[go: up one dir, main page]

WO2024156175A1 - Method, device and computer program product for wireless communication - Google Patents

Method, device and computer program product for wireless communication Download PDF

Info

Publication number
WO2024156175A1
WO2024156175A1 PCT/CN2023/108190 CN2023108190W WO2024156175A1 WO 2024156175 A1 WO2024156175 A1 WO 2024156175A1 CN 2023108190 W CN2023108190 W CN 2023108190W WO 2024156175 A1 WO2024156175 A1 WO 2024156175A1
Authority
WO
WIPO (PCT)
Prior art keywords
wireless communication
user plane
key
plane connection
communication node
Prior art date
Application number
PCT/CN2023/108190
Other languages
French (fr)
Inventor
Yuze LIU
Shilin You
Peilin Liu
Leyi Zhang
Wei Ma
Original Assignee
Zte Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zte Corporation filed Critical Zte Corporation
Priority to PCT/CN2023/108190 priority Critical patent/WO2024156175A1/en
Publication of WO2024156175A1 publication Critical patent/WO2024156175A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation

Definitions

  • This document is directed generally to wireless communications, and in particular to 5 th generation (5G) communications or 6 th generation (6G) communications.
  • User plane connection refers to the dedicated communication path established between a User Equipment (UE) and the network for the transmission of user data. It serves as the conduit for delivering information such as voice, video, and data packets between the UE and the network components, including the Access and Mobility Management Function (AMF) , Session Management Function (SMF) , User Plane Function (UPF) , and ultimately, the destination.
  • AMF Access and Mobility Management Function
  • SMF Session Management Function
  • UPF User Plane Function
  • the user plane connection ensures efficient and reliable data transmission, supporting high-speed and low-latency communication services in the network.
  • a secured user plane connection for a positioning related service is still a topic to be discussed.
  • This document relates to methods, systems, and computer program products for a wireless communication.
  • the wireless communication method includes: transmitting, by a first wireless communication node to a wireless communication terminal, security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
  • the security related information comprises at least one of:
  • a key derivation indicator indicating the wireless communication terminal to derive a key for the user plane connection
  • the method further comprises:
  • the user plane connection is used for a position-related service
  • the position-related service comprises positioning the wireless communication terminal.
  • the user plane information comprises at least one of:
  • the method further comprising at least one of:
  • a location management request comprising at least one of an identifier of the wireless communication terminal or an identifier of the first wireless communication node;
  • a response for a location management request comprising at least one of an identifier of the wireless communication terminal or an identifier of the first wireless communication node.
  • the location management request allows the second wireless communication node to store mapping information between the wireless communication terminal and the first wireless communication node.
  • the method further comprises:
  • the method further comprises:
  • the method further comprising at least one of:
  • the method further comprises:
  • the key for the user plane connection according to at least one of: an uplink non-access stratum, NAS, count, a key for a communication between the first wireless communication node and the wireless communication terminal, a Subscription Permanent Identifier, SUPI, or an identifier of the second wireless communication node.
  • the method further comprises:
  • the method further comprises:
  • the method further comprises:
  • the wireless communication terminal transmitting, by the first wireless communication node to the wireless communication terminal, the identifier of the key for the user plane connection and the address of the management function managing the key for the user plane connection to allow the wireless communication terminal to acquire the key for the user plane connection from the management function.
  • the wireless communication method includes: receiving, by a wireless communication terminal from a first wireless communication node, security related information; and establishing or updating, by the wireless communication terminal, a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
  • the security related information comprises at least one of:
  • a key derivation indicator indicating the wireless communication terminal to derive a key for the user plane connection
  • the method further comprises:
  • the user plane connection is used for a position-related service
  • the position-related service comprises positioning the wireless communication terminal.
  • the user plane information comprises at least one of:
  • the method further comprises:
  • the wireless communication terminal establishing or updating, by the wireless communication terminal, the user plane connection based on a key shared between the second wireless communication node and the wireless communication terminal identified by the received identifier of the key.
  • the method further comprises:
  • the method further comprises:
  • the wireless communication terminal generating, by the wireless communication terminal, the key for the user plane connection according to at least one of: an uplink non-access stratum, NAS, count, a key for a communication between the first wireless communication node and the wireless communication terminal, a Subscription Permanent Identifier, SUPI, or an identifier of the second wireless communication node.
  • an uplink non-access stratum NAS
  • count a key for a communication between the first wireless communication node and the wireless communication terminal
  • SUPI Subscription Permanent Identifier
  • the method further comprises:
  • the wireless communication terminal establishing or updating, by the wireless communication terminal, the user plane connection based on the received key and the identifier of the key.
  • the method further comprises:
  • the wireless communication terminal establishing or updating, by the wireless communication terminal, the user plane connection based on the received key and the identifier of the key.
  • the method further comprises:
  • the wireless communication terminal establishing or updating, by the wireless communication terminal, the user plane connection based on the key and the identifier of the key.
  • the wireless communication method includes: transmitting, by a second wireless communication node to a first wireless communication node, a request message to request the first wireless communication node transmitting to a wireless communication terminal security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and the second wireless communication node, wherein the user plane connection is protected based on the security related information.
  • the security related information comprises at least one of:
  • a key derivation indicator indicating the wireless communication terminal to derive a key for the user plane connection
  • the method further comprises:
  • the user plane connection is used for a position-related service
  • the position-related service comprises positioning the wireless communication terminal.
