Dissimilar user plane security

By setting different user plane security contexts for different gNB-CU-UPs in the 5G system, the security vulnerability problem when CU-UPs belong to different security domains is solved, and the overall user plane security protection of UE is realized.

CN115428498BActive Publication Date: 2026-07-10LENOVO (SINGAPORE) PTE LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
LENOVO (SINGAPORE) PTE LTD
Filing Date
2021-04-24
Publication Date
2026-07-10

AI Technical Summary

Technical Problem

In 5G systems, the use of user plane security keys means that when one gNB-CU-UP is compromised, the overall user plane security of the UE is affected, especially when multiple CU-UPs belong to different security domains. Existing technologies have failed to effectively address this issue.

Method used

Multiple user plane service security contexts are introduced, and different UP integrity and encryption keys are exported through the gNB-CU-CP node. Different UP security is activated at the UE to ensure password separation between different gNB-CU-UPs. Different UP security setting types are selected according to trust level and deployment location.

Benefits of technology

It effectively prevents the security breach of one CU-UP from affecting other CU-UPs, ensuring the overall user plane security of the UE, even if the CU-UPs belong to different trust domains, and realizing cryptographically separate UP security contexts.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN115428498B_ABST
    Figure CN115428498B_ABST
Patent Text Reader

Abstract

Apparatuses, methods, and systems are disclosed for setting multiple UP security contexts. One apparatus (900) includes a transceiver (925) and a processor (905) that derives (1005) distinct user plane (“UP”) integrity and encryption keys for a selected central unit user plane (“CU-UP”) node in a RAN. The processor (905) assigns (1010) a UP security indicator to uniquely identify the derived distinct UP integrity and encryption keys, and the transceiver (925) sends (1015) a setup request to the selected CU-UP node, the setup request including the UP security indicator and the distinct UP integrity and encryption keys. The transceiver (925) receives (1020) a setup response from the selected CU-UP node and the processor (905) activates (1025) the distinct UP security at the UE.
Need to check novelty before this filing date? Find Prior Art

Description

[0001] Cross-references to related applications

[0002] This application claims priority to U.S. Provisional Patent Application No. 63 / 015,386 entitled “MULTI-UP SECURITY SETUP”, filed April 24, 2020, by Sheeba Backia Mary Baskaran, Andreas Kunz, Genadi Velev, Prateek Basu Mallick, Joachim Loehr, and Hyung-Nam Choi, which is incorporated herein by reference. Technical Field

[0003] The topics disclosed herein generally relate to wireless communications, and more specifically to setting up multiple user plane (“UP”) security contexts for user equipment (“UE”), for example, in a decomposed gNB. Background Technology

[0004] In some wireless communication systems, the user plane integrity key (K UPint ) and / or user plane encryption protection key (K UPenc It is used to protect all user plane messages corresponding to different services of the UE for accessing the network. Summary of the Invention

[0005] A procedure for setting multiple UP security contexts is disclosed. This procedure can be implemented by an apparatus, system, method, or computer program product.

[0006] A method for a Central Unit Control Plane (“CU-CP”) node includes deriving a distinct UP integrity and encryption key for a selected Central Unit User Plane (“CU-CP”) node in a Radio Access Network (“RAN”), the deriving using a Key Derivation Function (“KDF”). The method includes assigning a User Plane (“UP”) security indicator / identifier to uniquely identify the derived distinct UP integrity and encryption key and sending a setup request to the selected CU-UP node, the setup request including the UP security indicator / identifier and the distinct UP integrity and encryption key. The method includes receiving a setup response from the selected CU-UP node and activating distinct UP security at a User Equipment (“UE”).

[0007] One method for a CU-UP node includes receiving a setup request message from a CU-CP node (i.e., gNB-CU-CP) in the RAN and selecting an UP encryption and integrity algorithm based on received UE security capabilities. The setup request includes an UP security indicator / identifier, UE security capabilities, and distinct UP integrity and encryption keys. The method includes sending the selected UP encryption and integrity algorithm to the CU-CP node and receiving an UP security activation success indication and an UP security indicator / identifier from the CU-CP node.

[0008] One approach for the UE includes sending a UE capability to the network (i.e., to the AMF) for supporting multiple UP security contexts in a Non-Access Stratum (“NAS”) message. The approach further includes receiving an Access Stratum (“AS”) Security Mode Command (“SMC”) message from a CU-CP node and / or receiving at least one Radio Resource Control (“RRC”) reconfiguration message from a CU-CP node to activate dissimilar (i.e., independent or different) UP security at the UE for a specific Data Radio Bearer (“DRB”). Here, the ASMC message contains a UP security indicator / identifier and an associated UP protection algorithm (i.e., encryption and integrity algorithms for dissimilar UP security). Furthermore, the (multiple) RRC reconfiguration messages contain a UP security indicator / identifier, an enable UP security separation indication, and at least one fresh parameter. A third approach includes deriving dissimilar UP integrity and encryption keys using a KDF and sending a UP security activation success indication and a UP security indicator / identifier in an RRC connection reconfiguration completion message to the CU-CP node. Attached Figure Description

[0009] A more specific description of the embodiments briefly described above will be presented with reference to the specific embodiments illustrated in the accompanying drawings. It should be understood that these drawings depict only a few embodiments and are therefore not intended to limit the scope; the embodiments will be described and explained with additional specificity and detail using the drawings, in which:

[0010] Figure 1 This is a schematic block diagram illustrating one embodiment of a wireless communication system for setting up a multi-UP security context;

[0011] Figure 2A This is a block diagram illustrating one embodiment of the fifth-generation (“5G”) new radio (“NR”) protocol stack;

[0012] Figure 2B This is a block diagram illustrating one embodiment of the overall architecture used to separate gNB-CU-CP and gNB-CU-UP;

[0013] Figure 3AThis is a diagram illustrating one embodiment of a centralized CU-UP and a distributed CU-UP;

[0014] Figure 3B This is a diagram illustrating one embodiment of a centralized CU-UP that is open to third parties;

[0015] Figure 4A This is a diagram illustrating one embodiment of a process for setting up multi-UP security settings using a bearer context setting message;

[0016] Figure 4B yes Figure 4A The continuation;

[0017] Figure 5A This is a diagram illustrating one embodiment of generating specific security keys for multiple distinct / independent user plane services (or gNB-CU-UP);

[0018] Figure 5B This is a diagram illustrating another embodiment of the generation of specific security keys for multiple disparate / independent user plane services (or gNB-CU-UP);

[0019] Figure 6 This is a diagram illustrating one embodiment of the process for adding / modifying multiple UP security settings during DRB addition;

[0020] Figure 7A This is a diagram illustrating one embodiment of a UP security setup with 5G-NR topology hiding;

[0021] Figure 7B This is a diagram illustrating another embodiment of a UP security setup with 5G-NR topology hiding;

[0022] Figure 8 This is a diagram illustrating one embodiment of a user equipment device that can be used to set multiple UP security contexts;

[0023] Figure 9 This is a diagram illustrating one embodiment of a network device apparatus that can be used to set multiple UP security contexts; and

[0024] Figure 10 This is a flowchart illustrating an embodiment of a first method for setting up multi-UP security.

[0025] Figure 11 This is a flowchart illustrating an embodiment of a second method for multi-UP security settings; and

[0026] Figure 12 This is a flowchart illustrating an embodiment of a third method for multi-UP security settings. Detailed Implementation

[0027] As those skilled in the art will understand, aspects of the embodiments can be embodied as a system, apparatus, method, or program product. Therefore, embodiments can take the form of a completely hardware embodiment, a completely software embodiment (including firmware, resident software, microcode, etc.), or an embodiment combining aspects of both software and hardware.

[0028] For example, the disclosed embodiments can be implemented as hardware circuitry that includes custom-designed very large-scale integration (“VLSI”) circuitry or gate arrays, off-the-shelf semiconductors such as logic chips, transistors, or other discrete components. The disclosed embodiments can also be implemented in programmable hardware devices such as field-programmable gate arrays, programmable array logic, programmable logic devices, etc. As another example, the disclosed embodiments may include one or more physical or logical blocks of executable code, which may, for example, be organized as objects, procedures, or functions.

[0029] Furthermore, embodiments may take the form of a program product embodied in one or more computer-readable storage devices that store machine-readable code, computer-readable code, and / or program code, hereinafter referred to as code. The storage device may be tangible, non-transitory, and / or non-transferable. The storage device may not embody signals. In one embodiment, the storage device employs only signals for accessing the code.

[0030] Any combination of one or more computer-readable media may be used. A computer-readable medium may be a computer-readable storage medium. A computer-readable storage medium may be a storage device for storing code. A storage device may be, for example, but not limited to, electronic, magnetic, optical, electromagnetic, infrared, holographic, micromechanical, or semiconductor systems, apparatuses, or devices, or any suitable combination thereof.

[0031] More specific examples of storage devices (a non-exhaustive list) will include the following: electrical connections having one or more wires, portable computer floppy disks, hard disks, random access memory (“RAM”), read-only memory (“ROM”), erasable programmable read-only memory (“EPROM” or flash memory), portable compact disc read-only memory (“CD-ROM”), optical storage devices, magnetic storage devices, or any suitable combination of the foregoing. In the context of this document, a computer-readable storage medium can be any tangible medium capable of containing or storing a program for use by or in conjunction with an instruction execution system, apparatus, or device.

[0032] The code used to perform the operations of the embodiments can be any number of lines and can be written in any combination of one or more programming languages, including object-oriented programming languages ​​such as Python, Ruby, Java, Smalltalk, and C++, and traditional procedural programming languages ​​such as the "C" programming language, and / or machine languages ​​such as assembly language. The code can be executed entirely on the user's computer, partially on the user's computer, as a standalone software package, partially on the user's computer and partially on a remote computer, or entirely on a remote computer or server. In the latter scenario, the remote computer can be connected to the user's computer via any type of network including a local area network ("LAN"), a wireless LAN ("WLAN"), or a wide area network ("WAN"), or can be connected to an external computer (e.g., via the Internet through an Internet service provider ("ISP").

[0033] Furthermore, the features, structures, or characteristics described in the embodiments can be combined in any suitable manner. Numerous specific details, such as examples of programming, software modules, user selection, network transactions, database queries, database structures, hardware modules, hardware circuits, hardware chips, etc., are provided in the following description to provide a thorough understanding of the embodiments. However, those skilled in the art will recognize that the embodiments can be practiced without one or more of these specific details or using other methods, components, materials, etc. In other instances, well-known structures, materials, or operations have not been shown or described in detail to avoid obscuring aspects of the embodiments.

[0034] Throughout this specification, references to "an embodiment," "embodiment," or similar language mean that a particular feature, structure, or characteristic described in connection with that embodiment is included in at least one embodiment. Therefore, unless expressly stated otherwise, the phrases "in an embodiment," "in an embodiment," and similar language throughout this specification may, but do not necessarily, refer to the same embodiment, but rather mean "one or more, but not all, embodiments." Unless expressly stated otherwise, the terms "comprising," "including," "having," and variations thereof mean "including, but not limited to,". Unless expressly stated otherwise, the list of enumerated items does not imply that any or all items are mutually exclusive. Unless expressly stated otherwise, the terms "a," "an," and "the" also mean "one or more."

[0035] As used herein, a list containing the conjunction “and / or” includes any single item in the list or a combination of items in the list. For example, a list of A, B, and / or C includes only A, only B, only C, a combination of A and B, a combination of B and C, a combination of A and C, or a combination of A, B, and C. As used herein, a list using the term “one or more of…” includes any single item in the list or a combination of items in the list. For example, one or more of A, B, and C includes only A, only B, only C, a combination of A and B, a combination of B and C, a combination of A and C, or a combination of A, B, and C. As used herein, a list using the term “one of…” includes one and only one single item in the list. For example, “one of A, B, and C” includes only A, only B, or only C and excludes combinations of A, B, and C. As used herein, “selected from the group consisting of A, B, and C” includes one and only one of A, B, or C and excludes combinations of A, B, and C. As used in this article, “selecting members of a group consisting of A, B, and C and their combinations” includes only A, only B, only C, combinations of A and B, combinations of B and C, combinations of A and C, or combinations of A, B, and C.

[0036] The following description of various aspects of the embodiments is based on schematic flowcharts and / or block diagrams of methods, apparatus, systems, and program products according to the embodiments. It will be understood that individual blocks in the schematic flowcharts and / or block diagrams, as well as combinations of blocks in the schematic flowcharts and / or block diagrams, can be implemented by code. This code can be provided to a processor of a general-purpose computer, special-purpose computer, or other programmable data processing apparatus to produce a machine, such that instructions executed via the processor of the computer or other programmable data processing apparatus create means for implementing the functions / actions specified in the flowcharts and / or block diagrams.

[0037] The code can also be stored in a storage device that can instruct a computer, other programmable data processing device or other device to operate in a particular manner, such that the instructions stored in the storage device produce an article of art including instructions that implement the functions / actions specified in the flowchart and / or block diagram.

[0038] The code may also be loaded onto a computer, other programmable data processing apparatus or other device to cause a series of operational steps to be performed on the computer, other programmable apparatus or other device, thereby producing a computer-implemented process, such that the code executing on the computer or other programmable apparatus provides a process for implementing the functions / actions specified in the flowchart and / or block diagram.

[0039] The flowcharts and / or block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of apparatus, systems, methods, and program products according to various embodiments. In this regard, each block in the flowcharts and / or block diagrams may represent a module, segment, or portion of code, which includes one or more executable instructions for implementing specified logical functions(s).

[0040] It should also be noted that in some alternative implementations, the functions marked in the boxes may not appear in the order shown in the figures. For example, two boxes shown consecutively may actually be executed substantially simultaneously, or these boxes may sometimes be executed in reverse order, depending on the functionality involved. Other steps and methods that are equivalent in function, logic, or effect to one or more boxes or portions thereof shown in the figures can be contemplated.

[0041] While various arrow and line types may be used in flowcharts and / or block diagrams, they are not intended to limit the scope of the corresponding embodiments. In practice, some arrows or other connectors may be used to indicate only the logical flow of the depicted embodiment. For example, an arrow may indicate a waiting or monitoring period of unspecified duration between enumerated steps of a depicted embodiment. It will also be noted that each block in a block diagram and / or flowchart, and combinations of blocks in block diagrams and / or flowcharts, can be implemented by a system based on dedicated hardware or a combination of dedicated hardware and code that performs the specified function or action.

[0042] The description of the elements in each figure can be referenced to the elements in the preceding figures. In all figures, the same reference numerals refer to the same elements, including alternative embodiments of the same elements.

[0043] Generally, this disclosure describes systems, methods, and apparatuses for multi-UP security settings. 5G systems use a common user plane integrity and encryption protection key (K). UPint and K UPenc This is to protect all user plane messages corresponding to different services for the UE with different (multiple) gNB-CU-UPs. In a scenario where a UE is connected to several gNB-CU-UPs located in different security domains, if one gNB-CU-UP is compromised, this practice will affect the overall user plane security of the UE. For example, if user plane security is compromised in one gNB-CU-UP (which is controlled by a third-party service / application provider for a specific service or is located in a vulnerable location), it will also compromise the security of other user planes handled by other gNB-CU-UPs for different services.

[0044] In some embodiments, the gNB deployment can be decomposed if the gNB-CU-UP may be compromised. Currently, no solution has been proposed in the 3GPP specification. According to 3GPP TR38.823, the gNB-CU-CP selects the appropriate(multiple) gNB-CU-UP(in) for the service requested by the UE. Figure 2A In the decomposed gNB scenario shown, current 5G systems assume that multiple CU-UPs selected by the CU-CP for the UE's service(s) belong to the same security domain. However, if multiple CU-UPs belong to different security domains (trusted and less trusted), compromised user plane security established with one CU-UP will undermine the security levels of other user planes established for the same UE through other CU-UPs. This problem is more likely to occur because current 5GS uses the same user plane security key (K). UPint and K UPenc This protects all user plane messages (integrity and confidentiality) between the UE and gNB, regardless of the trust domain or trust level of the gNB-CU-UP in the virtual environment.

