CN102036200A - Repositioning execution method and system - Google Patents
Repositioning execution method and system Download PDFInfo
- Publication number
- CN102036200A CN102036200A CN2009101763875A CN200910176387A CN102036200A CN 102036200 A CN102036200 A CN 102036200A CN 2009101763875 A CN2009101763875 A CN 2009101763875A CN 200910176387 A CN200910176387 A CN 200910176387A CN 102036200 A CN102036200 A CN 102036200A
- Authority
- CN
- China
- Prior art keywords
- rnc
- message
- encryption
- rrc
- target rnc
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a repositioning execution method. The method comprises that: a source radio network controller (RNC) encrypts radio resource control (RRC) switching message by using the current used encryption algorithm, and then forwards the encrypted RRC switching message to user equipment (UE) through a target RNC. The invention also discloses a repositioning execution system. In the system, an encryption and sending unit is used for encrypting the RRC switching message by using the current used encryption algorithm and sending the encrypted RRC switching message to the target RNC through the source RNC; and a sending and repositioning implementation unit is used for acquiring the encrypted RRC switching message from the source RNC and forwarding the encrypted RRC switching message to the UE through the target RNC. The method and the system can solve the problem of repositioning process failure because the encryption algorithm selected by the target RNC and the current encryption algorithm used by the source RNC are different under the scene of repositioning of a service radio network subsystem (SRNS) without relating to the UE.
Description
Technical Field
The present invention relates to relocation technology, and more particularly, to a relocation execution method and system when a service encryption algorithm changes before and after relocation in a third generation mobile communication system.
Background
As shown in fig. 1, a Radio access Network (UTRAN) of the universal mobile telecommunications system is composed of Radio Network Subsystems (RNSs) connected to a Core Network (CN) through an Iu interface. An RNS includes a Radio Network Controller (RNC) and one or more node bs (nodebs). The NodeB is connected to the RNC via the Iub interface. The RNCs between RNSs are connected by an Iur interface.
At a certain moment, for a certain User Equipment (UE) which has initiated a service, there is an RNC responsible for the configuration, management and maintenance of its radio resources, the RNC is called a Serving RNC (SRNC), and an access network side connection point between the UE and the CN, which is connected to the Iu interface, is also located on the SRNC. When another RNC needs to be made the SRNC for roaming or other reasons, the relocation procedure of the SRNC will be triggered. In the relocation process, the RNC which plays the role of the SRNC is called a target RNC; and the RNC whose SRNC role is transferred out is referred to as a source RNC. The protocol 3GPP 25413V7.9.0 indicates that a relocation type should be set when a source RNC initiates relocation preparation-including a Serving RNS (SRNS) relocation involving a UE and a SRNS relocation not involving a UE; and the target RNC executes corresponding relocation resource allocation operation according to the information. In addition, the protocol 3GPP 25.303Interlayer procedure in Connected Mode also suggests a triggerable basic protocol process in the relocation process, including: SRNS relocation, relocation procedure accompanied by cell update or registration area update, relocation procedure accompanied by hard handover; wherein the SRNS relocation is an SRNS relocation that does not involve the UE. In each relocation process, there is message interaction between the source RNC and the target RNC as well as between the CNs.
Fig. 2 depicts a SRNS relocation procedure without involving a UE. The process comprises the following steps:
step 101, SRNC decides to initiate relocation, and initiates message relocation requirement message to CN.
Here, the source RNC will carry the signaling radio bearer and the integrity protection algorithm and ciphering algorithm being used by the relocation service in this message.
The relocation service may include a circuit domain service and a packet domain service; the integrity protection algorithm and ciphering algorithm being used refer to parameters selected in the transparent container of the cell from the source RNC to the target RNC, such as parameters in the container of the integrity protection algorithm, parameters in the container of the ciphering algorithm.
Step 102, CN sends relocation request message to target RNC.
Here, the message carries an integrity protection algorithm list and an encryption algorithm list recommended and preferred by the CN, and refers to an integrity protection algorithm list in a container of a cell integrity protection algorithm and an encryption algorithm list in a container of an encryption algorithm.
Step 103, after receiving the relocation request message, the target RNC performs the relocation resource allocation work.