  • the user plane information comprises at least one of:
  • the method further comprising at least one of:
  • a location management request comprising at least one of an identifier of the wireless communication terminal or an identifier of the first wireless communication node;
  • the location management request allows the second wireless communication node to store mapping information between the wireless communication terminal and the first wireless communication node.
  • the method further comprises:
  • the method further comprises:
  • the method further comprises:
  • the method further comprises:
  • the second wireless communication node acquires, by the second wireless communication node from a management function, a key for the user plane connection and an identifier of the key based on at least one of an identifier of the second wireless communication node or an identifier of the wireless communication terminal;
  • the second wireless communication node transmitting, by the second wireless communication node to the wireless communication terminal via the first wireless communication node, the key for the user plane connection and the identifier of the key for the user plane connection to allow the wireless communication terminal to establish or update the user plane connection based on the key and the identifier of the key.
  • the method further comprises:
  • the second wireless communication node acquires, by the second wireless communication node from a management function, a key for the user plane connection and an identifier of the key based on at least one of an identifier of the second wireless communication node or an identifier of the wireless communication terminal;
  • the first wireless communication node includes a communication unit and a processor.
  • the processor is configured to: transmit, through the communication unit to a wireless communication terminal, security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
  • the wireless communication terminal includes a communication unit and a processor.
  • the processor is configured to: receive, via the communication unit from a first wireless communication node, security related information; and establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
  • the second wireless communication node includes a communication unit and a processor.
  • the processor is configured to: transmit, via the communication unit to a first wireless communication node, a request message to request the first wireless communication node transmitting to a wireless communication terminal security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and the second wireless communication node, wherein the user plane connection is protected based on the security related information.
  • the present disclosure relates to a computer program product comprising a computer-readable program medium code stored thereupon, the code, when executed by a processor, causing the processor to implement a wireless communication method recited in any one of foregoing methods.
  • the present disclosure is not limited to the exemplary embodiments and applications described and illustrated herein. Additionally, the specific order and/or hierarchy of steps in the methods disclosed herein are merely exemplary approaches. Based upon design preferences, the specific order or hierarchy of steps of the disclosed methods or processes can be re-arranged while remaining within the scope of the present disclosure. Thus, those of ordinary skill in the art will understand that the methods and techniques disclosed herein present various steps or acts in a sample order, and the present disclosure is not limited to the specific order or hierarchy presented unless expressly stated otherwise.
  • FIG. 1 shows a schematic diagram of a network according to an embodiment of the present disclosure.
  • FIG. 2 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 3 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 4 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 5 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 6 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 7 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 8 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • FIG. 9 shows an example of a schematic diagram of a wireless communication terminal according to an embodiment of the present disclosure.
  • FIG. 10 shows an example of a schematic diagram of a wireless communication node according to an embodiment of the present disclosure.
  • FIGs. 11 to 13 show flowcharts of wireless communication methods according to some embodiments of the present disclosure.
  • FIG. 1 shows a schematic diagram of a network according to an embodiment of the present disclosure.
  • the network functions (NFs) in the 5GC include:
  • Access and Mobility Management Function Manages access and mobility-related functions such as authentication, security, session management, and mobility management for user devices (UE) in the network.
  • Session Management Function Handles session-related functions such as the establishment, modification, and termination of data sessions for the UE. It ensures efficient data routing and manages Quality of Service (QoS) policies.
  • QoS Quality of Service
  • UDR User Data Repository
  • PCF Policy Control Function
  • Network Exposure Function Enables authorized third-party applications and services to access network data and functions securely. It provides standardized interfaces for external service providers to interact with the 5GC.
  • Network Repository Function Maintains a registry of network functions and their corresponding addresses in the 5GC. It assists in the discovery and selection of network functions during service setup and operation.
  • LRF Location Retrieval Function
  • Gateway Mobile Location Center Provides location-based services by retrieving location information from the LRF and delivering it to authorized applications or services.
  • LMF Location Management Function
  • the 5GC collaborates with the NG-RAN and UE to enable seamless connectivity and advanced services.
  • the NG-RAN provides the wireless access network for UEs, while the 5GC manages the core network functions.
  • ranging-based service provides the distance between two or more UEs and/or the direction of one UE (i.e., Target UE) from another UE (i.e., Reference UE) via the PC5 interface (also referred to as PC5) .
  • Sidelink Positioning utilizes the PC5 interface to provide absolute location, relative position, or ranging information of a UE.
  • Sidelink Positioning the location of a Target UE can be determined based on the information obtained from a located UE.
  • the Ranging/SL Positioning service can be accessed by authorized SL Positioning Client UEs, 5GC NFs, or AFs (application functions) to obtain relative position or distance/direction results between UEs capable of Ranging/SL Positioning. Additionally, authorized 5GC NFs, AFs, or the LCS (Location Services) client can use the service to obtain the absolute position of a Target UE if it is determined that Ranging/SL Positioning is applicable.
  • authorized 5GC NFs, AFs, or the LCS (Location Services) client can use the service to obtain the absolute position of a Target UE if it is determined that Ranging/SL Positioning is applicable.
  • the LMF may trigger the user plane connection establishment after receiving a location request from the AMF if the target UE (also referred to as the UE in this disclosure) does not have a user plane connection (also referred to as user plane in the present disclosure) with the LMF.
  • the LMF may trigger the user plane connection update if the LMF determines to refresh a key for a user plane connection.