[0045] The following is for reference Figure 3A and 3B Provide a more detailed explanation of the user plane security vulnerability.

[0046] Figure 1 A wireless communication system 100 for setting a multi-UP security context is depicted according to embodiments of the present disclosure. In one embodiment, the wireless communication system 100 includes at least one remote unit 105, a radio access network (“RAN”) 120, and a mobile core network 130. The RAN 120 and the mobile core network 130 form a mobile communication network. The RAN 120 may consist of a base station unit 121, and the remote unit 105 communicates with the base station unit 121 using a wireless communication link 123. Although in Figure 1 The document depicts a specific number of remote units 105, base station units 121, wireless communication links 123, RAN 120, and mobile core network 130, but those skilled in the art will recognize that any number of remote units 105, base station units 121, wireless communication links 123, RAN 120, and mobile core network 130 can be included in the wireless communication system 100.

[0047] In one implementation, RAN 120 conforms to the 5G system specifications outlined in the 3rd Generation Partnership Project (“3GPP”). For example, RAN 120 may be an NG-RAN that implements the NR RAT and / or LTE RAT. In another example, RAN 120 may include a non-3GPP RAT (e.g., Or an IEEE 802.11 series compliant WLAN. In another embodiment, RAN 120 conforms to the LTE system specified in the 3GPP specification. However, more generally, the wireless communication system 100 can implement some other open or proprietary communication networks, such as Global Microwave Access Interoperability (“WiMAX”) or the IEEE 802.16 series standards, as well as other networks. This disclosure is not intended to be limited to any particular wireless communication system architecture or protocol implementation.

[0048] In one embodiment, remote unit 105 may include computing devices such as desktop computers, laptop computers, personal digital assistants (“PDAs”), tablet computers, smartphones, smart TVs (e.g., internet-connected TVs), smart appliances (e.g., internet-connected appliances), set-top boxes, game consoles, security systems (including security cameras), in-vehicle computers, network devices (e.g., routers, switches, modems), etc. In some embodiments, remote unit 105 includes wearable devices such as smartwatches, fitness bands, optical head-mounted displays, etc. Furthermore, remote unit 105 may be referred to as UE, subscriber unit, mobile device, mobile station, user, access terminal, mobile terminal, fixed terminal, subscriber station, user terminal, wireless transmit / receive unit (“WTRU”), device, or other terms used in the art. In various embodiments, remote unit 105 includes a subscriber identification and / or identification module (“SIM”) and a mobile device (“ME”) that provides mobile terminal functions (e.g., radio transmission, conversion, voice encoding and decoding, error detection and correction, signaling to the SIM, and access). In some embodiments, the remote unit 105 may include a terminal device (“TE”) and / or be embedded in an appliance or device (e.g., a computing device as described above).

[0049] Remote unit 105 can communicate directly with one or more base station units 121 in RAN 120 via uplink (“UL”) and downlink (“DL”) communication signals. Additionally, UL and DL communication signals can be carried on wireless communication link 123. Here, RAN 120 is an intermediate network providing remote unit 105 with access to mobile core network 130. As described in more detail below, RAN 120 can send measurement and reporting configuration 111 to remote unit 105, wherein remote unit 105 sends measurement reports 113 to RAN 120.

[0050] In some embodiments, remote unit 105 communicates with application server 141 via a network connection to mobile core network 130. For example, application 107 in remote unit 105 (e.g., a web browser, media client, telephone, and / or Voice over Internet Protocol (“VoIP”) application) can trigger remote unit 105 to establish a Protocol Data Unit (“PDU”) session (or other data connection) with mobile core network 130 via RAN 120. Mobile core network 130 then uses the PDU session to relay services between remote unit 105 and application server 141 in packet data network 140. The PDU session represents a logical connection between remote unit 105 and user plane function (“UPF”) 131.

[0051] To establish a PDU session (or PDN connection), remote unit 105 must register with mobile core network 130 (also referred to as "attached to mobile core network" in the context of fourth-generation ("4G") systems). Note that remote unit 105 may establish one or more PDU sessions (or other data connections) with mobile core network 130. Therefore, remote unit 105 may have at least one PDU session for communicating with packet data network 140. Remote unit 105 may establish additional PDU sessions for communicating with other data networks and / or other communication peers.

[0052] In the context of a 5G system (“5GS”), the term “PDU session” refers to a data connection that provides end-to-end (“E2E”) user plane (“UP”) connectivity between a remote unit 105 and a specific data network (“DN”) via UPF131. A PDU session supports one or more Quality of Service (“QoS”) streams. In some embodiments, a one-to-one mapping may exist between QoS streams and QoS profiles, such that all packets belonging to a particular QoS stream have the same 5G QoS identifier (“5QI”).

[0053] In the context of 4G / LTE systems, such as Evolved Packet System (“EPS”), a Packet Data Network (“PDN”) connection (also known as an EPS session) provides end-to-end connectivity between the remote unit and the PDN. The PDN connectivity process establishes an EPS bearer, i.e., a tunnel between the remote unit 105 and the packet gateway (“PGW”, not shown) in the mobile core network 130. In some embodiments, a one-to-one mapping exists between the EPS bearer and the QoS profile, such that all packets belonging to a particular EPS bearer have the same QoS class identifier (“QCI”).

[0054] Base station unit 121 may be distributed across a geographical area. In some embodiments, base station unit 121 may also be referred to as an access terminal, access point, base station, base station, node B (“NB”), evolved Node B (abbreviated as eNodeB or “eNB”, also known as Evolved Universal Terrestrial Radio Access Network (“E-UTRAN”) node B), 5G / NR node B (“gNB”), home node B, relay node, RAN node, or any other term used in the art. Base station unit 121 is typically part of a RAN such as RAN 120, which may include one or more controllers communicatively coupled to one or more corresponding base station units 121. These and other elements of the radio access network are not shown, but are generally known to those skilled in the art. Base station unit 121 is connected to mobile core network 130 via RAN 120.

[0055] Base station unit 121 can serve multiple remote units 105 within its service area, such as a cell or cell sector, via wireless communication link 123. Base station unit 121 can communicate directly with one or more remote units 105 via communication signals. Typically, base station unit 121 transmits DL communication signals to serve remote units 105 in the time, frequency, and / or spatial domains. Furthermore, DL communication signals can be carried on wireless communication link 123. Wireless communication link 123 can be any suitable carrier in licensed or unlicensed radio spectrum. Wireless communication link 123 facilitates communication between one or more remote units 105 and / or one or more base station units 121. Note that during NR-U operation, base station unit 121 and remote units 105 communicate via unlicensed radio spectrum.

[0056] In one embodiment, the mobile core network 130 is a fifth-generation core network (“5GC”) or an evolved packet core network (“EPC”), which may be coupled to a packet data network 140, such as the Internet and private data networks, as well as other data networks. The remote unit 105 may have a subscription or other account with respect to the mobile core network 130. Each mobile core network 130 belongs to a single PLMN. This disclosure is not intended to limit implementation to any particular wireless communication system architecture or protocol.

[0057] Mobile core network 130 includes several network functions (“NFs”). As depicted, mobile core network 130 includes at least one UPF 131. Mobile core network 130 also includes multiple control plane functions (“CPs”), including but not limited to Access and Mobility Management Functions (“AMFs”) 133, Session Management Functions (“SMFs”) 135, Policy Control Functions (“PCFs”) 137, and Unified Data Management Functions (“UDMs”) serving RAN 120. In some embodiments, the UDM is quasi-co-located with a User Data Repository (“UDR”), which is described as a combined entity “UDM / UDR” 139. In various embodiments, mobile core network 130 may also include an Authentication Server Function (“AUSF”), a Network Repository Function (“NRF”) (used by various NFs for discovery and communication with each other via an Application Programming Interface (“API”), or other NFs defined for 5GC. In some embodiments, mobile core network 130 may include an Authentication, Authorization, and Accounting (“AAA”) server.

[0058] In various embodiments, the mobile core network 130 supports different types of mobile data connections and different types of network slices, wherein each mobile data connection utilizes a specific network slice. Here, a "network slice" refers to a portion of the mobile core network 130 optimized for a specific service type or communication service. A network instance may be identified by a single network slice selection aid information ("S-NSSAI"), while the set of network slices authorized for use by the remote unit 105 is identified by network slice selection aid information ("NSSAI"). Here, "NSSAI" refers to a vector value including one or more S-NSSAI values. In some embodiments, various network slices may include separate instances of network functions, such as SMF 135 and UPF 131. In some embodiments, different network slices may share some common network functions, such as AMF 133. For illustration purposes, Figure 1 Different network slices are not shown, but their support is assumed.

[0059] Despite Figure 1A specific number and type of network functions are described, but those skilled in the art will recognize that any number and type of network functions can be included in the mobile core network 130. Furthermore, in an LTE variant of the EPC where the mobile core network 130 is the EPC, the described network functions can be replaced by appropriate EPC entities, such as the Mobility Management Entity (“MME”), Serving Gateway (“SGW”), PGW, Home Subscriber Server (“HSS”), etc. For example, AMF 133 can be mapped to the MME, SMF 135 can be mapped to the control plane portion of the PGW and / or mapped to the MME, UPF 131 can be mapped to the SGW and the user plane portion of the PGW, UDM / UDR 139 can be mapped to the HSS, etc.

[0060] Although Figure 1 The components of the 5G RAN and 5G core network are described, but the embodiments described for setting up multi-UP security contexts are applicable to other types of communication networks and RATs, including IEEE 802.11 variants, Global System for Mobile Communications (“GSM”, i.e., 2G digital cellular networks), General Packet Radio Service (“GPRS”), General Mobile Telecommunications System (“UMTS”), LTE variants, CDMA 2000, Bluetooth, ZigBee, Sigfox, and others.

[0061] In the following description, the term "gNB" is used for base station, but it can be replaced by any other radio access node, such as RAN node, eNB, base station ("BS"), access point ("AP"), etc. The term UE is used for user equipment, but it can be replaced by any other radio access node, such as mobile terminal ("MT"), access terminal ("AT"), WTRU, IAB node, etc. Furthermore, the operation is primarily described in the context of 5G NR. However, the solution / method described is equally applicable to other mobile communication systems that set up multi-UP security contexts.

[0062] Figure 2A An NR protocol stack 200 according to an embodiment of this disclosure is depicted. Although Figure 2AThe diagram shows UE 205, RAN node 210, and AMF 215 in the 5G core network (“5GC”), but these represent a collection of remote units 105 that interact with base station unit 121 and mobile core network 140. As depicted, protocol stack 200 includes user plane protocol stack 201 and control plane protocol stack 203. User plane protocol stack 201 includes physical (“PHY”) layer 220, media access control (“MAC”) sublayer 225, radio link control (“RLC”) sublayer 230, packet data convergence protocol (“PDCP”) sublayer 235, and service data adaptation protocol (“SDAP”) layer 240. Control plane protocol stack 203 includes physical layer 220, MAC sublayer 225, RLC sublayer 230, and PDCP sublayer 235. Control plane protocol stack 203 also includes radio resource control (“RRC”) layer 245 and non-access stratum (“NAS”) layer 250.

[0063] The AS layer (also referred to as the "AS protocol stack") for the user plane protocol stack 201 consists of at least SDAP, PDCP, RLC, and MAC sublayers, as well as a physical layer. The AS layer for the control plane protocol stack 203 consists of at least RRC, PDCP, RLC, and MAC sublayers, as well as a physical layer. Layer 2 ("L2") is divided into SDAP, PDCP, RLC, and MAC sublayers. Layer 3 ("L3") includes the RRC sublayer 245 and NAS layer 250 for the control plane and includes, for example, the Internet Protocol ("IP") layer and / or PDU layer (not depicted) for the user plane. L1 and L2 are referred to as "lower layers," while L3 and higher layers (e.g., transport layer, application layer) are referred to as "higher layers" or "upper layers."

[0064] Physical layer 220 provides a transport channel to MAC sublayer 225. As described herein, physical layer 220 may use an energy detection threshold to perform CCA / LBT procedures. In some embodiments, physical layer 220 may send a notification of UL LBT failure to the MAC entity at MAC sublayer 225. MAC sublayer 225 provides a logical channel to RLC sublayer 230. RLC sublayer 230 provides an RLC channel to PDCP sublayer 235. PDCP sublayer 235 provides radio bearers to SDAP sublayer 240 and / or RRC layer 245. SDAP sublayer 240 provides QoS flows to the core network (e.g., 5GC). RRC layer 245 provides the addition, modification, and release of carrier aggregation and / or dual connectivity. RRC layer 245 also manages the establishment, configuration, maintenance, and release of signaling radio bearers (“SRBs”) and data radio bearers (“DRBs”).

[0065] NAS layer 250 is located between UE 205 and 5GC 215. NAS messages are transparently transmitted through the RAN. NAS layer 250 is used to manage the establishment of communication sessions and to maintain continuous communication with UE 205 when UE 205 moves between different cells in the RAN. In contrast, AS layer is located between UE 205 and the RAN (i.e., RAN node 210) and carries information through the radio portion of the network.

[0066] Figure 2B An overall architecture 251 for a decomposed gNB 210, which may be a base station unit 121, is shown. The decomposed gNB 210 is divided into a gNB central unit (“gNB-CU”) and one or more gNB distributed units (“gNB-DU”) 265. The gNB-CU and gNB-DU 265 are connected via an F1 interface.

[0067] The gNB-CU is a logical node that manages the RRC, SDAP, and PDCP protocols of the decomposed gNB 210. This logical node controls the operation of one or more gNB-DU 265 devices. The gNB-CU terminates the F1 interface connected to the gNB-DU 265. As described below, the F1 interface can be split into a control plane interface (i.e., F1-C) and a user plane interface (i.e., F1-U).

[0068] Each gNB-DU 265 represents a logical node managing the RLC, MAC, and PHY layers of a decomposed gNB 210, and its operation is partially controlled by the gNB-CU. One gNB-DU 265 supports one or more cells; however, a cell is supported by only one gNB-DU 265. The gNB-DU 265 terminates the F1 interface connected to the gNB-CU.

[0069] As depicted, in a decomposed gNB deployment, the gNB-CU can be further divided into a gNB-CU-control plane (“gNB-CU-CP”) 255 and one or more gNB-CU-user planes (“gNB-CU-UP”) 260. The gNB-CU-CP 255 is a logical node that hosts the control plane portion of the RRC and PDCP protocols for the decomposed gNB 210. The gNB-CU-CP 255 terminates the E1 interface connected to the gNB-CU-UP 260 and the F1-C interface connected to the gNB-DU 265.

[0070] Each gNB-CU-UP 260 is a logical node that hosts the user plane portion of the PDCP and SDAP protocols for the decomposed gNB 210. The gNB-CU-UP 260 terminates the E1 interface connected to the gNB-CU-CP 255 and the F1-U interface connected to the gNB-DU265.

[0071] Figure 3A A decomposed gNB 210 deployment is depicted in relation to a first threat scenario involving centralized and distributed CU-UPs. In the first UP security vulnerability scenario (“Scenario 1”), different gNB-CU-UPs 260s can be deployed physically far apart from each other, for example, co-located with gNB-DUs, or deployed in a central data center. In the depicted embodiment, a first gNB-CU-UP 301 (depicted as “gNB-CU-UP1”) is located at a centralized location, while a second gNB-CU-UP 303 (depicted as “gNB-CU-UP2”) is located at a distributed location, for example, co-located with one or more gNB-DUs 265s. This deployment can be used where the first gNB-CU-UP 301 provides eMBB service while the second gNB-CU-UP 303 provides low-latency service. It is possible that a single UE 205 can simultaneously support multiple service types. To prevent the security vulnerability in the second gNB-CU-UP 303 from also compromising the first gNB-CU-UP 301, the two CU-UP entities will belong to different security domains.

[0072] Figure 3B The deployment of a disaggregated gNB 210 is described in relation to a second threat scenario involving a centralized CU-UP that is open to third-party access. In the second UP security vulnerability scenario (“Scenario 2”), different gNB-CU-UP 260s can be deployed in a centralized location, for example, co-located with a gNB-CU-CP 255, such as... Figure 3B As shown. Note that CU-UPs exposed to third parties do not have the same trust level. In this example, the first gNB-CU-UP 301 and the second gNB-CU-UP 303 are deployed in a centralized location. The two CU-UP entities 301 and 303 can have different security levels, regardless of whether the first gNB-CU-UP 301 and the second gNB-CU-UP 303 are co-located. Otherwise, if the second gNB-CU-UP 303 is exposed to a third party, a security vulnerability in the second gNB-CU-UP 303 would compromise the first gNB-CU-UP 301 if the two CU-UP entities belong to the same security domain.

[0073] The first solution introduces multiple user plane service security contexts between the UE 205 and the gNB-CU-UP 260, with the operator assigning different trust levels to these contexts based on deployment location and / or third-party application service provider involvement. When security is compromised at any gNB-CU-UP 260, the cipher separation of the UE's user plane security across different gNB-CU-UP 260s prevents overall CP-UP / user plane security vulnerabilities. While the solutions and embodiments described in this disclosure focus primarily on NR RATs (i.e., gNBs) connected to the 5GC, they are also generally applicable to E-UTRA RATs (eNBs / ng-eNBs) connected to the 5GC.

[0074] According to the first solution, the process of establishing distinct user plane (UP) service security between the UE and one or more gNB-CU-UPs involves the following steps / sub-processes:

[0075] In step A, gNB-CU-CP 255 determines the UP security key export type based on the gNB-CU-UP trust level. The UP security key export type can be determined as follows.

[0076] Type 1 – Public UP Security: If the gNB-CU-UP 260(s) selected by gNB-CU-CP 255 belong to the operator's security domain, then gNB-CU-CP 255 does not need to initiate cryptographically separate UP security settings. Instead, gNB-CU-CP 255 can initiate public UP security settings, for example, from key K. gNB Export key K UPenc and K UPint An example of public UP security settings is specified in TS 33.501.

[0077] Type 2 – Cryptographically Separate UP Security. If the selected gNB-CU-UP(260) belong to different security domains (or are deemed less trustworthy by gNB-CU-CP(255)), then gNB-CU-CP(255) determines to initiate a cryptographically separate UP security setup for each of those gNB-CU-UP(260), where the UP security for one gNB-CU-UP(260) will be different / dissimilar to the UP security for the other(gNB-CU-UP(260)). Furthermore, gNB-CU-CP(255) can perform CU-UP-specific, independent user-plane security key derivations, for example, as described in the following reference. Figure 5A or Figure 5B As described.

[0078] Here, the terms 'independent UP security' and 'dissimilar UP security' in this disclosure refer to setting up / creating separate UP security contexts (integrity and ciphering keys) for each pair of UE 205 and gNB-CU-UP 260. Each independent / dissimilar UP security context is cryptographically separate from the other UP security contexts of the same UE 205 and other(multiple)gNB-CU-UP260(s) in a decomposed gNB deployment. Therefore, for the scenarios described in options 1 and 2 of the first solution below, multiple UP security contexts need to be set up for UE 205 and the decomposed gNB 210. The terms 'independent UP security' and 'dissimilar UP security' (which refer to cryptographically separate UP security contexts or keys) are used interchangeably in this disclosure, and all these terms convey the same meaning.

[0079] Type 2 key export can be used for dissimilar UP security and / or independent UP security. Note that gNB-CU-CP 255 determines whether to export a dissimilar user plane (“UP”) security context that needs to be different from the existing public UP security context, based on the trust level, deployment location, and local policies of the selected gNB-CU-UP.

[0080] At step B, for different UP security, UP security algorithm negotiation and selection occurs via gNB-CU-CP 255 or via gNB-CU-UP 260 which have different trust levels (controlled / operated by a third-party application provider) or belong to different security domains.

[0081] At step C, the independent UP security activation performed by NG-RAN / 5G-NR together with UE 205 occurs using the RRC connection reconfiguration process (either individually or aggregated in a single RRC connection reconfiguration request per gNB-CU-UP 260).

[0082] The method for determining and establishing multi-user plane security for UE 205 by gNB-CU-CP 255 is based on the following references. Figures 4A-4B (Option 1) and Figure 6 Option 2 describes the two processes in detail, specifying the steps involved during the above steps / subprocesses (AC).

[0083] Figures 4A-4B A first process 400 for multi-user plane security according to embodiments of the present disclosure is depicted. These figures represent a first option (setting option 1) for multi-UP security settings according to a first solution. The first process 400 is performed during the initial attachment process (e.g., registration process) of the UE with the 5G system. The first process 400 supports multi-UP security for the UE in the 5G system.

[0084] As used in this disclosure, multi-UP security is defined as having a common UP security context at both the UE and the 5G-NR / gNB, and also having one or more distinct / independent UP security contexts. The common UP security context protects all DRBs that terminate at one or more gNB-CU-UP 260s belonging to the same security domain / controlled by the operator; however, each distinct / independent UP security context protects all DRBs that terminate at one or more gNB-CU-UP 260s belonging to different security domains or locations (or controlled by a third-party application service provider).

[0085] Note that in Figures 4A-4B In this disclosure, all DRB group security IDs can be referred to as 'UP security ID' or 'UP security indicator' in other ways. These terms may be used interchangeably in this disclosure and all convey the same meaning. Figures 4A-4B The steps involved in setting up the independent multi-user plane security context at 5G NR and activating it at UE 205 are described below.

[0086] from Figure 4A Initially, in step 1, UE 205 sends an initial NAS message to the 5G core network, specifically to AMF 215 (see Message Passing 401). In one embodiment, the initial NAS message contains a registration request. In another embodiment, the initial NAS message contains a service request. The process used by UE 205 to establish encrypted protection for radio bearers is initiated by either the NAS registration request message or the service request message, which includes "(multiple) PDU sessions to be established / reactivated" from UE 205 to AMF 215, for example, as specified in 3GPP TS 33.501 Clause 6.8.1.2.2.

[0087] At step 2a, if necessary, the 5G core network (e.g., AMF 215 together with AUSF and UDM) performs primary authentication with UE 205 (see message 403).

[0088] At step 2B, after successful authentication, AMF 215 and UE 205 initiate and execute the NAS security mode command procedure to select a NAS security algorithm and establish a NAS security context (see message 405). In some embodiments, the initial NAS message containing UE security capabilities may include additional information elements, namely, a Multi-UP Security (“MUPS”) parameter, indicating the maximum number of MUPS supports and / or support groups, i.e., the maximum number of independent security contexts for gNB-CU-UP260.

[0089] In step 3, AMF 215 sends an initial context setup request to the RAN, specifically to gNB-CU-CP 255 (see message 407). The initial context setup request is accompanied by the key K. gNB The UE security capabilities, MUPS parameters, user plane security implementation information and service information (e.g., (multiple) S-NSSAI and / or (multiple) DNN and / or (multiple) 5QI) are sent together to trigger the establishment of access security between the decomposed gNB 210 and the UE 205.

[0090] Alternatively, when the registration request does not include "(multiple) PDU sessions to be reactivated" and there is pending downlink UP data or pending downlink signaling, the AMF 215 can initiate a process to establish encryption protection for the radio bearer. Additionally, the 5GC can activate UP resources for one or more PDU sessions. In this case, (multiple) SMFs can send N2-SM information containers to the RAN (i.e., to the decomposed gNB 210).

[0091] In step 4, when activating UP resources for the Uu interface, gNB-CU-CP 255 can select one or more gNB-CU-UP 260s (see box 409). Here, the selection takes into account N2 SM information received from the 5GC (e.g., service information such as S-NSSAI / DNN / 5QI and MUPS parameters) for UP resource activation. Here, it is assumed that gNB-CU-CP 255 selects at least one gNB-CU-UP260 belonging to a different security domain or operated / controlled by a third-party application service provider with a lower trust level than the operator-controlled gNB-CU-UP 260. Therefore, gNB-CU-CP 255 determines to initiate distinct / independent user plane security settings for data radio bearers terminated using that particular selected gNB-CU-UP260.

[0092] Note that if any number of gNB-CU-UP 260s belonging to various different security domains are selected to provide more than one type of service for UE 205, then gNB-CU-CP 255 can similarly use any number of gNB-CU-UP 260s belonging to various different security domains to initiate multiple distinct / independent user plane security for the same UE. Also note that if UE 205 does not support multi-UP security as indicated in the MUPS parameters, then gNB-CU-CP 255 does not activate any UP resources that require different security contexts.

[0093] If gNB-CU-CP 255 determines, based on its deployment and trust level, to initiate dissimilar / independent user plane security related to a specific gNB-CU-UP 260, then gNB-CU-CP 255 assigns a dedicated DRB group security ID (otherwise referred to as an UP security indicator or identifier (“ID”)) to the selected gNB-CU-UP 260.

[0094] The purpose of the DRB Group Security ID / UP Security Indicator / UP Security Identifier is to uniquely identify disparate security contexts derived from gNB-CU-CP 255 to protect UP services terminated using a specific selected gNB-CU-UP 260 with a lower trust level (or belonging to a different security domain). Furthermore, the DRB Group Security ID can also be used to indicate a set of all DRBs that can be established / terminated for UE services using a selected gNB-CU-UP 260 for applications with a common UP security context but different from other gNB-CU-UP security contexts. Grouping / addition of DRBs to a specific gNB-CU-UP 260 can be based on the requested service, NSSAI, DNN, QoS requirements, or whether they belong to the same PDU session or have the same trust relationship with the application / service provider. The DRB Group Security ID indicates which DRBs apply to the same user plane security context. The DRB Group Security ID can also be referred to as the UP Security Indicator / UP Security Identifier, and it applies to all the relevant procedures described herein.

[0095] Also during step 4, the gNB-CU-CP 255 derives the user plane security key. In one embodiment, the UP security key is derived based on... Figure 5A The export options are shown. In another embodiment, the UP security key export is based on... Figure 5B The export options are shown.

[0096] Figures 5A-5B This presents two possible methods for deriving one or more dedicated / independent user plane integrity and cryptographic protection keys to cover the full range of possible key derivings in this disclosure. However, note that operators are capable of implementing… Figures 5A-5B Only one of the key export options is given.

[0097] Dissimilar gNB-CU-UP specific key (K CU-UPint K CU-UPenc ) can be obtained from existing public user plane keys (K) by gNB-CU-CP UPint and K UPenc Export (Export option 1, shown in) Figure 5A(in the middle) or directly from the K provided by AMF 215 in the initial context setting request message. gNB Key (Export Option 2, shown in) Figure 5B The DRB group security context (DRB) is exported, and the corresponding DRB group security ID (or otherwise referred to as the UP security indicator) is assigned by gNB-CU-CP and the DRB group security ID, together with the exported distinct UP security context, is stored in its local memory.

[0098] Any one or more of the following fresh input parameters can be assigned by gNB-CU-CP 255 and used by gNB-CU-CP 255 in independent / dissimilar UP key generation, in addition to the input key, to ensure cipher separation between multiple UP security contexts derived for the same UE 205 using different gNB-CU-UP 260:

[0099] DRB group security ID,

[0100] • Service information (e.g., S-NSSAI / DNN / 5QI),

[0101] • Independent User Plane Security (“IUPS”) Counter (i.e., IUPS-Counter): The IUPS-Counter is a counter processed by gNB-CU-CP 255, and is initiated by gNB-CU-CP 255 against UE 205 by selecting gNB-CU-UP 260 belonging to a different security domain and from key K. gNB Or an existing public UP security key (K UPint and K UPenc Derive the first independent (i.e., distinct) user plane security key (K). CU-UPint and K CU-UPenc It is initialized to 1 when ). Whenever gNB-CU-CP 255 initiates a subsequent independent UP security for the same UE 205 by selecting another gNB-CU-UP 260 belonging to a different security domain and deriving its subsequent independent user plane security key (K CU-UPint and K CU-UPenc When IUPS-Counter is incremented by 1, the counter is incremented by 1.

[0102] • The IUPS random number (i.e., the "IUPS Rand") is a random number assigned by gNB-CU-CP 255 to derive a distinct UP security context; and / or

[0103] • IUPS-Nonce is the current value, which is an arbitrary number assigned by gNB-CU-CP 255 for deriving distinct UP security contexts and can only be used once.

[0104] Figure 5A The diagram illustrates the first UP security key export 500 performed by UE 205 and gNB-CU-CP 255, referred to as "Export Option 1" (i.e., to introduce cipher separation between user plane services from the same UE to different gNB-CU-UPs). According to Export Option 1, the key K... CU-UPint It is exported as KDF(K) using the key export function (“KDF”). UPint (fresh input parameters, size / length of fresh input parameters) and key K CU-UPenc Derived as KDF(K UPenc Fresh input parameters, size / length of fresh input parameters).

[0105] Figure 5B The diagram illustrates a second UP security key export 501 performed by UE 205 and gNB-CU-CP 255, referred to as "Export Option 2" (i.e., to introduce cipher separation between user plane services from the same UE to different gNB-CU-UPs). According to Export Option 2, the key K... CU-UPint Derived as KDF(K gNB (fresh input parameters, size / length of fresh input parameters) and key K CU-UPenc Derived as KDF(K gNB Fresh input parameters, size / length of fresh input parameters).

[0106] In another option (in) Figures 5A-5B In the (not depicted) section, UE 205 and gNB-CU-CP 255 each export key K according to gNB-CU-UP260. gNB *(Similar to vertical and horizontal gNB key derivation) and from key K gNB * Export standalone user plane security key (K CU-UPint and K CU-UPenc ).

[0107] Return to Figure 4A In step 5, gNB-CU-CP 255 sends a bearer context setting request message to each selected gNB-CU-UP 260 (see message passing 411). Here, the bearer context setting request message contains the newly derived gNB-CU-UP-specific UP integrity and confidentiality protection key (i.e., K). CU-UPint and K CU-UPencThe bearer context setting request message includes: DRB group ID / UP security indicator (used to uniquely identify the UP security context of gNB-CU-UP), any one of the user plane security separation / fresh input parameters (or IUPS-Counter / RAND / Nonce if needed for encryption and integrity protection), UE security capabilities, and UP security policies. In some embodiments, the bearer context setting request message also includes additional information, such as CN N3 tunnel termination (e.g., UPF ID / address), (multiple) QFI / 5QI, QoS profile (including (multiple) service filters), etc. Each selected gNB-CU-CP255 assigns its assigned DRB group security ID / UP security indicator, DRB ID, gNB-CU-UP ID, and newly derived gNB-CU-UP specific key (K). CU-UPint K CU-UPenc As a separate UP secure part, it is stored in its local memory.

[0108] Alternatively, if gNB-CU-CP 255 is aware of specific security capabilities of gNB-CU-UP, such as user plane security requirements based on a third-party application service provider, then gNB-CU-CP considers both UE security capabilities and gNB-CU-UP security capabilities to select the highest priority user plane confidentiality and integrity algorithm. In such an embodiment, gNB-CU-CP 255 additionally sends the selected UP security algorithm ID to the selected gNB-CU-UP 260 in the bearer context setting request message. Note that in this alternative case, gNB-CU-CP 255 does not need to send UE security capabilities to gNB-CU-UP 260 because the UP security algorithm selection has already occurred at gNB-CU-CP 255.

[0109] At step 6, each selected gNB-CU-UP 260 locally stores the received UP integrity and confidentiality protection key (K). CU-UPint and K CU-UPenc The message contains the DRB ID and DRB group ID / UP security indicator (see box 413). If the bearer context setting request message includes UE security capabilities, the UP security algorithm selection occurs at gNB-CU-UP 260. Here, gNB-CU-UP 260 selects the highest priority user plane confidentiality and integrity algorithm available for user plane protection based on the UE security capabilities and its own security capabilities.

[0110] Alternatively, if the selected gNB-CU-UP 260 receives UP security algorithms but not UE security capabilities from the gNB-CU-CP 255, the gNB-CU-UP 260 stores the received UE security (e.g., integrity and encryption) algorithms locally for its subsequent use.

[0111] refer to Figure 4B At step 7, gNB-CU-UP 260 sends a bearer context setting response containing the selected user plane confidentiality and integrity protection algorithm and UP integrity and encryption protection indications (determined based on the received and local UP security policies) (see message passing 415).

[0112] At steps 8a-8b, after successful bearer context setup, gNB-CU-CP 255 sends an AS security mode command to UE 205, including (multiple) DRB group security IDs / (multiple) UP security indicators, (multiple) selected user plane confidentiality and integrity protection algorithms for independent / dissimilar UP security, and existing public UP and RRC algorithms (see Message Passing 417-419). The DRB group ID / UP security indicators help distinguish each dissimilar UP security algorithm from the public UP encryption and integrity protection algorithm. Which DRB belongs to which DRB group security ID / UP security indicator, along with the corresponding algorithm, is indicated in subsequent RRC reconfiguration requests. Note that, as a prerequisite to step 8a, during the initial context setup between UE 205 and gNB, gNB-CU-CP 255 previously performed an Access Layer (“AS”) Security Mode Command (“SMC”) procedure (i.e., to activate the initial K during the RRC_IDLE to RRC_CONNECTED state transition). gNB ).

[0113] At steps 9a-9b, gNB-CU-CP 255 further activates independent user plane security (integrity and encryption / confidentiality protection activation) as part of the DRB addition procedure (to gNB-CU-UP belonging to a different security domain) using the RRC connection reconfiguration procedure with the UE. At step 9a, gNB-CU-CP 255 sends an RRC connection reconfiguration request message to the UE for independent UP security activation (see message passing 421).

[0114] Here, the RRC reconfiguration message includes the DRB group security ID / UP security indicator for each DRB (i.e., letting the UE know what UP security needs to be applied for DRB security and grouping all DRBs from the UE that need to apply the same UP security, as that can determine the destination of a specific gNB-CU-UP (belonging to a security domain different from the security domain controlled by the operator)), an enable UP security separation indicator (i.e., sent only if a new dissimilar / independent UP security export needs to be triggered for the corresponding DRB at the UE), any new input parameters used by the gNB-CU-CP for the dissimilar UP security key (integrity and encryption key) (i.e., this IE is sent only if the 'enable UP security separation indicator' is sent), service information, and the selected UP encryption and integrity protection algorithm (if not already provided in the AS SMC) and UP integrity and encryption protection indicators.

[0115] Note that fresh input parameters can be UP security password separation service information (e.g., S-NSSAI / DNN / 5QI, IUPS-Counter, IUPS Rand, and / or IUPS-Nonce). One or more DRBs can have the same DRB group security ID / UP security indicator as determined by gNB-CU-CP, and all UP messages associated with those DRBs apply the same UP security indicated by the UP security indicator. In one embodiment, gNB-CU-CP 255 sends parameters for each gNB-CU-UP in an individual RRC connection reconfiguration request. In another embodiment, gNB-CU-CP 255 sends parameters aggregated in an RRC connection reconfiguration request.

[0116] At step 9b, if UE 205 successfully verifies the integrity of the RRC connection reconfiguration message, UE 205 sends an RRC connection reconfiguration complete message, along with an UP security activation success indication and an UP security indicator to gNB-CU-CP (see message passing 423).

[0117] If UP integrity protection is activated for the DRB as indicated in the RRC connection reconfiguration message, and if gNB-CU-CP 255 provides an 'Enable UP Secure Detachment Indication', then UE 205 can use the above reference similarly to gNB-CU-CP 255. Figures 5A-5B Any of the described options, i.e., using the DRB group security ID and / or fresh input parameters provided by gNB-CU-CP 255 to generate distinct / independent user plane integrity and confidentiality protection keys (K CU-UPint and K CU-UPenc ). UE 205 stores the newly generated distinct UP key (K) locally. CU-UPint and KCU-UPenc The DRB ID (if provided by gNB-CU-CP) and the received DRB group security ID / UP security indicator.

[0118] If more than one DRB has the same DRB group security ID / UP security indicator and no 'Enable UP Security Separation Indicator' is sent during UP security activation, as provided by gNB-CU-CP, then UE 205 will only store those DRB IDs and the DRB group security ID / UP security indicator as part of a distinct / independent UP security context, and apply a distinct UP security context corresponding to the UP security indicator already created and stored on the UE side. UP integrity protection for such DRBs with the same DRB group security ID should use K... CU-UPint This begins at UE 205. Similarly, if UP encryption is activated for a DRB as indicated in an RRC connection reconfiguration message, then UP encryption for such DRBs with the same DRB group security ID should use K. CU-UPenc Start at UE.

[0119] If UP integrity protection is activated for the DRB indicated in the RRC connection reconfiguration message, and if gNB-CU-CP 255 does not provide an 'Enable UP Security Separation Indicator', then UE 205 identifies and retrieves the relevant dissimilar UP security context already stored locally (i.e., based on the DRB group security ID / UP security indicator), and performs integrity and encryption protection for the corresponding DRB.

[0120] Similarly, the activation of integrity and encryption can be performed using the corresponding UP integrity and encryption keys (K). CU-UP-xint and K CU-UP-xenc For all other DRBs based on a specific DRB group security ID / UP security indicator as indicated by gNB-CU-CP 255, the UE 205 is started.

[0121] Note that on the UE side, UE 205 uses an UP security indicator to uniquely identify dissimilar UP security contexts to protect UP message packets belonging to a DRB, as indicated by gNB-CU-CP 255 in the RRC reconfiguration message. If a dissimilar UP security context is already available for an UP security indicator, UE 205 uses the UP security indicator to uniquely identify the dissimilar UE security context stored locally at UE 205.

[0122] At step 10a, UE 205 verifies the RRC connection reconfiguration message (see box 425). If successful, then:

[0123] • If independent UP integrity protection is activated for a DRB belonging to a DRB group security ID, as indicated in the RRC connection reconfiguration message, and if UE 205 does not have K CU-UPint Then UE 205 generates K as described above. CU-UPint Furthermore, UE205 initiates independent UP integrity protection for such DRBs belonging to a specific DRB group ID, as described in step 9b.

[0124] Similarly, if a separate UP encryption is activated for a DRB belonging to the DRB group security ID, as indicated in the RRC connection reconfiguration message, and if UE 205 does not have K CU-UPenc Then UE 205 generates K as described above. CU-UPenc Furthermore, UE205 initiates UP encryption for such DRBs belonging to a specific DRB group ID, as described in step 9b.

[0125] In one embodiment, if the DRB group security ID / UP security is formatted as: [Service ID|NG RAN assigned ANNonce] (where the symbol '|' indicates concatenation), then the gNB-CU-CP255 skips sending the service ID to the UE 205.

[0126] At step 10b, if gNB-CU-CP 255 receives an RRC reconfiguration complete message with an UP security success indication and an UP security indicator, then gNB-CU-CP 255 activates UP encryption and integrity protection at the corresponding gNB-CU-UP 260 by sending the DRB group security ID / UP security indicator and an UP security activation success indication to gNB-CU-UP 260 (see box 427).

[0127] If UP integrity protection is activated for a DRB as indicated in an RRC connection reconfiguration message, then UP integrity protection for such a DRB (marked with the indicated DRB group security ID) can use a specific K CU-UPint It begins at gNB (i.e., gNB-CU-UP 260). Similarly, if UP encryption is activated for a DRB as indicated in an RRC connection reconfiguration message, then UP encryption for such a DRB (marked with the indicated DRB group security ID) can use a specific K CU-UPenc It begins at gNB (i.e., gNB-CU-UP 260).

[0128] Regarding the cipher separation in the UP confidentiality mechanism, in addition to message packets, 5-bit bearer identifiers, 1-bit direction values, and 32-bit PDCP counts, the DRB group security ID (which can be between 3 and 6 bits) assigned by the access network (i.e., gNB-CU-CP255) and / or any fresh inputs (such as current values ​​and / or random numbers and / or counters assigned and provided by gNB-CU-CP 255) can also be used by UE 205 and gNB 210 as input parameters for the user plane confidentiality protection algorithm.

[0129] Regarding the cipher separation in the UP integrity mechanism, in addition to message packets, 5-bit bearer identifiers, 1-bit direction values, and 32-bit PDCP counts, the DRB group security ID (which can be between 3 and 6 bits) assigned by the access network (i.e., gNB-CU-CP255) and / or any fresh inputs (such as current values ​​and / or random numbers and / or counters assigned and provided by gNB-CU-CP 255) can also be used by UE 205 and gNB 210 as input parameters for the user plane integrity protection algorithm.

[0130] Figure 6 A second process 600 for multi-user plane security according to an embodiment of this disclosure is depicted. This figure illustrates a second option (setting option 2) for multi-user plane security settings according to a first solution. The second process 600 depicts multi-UP security settings (DC-based solution) during initial UE context setting at the 5G-NR using a new E1-independent UP context setting / adding procedure. The second process 600 is performed by the 5G-NR when the UE 205 is in a connected state and has already used at least one DRB, and when the 5G-NR performs a DRB adding procedure to add a DRB for the UE 205 based on a UE service request.

[0131] The proposed E1-independent UP context setup / DRB addition procedure is initiated by gNB-CU-CP255 and used to establish an independent UE context at gNB-CU-UP 260. This facilitates cipher separation of the DRB established with UE 205 in user plane security for specific services controlled by a third-party application service provider or if the gNB-CU-UP 260 selected for the new DRB belongs to a different security domain. Procedure 600 can also be used to configure a DRB terminated by gNB-CU-UP 260 when gNB-CU-UP 260 has different security requirements or belongs to a different security domain.

[0132] For each independent UP context setup initiated during the addition of a DRB to a new gNB-CU-UP 260, the gNB-CU-CP 255 assigns a DRB group security ID / UP security indicator to the DRB terminating at the same gNB-CU-UP 260, and additionally maintains fresh input parameters to derive the gNB-CU-UP specific key, for example, as referenced above. Figures 5A-5B As described. Note that (multiple) fresh input parameters can be any of the following:

[0133] • DRB security group ID (also known as UP security indicator),

[0134] • Service information (e.g., S-NSSAI / DNN / 5QI),

[0135] • IUPS-Counter: The IUPS-Counter is a counter processed by gNB-CU-CP 255, and is initiated by gNB-CU-UP 260 against UE 205 when an independent UP security is selected by gNB-CU-CP 255 through selection of gNB-CU-UP 260 belonging to a different security domain and from K gNB Or an existing public UP security key (K UPint and K UPenc Export the first independent user plane security key (K) CU-UPint and K CU-UPenc It is initialized to 1 when ). Whenever gNB-CU-CP 255 initiates a subsequent independent UP security for the same UE 205 by selecting another gNB-CU-UP260 belonging to a different security domain and using the above reference Figures 5A-5B The described export options are used to export the fresh, independent user plane security key (K). CU-UPint and K CU-UPenc When IUPS-Counter is incremented by 1, the counter is incremented by 1.

[0136] • IUPS-Rand; and / or

[0137] ·IUPS-Nonce

[0138] When running a process for adding (multiple) subsequent data radio bearers (“DRBs”) to the same gNB-CU-UP 260 based on DRB service information such as (S-NSSAI / DNN / 5QI), for each new data radio bearer, the gNB-CU-CP 255 may include the same DRB security group ID / UP security indicator, which is assigned by the gNB-CU-CP 255 during the initial DRB setup with the same gNB-CU-UP 260 to group all DRBs terminating at the same gNB-CU-UP 260 (which belongs to a security domain different from the operator's security domain) and apply the same UP security to all DRBs terminating in the same gNB-CU-UP 260.

[0139] The process 600 for setting distinct / independent CU-UP-specific UP contexts during DRB addition involves the following steps:

[0140] In step 1, UE 205 and (NG-RAN)gNB-CU-CP 255 establish an RRC connection (see message passing 601).

[0141] In step 2, if gNB-CU-CP 255 selects a gNB-CU-UP 260 belonging to a different security domain or operated / controlled by a third-party application service provider with a lower trust level than the operator-controlled gNB-CU-UP 260, then gNB-CU-CP 255 determines to initiate an independent / different UP context setup with that specific gNB-CU-UP 260 (see box 603). If gNB-CU-CP 255 receives service information (e.g., S-NSSAI / DNN / 5QI), the selection of gNB-CU-UP 260 can be based on the received service information.

[0142] Note that if UE 205 does not support multi-UP security as indicated in the MUPS parameters of the UE context, such as when provided to gNB-CU-CP 255 during initial context setup, then gNB-CU-CP 255 will not activate any UP resources that require different security contexts.

[0143] gNB-CU-CP 255 then exports the dissimilar user plane security key (K CU-UPint K CU-UPenc For example, as mentioned above. Figures 5A-5B As described. gNB-CU-UP specific key (K CU-UPint K CU-UPenc It can be obtained from existing public user plane keys (K) by gNB-CU-CP 255. UPint and KUPenc (For example, export according to export option 1) or directly from K gNB Export the key (e.g., according to export option 2).

[0144] In the independent user plane key generation performed by gNB-CU-CP 255 as mentioned above in this section, any one or more of the following fresh input parameters can be used in addition to the input key. Furthermore, gNB-CU-CP 255 assigns a DRB group security ID to identify the newly derived gNB-CU-UP specific key (K). CU-UPint K CU-UPenc It also indicates the set of DRBs that can be terminated using the selected specific gNB-CU-UP 260 for UE services and share the same distinct / independent CP / UP-specific UP security context. gNB-CU-CP 255 will assign the DRB group security ID / UP security indicator / UP security ID, DRB ID, gNB-CU-UP ID, and the newly derived gNB-CU-UP-specific key (K). CU-UPint K CU-UPenc It is stored in its local memory as part of the different UP security.

[0145] At step 3, gNB-CU-CP 255 sends an E1-specific UP context setting request message to the selected gNB-CU-UP 260 (see Message Passing 605). Here, the UP context setting request message contains the newly exported user plane key (K). CU-UPint K CU-UPenc This includes any one of the following: UE security capabilities, UP security policy, newly assigned DRB group security ID / UP security indicator, and user plane security separation / fresh input parameters (or IUPS-Counter / RAND / Nonce if required for encryption and integrity protection). Alternatively, instead of the E1 standalone UP context setting request message, the gNB-CU-CP 255 can use an E1 DRB add / modify request in step 3 to achieve a similar purpose with the above content.

[0146] In step 4, gNB-CU-UP 260 will receive the CU-UP specific UP key (K) CU-UPint K CU-UPenc The DRB ID and DRB group security ID are stored in its local memory (see box 607). Furthermore, the gNB-CU-UP 260 considers the UE security capabilities provided by the gNB-CU-CP 255 to select the UP encryption and integrity algorithms with the highest priority from its configured list, and stores these together with the received DRB group security ID / UP security indicator.

[0147] Alternatively, if gNB-CU-CP 255 is aware of the gNB-CU-UP security capabilities used for user plane security (e.g., based on requirements from a third-party application service provider), gNB-CU-CP 255 can select the highest priority UP confidentiality and integrity algorithm—considering both UE security capabilities and gNB-CU-UP security capabilities—and additionally send the UP security algorithm ID to gNB-CU-UP 260. In this alternative scenario, gNB-CU-CP 255 does not need to send the UE security capabilities to gNB-CU-UP 260, because the UP security algorithm selection occurs at gNB-CU-CP 255.