The target RNC selects an encryption algorithm which is subsequently used by the RNC in the CN recommended preferred encryption algorithm list according to the own encryption algorithm support capability, wherein the encryption algorithm may be different from the encryption algorithm which is used by the source RNC.
Step 104, the target RNC sends a relocation request response message to the CN after the relocation resource allocation work is finished.
Wherein, the message includes the ciphering algorithm and the integrity protection algorithm selected by the target RNC, and the parameters in the container of the reference cell ciphering algorithm and the parameters in the container of the integrity protection algorithm.
Step 105, CN initiates relocation command message to SRNC.
Step 106, after receiving the relocation command message, the SRNC initiates a relocation commit message to the target RNC.
Step 107, the target RNC sends message relocation detection message to CN and switches to the role of source RNC.
Step 108, the target RNC sends an Utran mobility information message to the UE.
Step 109, the response message returned by the UE to the target RNC is an Utran mobility information confirm message.
Step 110, after receiving the response message returned by the UE, the target RNC, which has the role of the source RNC, sends a relocation complete message to the CN.
Step 111, CN sends IU release request to old source RNC, and the relocation process is finished.
In the above relocation process, the target RNC notifies the UE of some SRNC related information through the UU procedure, i.e. steps 108 to 109: such as URNTI, and if the target RNC selects a different algorithm from the ciphering algorithm being used by the source RNC during the relocation resource allocation, the change in this algorithm must also be notified to the UE through the UU procedure. If the target RNC does not support the encryption algorithm being used by the source RNC and thus selects an algorithm different from the encryption algorithm being used by the source RNC, the trigger message of the UU procedure, such as the Utran mobility information message, cannot be encrypted using the encryption algorithm being used by the source RNC, while the UE is still being decrypted using the encryption algorithm being used by the source RNC, so that the trigger message of the UU procedure cannot be recognized by the UE, the UU procedure will not be successfully performed, and the relocation procedure will fail. At present, under the situation that SRNS relocation of UE is not involved, the problem that the relocation process fails because the encryption algorithm selected by a target RNC is different from the encryption algorithm currently used by a source RNC does not exist, and an effective solution does not exist.
Disclosure of Invention
In view of this, the main objective of the present invention is to provide a relocation execution method and system, which can solve the problem of failure in the relocation process caused by the difference between the ciphering algorithm selected by the target RNC and the ciphering algorithm currently used by the source RNC in the scenario that SRNS relocation of the UE is not involved.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
a relocation execution method, the method comprising:
when the relocation type is the Service Radio Network Subsystem (SRNS) relocation which does not involve User Equipment (UE), a target Radio Network Controller (RNC) checks that the encryption algorithm currently used by a source RNC is not matched with the encryption algorithm selected by the target RNC;
the target RNC provides an unencrypted Radio Resource Control (RRC) switching message and a radio bearer identifier expected to be issued by the RRC switching message to the source RNC;
and after the source RNC encrypts the RRC switching message by using the encryption algorithm currently used by the source RNC and the encryption parameter related to the radio bearer identification, the encrypted RRC switching message is forwarded to the UE through the target RNC, and the target RNC executes relocation.
Wherein the unencrypted RRC handover message specifically includes: a message that has been integrity protected but not ciphered by the target RNC;
the encryption parameters related to the radio bearer identity specifically include: and Radio Link Control (RLC) data encryption parameters of the radio bearer of the corresponding radio bearer identification of the UE in the source RNC.
Wherein the source RNC encrypting the RRC handover message further comprises: segmenting according to the condition of a logical interface (Iur) interface between a source RNC and a target RNC, and encrypting the data content in the RRC switching message in a segmented manner; and submitting the data content after the segmented encryption to the target RNC through the Iur interface.
Wherein the target RNC further locally records the radio bearer identification;
after the target RNC obtains the data content after the segmented encryption, the method further includes: and according to the recorded radio bearer identification, after Media Access Control (MAC) processing is carried out on a desired radio bearer, forwarding the RRC switching message of which the encryption of the segment data is finished to the UE.
