Movatterモバイル変換

[0]ホーム
URL:

CN110896683A - Data protection method, device and system - Google Patents

Data protection method, device and systemDownload PDF

Info

Publication number
CN110896683A
CN110896683ACN201780090947.8ACN201780090947ACN110896683ACN 110896683 ACN110896683 ACN 110896683ACN 201780090947 ACN201780090947 ACN 201780090947ACN 110896683 ACN110896683 ACN 110896683A
Authority
CN
China
Prior art keywords
access network
user equipment
public key
key
equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201780090947.8A
Other languages
Chinese (zh)
Inventor
王海光
刘斐
康鑫
雷中定
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei International Pte Ltd
Original Assignee
Huawei International Pte Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei International Pte LtdfiledCriticalHuawei International Pte Ltd
Publication of CN110896683ApublicationCriticalpatent/CN110896683A/en
Pendinglegal-statusCriticalCurrent

Links

Images

Classifications

Landscapes

Abstract

The embodiment of the invention discloses a data protection method, a device and a system, wherein the method comprises the following steps: the method comprises the steps that a first device obtains original data; the first device generates a symmetric key based on a private key of the first device and a public key of the second device; the first device uses a symmetric key or a key derived from the symmetric key to perform security protection on the original data to obtain a protected data packet; security protection includes encryption and/or integrity protection; the first device sends a protected data packet to the second device; when the first equipment is user equipment, the second equipment is access network equipment; when the first equipment is access network equipment, the second equipment is user equipment; the access network equipment is a centralized processing unit CU of the access network. By implementing the embodiment of the invention, the small data can be safely accessed without network authentication, the network access efficiency of the IOT equipment is improved, and the flow cost of the IOT equipment is reduced.