[0148] In this alternative scenario, the gNB-CU-UP 260 locally stores the selected UP integrity and encryption algorithm IDs, as well as the DRB group security ID / UP security indicator. Furthermore, the gNB-CU-UP 260 determines the UP integrity and encryption protection indications, for example, based on local policies and / or the UP security policies provided by the gNB-CU-CP 255.

[0149] At step 5, gNB-CU-UP 260 sends an E1-independent UP context setting response message (see Message Passing 609) to gNB-CU-CP 255, containing the selected UP integrity and encryption algorithm ID (if the UP security algorithm selection occurs at gNB-CU-UP 260), UP integrity protection, and encryption protection indications. Alternatively, if an E1 DRB add / modify request message is received in step 3, gNB-CU-UP 260 may use an E1 DRB add / modify response in step 5 instead of the E1-independent UP context setting response message to achieve a similar purpose as described above.

[0150] At step 6, gNB-CU-CP 255 uses the RRC connection reconfiguration procedure to further activate independent UP security (integrity and encryption / confidentiality activation) as part of the DRB addition procedure (for (multiple) gNB-CU-UP 260 belonging to different security domains) (see Message Passing 611).

[0151] Here, the RRC connection reconfiguration message for independent UP security activation sent from gNB-CU-CP 255 to UE 205 includes the DRB group security ID / UP security indicator for each DRB (to let the UE know what UP security needs to be applied for DRB security and to group all DRBs from the UE that need to apply the same UP security, as that can determine the specific gNB-CU-UP going to a security domain different from the operator-controlled security domain). The RRC connection reconfiguration message may also include an enable UP security separation indicator (i.e., sent only if a new dissimilar / independent UP security export needs to be triggered at the UE), any input parameters used by gNB-CU-CP for dissimilar UP security key (integrity and encryption key) generation and UP security cipher separation (e.g., IUPS-Counter, IUPS-Rand and / or IUPS-Nonce), service information (e.g., S-NSSAI / DNN / 5QI), the selected UP encryption and integrity protection algorithm, and UP integrity and encryption protection indicators. Note that one or more DRBs may have the same DRB group security ID / UP security indicator as determined by gNB-CU-CP 255.

[0152] In one embodiment, gNB-CU-CP 255 sends parameters for each gNB-CU-UP in individual RRC connection reconfiguration requests. In another embodiment, gNB-CU-CP 255 sends parameters aggregated in a single RRC connection reconfiguration request. In some embodiments, fresh input parameters are provided to UE 205 by gNB-CU-CP 255 only when an Enable UP Security Separation Indication is sent.

[0153] If a DRB is added with a previously established DRB group security ID / UP security indicator, it is not necessary to transfer the parameters used for key export or algorithm selection, because UE 205 is able to select the same UP key for (multiple) DRBs with the same DRB group security ID / UP security indicator.

[0154] At step 7a, if UP integrity protection is activated for the DRB as indicated in the RRC connection reconfiguration message, and if gNB-CU-CP provides an 'Enable UP Security Separation Indication', then UE 205, similar to gNB-CU-CP 255, uses any of the above-described export options and the DRB group security ID and / or fresh input parameters provided by gNB-CU-CP 255 to generate a separate UP integrity and confidentiality protection key (i.e., K). CU-UPint and K CU-UPenc ).

[0155] UE 205 locally stores newly generated dissimilar UP keys (K CU-UPint and K CU-UPenc The UE 205 stores the DRB ID and the DRB group security ID / UP security indicator (if provided by gNB-CU-CP 255) and the received DRB group security ID / UP security indicator. If more than one DRB has the same DRB group security ID / UP security indicator during UP security activation as provided by gNB-CU-CP, the UE 205 will only store those DRB IDs and the DRB group security ID / UP security indicator as part of distinct / independent UP security contexts. UP integrity protection for such DRBs with the same DRB group security ID uses K... CU-UPint It begins at UE 205. Similarly, if UP encryption is activated for a DRB as indicated in the RRC connection reconfiguration message, then UP encryption for such DRBs with the same DRB group security ID uses K. CU-UPenc Starts at UE 205.

[0156] If UP integrity protection is activated for a DRB as indicated in an RRC connection reconfiguration message, and if gNB-CU-CP 255 does not provide an 'Enable UP Security Separation Indicator', UE 205 identifies and retrieves the relevant dissimilar UP security context already stored locally based on the DRB group security ID / UP security indicator. UE 205 also performs integrity and encryption protection for the corresponding DRB.

[0157] Similarly, the activation of integrity and encryption can be performed using the corresponding UP integrity and encryption keys (K). CU-UP-xint and K CU-UP-xenc For all other DRBs with different DRB group security IDs, as indicated by gNB-CU-CP 255, start at UE 205.

[0158] UE 205 verifies the RRC connection reconfiguration message. If successful:

[0159] • If independent UP integrity protection is activated for a DRB belonging to a DRB group security ID, as indicated in the RRC connection reconfiguration message, and if UE 205 does not have K CU-UPint UE 205 is as described above. Figures 5A-5B Generate K as described CU-UPint Furthermore, UE 205 initiates independent UP integrity protection for such DRBs belonging to a specific DRB group ID, such as... Figure 4B As described in step 9b.

[0160] Similarly, if a separate UP encryption is activated for a DRB belonging to the DRB group security ID, as indicated in the RRC connection reconfiguration message, and if UE 205 does not have K CU-UPenc Then UE 205 generates K as described in Figure 5. CU-UPenc Furthermore, UE 205 initiates UP encryption for such DRBs belonging to a specific DRB group ID, such as... Figure 4B As described in step 9b.

[0161] In one embodiment, if the DRB group security ID / UP security is formatted as: [Service ID|NG RAN assigned ANNonce] (where the symbol '|' indicates concatenation), then the gNB-CU-CP255 skips sending the service ID to the UE 205.

[0162] If UE 205 successfully verifies the integrity of the RRC connection reconfiguration message, then UE 205 sends an RRC connection reconfiguration complete message, along with a UP security activation success indication and a UP security indicator to gNB-CU-CP255.

[0163] At step 7b, if UP encryption is activated for a DRB as indicated in the RRC connection reconfiguration message, then UP encryption for such a DRB (identified by the indicated DRB group security ID) can use a specific K CU-UPenc It begins at gNB (i.e., gNB-CU-UP 260) (see box 615).

[0164] Note that on the UE side, UE 205 uses an UP security indicator to uniquely identify dissimilar UP security contexts to protect UP message packets belonging to the DRB, as indicated by gNB-CU-CP 255 in the RRC reconfiguration message. If a dissimilar UP security context is already available for an UP security indicator, UE 205 uses the UP security indicator to uniquely identify the dissimilar UE security context stored locally on UE 205.

[0165] At step 8a, if gNB-CU-CP 255 receives an RRC reconfiguration complete message along with an UP security activation success indication and an UP security indicator, then gNB-CU-CP 255 activates UP encryption and integrity protection at gNB-CU-UP 260 by sending an E1 / CU-UP reconfiguration complete / E1-independent UP context setting Ack message containing the DRB group security ID and the UP security activation success indication to gNB-CU-UP 260 (see Message Passing 617).

[0166] At step 8b, if UP integrity protection is activated for a DRB as indicated in the RRC connection reconfiguration message, then UP integrity protection for such a DRB (identified by the indicated DRB group security ID) can use a specific K CU-UPint It begins at gNB (i.e., gNB-CU-UP) (see box 619).

[0167] Regarding the cipher separation in the UP confidentiality mechanism, in addition to message packets, 5-bit bearer identifiers, 1-bit direction values, and 32-bit PDCP counts, the DRB group security ID (which can be between 3 and 6 bits) assigned by the access network (i.e., gNB-CU-CP255) and / or any fresh inputs (such as current values ​​and / or random numbers and / or counters assigned and provided by gNB-CU-CP 255) can also be used by UE 205 and gNB 210 as input parameters for the user plane confidentiality protection algorithm.

[0168] Regarding the cipher separation in the UP integrity mechanism, in addition to message packets, 5-bit bearer identifiers, 1-bit direction values, and 32-bit PDCP counts, the DRB group security ID (which can be between 3 and 6 bits) assigned by the access network (i.e., gNB-CU-CP255) and / or any fresh input (e.g., current values ​​and / or random numbers and / or counters assigned and provided by gNB-CU-CP 255) can also be used by UE 205 and gNB 210 as input parameters for the user plane integrity protection algorithm.

[0169] Note that the second process 600 can also be used in other scenarios, such as for the reactivation or addition of a DRB. The same principle as described above applies.

[0170] According to the second solution, the different sets of security keys used for each gNB-CU-CP 255 remain transparent to the UE 205. Therefore, the UE 205 may not need to, or even be able to, determine which DRBs are placed in which CU-CP element. The network architecture is thus hidden from the UE 205. Figure 7A and Figure 7B This demonstrates how 5G-NR topology hiding can be achieved.

[0171] One way to achieve 5G-NR topology hiding is to configure and reconfigure any DRB to use one of the existing security contexts. Additionally, the network can configure more than one security context even for (multiple) (data) radio bearers terminated in the same CU-CP element. This could result in 'm' security contexts being used for 'n' (data) radio bearers, where 'm' can be less than, equal to, or greater than 'n'. If, for example, the next key in the upper layer changes (K... gNBK AMF If the security context (or similar) is not used, then the unused security context can even be updated / refreshed / rekeyed. Security context (key) generation occurs as described in one of the preceding embodiment solutions.

[0172] Figure 7A A first scenario for UP security settings with 5G-NR topology hiding is depicted. In the depicted example, a first bearer (“Bearer 1”) using a first key (“Key 1”) and a second bearer (“Bearer 2”) using a second key (“Key 2”) terminate at a first CU-UP element (“CU-UP1”) 701, where keys can be derived accordingly specific to the corresponding bearer. Additionally, a third bearer (“Bearer 3”) using a third key (“Key 3”) terminates at a second CU-UP element (“CU-UP2”) 703. However, this network architecture is hidden from UE 205. Here, UE 205 sees the three bearers and uses separate keys without knowing which bearer might terminate in which CU-UP element.

[0173] Figure 7B A second scenario is depicted for UP security settings with 5G-NR topology hiding. In the depicted example, a first bearer (“Bearer 1”) using a first key (“Key 1”) and a second bearer (“Bearer 2”) also using the first key terminate at different CU-UP elements, namely CU-UP1 701 and CU-UP2 703. Additionally, a third bearer (“Bearer 3”) using the second key (“Key 2”) terminates at a third CU-UP element (“CU-UP3”) 705. However, this network architecture is hidden from UE 205. Here, the two bearers terminate in different gNB-CU-UPs, but the bearers across CU-UPs share the same key, and the vulnerable gNB-CU-UP uses its own key (which is not visible to UE 205).

[0174] Figure 8 User equipment device 800, which can be used for multi-UP security settings according to embodiments of the present disclosure, is depicted. In various embodiments, user equipment device 800 is used to implement one or more of the solutions described above. User equipment device 800 may be an embodiment of the remote unit 105 and / or UE 205 described above. In addition, user equipment device 800 may include processor 805, memory 810, input device 815, output device 820, and transceiver 825.

[0175] In some embodiments, input device 815 and output device 820 are combined into a single device, such as a touchscreen. In some embodiments, user equipment device 800 may not include any input device 815 and / or output device 820. In various embodiments, user equipment device 800 may include one or more of the following: processor 805, memory 810, and transceiver 825, and may not include input device 815 and / or output device 820.

[0176] As depicted, transceiver 825 includes at least one transmitter 830 and at least one receiver 835. In some embodiments, transceiver 825 communicates with one or more cells (or radio coverage areas) supported by one or more base station units 121. In various embodiments, transceiver 825 may operate on unlicensed spectrum. Furthermore, transceiver 825 may include multiple UE panels supporting one or more beams. Additionally, transceiver 825 may support at least one network interface 840 and / or application interface 845. The application interface(s) 845 may support one or more APIs. The network interface(s) 840 may support 3GPP reference points such as Uu, N1, PC5, etc. Other network interfaces 840 may be supported, as will be understood by those skilled in the art.

[0177] In one embodiment, processor 805 may include any known controller capable of executing computer-readable instructions and / or performing logical operations. For example, processor 805 may be a microcontroller, microprocessor, central processing unit (“CPU”), graphics processing unit (“GPU”), auxiliary processing unit, field-programmable gate array (“FPGA”), or similar programmable controller. In some embodiments, processor 805 executes instructions stored in memory 810 to perform the methods and routines described herein. Processor 805 is communicatively coupled to memory 810, input device 815, output device 820, and transceiver 825. In some embodiments, processor 805 may include an application processor (also referred to as a “main processor”) that manages application domain and operating system (“OS”) functions, and a baseband processor (also referred to as a “baseband radio processor”) that manages radio functions.

[0178] In various embodiments, processor 805 controls user equipment device 800 to implement the UE behavior described above. For example, via transceiver 825, processor 805 can send UE capabilities for supporting multiple UP security contexts to the network (i.e., to the AMF) in a NAS message. Transceiver 825 further receives AS SMC messages from the CU-CP node in the RAN (i.e., gNB-CU-CP 255) and at least one RRC reconfiguration message from the CU-CP node to activate dissimilar / independent UP security for a specific DRB at the UE.

[0179] Here, the AS SMC message contains a UP security indicator (also referred to as the UP security ID or DRB group security ID) and the associated UP protection algorithm (i.e., encryption and integrity algorithms for dissimilar UP security). Note that the AS SMC message may also contain common RRC and UP security algorithms. Furthermore, each of the (multiple) RRC reconfiguration messages contains a UP security indicator, an enable UP security separation indicator, at least one fresh parameter, and a UP security indicator (e.g., UP security integrity and encryption indicators). In some embodiments, the UP security indicator may contain conventional UP security information.

[0180] Note that, depending on the UP termination point selected for the UP traffic to the UE, the SMC message and the (multiple) RRC reconfiguration messages may contain the same or different fresh parameters. When the same CU-UP is selected, the (multiple) fresh parameters will be the same. However, when different CU-UPs are selected, the (multiple) fresh parameters will be different. In various embodiments, at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN, and 5QI parameters.

[0181] Processor 805 uses KDF to derive dissimilar UP integrity and encryption keys (K CU-UPint and K CU-UPenc The transceiver 825 sends a UP security activation success indication along with a UP security indicator to the CU-CP node in the RRC connection reconfiguration completion message. In some embodiments, the processor 805 uses the RAN node key (i.e., K...). gNB The distinct UP integrity and encryption key (i.e., K) is derived using the input key and the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the input as additional inputs to the KDF. CU-UPint and K CU-UPenc ).

[0182] In some embodiments, processor 805, in response to receiving an Enable UP Security Detachment instruction in an RRC reconfiguration message, derives a distinct UP integrity and encryption key (i.e., K). CU-UPint and K CU-UPenc In some embodiments, the processor 805 uses the public UP integrity key (i.e., K). UPint The distinct UP integrity key (i.e., K) is derived by using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs to the KDF. CU-UPint In some embodiments, the processor 805 uses a public UP encryption key (i.e., K).UPenc The KDF is derived by using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs to the KDF. CU-UPenc ).

[0183] In some embodiments, processor 805 stores the received UP security indicator, at least one fresh parameter, and UP protection algorithm (e.g., encryption and integrity algorithm) as part of a dissimilar UP security context at memory 810, for example, after a successful AS SMC procedure. In such embodiments, processor 805 uses the UP security indicator to uniquely identify the dissimilar UE security context locally stored at the UE. In various embodiments, the dissimilar UE security context includes the UP security indicator, at least one fresh parameter, UP protection algorithm (e.g., encryption and integrity algorithm for dissimilar UP security), UP integrity, and encryption key (i.e., K). CU-UPint and K CU-UPenc ), at least one DRB ID and UP security indication (e.g., UP security integrity and encryption indication).

