供当为终端服务的LMF实体发生变更时,用于对定位辅助数据进行解密的密钥如何更新的解决方案。The embodiments of the present application provide a key update method and device to provide a solution for how to update the key used to decrypt the positioning assistance data when the LMF entity serving the terminal changes.
在网络侧,例如在LMF实体侧,本申请实施例提供的一种密钥更新方法包括:On the network side, for example, on the LMF entity side, a key update method provided in an embodiment of the present application includes:
确定当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Determine the updated key when the location management function LMF entity serving the terminal is updated, and the key is used to decrypt the positioning assistance data;
向所述终端发送所述密钥。Sending the key to the terminal.
通过该方法,确定当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;向所述终端发送所述密钥,提供了当为终端服务的LMF实体发生变更时,用于对定位辅助数据进行解密的密钥如何更新的解决方案,使得更新后的密钥可以发送给终端。Through this method, the corresponding updated key is determined when the location management function LMF entity serving the terminal is updated, and the key is used to decrypt the positioning assistance data; the key is sent to the terminal to provide When the LMF entity serving the terminal changes, how to update the key used to decrypt the positioning assistance data, so that the updated key can be sent to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,通过更新后的目标LMF实体,向移动性管理功能AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到移动性管理功能AMF实体发送的新的密钥请求时,向所述AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, when a new key request sent by the mobility management function AMF entity is received, the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到所述终端的定位请求时,向所述终端发送所述密钥。Optionally, when a positioning request of the terminal is received, the key is sent to the terminal.
可选地,当接收到新的服务的即时定位请求时,通过下行定位消息向所述终端发送所述密钥。Optionally, when an instant positioning request for a new service is received, the key is sent to the terminal through a downlink positioning message.
在网络侧,例如在AMF实体侧,本申请实施例提供的一种密钥更新方法,包括:On the network side, for example, on the AMF entity side, a key update method provided in an embodiment of the present application includes:
接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Receiving the updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
将所述密钥发送给所述终端。Send the key to the terminal.
通过该方法,接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;将所述密钥发送给所述终端,因此提供了当为终端服务的LMF实体发生变更时,用于对定位辅助数据进行解密的密钥如何更新的解决方案,使得更新后的密钥可以发送给终端。Through this method, the corresponding updated key is received when the location management function LMF entity serving the terminal is updated, the key is used to decrypt positioning assistance data; the key is sent to the terminal, Therefore, a solution is provided for how to update the key used to decrypt the positioning assistance data when the LMF entity serving the terminal changes, so that the updated key can be sent to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向更新后的目标LMF实体发送新的密钥请求后,接收所述目标LMF实体发送的所述密钥。Optionally, after sending a new key request to the updated target LMF entity, receive the key sent by the target LMF entity.
可选地,当通过非接入层NAS消息接收所述密钥时,该方法还包括对所述密钥进行管理并保存。Optionally, when the key is received through a non-access stratum NAS message, the method further includes managing and saving the key.
在终端侧,本申请实施例提供的一种密钥更新方法,包括:On the terminal side, a key update method provided by an embodiment of the present application includes:
接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Receiving the updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
保存所述密钥。Save the key.
通过该方法,接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;保存所述密钥,从而使得终端可以获取LMF实体发生更新后的密钥,即由当前为终端服务的最新的LMF实体产生的用于对定位辅助数据进行解密的密钥。Through this method, the corresponding updated key is received when the location management function LMF entity serving the terminal is updated, the key is used to decrypt the positioning assistance data; the key is saved so that the terminal can obtain The updated key of the LMF entity is the key used to decrypt the positioning assistance data generated by the latest LMF entity currently serving the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,接收所述密钥。Optionally, the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向网络侧发送服务请求消息后,接收所述密钥,所述服务请求消息中包括密钥请求和密钥类型信息。Optionally, after sending a service request message to the network side, the key is received, and the service request message includes the key request and key type information.
可选地,所述服务请求消息为非接入层NAS消息,或者为事件报告消息。Optionally, the service request message is a non-access stratum NAS message or an event report message.
在网络侧,例如在LMF实体侧,本申请实施例提供的一种密钥更新装置,包括:On the network side, for example, on the LMF entity side, a key update device provided in an embodiment of the present application includes:
存储器,用于存储程序指令;Memory, used to store program instructions;
处理器,用于调用所述存储器中存储的程序指令,按照获得的程序执行:The processor is used to call the program instructions stored in the memory and execute according to the obtained program:
确定当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Determine the updated key when the location management function LMF entity serving the terminal is updated, and the key is used to decrypt the positioning assistance data;
向所述终端发送所述密钥。Sending the key to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,通过更新后的目标LMF实体,向移动性管理功能AMF实体发 送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到移动性管理功能AMF实体发送的新的密钥请求时,向所述AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, when a new key request sent by the mobility management function AMF entity is received, the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到所述终端的定位请求时,向所述终端发送所述密钥。Optionally, when a positioning request of the terminal is received, the key is sent to the terminal.
可选地,当接收到新的服务的即时定位请求时,通过下行定位消息向所述终端发送所述密钥。Optionally, when an instant positioning request for a new service is received, the key is sent to the terminal through a downlink positioning message.
在网络侧,例如在AMF实体侧,本申请实施例提供的一种密钥更新装置,包括:On the network side, for example, on the AMF entity side, a key update device provided in an embodiment of the present application includes:
存储器,用于存储程序指令;Memory, used to store program instructions;
处理器,用于调用所述存储器中存储的程序指令,按照获得的程序执行:The processor is used to call the program instructions stored in the memory and execute according to the obtained program:
接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Receiving the updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
将所述密钥发送给所述终端。Send the key to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向更新后的目标LMF实体发送新的密钥请求后,接收所述目标LMF实体发送的所述密钥。Optionally, after sending a new key request to the updated target LMF entity, receive the key sent by the target LMF entity.
可选地,当通过非接入层NAS消息接收所述密钥时,所述处理器还用于调用所述存储器中存储的程序指令,按照获得的程序执行:对所述密钥进行管理并保存。Optionally, when receiving the key through a non-access stratum NAS message, the processor is further configured to call program instructions stored in the memory, and execute according to the obtained program: manage the key and save.
在终端侧,本申请实施例提供的一种密钥更新装置,包括:On the terminal side, a key update device provided in an embodiment of the present application includes:
存储器,用于存储程序指令;Memory, used to store program instructions;
处理器,用于调用所述存储器中存储的程序指令,按照获得的程序执行:The processor is used to call the program instructions stored in the memory and execute according to the obtained program:
接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Receiving the updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
保存所述密钥。Save the key.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,接收所述密钥。Optionally, the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向网络侧发送服务请求消息后,接收所述密钥,所述服务请求消息中包括密钥请求和密钥类型信息。Optionally, after sending a service request message to the network side, the key is received, and the service request message includes the key request and key type information.
可选地,所述服务请求消息为非接入层NAS消息,或者为事件报告消息。Optionally, the service request message is a non-access stratum NAS message or an event report message.
在网络侧,例如在LMF实体侧,本申请实施例提供的另一种密钥更新装置,包括:On the network side, for example, on the LMF entity side, another key update device provided in an embodiment of the present application includes:
确定单元,用于确定当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;The determining unit is configured to determine the updated key corresponding to the location management function LMF entity serving the terminal when the updated key is used to decrypt the positioning assistance data;
发送单元,用于向所述终端发送所述密钥。The sending unit is configured to send the key to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,通过更新后的目标LMF实体,向移动性管理功能AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到移动性管理功能AMF实体发送的新的密钥请求时,向所述AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, when a new key request sent by the mobility management function AMF entity is received, the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到所述终端的定位请求时,向所述终端发送所述密钥。Optionally, when a positioning request of the terminal is received, the key is sent to the terminal.
可选地,当接收到新的服务的即时定位请求时,通过下行定位消息向所述终端发送所述密钥。Optionally, when an instant positioning request for a new service is received, the key is sent to the terminal through a downlink positioning message.
在网络侧,例如在AMF实体侧,本申请实施例提供的另一种密钥更新装置,包括:On the network side, for example, on the AMF entity side, another key update device provided in this embodiment of the present application includes:
接收单元,用于接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;The receiving unit is configured to receive the updated key corresponding to the location management function LMF entity serving the terminal when the LMF entity is updated, and the key is used to decrypt the positioning assistance data;