Description

Data protection method, device and system
Data protection method, device and system technical field
The present invention relates to the field of communications, and in particular, to a data protection method, apparatus, and system. Background
With the rapid development of mobile internet, more and more internet of things (IoT) devices in vertical industries need to access a communication network operated by an operator. Unlike conventional mobile devices, I0T devices are characterized by a large number and most of the I0T device lifecycle is to send sporadic small data (small data).
In current communication networks (e.g., cellular networks), devices usually access the network by verifying identities and symmetric keys contained in a universal subscriber identity module (USBi), and the verification method mainly includes an EPS-AKA (evolved packet system-authentication and key authentication) authentication protocol. In this authentication method, on one hand, authentication is a centralized authentication method, and all authentication finally requires the participation of a user subscription server (HSS). On the other hand, USIM card encryption requires relatively high traffic costs.
For an I0T device, when accessing a network based on a verification method in the prior art, network access authentication of a large number of I0T devices may cause congestion of an HSS, and data access efficiency is greatly reduced. In addition, the large number of I0T devices is also difficult to bear the high traffic costs associated with this authentication approach. That is, current cryptographic authentication methods do not match the data characteristics of I0T devices. Disclosure of Invention
The embodiment of the invention discloses a data protection method, a data protection device and a data protection system, and can solve the problem that the existing encryption authentication method does not match the data characteristics of I0T equipment, realize that small data can be safely accessed to a network without network authentication, improve the network access efficiency of I0T equipment and reduce the flow cost of I0T equipment.
In a first aspect, an embodiment of the present invention discloses a data protection method, which is described from a single side of a first device. The method comprises the following steps: the method comprises the steps that first equipment obtains original data to be transmitted; the first device generates a symmetric key based on a private key of the first device and a public key of a second device; the first device uses a security key to perform security protection on the original data to obtain a protected data packet; wherein the security key comprises the symmetric key, or the security key comprises a key derived from the symmetric key; the security protection comprises encryption and/or integrity protection; the first device sends the protected data packet to a second device;
the method comprises the steps that when first equipment is User Equipment (UE), second equipment is access network equipment, and when the first equipment is access network equipment, the second equipment is user equipment, wherein the access network equipment comprises a Central Unit (CU) of AN Access Network (AN) or a gateway of the access network, and original data are small data (smal data).
In a possible embodiment, the private key of the first device is pre-configured in the first device.
In this embodiment of the present invention, the first device sends the protected data packet to the second device without establishing an air interface connection between the first device and the second device. That is, the protected data packet may be transmitted at the first device without prior communication authentication with the second device. Specifically, the protected data packet is a Packet Data Convergence Protocol (PDCP) data packet. By implementing the embodiment of the invention, the safety protection/verification is independently carried out between the UE and the corresponding CU, the small data access network can be realized without carrying out network authentication, the realization of large amount of small data transmission between the UE and the CU is facilitated, the defect of a centralized authentication mode is effectively avoided, and the flow of the data access network can be reduced because the protected data packet carries less verification information.
With reference to the first aspect, in a first possible application scenario, where the first device is a user equipment and the second device is an access network device, in this scenario, data transmission is uplink transmission, which is specifically as follows:
the first device generates a symmetric key based on the private key of the first device and the public key of the second device, which specifically includes: the user device generates a symmetric key based on a private key of the user device and a public key of the access network device (CU public key).
With reference to the first possible application scenario of the first aspect, in a possible implementation manner, the public key of the access network device is obtained by the user equipment from the access network device after the user equipment and a core network are successfully authenticated.
In the embodiment of the invention, the UE is an Internet of things I0T device, a terminal device or a communication device. When a UE is an I0T device, the I0T device transmits sporadic small data most of the time, but occasionally transmits continuous large data. For example, when a sudden event occurs, such as a fire, a car accident, or when a functional test, a software update, or a complex functional application needs to be performed, the I0T devices may also transmit continuous data, and therefore, the I0T devices also need to have the capability of a conventional network device to establish a broadband connection through bidirectional authentication. In this case, if the UE, the CU, and the authentication server network element (AUSF) preset respective Identity Based Cryptography (IBC) credentials (confidential), the UE performs bidirectional authentication with the AUSF through the CU and the AMF. After the bidirectional authentication is completed, an access and mobility management network element (AMF) obtains a UE public key, and sends the UE public key to the CU, and the CU further sends the CU public key to the UE.
At this time, the protected data packet includes: the temporary identity T-ID of the user equipment.
Optionally, the temporary identity of the user equipment is obtained by the user equipment from a core network element after the user equipment successfully authenticates with a Core Network (CN); in a possible embodiment of the invention, in order to improve the privacy of data transmission and protection, the AMF generates a temporary identity T-ID of the user equipment, and configures the T-ID to the UE and the CU, where the T-ID is used to characterize the UE's temporary legitimate identity, and the T-ID may be a random string, a coded sequence, or the like, for example. The T-ID is preset with a temporary period, and within the preset period (such as 1 day/5 days/10 days and the like), the UE and the CU use the T-ID as a unique security protection identifier of the small data needing to be protected, and the UE and the CU can perform corresponding security protection/verification on the small data based on the T-ID. And when the UE needs to upload small data to the CU, the T-ID is packaged in the protected data packet.
In the embodiment of the present invention, the T-ID is preset with a temporary time limit, the UE and the CU may perform corresponding security protection/verification on the small data based on the T-ID within the preset time limit, and when the preset time limit is exceeded, the T-ID is invalid, and the UE and the CU need to update the T-ID to continue performing corresponding security protection/verification.
Optionally, the user equipment sends an update request of the temporary identity to the core network element through the access network device, so that the core network element generates a new temporary identity of the user equipment based on the update request, thereby implementing the update of the temporary identity of the user equipment.
In a possible embodiment, the temporary identity of the user equipment is obtained by the user equipment from the access network equipment after the user equipment and a core network are successfully authenticated; the access network equipment is used for generating a temporary identity of the user equipment. Correspondingly, when the T-ID is close to the preset period, the user equipment sends an update request of the temporary identity to the access network equipment, so that the access network equipment generates a new temporary identity of the user equipment based on the update request, thereby implementing the update of the temporary identity of the user equipment.
With reference to the first possible application scenario of the first aspect, in a possible implementation manner, the public key of the access network device is obtained by the user equipment from a broadcast message of the access network device.
In the embodiment of the invention, the UE and the CU respectively acquire the trust state based on the IBC in advance. The UE obtains the CU public key by receiving the broadcast message of the base station, and correspondingly, the CU stores the CU public key. Specifically, the UE public key is an IBC public key based on RFC 6507.
At this time, the protected data packet includes a public key of the user equipment. In a specific embodiment, the protected data is a PDCP data packet, and the PDCP data packet may further include, in addition to a PDCP header, encrypted original data, and a Message Authentication Code (MAC), a UE public key (including a user equipment identifier UE-ID, a public key verification code UE-PVT of the user equipment, and a public key expiration date UE-T of the user equipment), and a timestamp (timestamp) used for indicating a generation time of the PDCP data packet.
In this embodiment of the present invention, the public key of the access network device includes: the identifier of the access network equipment and the public key authentication code of the access network equipment. Optionally, the public key of the access network device further includes: the expiration of the public key of the access network equipment is recorded in the name of.
For example, the UE employs the symmetric key K1= [ UE private key ] [ CU public key ] as a cryptographic key, and K2= KDF (Kl, X) as an integrity protected key; using K3= KDF (kf 1, y) as the cryptographic key, X and y are the corresponding key derivation parameters. The KDF is a key derivation Key (KDF). The UE encrypts raw data using K3, integrity protects the raw data using K2, and then encapsulates the encrypted raw data, MAC, and T-ID into a protected data packet. Specifically, the protected data is a PDCP data packet, and in a specific embodiment, the PDCP data packet may further include a time stamp in addition to the PDCP header, the T-ID, the ciphered original data, and the MAC, and the time stamp is used to indicate a generation time of the PDCP data packet.
With reference to the first aspect, in a second possible application scenario, where the first device is an access network device and the second device is a user equipment, in this scenario, data transmission is downlink transmission — the first device generates a symmetric key based on a private key of the first device and a public key of the second device, specifically: the access network device generates a symmetric key based on a private key of the access network device and a public key of the user device. For example, CU employs the symmetric key K7= [ CU private key ] [ UE public key ] as a cryptographic key, K8= KDF (K7, X) as an integrity-protected key, and K9 = KDF (K7, y) as a cryptographic key. The k8 is used to generate an authentication code MAC for the message. The KDF is a Key Derivation Key (KDF). The CU encrypts the original data using K5, integrity protects the original data using MAC, and encapsulates the encrypted data, MAC, and T-ID into PDCP packets.
With reference to the second application scenario of the first aspect, in a possible implementation manner, the public key of the user equipment is obtained by the access network equipment from a core network element after the user equipment and the core network are successfully authenticated;
the core network element is configured to obtain a public key of the user equipment in an authentication process between the user equipment and a core network. Specifically, in the bidirectional authentication process, the UE sends the UE public key to the AMF, and accordingly, the AMF obtains the UE public key, which may be, for example, an IBC public key. Specifically, the UE public key is an IBC public key based on request comment standard file number 6507 (request for comments 6507, RFC 6507). At this time, the protected data packet includes: a temporary identity of the user equipment.
Optionally, the temporary identity of the user equipment is obtained by the access network equipment from a network element of a core network after the user equipment and the core network are successfully authenticated;
the core network element is configured to generate a temporary identity of the user equipment, and the core network element is further configured to update the temporary identity of the user equipment in the access network equipment.
Optionally, the temporary identity of the user equipment is generated by the access network equipment after the user equipment and the core network are successfully authenticated;
and the access network equipment generates a new temporary identity of the user equipment based on the updating request of the user equipment, so that the updating of the temporary identity of the user equipment in the access network equipment is realized.
In the embodiment of the invention, the UE and the CU complete data security protection based on the T-ID, and in a possible application scenario, the UE needs to communicate with a new CU, for example, the UE is an intelligent bicycle, and during the movement of the intelligent bicycle, as the distance between the UE and the CU changes, the data transmission between the UE and the CU is not facilitated, so the UE needs to switch to the target CU for communication (for example, switch to the CU closest to the target CU). The method comprises the following specific steps:
the method comprises the steps that under a communication scene that access network equipment needs to be switched, the access network equipment sends a first switching message to target access network equipment; the first handover message includes: the public key of the user equipment, the temporary identity of the user equipment and the routing information; the access network equipment receives a first switching confirmation message fed back by the target access network equipment; the first handover confirmation message comprises a public key of the target access network device; the access network equipment sends a second switching message to the user equipment; the second handover message comprises a public key of the target access network device; and the access network equipment receives a second switching confirmation message fed back by the user equipment, and deletes the temporary identity of the user equipment and the public key of the user equipment in the access network equipment based on the second switching confirmation message.
With reference to the second application scenario of the first aspect, in a possible implementation manner, the public key of the user equipment is obtained by the access network equipment from an uplink message sent by the user equipment. Specifically, the uplink message sent by the UE to the CU carries the UE public key. And the CU stores the UE public key as a tool for generating a symmetric key during downlink data transmission.
At this time, the protected data packet includes: an identification of the user device and a public key timestamp of the user device. In this embodiment of the present invention, the public key of the user equipment includes: the identification of the user equipment and the public key authentication code of the user equipment. Optionally, the public key of the user equipment further includes: expiration date of the public key of the user equipment and a public key timestamp of the user equipment; wherein the expiration of the public key of the user equipment indicates whether the public key of the user equipment is expired, and the public key timestamp of the user equipment is used for indicating the generation time of the protected data packet.
In the specific embodiment of the present invention, the core network element is an access and mobility management network element AMF.
In a specific embodiment of the present invention, the protected data packet is a PDCP data packet.
In a second aspect, an embodiment of the present invention discloses a data protection method, which is described from a single side of a second device. The method comprises the following steps: the second equipment receives a protected data packet sent by the first equipment; the second device generating a symmetric key based on a private key of the second device and a public key of the first device; the second equipment uses a security key to carry out security verification on the protected data packet so as to obtain original data; wherein the security key comprises the symmetric key, or the security key comprises a key derived from the symmetric key: the security verification includes decryption and/or integrity verification.
When the second device is an access network device, the first device is a user device; when the second device is user equipment, the first device is access network equipment; wherein the access network equipment comprises a centralized processing unit CU of the access network AN or a gateway of the access network. Wherein the private key of the second device is pre-configured in the second device.
The receiving, by the second device, of the protected data packet sent by the first device specifically includes: and the second device receives the protected data packet sent by the first device under the condition that air interface connection is not established between the first device and the second device.
With reference to the second aspect, in a first possible application scenario, the second device is an access network device, the first device is a user equipment, and in this scenario, data transmission is uplink transmission:
the second device generates a symmetric key based on the private key of the second device and the public key of the first device, which specifically includes: the access network device generates a symmetric key based on a private key of the access network device and a public key of the user device. With reference to the first scenario of the second aspect, in a possible implementation manner, the protected data packet includes: a temporary identity of the user equipment.
At this time, optionally, after the authentication between the user equipment and the core network is successful, the access network equipment acquires the public key of the user equipment from a core network element, where the core network element is used to acquire the public key of the user equipment in the authentication process between the user equipment and the core network;