  • the LMF may trigger the establishment of a user plane connection after receiving a location request from the AMF if the target UE does not have a user plane connection with the LMF. Additionally, the AMF subscribes from the LMF to obtain the status of the LCS user plane connection for the target UE using an Nlmf_Location_UPNotify Subscribe message if the UE supports user plane positioning.
  • FIG. 2 illustrates the procedure initiated by the LMF to support positioning over the user plane connection between the UE and LMF. The procedure includes at least one of the following operations, steps and/or configurations.
  • control plane congestion status (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF.
  • the LMF may invoke the Nnrf_NFDiscovery service operation to obtain control plane congestion status.
  • Steps 2 to 7 are skipped if there is already a user plane connection context of the target UE in the LMF and the LMF determines to utilize the user plane connection for positioning.
  • the LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and it is based on implementation and local configuration to determine which positioning method requires the user plane connection.
  • specific positioning methods e.g., motion sensor-based method
  • the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF, the LMF sends user plane information to the AMF to indicate that the UE should utilize the user plane over TLS for positioning.
  • the user plane information includes the user plane positioning address of the LMF and security-related information.
  • the AMF receives the user plane information from the LMF in step 2, it forwards it to the UE via a DL NAS TRANSPORT message.
  • the UE uses the URSP (User plane radio separation protocol) as defined in TS 23.503 to establish the PDU session for user plane positioning, which includes user plane positioning related parameters.
  • the UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the positioning service.
  • URSP User plane radio separation protocol
  • the AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service.
  • the LMF may notify the UE to set up the secure user plane connection using the known UE IP address.
  • the UE establishes a secured user plane connection with the LMF. If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
  • FQDN Fully Qualified Domain Name
  • a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
  • the LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established.
  • the AMF stores the LCS-UP connection context as part of the UE context.
  • LPP LTE Positioning Protocol
  • Supplementary services event report messages from the UE may also be transferred to the LMF via the established user plane connection.
  • the UE may trigger the establishment of a user plane connection if the UE does not have a user plane connection with the LMF.
  • FIG. 3 illustrates the procedure initiated by the UE to support positioning over the user plane connection between the UE and LMF.
  • the UE may trigger the user plane connection establishment if the UE does not have a user plane connection (also referred to as user plane in the present disclosure) with the LMF.
  • the UE may trigger the user plane connection update if the UE determines to refresh a key for a user plane connection.
  • FIG. 3 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • a procedure triggered by the UE to support positioning over the user plane connection between the UE and the LMF is adopted.
  • the procedure includes at least one of the following operations, steps and/or configurations.
  • the UE may send a request (e.g., a user plane establishment request) to the AMF (e.g., via the NAS Message) .
  • the request includes a UP (uplink) Positioning Initiation (e.g., for a positioning related service) .
  • the UE may send the request to the AMF if the UE decides to prepare a user plane connection for upcoming positioning requests.
  • the AMF may select an LMF. In some embodiments, the AMF may select an LMF based on the UE ID. In some embodiments, the AMF may select an LMF capable of establishing a user plane session for positioning with the UE. In some embodiments, the AMF may select an LMF if the UE is authorized based on the UE Subscription to use the user plane positioning.
  • the AMF sends a request (e.g., an Nlmf_Location_UPConfig Request) to the LMF.
  • a request e.g., an Nlmf_Location_UPConfig Request
  • the request to the LMF is to request the setup of an LCS(Location Services) -UP connection.
  • the LMF sends response information (e.g., user plane information) to the AMF.
  • the response information e.g., user plane information
  • the response information is transmitted via a Namf_Communication_N1N2MessageTransfer message.
  • the response information (e.g., user plane information) may be transmitted if the LMF accepts utilizing the user plane for positioning and there is no established secure user plane connection between the UE and LMF.
  • the response information (e.g., user plane information) may be transmitted to the AMF to indicate that the UE accepts and utilizes the user plane connection for positioning.
  • the response information includes the user plane positioning address of the LMF and security-related information.
  • the AMF transmits the response information (e.g., user plane information) to the UE.
  • the AMF transmits the response information (e.g., user plane information) to the UE via a DL NAS TRANSPORT message.
  • the AMF transmits the response information (e.g., user plane information) to the UE when the AMF receives the response information (e.g., user plane information) from the LMF.
  • the UE establishes a secured user plane connection with the LMF.
  • the LMF responds to the AMF that the user plane connection between the UE and LMF has been established (e.g., by transmitting a Nlmf_Location_UPConfig Response to the AMF) .
  • the AMF stores the LCS-UP connection context as part of the UE context.
  • LPP messages are transferred between the UE and LMF for UE-based positioning, UE-assisted positioning, and the delivery of assistance data. Supplementary services event report messages from the UE may also be transferred to the LMF via the established user plane connection.
  • the LMF sends key ID (identifier) to the UE via the AMF used for establishing or updating the user plane connection.
  • the UE uses the key to establish or update the user plane connection.
  • the AMF generates the key used for establishing or updating the user plane connection between the UE and the LMF.
  • the LMF gets the key and key ID from the AMF.
  • the AMF generates the key and the key ID.
  • the key may be derived based on a key used between the AMF and the UE (referred to as K AMF in the present disclosure) .
  • the AMF if the key is derived based on the K AMF , the AMF sends a key derivation indicator to the UE. Otherwise, the AMF sends the key and the key ID to the UE.
  • the LMF gets the key and key ID used for establishing or updating the user plane connection between the UE and the LMF from another NF.
  • said another NF sends the key and key ID to the LMF.
  • the LMF sends the key and key ID to the UE via the AMF.
  • the UE uses the key to establish or update the user plane connection.
  • the LMF gets the key and key ID used for establishing or updating the user plane connection between the UE and the LMF from another NF.
  • said another NF sends the key and key ID to the LMF.
  • the LMF sends the key ID and the address of said NF to the UE via the AMF.
  • the UE gets the key from the NF and the UE uses the key to establish or update the user plane connection with the LMF.
  • the key used for establishing the user plane connection may indicate the key used in the establishment of the user plane connection which can protect (e.g., encrypt) the data transmitted on the established user plane connection.
  • the key used for updating the user plane connection may indicate the key used for updating (e.g., refreshing) the security key of the user plane connection and protecting (e.g., encrypting) the data transmitted on the updated user plane connection having the updated security key.
  • the LMF may trigger the establishment of a user plane connection after receiving a location information request (also referred to as location management request in the present disclosure) from the AMF if the target UE does not have a user plane connection with the LMF.
  • a location information request also referred to as location management request in the present disclosure
  • FIG. 4 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • the procedure includes at least one of the following operations, steps and/or configurations.
  • the AMF transmits a message (e.g., a location information request) to the LMF.
  • the message includes at least one of a UE ID of the target UE and/or the AMF ID of the AMF.
  • the LMF sends a response (e.g., a location information response) to the AMF.
  • a response e.g., a location information response
  • the LMF stores the mapping between the AMF ID and the UE ID.
  • the AMF may subscribe from the LMF the status of LCS user plane connection for the UE (e.g., by using a Nlmf_Location_UPNotify Subscribe message) if the UE supports the user plane positioning.
  • control plane congestion status (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF.
  • the LMF may invoke the Nnrf_NFDiscovery service operation to obtain the control plane congestion status.
  • the LMF may get the AMF ID from the UDM (Unified Data Management) based on the UE ID.
  • UDM Unified Data Management
  • the LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and the LMF determines which positioning method requires the user plane connection based on the implementation and local configuration.
  • specific positioning methods e.g., motion sensor-based method
  • the LMF sends a message (e.g., user plane information) to the AMF.
  • the message e.g., user plane information
  • the message is transmitted via a Namf_Communication_N1N2MessageTransfer message.
  • the message may be transmitted if the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF.
  • the message (e.g., user plane information) may be transmitted if the LMF decides to update the key of the user plane for positioning.
  • the message (e.g., user plane information) is transmitted to the AMF to indicate that the UE may utilize the user plane over TLS (Transport Layer Security) for positioning.
  • the message (e.g., user plane information) includes the user plane positioning address of the LMF and security-related information.
  • the security related information includes an identifier (referred to as K LMF ID in the present disclosure) of a key to be used for establishing or updating the secured user plane connection between the UE and the LMF (referred to as K LMF in the present disclosure) . For example, if there is a shared key between the UE and LMF, the security related information includes the identifier of the shared key.
  • the AMF transmits the message (e.g., user plane information) to the UE.
  • the AMF transmits the message (e.g., user plane information) to the UE via a DL NAS TRANSPORT message.
  • the AMF transmits the message (e.g., user plane information) to the UE when the AMF receives the message (e.g., user plane information) from the LMF.
  • the AMF transmits the message (e.g., user plane information) from the LMF to the UE transparently or non-transparently.
  • the message (e.g., user plane information) to the UE includes the identifier of the key (K LMF ID) .
  • the UE transmits a message to the AMF (e.g., via the UL NAS TRANSPORT message) in response to the message (e.g., user plane information) from the AMF. If there is no established applicable PDU session for user plane positioning, the UE uses the URSP (User plane radio separation protocol) to establish the PDU session for user plane positioning, which includes user plane positioning related parameters. The UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the positioning service.
  • URSP User plane radio separation protocol
  • the AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service.
  • the LMF may notify the UE to set up the secure user plane connection using the known UE IP address.
  • the UE establishes or updates a secured user plane connection with the LMF based on the key (K LMF ) which is identified by the key ID (K LMF ID) . If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
  • K LMF Key
  • FQDN Fully Qualified Domain Name
  • the LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established or updated.
  • the AMF stores the LCS-UP connection context as part of the UE context.
  • LPP LTE Positioning Protocol
  • Supplementary services event report messages from the UE may also be transferred to the LMF via the established or updated user plane connection.
  • FIG. 5 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • the procedure includes at least one of the following operations, steps and/or configurations.
  • the AMF transmits a message (e.g., a location information request) to the LMF.
  • the message includes at least one of a UE ID of the target UE and/or the AMF ID of the AMF.
  • the LMF sends a response (e.g., a location information response) to the AMF.
  • a response e.g., a location information response
  • the LMF stores the mapping between the AMF ID and the UE ID.
  • the AMF may subscribe from the LMF the status of LCS user plane connection for the UE (e.g., by using a Nlmf_Location_UPNotify Subscribe message) if the UE supports the user plane positioning.
  • control plane congestion status (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF.
  • the LMF may invoke the Nnrf_NFDiscovery service operation to obtain the control plane congestion status.
  • the LMF may get the AMF ID from the UDM (Unified Data Management) based on the UE ID.