发送单元,用于将所述密钥发送给所述终端。The sending unit is configured to send the key to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向更新后的目标LMF实体发送新的密钥请求后,接收所述目标LMF实体发送的所述密钥。Optionally, after sending a new key request to the updated target LMF entity, receive the key sent by the target LMF entity.
可选地,当通过非接入层NAS消息接收所述密钥时,所述处理器还用于调用所述存储器中存储的程序指令,按照获得的程序执行:对所述密钥进行管理并保存。Optionally, when receiving the key through a non-access stratum NAS message, the processor is further configured to call program instructions stored in the memory, and execute according to the obtained program: manage the key and save.
在终端侧,本申请实施例提供的另一种密钥更新装置,包括:On the terminal side, another key update device provided by an embodiment of the present application includes:
接收单元,用于接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;The receiving unit is configured to receive the updated key corresponding to the location management function LMF entity serving the terminal when the LMF entity is updated, and the key is used to decrypt the positioning assistance data;
保存单元,用于保存所述密钥。The saving unit is used to save the key.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,接收所述密钥。Optionally, the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向网络侧发送服务请求消息后,接收所述密钥,所述服务请求消息中包括密钥请求和密钥类型信息。Optionally, after sending a service request message to the network side, the key is received, and the service request message includes the key request and key type information.
可选地,所述服务请求消息为非接入层NAS消息,或者为事件报告消息。Optionally, the service request message is a non-access stratum NAS message or an event report message.
本申请另一实施例提供了一种计算设备,其包括存储器和处理器,其中,所述存储器用于存储程序指令,所述处理器用于调用所述存储器中存储的程序指令,按照获得的程序执行上述任一种方法。Another embodiment of the present application provides a computing device, which includes a memory and a processor, wherein the memory is used to store program instructions, and the processor is used to call the program instructions stored in the memory, according to the obtained program Perform any of the above methods.
本申请另一实施例提供了一种计算机存储介质,所述计算机存储介质存储有计算机可执行指令,所述计算机可执行指令用于使所述计算机执行上述任一种方法。Another embodiment of the present application provides a computer storage medium that stores computer-executable instructions, and the computer-executable instructions are used to make the computer execute any of the above methods.
附图说明Description of the drawings
为了更清楚地说明本申请实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简要介绍,显而易见地,下面描述中的附图仅是本申请的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly describe the technical solutions in the embodiments of the present application, the following will briefly introduce the drawings needed in the description of the embodiments. Obviously, the drawings in the following description are only some embodiments of the present application. For those of ordinary skill in the art, without creative work, other drawings can be obtained from these drawings.
图1为现有技术中支持定位服务的网络架构示意图;Figure 1 is a schematic diagram of a network architecture supporting location services in the prior art;
图2为现有技术中广播网络辅助数据的具体过程示意图;Figure 2 is a schematic diagram of a specific process of broadcasting network auxiliary data in the prior art;
图3为本申请实施例提供的LMF变更流程示意图;Figure 3 is a schematic diagram of the LMF change process provided by an embodiment of the application;
图4为本申请实施例提供的LMF变更流程示意图;Figure 4 is a schematic diagram of the LMF change process provided by an embodiment of the application;
图5为本申请实施例提供的LMF变更流程示意图;Figure 5 is a schematic diagram of the LMF change process provided by an embodiment of the application;
图6为本申请实施例提供的LMF变更流程示意图;Figure 6 is a schematic diagram of the LMF change process provided by an embodiment of the application;
图7为本申请实施例提供的LMF变更流程示意图;Figure 7 is a schematic diagram of the LMF change process provided by an embodiment of the application;
图8为本申请实施例提供的LMF实体侧的密钥更新方法的流程示意图;FIG. 8 is a schematic flowchart of a key update method on the LMF entity side provided by an embodiment of the application;
图9为本申请实施例提供的AMF实体侧的密钥更新方法的流程示意图;FIG. 9 is a schematic flowchart of a key update method on the AMF entity side according to an embodiment of the application;
图10为本申请实施例提供的终端侧的密钥更新方法的流程示意图;FIG. 10 is a schematic flowchart of a key update method on the terminal side according to an embodiment of the application;
图11为本申请实施例提供的LMF实体侧的密钥更新装置的结构示意图;FIG. 11 is a schematic structural diagram of a key update device on the LMF entity side provided by an embodiment of the application;
图12为本申请实施例提供的AMF实体侧的密钥更新装置的结构示意图;FIG. 12 is a schematic structural diagram of a key update apparatus on the AMF entity side according to an embodiment of the application;
图13为本申请实施例提供的终端侧的密钥更新装置的结构示意图;FIG. 13 is a schematic structural diagram of a key update device on the terminal side according to an embodiment of the application;
图14为本申请实施例提供的LMF实体侧的另一密钥更新装置的结构示意图;14 is a schematic structural diagram of another key update apparatus on the LMF entity side provided by an embodiment of the application;
图15为本申请实施例提供的AMF实体侧的另一密钥更新装置的结构示意图;15 is a schematic structural diagram of another key update apparatus on the AMF entity side provided by an embodiment of the application;
图16为本申请实施例提供的终端侧的另一密钥更新装置的结构示意图。FIG. 16 is a schematic structural diagram of another key update apparatus on the terminal side according to an embodiment of the application.
具体实施方式Detailed ways
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分实施例,并不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments are only a part of the embodiments of the present application, not all of the embodiments. Based on the embodiments in this application, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of this application.
在5G***中当采用延迟(deferred)5GC-MT-LR定位方法,UE不会立即上报位置信息,当触发定位(可能是事件触发的定位,或者可能是周期性的触发的定位)时,外部客户端向GMLC发起对目标用户的定位请求,GMLC与UDM之间执行隐私验证,如果UE允许定位,则GMLC向AMF实体发送 定位请求。AMF实体选择了一个LMF实体,UE与LMF实体之间执行定位流程,其中,UE可能需要从网络获取到LMF实体发送的定位辅助信息。此时由于UE的移动,AMF实体为UE选择了一个新的LMF实体,参见图3,具体包括如下步骤:In the 5G system, when the deferred 5GC-MT-LR positioning method is adopted, the UE will not report the location information immediately. When the positioning is triggered (may be the positioning triggered by an event or the positioning triggered periodically), the external The client initiates a location request for the target user to the GMLC, and performs privacy verification between the GMLC and the UDM. If the UE allows the location, the GMLC sends a location request to the AMF entity. The AMF entity selects an LMF entity, and a positioning procedure is performed between the UE and the LMF entity. Among them, the UE may need to obtain the positioning assistance information sent by the LMF entity from the network. At this time, due to the movement of the UE, the AMF entity selects a new LMF entity for the UE. See Figure 3, which specifically includes the following steps:
301.UE触发了服务请求(UE Triggered Service Request)。301. The UE triggered a service request (UE Triggered Service Request).
302.UE向服务AMF实体发送包含事件报告消息的非接入层(Non-access stratum,NAS)传输消息。NAS传输消息包括指示LMF 1(更新前的原LMF实体)的标识符(Identity document,ID)和事件报告(Event Report)。302. The UE sends a non-access stratum (NAS) transmission message containing an event report message to the serving AMF entity. The NAS transmission message includes an identifier (Identity document, ID) and an event report (Event Report) indicating LMF 1 (the original LMF entity before update).
303.基于运营商配置和策略,AMF实体可以评估并确定LMF 1不适合或不能支持当前UE接入网络或服务小区的位置,并且确定LMF 2(更新后的目标LMF实体)是更合适的LMF实体。303. Based on the operator configuration and strategy, the AMF entity can evaluate and determine that LMF 1 is not suitable or cannot support the current UE access network or serving cell location, and determine that LMF 2 (updated target LMF entity) is a more suitable LMF entity.
304.AMF实体向LMF 1调用AMF通信N1消息告知消息(Namf_Communication_N1MessageNotify)服务操作。服务操作包括在步骤302中接收的事件报告。如果AMF实体在步骤303中确定应该使用新的LMF 2,则它也向LMF 1指示。304. The AMF entity invokes the AMF communication N1 message notification (Namf_Communication_N1MessageNotify) service operation to the LMF 1. The service operation includes the event report received in step 302. If the AMF entity determines in step 303 that the new LMF 2 should be used, it also indicates to LMF 1.
305.如果AMF实体在步骤304中没有指示新的LMF实体,则基于运营商配置和策略,LMF 1可以评估并确定它不适合或不能支持当前UE接入网络或服务小区的位置并且确定LMF 2为是一个更合适的LMF实体。305. If the AMF entity does not indicate a new LMF entity in step 304, based on the operator configuration and policy, the LMF 1 can evaluate and determine that it is not suitable or cannot support the location of the current UE to access the network or serving cell and determine the LMF 2 It is a more suitable LMF entity.
306.LMF 1向LMF 2调用LMF位置上下文传输(Nlmf_LocationContextTransfer)请求服务操作以提供UE的当前位置上下文,并包括在步骤304中接收的事件报告消息。服务操作包括AMF实体标识和LMF 1最初为周期性接收的信息或者所有信息。根据从AMF实体触发位置请求,或者根据此过程从早期服务的LMF实体触发位置请求。服务操作还可以包括事件报告的当前状态(例如,到目前为止从UE接收的事件报告的数量和/或到目前为止的事件报告的持续时间),并且可以包括UE的位置相关信息,例如先前的位置估计。306. The LMF 1 calls the LMF Location Context Transfer (Nlmf_LocationContextTransfer) to the LMF 2 to request a service operation to provide the current location context of the UE, and includes the event report message received in step 304. The service operation includes the AMF entity identifier and LMF 1 initially periodically received information or all information. The location request is triggered according to the AMF entity, or the location request is triggered from the LMF entity that was served earlier according to this process. The service operation may also include the current status of the event report (for example, the number of event reports received from the UE so far and/or the duration of the event report so far), and may include UE location related information, such as previous Location estimation.
307.LMF 2通知LMF 1位置上下文传输操作结果 (Nlmf_LocationContextTransfer Response)。然后LMF 1释放该过程的所有资源。307. The LMF2 notifies the LMF1 of the location context transfer operation result (Nlmf_LocationContextTransferResponse). Then LMF 1 releases all resources of the process.