[0184] In some embodiments, processor 805 further verifies the RRC reconfiguration message and, in response to successful RRC reconfiguration message verification, stores (i.e., newly derived) the dissimilar UP integrity and encryption key (K) at memory 810. CU-UPint and K CU-UPenc The processor 805 uses the UP security indicator and at least one fresh parameter as part of a distinct (i.e., independent) UP security context. In some embodiments, the processor 805 uses the UP security indicator to uniquely identify distinct UP security contexts to protect UP message packets belonging to a DRB, such as that indicated by an RRC reconfiguration message.

[0185] In some embodiments, the processor 805 uses the UP message packet, the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the at least one fresh parameter as input to the UP integrity protection algorithm, wherein the processor 805 uses the UP integrity key (i.e., K) corresponding to the UP security indicator. CU-UPint This is used for UP integrity protection. In some embodiments, the processor 805 uses the UP message packet, the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as input to the UP encryption protection / confidentiality protection algorithm, and wherein the processor 805 uses the UP encryption key (i.e., K) corresponding to the UP security indicator. CU-UPenc Used for UP confidentiality protection.

[0186] In one embodiment, memory 810 is a computer-readable storage medium. In some embodiments, memory 810 includes volatile computer storage media. For example, memory 810 may include RAM, including dynamic RAM (“DRAM”), synchronous dynamic RAM (“SDRAM”), and / or static RAM (“SRAM”). In some embodiments, memory 810 includes non-volatile computer storage media. For example, memory 810 may include a hard disk drive, flash memory, or any other suitable non-volatile computer storage device. In some embodiments, memory 810 includes both volatile and non-volatile computer storage media.

[0187] In some embodiments, memory 810 stores data related to setting the multi-UP security context. For example, memory 810 may store various parameters, panel / beam configurations, resource assignments, policies, etc., as described above. In some embodiments, memory 810 also stores program code and related data, such as an operating system or other controller algorithms operating on device 800.

[0188] In one embodiment, input device 815 may include any known computer input device, including a touch panel, buttons, keyboard, stylus, microphone, etc. In some embodiments, input device 815 may be integrated with output device 820, for example, as a touchscreen or similar touch-sensitive display. In some embodiments, input device 815 includes a touchscreen, allowing text to be entered using a virtual keyboard displayed on the touchscreen and / or by handwriting on the touchscreen. In some embodiments, input device 815 includes two or more different devices, such as a keyboard and a touch panel.

[0189] In one embodiment, output device 820 is designed to output visual, auditory, and / or tactile signals. In some embodiments, output device 820 includes an electronically controllable display or display device capable of outputting visual data to a user. For example, output device 820 may include, but is not limited to, LCD displays, LED displays, OLED displays, projectors, or similar display devices capable of outputting images, text, etc., to a user. As another non-limiting example, output device 820 may include a wearable display, such as a smartwatch, smart glasses, head-up display, etc., that is separate from but communicatively coupled to the rest of user equipment device 800. Furthermore, output device 820 may be a component of a smartphone, personal digital assistant, television, desktop computer, laptop computer, personal computer, vehicle dashboard, etc.

[0190] In some embodiments, output device 820 includes one or more speakers for generating sound. For example, output device 820 may generate an auditory alarm or notification (e.g., a beep or ringtone). In some embodiments, output device 820 includes one or more haptic devices for generating vibration, motion, or other haptic feedback. In some embodiments, all or part of output device 820 may be integrated with input device 815. For example, input device 815 and output device 820 may form a touchscreen or similar touch-sensitive display. In other embodiments, output device 820 may be located near input device 815.

[0191] Transceiver 825 communicates with one or more network functions of a mobile communication network via one or more access networks. Transceiver 825 operates under the control of processor 805 to transmit and receive messages, data, and other signals. For example, processor 805 may selectively activate transceiver 825 (or a portion thereof) at specific times to send and receive messages.

[0192] Transceiver 825 includes at least a transmitter 830 and at least one receiver 835. One or more transmitters 830 can be used to provide UL communication signals to base station unit 121, such as UL transmissions described herein. Similarly, as described herein, one or more receivers 835 can be used to receive DL communication signals from base station unit 121. Although only one transmitter 830 and one receiver 835 are illustrated, user equipment device 800 can have any suitable number of transmitters 830 and receivers 835. Furthermore, the transmitter(s) 830 and receiver(s) 835 can be of any suitable type. In one embodiment, transceiver 825 includes a first transmitter / receiver pair for communicating with a mobile communication network on licensed radio spectrum and a second transmitter / receiver pair for communicating with a mobile communication network on unlicensed radio spectrum.

[0193] In some embodiments, a first transmitter / receiver pair for communicating with a mobile communication network on licensed radio spectrum and a second transmitter / receiver pair for communicating with a mobile communication network on unlicensed radio spectrum may be combined into a single transceiver unit, such as a single chip performing functions for both licensed and unlicensed radio spectrum. In some embodiments, the first transmitter / receiver pair and the second transmitter / receiver pair may share one or more hardware components. For example, certain transceivers 825, transmitters 830, and receivers 835 may be implemented as physically separate components that access shared hardware and / or software resources, such as a network interface 840.

[0194] In various embodiments, one or more transmitters 830 and / or one or more receivers 835 may be implemented and / or integrated into a single hardware component, such as a multi-transceiver chip, system-on-a-chip, ASIC, or other type of hardware component. In some embodiments, one or more transmitters 830 and / or one or more receivers 835 may be implemented and / or integrated into a multi-chip module. In some embodiments, other components such as network interface 840 or other hardware components / circuitets may be integrated with any number of transmitters 830 and / or receivers 835 into a single chip. In such embodiments, transmitters 830 and receivers 835 may be logically configured as transceivers 825 using a more common control signal or as modular transmitters 830 and receivers 835 implemented in the same hardware chip or multi-chip module.

[0195] Figure 9 A network device apparatus 900, which can be used to set up a multi-UP security context according to embodiments of the present disclosure, is depicted. In one embodiment, the network device apparatus 900 may be an implementation of a RAN node, such as base station unit 121, RAN node 210, or gNB as described above. Furthermore, the network device apparatus 900 may include a processor 905, a memory 910, an input device 915, an output device 920, and a transceiver 925.

[0196] In some embodiments, input device 915 and output device 920 are combined into a single device, such as a touchscreen. In some embodiments, network device device 900 may not include any input device 915 and / or output device 920. In various embodiments, network device device 900 may include one or more of the following: processor 905, memory 910, and transceiver 925, and may not include input device 915 and / or output device 920.

[0197] As depicted, transceiver 925 includes at least one transmitter 930 and at least one receiver 935. Here, transceiver 925 communicates with one or more remote units 105. Additionally, transceiver 925 may support at least one network interface 940 and / or application interface 945. The application interfaces 945 may support one or more APIs. The network interfaces 940 may support 3GPP reference points such as Uu, N1, N2, and N3. Other network interfaces 940 may be supported, as will be understood by those skilled in the art.

[0198] In one embodiment, processor 905 may include any known controller capable of executing computer-readable instructions and / or performing logical operations. For example, processor 905 may be a microcontroller, microprocessor, CPU, GPU, auxiliary processing unit, FPGA, or similar programmable controller. In some embodiments, processor 905 executes instructions stored in memory 910 to perform the methods and routines described herein. Processor 905 is communicatively coupled to memory 910, input device 915, output device 920, and transceiver 925.

[0199] In various embodiments, network device apparatus 900 is a RAN node (e.g., gNB) that sends UE configuration and receives measurement reports, as described herein. In such embodiments, processor 905 controls network device apparatus 900 to perform the actions described above. When operating as a RAN node, processor 905 may include an application processor (also referred to as the "main processor") that manages application domain and operating system ("OS") functions and a baseband processor (also referred to as the "baseband radio processor") that manages radio functions.

[0200] In various embodiments, processor 905 controls network device 900 to implement the above-described gNB-CU-UP behavior. For example, processor 905 can derive dissimilar UP integrity and encryption keys (i.e., K) for selected CU-UP nodes in the RAN. CU-UPint and K CU-UPenc The export uses KDF. Processor 905 assigns a UP security identifier (also known as a UP security ID or DRB group security ID) to uniquely identify the exported distinct UP integrity and encryption key (i.e., KDF). CU-UPint and K CU-UPenc Transceiver 925 then issues a setup request to the selected CU-UP node, the setup request including an UP security indicator and a distinct UP integrity and encryption key. As discussed herein, the setup request may also include one or more fresh parameters for integrity and encryption protection. Furthermore, transceiver 925 receives a setup response from the selected CU-UP node, and processor 905 activates distinct UP security at the UE.

[0201] In some embodiments, processor 905 activates dissimilar UP security at the UE by controlling transceiver 925 to send an AS SMC message to the UE. Here, the AS SMC message may include a UP security indicator, at least one fresh parameter, and a selected UP protection algorithm (i.e., encryption and integrity algorithms). Note that the AS SMC message may also include common RRC and UP security algorithms. Furthermore, processor 905 independently activates UP security for a set of DRBs by sending an RRC reconfiguration message per DRB to the UE. The RRC reconfiguration message may include a UP security indicator, an enable UP security separation indicator, at least one fresh parameter, and a UP security indicator (e.g., UP security integrity and encryption indicators). In some embodiments, the UP security indicator may include conventional UP security information.

[0202] Note that SMC messages and (multiple) RRC reconfiguration messages can contain the same or different fresh parameters, depending on the UP termination point selected for the UP service for the UE. When the same CU-UP is selected, (multiple) fresh parameters will be the same. However, when different CU-UPs are selected, (multiple) fresh parameters will be different.

[0203] In some embodiments (e.g., when the UE is connected and at least one DRB is already in use), the processor 905 activates dissimilar UP security at the UE by sending an RRC reconfiguration message to the UE via the control transceiver 925. The RRC reconfiguration message includes a UP security indicator, an enable UP security separation indicator, at least one fresh parameter, a selected UP protection algorithm (i.e., encryption and integrity algorithms), and a UP security indication (e.g., UP security integrity and encryption indication). In some embodiments, the UP security indication may contain conventional UP security information.

[0204] In some embodiments, transceiver 925 further receives an RRC connection reconfiguration complete message from the UE, the RRC connection reconfiguration complete message including a UP security activation success indication and a UP security indicator. In such an embodiment, transceiver 925 sends an acknowledgment message to the selected CU-UP node (i.e., in any E1 message for each option 1; alternatively, in an E1 / CU-UP reconfiguration complete / E1_Independent UP context setting acknowledgment message for each option 2) to notify of successful UP security activation, the acknowledgment message including the UP security indicator and a UP security activation success indication.

[0205] In the above embodiment, the processor 905 uses the RAN node key (i.e., K). gNBThe distinct UP key (i.e., K) is derived by using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs to the KDF. CU-UPint and K CU-UPenc Here, at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN and 5QI parameters (i.e., each RRC reconfiguration message per DRB also includes at least one fresh parameter for deriving the dissimilar UP key).

[0206] In some embodiments, the processor 905 uses the public UP integrity key (i.e., K). UPint The distinct UP integrity key (i.e., K) is derived by using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs to the KDF. CU-UPint Furthermore, the processor 905 uses a public UP encryption key (i.e., K). UPenc The KDF is derived by using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs to the KDF. CU-UPenc In such an embodiment, at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN, and 5QI parameters.

[0207] In some embodiments, transceiver 925 receives UE service information from network functions (i.e., AMF or SMF). Here, the UE service information includes at least one of S-NSSAI, DNN, and 5QI parameters. In such embodiments, processor 905 selects a CU-UP node based on the UE service information. In some embodiments, transceiver 925 receives UE capabilities for supporting multiple UP security contexts. In such embodiments, processor 905 selects a CU-UP node based on the received UE capabilities.

[0208] In some embodiments, the processor 905 determines the differential UP security context with cryptographic separation from the public UP security context based on at least one of the following: the trust level of the selected CU-UP node, security domain information, deployment location, and local policies of the device.

[0209] In some embodiments, the setup request message further includes the UE's security capabilities. In such embodiments, the setup response message includes a UP protection algorithm selected by the CU-UP node based on the UE's security capabilities and the security capabilities of the selected CU-UP node. As described above, the UP protection algorithm may include encryption algorithms and integrity algorithms.

[0210] In some embodiments, transceiver 925 receives the security capabilities of the selected CU-UP node, and processor 905 performs UP encryption and integrity algorithm negotiation and selection based on the security capabilities of the selected CU-UP node and also based on the security capabilities of the UE. In some embodiments, the setup request message also includes the selected UP encryption and integrity algorithm.

[0211] In some embodiments, the processor 905 will assign the UP security indicator, at least one fresh parameter, the corresponding newly derived dissimilar UP integrity, and the encryption key (i.e., K). CU-UPint and K CU-UPenc The processor 905 stores the selected UP encryption and integrity algorithm, the UE ID, and the identifier of the selected CU-UP node in the local memory 910. In some embodiments, the processor 905 further stores the UE identifier and at least one DRB identifier (if any) in the local memory 910.

[0212] In various embodiments, processor 905 controls network device 900 to implement the gNB-CU-CP behavior described above. For example, via transceiver 925, processor 905 can receive a setup request message from a CU-CP node (i.e., gNB-CU-CP) in the RAN, the setup request including an UP security indicator (also known as a UP security ID or DRB group security ID), UE security capabilities, and distinct UP integrity and encryption keys. Processor 905 selects an UP encryption and integrity algorithm based on the received UE security capabilities. Via transceiver 925, processor 905 sends the selected UP encryption and integrity algorithm to the CU-CP node (e.g., in any E1 message) and receives from the CU-CP node a UP security activation success indication and an UP security indicator (e.g., in any E1 message).

[0213] In some embodiments, selecting UP encryption and integrity algorithms based on UE security capabilities includes selecting the highest priority UP encryption algorithm from a configured algorithm list and selecting the highest priority UP integrity algorithm from a configured algorithm list. In some embodiments, the processor 905 receives the UP security indicator, the distinct UP integrity and encryption key (K... CU-UPint and K CU-UPenc At least one fresh parameter, UE security capabilities, and the selected UP encryption and integrity algorithm are stored in local memory 910.

[0214] In some embodiments, the processor 905 activates UP integrity and encryption protection in response to receiving a UP security activation success indication and a UP security indicator from the CU-CP node. In some embodiments, the processor 905 applies a different UP integrity and encryption key (i.e., K) received from the CU-CP node. CU-UPint and K CU-UPenc This is used to activate UP integrity and encryption protection for UP messages and / or DRBs terminated at the gNB-CU-CP side.

[0215] In various embodiments, the setup request message further includes at least one fresh parameter. In such embodiments, the at least one fresh parameter includes one or more of the following: a current value, a random number, a counter, S-NSSAI, a DNN, and a 5QI parameter. In some embodiments, the processor 905 uses the UP message packet, the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the at least one fresh parameter as input to the UP integrity protection algorithm, wherein the UP integrity key (i.e., K) corresponding to the UP security indicator... CU-UPint Used for UP integrity protection.

[0216] In some embodiments, the processor 905 uses the UP message packet, the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as input to the UP encryption protection / confidentiality protection algorithm, wherein the UP encryption key (i.e., K) corresponding to the UP security indicator... CU-UPenc Used for UP confidentiality protection.

[0217] In one embodiment, memory 910 is a computer-readable storage medium. In some embodiments, memory 910 includes volatile computer storage media. For example, memory 910 may include RAM, including dynamic RAM (“DRAM”), synchronous dynamic RAM (“SDRAM”), and / or static RAM (“SRAM”). In some embodiments, memory 910 includes non-volatile computer storage media. For example, memory 910 may include a hard disk drive, flash memory, or any other suitable non-volatile computer storage device. In some embodiments, memory 910 includes both volatile and non-volatile computer storage media.

[0218] In some embodiments, memory 910 stores data related to setting multiple UP security contexts. For example, memory 910 may store parameters, configurations, resource assignments, policies, etc., as described above. In some embodiments, memory 910 also stores program code and related data, such as an operating system or other controller algorithms operating on device 900.

[0219] In one embodiment, input device 915 may include any known computer input device, including a touch panel, buttons, keyboard, stylus, microphone, etc. In some embodiments, input device 915 may be integrated with output device 920, for example, as a touchscreen or similar touch-sensitive display. In some embodiments, input device 915 includes a touchscreen, allowing text to be entered using a virtual keyboard displayed on the touchscreen and / or by handwriting on the touchscreen. In some embodiments, input device 915 includes two or more different devices, such as a keyboard and a touch panel.

[0220] In one embodiment, output device 920 is designed to output visual, auditory, and / or tactile signals. In some embodiments, output device 920 includes an electronically controllable display or display device capable of outputting visual data to a user. For example, output device 920 may include, but is not limited to, LCD displays, LED displays, OLED displays, projectors, or similar display devices capable of outputting images, text, etc., to a user. As another non-limiting example, output device 920 may include a wearable display, such as a smartwatch, smart glasses, head-up display, etc., separate from but communicatively coupled to the rest of network device device 900. Furthermore, output device 920 may be a component of a smartphone, personal digital assistant, television, desktop computer, laptop computer, personal computer, vehicle dashboard, etc.

[0221] In some embodiments, output device 920 includes one or more speakers for generating sound. For example, output device 920 may generate an auditory alarm or notification (e.g., a beep or ringtone). In some embodiments, output device 920 includes one or more haptic devices for generating vibration, motion, or other haptic feedback. In some embodiments, all or part of output device 920 may be integrated with input device 915. For example, input device 915 and output device 920 may form a touchscreen or similar touch-sensitive display. In other embodiments, output device 920 may be located near input device 915.

[0222] Transceiver 925 includes at least a transmitter 930 and at least one receiver 935. As described herein, one or more transmitters 930 can be used to communicate with a UE. Similarly, as described herein, one or more receivers 935 can be used to communicate with network functions in a PLMN and / or RAN. Although only one transmitter 930 and one receiver 935 are illustrated, the network device apparatus 900 can have any suitable number of transmitters 930 and receivers 935. Furthermore, the transmitter(s) 930 and receiver(s) 935 can be of any suitable type.

[0223] Figure 10 An embodiment of a method 1000 for setting multiple UP security contexts according to embodiments of the present disclosure is described. In various embodiments, method 1000 is performed by a RAN central unit control plane node in a mobile communication network, such as base station unit 121, gNB-CU-CP 215, and / or network device 900 as described above. In some embodiments, method 1000 is performed by a processor, such as a microcontroller, microprocessor, CPU, GPU, auxiliary processing unit, FPGA, etc.

[0224] Method 1000 begins and derives a 1005 distinct UP integrity and encryption key for a selected CU-UP node in the RAN (e.g., gNB-CU-UP 260), the deriving using KDF. Method 1000 includes assigning a 1010 UP security indicator to uniquely identify the derived distinct UP integrity and encryption key.

[0225] Method 1000 includes sending a 1015 setup request to the selected CU-UP node, the setup request including an UP security indicator and a dissimilar UP integrity and encryption key. Method 1000 includes receiving a 1020 setup response from the selected CU-UP node. Method 1000 includes activating 1025 dissimilar UP security at the UE. Method 1000 ends.

[0226] Figure 11 One embodiment of a method 1100 for setting multiple UP security contexts according to embodiments of the present disclosure is described. In various embodiments, method 1100 is performed by a RAN central unit user plane node in a mobile communication network, such as base station unit 121, gNB-CU-UP 220, and / or network device 900 as described above. In some embodiments, method 1100 is performed by a processor, such as a microcontroller, microprocessor, CPU, GPU, auxiliary processing unit, FPGA, etc.

[0227] Method 1100 begins by receiving a 1105 setup request message from a CU-CP node in the RAN (e.g., gNB-CU-CP255), the setup request including an UP security indicator, UE security capabilities, and distinct UP integrity and encryption keys. Method 1100 includes selecting an 1110 UP encryption and integrity algorithm based on the received UE security capabilities. Method 1100 includes sending the selected UP encryption and integrity algorithm to the CU-CP node. Method 1100 includes receiving an 1120 UP security activation success indication and the UP security indicator from the CU-CP node. Method 1100 ends.

[0228] Figure 12One embodiment of a method 1200 for setting multiple UP security contexts according to embodiments of the present disclosure is described. In various embodiments, method 1200 is performed by a user equipment device in a mobile communication network, such as remote unit 105, UE 205 and / or user equipment device 800 as described above. In some embodiments, method 1200 is performed by a processor, such as a microcontroller, microprocessor, CPU, GPU, auxiliary processing unit, FPGA, etc.

[0229] Method 1200 begins by sending 1205, in a NAS message, to the network (i.e., to the AMF) for UE capabilities supporting multiple UP security contexts. Method 1200 includes receiving a 1210 ASSMC message from a CU-CP node in the RAN (e.g., gNB-CU-CP 255), the ASSMC message including a UP security indicator and associated UP protection algorithms (i.e., encryption and integrity algorithms for dissimilar UP security). Method 1200 includes receiving at least one 1215 RRC reconfiguration message from the CU-CP node to activate dissimilar / independent UP security at the UE for a specific DRB, the at least one RRC reconfiguration message including a UP security indicator, an enable UP security separation indicator, and at least one fresh parameter. Method 1200 includes using KDF to derive a 1220 dissimilar UP integrity and encryption key (i.e., K... CU-UPint and K CU-UPenc Method 1200 includes sending a UP security activation success indication along with a UP security indicator to the CU-CP node in the RRC connection reconfiguration completion message (1225). Method 1200 ends.

[0230] This document discloses a first apparatus for setting multiple UP security contexts according to embodiments of the present disclosure. The first apparatus can be implemented by a RAN central unit control plane (“CU-CP”) node in a mobile communication network, such as the base station unit 121, gNB-CU-CP 215, and / or network device 900 described above. The first apparatus includes a transceiver and a processor that derives distinct user plane (“UP”) integrity and encryption keys (i.e., K) for selected central unit user plane (“CU-UP”) nodes in the RAN. CU-UPint and K CU-UPenc The export uses a key export function (“KDF”). The processor assigns a UP security identifier (also known as a UP security identifier / DRB security ID) to uniquely identify the exported distinct UP integrity and encryption key (i.e., K...). CU-UPint and K CU-UPencThe transceiver then sends a setup request to the selected CU-UP node, the setup request containing an UP security indicator and a distinct UP integrity and encryption key. The transceiver receives a setup response from the selected CU-UP node and the processor activates distinct UP security at the UE.

[0231] In some embodiments, activating dissimilar UP security at the UE includes sending an Access Layer (“AS”) Security Mode Command (“SMC”) message to the UE and independently activating UP security by sending at least one Radio Resource Control (“RRC”) reconfiguration message (i.e., per DRB) for a set of Data Radio Bearers (“DRBs”). Here, the AS SMC message may include a UP security indicator, at least one fresh parameter, and a selected UP protection algorithm (i.e., encryption and integrity algorithms for dissimilar UP security). Furthermore, the RRC reconfiguration message may include a UP security indicator, an enable UP security separation indicator, and at least one fresh parameter and a UP security indicator (e.g., integrity and encryption indicators).

[0232] In some embodiments, activating dissimilar UP security at the UE includes sending an RRC reconfiguration message to the UE, the RRC reconfiguration message including a UP security indicator, an enable UP security separation indicator, at least one fresh parameter, a selected UP protection algorithm (i.e., encryption and integrity algorithms), and a UP security indication (e.g., conventional UP security information).

[0233] In some embodiments, the transceiver further receives an RRC connection reconfiguration complete message from the UE, the RRC connection reconfiguration complete message including a UP security activation success indication and a UP security indicator. In such an embodiment, the transceiver sends an acknowledgment message to the selected CU-UP node to notify of successful UP security activation, the acknowledgment message including the UP security indicator and the UP security activation success indication.

[0234] In the above embodiments, the processor uses the RAN node key (i.e., K). gNB The distinct UP key (i.e., K) is derived by using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the at least one fresh parameter as additional inputs to the KDF. CU-UPint and K CU-UPenc Here, at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN and 5QI parameters (i.e., each RRC reconfiguration message per DRB also includes at least one fresh parameter for deriving the dissimilar UP key).

[0235] In some embodiments, the processor uses the public UP integrity key (i.e., K).UPint The distinct UP integrity key (i.e., K) is derived by using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the at least one fresh parameter as additional inputs to the KDF. CU-UPint In addition, the processor uses the public UP encryption key (i.e., K). UPenc The distinct UP encryption key (i.e., K) is derived by using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the at least one fresh parameter as additional inputs to the KDF. CU-UPenc In such an embodiment, at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN, and 5QI parameters.

[0236] In some embodiments, the transceiver receives UE service information from network functions (i.e., AMF or SMF). Here, the UE service information includes at least one of S-NSSAI, DNN, and 5QI parameters. In such embodiments, the processor selects a CU-UP node based on the UE service information. In some embodiments, the transceiver receives UE capabilities for supporting multiple UP security contexts. In such embodiments, the processor selects a CU-UP node based on the received UE capabilities.

[0237] In some embodiments, the processor determines to derive a distinct UP security context with cryptographic separation from the public UP security context based on at least one of the following: the trust level of the selected CU-UP node, security domain information, deployment location, and local policies of the device.

[0238] In some embodiments, the setup request message further includes the UE's security capabilities. In such embodiments, the setup response message includes a UP protection algorithm selected by the CU-UP node based on the UE's security capabilities and the security capabilities of the selected CU-UP node. As described above, the UP protection algorithm may include encryption and integrity algorithms.

[0239] In some embodiments, the transceiver receives the security capabilities of the selected CU-UP node, and the processor performs UP encryption and integrity algorithm negotiation and selection based on the security capabilities of the selected CU-UP node and also based on the security capabilities of the UE. In some embodiments, the setup request message further includes the selected UP encryption and integrity algorithm.

[0240] In some embodiments, the processor will assign the UP security indicator, at least one fresh parameter, the corresponding newly derived dissimilar UP integrity and encryption key (i.e., K) CU-UPint and K CU-UPencThe corresponding selected UP encryption and integrity algorithm, UE ID, identifier of the selected CU-UP node, and at least one DRB identifier are stored in the local memory.

[0241] According to embodiments of this disclosure, a first method for setting multiple UP security contexts is disclosed herein. The first method can be performed by a RAN CU-CP node in a mobile communication network, such as base station unit 121, gNB-CU-CP 215, and / or network device 900 as described above. The first method includes deriving distinct UP integrity and encryption keys (i.e., K) for selected CU-UP nodes in the RAN. CU-UPint and K CU-UPenc The export uses KDF. The first method includes assigning a UP security indicator (also known as a UP security descriptor) to uniquely identify the exported distinct UP integrity and encryption key (i.e., KDF). CU-UPint and K CU-UPenc The first method involves sending a setup request to the selected CU-UP node, the setup request including an UP security indicator and a dissimilar UP integrity and encryption key. It also includes receiving a setup response from the selected CU-UP node and activating dissimilar UP security at the UE.

[0242] In some embodiments, activating dissimilar UP security at the UE includes sending an Access Layer (“AS”) Security Mode Command (“SMC”) message to the UE and independently activating UP security for data radio bearers (“DRBs”) by sending an RRC reconfiguration message per DRB to the UE. Here, the AS SMC message may include a UP security indicator, at least one fresh parameter, and a selected UP protection algorithm (i.e., encryption and integrity algorithms). Furthermore, the RRC reconfiguration message may include a UP security indicator, an enable UP security separation indicator, at least one fresh parameter, and a UP security indicator (e.g., integrity and encryption indicators).

[0243] In some embodiments, activating dissimilar UP security at the UE includes sending an RRC reconfiguration message to the UE, the RRC reconfiguration message containing a UP security indicator, an enable UP security separation indicator, at least one fresh parameter, a selected UP protection algorithm (i.e., encryption and integrity algorithm), and a UP security indication (e.g., conventional UP security information).

[0244] In some embodiments, the first method further includes receiving an RRC connection reconfiguration complete message from the UE, the RRC connection reconfiguration complete message including a UP security activation success indication and a UP security indicator. In such embodiments, the first method may further include sending an acknowledgment message to a selected CU-UP node to notify of successful UP security activation, the acknowledgment message including a UP security indicator and a UP security activation success indication.

[0245] In the above embodiments, the dissimilar UP keys (i.e., K) CU-UPint and K CU-UPenc ) can use the RAN node key (i.e., K) gNB The KDF is derived using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs. Here, at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN, and 5QI parameters (i.e., each RRC reconfiguration message per DRB also includes at least one fresh parameter for deriving the distinct UP key).

[0246] In some embodiments, different UP integrity keys (i.e., K) CU-UPint ) can use the public UP integrity key (i.e., K) UPint The KDF is derived using the public UP encryption key (i.e., K) as the input key and with the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs. Furthermore, the public UP encryption key (i.e., K) can be used. UPenc The KDF is derived using the input key and with the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs. In such an embodiment, the at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN, and 5QI parameters.

[0247] In some embodiments, the first method further includes receiving UE service information from a network function (i.e., AMF or SMF). Here, the UE service information includes at least one of S-NSSAI, DNN, and 5QI parameters. In such embodiments, a CU-UP node is selected based on the UE service information. In some embodiments, the first method includes receiving UE capabilities for supporting multiple UP security contexts. In such embodiments, the first method includes selecting a CU-UP node based on the received UE capabilities.

[0248] In some embodiments, the first method includes determining a distinct UP security context with cipher separation from a public UP security context based on at least one of the following: the trust level of the selected CU-UP node, security domain information, deployment location, and local policies of the device.

[0249] In some embodiments, the setup request message further includes the UE's security capabilities. In such embodiments, the setup response message contains a UP protection algorithm selected by the CU-UP node based on the UE's security capabilities and the security capabilities of the selected CU-UP node. As described above, the UP protection algorithm may include encryption algorithms and integrity algorithms.

[0250] In some embodiments, the first method includes receiving the security capabilities of the selected CU-UP node and, based on the security capabilities of the selected CU-UP node and also based on the security capabilities of the UE, performing UP encryption and integrity algorithm negotiation and selection. In some embodiments, the setup request message further includes the selected UP encryption and integrity algorithm.

[0251] In some embodiments, the first method includes assigning an UP security indicator, at least one fresh parameter, a corresponding newly derived dissimilar UP integrity and encryption key (i.e., K). CU-UPint and K CU-UPenc The corresponding selected UP encryption and integrity algorithm, UE ID, identifier of the selected CU-UP node, and at least one DRB identifier are stored in the local memory.

[0252] This document discloses a second apparatus for setting multiple UP security contexts according to embodiments of the present disclosure. The second apparatus can be implemented by a RAN CU-UP node in a mobile communication network, such as base station unit 121, gNB-CU-UP 220, and / or network device 900 as described above. The second apparatus includes a processor and a transceiver that receives a setup request message from a central unit control plane (“CU-CP”) node in the RAN (i.e., gNB-CU-CP), the setup request including a user plane (“UP”) security indicator, user equipment device (“UE”) security capabilities, and distinct UP integrity and encryption keys. The processor selects an UP encryption and integrity algorithm based on the received UE security capabilities. Via the transceiver, the processor transmits the selected UP encryption and integrity algorithm to the CU-CP node and receives from the CU-CP node a UP security activation success indication and an UP security indicator.