  • UDM Unified Data Management
  • the LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and the LMF determines which positioning method requires the user plane connection based on the implementation and local configuration.
  • specific positioning methods e.g., motion sensor-based method
  • the LMF sends a message (e.g., user plane information) to the AMF.
  • the message e.g., user plane information
  • the message is transmitted via a Namf_Communication_N1N2MessageTransfer message.
  • the message may be transmitted if the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF.
  • the message (e.g., user plane information) may be transmitted if the LMF decides to update the key of the user plane for positioning.
  • the message (e.g., user plane information) is transmitted to the AMF to indicate that the UE may utilize the user plane over TLS (Transport Layer Security) for positioning.
  • the message (e.g., user plane information) includes the user plane positioning address of the LMF and security-related information.
  • the LMF may transmit the security-related information including a key request to the AMF for requesting the key (K LMF ) .
  • the key request may be transmitted via the Namf_Communication_N1N2Transfer message.
  • the key request may be transmitted via another message different from the Namf_Communication_N1N2Transfer message.
  • the AMF transmits the message (e.g., user plane information) to the UE.
  • the AMF transmits the message (e.g., user plane information) to the UE via a DL NAS TRANSPORT message.
  • the AMF transmits the message (e.g., user plane information) to the UE when the AMF receives the message (e.g., user plane information) from the LMF.
  • the AMF transmits the message (e.g., user plane information) from the LMF to the UE transparently or non-transparently.
  • the message (e.g., user plane information) to the UE includes the key (K LMF ) and the identifier of the key (K LMF ID) .
  • the AMF may generate the key (K LMF ) . In some embodiments, the AMF may generate the key (K LMF ) based on the K AMF . In some embodiments, in response to the AMF generating the key (K LMF ) based on the K AMF , the message (e.g., user plane information) to the UE includes at least one of a key derivation indicator, and/or the identifier of the key (K LMF ID) .
  • the message e.g., user plane information
  • the AMF may generate the key based on at least one of the NAS (uplink non-access stratum) Count, the K AMF , the SUPI (Subscription Permanent Identifier) , and/or the identifier of the LMF.
  • the UE may derive the key (K LMF ) in the same way that the AMF generates the key (K LMF ) . That is, the UE may generate the key (K LMF ) based on the at least one of the NAS Count, the K AMF , the SUPI, and/or the identifier of the LMF.
  • the UE transmits a message to the AMF (e.g., via the UL NAS TRANSPORT message) in response to the message (e.g., user plane information) from the AMF. If there is no established applicable PDU session for user plane positioning, the UE uses the URSP (User plane radio separation protocol) to establish the PDU session for user plane positioning, which includes user plane positioning related parameters. The UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the positioning service.
  • URSP User plane radio separation protocol
  • the AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service.
  • the acknowledgement includes the key (K LMF ) and the identifier of the key (K LMF ID) .
  • the key (K LMF ) and the identifier of the key (K LMF ID) may be transmitted to the LMF via a message different from the acknowledgement described above.
  • the LMF may notify the UE to set up the secure user plane connection using the known UE IP address.
  • the UE establishes or updates a secured user plane connection with the LMF based on the key (K LMF ) and the key ID (K LMF ID) . If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
  • FQDN Fully Qualified Domain Name
  • the LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established or updated.
  • the AMF stores the LCS-UP connection context as part of the UE context.
  • LPP LTE Positioning Protocol
  • Supplementary services event report messages from the UE may also be transferred to the LMF via the established or updated user plane connection.
  • FIG. 6 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • the procedure includes at least one of the following operations, steps and/or configurations.
  • the AMF transmits a message (e.g., a location information request) to the LMF.
  • the message includes at least one of a UE ID of the target UE and/or the AMF ID of the AMF.
  • the LMF sends a response (e.g., a location information response) to the AMF.
  • a response e.g., a location information response
  • the LMF stores the mapping between the AMF ID and the UE ID.
  • the AMF may subscribe from the LMF the status of LCS user plane connection for the UE (e.g., by using a Nlmf_Location_UPNotify Subscribe message) if the UE supports the user plane positioning.
  • control plane congestion status (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF.
  • the LMF may invoke the Nnrf_NFDiscovery service operation to obtain the control plane congestion status.
  • the LMF may get the AMF ID from the UDM (Unified Data Management) based on the UE ID.
  • UDM Unified Data Management
  • the LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and the LMF determines which positioning method requires the user plane connection based on the implementation and local configuration.
  • specific positioning methods e.g., motion sensor-based method
  • the LMF sends a message (e.g., user plane information) to the AMF.
  • the message e.g., user plane information
  • the message is transmitted via a Namf_Communication_N1N2MessageTransfer message.
  • the message may be transmitted if the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF.
  • the message (e.g., user plane information) may be transmitted if the LMF decides to update the key of the user plane for positioning.
  • the message (e.g., user plane information) is transmitted to the AMF to indicate that the UE may utilize the user plane over TLS (Transport Layer Security) for positioning.
  • the message (e.g., user plane information) includes the user plane positioning address of the LMF and security-related information.
  • the message (e.g., user plane information) includes the user plane positioning address of the LMF and security-related information.
  • the LMF may transmit the security-related information including a key request to the AMF for requesting the key (K LMF ) .
  • the key request may be transmitted via the Namf_Communication_N1N2Transfer message.
  • the key request may be transmitted via another message different from the Namf_Communication_N1N2Transfer message.
  • the AMF transmits the message (e.g., user plane information) to the UE.
  • the AMF transmits the message (e.g., user plane information) to the UE via a DL NAS TRANSPORT message.
  • the AMF transmits the message (e.g., user plane information) to the UE when the AMF receives the message (e.g., user plane information) from the LMF.
  • the AMF transmits the message (e.g., user plane information) from the LMF to the UE transparently or non-transparently.
  • the message (e.g., user plane information) to the UE includes the key (K LMF ) . and the identifier of the key (K LMF ID) .
  • the UE transmits a message to the AMF (e.g., via the UL NAS TRANSPORT message) in response to the message (e.g., user plane information) from the AMF. If there is no established applicable PDU session for user plane positioning, the UE uses the URSP (User plane radio separation protocol) to establish the PDU session for user plane positioning, which includes user plane positioning related parameters. The UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the positioning service.
  • URSP User plane radio separation protocol
  • the AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service.
  • the LMF may notify the UE to set up the secure user plane connection using the known UE IP address.
  • the UE establishes or updates a secured user plane connection with the LMF based on the key (K LMF ) and the key ID (K LMF ID) . If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
  • FQDN Fully Qualified Domain Name
  • the LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established or updated.
  • the AMF stores the LCS-UP connection context as part of the UE context.
  • LPP LTE Positioning Protocol
  • Supplementary services event report messages from the UE may also be transferred to the LMF via the established or updated user plane connection.
  • FIG. 7 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • the procedure includes at least one of the following operations, steps and/or configurations.
  • the AMF transmits a message (e.g., a location information request) to the LMF.
  • the message includes at least one of a UE ID of the target UE and/or the AMF ID of the AMF.
  • the LMF sends a response (e.g., a location information response) to the AMF.
  • a response e.g., a location information response
  • the LMF stores the mapping between the AMF ID and the UE ID.
  • the AMF may subscribe from the LMF the status of LCS user plane connection for the UE (e.g., by using a Nlmf_Location_UPNotify Subscribe message) if the UE supports the user plane positioning.
  • control plane congestion status (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF.
  • the LMF may invoke the Nnrf_NFDiscovery service operation to obtain the control plane congestion status.
  • the LMF may get the AMF ID from the UDM (Unified Data Management) based on the UE ID.
  • UDM Unified Data Management
  • the LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and the LMF determines which positioning method requires the user plane connection based on the implementation and local configuration.
  • specific positioning methods e.g., motion sensor-based method
  • the LMF transmits a key request to another NF (e.g., a KMF (Key Management Function) ) .
  • the LMF transmits a key request to the KMF to request the key (K LMF ) and the identifier of the key (K LMF ID) .
  • the key request may be transmitted if the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF.
  • the key request may be transmitted if the LMF decides to update the key of the user plane for positioning.
  • the key request message includes at least one of the LMF ID of the LMF and/or the UE ID of the UE.
  • the KMF sends the key (K LMF ) and the identifier of the key (K LMF ID) to the LMF.
  • the KMF generates the key (K LMF ) and the identifier of the key (K LMF ID) based on the at least one of the LMF ID and/or the UE ID.
  • the LMF sends a message (e.g., user plane information) to the AMF.
  • the message e.g., user plane information
  • the message is transmitted via a Namf_Communication_N1N2MessageTransfer message.
  • the message is transmitted to the AMF to indicate that the UE may utilize the user plane over TLS (Transport Layer Security) for positioning.
  • the message (e.g., user plane information) includes the user plane positioning address of the LMF and security-related information.
  • the security related information includes an identifier (referred to as K LMF ID in the present disclosure) of a key to be used for establishing or updating the secured user plane connection between the UE and the LMF (referred to as K LMF in the present disclosure) .
  • K LMF ID an identifier of a key to be used for establishing or updating the secured user plane connection between the UE and the LMF
  • K LMF the security related information includes the identifier of the shared key.
  • the AMF transmits the message (e.g., user plane information) to the UE.
  • the AMF transmits the message (e.g., user plane information) to the UE via a DL NAS TRANSPORT message.
  • the AMF transmits the message (e.g., user plane information) to the UE when the AMF receives the message (e.g., user plane information) from the LMF.
  • the AMF transmits the message (e.g., user plane information) from the LMF to the UE transparently or non-transparently.
  • the message (e.g., user plane information) to the UE includes the identifier of the key (K LMF ID) and the key (K LMF ) .
  • the UE transmits a message to the AMF (e.g., via the UL NAS TRANSPORT message) in response to the message (e.g., user plane information) from the AMF. If there is no established applicable PDU session for user plane positioning, the UE uses the URSP (User plane radio separation protocol) to establish the PDU session for user plane positioning, which includes user plane positioning related parameters. The UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the positioning service.
  • URSP User plane radio separation protocol
  • the AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service.
  • the LMF may notify the UE to set up the secure user plane connection using the known UE IP address.
  • the UE establishes or updates a secured user plane connection with the LMF based on the key (K LMF ) and the key ID (K LMF ID) . If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
  • FQDN Fully Qualified Domain Name
  • the LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established or updated.
  • the AMF stores the LCS-UP connection context as part of the UE context.
  • LPP LTE Positioning Protocol
  • Supplementary services event report messages from the UE may also be transferred to the LMF via the established or updated user plane connection.
  • FIG. 8 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
  • the procedure includes at least one of the following operations, steps and/or configurations.