308.LMF 2向AMF实体调用AMF通信N1N2消息传输(Namf_Communication_N1N2MessageTransfer)服务操作,以请求向UE传送事件报告确认(Event Report Acknowledgment)消息。事件报告确认指示LMF实体的改变并且包括指示LMF 2的标识符。308. The LMF 2 invokes the AMF communication N1N2 message transmission (Namf_Communication_N1N2MessageTransfer) service operation to the AMF entity to request the transmission of an Event Report Acknowledgment message to the UE. The event report confirmation indicates the change of the LMF entity and includes an identifier indicating the LMF2.
309.AMF实体在NAS传输消息中将事件报告确认转发给UE。AMF实体还向LMF 2通知事件报告确认的交付结果。309. The AMF entity forwards the event report confirmation to the UE in the NAS transmission message. The AMF entity also notifies the LMF 2 of the delivery result of the event report confirmation.
310.如果事件报告需要位置估计,则LMF 2可以执行UE的定位过程(UE Positioning Procedure)确定UE位置。310. If the event report requires location estimation, the LMF 2 can perform the UE Positioning Procedure (UE Positioning Procedure) to determine the UE position.
5G与4G不同,在5G***的deferred 5GC-MT-LR流程中,定位的上下文保存在LMF实体中,如果LMF实体负责产生辅助数据广播的密钥,当UE的位置变化,辅助数据也将发生变化(辅助数据包含了UE的位置信息、小区的ID以及时序等信息)。5G is different from 4G. In the deferred 5GC-MT-LR process of the 5G system, the positioning context is stored in the LMF entity. If the LMF entity is responsible for generating the key for auxiliary data broadcast, when the location of the UE changes, the auxiliary data will also occur. Change (the assistance data contains information such as the location information of the UE, the ID of the cell, and timing).
LMF实体负责定位方式的选择,LMF 1根据公共陆地移动网络(Public Land Mobile Network,PLMN)以及服务质量(Quality of Service,QoS)选择了几种定位方式,并产生与此对应的密钥用于辅助数据的定位。LMF 1会将之前的密钥传给LMF 2,用于后续向UE发送辅助数据时的加密。但存在这样的问题:The LMF entity is responsible for the selection of the positioning method. The LMF 1 selects several positioning methods according to the Public Land Mobile Network (PLMN) and Quality of Service (QoS), and generates the corresponding key for Positioning of auxiliary data. The LMF 1 will pass the previous key to the LMF 2 for subsequent encryption when sending auxiliary data to the UE. But there are such problems:
当AMF实体重选了LMF实体时,由于辅助数据变化,使用与之前的密钥进行加密将导致安全隐患,需要UE与新的LMF实体之前建立新的密钥同步关系。否则,UE在LMF 2的范围内,将无法获得LMF实体发送的信息辅助信息用于UE的定位计算。When the AMF entity reselects the LMF entity, due to the change of auxiliary data, using the previous key for encryption will cause security risks, and it is necessary for the UE to establish a new key synchronization relationship with the new LMF entity. Otherwise, the UE within the scope of LMF 2 will not be able to obtain the auxiliary information sent by the LMF entity for UE positioning calculation.
当选择了LMF 2之后,有其他服务请求UE的定位,且LMF 1根据服务的QoS以及PLMN选择了不同的定位方式,而这些定位方式与之前LMF 1选择的定位方式不同,UE没有新的密钥将无法获取到辅助数据而执行UE的定位。When LMF 2 is selected, there are other services requesting UE positioning, and LMF 1 selects different positioning methods according to the QoS of the service and PLMN, and these positioning methods are different from the positioning methods previously selected by LMF 1, and the UE does not have a new secret. The key will not be able to obtain assistance data and perform UE positioning.
综上所述,在5G***中,NG-RAN通过广播方式发送被加密的网络辅助数据,UE根据从网络接收到的加密密钥对该数据进行解密。在deferred 5GC-MT-LR的流程中会涉及到LMF变更的问题,目前没有对该场景下密钥以及安全上下文的处理描述,因此,本申请实施例提供了密钥更新方法及装置,用以提供当为终端服务的LMF实体发生变更时,用于对定位辅助数据进行解密的密钥更新解决方案。In summary, in the 5G system, the NG-RAN sends encrypted network assistance data through broadcast, and the UE decrypts the data according to the encryption key received from the network. In the process of deferred 5GC-MT-LR, the problem of LMF change will be involved. Currently, there is no description of key and security context processing in this scenario. Therefore, the embodiment of the present application provides a key update method and device for Provides a key update solution for decrypting positioning assistance data when the LMF entity serving the terminal changes.
其中,方法和装置是基于同一申请构思的,由于方法和装置解决问题的原理相似,因此装置和方法的实施可以相互参见,重复之处不再赘述。Among them, the method and the device are based on the same application conceived. Since the principles of the method and the device to solve the problem are similar, the implementation of the device and the method can be referred to each other, and the repetition will not be repeated.
本申请实施例提供的技术方案可以适用于多种***,尤其是5G***。例如适用的***可以是全球移动通讯(global system of mobile communication,GSM)***、码分多址(code division multiple access,CDMA)***、宽带码分多址(Wideband Code Division Multiple Access,WCDMA)、通用分组无线业务(general packet radio service,GPRS)***、长期演进(long term evolution,LTE)***、LTE频分双工(frequency division duplex,FDD)***、LTE时分双工(time division duplex,TDD)、通用移动***(universal mobile telecommunication system,UMTS)、全球互联微波接入(worldwide interoperability for microwave access,WiMAX)***、5G***以及5G新空口(New Radio,NR)***等。这多种***中均包括终端设备和网络设备。The technical solutions provided in the embodiments of the present application can be applied to various systems, especially 5G systems. For example, the applicable system can be the global system of mobile communication (GSM) system, code division multiple access (CDMA) system, wideband code division multiple access (WCDMA), general Packet radio service (general packet radio service, GPRS) system, long term evolution (LTE) system, LTE frequency division duplex (FDD) system, LTE time division duplex (TDD), Universal mobile telecommunication system (UMTS), worldwide interoperability for microwave access (WiMAX) system, 5G system, and 5G New Radio (NR) system, etc. These various systems include terminal equipment and network equipment.
本申请实施例涉及的终端设备,可以是指向用户提供语音和/或数据连通性的设备,具有无线连接功能的手持式设备、或连接到无线调制解调器的其他处理设备。在不同的***中,终端设备的名称可能也不相同,例如在5G***中,终端设备可以称为UE。无线终端设备可以经RAN与一个或多个核心网进行通信,无线终端设备可以是移动终端设备,如移动电话(或称为“蜂窝”电话)和具有移动终端设备的计算机,例如,可以是便携式、袖珍式、手持式、计算机内置的或者车载的移动装置,它们与无线接入网交换语言和/或数据。例如,个人通信业务(personal communication service,PCS)电话、无绳电话、会话发起协议(session initiated protocol,SIP)话机、无线本地环路 (wireless local loop,WLL)站、个人数字助理(personal digital assistant,PDA)等设备。无线终端设备也可以称为***、订户单元(subscriber unit)、订户站(subscriber station)、移动站(mobile station)、移动台(mobile)、远程站(remote station)、接入点(access point)、远程终端设备(remote terminal)、接入终端设备(access terminal)、用户终端设备(user terminal)、用户代理(user agent)、用户装置(user device),本申请实施例中并不限定。The terminal device involved in the embodiments of the present application may be a device that provides voice and/or data connectivity to a user, a handheld device with a wireless connection function, or other processing devices connected to a wireless modem. In different systems, the terminal equipment may have different names. For example, in a 5G system, the terminal equipment may be called UE. The wireless terminal device can communicate with one or more core networks via the RAN. The wireless terminal device can be a mobile terminal device, such as a mobile phone (or “cellular” phone) and a computer with a mobile terminal device, for example, a portable , Pocket, handheld, computer built-in or vehicle-mounted mobile devices that exchange language and/or data with the wireless access network. For example, personal communication service (PCS) phone, cordless phone, session initiated protocol (SIP) phone, wireless local loop (WLL) station, personal digital assistant (personal digital assistant, PDA) and other equipment. Wireless terminal equipment can also be referred to as system, subscriber unit, subscriber station, mobile station, mobile station, remote station, and access point , Remote terminal equipment (remote terminal), access terminal equipment (access terminal), user terminal equipment (user terminal), user agent (user agent), user device (user device), which are not limited in the embodiments of the present application.
本申请实施例涉及的网络设备,可以为核心网设备,例如LMF实体和AMF实体。The network device involved in the embodiment of the present application may be a core network device, such as an LMF entity and an AMF entity.
下面结合说明书附图对本申请各个实施例进行详细描述。需要说明的是,本申请实施例的展示顺序仅代表实施例的先后顺序,并不代表实施例所提供的技术方案的优劣。Hereinafter, each embodiment of the present application will be described in detail with reference to the drawings of the specification. It should be noted that the display order of the embodiments of the present application only represents the sequence of the embodiments, and does not represent the pros and cons of the technical solutions provided by the embodiments.
需要说明的是,本申请实施例中,更新密钥的过程中可以更新密钥集信息(即不仅可以下发更新后的密钥,还可以下发与更新后的密钥相关的信息等),密钥集信息可以包括密钥类型、密钥、有效期、密钥标识等信息。本申请实施例中密钥及其相关的信息内容可以在非接入层(Non-Access Stratum,NAS)消息中携带,此时AMF实体可见;也可以在长期演进定位协议(Long Term Evolution Positioning Protocol,LPP)消息中携带,如事件报告(event report)消息中携带,则AMF实体不可见。It should be noted that, in the embodiment of the present application, the key set information can be updated during the process of updating the key (that is, not only the updated key can be issued, but also information related to the updated key can be sent below) , The key set information can include key type, key, validity period, key identification and other information. In the embodiments of this application, the key and its related information content can be carried in a Non-Access Stratum (NAS) message, and the AMF entity can be seen at this time; it can also be used in the Long Term Evolution Positioning Protocol (Long Term Evolution Positioning Protocol). , LPP) message, if carried in an event report (event report) message, the AMF entity is not visible.
实施例一、Example one
参见图4,需要在LMF实体变更时,网络直接通过LMF实体变更流程下发更新的密钥给UE,并指示UE变化,具体包括:Referring to Figure 4, when the LMF entity changes, the network directly issues the updated key to the UE through the LMF entity change process and instructs the UE to change, which specifically includes:
步骤401至步骤406,同图3所示的LMF实体变更流程中步骤301至步骤306的相关描述,在此不再赘述。Steps 401 to 406 are the same as the related descriptions of steps 301 to 306 in the LMF entity change process shown in FIG. 3, and will not be repeated here.
步骤4X.LMF 2收到NLMF_LocationContextTransfer请求服务操作后,产生新的密钥(Key generation)。Step 4X. LMF 2 generates a new key (Key generation) after receiving the NLMF_LocationContextTransfer request service operation.
步骤407.同图3所示的LMF实体变更流程中步骤307。Step 407. Same as step 307 in the LMF entity change process shown in FIG. 3.
步骤408.LMF 2将更新的密钥通过NAS消息发给AMF实体,该NAS消 息中携带密钥更新指示和/或新的密钥集(key update indication and/or new key set)。Step 408. The LMF 2 sends the updated key to the AMF entity through a NAS message, and the NAS message carries a key update indication and/or a new key set (key update indication and/or new key set).
步骤409.AMF实体通过NAS消息,将key update indication and/or new key set发给UE;或者步骤410.LMF 2通过事件报告消息,将key update indication and/or new key set透传给AMF实体,AMF实体通过NAS消息,将key update indication and/or new key set转发给UE。Step 409. The AMF entity sends the key update indication and/or new key set to the UE through the NAS message; or step 410.LMF 2 transparently transmits the key update indication and/or new key set to the AMF entity through the event report message, The AMF entity forwards the key update indication and/or new key set to the UE through the NAS message.
实施例二、Embodiment two
参见图5,需要在LMF变更时,AMF实体选择了新的LMF实体,AMF实体作为密钥的申请方通过LMF 1向LMF 2请求密钥。具体流程如下:Referring to Figure 5, when the LMF needs to be changed, the AMF entity selects a new LMF entity, and the AMF entity, as the key applicant, requests the key from the LMF 2 through the LMF 1. The specific process is as follows:
步骤501至步骤503,同图3所示LMF实体变更流程中的步骤301至步骤303,在此不再赘述。Steps 501 to 503 are the same as steps 301 to 303 in the LMF entity change process shown in FIG. 3, and will not be repeated here.
步骤504、AMF实体选择了新的LMF实体后,向源LMF实体转发密钥请求(该请求中还可以包含密钥的类型)。Step 504: After the AMF entity selects the new LMF entity, it forwards the key request to the source LMF entity (the request may also include the type of the key).
步骤505、同图3所示的LMF实体变更流程中的步骤305。Step 505 is the same as step 305 in the LMF entity change process shown in FIG. 3.
步骤506、源LMF实体向目标LMF实体转发密钥请求(该请求中还可以包含密钥的类型)。Step 506: The source LMF entity forwards the key request to the target LMF entity (the request may also include the type of the key).
步骤5x.目标LMF实体产生新的密钥。Step 5x. The target LMF entity generates a new key.
步骤507至步骤510,同实施例一中步骤407至步骤410,在此不再赘述。Step 507 to step 510 are the same as step 407 to step 410 in the first embodiment, and will not be repeated here.
实施例三、Embodiment three
UE在事件报告中携带密钥请求,具体流程参见图6,包括:The UE carries the key request in the event report. Refer to Figure 6 for the specific process, including:
步骤601、同图3所示的LMF实体变更流程的步骤301。Step 601 is the same as step 301 of the LMF entity change process shown in FIG. 3.
步骤602、UE在事件报告中携带密钥请求,还可以携带请求的密钥类型;Step 602: The UE carries the key request in the event report, and may also carry the requested key type;
步骤603至步骤610,同实施例二步骤503至步骤510,在此不再赘述。Step 603 to step 610 are the same as step 503 to step 510 in the second embodiment, and will not be repeated here.
实施例四、Embodiment four
AMF实体透传(类似于2G/3G的方法),当AMF实体刚选择了新的LMF实体,又有新的服务发起定位,则需要基于LPP协议传输密钥。具体流程参见图7,包括:AMF entity transparent transmission (similar to the 2G/3G method). When the AMF entity has just selected a new LMF entity and a new service initiates positioning, it needs to transmit the key based on the LPP protocol. The specific process is shown in Figure 7, including:
步骤701至步骤705、同图3所示的LMF实体变更流程中所述的步骤301至步骤305。Steps 701 to 705 are the same as steps 301 to 305 described in the LMF entity change process shown in FIG. 3.
步骤706、包括步骤706a和步骤706b,即LMF 2通过下行定位消息下发密钥,该下行定位消息中携带key update indication and/or new key set。Step 706 includes steps 706a and 706b, that is, the LMF 2 issues a key through a downlink positioning message, and the downlink positioning message carries a key update indication and/or new key set.
步骤707至步骤710,同图3所示的LMF实体变更流程所述的步骤306至步骤309。Steps 707 to 710 are the same as steps 306 to 309 described in the LMF entity change process shown in FIG. 3.
需要说明的是,步骤707中,源LMF可以向目标LMF请求密钥,如果目标LMF已经通过下行的定位消息发送了更新的密钥,会在响应消息步骤708-710中携带密钥信息,如果请求的密钥类型与步骤706相同的密钥,则返回相同的密钥标识。It should be noted that in step 707, the source LMF can request the key from the target LMF. If the target LMF has sent the updated key through the downlink positioning message, the key information will be carried in the response message steps 708-710, if If the requested key type is the same as that of step 706, the same key ID is returned.
综上所述,在网络侧,例如在LMF实体侧,参见图8,本申请实施例提供的一种密钥更新方法包括:In summary, on the network side, for example, on the LMF entity side, referring to FIG. 8, a key update method provided in an embodiment of the present application includes:
S801、确定当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;S801. Determine the corresponding updated key when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
S802、向所述终端发送所述密钥。S802. Send the key to the terminal.
通过该方法,提供了当为终端服务的LMF实体发生变更时,用于对定位辅助数据进行解密的密钥如何更新的解决方案,使得更新后的密钥可以发送给终端。This method provides a solution for how to update the key used to decrypt positioning assistance data when the LMF entity serving the terminal changes, so that the updated key can be sent to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,通过更新后的目标LMF实体,向移动性管理功能AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到移动性管理功能AMF实体发送的新的密钥请求时,向所述AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, when a new key request sent by the mobility management function AMF entity is received, the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到所述终端的定位请求时,向所述终端发送所述密钥。Optionally, when a positioning request of the terminal is received, the key is sent to the terminal.
可选地,当接收到新的服务的即时定位请求时,通过下行定位消息向所 述终端发送所述密钥。Optionally, when an instant positioning request for a new service is received, the key is sent to the terminal through a downlink positioning message.
在网络侧,例如在AMF实体侧,参见图9,本申请实施例提供的一种密钥更新方法,包括:On the network side, for example, on the AMF entity side, referring to FIG. 9, a key update method provided in an embodiment of the present application includes:
S901、接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;S901. Receive an updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt positioning assistance data;
S902、将所述密钥发送给所述终端。S902. Send the key to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向更新后的目标LMF实体发送新的密钥请求后,接收所述目标LMF实体发送的所述密钥。Optionally, after sending a new key request to the updated target LMF entity, receive the key sent by the target LMF entity.
可选地,当通过非接入层NAS消息接收所述密钥时,该方法还包括对所述密钥进行管理并保存。Optionally, when the key is received through a non-access stratum NAS message, the method further includes managing and saving the key.
在终端侧,参见图10,本申请实施例提供的一种密钥更新方法,包括:On the terminal side, referring to FIG. 10, a key update method provided by an embodiment of the present application includes:
S101、接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;S101. Receive an updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt positioning assistance data;
S102、保存所述密钥。S102. Save the key.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,接收所述密钥。Optionally, the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向网络侧发送服务请求消息后,接收所述密钥,所述服务请求消息中包括密钥请求和密钥类型信息。Optionally, after sending a service request message to the network side, the key is received, and the service request message includes the key request and key type information.
可选地,所述服务请求消息为非接入层NAS消息,或者为事件报告消息。Optionally, the service request message is a non-access stratum NAS message or an event report message.
在网络侧,例如在核心网设备LMF实体侧,参见图11,本申请实施例提供的一种密钥更新装置,包括:On the network side, for example, on the LMF entity side of the core network equipment, referring to FIG. 11, a key update apparatus provided in an embodiment of the present application includes:
存储器141,用于存储程序指令;The memory 141 is used to store program instructions;
处理器140,用于调用所述存储器141中存储的程序指令,按照获得的程序执行:The processor 140 is configured to call the program instructions stored in the memory 141 and execute according to the obtained program:
确定当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的 密钥,所述密钥用于对定位辅助数据进行解密;Determine the corresponding updated key when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
向所述终端发送所述密钥。Sending the key to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,通过更新后的目标LMF实体,向移动性管理功能AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到移动性管理功能AMF实体发送的新的密钥请求时,向所述AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, when a new key request sent by the mobility management function AMF entity is received, the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到所述终端的定位请求时,向所述终端发送所述密钥。Optionally, when a positioning request of the terminal is received, the key is sent to the terminal.
可选地,当接收到新的服务的即时定位请求时,通过下行定位消息向所述终端发送所述密钥。Optionally, when an instant positioning request for a new service is received, the key is sent to the terminal through a downlink positioning message.
收发机142,用于在处理器140的控制下接收和发送数据。The transceiver 142 is used to receive and send data under the control of the processor 140.
其中,在图11中,总线架构可以包括任意数量的互联的总线和桥,具体由处理器140代表的一个或多个处理器和存储器141代表的存储器的各种电路链接在一起。总线架构还可以将诸如***设备、稳压器和功率管理电路等之类的各种其他电路链接在一起,这些都是本领域所公知的,因此,本文不再对其进行进一步描述。总线接口提供接口。收发机142可以是多个元件,即包括发送机和收发机,提供用于在传输介质上与各种其他装置通信的单元。处理器140负责管理总线架构和通常的处理,存储器141可以存储处理器140在执行操作时所使用的数据。Wherein, in FIG. 11, the bus architecture may include any number of interconnected buses and bridges. Specifically, one or more processors represented by the processor 140 and various circuits of the memory represented by the memory 141 are linked together. The bus architecture can also link various other circuits such as peripherals, voltage regulators, power management circuits, etc., which are all known in the art, and therefore, no further descriptions are provided herein. The bus interface provides the interface. The transceiver 142 may be a plurality of elements, that is, including a transmitter and a transceiver, and provide a unit for communicating with various other devices on the transmission medium. The processor 140 is responsible for managing the bus architecture and general processing, and the memory 141 can store data used by the processor 140 when performing operations.
处理器140可以是中央处理器(central processing unit,CPU)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现场可编程门阵列(Field-Programmable Gate Array,FPGA)或复杂可编程逻辑器件(Complex Programmable Logic Device,CPLD)。The processor 140 may be a central processing unit (CPU), an application specific integrated circuit (ASIC), a field programmable gate array (Field-Programmable Gate Array, FPGA) or a complex programmable logic device (Complex Programmable Logic Device, CPLD).
在网络侧,例如在核心网设备AMF实体侧,参见图12,本申请实施例提供的一种密钥更新装置,包括:On the network side, for example, on the core network equipment AMF entity side, referring to FIG. 12, a key update device provided in an embodiment of the present application includes:
存储器155,用于存储程序指令;The memory 155 is used to store program instructions;
处理器154,用于调用所述存储器155中存储的程序指令,按照获得的程序执行:The processor 154 is configured to call the program instructions stored in the memory 155 and execute according to the obtained program:
接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Receiving the updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
将所述密钥发送给所述终端。Send the key to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向更新后的目标LMF实体发送新的密钥请求后,接收所述目标LMF实体发送的所述密钥。Optionally, after sending a new key request to the updated target LMF entity, receive the key sent by the target LMF entity.
可选地,当通过非接入层NAS消息接收所述密钥时,所述处理器154还用于调用所述存储器155中存储的程序指令,按照获得的程序执行:对所述密钥进行管理并保存。Optionally, when receiving the key through a non-access stratum NAS message, the processor 154 is further configured to call the program instructions stored in the memory 155, and execute according to the obtained program: Manage and save.
收发机151,用于在处理器154的控制下接收和发送数据。The transceiver 151 is used to receive and send data under the control of the processor 154.
在图12中,总线架构(用总线156来代表),总线156可以包括任意数量的互联的总线和桥,总线156将包括由处理器154代表的一个或多个处理器和存储器155代表的存储器的各种电路链接在一起。总线156还可以将诸如***设备、稳压器和功率管理电路等之类的各种其他电路链接在一起,这些都是本领域所公知的,因此,本文不再对其进行进一步描述。总线接口153在总线156和收发机151之间提供接口。收发机151可以是一个元件,也可以是多个元件,比如多个接收器和发送器,提供用于在传输介质上与各种其他装置通信的单元。经处理器154处理的数据通过天线152在无线介质上进行传输,进一步,天线152还接收数据并将数据传送给处理器154。In Figure 12, the bus architecture (represented by the bus 156), the bus 156 can include any number of interconnected buses and bridges, the bus 156 will include one or more processors represented by the processor 154 and the memory represented by the memory 155 The various circuits are linked together. The bus 156 may also link various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are all known in the art, and therefore, no further descriptions thereof are provided herein. The bus interface 153 provides an interface between the bus 156 and the transceiver 151. The transceiver 151 may be one element or multiple elements, such as multiple receivers and transmitters, providing a unit for communicating with various other devices on a transmission medium. The data processed by the processor 154 is transmitted on the wireless medium through the antenna 152, and further, the antenna 152 also receives the data and transmits the data to the processor 154.
处理器154负责管理总线156和通常的处理,还可以提供各种功能,包括定时,***接口,电压调节、电源管理以及其他控制功能。而存储器155可以被用于存储处理器154在执行操作时所使用的数据。The processor 154 is responsible for managing the bus 156 and general processing, and can also provide various functions, including timing, peripheral interfaces, voltage regulation, power management, and other control functions. The memory 155 may be used to store data used by the processor 154 when performing operations.
可选的,处理器154可以是CPU、ASIC、FPGA或CPLD。Optionally, the processor 154 may be a CPU, ASIC, FPGA or CPLD.
在终端侧,参见图13,本申请实施例提供的一种密钥更新装置,包括:On the terminal side, referring to FIG. 13, a key update device provided in an embodiment of the present application includes:
存储器160,用于存储程序指令;The memory 160 is used to store program instructions;
处理器161,用于调用所述存储器160中存储的程序指令,按照获得的程序执行:The processor 161 is configured to call the program instructions stored in the memory 160 and execute according to the obtained program:
接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Receiving the updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
保存所述密钥。Save the key.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,接收所述密钥。Optionally, the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向网络侧发送服务请求消息后,接收所述密钥,所述服务请求消息中包括密钥请求和密钥类型信息。Optionally, after sending a service request message to the network side, the key is received, and the service request message includes the key request and key type information.
可选地,所述服务请求消息为非接入层NAS消息,或者为事件报告消息。Optionally, the service request message is a non-access stratum NAS message or an event report message.
收发机162,用于在处理器161的控制下接收和发送数据。The transceiver 162 is used to receive and send data under the control of the processor 161.
其中,在图13中,总线架构可以包括任意数量的互联的总线和桥,具体由处理器161代表的一个或多个处理器和存储器160代表的存储器的各种电路链接在一起。总线架构还可以将诸如***设备、稳压器和功率管理电路等之类的各种其他电路链接在一起,这些都是本领域所公知的,因此,本文不再对其进行进一步描述。总线接口提供接口。收发机162可以是多个元件,即包括发送机和接收机,提供用于在传输介质上与各种其他装置通信的单元。针对不同的用户设备,用户接口163还可以是能够外接内接需要设备的接口,连接的设备包括但不限于小键盘、显示器、扬声器、麦克风、操纵杆等。Wherein, in FIG. 13, the bus architecture may include any number of interconnected buses and bridges. Specifically, one or more processors represented by the processor 161 and various circuits of the memory represented by the memory 160 are linked together. The bus architecture can also link various other circuits such as peripherals, voltage regulators, power management circuits, etc., which are all known in the art, and therefore, no further descriptions are provided herein. The bus interface provides the interface. The transceiver 162 may be a plurality of elements, that is, including a transmitter and a receiver, and provide a unit for communicating with various other devices on the transmission medium. For different user equipment, the user interface 163 may also be an interface capable of connecting externally and internally with the required equipment. The connected equipment includes but not limited to a keypad, a display, a speaker, a microphone, a joystick, etc.
处理器161负责管理总线架构和通常的处理,存储器160可以存储处理器161在执行操作时所使用的数据。The processor 161 is responsible for managing the bus architecture and general processing, and the memory 160 can store data used by the processor 161 when performing operations.
可选的,处理器161可以是CPU、ASIC、FPGA或CPLD。Optionally, the processor 161 may be a CPU, ASIC, FPGA, or CPLD.
在网络侧,例如在LMF实体侧,参见图14,本申请实施例提供的另一种密钥更新装置,包括:On the network side, for example, on the LMF entity side, referring to FIG. 14, another key update device provided in an embodiment of the present application includes:
确定单元11,用于确定当为终端服务的位置管理功能LMF实体发生更新 时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;The determining unit 11 is configured to determine the corresponding updated key when the location management function LMF entity serving the terminal is updated, and the key is used to decrypt the positioning assistance data;
发送单元12,用于向所述终端发送所述密钥。The sending unit 12 is configured to send the key to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,通过更新后的目标LMF实体,向移动性管理功能AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到移动性管理功能AMF实体发送的新的密钥请求时,向所述AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。Optionally, when a new key request sent by the mobility management function AMF entity is received, the key is sent to the AMF entity, and the key is sent to the terminal through the AMF entity.
可选地,当接收到所述终端的定位请求时,向所述终端发送所述密钥。Optionally, when a positioning request of the terminal is received, the key is sent to the terminal.
可选地,当接收到新的服务的即时定位请求时,通过下行定位消息向所述终端发送所述密钥。Optionally, when an instant positioning request for a new service is received, the key is sent to the terminal through a downlink positioning message.
在网络侧,例如在AMF实体侧,参见图15,本申请实施例提供的另一种密钥更新装置,包括:On the network side, for example, on the AMF entity side, referring to FIG. 15, another key update device provided in an embodiment of the present application includes:
接收单元21,用于接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;The receiving unit 21 is configured to receive a corresponding updated key when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt positioning assistance data;
发送单元22,用于将所述密钥发送给所述终端。The sending unit 22 is configured to send the key to the terminal.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。Optionally, the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向更新后的目标LMF实体发送新的密钥请求后,接收所述目标LMF实体发送的所述密钥。Optionally, after sending a new key request to the updated target LMF entity, receive the key sent by the target LMF entity.
可选地,当通过非接入层NAS消息接收所述密钥时,所述发送单元22还用于:对所述密钥进行管理并保存。Optionally, when receiving the key through a non-access stratum NAS message, the sending unit 22 is further configured to manage and save the key.
在终端侧,参见图16,本申请实施例提供的另一种密钥更新装置,包括:On the terminal side, referring to FIG. 16, another key update device provided by an embodiment of the present application includes:
接收单元31,用于接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;The receiving unit 31 is configured to receive a corresponding updated key when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt positioning assistance data;
保存单元32,用于保存所述密钥。The saving unit 32 is used to save the key.
可选地,通过非接入层NAS消息或者长期演进定位协议LPP消息,接收所述密钥。Optionally, the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol LPP message.
