Security processing method, device and system in conversion process

A switching process and security processing technology, applied in the field of network communication, can solve problems such as solutions that do not consider security processing, and achieve the effect of improving security

Inactive Publication Date: 2012-02-01
HUAWEI TECH CO LTD
View PDF3 Cites 34 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In the process of implementing the present invention, the inventors found that: optimized handover can avoid or reduce information

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security processing method, device and system in conversion process
  • Security processing method, device and system in conversion process
  • Security processing method, device and system in conversion process

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0072] Example 1 scenario is: the security processing method in the UE handover process under the HeNB based on the X2 interface, the process of the method is as follows figure 2 shown, including the following steps:

[0073] Step 1. The UE sends a measurement report message to the source HeNB.

[0074] Step 2. The source HeNB checks whether there are fresh security parameters of the UE locally, such as fresh NCC and NH. If there are fresh security parameters of the UE, the source HeNB calculates a new access stratum root key KeNB according to the NH in the fresh security parameters. *; otherwise, the source HeNB calculates KeNB* according to the original access stratum root key KeNB.

[0075] The fresh safety parameters are unused safety parameters, including unused NCC, NH.

[0076] The process of calculating the new KeNB* by the source HeNB in ​​step 2 can be described as:

[0077] KeNB*=KDF(KeNB / NH, PCI, DL-AERFCN); KDF(*) represents the key derivation function, KeNB / N...

example 2

[0097] The scenario is: the security processing method in the UE handover process under the HeNB based on the X2 interface. In this example, there is no direct X2 interface between the source HeNB and the target HeNB. X2 message. The process of this method is attached image 3 shown, including the following steps:

[0098] Wherein, steps 1 to 3 are the same as those in Example 1, and are not repeated here in this example.

[0099] Step 4. The HeNB GW judges that the optimized handover process needs to be performed according to the target cell information. If the HeNB GW has the fresh security parameters of the UE locally, it can go directly to step 7; if the HeNB GW does not have the fresh security parameters of the UE locally, then the HeNB GW Send a UE Security KeyRequest (UE Security Context Request) message to the MME, where the message includes the UE identity, to request to obtain the security parameters and key KASME of the UE.

[0100] In step 4, there are various m...

example 3

[0115] The scenario is the same as that of the second example, and the operation difference from the second example is that steps 4 to 6 are replaced by the following steps. This example only introduces different steps, and other steps will not be repeated.

[0116] Step 4. The HeNB GW determines that the optimized handover process needs to be performed according to the received handover request message. If the HeNB GW locally has the fresh security parameters of the UE, it can go directly to step 7;

[0117] If the HeNB GW locally stores the non-fresh NCC and NH, the HeNB GW sends a UE Security Key Request (UE Security Context Request) message to the MME, the message contains the UE identifier, to request to obtain the security parameters and key of the UE KASME.

[0118] The non-fresh NCC and NH stored locally by the HeNB GW are obtained by the security verification entity from the path modification confirmation message or the handover request message sent by the MME in the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a security processing method, device and system in a conversion process, which belong to the technical field of communication. UE (User Equipment), and a source node and a target node at the side of a network finish conversion preparation, and in a conversion execution process, the target node acquires the security capability information of the UE, provided by the source node or a security verification entity. The security verification entity comprises a gateway in an UE conversion scene under a base station or an anchor point base station in the UE conversion scene under a relay node. If the source node provides the security capability information of the UE, the method also comprises the following step of: sending routine correction confirm information to the target node if the security verification entity verifies that the security capability information of the UE in routine correction request information is consistent with the security capability information of the UE, which is locally saved. The embodiment of the invention ensures that the target node can select proper secure algorithm, so that the security of the optimized conversion process is further improved.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to a security processing technology in a handover process. Background technique [0002] In a Long Term Evolution (Long Term Evolution, LTE) system, a terminal device can access a mobility management entity (Mobility Management Entity, MME) in the core network through an access device. The access device is, for example, a Home Evolved NodeB (HeNB), an anchor evolved NodeB (Donorevolved NodeB, DeNB), or a relay (Relay). The HeNB may need to route to an appropriate MME through a Home Evolved NodeB Gate Way (HeNB GW). [0003] In practical applications, user equipment (User Equipment, UE) may switch between HeNB GWs or between Relays. In the handover process, the handover signaling is usually terminated on the MME, that is, the MME needs to participate in the handover process, and the MME performs the security processing in the handover process to ensure the forward and...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04W12/04H04W12/06H04W36/08H04W12/041
CPCH04W36/0038H04W36/08H04W88/16H04L12/5689H04W12/06H04W88/08H04W48/00H04W12/08H04L63/205H04W12/04H04W84/045H04W12/062
Inventor 张冬梅焦斌刘晓寒陈璟张爱琴
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap