Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security key management method, device and system

A security key management and key technology, applied in the field of devices, systems, and security key management methods, can solve problems such as inability to support security protection mechanisms, and achieve the effect of improving security

Inactive Publication Date: 2014-12-03
ZTE CORP
View PDF2 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But in addition, the existing protocol cannot support the security protection mechanism under the double connection, especially the management mechanism of the security key

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security key management method, device and system
  • Security key management method, device and system
  • Security key management method, device and system

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment 1

[0051] Specific embodiment one: as Figure 7 As shown, there are macro base stations (i.e. master base stations) and several micro base stations (i.e. controlled base stations) in the deployment network, where terminal 1 is in the coverage of the macro base station and the first controlled base station at the same time, and maintains double connection. In this embodiment, the key management of the terminal 1 in the master base station and the first controlled base station is taken as an example.

[0052] Terminal 1 has a security context in Macro, which includes the current master base station key KeNB. Macro base station and terminal 1 derive control plane and / or user plane keys based on KeNB to protect the information transfer between terminal 1 and macro base station.

[0053] The macro base station derives the controlled base station key KeNB* according to KeNB or NH, and transmits it to the first controlled base station. Wherein, if there is an unused NH on the macro ba...

specific Embodiment 2

[0056] Specific embodiment 2: based on the scenario of specific embodiment 1. This embodiment further takes key management when a key update occurs as an example.

[0057] During the connection process of the first controlled base station, the terminal 1 needs to update the key. The specific reason may be that the serial number of the PDCP layer will be reversed, or the network side algorithm or security requirements. Then the macro base station derives a new controlled base station key KeNB** according to the controlled base station key KeNB* of the first controlled base station, and sends the key to the first controlled base station. Correspondingly, terminal 1 also performs the same key derivation operation to obtain the same KeNB**.

[0058] The terminal 1 and the first controlled base station respectively derive control plane and / or user plane keys according to KeNB** as the base station key to protect information transfer between the terminal 1 and the first controlled ...

specific Embodiment 3

[0061] Specific embodiment three: as Figure 7 As shown, there are macro base stations (that is, master base stations) and several micro base stations (that is, controlled base stations) in the deployment network. Terminal 2 first establishes dual connections with the macro base station and the first controlled base station, and then terminal 2 moves to the second controlled base station. within the coverage of the controlled base station, and re-complete the dual connection with the macro base station and the second controlled base station. This embodiment takes the key management of the terminal 2 in the master base station and the second controlled base station as an example.

[0062] Terminal 2 has a security context in the macro base station, which includes the current master base station key KeNB, and is used to protect the information transfer between terminal 2 and the macro base station according to the control plane and / or user plane keys derived from KeNB.

[0063]...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Disclosed are a method, apparatus and system for security key management. A master control base station and / or a terminal maintain / maintains two sets of base station key for the master control base station: a present base station key and a non-present base station key. The non-present base station key is the key not used by the master control base station and the terminal at present, and is derived from the present base station key or Next Hop (NH) or a prior non-present base station key. The present base station key is the key used by the master control base station and the terminal at present, and is used for deriving other control panel and / or user panel keys. There exists one and only one present base station key simultaneously.

Description

technical field [0001] The present invention relates to the communication field, in particular to a security key management method, device and system. Background technique [0002] With the continuous evolution of wireless communication technologies and standards, the mobile packet service has been greatly developed, and the data throughput capability of a single terminal is constantly improving. Taking the Long Term Evolution (LTE, Long Term Evolution) system as an example, it can support data transmission at a maximum downlink rate of 100 Mbps within a 20M bandwidth. In the subsequent enhanced LTE (LTE Advanced) network, the data transmission rate will be further improved, and even up to lGbps. [0003] The existing LTE user plane data protocol stack such as figure 1 As shown, the downlink data received from the core network via the GPRS Tunneling Protocol for the User Plane (GTP-U, GPRS Tunneling Protocol for the User Plane) passes through the sublayer of the Packet Dat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04W12/04
CPCH04W12/041
Inventor 和峰
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products