the public key of the user equipment and the temporary identity of the user equipment have a corresponding relation, and the access network equipment determines the public key of the user equipment based on the temporary identity of the user equipment.
With reference to the first scenario of the second aspect, in a possible implementation manner, the protected data packet includes: a public key of the user device; correspondingly, the access network device obtains the public key of the user device from the protected data packet.
In this embodiment of the present invention, the public key of the user equipment includes: the identification of the user equipment and the public key authentication code of the user equipment. Optionally, the public key of the user equipment further includes: expiration date of the public key of the user equipment and a public key timestamp of the user equipment; the access network equipment judges whether the public key of the user equipment is expired or not based on the expiration date of the public key of the user equipment; and the access network equipment judges whether the protected data packet is overtime or not based on the public key timestamp of the user equipment.
For example, CU uses the symmetric key K4= [ CU private key ] [ UE public key ] as decryption key, K5= KDF (K4, X) as integrity verification key, and K6= KDF (K4, y) as decryption key. Then, CU verifies the correctness of the MAC carried in the protected packet using K5, which indicates that this message is not tampered with, and, after verification, UE proceeds to decrypt the packet using K6, thus obtaining the original data.
With reference to the second aspect, in a second possible application scenario, the second device is a user equipment, and the first device is an access network device. In this scenario, the data transmission is downlink transmission:
then, when the first device is an access network device, the second device generates a symmetric key based on the private key of the second device and the public key of the first device, specifically: the user device generates a symmetric key based on a private key of the user device and a public key of the access network device.
With reference to the second application scenario of the second aspect, in a possible implementation manner, the protected data packet includes: a temporary identity of the user equipment;
at this time, the second device receives the protected data packet sent by the first device, specifically: and the user equipment receives the protected data packet based on the temporary identity of the user equipment.
Optionally, the public key of the access network device is obtained by the user equipment from the access network device after the user equipment and the core network are successfully authenticated.
With reference to the second application scenario of the second aspect, in a possible implementation manner, the protected data packet includes: an identity of the user device, a public key timestamp of the user device. At this time, the public key of the access network device is obtained by the user equipment from the broadcast message of the access network device. In this embodiment of the present invention, the public key of the access network device includes: the identifier of the access network equipment and the public key authentication code of the access network equipment. Optionally, the method further includes: expiration date of the public key of the access network device.
For example, the UE uses the symmetric key K10= [ UE private key ] [ CU public key ] as a decryption key, uses K11= KDF (K10, X) as a key for integrity verification, and uses K12 = KDF (K10, y) as an encryption key, so that the UE verifies the correctness of the MAC carried in the protected data packet by using K11, after the correctness is verified, it indicates that the message is not tampered, the verification passes, and the UE further decrypts the data packet by using K12, thereby obtaining the original data. And after the security verification is successful, transmitting the original data to a high layer of the UE.
In a third aspect, an embodiment of the present invention discloses an apparatus, configured to implement the method in the first aspect. The apparatus is a first apparatus comprising: the system comprises an acquisition module, a safety protection module and a sending module, wherein the detailed description of each module is as follows:
the acquisition module is used for acquiring original data to be transmitted;
the security protection module is used for generating a symmetric key based on a private key of the first device and a public key of the second device; the security protection module is also used for performing security protection on the original data by using a security key to obtain a protected data packet; wherein the security key comprises the symmetric key, or the security key comprises a key derived from the symmetric key; the security protection comprises encryption and/or integrity protection;
the sending module is used for sending the protected data packet to the second equipment;
when the first device is user equipment, the second device is access network equipment; when the first device is an access network device, the second device is a user device; wherein the access network equipment comprises a centralized processing unit CU or AN access network gateway of the access network AN.
In a fourth aspect, an embodiment of the present invention discloses an apparatus for implementing the method in the second aspect. The device is a second device, the second device comprises a receiving module and a security verification module, wherein the detailed description of each module is as follows: the receiving module is used for receiving a protected data packet sent by first equipment;
the security verification module is used for generating a symmetric key based on a private key of the second device and a public key of the first device; the security verification module is also used for performing security verification on the protected data packet by using a security key to obtain original data; wherein the security key comprises the symmetric key, or the security key comprises a key derived from the symmetric key; the security verification includes decryption and/or integrity verification.
When the second device is an access network device, the first device is a user device; when the second device is user equipment, the first device is access network equipment; wherein the access network equipment comprises a centralized processing unit CU of the access network AN or AN access network gateway.
In a fifth aspect, an embodiment of the present invention discloses yet another device, which is a first device including a transceiver, a memory, and a processor coupled to the memory. The transceiver, memory, processor may be connected by a bus or other means. Wherein the transceiver is used for transmitting data to the outside or for receiving data from the outside. The memory is used for storing program code and related data (such as configuration information, public keys, private keys, data packets, etc.), and the processor is used for calling and executing the program code stored in the memory and executing the related steps of the method of the first aspect.
In a sixth aspect, an embodiment of the present invention discloses yet another device, which is a second device including a transceiver, a memory, and a processor coupled to the memory. The transceiver, memory, processor may be connected by a bus or other means. Wherein the transceiver is used for transmitting data to the outside or for receiving data from the outside. The memory is used for storing program code and related data (such as configuration information, public key, private key, data packet, etc.), and the processor is used for calling and running the program code stored in the memory and executing the related steps of the method according to the second aspect.
In a seventh aspect, an embodiment of the present invention provides a further data protection method, described in the description on a core network element side, where the method includes that a core network element receives a request for communication between a user equipment and an access network device; the request comprises a public key of the user device; the core network element generates a temporary identity of the user equipment based on the request; the core network element sends the temporary identity of the user equipment to the access network equipment and the user equipment, so that the user equipment and the access network equipment use the temporary identity as a unique identifier of data transmitted between the user equipment and the access network equipment; and the core network element sends the public key of the user equipment to the access network equipment, so that the access network equipment performs security protection or security verification on the data according to a symmetric key generated by the public key of the user equipment and a private key of the access network equipment.
The access network equipment comprises a centralized processing unit CU of AN access network AN or a gateway of the access network.
In an eighth aspect, an embodiment of the present invention provides a core network element, where the core network element includes: the device comprises a receiving module, a processing module and a sending module, wherein:
the receiving module is used for receiving a communication request between the user equipment and the access network equipment; the request includes a public key of the user device;
the processing module is configured to generate a temporary identity of the user equipment based on the request:
the sending module is configured to send the temporary identity of the user equipment to the access network equipment and the user equipment, so that the user equipment and the access network equipment use the temporary identity as a unique identifier of data transmitted between the user equipment and the access network equipment;
the sending module is further configured to send the public key of the user equipment to the access network device, so that the access network device performs security protection or security verification on the data according to a symmetric key generated by the public key of the user equipment and a private key of the access network device.
In a specific embodiment, the core network element is AN access and mobility management element AMF, and the access network device includes a centralized processing unit CU of AN access network AN or a gateway of the access network.
In a ninth aspect, an embodiment of the present invention provides a communication system, including: a first device and a second device.
In a specific implementation, the first device may be the device of the third aspect, and the second device may be the device of the fourth aspect. The first device may also be the device according to the fifth aspect, and the second device may also be the access network device according to the sixth aspect.
When the second device is an access network device, the first device is a user device; when the second device is user equipment, the first device is access network equipment; wherein the access network equipment comprises a centralized processing unit CU of the access network AN or AN access network gateway.
In a tenth aspect, an embodiment of the present invention provides a computer-readable storage medium for storing code for implementing the method in the first aspect.
In an eleventh aspect, the embodiment of the present invention provides a computer-readable storage medium for storing implementation codes of the method in the second aspect. In a twelfth aspect, embodiments of the present invention provide a computer software product, which when run in a computer, can be used to implement the method of the first aspect.
In a thirteenth aspect, embodiments of the present invention provide a computer software product, which when run on a computer, is operable to implement the method of the second aspect.
By implementing the embodiment of the invention, the safety protection/verification is independently carried out between the UE and the corresponding CU, the small data access network can be realized without carrying out network authentication, the realization of large amount of small data transmission between the UE and the CU is facilitated, the defect of a centralized authentication mode is effectively avoided, and the flow of the data access network can be reduced because the protected data packet carries less verification information. Drawings
The drawings that accompany the detailed description can be briefly described as follows.
Fig. 1 is a schematic diagram of a network architecture for mobile communication according to an embodiment of the present invention;
FIG. 2 is a schematic flow chart of a data protection method according to an embodiment of the present invention;
FIG. 3 is a schematic flow chart of another data protection method according to the embodiment of the present invention;
FIG. 4 is a diagram illustrating a protected data packet structure according to an embodiment of the present invention;
FIG. 5 is a schematic flow chart of another data protection method according to the embodiment of the present invention;
FIG. 6 is a schematic flow chart of another data protection method according to the embodiment of the present invention;
fig. 7 is a schematic flowchart of a process of updating a temporary identity of a ue according to an embodiment of the present invention;
fig. 8 is a schematic flowchart of a further updating of the temporary identity of the ue according to the embodiment of the present invention; FIG. 9 is a schematic flow chart of CU switching according to the present disclosure;
FIG. 10 is a flow chart of another data protection method according to the embodiment of the present invention;
FIG. 11 is a diagram illustrating a structure of another protected data packet according to an embodiment of the present invention;
FIG. 12 is a flow chart of another data protection method according to the embodiment of the present invention;
FIG. 13 is a diagram illustrating a structure of another protected data packet according to an embodiment of the present invention;
FIG. 14 is a schematic structural diagram of an apparatus according to an embodiment of the present disclosure;
FIG. 15 is a schematic structural diagram of an apparatus according to an embodiment of the present disclosure;
FIG. 16 is a schematic structural diagram of another apparatus disclosed in the embodiments of the present invention;
fig. 17 is a schematic structural diagram of another apparatus disclosed in the embodiment of the present invention. Detailed Description
The technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention.
For the understanding of the scheme, a network architecture to which the scheme of the embodiments of the present application may be applied is first described by way of example with reference to the accompanying drawings. Referring to fig. 1, a network architecture for mobile communication provided by an embodiment of the present invention includes a user equipment, an access network, and a core network. The method comprises the following specific steps:
user Equipment (UE), which is a logical entity, may be internet of things (IoT) equipment, or may be terminal equipment (terminal equipment) or communication equipment (communication device) in a specific application scenario0For example, the IoT device may be a sensor, a smart meter, a smart water meter, and the like, and the terminal device may be a smart phone (smart phone), a smart watch (smart watch), a smart tablet (smart tablet), and the like. The communication device may be a server, Gateway (GW), controller, etc.
AN Access Network (AN), which is composed of AN access network device and is responsible for access of a user equipment, where the access network device may be a wireless access point, for example: base stations, wireless fidelity (Wi-Fi) access points, bluetooth access points, and the like; or may be a wired access point, for example: gateways, modems, fiber access, IP access, and the like. Wherein, in the fifth generationDynamic communication technology (5 th-G)enerati0nAnd 5G) protocol, the AN is composed of AN access network distributed processing unit (DU) and AN access network centralized processing unit (CU). The DU and the CU are functional entities, and may be deployed on the same hardware device or different hardware devices, where the DU is responsible for a protocol of a physical (physical) layer, a radio link control (rLC) layer, and the like, and the CU is responsible for a protocol of a Packet Data Convergence Protocol (PDCP) layer, where one access network device (e.g., a base station) includes one CU and one or more DUs. The access network device described in the embodiment of the present invention may be the whole access network device (i.e. including CU and DU), or may be only the CU of the access network device.
The CN serves as a bearer network to provide an interface to the DN, and provides services such as communication connection, authentication, management, policy control, and the like for the UE. Wherein, CN includes again: the access and mobility management network element, the session management network element, the authentication server network element, the user plane function network element, and the like, are described as follows:
an access and mobility management function (AMF) is used for managing access and mobility of the UE and is responsible for establishing a key and a context.
A Session Management Function (SMF) is responsible for session establishment and session management. An authentication server network element (AUSF) is responsible for bidirectional authentication with the UE. The AUSF can be deployed independently as an independent logic function entity, and can also be integrated in AMF/SMF and other devices.
User plane function network element (UPF): the UPF may be a gateway, a server, a controller, etc., and may be connected to the Internet (Internet) to be responsible for data forwarding.
In the embodiment of the invention, the UE, the CU and the AUSF are all configured with a trust status (parent i al) based on a public key technology. The UE and CU may keep the public key of each other. The UE and the AUSF can carry out bidirectional authentication through the respective stored credentials. Meanwhile, the UE and the CU can generate a symmetric key by using the trust states stored by the UE and the public key of the other party, so that small data interacted between the UE and the network are protected.
In the embodiment of the present invention, the public key technology may be Identity Based Cryptography (IBC), original public key technology (raw public key), x.509 certificate, implicit authentication technology (public certificate based cryptography), such as SM9, etc. for convenience of explaining the technical solution of the present invention, the IBC is taken as an example for description, and other specific embodiments of the public key technology may be similarly described with reference to the solution of the IBC embodiment, please refer to fig. 2, which is a data protection method provided by the embodiment of the present invention, and is described from the perspective of uplink data transmission between the UE and the CU, the method includes the following steps:
1. the first device obtains original data to be transmitted. Wherein the original data is small data (small l data)0
2. The first device generates a symmetric key based on a private key of the first device and a public key of a second device; and performing security protection on the original data by using the symmetric key or other symmetric keys derived from the symmetric key to obtain a protected data packet. And when the first equipment is the CU, the second equipment is the UE.
The private key of the first device is pre-configured in the first device, and the public key of the second device is pre-sent to the first device by the second device, or the public key of the second device is carried to the first device by the data packet. After the first device generates a symmetric key, taking the symmetric key as a security key, or taking a key derived from the symmetric key as a security key, and then performing security protection on small data to be transmitted by using the security key to obtain a protected data packet; the security protection includes encryption and/or integrity protection. It is to be understood that in a specific implementation, a symmetric key or a key derived from the symmetric key may be used as a key for encryption, and a symmetric key or a key derived from the symmetric key may also be used as a key for integrity protection. The encryption key and the integrity protection key may be the same or different, and the embodiment of the present invention is not limited herein.
3. The first device sends the protected data packet to a second device; correspondingly, the second device receives the protected data packet.
In this embodiment of the present invention, the first device sends the protected packet to the second device when the first device and the second device do not establish a connection. That is, the protected data packet may be transmitted at the first device without prior communication authentication with the second device. Specifically, the protected data packet is a PDCP data packet.
4. The second device generating a symmetric key based on a private key of the second device and a public key of the first device; and carrying out security inspection on the protected user plane data packet by using a security key to obtain original data.
The private key of the second device is pre-configured in the second device, and the public key of the first device is pre-sent to the second device by the first device. And after the second equipment generates a symmetric key, taking the symmetric key as a safe key, or taking a key deduced from the symmetric key as the safe key, and then carrying out safety verification on the small data to be transmitted by using the safe key so as to restore and obtain the original data. The security verification includes decryption and/or integrity verification. The encryption is that the original data becomes unreadable ciphertext after encryption processing, so that the aim of avoiding illegal stealing and reading of the data is fulfilled. The integrity protection means that after the user plane data is processed by an integrity protection algorithm, the data is not illegally added, deleted, replaced and the like in the transmission process.
It can be seen that, in the embodiment of the present invention, when a first device needs to send small data to a second device, the first device uses a symmetric key to protect the small data, and sends the protected data packet to the second device in a state without air interface connection (without performing network authentication), and the second device uses the symmetric key to perform security verification, so as to obtain the small data. In the scheme, when the first device is UE, the second device is CU, and when the first device is CU, the second device is UE. That is to say, by implementing the embodiment of the present invention, security protection/verification is independently performed between the UE and the CU corresponding to the UE, small data access to the network can be achieved without performing network authentication, which is beneficial to achieving a large amount of small data transmission between the UE and the CU, thereby effectively avoiding the disadvantage of a centralized authentication manner, and since the protected data packet carries less verification information, the traffic of data access to the network can be reduced. Referring to fig. 3, fig. 3 is a diagram illustrating a data protection method according to an embodiment of the present invention, from the perspective of uplink data transmission between a UE and a CU. In the embodiment of the invention, the temporary identity T-ID of the user equipment is introduced, and data protection is completed based on the T-ID. In addition, the public keys of the UE and the CU are exchanged by utilizing the mutual authentication established when the UE and the CU carry out big data transmission, and the T-ID is configured respectively. When the UE has a small data transmission requirement, the UE does not rely on network access authentication any more, and the UE and the CU can perform security protection/verification based on the private key of the UE and the public key of the other party. Regarding the process of completing the exchange of public keys of both parties by using the mutual authentication established by the UE and the CU during the large data transmission and respectively configuring the ID-UE, refer to the following description of steps 1-6:
1. bidirectional authentication ^ between UE and AUSF
In the embodiment of the present invention, the UE may be an I0T device, a terminal device, or a communication device. When a UE is an I0T device, the I0T device transmits sporadic small data most of the time, but occasionally transmits continuous large data. For example, when a sudden event occurs, such as a fire, a car accident, or when a function test, a software update, or a running of a complex function application is required, the I0T devices may also transmit continuous data, and therefore, the I0T devices also need to have the capability of establishing a broadband connection through bidirectional authentication by using a conventional network device. In this case, if the UE, CU and AUSF preset respective IBC credentials (credential), the UE performs mutual authentication with the AUSF through the CU and AMF.
After the bidirectional authentication is completed, the AMF acquires the identifier UE-ID of the UE and the routing information, and sends the UE-ID and the routing information to the UPF. Specifically, the AMF sends a session establishment request to the SMF, and the SMF sends a service establishment request to the UPF, where the session establishment request/service establishment request carries the UE-ID and the routing information. The UPF stores the UE-ID and configures routing information (IP address of UE, IP address of CU, etc.).
In the embodiment of the invention, the UE-ID is used for representing the identity of the UE. For example: the UE-ID may be one or more of a Media Access Control (MAC) address, an Internet Protocol (IP) address, a Mobile phone number, an International Mobile Equipment Identity (International Mobile Equipment Identity), an International Mobile Subscriber Identity (International Mobile Subscriber Identity), [ MSI ], an IP Multimedia Private Identity (IP Multimedia Private Identity, IMPI), a Temporary Mobile Subscriber Identity (TMSI), an IP Multimedia Public Identity (IP Multimedia Public Identity, IMPU), a Global Unique Temporary UE Identity (Global Unique Temporary UE Identity, GUT I), and so on.
2. The AMF obtains a UE public key and sends the UE public key to the CU.
In the process of mutual authentication, the UE sends the UE public key to the AMF, and accordingly, the AMF obtains the UE public key, which may be, for example, an IBC public key. Specifically, the UE public key is 6507 (request) based on request comment standard file numberSt For Comments 6507, RFC 6507), which includes the UE's identity UE-ID, the UE's public key authentication code (public validation Token,PVT) UE _ PVT, otherwise, if the UE-ID does not contain the expiration date of the public key, said UE public key may also comprise the expiration date of the public key UE-T, which is used to indicate when the UE public key expires. And after obtaining the UE public key, the AMF sends the UE public key to the CU, and correspondingly, the CU receives and stores the UE public key.
3. The AMF generates a UE temporary identity T-ID and sends the T-ID to the CU.
In a specific embodiment of the present invention, in order to improve privacy of data transmission and protection, the AMF generates a T-ID, and configures the T-ID to the UE and the CU, wherein the T-ID is used for characterizing a temporary legal identity of the UE, and the T-ID may be a random string, a coded sequence, or the like. The T-ID is preset with a temporary period, and within the preset period (for example, 1 day/5 days/10 days and the like), the UE and the CU use the T-ID as a unique security protection identifier of the small data needing to be protected, the UE and the CU can perform corresponding security protection/verification on the small data based on the T-ID, and when the preset period is exceeded, the T-ID is invalid, and the UE and the CU need to update the T-ID to continue performing corresponding security protection/verification.
It should be noted that, theabove steps 2 and 3 are not necessarily in order, and thesteps 2 and 3 may be performed simultaneously or not. 4. The CU stores the UE public key and the T-ID, and sends the CU public key and the T-ID to the UE.
After receiving the information, the CU stores, in the CU, the T-ID and information related to the UE public key, such as UE-ID, UE-PVT, UE-T, and the like, further, the CU establishes a correspondence between the UE public key and the T-ID, where the T-ID maps the UE public key, and further, the CU may establish a correspondence between the UE public key and the UE-ID, where the T-ID maps the UE-ID.
Further, the CU sends the T-ID and CU public key to the UE. The CU public key may be, for example, an IBC public key. In addition, if the CU-ID does not contain the expiration date of the public key, the CU public key also possibly comprises the expiration date of the public key CU-T, and the CU-T is used for indicating that the CU public key expires at what time.
5. The UE stores the T-ID and the CU public key.
And after receiving the information, storing the T-ID and information related to the CU public key, such as CU-ID, CU-PVT, CU-T and the like, and further establishing a corresponding relation between the CU public key and the T-ID by the UE, wherein the T-ID is used for mapping the CU public key.
6. The UE disconnects the network but the UPF, CU and UE will continue to store the corresponding information.
The following describes a process of sending small data to a CU by a UE in a non-air interface connection state when the UE has a small data transmission requirement, referring tosteps 7 to 11:
7. the method comprises the steps that UE obtains original data to be transmitted, wherein the original data to be transmitted are small data generated by a UE application layer.
8. The UE generates a symmetric key by using the private key of the UE and the public key of the CU, and encrypts and/or integrity-protects the original data by using the symmetric key or a key derived from the symmetric key.
The UE private key is preset in the UE, and specifically, the UE private key is an IBC private key based on RFC 6507. The encryption key and the integrity-protected key may be the same or different.
For example, the UE employs the symmetric key K1= [ UE private key ] [ CU public key ] as a cryptographic key, and K2= KDF (Kl, X) as an integrity protected key; using K3= KDF (kf 1, y) as the cryptographic key, X and y are the corresponding key derivation parameters. The KDF is a Key Derivation Function (KDF). The UE encrypts raw data using K3, integrity protects the raw data using K2, and then encapsulates the encrypted raw data, MAC, and T-ID into a protected data packet. Referring to fig. 4, the protected data is a PDCP data packet, and in a specific embodiment, the PDCP data packet may further include a time stamp (timestamp) in addition to the PDCP header, the T-ID, the ciphered original data, and the MAC, and the time stamp is used to indicate a generation time of the PDCP data packet.
9. The UE sends the protected data packet to the CU, and correspondingly, the CU receives the protected data packet.
10. The CU performs security verification on the protected data packet.
If the protected data packet comprises a timestamp, the CU firstly judges whether the protected data packet exceeds a specified time according to the timestamp: if the specified time is exceeded, discarding the protected data packet;
if the time does not exceed the preset time, the CU checks the corresponding relation between the T-ID and the UE public key according to the T-ID carried in the protected data packet, and further reads the UE public key (comprising the UE-ID, the UE-PVT, the UE-T and the like). The CU generates a symmetric key using its own CU private key and the UE public key, and then verifies the integrity of the packet using the symmetric key, or a key derived from the symmetric key. If the integrity verification passes, the data packet is further decrypted using the key, or a key derived from the symmetric key, to obtain the original data.
For example, CU uses the symmetric key K4= [ CU private key ] [ UE public key ] as decryption key, K5= KDF (K4, X) as integrity verification key, and K6= KDF (K4, y) as decryption key. Then, CU verifies the correctness of the MAC carried in the protected packet using K5, which indicates that this message is not tampered with, and, after verification, UE proceeds to decrypt the packet using K6, thus obtaining the original data.
11. After the security verification is successful, the CU sends the original data to the UPF of the core network according to the existing forwarding rule. It should be noted that, in a possible embodiment of the present invention, the T-ID may also be generated by an AUSF, and the AUSF configures the T-ID to the CU and the UE.
It can be seen that, by implementing the embodiment of the present invention, the UE and the CU obtain the public key of the other party in advance through mutual authentication, and respectively obtain the temporary identity T-ID of the user equipment configured by the AMF. When the UE needs to send small data, the UE generates symmetric key protection small data based on a UE private key and a CU public key, the protected data carries T-ID, the protected data is sent to the CU in a state without air interface connection, the CU determines the UE public key based on the T-ID, and the symmetric key verification small data is generated based on the CU private key and the UE public key. That is to say, by implementing the embodiment of the present invention, security protection/verification is independently performed between the UE and the CU corresponding to the UE, small data access to the network can be achieved without performing network authentication, which is beneficial to achieving a large amount of small data transmission between the UE and the CU, and effectively avoiding the disadvantage of a centralized authentication manner. Referring to fig. 5, fig. 5 is a data protection method according to an embodiment of the present invention, which is described from the perspective of downlink transmission between a UE and a CU, and the data protection method includes the following steps:
1-6, describing the process of completing the exchange of public keys of both parties by the mutual authentication established between the UE and the CU, and configuring ID-UE respectively, which can refer to the description of step 1-6 in the embodiment of fig. 3 and will not be described herein again.
7. The UPF receives raw data (downlink data) from the network side to the UE and forwards the raw data to the CU. Specifically, the UPF checks the routing information stored in the UPF according to information such as the IP address of the raw data, obtains a next hop address (address of the CU) to which the raw data needs to be transmitted, and forwards the raw data to the CU.
8. And the CU performs security protection on the original data.
After the CU acquires the raw data (downlink data), first, the UE public key is acquired according to information in the raw data, and for example, the CU checks the mapping relationship according to the UE-ID of the raw data, and reads the stored UE public key. In addition, if the UE-ID does not contain the expiration date of the public key, the UE public key can also comprise the expiration date UE-T of the public key.
The CU further generates a symmetric key by using the CU private key and the UE public key of the CU, and a new key is further derived by using the symmetric key or the symmetric key to encrypt and/or protect the integrity of the original data.
For example, CU employs the symmetric key K7= [ CU private key ] [ UE public key ] as a cryptographic key, K8= KDF (K7, X) as an integrity-protected key, and K9 = KDF (K7, y) as a cryptographic key. The k8 is used to generate an authentication code MAC for the message. The KDF is a Key Derivation Function (KDF). The CU encrypts the original data using K5, performs integrity protection on the original data using MAC, and then encapsulates the encrypted data, MAC, and T-ID into a protected data packet, where the protected data is a PDCP data packet, and in a specific embodiment, the PDCP data packet may refer to the description of the embodiment in fig. 4, and is not described herein again.
9. The CU sends a protected data packet to the UE; accordingly, the UE receives the protected data packet.
10. And the UE carries out security verification on the protected data packet. And the UE confirms that the data packet is sent to the UE through the T-ID carried by the protected data packet, receives the protected data packet, and then confirms the CU public key by searching the mapping relation based on the T-ID. The CU public key may be, for example, an IBC public key. Specifically, the UE public key is an IBC public key based on RFC 6507, and the CU public key includes a CU-ID, a CU _ PVT, and the like.
The UE generates a symmetric key by using the UE private key and the CU public key, and the CU decrypts and/or verifies the integrity of the protected data packet by using the symmetric key or deducing a corresponding key from the symmetric key.
For example, the UE uses the symmetric key K10= [ UE private key ] [ CU public key ] as a decryption key, uses K11= KDF (K10, X) as a key for integrity verification, and uses K12 = KDF (K10, Y) as a decryption key, so that the UE uses 11 to verify the correctness of the MAC carried in the protected data packet, which indicates that the message is not tampered after verification, and then decrypts the data packet by using K12 after verification, thereby obtaining the original data. And after the security verification is successful, transmitting the original data to a high layer of the UE.