  • the AMF transmits a message (e.g., a location information request) to the LMF.
  • the message includes at least one of a UE ID of the target UE and/or the AMF ID of the AMF.
  • the LMF sends a response (e.g., a location information response) to the AMF.
  • a response e.g., a location information response
  • the LMF stores the mapping between the AMF ID and the UE ID.
  • the AMF may subscribe from the LMF the status of LCS user plane connection for the UE (e.g., by using a Nlmf_Location_UPNotify Subscribe message) if the UE supports the user plane positioning.
  • control plane congestion status (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF.
  • the LMF may invoke the Nnrf_NFDiscovery service operation to obtain the control plane congestion status.
  • the LMF may get the AMF ID from the UDM (Unified Data Management) based on the UE ID.
  • UDM Unified Data Management
  • the LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and the LMF determines which positioning method requires the user plane connection based on the implementation and local configuration.
  • specific positioning methods e.g., motion sensor-based method
  • the LMF transmits a key request to another NF (e.g., the KMF (Key Management Function) ) .
  • the LMF transmits a key request to the KMF to request the key (K LMF ) and the identifier of the key (K LMF ID) .
  • the key request may be transmitted if the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF.
  • the key request may be transmitted if the LMF decides to update the key of the user plane for positioning.
  • the key request message includes at least one of the LMF ID of the LMF and/or the UE ID of the UE.
  • the KMF sends the key (K LMF ) and the identifier of the key (K LMF ID) to the LMF.
  • the KMF generates the key (K LMF ) and the identifier of the key (K LMF ID) based on the at least one of the LMF ID and/or the UE ID.
  • the LMF sends a message (e.g., user plane information) to the AMF.
  • the message e.g., user plane information
  • the message is transmitted via a Namf_Communication_N1N2MessageTransfer message.
  • the message is transmitted to the AMF to indicate that the UE may utilize the user plane over TLS (Transport Layer Security) for positioning.
  • the message (e.g., user plane information) includes the user plane positioning address of the LMF and security-related information.
  • the LMF sends the key (K LMF ) and the identifier of the key (K LMF ID) to the AMF (e.g., in the security-related information) .
  • the message e.g., user plane information
  • the AMF may also include the address of the KMF.
  • the AMF transmits the message (e.g., user plane information) to the UE.
  • the AMF transmits the message (e.g., user plane information) to the UE via a DL NAS TRANSPORT message.
  • the AMF transmits the message (e.g., user plane information) to the UE when the AMF receives the message (e.g., user plane information) from the LMF.
  • the AMF transmits the message (e.g., user plane information) from the LMF to the UE transparently or non-transparently.
  • the message (e.g., user plane information) to the UE includes at least one of the key (K LMF ) , the identifier of the key (K LMF ID) , and or the address of the KMF.
  • the UE transmits a message to the AMF (e.g., via the UL NAS TRANSPORT message) in response to the message (e.g., user plane information) from the AMF. If there is no established applicable PDU session for user plane positioning, the UE uses the URSP (User plane radio separation protocol) to establish the PDU session for user plane positioning, which includes user plane positioning related parameters. The UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the positioning service.
  • URSP User plane radio separation protocol
  • the AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service.
  • the LMF may notify the UE to set up the secure user plane connection using the known UE IP address.
  • the UE sends a key request to the KMF.
  • the key request includes the identifier of the key (K LMF ID) .
  • the key request is for requesting the key (K LMF ) identified by the K LMF ID.
  • the KMF sends a key response to the UE.
  • the key response includes the key (K LMF ) identified by the K LMF ID.
  • the UE establishes or updates a secured user plane connection with the LMF based on the key (K LMF ) and the key ID (K LMF ID) . If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
  • FQDN Fully Qualified Domain Name
  • the LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established or updated.
  • the AMF stores the LCS-UP connection context as part of the UE context.
  • LPP LTE Positioning Protocol
  • Supplementary services event report messages from the UE may also be transferred to the LMF via the established or updated user plane connection.
  • the procedures described above can be used to generate a key for establishing a secured user plane connection (e.g., the key is used to protect (e.g., encrypt) the data transmitted on the secured user plane connection) or generate a refreshed key to update the user plane connection with the refreshed key (e.g., the refreshed key is used to protect (e.g., encrypt) the data transmitted on the updated user plane connection) .
  • FIG. 9 relates to a diagram of a wireless communication terminal 30 according to an embodiment of the present disclosure.
  • the wireless communication terminal 30 may be a tag, a mobile phone, a laptop, a tablet computer, an electronic book or a portable computer system and is not limited herein.
  • the wireless communication terminal 30 may be used to implement the UE described in this disclosure.
  • the wireless communication terminal 30 may include a processor 300 such as a microprocessor or Application Specific Integrated Circuit (ASIC) , a storage unit 310 and a communication unit 320.
  • the storage unit 310 may be any data storage device that stores a program code 312, which is accessed and executed by the processor 300.
  • Embodiments of the storage code 312 include but are not limited to a subscriber identity module (SIM) , read-only memory (ROM) , flash memory, random-access memory (RAM) , hard-disk, and optical data storage device.
  • SIM subscriber identity module
  • ROM read-only memory
  • RAM random-access memory
  • the communication unit 320 may a transceiver and is used to transmit and receive signals (e.g., messages or packets) according to processing results of the processor 300.