可选地,向网络侧发送服务请求消息后,接收所述密钥,所述服务请求消息中包括密钥请求和密钥类型信息。Optionally, after sending a service request message to the network side, the key is received, and the service request message includes the key request and key type information.
可选地,所述服务请求消息为非接入层NAS消息,或者为事件报告消息。Optionally, the service request message is a non-access stratum NAS message or an event report message.
需要说明的是,本申请实施例中对单元的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。It should be noted that the division of units in the embodiments of the present application is illustrative, and is only a logical function division, and there may be other division methods in actual implementation. In addition, the functional units in each embodiment of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit. The above-mentioned integrated unit can be implemented in the form of hardware or software functional unit.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)或处理器(processor)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium. Based on this understanding, the technical solution of this application essentially or the part that contributes to the existing technology or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , Including a number of instructions to make a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor (processor) execute all or part of the steps of the method described in each embodiment of the present application. The aforementioned storage media include: U disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk and other media that can store program code .
本申请实施例提供了一种计算设备,该计算设备具体可以为桌面计算机、便携式计算机、智能手机、平板电脑、个人数字助理(Personal Digital Assistant,PDA)等。该计算设备可以包括CPU、存储器、输入/输出设备等,输入设备可以包括键盘、鼠标、触摸屏等,输出设备可以包括显示设备,如液晶显示器(Liquid Crystal Display,LCD)、阴极射线管(Cathode Ray Tube,CRT)等。The embodiments of the present application provide a computing device, and the computing device may specifically be a desktop computer, a portable computer, a smart phone, a tablet computer, a personal digital assistant (Personal Digital Assistant, PDA), etc. The computing device may include CPU, memory, input/output devices, etc., input devices may include keyboards, mice, touch screens, etc., output devices may include display devices, such as liquid crystal displays (LCD), cathode ray tubes (Cathode Ray) Tube, CRT) etc.
存储器可以包括只读存储器(ROM)和随机存取存储器(RAM),并向处理器提供存储器中存储的程序指令和数据。在本申请实施例中,存储器可 以用于存储本申请实施例提供的任一所述方法的程序。The memory may include read-only memory (ROM) and random access memory (RAM), and provides the processor with program instructions and data stored in the memory. In the embodiment of the present application, the memory can be used to store the program of any of the methods provided in the embodiment of the present application.
处理器通过调用存储器存储的程序指令,处理器用于按照获得的程序指令执行本申请实施例提供的任一所述方法。The processor calls the program instructions stored in the memory, and the processor is configured to execute any of the methods provided in the embodiments of the present application according to the obtained program instructions.
本申请实施例提供了一种计算机存储介质,用于储存为上述本申请实施例提供的装置所用的计算机程序指令,其包含用于执行上述本申请实施例提供的任一方法的程序。The embodiment of the present application provides a computer storage medium for storing computer program instructions used by the device provided in the foregoing embodiment of the present application, which includes a program for executing any method provided in the foregoing embodiment of the present application.
所述计算机存储介质可以是计算机能够存取的任何可用介质或数据存储设备,包括但不限于磁性存储器(例如软盘、硬盘、磁带、磁光盘(magneto-optical,MO)等)、光学存储器(例如CD、DVD、BD、HVD等)、以及半导体存储器(例如ROM、EPROM、EEPROM、非易失性存储器(NAND FLASH)、固态硬盘(SSD))等。The computer storage medium may be any available medium or data storage device that can be accessed by a computer, including but not limited to magnetic storage (such as floppy disk, hard disk, magnetic tape, magneto-optical (MO), etc.), optical storage (such as CD, DVD, BD, HVD, etc.), and semiconductor memory (such as ROM, EPROM, EEPROM, non-volatile memory (NAND FLASH), solid state drive (SSD)), etc.
本申请实施例提供的方法可以应用于终端设备,也可以应用于网络设备。The method provided in the embodiments of the present application can be applied to terminal equipment, and can also be applied to network equipment.
其中,终端设备也可称之为UE、移动台(Mobile Station,简称为“MS”)、移动终端(Mobile Terminal)等,可选的,该终端可以具备经RAN与一个或多个核心网进行通信的能力,例如,终端可以是移动电话(或称为“蜂窝”电话)、或具有移动性质的计算机等,例如,终端还可以是便携式、袖珍式、手持式、计算机内置的或者车载的移动装置。Among them, the terminal equipment can also be called UE, mobile station (Mobile Station, referred to as "MS"), mobile terminal (Mobile Terminal), etc. Optionally, the terminal can be equipped with one or more core networks via RAN. Communication capabilities, for example, the terminal can be a mobile phone (or called a "cellular" phone), or a mobile computer, etc., for example, the terminal can also be portable, pocket-sized, hand-held, built-in computer, or mobile Device.
所述网络设备可以为核心网设备。The network device may be a core network device.
上述方法处理流程可以用软件程序实现,该软件程序可以存储在存储介质中,当存储的软件程序被调用时,执行上述方法步骤。The processing flow of the above method can be implemented by a software program, which can be stored in a storage medium, and when the stored software program is called, the above method steps are executed.
综上所述,本申请实施例提供的技术方案中,更新后的密钥可以通过扩展NAS消息下发,也可以通过扩展LPP消息下发。具体地,In summary, in the technical solution provided by the embodiments of the present application, the updated key can be issued through an extended NAS message, or can be issued through an extended LPP message. specifically,
1、当LMF实体变更时,目标LMF实体向AMF实体发送密钥,AMF实体通过NAS/LPP消息向UE发送新的密钥。通过NAS消息下发时,AMF实体管理并保存密钥;通过LPP消息下发时,LPP管理并保存密钥。1. When the LMF entity changes, the target LMF entity sends the key to the AMF entity, and the AMF entity sends the new key to the UE through a NAS/LPP message. When sending through NAS messages, the AMF entity manages and saves the keys; when sending through LPP messages, LPP manages and saves the keys.
2、当LMF实体变更时,AMF实体发送密钥申请,向更新后的目标LMF实体请求新的密钥,目标LMF实体通过NAS消息经AMF实体发给UE。2. When the LMF entity changes, the AMF entity sends a key application to request a new key from the updated target LMF entity, and the target LMF entity sends a NAS message to the UE via the AMF entity.
3、UE在事件上报的时候,携带密钥请求。当LMF实体变更时,UE向网络发起服务请求,携带密钥请求及密钥类型,目标LMF实体收到对目标UE的定位请求,直接通过NAS或者LPP消息下发更新的密钥。如果UE通过NAS消息中携带密钥请求,则AMF实体可见,密钥返回时,通过NAS消息返回密钥;如果UE通过事件报告消息中携带密钥请求,则AMF实体不可见,只是透传,密钥返回时通过LPP消息返回。3. The UE carries the key request when reporting the event. When the LMF entity changes, the UE initiates a service request to the network, carrying the key request and key type, and the target LMF entity receives the location request for the target UE, and directly issues the updated key through the NAS or LPP message. If the UE carries the key request in the NAS message, the AMF entity is visible. When the key is returned, the key is returned through the NAS message; if the UE carries the key request in the event report message, the AMF entity is not visible, but only transparently transmitted. When the key is returned, it is returned through an LPP message.
4、在LMF实体发生变更时,目标LMF实体同时收到新的服务的即时定位请求,将通过下行定位消息将更新的密钥发给UE。通过NAS消息下发时,AMF实体对密钥可见;通过LPP消息下发时,AMF实体对密钥不可见。4. When the LMF entity changes, the target LMF entity receives an instant location request for the new service at the same time, and will send the updated key to the UE through a downlink location message. When issued through a NAS message, the AMF entity is visible to the key; when issued through an LPP message, the AMF entity is invisible to the key.
因此,本申请实施例提供的技术方案解决了LMF实体变更时密钥更新的相关问题。Therefore, the technical solution provided by the embodiment of the present application solves the related problem of key update when the LMF entity changes.
本领域内的技术人员应明白,本申请的实施例可提供为方法、***、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器和光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present application can be provided as methods, systems, or computer program products. Therefore, the present application may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, this application may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, optical storage, etc.) containing computer-usable program codes.
本申请是参照根据本申请实施例的方法、设备(***)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。This application is described with reference to flowcharts and/or block diagrams of methods, equipment (systems), and computer program products according to the embodiments of this application. It should be understood that each process and/or block in the flowchart and/or block diagram, and the combination of processes and/or blocks in the flowchart and/or block diagram can be implemented by computer program instructions. These computer program instructions can be provided to the processor of a general-purpose computer, a special-purpose computer, an embedded processor, or other programmable data processing equipment to generate a machine, so that the instructions executed by the processor of the computer or other programmable data processing equipment are generated It is a device that realizes the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或 多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device. The device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment. The instructions provide steps for implementing functions specified in a flow or multiple flows in the flowchart and/or a block or multiple blocks in the block diagram.
显然,本领域的技术人员可以对本申请进行各种改动和变型而不脱离本申请的精神和范围。这样,倘若本申请的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。Obviously, those skilled in the art can make various changes and modifications to the application without departing from the spirit and scope of the application. In this way, if these modifications and variations of this application fall within the scope of the claims of this application and their equivalent technologies, this application also intends to include these modifications and variations.