Wherein, after acquiring the RRC handover message with the encrypted segment data, the UE further includes:
the UE decrypts the RRC switching message which finishes the encryption of the segment data by adopting an encryption algorithm currently used by the source RNC, and identifies the RRC switching message;
the UE encrypts the data content in the RRC switching response message by adopting an encryption algorithm selected by the target RNC; sending an RRC switching response message for completing data encryption to the target RNC;
and the target RNC adopts the encryption algorithm selected by the target RNC, decrypts the RRC switching response message for completing the data encryption, and then sends a relocation completion message to a Core Network (CN), and realizes the relocation executed by the target RNC.
A relocation execution system, the system comprising: the device comprises a checking unit, a providing unit, an encrypting and sending unit and a sending and repositioning realizing unit; wherein,
a checking unit, configured to, when the relocation type is: when SRNS relocation of UE is not involved, the target RNC checks whether the encryption algorithm currently used by the source RNC is matched with the encryption algorithm selected by the target RNC;
a providing unit, configured to, when a ciphering algorithm currently used by a source RNC does not match a ciphering algorithm selected by a target RNC, provide, by the target RNC, an unencrypted RRC handover message and a radio bearer identity expected to be issued by the RRC handover message to the source RNC;
the encryption and sending unit is used for encrypting the RRC switching message by the source RNC by using the encryption algorithm currently used by the source RNC and the encryption parameter related to the radio bearer identifier; the source RNC sends the encrypted RRC switching message to the target RNC;
a sending and repositioning realizing unit, which is used for the target RNC to obtain the encrypted RRC switching message from the source RNC and forward the encrypted RRC switching message to the UE; relocation is performed by the target RNC.
The encryption and transmission unit is further configured to perform segmentation by the source RNC according to the Iur interface condition, and perform segmented encryption on the data content in the RRC handover message; and submitting the data content after the segmented encryption to the target RNC through the Iur interface.
Wherein, this system still includes: a recording unit, configured to locally record the radio bearer identifier by the target RNC;
the sending and relocation implementing unit is further configured to forward, to the UE, the RRC handover message that completes the encryption of the segment data after the target RNC performs the MAC processing on the desired radio bearer according to the recorded radio bearer identifier.
Wherein, this system still includes: a decryption unit and an encryption unit on the UE side; wherein,
a decryption unit, configured to, after the UE acquires the RRC handover message that completes the encryption of the segment data, decrypt, by using an encryption algorithm currently used by the source RNC, the RRC handover message that completes the encryption of the segment data, and identify the RRC handover message;
the encryption unit is used for encrypting the data content in the RRC switching response message by the UE by adopting an encryption algorithm selected by the target RNC; sending an RRC switching response message for completing data encryption to the target RNC;
the sending and repositioning realizing unit is further configured to send a repositioning completion message to the CN after the target RNC decrypts the RRC handover response message that completes data encryption by using an encryption algorithm selected by the target RNC, and realize repositioning executed by the target RNC.
When the relocation type of the present invention is SRNS relocation which does not involve UE, the target RNC checks that the encryption algorithm currently used by the source RNC is not matched with the encryption algorithm selected by the target RNC; the target RNC provides the unencrypted RRC switching message and the radio bearer identification expected to be issued by the RRC switching message to the source RNC; after the source RNC encrypts the RRC switching message by using the encryption algorithm currently used by the source RNC and the encryption parameter related to the radio bearer identification, the encrypted RRC switching message is forwarded to the UE through the target RNC, and the target RNC executes relocation.
By adopting the invention, the RRC switching message is encrypted by the current encryption algorithm of the source RNC by the source RNC, so that the RRC switching message can be ensured to be smoothly sent to the UE, and the UU flow can be smoothly executed, thereby ensuring the effective switching of the encryption algorithms before and after the relocation and the continuation of the business behavior, and avoiding the problem of failure in the relocation process caused by the difference between the encryption algorithm selected by the target RNC and the encryption algorithm currently used by the source RNC.
Drawings
FIG. 1 is a schematic diagram of the composition architecture of UTRAN;
fig. 2 is a diagram illustrating a conventional SRNS relocation procedure without involving a UE;
fig. 3 is a schematic flow chart of the implementation of the method of the present invention.
Detailed Description
The basic idea of the invention is: the RRC switching message is encrypted by the source RNC by using the encryption algorithm currently used by the source RNC, so that the RRC switching message can be ensured to be smoothly sent to the UE, the UU flow can be smoothly executed, and the problem of failure in the relocation process caused by the fact that the encryption algorithm selected by the target RNC is different from the encryption algorithm currently used by the source RNC is solved.
The following describes the embodiments in further detail with reference to the accompanying drawings.
As shown in fig. 3, a relocation execution method includes the steps of:
Here, the unencrypted RRC ho message specifically includes: integrity protected but unencrypted messages that have been performed by the target RNC.
Here, the encryption parameter related to the radio bearer identity specifically includes: RLC data encryption parameters of the radio bearer of the UE corresponding to the radio bearer identification in the source RNC.
For the technical solution formed by the above steps 201 to 203, in step 203, the encrypting the RRC connection message by the source RNC further includes: segmenting according to the condition of a logical interface (Iur) interface between a source RNC and a target RNC, and encrypting the data content in the RRC switching message in a segmented manner; and submitting the data content after the segmented encryption to the target RNC through the Iur interface.
In step 202, when the target RNC provides the radio bearer identifier to be sent by the RRC handover message to the source RNC, the target RNC further records the radio bearer identifier locally.
In step 203, after the target RNC obtains the data content after the segmented encryption, the method further includes: and according to the recorded radio bearer identification, after MAC processing is carried out on a desired radio bearer, the RRC switching message of which the encryption of the segment data is finished is forwarded to the UE.
Here, the UE, after acquiring the RRC ho message with encrypted segment data, further includes:
the UE decrypts the RRC handover message that completes the encryption of the segment data by using the encryption algorithm currently used by the source RNC, and recognizes the RRC handover message.
The UE encrypts the data content in the RRC switching response message by adopting an encryption algorithm selected by the target RNC; and sending the RRC switching response message for completing the data encryption to the target RNC.
The target RNC adopts the encryption algorithm selected by the target RNC, decrypts the RRC switching response message for completing the data encryption, and then sends a relocation completion message to the CN, and realizes the relocation executed by the target RNC.
In summary, the present invention is a relocation execution scheme when the service encryption algorithm changes before and after SRNS relocation without involving UE, and aims to solve the following problems: under the scene of SRNS relocation without UE, if the encryption algorithm selected by the target RNC is different from the encryption algorithm currently used by the source RNC, the UU flow informing the UE of the change of the encryption algorithm cannot be successfully executed, and finally the problem that the relocation execution process cannot be carried out is caused.
The technical scheme adopted by the invention mainly comprises the following contents:
firstly, the method comprises the following steps: in the SRNS relocation process without involving UE, if the ciphering algorithm selected by the target RNC is different from the ciphering algorithm currently used by the source RNC, the target RNC executes the integrity protection of the RRC switching message (such as an Utran mobility information message) sent to the UE; the target RNC then relocates the information element of the request response message, namely: the transparent container of the target RNC to the source RNC comprises the RRC switching message which has executed the integrity protection and a radio bearer identifier 3 which is expected to be issued by the RRC switching message; and simultaneously, the target RNC locally records the expected radio bearer identification so as to be used for identifying the down-sending channel of the RRC switching message data encrypted by the current data encryption algorithm of the source RNC.
The RRC handover message included in the transparent container from the target RNC to the source RNC may be an Utran mobility information message, and data encryption is not performed.
II, secondly: the source RNC analyzes an RRC switching message such as an Unran mobility information message and a desired radio bearer identifier from a transparent container of the source RNC from the target RNC; then, the current data encryption algorithm of the RNC and the data encryption parameter of the radio bearer RLC where the expected radio bearer identification is located are used for executing the segmentation and data encryption of the RRC switching message; the data content with completed encryption is then encapsulated in a relocation commit message and notified to the target RNC over the Iur interface.
Thirdly, the method comprises the following steps: and the target RNC receives the relocation commit message, extracts the RRC switching message data which is subjected to the encryption of the data of the source RNC from the message, performs MAC downlink processing on a desired radio bearer and then sends the processed RRC switching message data to the UE.
The invention is illustrated below.
Example one: the RRC handover message is the case of the Utran mobility information message.