[0253] In some embodiments, selecting the UP encryption and integrity algorithm based on the UE security capabilities includes selecting the highest priority UP encryption algorithm from a configured algorithm list and selecting the highest priority UP integrity algorithm from a configured algorithm list. In various embodiments, the setup request message further includes at least one fresh parameter. In such embodiments, the at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN, and 5QI parameters. In some embodiments, the processor receives the UP security indicator, the distinct UP integrity and encryption key (i.e., K...). CU-UPint and K CU-UPenc At least one fresh parameter, UE security capabilities, and the selected UP encryption and integrity algorithm are stored in local memory.

[0254] In some embodiments, the processor activates UP integrity and encryption protection in response to receiving a UP security activation success indication and a UP security indicator from the CU-CP node. In some embodiments, the processor applies a different UP integrity and encryption key (i.e., K) received from the CU-CP node. CU-UPint and K CU-UPenc This is used to activate UP integrity and encryption protection, for encryption and integrity protection of UP messages and / or DRBs terminated on one side of them.

[0255] In some embodiments, the processor uses the UP message packet, the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as input to the UP integrity protection algorithm, wherein the UP integrity key (i.e., K) corresponding to the UP security indicator... CU-UPint Used for UP integrity protection.

[0256] In some embodiments, the processor uses the UP message packet, the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the at least one fresh parameter as input to the UP encryption / confidentiality protection algorithm, wherein the UP encryption key (i.e., K) corresponding to the UP security indicator... CU-UPenc Used for UP confidentiality protection.

[0257] According to embodiments of this disclosure, a second method for setting multiple UP security contexts is disclosed herein. The second method can be performed by a RAN CU-UP node in a mobile communication network, such as base station unit 121, gNB-CU-UP 220, and / or network device 900 as described above. The second method includes receiving a setup request message from a central unit control plane (“CU-CP”) node in the RAN (i.e., gNB-CU-CP) and selecting an UP encryption and integrity algorithm based on received UE security capabilities. The setup request includes a user plane (“UP”) security indicator, user equipment device (“UE”) security capabilities, and distinct UP integrity and encryption keys. The second method includes sending the selected UP encryption and integrity algorithm to the CU-CP node and receiving an UP security activation success indication and an UP security indicator from the CU-CP node.

[0258] In some embodiments, selecting UP encryption and integrity algorithms based on UE security capabilities includes selecting the highest priority UP encryption algorithm from a configured algorithm list and selecting the highest priority UP integrity algorithm from a configured algorithm list. In various embodiments, the setup request message further includes at least one fresh parameter. In such embodiments, the at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN, and 5QI parameters. In some embodiments, the second method includes receiving the UP security indicator, the distinct UP integrity and encryption key (K... CU-UPint and K CU-UPenc At least one fresh parameter, UE security capabilities, and the selected UP encryption and integrity algorithm are stored in local memory.

[0259] In some embodiments, the second method includes activating UP integrity and encryption protection in response to receiving a UP security activation success indication and a UP security indicator from the CU-CP node. In some embodiments, the second method includes applying a distinct UP integrity and encryption key (i.e., K) received from the CU-CP node. CU-UPint and K CU-UPenc This is used to activate UP integrity and encryption protection, for encryption and integrity protection of UP messages and / or DRBs terminated on one side of them.

[0260] In some embodiments, the second method includes using UP message packets, UP security indicators, the length of the UP security indicators, at least one fresh parameter, and the length of the at least one fresh parameter as input to the UP integrity protection algorithm, wherein the UP integrity key (i.e., K) corresponding to the UP security indicator... CU-UPint Used for UP integrity protection.

[0261] In some embodiments, the second method includes using UP message blocks, UP security indicators, the length of the UP security indicators, at least one fresh parameter, and the length of at least one fresh parameter as input to the UP encryption protection / confidentiality protection algorithm, wherein the UP encryption key (i.e., K) corresponding to the UP security indicator... CU-UPenc Used for UP confidentiality protection.

[0262] This document discloses a third means for setting multiple UP security contexts according to embodiments of the present disclosure. The third means may be implemented by a user equipment device in a mobile communication network, such as remote unit 105, UE 205, and / or user equipment device 800 as described above. The third means includes a processor and a transceiver that transmits UE capabilities for supporting multiple UP security contexts to the network (i.e., to the AMF) in a non-access stratum (“NAS”) message. The transceiver further receives access stratum (“AS”) security mode command (“SMC”) messages from a central unit control plane (“CU-CP”) node and at least one RRC reconfiguration message from the CU-CP node to activate dissimilar / independent UP security at the UE for a specific data radio bearer (“DRB”).

[0263] Here, the AS SMC message contains a UP security indicator and the associated UP protection algorithm (i.e., encryption and integrity algorithms for dissimilar UP security). Additionally, at least one RRC reconfiguration message contains a UP security indicator, an enable UP security separation indicator, and at least one fresh parameter.

[0264] The processor uses the Key Derivation Function (“KDF”) to derive the distinct UP integrity and encryption key (K CU-UPint and K CU-UPenc The transceiver sends a UP security activation success indication along with a UP security indicator to the CU-CP node in the RRC connection reconfiguration completion message.

[0265] In some embodiments, the processor stores the received UP security indicator, at least one fresh parameter, and UP protection algorithm (e.g., encryption and integrity algorithm) as part of a dissimilar (i.e., independent) UP security context at the UE memory, for example, after a successful AS SMC procedure. In such embodiments, the processor uses the UP security indicator to uniquely identify the dissimilar UE security context stored locally at the UE. In various embodiments, the dissimilar UE security context includes the UP security indicator, at least one fresh parameter, the UP protection algorithm (e.g., encryption and integrity algorithm for dissimilar UP security), the UP integrity and encryption key (i.e., K... CU-UPint and K CU-UPenc(1) at least one DRB identifier (“ID”) and UP security indication (e.g., UP security integrity and encryption indication).

[0266] In some embodiments, the processor further verifies the RRC reconfiguration message and, in response to a successful RRC reconfiguration message verification, sets (i.e., the newly derived) distinct UP integrity and encryption key (K). CU-UPint and K CU-UPenc The processor stores the UP security indicator and at least one fresh parameter as part of the dissimilar UP security context in the UE memory. In various embodiments, the at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN, and 5QI parameters. In some embodiments, the processor uses the UP security indicator to uniquely identify the dissimilar UP security context to protect UP message packets belonging to the DRB, such as those indicated by the RRC reconfiguration message.

[0267] In some embodiments, the processor, in response to receiving an Enable UP Security Detachment indication in an RRC reconfiguration message, derives a distinct UP integrity and encryption key (i.e., K). CU-UPint and K CU-UPenc In some embodiments, the processor uses the radio access network (“RAN”) node key (i.e., K... gNB The distinct UP integrity and encryption key (i.e., K) is derived using the input key and the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the input as additional inputs to the KDF. CU-UPint and K CU-UPenc ).

[0268] In some embodiments, the processor uses the public UP integrity key (i.e., K). UPint The distinct UP integrity key (i.e., K) is derived by using the UP security indicator, the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs to the KDF. CU-UPint In some embodiments, the processor uses a public UP encryption key (i.e., K). UPenc The KDF is used as the input key and the KDF is derived using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs to the KDF to derive the distinct UP encryption key (i.e., KCU-UPenc).

[0269] In some embodiments, the processor uses the UP message packet, the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the at least one fresh parameter as input to the UP integrity protection algorithm, wherein the UP integrity key (i.e., K) corresponding to the UP security indicator... CU-UPint ) is used for UP integrity protection. In some embodiments, the processor uses the UP message packet, the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as input to the UP encryption protection / confidentiality protection algorithm, wherein the UP encryption key (i.e., K) corresponding to the UP security indicator is... CU-UPenc Used for UP confidentiality protection.

[0270] This document discloses a third method for setting multiple UP security contexts according to embodiments of the present disclosure. The third method can be performed by a user equipment device in a mobile communication network, such as remote unit 105, UE 205, and / or user equipment device 800. The third method includes sending UE capabilities for supporting multiple UP security contexts to the network (i.e., AMF) in a NAS message. The third method further includes receiving an AS SMC message from a CU-CP node and receiving at least one RRC reconfiguration message from the CU-CP node to activate dissimilar / independent UP security at the UE for a specific DRB.

[0271] Here, the AS SMC message contains a UP security indicator and the associated UP protection algorithm (i.e., encryption and integrity algorithms for dissimilar UP security). Note that the AS SMC message may also include common RRC and UP security algorithms. Furthermore, at least one RRC reconfiguration message contains a UP security indicator, an enable UP security separation indicator, and at least one fresh parameter.

[0272] The third method involves using KDF to derive the distinct UP integrity and encryption key (i.e., K... CU-UPint and K CU-UPenc In the RRC connection reconfiguration complete message, the UP security activation success indication along with the UP security indicator is sent to the CU-CP node.

[0273] In some embodiments, the third method includes storing the received UP security indicator, at least one fresh parameter, and UP protection algorithm (e.g., encryption and integrity algorithm) as part of a dissimilar (i.e., independent) UP security context in the UE memory, for example, after a successful AS SMC procedure. In such embodiments, the third method includes using the UP security indicator to uniquely identify the dissimilar UE security context locally stored at the UE. In various embodiments, the dissimilar UE security context includes the UP security indicator, at least one fresh parameter, the UP protection algorithm (e.g., encryption and integrity algorithm for dissimilar UP security), the UP integrity and encryption key (i.e., K...). CU-UPint and K CU-UPenc (1) at least one DRB identifier (“ID”) and UP security indication (e.g., UP security integrity and encryption indication).

[0274] In some embodiments, the third method further includes verifying the RRC reconfiguration message and, in response to a successful RRC reconfiguration message verification, transferring (i.e., the newly derived) dissimilar UP integrity and encryption key (K). CU-UPint and K CU-UPenc The UP security indicator, along with at least one fresh parameter, is stored in the UE memory as part of a dissimilar UP security context. In various embodiments, the at least one fresh parameter includes one or more of the following: a current value, a random number, a counter, S-NSSAI, DNN, and 5QI parameters. In some embodiments, the third method includes using the UP security indicator to uniquely identify the dissimilar UP security context to protect UP message packets belonging to a DRB, such as that indicated by an RRC reconfiguration message.

[0275] In some embodiments, the third method includes deriving a distinct UP integrity and encryption key (i.e., K) in response to receiving an Enable UP Security Decoupling Instruction in an RRC reconfiguration message. CU-UPint and K CU-UPenc In some embodiments, the third method includes using a radio access network (“RAN”) node key (i.e., K...). gNB Using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the input as additional inputs to the KDF, the distinct UP integrity and encryption keys (i.e., K) are derived. CU-UPint and K CU-UPenc ).

[0276] In some embodiments, the third method includes using a public UP integrity key (i.e., K). UPintThe distinct UP integrity key (i.e., K) is derived by using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs to the KDF. CU-UPint In some embodiments, the third method includes using a public UP encryption key (i.e., K). UPenc The KDF is derived by using the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of at least one fresh parameter as additional inputs to the KDF. CU-UPenc ).

[0277] In some embodiments, the third method includes using UP message packets, UP security indicators, the length of the UP security indicators, at least one fresh parameter, and the length of at least one fresh parameter as input to the UP integrity protection algorithm, wherein the UP integrity key (i.e., K) corresponding to the UP security indicator... CU-UPint ) is used for UP integrity protection. In some embodiments, the third method includes using UP message blocks, UP security indicators, the length of the UP security indicators, at least one fresh parameter, and the length of at least one fresh parameter as input to the UP encryption protection / confidentiality protection algorithm, wherein the UP encryption key (i.e., K) corresponding to the UP security indicator is... CU-UPenc Used for UP confidentiality protection.

[0278] The embodiments may be practiced in other specific forms. The described embodiments are to be considered in all respects as illustrative rather than restrictive. Therefore, the scope of the invention is indicated by the appended claims rather than by the foregoing description. All variations within the equivalent meaning and scope of the claims should be covered within their scope.

Claims

1. A Radio Access Network (RAN) Central Unit Control Plane (CU-CP) device, the RAN CU-CP device comprising: Memory; as well as A processor, coupled to the memory and configured such that the device: For the selected central unit user plane CU-UP node in the RAN, derive the distinct user plane UP integrity and encryption keys, wherein the deriving is performed using the key derivation function KDF; Assign a UP security indicator to uniquely identify the distinct UP integrity and encryption key; Send a setup request message to the selected CU-UP node. The setup request message includes the UP security indicator and the distinct UP integrity and encryption key. Receive setup response messages from the selected CU-UP node; and Differential UP security is activated at the UE for the set of data radio bearer DRBs by sending an RRC reconfiguration message per DRB to the UE, wherein the RRC reconfiguration message includes the UP security indicator and an enable UP security separation indicator.

2. The apparatus according to claim 1, wherein, In order to activate the dissimilar UP security at the UE, the processor is configured such that the device: Send an Access Layer Security Mode Command (SMC) message to the UE. The AS SMC message includes the UP security indicator, at least one fresh parameter, and the selected UP protection algorithm.

3. The apparatus according to claim 1, wherein, In order to activate the dissimilar UP security at the UE, the processor is configured such that the device: A Radio Resource Control (RRC) reconfiguration message is sent to the UE. The RRC reconfiguration message includes the UP security indicator, an enabled UP security separation indicator, at least one fresh parameter, and the selected UP protection algorithm.

4. The apparatus according to claim 1, wherein, The processor is further configured to cause the device to: The UE receives a Radio Resource Control (RRC) Connection Reconfiguration Complete message, which includes a UP Security Activation Success Indicator and the UP Security Indicator. as well as A confirmation message is sent to the selected CU-UP node to notify of successful UP security activation. The confirmation message includes the UP security indicator and a successful UP security activation indication.

5. The apparatus according to claim 1, wherein, The processor is configured such that the device uses the RAN node key as an input key and uses the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the at least one fresh parameter as additional inputs to the KDF to derive the dissimilar UP integrity and encryption key, wherein the at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN, and 5QI parameters.

6. The apparatus according to claim 1, wherein, The processor is configured to cause the device to: The dissimilar UP integrity key is derived using the public UP integrity key as the input key and the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the at least one fresh parameter as additional inputs to the KDF. The dissimilar UP encryption key is derived by using the public UP encryption key as the input key and the UP security indicator, the length of the UP security indicator, at least one fresh parameter, and the length of the at least one fresh parameter as additional inputs to the KDF. The at least one fresh parameter includes one or more of the following: current value, random number, counter, S-NSSAI, DNN and 5QI parameters.

7. The apparatus according to claim 1, wherein, The processor is configured to cause the device to: UE service information is received from network functions, wherein the UE service information includes one or more of S-NSSAI, DNN and 5QI parameters; The CU-UP node is selected based on the UE service information; Receive UE capabilities to support multiple UP security contexts; as well as The CU-UP node is selected based on the UE capabilities.

8. The apparatus according to claim 1, wherein, The processor is configured such that the device determines, based on one or more of the following, a distinct UP security context with cryptographic separation derived from the public UP security context: the trust level of the selected CU-UP node, security domain information, deployment location, and the device's local policy.

9. The apparatus according to claim 1, wherein, The setup request message further includes the security capabilities of the UE, wherein the setup response message includes the UP protection algorithm selected by the CU-UP node based on the security capabilities of the UE and the security capabilities of the selected CU-UP node.

10. The apparatus according to claim 1, wherein, The processor is configured such that the device stores the assigned UP security indicator, at least one fresh parameter, the dissimilar UP integrity and encryption key, the corresponding selected UP encryption and integrity algorithm, the UE ID, the identifier of the selected CU-UP node, and at least one DRB identifier in the memory.