Claims (32)

  1. 一种密钥更新方法,其特征在于,该方法包括:A key update method, characterized in that the method includes:
    确定当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Determine the updated key when the location management function LMF entity serving the terminal is updated, and the key is used to decrypt the positioning assistance data;
    向所述终端发送所述密钥。Sending the key to the terminal.
  2. 根据权利要求1所述的方法,其特征在于,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。The method according to claim 1, wherein the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol (LPP) message.
  3. 根据权利要求1或2所述的方法,其特征在于,通过更新后的目标LMF实体,向移动性管理功能AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。The method according to claim 1 or 2, wherein the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the AMF entity through the AMF entity. terminal.
  4. 根据权利要求1或2所述的方法,其特征在于,当接收到移动性管理功能AMF实体发送的新的密钥请求时,向所述AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。The method according to claim 1 or 2, wherein when a new key request sent by a mobility management function AMF entity is received, the key is sent to the AMF entity, and the AMF entity transfers the key to the AMF entity. The key is sent to the terminal.
  5. 根据权利要求1或2所述的方法,其特征在于,当接收到所述终端的定位请求时,向所述终端发送所述密钥。The method according to claim 1 or 2, characterized in that when a positioning request of the terminal is received, the key is sent to the terminal.
  6. 根据权利要求1或2所述的方法,其特征在于,当接收到新的服务的即时定位请求时,通过下行定位消息向所述终端发送所述密钥。The method according to claim 1 or 2, wherein when an instant positioning request for a new service is received, the key is sent to the terminal through a downlink positioning message.
  7. 一种密钥更新方法,其特征在于,该方法包括:A key update method, characterized in that the method includes:
    接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Receiving the updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
    将所述密钥发送给所述终端。Send the key to the terminal.
  8. 根据权利要求7所述的方法,其特征在于,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。The method according to claim 7, wherein the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol (LPP) message.
  9. 根据权利要求7或8所述的方法,其特征在于,向更新后的目标LMF实体发送新的密钥请求后,接收所述目标LMF实体发送的所述密钥。The method according to claim 7 or 8, characterized in that after sending a new key request to the updated target LMF entity, the key sent by the target LMF entity is received.
  10. 根据权利要求7所述的方法,其特征在于,当通过非接入层NAS消 息接收所述密钥时,该方法还包括对所述密钥进行管理并保存。The method according to claim 7, wherein when the key is received through a non-access stratum NAS message, the method further comprises managing and storing the key.
  11. 一种密钥更新方法,其特征在于,该方法包括:A key update method, characterized in that the method includes:
    接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Receiving the updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
    保存所述密钥。Save the key.
  12. 根据权利要求11所述的方法,其特征在于,通过非接入层NAS消息或者长期演进定位协议LPP消息,接收所述密钥。The method according to claim 11, wherein the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol (LPP) message.
  13. 根据权利要求11或12所述的方法,其特征在于,向网络侧发送服务请求消息后,接收所述密钥,所述服务请求消息中包括密钥请求和密钥类型信息。The method according to claim 11 or 12, wherein the key is received after sending the service request message to the network side, and the service request message includes the key request and key type information.
  14. 根据权利要求13所述的方法,其特征在于,所述服务请求消息为非接入层NAS消息,或者为事件报告消息。The method according to claim 13, wherein the service request message is a non-access stratum NAS message or an event report message.
  15. 一种密钥更新装置,其特征在于,该装置包括:A key update device, characterized in that the device includes:
    存储器,用于存储程序指令;Memory, used to store program instructions;
    处理器,用于调用所述存储器中存储的程序指令,按照获得的程序执行:The processor is used to call the program instructions stored in the memory and execute according to the obtained program:
    确定当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Determine the updated key when the location management function LMF entity serving the terminal is updated, and the key is used to decrypt the positioning assistance data;
    向所述终端发送所述密钥。Sending the key to the terminal.
  16. 根据权利要求15所述的装置,其特征在于,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。The apparatus according to claim 15, wherein the key is sent to the terminal through a non-access stratum NAS message or a long-term evolution positioning protocol (LPP) message.
  17. 根据权利要求15或16所述的装置,其特征在于,通过更新后的目标LMF实体,向移动性管理功能AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。The apparatus according to claim 15 or 16, wherein the key is sent to the mobility management function AMF entity through the updated target LMF entity, and the key is sent to the AMF entity through the AMF entity. terminal.
  18. 根据权利要求15或16所述的装置,其特征在于,当接收到移动性管理功能AMF实体发送的新的密钥请求时,向所述AMF实体发送所述密钥,通过所述AMF实体将所述密钥发送给所述终端。The apparatus according to claim 15 or 16, wherein when a new key request sent by a mobility management function AMF entity is received, the key is sent to the AMF entity, and the AMF entity transfers the key to the AMF entity. The key is sent to the terminal.
  19. 根据权利要求15或16所述的装置,其特征在于,当接收到所述终 端的定位请求时,向所述终端发送所述密钥。The device according to claim 15 or 16, characterized in that, when a positioning request of the terminal is received, the key is sent to the terminal.
  20. 根据权利要求15或16所述的装置,其特征在于,当接收到新的服务的即时定位请求时,通过下行定位消息向所述终端发送所述密钥。The device according to claim 15 or 16, characterized in that when an instant positioning request for a new service is received, the key is sent to the terminal through a downlink positioning message.
  21. 一种密钥更新装置,其特征在于,该装置包括:A key update device, characterized in that the device includes:
    存储器,用于存储程序指令;Memory, used to store program instructions;
    处理器,用于调用所述存储器中存储的程序指令,按照获得的程序执行:The processor is used to call the program instructions stored in the memory and execute according to the obtained program:
    接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Receiving the updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
    将所述密钥发送给所述终端。Send the key to the terminal.
  22. 根据权利要求21所述的装置,其特征在于,通过非接入层NAS消息或者长期演进定位协议LPP消息,向所述终端发送所述密钥。The apparatus according to claim 21, wherein the key is sent to the terminal through a non-access stratum NAS message or a Long Term Evolution Positioning Protocol (LPP) message.
  23. 根据权利要求21或22所述的装置,其特征在于,向更新后的目标LMF实体发送新的密钥请求后,接收所述目标LMF实体发送的所述密钥。The apparatus according to claim 21 or 22, wherein after sending a new key request to the updated target LMF entity, the key sent by the target LMF entity is received.
  24. 根据权利要求21所述的装置,其特征在于,当通过非接入层NAS消息接收所述密钥时,所述处理器还用于调用所述存储器中存储的程序指令,按照获得的程序执行:对所述密钥进行管理并保存。The apparatus according to claim 21, wherein when receiving the key through a non-access stratum NAS message, the processor is further configured to call the program instructions stored in the memory, and execute according to the obtained program : Manage and save the key.
  25. 一种密钥更新装置,其特征在于,该装置包括:A key update device, characterized in that the device includes:
    存储器,用于存储程序指令;Memory, used to store program instructions;
    处理器,用于调用所述存储器中存储的程序指令,按照获得的程序执行:The processor is used to call the program instructions stored in the memory and execute according to the obtained program:
    接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;Receiving the updated key corresponding to when the location management function LMF entity serving the terminal is updated, where the key is used to decrypt the positioning assistance data;
    保存所述密钥。Save the key.
  26. 根据权利要求25所述的装置,其特征在于,通过非接入层NAS消息或者长期演进定位协议LPP消息,接收所述密钥。The apparatus according to claim 25, wherein the key is received through a non-access stratum NAS message or a long-term evolution positioning protocol (LPP) message.
  27. 根据权利要求25或26所述的装置,其特征在于,向网络侧发送服务请求消息后,接收所述密钥,所述服务请求消息中包括密钥请求和密钥类型信息。The device according to claim 25 or 26, wherein the key is received after sending a service request message to the network side, and the service request message includes a key request and key type information.
  28. 根据权利要求27所述的装置,其特征在于,所述服务请求消息为非接入层NAS消息,或者为事件报告消息。The apparatus according to claim 27, wherein the service request message is a non-access stratum NAS message or an event report message.
  29. 一种密钥更新装置,其特征在于,该装置包括:A key update device, characterized in that the device includes:
    确定单元,用于确定当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;The determining unit is configured to determine the updated key corresponding to the location management function LMF entity serving the terminal when the updated key is used to decrypt the positioning assistance data;
    发送单元,用于向所述终端发送所述密钥。The sending unit is configured to send the key to the terminal.
  30. 一种密钥更新装置,其特征在于,该装置包括:A key update device, characterized in that the device includes:
    接收单元,用于接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;The receiving unit is configured to receive the updated key corresponding to the location management function LMF entity serving the terminal when the LMF entity is updated, and the key is used to decrypt the positioning assistance data;
    发送单元,用于将所述密钥发送给所述终端。The sending unit is configured to send the key to the terminal.
  31. 一种密钥更新装置,其特征在于,该装置包括:A key update device, characterized in that the device includes:
    接收单元,用于接收当为终端服务的位置管理功能LMF实体发生更新时对应的更新后的密钥,所述密钥用于对定位辅助数据进行解密;The receiving unit is configured to receive the updated key corresponding to the location management function LMF entity serving the terminal when the LMF entity is updated, and the key is used to decrypt the positioning assistance data;
    保存单元,用于保存所述密钥。The saving unit is used to save the key.
  32. 一种计算机存储介质,其特征在于,所述计算机存储介质存储有计算机可执行指令,所述计算机可执行指令用于使所述计算机执行权利要求1至14任一项所述的方法。A computer storage medium, wherein the computer storage medium stores computer executable instructions, and the computer executable instructions are used to make the computer execute the method according to any one of claims 1 to 14.
PCT/CN2020/089289 2019-06-11 2020-05-08 Key update method and device WO2020248749A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910503450.5 2019-06-11
CN201910503450.5A CN112073176B (en) 2019-06-11 2019-06-11 Key updating method and device