It can be seen that, by implementing the embodiment of the present invention, the UE and the CU obtain the public key of the other party in advance through mutual authentication, and respectively obtain the temporary identity T-ID of the user equipment configured by the AMF. When the CU needs to transmit downlink small data, the CU generates symmetric key protection small data based on the CU private key and the UE public key, carries T-ID in the protected data, sends the protected data to the UE in the state without air interface connection, the UE determines the CU public key based on the T-ID, and generates symmetric key verification small data based on the UE private key and the CU public key. That is to say, by implementing the embodiment of the present invention, security protection/verification is independently performed between a CU and its corresponding UE, small data can be delivered without network authentication, which is beneficial to implementing a large amount of small data transmission between the UE and the CU, and effectively avoids the disadvantage of a centralized authentication manner. Referring to fig. 6, fig. 6 is a diagram illustrating another data protection method according to an embodiment of the present invention, which is described from the perspective of uplink transmission between a UE and a CU. The present embodiment differs from the embodiment of fig. 3 in that the user equipment temporary identity T-ID is generated by the CU. The data protection method generated by the CU based on the T-ID can comprise the following steps:
1. the UE and the AUSF perform bidirectional authentication, which can specifically refer to the description ofstep 1 in the embodiment of fig. 3.
2. The AMF obtains the UE public key and sends the UE public key to the CU, which may refer to the description ofstep 2 in the embodiment in fig. 3.
3. The CU generates a UE temporary identity T-ID.
In a specific embodiment of the present invention, in order to improve privacy of data transmission and protection, a CU generates a T-ID, and configures the T-ID to a UE and the CU, wherein the T-ID is used for characterizing a temporary legal identity of the UE, and the T-ID may be a random string, a coded sequence, or the like. The T-ID is preset with a temporary period, and within the preset period (for example, 1 day/5 days/10 days, etc.), the UE and the CU can perform corresponding security protection/verification on the small data based on the T-ID, and when the preset period is exceeded, the T-ID is invalid, and the UE and the CU need to update the T-ID to continue performing corresponding security protection/verification.
It should be noted that, theabove steps 2 and 3 are not necessarily in order, and thesteps 2 and 3 may be performed simultaneously or not.
4. The CU stores the UE public key and the T-ID, establishes a correspondence between the UE public key and the T-ID, and a correspondence between the UE public key and the UE-ID, and sends the UE public key and the T-ID to the UE, which may specifically refer to the description of step 4 in the embodiment of fig. 3. 5. The UE stores the T-ID and the CU public key. And after receiving the information, storing the T-ID and information related to the CU public key, such as CU-ID, CU-PVT, CU-T and the like, and further establishing a corresponding relation between the CU public key and the T-ID by the UE, wherein the T-ID is mapped to the CU public key.
6. And the UE disconnects the connection with the network. But the UPF, CU and UE will continue to store the relevant information.
7-11, describing a process of sending small data to the CU by the UE in a no air interface connection state when the UE has a small data transmission requirement, refer to the description of step 7-11 in the embodiment of fig. 3, and are not described herein again.
It should be noted that, in a possible embodiment of the present invention, the T-ID may also be generated by a Gateway (Gateway) of the access network AN, and the Gateway of the AN configures the T-ID to the CU and the UE.
It can be seen that, with the implementation of the embodiment of the present invention, the UE and the CU obtain the public key of the other party through mutual authentication in advance, and store the temporary identity T-ID of the user equipment configured by the gateway of the CU or the AN, respectively. When the UE has a small data transmission demand, the safety protection/verification is independently carried out between the UE and the corresponding CU, the small data access can be realized without carrying out network authentication, the realization of the small data transmission between a large amount of UEs and CUs is facilitated, the defect end of a centralized authentication mode is effectively avoided, in addition, because only T-ID can be additionally carried in a protected data packet, the safety protection scheme can be realized, the defect of carrying excessive authentication information is avoided, and the flow of the data access to the network can be greatly reduced.
It should be further noted that, through the above description of the embodiments in fig. 5 and fig. 6, a person skilled in the art will clearly understand an implementation manner of data protection in a downlink transmission process between a CU and a UE in a case where a T-ID is generated by the CU, and a data protection method for describing the downlink transmission process is not further expanded here. In the embodiment of the present invention, the T-ID is preset with a temporary time limit, the UE and the CU may perform corresponding security protection/verification on the small data based on the T-ID within the preset time limit, and when the preset time limit is exceeded, the T-ID is invalid, and the UE and the CU need to update the T-ID to continue performing corresponding security protection/verification.
The following describes a T-ID update procedure in detail, and referring to fig. 7, fig. 7 is a schematic diagram of a T-ID update procedure provided in an embodiment of the present invention, in which a T-ID is generated by an AMF. Fig. 7 includes the following steps:
1. the UE detects the configured T-ID for a preset period of time and if the UE detects that the T-ID is about to expire, the T-ID needs to be updated.
2. The UE sends a T-ID update request to the CU, and the CU forwards the T-ID update request to the AMF.
3. The AMF generates a new T-ID based on the T-ID update request.
The new T-ID is used to characterize the new temporary legal identity of the UE, e.g. the new T-ID may be a random string, a coded sequence, etc. It is understood that the new T-ID is also preset with a temporary period, and within the preset period (e.g. 1 day/5 days/10 days, etc.), the UE and CU can perform corresponding security protection/verification on the small data based on the new T-ID.
4. And the AMF issues the new T-ID to the CU.
5. The CU updates the originally stored T-ID based on the new T-ID, and stores the new T-ID.
Specifically, the CU checks a storage record related to the originally stored T-ID, replaces the originally stored T-ID with a new T-ID, and establishes a mapping relationship between the new T-ID and the UE public key.
Alternatively, the CU may successfully update the T-ID and may send an acknowledgement message to the AMF.
6. And the CU sends the new T-ID to the UE. Specifically, the CU may use the original T-ID as the UE receiving address to send the new T-ID to the UE, or the UE may use the UE-ID as the UE receiving address to send the new T-ID to the UE.
7. And the UE updates the originally stored T-ID based on the new T-ID and stores the new T-ID.
Specifically, the UE checks a storage record related to the originally stored T-ID, replaces the originally stored T-ID with a new T-ID, and establishes a mapping relationship between the new T-ID and the CU public key.
8. And the UE sends a confirmation message to the CU to inform the CU that the updating of the T-ID is completed.
It should be noted that, in a possible embodiment of the present invention, the T-ID may also be generated by an AUSF, and then the AUSF may also configure a new T-ID for the CU and the UE based on the update request, and the implementation of this embodiment may refer to the description of the foregoing embodiment, and is not described herein again.
It can be seen that, by implementing the embodiment of the present invention, the T-ID has a preset time limit, the UE and the CU can perform corresponding security protection/verification on the small data based on the T-ID within the time limit, and when the preset time limit is exceeded, the T-ID is invalid, the AMF generates a new T-ID, and configures the new T-ID to the UE and the CU, thereby ensuring that the UE and the CU can continue to perform security protection/verification on the small data. Referring to fig. 8, fig. 8 is a schematic diagram of another T-ID updating flow provided by the embodiment of the present invention, which is described from a multi-side perspective. This embodiment is different from the embodiment of fig. 7 in that in this T-ID update flow, a T-ID is generated by a CU. Fig. 8 includes the following steps:
1. the UE detects that the T-ID is about to expire and needs to be updated.
2. The UE sends a T-ID update request to the CU.
3. The CU generates a new T-ID based on the T-ID update request.
The new T-ID is used to characterize the new temporary legal identity of the UE, e.g. the new T-ID may be a random string, a coded sequence, etc. It is understood that the new T-ID is also preset with a temporary period, and within the preset period (e.g. 1 day/5 days/10 days, etc.), the UE and CU can perform corresponding security protection/verification on the small data based on the new T-ID.
4. The CU updates the originally stored T-ID based on the new T-ID, and stores the new T-ID.
Specifically, the CU searches for a storage record related to the originally stored T-ID, replaces the originally stored T-ID with a new T-ID, and establishes a mapping relationship between the new T-ID and the UE public key.
5. And the CU sends the new T-ID to the UE.
Specifically, the CU may use the original T-ID as the UE receiving address to send the new T-ID to the UE, or the UE may use the UE-ID as the UE receiving address to send the new T-ID to the UE.
6. And the UE updates the originally stored T-ID based on the new T-ID and stores the new T-ID.
Specifically, the UE checks a storage record related to the originally stored T-ID, replaces the originally stored T-ID with a new T-ID, and establishes a mapping relationship between the new T-ID and the CU public key.
8. And the UE sends a confirmation message to the CU to inform the CU that the updating of the T-ID is completed.
It should be noted that, in a possible embodiment of the present invention, the T-ID may also be generated by a gateway of the AN, and then the gateway of the AN may also configure a new T-ID for the CU and the UE based on the update request, and the implementation of this embodiment may refer to the description of the foregoing embodiment, and is not described herein again. By implementing the embodiment of the invention, the CU can generate and store a new T-ID based on the updating request of the UE when the T-ID is about to expire, and configure the new T-ID to the UE, so that the safety protection/verification of small data can be continuously carried out by the UE and the CU. In the embodiment of the invention, the UE and the CU complete data security protection based on the T-ID, and in a possible application scenario, the UE needs to communicate with a new CU, for example, the UE is an intelligent bicycle, and during the movement of the intelligent bicycle, as the distance between the UE and the CU changes, the data transmission between the UE and the CU is not facilitated, so the UE needs to switch to the target CU for communication (for example, switch to the CU closest to the target CU). The specific CU switching flow can comprise the following steps
1. The CU triggers the switch.
In a possible embodiment, during the data transmission process with the UE, the CU detects the distance from the UE or the strength of the signal, and if the distance is greater than a preset distance threshold or the signal strength is less than a preset strength threshold, the CU triggers a switching step described later.
In a possible embodiment, during the data transmission process between the CU and the UE, the UE detects the distance between the CU and the signal strength, and if the distance is greater than a preset distance threshold or the signal strength is less than a preset strength threshold, the UE sends a CU switching request to the UE, and further, the CU triggers a switching step described later.
2. The CU sends a first switch message to the target CU.
The CU determines a target CU, e.g. the CU closest to the UE, or can be a CU that can establish a good communication channel with the UE, etc. The CU sends a first switching message to the target CU, the first switching message content containing at least the T-ID and the UE public key, including UE-ID, UE-PVT, UE-T, etc., and possibly also routing information, etc.
3. The target CU stores the UE public key, T-ID.
And after receiving the first switching message, if the target CU agrees to switch, the target CU stores the received UE public key and the T _ ID and performs routing configuration based on the routing information.
4. The target CU sends a first switch acknowledge message to the CU.
Wherein the first switching confirmation message comprises a target CU public key, and the target CU public key comprises an identifier of a target CU: target CU-ID, public key authentication code of target CU: target CU-PVT, and further, if the target CU-ID does not contain the expiration date of the public key, the target CU public key may also include the target CU's public key expiration date: target CU-T.
5. The CU sends new routing information to the UPF, which in turn updates the routing information. After updating, if the UPF needs to send down the small downstream data, the relevant small downstream data is sent to the target CU.
6. The CU sends a second switching notification message to the UE, wherein the second switching notification message comprises the public key of the target CU. It should be noted thatsteps 5 and 6 are not necessarily in order, and steps 5 and 6 may or may not be performed simultaneously.
7. The UE stores the target CU public key.
And the UE updates the CU context, checks the relevant storage records of the originally stored CU public key, replaces the originally stored CU public key with the target CU public key, and establishes the mapping relation between the target CU public key and the T-ID.
8. The UE sends a second handover confirm message to the CU. 9. And after receiving the second switching confirmation message, the CU deletes the stored UE public key, the T-ID and other information.
After the above steps are completed, the security protection/verification of the small data can be performed between the UE and the target CU.
Therefore, the embodiment of the invention can realize that the UE is automatically switched from one CU to the target CU, and the eight verification of the safety protection of the small data can be continuously carried out between the UE and the target CU, thereby being beneficial to ensuring the stability and the reliability of data transmission and meeting the application requirements of the UE in different scenes. The above embodiments describe a data protection method based on T-ID. The following describes another data protection method provided by the embodiment of the present invention.
Referring to fig. 10, fig. 10 is a diagram illustrating a data protection method according to an embodiment of the present invention, which is described from the perspective of uplink data transmission between a UE and a CU. In the embodiment of the invention, the process of data protection can be completed without introducing T-ID. The data protection method comprises the following steps:
1. and the UE monitors the broadcast message sent by the CU, and acquires and stores the CU public key from the broadcast message.
In the embodiment of the invention, the UE and the CU respectively acquire the trust state based on the IBC in advance. The UE obtains the CU public key by receiving the broadcast message of the base station, and correspondingly, the CU stores the CU public key. Specifically, the UE public key is an IBC public key based on RFC 6507, the CU public key comprises CU-ID and CU-PVT, and if the CU-ID does not contain the expiration of the public key, the CU public key can also comprise the expiration date CU-T of the public key.
Step 2-7 describes a process that when the UE has a small data transmission demand, the UE sends small data to the CU in a no air interface connection state, which is specifically as follows:
2. the UE acquires original data to be transmitted. The original data to be transmitted is small data generated by a UE application layer.
3. And the UE generates a symmetric key based on the UE public key and the CU public key, and uses the symmetric key or a key deduced from the symmetric key to perform security protection on the original data.
The UE private key is preset in the UE, and specifically, the UE private key is an IBC private key based on RFC 6507.
For example, the UE uses a symmetric key as an encryption key, and uses a key derived from the symmetric key as an integrity protection key, where the derived key is MAC. And the UE encrypts the original data by using the symmetric key, performs integrity protection on the original data by using the MAC, and then encapsulates the encrypted original data and the MAC into a protected data packet. Referring to fig. 11, in a specific embodiment, the protected data is a PDCP data packet, and the PDCP data packet may further include a UE public key (including UE-ID, UE-PVT, UE-T) and a timestamp, in addition to the PDCP header, the ciphered original data and the MAC, wherein the timestamp is used for indicating a generation time of the PDCP data packet.
4. The UE sends the protected data to the CU, and correspondingly, the CU receives the protected data packet.
5. And the CU carries out security verification on the protected data to obtain original data.
If the protected data packet comprises a timestamp, the CU firstly judges whether the protected data packet exceeds a specified time according to the timestamp: if the specified time is exceeded, discarding the protected data packet;
if the specified time is not exceeded, the CU confirms whether the UE public key is expired according to the UE-T in the UE public key. If not, the CU generates a symmetric key using the CU private key and the UE public key contained in the received protected packet. The CU private key is preset in the CU, and specifically, the CU private key is an IBC private key based on RFC 6507.
And the CU uses the symmetric key or the key derived from the symmetric key to carry out integrity verification on the data, and further uses the symmetric key or the key derived from the symmetric key to decrypt the data after the integrity verification is passed, so as to obtain the original data. 6. After the security verification is successful, the CU sends the original data to the UPF of the core network.
It can be seen that, with the embodiment of the present invention, the UE monitors the broadcast message in advance to obtain the CU public key. When the UE needs to send small data, the UE generates symmetric key protection small data based on a UE private key and a CU public key, carries the UE public key in a protected data packet, sends the protected data to the CU in a state without air interface connection, and the CU generates symmetric key verification small data based on a preset CU private key and the received UE public key. That is to say, by implementing the embodiment of the present invention, security protection/verification is independently performed between the UE and the CU corresponding to the UE, small data access to the network can be achieved without performing network authentication, which is beneficial to achieving a large amount of small data transmission between the UE and the CU, and effectively avoiding the disadvantage of a centralized authentication manner. Referring to fig. 12, fig. 12 is a diagram illustrating another data protection method according to an embodiment of the present invention, from the perspective of downlink transmission between a UE and a CU, where the data protection method includes the following steps:
1. and the UE monitors the broadcast message sent by the CU, and acquires and stores the CU public key from the broadcast message.
In the embodiment of the invention, the UE and the CU respectively acquire the trust state based on the IBC in advance. The UE obtains the CU public key by receiving the broadcast message of the base station, and correspondingly, the CU stores the CU public key. Specifically, the UE public key is an IBC public key based on RFC 6507, the CU public key comprises a CU-ID and a CU-PVT, and if the CU-ID does not contain the expiration date of the public key, the CU public key can also comprise the expiration date CU-T of the public key.
2. And the CU acquires the UE public key through the uplink message transmitted by the UE.
And carrying the UE public key in an uplink message sent by the UE to the CU. And the CU stores the UE public key as a tool for generating a symmetric key during downlink data transmission.
Step 3-6 describes the process that when the network side has the downlink small data transmission requirement, the CU sends the small data to the UE in the state without air interface connection, specifically as follows
3. And when the network side has a downlink small data transmission requirement, the UPF forwards the data packet to the CU.
The UPF can acquire the CU where the UE is currently located according to the received downlink small data. For example, the CU in which the UE is located may be determined according to the target IP address carried by the downlink small data.
4. And the CU performs security protection on the original data.
After the CU acquires the original data (downlink data), the CU generates a symmetric key using its own CU private key and the stored UE public key, and further deduces a new key to encrypt and/or integrity protect the original data using the symmetric key or the symmetric key.
And the CU encrypts and integrity-protects the downlink small data by using the UE public key and the CU private key of the CU. For example, the CU uses a symmetric key as an encryption key, and uses a key derived from the symmetric key as an integrity protection key, where the derived key is the MAC. And the UE encrypts the original data by using the symmetric key and performs integrity protection on the original data by using the MAC. The encrypted raw data, MAC and UE-ID are then encapsulated into a protected data packet. Referring to fig. 13, the protected data packet is a PDCP data packet, and in a specific embodiment, the PDCP data packet may further include a time stamp in addition to the PDCP header, the UE-ID, the ciphered original data, and the MAC. Since the UE has stored the CU public key in advance based on the broadcast message, the downstream protected packet does not need to carry the CU public key.
5. The CU sends the protected data to the UE.
6. And the UE carries out security verification on the protected data to obtain original data.
If the protected data packet includes the timestamp, the UE first determines whether the protected data packet exceeds a predetermined time according to the timestamp: discarding the protected data packet if the prescribed time is exceeded; if the specified time is not exceeded, the UE uses a preset UE private key and the stored CU public key to generate a symmetric key, the symmetric key or a key derived from the symmetric key is used for carrying out integrity verification on data, after the integrity verification is passed, the symmetric key or the key derived from the symmetric key is further used for decrypting the data to obtain original data, and then the original data are transmitted to the UE application layer.
It can be seen that, by implementing the embodiment of the present invention, the UE monitors the broadcast message in advance to obtain the CU public key, and the CU obtains the UE public key from the uplink message of the UE in advance. When the CU needs to issue the downlink small data, the CU generates a symmetric key protection small data based on the CU private key and the UE public key, the protected data is issued to the UE under the condition of no air interface connection, and the UE generates a symmetric key verification small data based on a preset UE private key and a received CU public key. That is to say, by implementing the embodiment of the present invention, security protection/verification is independently performed between the UE and the CU corresponding to the UE, small data access to the network can be achieved without performing network authentication, which is beneficial to achieving a large amount of small data transmission between the UE and the CU, and effectively avoiding the disadvantage of a centralized authentication manner. The method of embodiments of the present invention is set forth above in detail and the apparatus of embodiments of the present invention is provided below.
Referring to fig. 14, fig. 14 is a schematic structural diagram of an apparatus according to an embodiment of the present invention, where thefirst apparatus 100 may include an obtainingmodule 110, asecurity protection module 120, and a sendingmodule 130, where details of each module are as follows:
the obtainingmodule 110 is configured to obtain original data to be transmitted;
thesecurity protection module 120 is configured to generate a symmetric key based on a private key of the first device and a public key of a second device; thesecurity protection module 120 is further configured to perform security protection on the original data by using a security key to obtain a protected data packet; wherein the security key comprises the symmetric key, or the security key comprises a key derived from the symmetric key; the security protection comprises encryption and/or integrity protection;
the sendingmodule 130 is configured to send the protected data packet to the second device;
when the first device is user equipment, the second device is access network equipment; when the first device is an access network device, the second device is a user device; wherein the access network equipment comprises a centralized processing unit CU or AN access network gateway of the access network AN.
Specifically, the private key of the first device is pre-configured in the first device.
Optionally, the sendingmodule 130 is configured to send the protected data packet to a second device, specifically:
the sendingmodule 130 is configured to send the protected data packet to the second device without establishing an air interface connection between the first device and the second device.
In a possible embodiment, when the first device is a user device and the second device is an access network device:
thesecurity protection module 120 generates a symmetric key based on the private key of the first device and the public key of the second device, specifically: thesecurity protection module 120 generates a symmetric key based on the private key of the user device and the public key of the access network device.
Optionally, the public key of the access network device is obtained from the access network device by the obtainingmodule 110 after the user device and the core network are successfully authenticated.
Wherein the protected data packet comprises: the temporary identity of the user equipment, which is obtained from a core network element by the obtainingmodule 110 after the user equipment and the core network are successfully authenticated; the core network element is configured to generate a temporary identity of the user equipment.
Optionally, the sendingmodule 130 is further configured to send an update request of the temporary identity to the core network element, so that the core network element generates a new temporary identity of the user equipment based on the update request, thereby implementing the update of the temporary identity of the user equipment.
Optionally, after the temporary identity of the user equipment is successfully authenticated with the core network, the obtainingmodule 110 obtains the temporary identity from the access network equipment; the access network equipment is used for generating the temporary identity of the user equipment.
Optionally, the sendingmodule 130 is further configured to send an update request of the temporary identity to the access network device, so that the access network device generates a new temporary identity of the user equipment based on the update request, thereby implementing the update of the temporary identity of the user equipment.
Optionally, the public key of the access network device is obtained from the broadcast message of the access network device by the obtainingmodule 110.
Wherein the protected data packet comprises a public key of the user device.
Wherein the public key of the access network device comprises: the identifier of the access network equipment and the public key authentication code of the access network equipment. Optionally, the public key of the access network device further includes: the expiration of the public key of the access network equipment is recorded in the name of.
In a possible embodiment, when the first device is an access network device, the second device is a user equipment;
thesecurity protection module 120 generates a symmetric key based on the private key of the first device and the public key of the second device, specifically, thesecurity protection module 120 generates a symmetric key based on the private key of the access network device and the public key of the user device. Optionally, the public key of the user equipment is obtained by the access network equipment from a core network element after the user equipment and the core network are successfully authenticated; the core network element is configured to obtain a public key of the user equipment in an authentication process between the user equipment and a core network.
Wherein the protected data packet comprises: a temporary identity of the user equipment.
Optionally, the temporary identity of the user equipment is obtained from the network element of the core network by the obtainingmodule 110 after the user equipment and the core network are successfully authenticated;
the core network element is configured to generate a temporary identity of the user equipment, and the core network element is further configured to update the temporary identity of the user equipment in the access network equipment.
Optionally, the temporary identity of the user equipment is generated by the access network equipment after the user equipment and the core network are successfully authenticated;
and the access network equipment generates a new temporary identity of the user equipment based on the updating request of the user equipment, so that the updating of the temporary identity of the user equipment in the access network equipment is realized.
Optionally, the method further includes:
in a communication scenario that the access network device needs to be switched, the sendingmodule 130 is further configured to send a first switching message to the target access network device; the first handover message includes: the public key of the user equipment, the temporary identity of the user equipment and the routing information;
the obtainingmodule 110 is further configured to receive a first handover confirmation message fed back by the target access network device; the first handover confirmation message includes the public key of the target access network device:
the sendingmodule 130 is further configured to send a second handover message to the user equipment; the second handover message comprises a public key of the target access network device;
the obtainingmodule 110 is further configured to receive a second handover confirmation message fed back by the user equipment, and delete the temporary identity of the user equipment and the public key of the user equipment in the access network equipment based on the second handover confirmation message. Optionally, the public key of the user equipment is obtained by the obtainingmodule 110 from an uplink message sent by the user equipment.
Wherein the protected data packet comprises: an identification of the user device and a public key timestamp of the user device. Wherein the public key of the user equipment comprises: the identification of the user equipment and the public key authentication code of the user equipment. Optionally, the public key of the user equipment further includes: expiration date of the public key of the user equipment and a public key timestamp of the user equipment; wherein the expiration of the public key of the user equipment indicates whether the public key of the user equipment is expired, and the public key timestamp of the user equipment is used for indicating the generation time of the protected data packet.
Specifically, the core network element is an access and mobility management network element AMF.
Wherein the protected data packet is a PDCP data packet.
It should be noted that the implementation of each module unit may also correspond to the corresponding description of the method embodiments shown in fig. 2 to fig. 12, and is not described herein again. Referring to fig. 15, fig. 15 is a schematic structural diagram of an apparatus according to an embodiment of the present invention, where thesecond apparatus 200 may include areceiving module 210 and asecurity verification module 220, where details of each module are as follows:
the receivingmodule 210 is configured to receive a protected data packet sent by a first device;
thesecurity verification module 220 is configured to generate a symmetric key based on a private key of the second device and a public key of the first device, and thesecurity verification module 220 is further configured to perform security verification on the protected data packet by using the security key to obtain original data; wherein the security key comprises the symmetric key, or the security key comprises a key derived from the symmetric key; the security verification includes decryption and/or integrity verification.
When the second device is an access network device, the first device is a user device; when the second device is user equipment, the first device is access network equipment; wherein the access network equipment comprises a centralized processing unit CU of the access network AN or AN access network gateway.
Optionally, the private key of the second device is pre-configured in the second device.
Specifically, the receivingmodule 210 receives a protected data packet sent by a first device, specifically:
the receivingmodule 210 receives a protected data packet sent by the first device, when the air interface connection is not established between the first device and the second device.
In a possible embodiment, the second device is an access network device, and if the first device is a user equipment: thesecurity verification module 220 generates a symmetric key based on the private key of the second device and the public key of the first device, specifically:
thesecurity verification module 220 generates a symmetric key based on the private key of the access network device and the public key of the user device. Specifically, the protected data packet includes: a temporary identity of the user equipment.
Optionally, the public key of the user equipment is obtained by the receivingmodule 210 from a core network element after the user equipment and the core network are successfully authenticated, where the core network element is used to obtain the public key of the user equipment in the authentication process of the user equipment and the core network;
the public key of the user equipment and the temporary identity of the user equipment have a corresponding relationship, and thesecurity verification module 220 determines the public key of the user equipment based on the temporary identity of the user equipment.
Wherein the protected data packet comprises: a public key of the user device; thesecurity verification module 220 obtains the public key of the user device from the protected data packet.
Wherein the public key of the user equipment comprises: the identification of the user equipment and the public key authentication code of the user equipment. Optionally, the public key of the user equipment further includes: expiration date of the public key of the user equipment and a public key timestamp of the user equipment; thesecurity verification module 220 determines whether the public key of the user equipment is expired based on the expiration date of the public key of the user equipment; thesecurity verification module 220 determines whether the protected data packet is time-out based on the public key timestamp of the user device.
In a possible embodiment, in the case where the second device is a user device and the first device is an access network device, thesecurity verification module 220 generates a symmetric key based on a private key of the second device and a public key of the first device, specifically: thesecurity verification module 220 generates a symmetric key based on the private key of the user device and the public key of the access network device.
Specifically, the protected data packet includes: a temporary identity of the user equipment;
the receivingmodule 210 receives a protected data packet sent by a first device, specifically: the receivingmodule 210 receives the protected data packet based on the temporary identity of the user equipment.
Optionally, the public key of the access network device is obtained from the access network device by the receivingmodule 210 after the user device and the core network are successfully authenticated.
Wherein the protected data packet comprises: an identity of the user device, a public key timestamp of the user device. Optionally, the public key of the access network device is obtained by the receivingmodule 210 from the broadcast message of the access network device.
Wherein the public key of the access network device comprises: the identifier of the access network equipment and the public key authentication code of the access network equipment. Optionally, the public key of the access network device further includes: the expiration of the public key of the access network equipment is recorded in the name of.
Specifically, the core network element is an access and mobility management network element AMF.
Wherein the protected data packet is a PDCP data packet.