For the implementation of the target RNC in the resource preparation for relocation, the following steps are included:
step 301, the target RNC receives the relocation request message, and if the relocation type is SRNS relocation not involving the UE and the ciphering algorithm selected by the target RNC is different from the ciphering algorithm used by the source RNC, then the RRC handover message, such as the UTRAN mobility information message, needs to perform data ciphering by means of the data ciphering algorithm of the source RNC.
Step 302, after completing the resource allocation, the target RNC returns a relocation request response message to the CN, where the transparent container from the target RNC to the source RNC includes an RRC handover message, that is, an Utran mobility information message, which has been integrity protected but has not been data-encrypted, and also includes a desired radio bearer identifier.
Step 303, the relocation request response message further includes an integrity protection algorithm and a ciphering algorithm selected by the target RNC.
For the implementation of the source RNC in relocation, the method comprises the following steps:
step 401, in the SRNS relocation process where the relocation type is not related to the UE, the source RNC receives the relocation command message, and checks that the transparent container sent by the target RNC to the source RNC includes the RRC handover message, the Utran mobility information message, and also includes the expected radio bearer identifier.
Step 402, the source RNC performs segmentation and data encryption of the RRC handover message using the current data encryption algorithm and the data encryption parameters of the radio bearer RLC where the desired radio bearer identity is located.
Step 403, in order to increase the probability that the UE correctly receives the RRC handover message, the source RNC may repeat this step and issue a plurality of identical RRC handover messages.
At step 404, the source RNC encapsulates the encrypted data content in a relocation commit message and informs the target RNC via the Iur interface.
For implementation after the target RNC receives the relocation commit message, the method comprises the following steps:
step 501, the target RNC switches to the role of the source RNC after receiving the relocation submission.
Step 502, the target RNC extracts the RRC handover message data block in the relocation commit message, where data encryption is already completed.
Step 503, after performing MAC processing on the desired radio bearer, sending the result to the UE.
Step 504, the RNC decrypts the uplink data by using the locally selected data encryption algorithm to obtain the UE RRC handover response message; and then sending a relocation completion message to the CN, sending an IU release request to the old source RNC by the CN, and finishing the relocation process.
For implementation of receiving the RRC handover message by the UE, the method includes: after receiving the ultran mobility information message, the UE executes and returns a response message, that is: the Utran mobility information confirms the message and the response message performs data ciphering with the ciphering algorithm specified in the RRC handover message, i.e., the ciphering algorithm selected by the target RNC.
Example two: the RRC handover message is a radio bearer reconfiguration message.
For the implementation of the target RNC in the resource preparation for relocation, the following steps are included:
step 601, the target RNC receives a relocation request message, if the relocation type is SRNS relocation not involving the UE and the ciphering algorithm selected by the target RNC is different from the ciphering algorithm used by the source RNC, the RRC handover message is a radio bearer reconfiguration message, and may be any other RRC handover message, and data ciphering needs to be performed by means of the data ciphering algorithm of the source RNC.
Step 602, after completing the resource allocation, the target RNC returns a relocation request response message to the CN, where the transparent container from the target RNC to the source RNC includes an RRC handover message, i.e., a radio bearer reconfiguration message, which has been integrity protected but has not been data-encrypted, and may also be any other RRC handover message, and further includes a desired radio bearer identifier.
Step 603, the relocation request response message further includes an integrity protection algorithm and a ciphering algorithm selected by the target RNC.
For the implementation of the source RNC in relocation, the method comprises the following steps:
in step 701, in the SRNS relocation process where the relocation type does not refer to the UE, the source RNC receives the relocation command message, and checks the RRC handover message, such as the radio bearer reconfiguration message, which may be any other RRC handover message, included in the transparent container from the target RNC to the source RNC, and further includes the desired radio bearer identifier.
Step 702, the source RNC performs segmentation and data encryption of the RRC handover message using the current data encryption algorithm and the data encryption parameters of the radio bearer RLC where the desired radio bearer identity is located.
Step 703, in order to increase the probability that the UE correctly receives the RRC handover message, the source RNC may repeat this step and issue a plurality of identical RRC handover messages.
At step 704, the source RNC encapsulates the encrypted data content in a relocation commit message and informs the target RNC via the Iur interface.
For implementation after the target RNC receives the relocation commit message, the method comprises the following steps:
step 801, the target RNC receives the relocation commit and switches to the role of the source RNC.