Publications (1)

Publication Number Publication Date
WO2020248749A1 true WO2020248749A1 (en) 2020-12-17

Family

ID=73658458

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/089289 WO2020248749A1 (en) 2019-06-11 2020-05-08 Key update method and device

Country Status (2)

Country Link
CN (1) CN112073176B (en)
WO (1) WO2020248749A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113312048A (en) * 2021-06-10 2021-08-27 浪潮云信息技术股份公司 Implementation method and system for calling local tool based on electron

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019083596A1 (en) * 2017-10-25 2019-05-02 Qualcomm Incorporated System and methods for periodic location reports in a wireless network

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101516059A (en) * 2009-03-27 2009-08-26 华为技术有限公司 Positioning service treatment method, device and system
US9264151B1 (en) * 2009-07-29 2016-02-16 Shopkick, Inc. Method and system for presence detection
US20120257668A1 (en) * 2011-04-11 2012-10-11 King Fahd University Of Petroleum And Minerals Time-varying least-mean-fourth-based channel equalization method and system
US9271256B2 (en) * 2011-08-30 2016-02-23 Qualcomm Incorporated Verifying generic broadcast of location assistance data
CN102438241B (en) * 2011-12-30 2016-03-16 北京中创信测科技股份有限公司 To NAS signaling decryption device and method in a kind of LTE protocol monitoring analysis
AU2016247689B2 (en) * 2015-04-13 2020-07-02 Samsung Electronics Co., Ltd. Technique for managing profile in communication system
US10383081B2 (en) * 2017-05-05 2019-08-13 Qualcomm Incorporated Methods and systems for positioning of a mobile device using broadcast of assistance data
CN109089255B (en) * 2017-06-14 2022-01-25 ***通信有限公司研究院 User position notification control method, device, system, equipment and storage medium
CN109842880B (en) * 2018-08-23 2020-04-03 华为技术有限公司 Routing method, device and system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019083596A1 (en) * 2017-10-25 2019-05-02 Qualcomm Incorporated System and methods for periodic location reports in a wireless network

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
CATT: "Ciphering Keys Update During LMF Change", 3GPP TSG-SA WG2 MEETING #134 S2-1907555, 18 June 2019 (2019-06-18), XP051752513, DOI: 20200629144910PX *
CATT: "PCR to TR33.814 - The Solution for the Ciphering Key Management of Broadcast Assistance Data", 3GPP TSG SA WG3 (SECURITY) MEETING #95-BIS S3-191965, 17 June 2019 (2019-06-17), XP051750709, DOI: 20200629145012PX *
HUAWEI ET AL.: "Solution on Key Updating for Broadcast Assistant Data Protection", 3GPP TSG-SA WG3 (SECURITY) MEETING #94 AD-HOC S3-190718, 4 March 2019 (2019-03-04), XP051697651 *
QUALCOMM INC.: "Addition of LMF Change Procedure for TS 23.273", 3GPP TSG-SA WG2 MEETING #131 S2-1902227, 28 February 2019 (2019-02-28), XP051610779, DOI: 20200629145255A *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113312048A (en) * 2021-06-10 2021-08-27 浪潮云信息技术股份公司 Implementation method and system for calling local tool based on electron

Also Published As

Publication number Publication date
CN112073176B (en) 2022-03-11
CN112073176A (en) 2020-12-11

Similar Documents

Publication Publication Date Title
US11140546B2 (en) Security processing method and related device
US11323912B2 (en) Data transmission method, data transmitting end, data receiving end, data transmission system and computer readable storage medium
US20230292116A1 (en) Methods supporting authentication in wireless communication networks and related network nodes and wireless terminals
WO2018137716A1 (en) Method and device for keeping continuity of udc function
WO2018166338A1 (en) Key update method and apparatus
WO2021139546A1 (en) Information transmission method and device
US20220210859A1 (en) Data transmission method and apparatus
EP3681182A1 (en) Method, apparatus and device for determining state of terminal device
WO2020248749A1 (en) Key update method and device
AU2018370898B2 (en) Method and apparatus for negotiation of user equipment policy delivery
WO2022022543A1 (en) Information reporting method, terminal, and network-side device
WO2020177716A1 (en) Method and apparatus for protecting auxiliary information
WO2018120184A1 (en) Method and device for transmitting information during cell switch
EP3883292A1 (en) Message sending method and apparatus, and control method and apparatus therefor
WO2020052638A1 (en) Location information transmission method and apparatus, and device
WO2017152360A1 (en) Method and device for radio bearer security configuration
CN112073177B (en) Key updating method and device
WO2019034659A1 (en) Ue information reporting procedure
US20220330356A1 (en) Method of configuring service data adaptation protocol entity and device
WO2022206774A1 (en) Method and apparatus for determining prs configuration information
WO2023006043A1 (en) Access method and apparatus
WO2020147643A1 (en) Security protection method and apparatus
WO2022174802A1 (en) Method for updating cryptographic key, and apparatus
WO2022016512A1 (en) Method and apparatus for managing external subscription data
CN116980888A (en) Encryption negotiation method, device, equipment and readable storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20823081

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20823081

Country of ref document: EP

Kind code of ref document: A1