It should be noted that the implementation of each module unit may also correspond to the corresponding description of the method embodiments shown in fig. 2 to fig. 12, and is not described herein again. Based on the same inventive concept, the embodiment of the present invention further provides an apparatus, referring to fig. 16, where the apparatus is afirst apparatus 300, and thefirst apparatus 300 is configured to implement the method described in the method embodiments shown in fig. 2 to fig. 13. As shown in fig. 16, thefirst device 300 includes: atransceiver 330, amemory 320, and aprocessor 310 coupled to the memory 320 (the number ofprocessors 310 may be one or more, and one processor is taken as an example in fig. 16). Thetransceiver 330,memory 320,processor 310 may be connected by a bus or other means. Thetransceiver 330 is used for transmitting data to the outside or receiving data from the outside, among others. Thememory 320 is used for storing program codes and related data (such as configuration information, public keys, private keys, data packets, etc.), and theprocessor 310 is used for calling and running the program codes stored in thememory 320, and performing the following steps:
acquiring original data to be transmitted;
generating a symmetric key based on a private key of the first device and a public key of a second device:
using a security key to perform security protection on the original data to obtain a protected data packet; wherein the security key comprises the symmetric key, or the security key comprises a key derived from the symmetric key; the security protection comprises encryption and/or integrity protection; transmitting the protected data packet to the second device through thetransceiver 330; when the first equipment is user equipment, the second equipment is access network equipment (CU); wherein the access network equipment comprises a centralized processing unit CU or AN access network gateway of the access network AN.
Wherein a private key of the first device is pre-configured in the first device.
Specifically, the sending the protected data packet to the second device through thetransceiver 330 specifically includes:
sending the protected data packet through thetransceiver 330 without establishing an air interface connection between the first device and the second device.
In a possible embodiment, when thefirst device 300 is a user equipment, the second device is an access network device. In this case, the program code stored in thememory 320 is specifically used for implementing the functions of the user equipment in the embodiments of fig. 2 to 13, and includes: theprocessor 310 is configured to invoke the program code stored in thememory 320 to perform the following steps-theprocessor 310 generates a symmetric key based on the private key of the user device and the public key of the access network device.
Optionally, after the public key of the access network device is successfully authenticated between the user equipment and the core network, theprocessor 310 obtains the public key from the access network device through thetransceiver 330.
Optionally, the protected data packet includes: a temporary identity of the user equipment.
Optionally, after the temporary identity of the user equipment is successfully authenticated with the core network, theprocessor 310 obtains the temporary identity from a network element of the core network through thetransceiver 330;
the core network element is configured to generate a temporary identity of the user equipment.
Optionally, theprocessor 310 is further configured to: sending, by using thetransceiver 330, an update request of the temporary identity to the core network element through the access network device, so that the core network element generates a new temporary identity of the user equipment based on the update request, thereby implementing update of the temporary identity of the user equipment.
Optionally, the temporary identity of the user equipment is obtained by the user equipment from the access network equipment after the user equipment and the core network are successfully authenticated; the access network equipment is used for generating the temporary identity of the user equipment.
Optionally, theprocessor 310 is further configured to: sending, by using thetransceiver 330, an update request of the temporary identity to the access network device, so that the access network device generates a new temporary identity of the user equipment based on the update request, thereby implementing an update of the temporary identity of the user equipment.
Optionally, the public key of the access network device is obtained by the user equipment from a broadcast message of the access network device.
Wherein the protected data packet comprises a public key of the user device.
Wherein the public key of the access network device comprises: the identifier of the access network equipment and the public key authentication code of the access network equipment. Optionally, the public key of the access network device further includes: the expiration of the public key of the access network equipment is recorded in the name of. When thefirst device 300 is an access network device noodle, the second device is a user device. In this case, the program code stored in thememory 320 is specifically used to implement the functionality of the access network device (CU) in the embodiments of fig. 2-13. The method comprises the following steps: theprocessor 310 is configured to call the program code stored in thememory 320 to perform the following steps:
theprocessor 310 generates a symmetric key based on the private key of the access network device and the public key of the user device. Optionally, the public key of the user equipment is obtained by the access network equipment from a core network element after the user equipment and the core network are successfully authenticated;
the core network element is configured to obtain a public key of the user equipment in an authentication process between the user equipment and a core network. Wherein the protected data packet comprises: a temporary identity of the user equipment.
Optionally, after the temporary identity of the user equipment is successfully authenticated with the core network, theprocessor 310 obtains the temporary identity from the network element of the core network through thetransceiver 330;
the core network element is configured to generate a temporary identity of the user equipment, and the core network element is further configured to update the temporary identity of the user equipment in the access network equipment.
Optionally, the temporary identity of the user equipment is generated by theprocessor 310 after the user equipment successfully authenticates with the core network;
theprocessor 310 generates a new temporary identity of the user equipment based on the update request of the user equipment, thereby implementing the update of the temporary identity of the user equipment in the access network equipment.
Optionally, theprocessor 310 is further configured to: under the communication scene that the access network equipment needs to be switched, a first switching message is sent to the target access network equipment through thetransceiver 330; the first handover message includes: the public key of the user equipment, the temporary identity of the user equipment and the routing information; receiving, by thetransceiver 330, a first handover confirmation message fed back by the target access network device; the first handover confirmation message comprises a public key of the target access network device; transmitting a second handover message to the user equipment through thetransceiver 330; the second handover message comprises a public key of the target access network device; receiving, by thetransceiver 330, a second handover confirmation message fed back by the user equipment, and deleting the temporary identity of the user equipment and the public key of the user equipment in the access network equipment based on the second handover confirmation message.
Wherein the public key of the ue is obtained by theprocessor 310 from the uplink message sent by the ue through thetransceiver 330.
Wherein the protected data packet comprises: an identification of the user device and a public key timestamp of the user device. Wherein the public key of the user equipment comprises: the identification of the user equipment and the public key authentication code of the user equipment. Optionally, the public key of the user equipment further includes: expiration date of the public key of the user equipment and a public key timestamp of the user equipment;
wherein the expiration of the public key of the user equipment indicates whether the public key of the user equipment is expired, and the public key timestamp of the user equipment is used for indicating the generation time of the protected data packet.
The core network element is an access and mobility management network element AMF.
Wherein the protected data packet is a PDCP data packet.
It should be noted that, the steps executed by theprocessor 310 and other technical features related to theprocessor 310 may also refer to the corresponding descriptions of the method embodiments shown in fig. 2 to fig. 13, and are not described again here. Based on the same inventive concept, the embodiment of the present invention further provides an apparatus, referring to fig. 17, where the apparatus is asecond apparatus 400, and thesecond apparatus 400 is configured to implement the method described in the method embodiments shown in fig. 2 to fig. 13. As shown in fig. 17, thesecond apparatus 400 includes: atransceiver 430, amemory 420, and aprocessor 410 coupled to the memory 420 (the number ofprocessors 410 may be one or more, and one processor is taken as an example in fig. 17). Thetransceiver 430,memory 420, andprocessor 410 may be connected by a bus or other means. Thetransceiver 430 is used to transmit data to the outside or receive data from the outside, among others. Thememory 420 is used for storing program codes and related data (such as configuration information, public key, private key, data packet, etc.), and theprocessor 410 is used for calling and running the program codes stored in thememory 420, and executing the following steps:
receiving, by thetransceiver 430, a protected data packet transmitted by the first device;
generating a symmetric key based on a private key of the second device and a public key of the first device;
performing security verification on the protected data packet by using a security key to obtain original data; wherein the security key comprises the symmetric key, or the security key comprises a key derived from the symmetric key; the security verification includes decryption and/or integrity verification.
When the second device is an access network device, the first device is a user device; when the second device is user equipment, the first device is access network equipment; wherein the access network equipment comprises a centralized processing unit CU of the access network AN or AN access network gateway.
Specifically, the private key of the second device is pre-configured in the second device.
Specifically, receiving, by thetransceiver 430, a protected data packet sent by the first device includes: receiving, by thetransceiver 430, a protected data packet sent by the first device without establishing a connection between the first device and the second device. When thesecond device 400 is an access network device (CU), the first device is a user equipment. In this case, the program code stored in thememory 420 is specifically used to implement the functionality of the access network equipment (CU) in the embodiments of fig. 2-13. The method comprises the following steps: theprocessor 410 is configured to call the program code stored in thememory 420 to perform the following steps:
theprocessor 410 generates a symmetric key based on the private key of the access network device and the public key of the user device.
Optionally, the protected data packet includes: a temporary identity of the user equipment.
Optionally, after the authentication between the user equipment and the core network is successful, theprocessor 410 obtains the public key from a core network element through thetransceiver 430, where the core network element is used to obtain the public key of the user equipment in the authentication process between the user equipment and the core network;
the public key of the user equipment has a corresponding relationship with the temporary identity of the user equipment, and theprocessor 410 determines the public key of the user equipment based on the temporary identity of the user equipment.
Wherein the protected data packet comprises: a public key of the user device; theprocessor 410 obtains the public key of the user device from the protected data packet.
Wherein the public key of the user equipment comprises: the identification of the user equipment and the public key authentication code of the user equipment. Optionally, the public key of the user equipment further includes: expiration date of the public key of the user equipment and a public key timestamp of the user equipment; theprocessor 410 determines whether the public key of the user equipment is expired based on the expiration date of the public key of the user equipment;processor 410 determines whether the protected data packet is time-out based on the public key timestamp of the user device. When thesecond device 400 is a user device, the first device is an access network device (CU). In this case, the program code stored in thememory 420 is specifically used for implementing the functions of the user equipment in the embodiments of fig. 2-13, and includes: theprocessor 410 is configured to call the program code stored in thememory 420 to perform the following steps:
theprocessor 410 generates a symmetric key based on the private key of the user device and the public key of the access network device.
Optionally, the protected data packet includes: a temporary identity of the user equipment;
theprocessor 410 receives, through thetransceiver 430, a protected data packet sent by the first device, specifically: theprocessor 410 receives the protected data packet based on the temporary identity of the user equipment through thetransceiver 430. Optionally, after the public key of the access network device is successfully authenticated between the user equipment and the core network, theprocessor 410 acquires the public key from the access network device through thetransceiver 430.
Optionally, the protected data packet includes: an identity of the user device, a public key timestamp of the user device. Optionally, the public key of the access network device is obtained by theprocessor 410 from the broadcast message of the access network device through thetransceiver 430.
Wherein the public key of the access network device comprises: the identifier of the access network equipment and the public key authentication code of the access network equipment. Optionally, the public key of the access network device further includes: the expiration of the public key of the access network equipment is recorded in the name of.
Specifically, the core network element is an access and mobility management network element AMF.
Wherein the protected data packet is a PDCP data packet.
It should be noted that, the steps executed by theprocessor 410 and other technical features related to theprocessor 410 may also refer to the corresponding descriptions of the method embodiments shown in fig. 2 to fig. 13, and are not described again here. Based on the same inventive concept, the embodiment of the present invention further provides another data protection method, including: a core network element receives a communication request between user equipment and access network equipment; the request comprises a public key of the user device;
the core network element generates a temporary identity of the user equipment based on the request;
the core network element sends the temporary identity of the user equipment to the access network equipment and the user equipment, so that the user equipment and the access network equipment use the temporary identity as a unique identifier of data transmitted between the user equipment and the access network equipment;
and the core network element sends the public key of the user equipment to the access network equipment, so that the access network equipment performs security protection or security verification on the data according to a symmetric key generated by the public key of the user equipment and a private key of the access network equipment.
The access network equipment comprises a centralized processing unit CU of AN access network AN or a gateway of the access network. Based on the same inventive concept, an embodiment of the present invention further provides a core network element, where the core network element includes: receiving module, processing module and sending module, wherein:
the receiving module is used for receiving a communication request between the user equipment and the access network equipment; the request includes a public key of the user device;
the processing module is used for generating a temporary identity of the user equipment based on the request;
the sending module is configured to send the temporary identity of the user equipment to the access network equipment and the user equipment, so that the user equipment and the access network equipment use the temporary identity as a unique identifier of data transmitted between the user equipment and the access network equipment;
the sending module is further configured to send the public key of the user equipment to the access network device, so that the access network device performs security protection or security verification on the data according to a symmetric key generated by the public key of the user equipment and a private key of the access network device.
In a specific embodiment, the core network element is AN access and mobility management element AMF, and the access network device includes a centralized processing unit CU of AN access network AN or a gateway of the access network. In addition, an embodiment of the present invention further provides a communication system, where the communication system includes: specifically, the first device is the device shown in fig. 14, and the second device is the device shown in fig. 15. Alternatively, the first device is the device shown in fig. 16, and the second device is the device shown in fig. 17.
When the second device is an access network device, the first device is a user device; when the second device is user equipment, the first device is access network equipment; wherein the access network equipment comprises a centralized processing unit CU of the access network AN or AN access network gateway.
In a specific implementation, the user equipment and the access network equipment correspond to the user equipment and the access network equipment in the method embodiments of fig. 2 to 12, respectively. In the above embodiments, all or part may be implemented by software, hardware, firmware, or any combination. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product comprises one or more computer program instructions which, when loaded and executed on a computer, cause a process or function according to an embodiment of the invention to be performed, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, the computer instructions may be transmitted from one network station, computer, server, or data center to another network station, computer, server, or data center by wire (e.g., coaxial cable, fiber optic, digital subscriber line) or wirelessly (e.g., infrared, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer and can be a data storage device, such as a server, a data center, etc., that includes one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape, etc.), an optical medium (e.g., DVD, etc.), or a semiconductor medium (e.g., solid state disk), among others.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