Step 802, the target RNC extracts the RRC handover message data block in the relocation commit message, where data encryption is already completed.
Step 803, after performing MAC processing on the desired radio bearer, sending the result to the UE.
Step 804, the RNC decrypts the uplink data by using the locally selected data encryption algorithm to obtain a UE RRC switching response message; and then sending a relocation completion message to the CN, sending an IU release request to the old source RNC by the CN, and finishing the relocation process.
For implementation of receiving the RRC handover message by the UE, the method includes: after receiving the radio bearer reconfiguration message, the UE executes and returns a radio bearer reconfiguration response message, where the response message performs data encryption using the encryption algorithm specified in the RRC handover message, i.e., the encryption algorithm selected by the target RNC.
A relocation execution system, the system comprising: checking unit, providing unit, encrypting and transmitting unit, transmitting and relocating realizing unit. Wherein, the checking unit is used for when the relocation type is: when SRNS relocation of a UE is not involved, the target RNC checks whether the ciphering algorithm currently used by the source RNC matches the ciphering algorithm selected by the target RNC. And the providing unit is used for providing the unencrypted RRC switching message and the radio bearer identification expected to be transmitted by the RRC switching message to the source RNC by the target RNC when the encryption algorithm currently used by the source RNC is not matched with the encryption algorithm selected by the target RNC. The encryption and sending unit is used for encrypting the RRC switching message by the source RNC by using the encryption algorithm currently used by the source RNC and the encryption parameter related to the radio bearer identifier; and the source RNC sends the encrypted RRC switching message to the target RNC. A sending and repositioning realizing unit, which is used for the target RNC to obtain the encrypted RRC switching message from the source RNC and forward the encrypted RRC switching message to the UE; relocation is performed by the target RNC.
Here, the encrypting and sending unit is further configured to perform segmentation by the source RNC according to the Iur interface condition, and perform segment encryption on the data content in the RRC handover message; and submitting the data content after the segmented encryption to the target RNC through an Iur interface.
Here, the system further includes: and the recording unit is used for locally recording the radio bearer identification by the target RNC. And the sending and repositioning realizing unit is further used for the target RNC to forward the RRC switching message of the encrypted segment data to the UE after executing the MAC processing on the expected radio bearer according to the recorded radio bearer identification.
Here, the system further includes: a decryption unit and an encryption unit on the UE side. The decryption unit is configured to, after the UE acquires the RRC handover message that completes the encryption of the segment data, decrypt the RRC handover message that completes the encryption of the segment data by using the encryption algorithm currently used by the source RNC, and identify the RRC handover message. The encryption unit is used for encrypting the data content in the RRC switching response message by the UE by adopting an encryption algorithm selected by the target RNC; and sending the RRC switching response message for completing the data encryption to the target RNC.
And a sending and repositioning realizing unit, further the target RNC adopts a self-selected encryption algorithm to decrypt the RRC switching response message which finishes data encryption, and then sends a repositioning finishing message to the CN, and realizes repositioning executed by the target RNC.
Here, the target RNC referred to above is denoted as target RNC; the Source RNC is represented by Source RNC; relocation Preparation is indicated by Relocation Preparation; the Relocation Type is represented by Relocation Type; SRNS relocation involving a UE is represented by UE's involved in relocation of SRNS; SRNS relocation not involving UE is represented by UE not affected in relocation of SRNS; the Allocation of Relocation resources is represented by Relocation Resource Allocation; the RELOCATION REQUIRED message is denoted by RELOCATION REQUIRED; the radio bearer is denoted SRB; the circuit domain is represented by CS domain; the packet domain is represented by PS domain; the Transparent Container from Source RNC to Target RNC is expressed by Source RNC to Target RNC Transparent Container IE; the container of the Integrity Protection Algorithm is represented by Chosen Integrity Protection Algorithm IE; the container of the Encryption Algorithm is represented by Chosen Encryption Algorithm IE; the RELOCATION REQUEST message is denoted by RELOCATION REQUEST; the RELOCATION REQUEST response message is represented by a RELOCATION REQUEST ACKNOWLEDGE; the RELOCATION COMMAND message is represented by a RELOCATION COMMAND; the RELOCATION COMMIT message is denoted RELOCATION COMMIT; the RELOCATION DETECT message is denoted RELOCATION DETECT; the ultran MOBILITY INFORMATION message is represented by Utran MOBILITY INFORMATION; the Utran Mobility Information Confirm message is represented by UTRAN Mobility Information Confirm; the RELOCATION COMPLETE message is denoted RELOCATION COMPLETE; the RELOCATION FAILURE message is denoted by RELOCATION FAILURE; the Ciphering algorithm that SRNC is not supported for use is denoted Chosen Ciphering algorithms not supported.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention.
Claims (9)
1. A relocation execution method, comprising:
when the relocation type is the Service Radio Network Subsystem (SRNS) relocation which does not involve User Equipment (UE), a target Radio Network Controller (RNC) checks that the encryption algorithm currently used by a source RNC is not matched with the encryption algorithm selected by the target RNC;
the target RNC provides an unencrypted Radio Resource Control (RRC) switching message and a radio bearer identifier expected to be issued by the RRC switching message to the source RNC;
and after the source RNC encrypts the RRC switching message by using the encryption algorithm currently used by the source RNC and the encryption parameter related to the radio bearer identification, the encrypted RRC switching message is forwarded to the UE through the target RNC, and the target RNC executes relocation.
2. The method according to claim 1, wherein the unencrypted RRC ho message specifically comprises: a message that has been integrity protected but not ciphered by the target RNC;
the encryption parameters related to the radio bearer identity specifically include: and Radio Link Control (RLC) data encryption parameters of the radio bearer of the corresponding radio bearer identification of the UE in the source RNC.
3. The method of claim 1 or 2, wherein the source RNC encrypts the RRC Handover message further comprises: segmenting according to the condition of a logical interface (Iur) interface between a source RNC and a target RNC, and encrypting the data content in the RRC switching message in a segmented manner; and submitting the data content after the segmented encryption to the target RNC through the Iur interface.
4. The method of claim 3, wherein the target RNC further locally records the radio bearer identity;
after the target RNC obtains the data content after the segmented encryption, the method further includes: and according to the recorded radio bearer identification, after Media Access Control (MAC) processing is carried out on a desired radio bearer, forwarding the RRC switching message of which the encryption of the segment data is finished to the UE.
5. The method of claim 4, wherein after the UE acquires the RRC Handover message with encrypted segment data, the method further comprises:
the UE decrypts the RRC switching message which finishes the encryption of the segment data by adopting an encryption algorithm currently used by the source RNC, and identifies the RRC switching message;
the UE encrypts the data content in the RRC switching response message by adopting an encryption algorithm selected by the target RNC; sending an RRC switching response message for completing data encryption to the target RNC;
and the target RNC adopts the encryption algorithm selected by the target RNC, decrypts the RRC switching response message for completing the data encryption, and then sends a relocation completion message to a Core Network (CN), and realizes the relocation executed by the target RNC.
6. A relocation execution system, comprising: the device comprises a checking unit, a providing unit, an encrypting and sending unit and a sending and repositioning realizing unit; wherein,
a checking unit, configured to, when the relocation type is: when SRNS relocation of UE is not involved, the target RNC checks whether the encryption algorithm currently used by the source RNC is matched with the encryption algorithm selected by the target RNC;
a providing unit, configured to, when a ciphering algorithm currently used by a source RNC does not match a ciphering algorithm selected by a target RNC, provide, by the target RNC, an unencrypted RRC handover message and a radio bearer identity expected to be issued by the RRC handover message to the source RNC;
the encryption and sending unit is used for encrypting the RRC switching message by the source RNC by using the encryption algorithm currently used by the source RNC and the encryption parameter related to the radio bearer identifier; the source RNC sends the encrypted RRC switching message to the target RNC;
a sending and repositioning realizing unit, which is used for the target RNC to obtain the encrypted RRC switching message from the source RNC and forward the encrypted RRC switching message to the UE; relocation is performed by the target RNC.
7. The system according to claim 6, wherein said ciphering and sending unit is further configured to perform segmentation by said source RNC according to Iur interface condition and perform segmented ciphering on data content in said RRC handover message; and submitting the data content after the segmented encryption to the target RNC through the Iur interface.