Claims (1)

  1. the temporary identity of the user equipment is obtained by the user equipment from a core network element after the user equipment and a core network are successfully authenticated; when the user equipment detects that the service time of the temporary identity reaches the deadline threshold, the user equipment sends an update request of the temporary identity to the core network element through the access network equipment, so that the core network element updates the temporary identity of the user equipment based on the update request; or, the temporary identity of the user equipment is obtained by the user equipment from the access network equipment after the user equipment and the core network are successfully authenticated; when the user equipment detects that the use time of the temporary identity reaches the deadline threshold, the user equipment sends an update request of the temporary identity to the access network equipment so that the access network equipment can update the temporary identity of the user equipment based on the update request.
CN201780090947.8A2017-06-012017-06-01Data protection method, device and systemPendingCN110896683A (en)

Applications Claiming Priority (1)

Application NumberPriority DateFiling DateTitle
PCT/SG2017/050279WO2018222133A2 (en)2017-06-012017-06-01Data protection method, apparatus and system

Publications (1)

Publication NumberPublication Date
CN110896683Atrue CN110896683A (en)2020-03-20

Family

ID=64454906

Family Applications (1)

Application NumberTitlePriority DateFiling Date
CN201780090947.8APendingCN110896683A (en)2017-06-012017-06-01Data protection method, device and system

Country Status (2)

CountryLink
CN (1)CN110896683A (en)
WO (1)WO2018222133A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN116158059A (en)*2020-07-232023-05-23苹果公司Protection of communications relayed through user equipment

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN112118254A (en)*2020-09-162020-12-22许永宾Internet of things intelligent terminal device privacy data protection system
FR3128088B1 (en)*2021-10-132024-07-05Orange Method and device for transferring a communication from one base station to another.

Citations (6)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN1507733A (en)*2002-01-172004-06-23株式会社东芝 Establishment of Symmetric Key Using Public Key Encryption
CN104769982A (en)*2013-10-232015-07-08华为技术有限公司 Method and device for secure communication between user equipment
CN105191479A (en)*2014-03-062015-12-23华为技术有限公司Information protection method, base station, user equipment and mobility management entity
CN105577609A (en)*2014-10-092016-05-11华为技术有限公司 Method and apparatus for controlling accessed content
US20170006003A1 (en)*2015-07-032017-01-05Afero, Inc.Apparatus and method for establishing secure communication channels in an internet of things (iot) system
US20170012956A1 (en)*2015-07-122017-01-12Qualcomm IncorporatedNetwork security architecture

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN105163309B (en)*2015-09-102019-02-15电子科技大学 A method for secure communication of wireless sensor network based on combined password

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN1507733A (en)*2002-01-172004-06-23株式会社东芝 Establishment of Symmetric Key Using Public Key Encryption
CN104769982A (en)*2013-10-232015-07-08华为技术有限公司 Method and device for secure communication between user equipment
CN105191479A (en)*2014-03-062015-12-23华为技术有限公司Information protection method, base station, user equipment and mobility management entity
CN105577609A (en)*2014-10-092016-05-11华为技术有限公司 Method and apparatus for controlling accessed content
US20170006003A1 (en)*2015-07-032017-01-05Afero, Inc.Apparatus and method for establishing secure communication channels in an internet of things (iot) system
US20170012956A1 (en)*2015-07-122017-01-12Qualcomm IncorporatedNetwork security architecture

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"\"S3-161370_pCR_Small_Data__Protection\""*
ERICSSON: "S3-161869 \"Security solution for Infrequent Small Data\""*
HUAWEI, HISILICON,: "S3-161781 \"Small Data Protection\""*
NOKIA: "S3-161663 \"Small data security solution connectionless access\""*

Cited By (1)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN116158059A (en)*2020-07-232023-05-23苹果公司Protection of communications relayed through user equipment

Also Published As

Publication numberPublication date
WO2018222133A3 (en)2019-01-31
WO2018222133A2 (en)2018-12-06

Similar Documents

PublicationPublication DateTitle
CN108347410B (en) Security implementation method, device and system
US11564100B2 (en)Security protection method and apparatus
US20200084631A1 (en)Key Configuration Method, Apparatus, and System
US9060270B2 (en)Method and device for establishing a security mechanism for an air interface link
JP3742772B2 (en) Integrity check in communication systems
KR101554396B1 (en)Method and apparatus for binding subscriber authentication and device authentication in communication systems
CN108377495B (en) A data transmission method, related equipment and system
CN110798833A (en)Method and device for verifying user equipment identification in authentication process
CN109587680B (en)Method, device and system for protecting parameters
KR20190015562A (en) Key configuration method, security policy determination method and apparatus
CN112087724A (en) A communication method, network equipment, user equipment and access network equipment
CN109714360B (en)Intelligent gateway and gateway communication processing method
WO2019137030A1 (en)Safety certification method, related device and system
KR20230008824A (en) Secure communication method and related device and system
CN113873510A (en) Secure communication method, related device and system
CN111615837B (en)Data transmission method, related equipment and system
CN110896683A (en)Data protection method, device and system
WO2006137625A1 (en)Device for realizing security function in mac of portable internet system and authentication method using the device
CN104518874A (en)Network access control method and system
JP2002152190A (en)Method for distributing cipher key through overlay data network
CN116347445A (en)Security protocol channel establishment method, transmission method and system based on non-3 GPP network element
CN117728880A (en)Access verification method, satellite, gateway station and storage medium

Legal Events

DateCodeTitleDescription
PB01Publication
PB01Publication
SE01Entry into force of request for substantive examination
SE01Entry into force of request for substantive examination
AD01Patent right deemed abandoned
AD01Patent right deemed abandoned

Effective date of abandoning:20240823
[8]ページ先頭
©2009-2025 Movatter.jp