8. The system according to claim 6 or 7, characterized in that the system further comprises: a recording unit, configured to locally record the radio bearer identifier by the target RNC;
the sending and relocation implementing unit is further configured to forward, to the UE, the RRC handover message that completes the encryption of the segment data after the target RNC performs the MAC processing on the desired radio bearer according to the recorded radio bearer identifier.
9. The system of claim 8, further comprising: a decryption unit and an encryption unit on the UE side; wherein,
a decryption unit, configured to, after the UE acquires the RRC handover message that completes the encryption of the segment data, decrypt, by using an encryption algorithm currently used by the source RNC, the RRC handover message that completes the encryption of the segment data, and identify the RRC handover message;
the encryption unit is used for encrypting the data content in the RRC switching response message by the UE by adopting an encryption algorithm selected by the target RNC; sending an RRC switching response message for completing data encryption to the target RNC;
the sending and repositioning realizing unit is further configured to send a repositioning completion message to the CN after the target RNC decrypts the RRC handover response message that completes data encryption by using an encryption algorithm selected by the target RNC, and realize repositioning executed by the target RNC.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101763875A CN102036200A (en) | 2009-09-29 | 2009-09-29 | Repositioning execution method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101763875A CN102036200A (en) | 2009-09-29 | 2009-09-29 | Repositioning execution method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102036200A true CN102036200A (en) | 2011-04-27 |
Family
ID=43888379
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009101763875A Pending CN102036200A (en) | 2009-09-29 | 2009-09-29 | Repositioning execution method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102036200A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017143541A1 (en) * | 2016-02-24 | 2017-08-31 | 华为技术有限公司 | Data security protection method and apparatus |
-
2009
- 2009-09-29 CN CN2009101763875A patent/CN102036200A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017143541A1 (en) * | 2016-02-24 | 2017-08-31 | 华为技术有限公司 | Data security protection method and apparatus |
| CN108701195A (en) * | 2016-02-24 | 2018-10-23 | 华为技术有限公司 | A kind of data security protection method and device |
| CN108701195B (en) * | 2016-02-24 | 2020-10-16 | 华为技术有限公司 | Data security protection method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101723913B1 (en) | Key updating method, device and system | |
| US9350537B2 (en) | Enhanced key management for SRNS relocation | |
| TWI454160B (en) | Method and arrangement in a telecommunication system | |
| KR101078615B1 (en) | Encryption in a wireless telecommunications | |
| ES2373710T3 (en) | SRNS REPLICATION PROCESS AND CORRESPONDING RADIO NETWORK CONTROLLER. | |
| CN109890032B (en) | Operation of a service node in a network | |
| US20190253939A1 (en) | Apparatus, system and method for dc (dual connectivity) | |
| US20170359719A1 (en) | Key generation method, device, and system | |
| JP4820429B2 (en) | Method and apparatus for generating a new key | |
| US20100172500A1 (en) | Method of handling inter-system handover security in wireless communications system and related communication device | |
| JP2011512750A (en) | System and method for performing key management while performing handover or handover in a wireless communication system | |
| EP2203008A1 (en) | Method of handling security configuration in wireless communications system and related communication device | |
| EP1926334B1 (en) | A inter-system handover method | |
| KR20100021385A (en) | Security protected non -access stratum protocol operation supporting method in mobile telecommunication system | |
| CN101180909A (en) | Systems, devices, methods and programs for reducing service interruption during routing area changes | |
| TW200841677A (en) | Methods and apparatus to facilitate data and security context transfer, and re-initialization during mobile device handover | |
| CN103428787B (en) | A kind of base station switch method and device | |
| JP2017103770A (en) | Device and method of handling data transmission/reception for dual connectivity | |
| JP2011515904A (en) | System and method for performing handover or key management during handover in a wireless communication system | |
| CN102036200A (en) | Repositioning execution method and system | |
| CN108738084B (en) | Communication method and device | |
| CN102036233B (en) | Repositioning processing method and system | |
| CN102006644A (en) | Method and system for repositioning and encrypting third generation mobile communication system | |
| CN110169128B (en) | Communication method, device and system | |
| US9357387B2 (en) | Methods and devices for handling encrypted communication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20110427 |