  • the communication unit 320 transmits and receives the signals via at least one antenna 322 or via wiring.
  • the storage unit 310 and the program code 312 may be omitted and the processor 300 may include a storage unit with stored program code.
  • the processor 300 may implement any one of the steps in exemplified embodiments on the wireless communication terminal 30, e.g., by executing the program code 312.
  • the communication unit 320 may be a transceiver.
  • the communication unit 320 may as an alternative or in addition be combining a transmitting unit and a receiving unit configured to transmit and to receive, respectively, signals to and from a wireless communication node.
  • the wireless communication terminal 30 may be used to perform the operations of the UE described in this disclosure.
  • the processor 300 and the communication unit 320 collaboratively perform the operations described in this disclosure. For example, the processor 300 performs operations and transmit or receive signals, message, and/or information through the communication unit 320.
  • FIG. 10 relates to a diagram of a wireless communication node 40 according to an embodiment of the present disclosure.
  • the wireless communication node 40 may be a satellite, a base station (BS) , a gNB, a network entity, a Domain Name System (DNS) server, a Mobility Management Entity (MME) , Serving Gateway (S-GW) , Packet Data Network (PDN) Gateway (P-GW) , a radio access network (RAN) , a next generation RAN (NG-RAN) , a data network, a core network, a communication node in the core network, or a Radio Network Controller (RNC) , and is not limited herein.
  • BS base station
  • gNB a network entity
  • DNS Domain Name System
  • MME Mobility Management Entity
  • S-GW Serving Gateway
  • PDN Packet Data Network Gateway
  • RAN radio access network
  • NG-RAN next generation RAN
  • RNC Radio Network Controller
  • the wireless communication node 40 may include (perform) at least one network function such as an access and mobility management function (AMF) , a session management function (SMF) , a user place function (UPF) , a policy control function (PCF) , an application function (AF) , etc.
  • the wireless communication node 40 may be used to implement the node, the network, the network functions (e.g., the AMF, the LMF, etc. ) , or the network node described in this disclosure.
  • the wireless communication node 40 may include a processor 400 such as a microprocessor or ASIC, a storage unit 410 and a communication unit 420.
  • the storage unit 410 may be any data storage device that stores a program code 412, which is accessed and executed by the processor 400. Examples of the storage unit 412 include but are not limited to a SIM, ROM, flash memory, RAM, hard-disk, and optical data storage device.
  • the communication unit 420 may be a transceiver and is used to transmit and receive signals (e.g., messages or packets) according to processing results of the processor 400. In an embodiment, the communication unit 420 transmits and receives the signals via at least one antenna 422 or via wiring.
  • the storage unit 410 and the program code 412 may be omitted.
  • the processor 400 may include a storage unit with stored program code.
  • the processor 400 may implement any steps described in exemplified embodiments on the wireless communication node 40, e.g., via executing the program code 412.
  • the communication unit 420 may be a transceiver.
  • the communication unit 420 may as an alternative or in addition be combining a transmitting unit and a receiving unit configured to transmit and to receive, respectively, signals, messages, or information to and from a wireless communication node or a wireless communication terminal.
  • the wireless communication node 40 may be used to perform the operations of the AMF or the LMF described in this disclosure.
  • the processor 400 and the communication unit 420 collaboratively perform the operations described in this disclosure. For example, the processor 400 performs operations and transmit or receive signals through the communication unit 420.
  • a wireless communication method is also provided according to an embodiment of the present disclosure.
  • the wireless communication method may be performed by using a wireless communication node (e.g., an AMF) .
  • the wireless communication node may be implemented by using the wireless communication node 40 described in this disclosure, but is not limited thereto.
  • the wireless communication method includes: transmitting, by a first wireless communication node to a wireless communication terminal, security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
  • the wireless communication method may be performed by using a wireless communication terminal (e.g., a UE) .
  • the wireless communication terminal may be implemented by using the wireless communication terminal 30 described in this disclosure, but is not limited thereto.
  • the wireless communication method includes receiving, by a wireless communication terminal from a first wireless communication node, security related information; and establishing or updating, by the wireless communication terminal, a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
  • the wireless communication method may be performed by using a wireless communication node (e.g., an LMF) .
  • the wireless communication node may be implemented by using the wireless communication node 40 described in this disclosure, but is not limited thereto.
  • the wireless communication method includes transmitting, by a second wireless communication node to a first wireless communication node, a request message to request the first wireless communication node transmitting to a wireless communication terminal security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and the second wireless communication node, wherein the user plane connection is protected based on the security related information
  • the wireless communication terminal used in the present disclosure may indicate the UE described above.
  • the first wireless communication node used in the present disclosure may indicate the AMF described above.
  • the second wireless communication node used in the present disclosure may indicate the LMF described above.
  • the management function used in the present disclosure may be the KMF described above.
  • a and/or B and/or C includes any and all combinations of one or more of A, B, and C, including A, B, C, A and B, A and C, B and C, and a combination of A and B and C.
  • A/B/C includes any and all combinations of one or more of A, B, and C, including A, B, C, A and B, A and C, B and C, and a combination of A and B and C.
  • any reference to an element herein using a designation such as “first, “ “second, “ and so forth does not generally limit the quantity or order of those elements. Rather, these designations can be used herein as a convenient means of distinguishing between two or more elements or instances of an element. Thus, a reference to first and second elements does not mean that only two elements can be employed, or that the first element must precede the second element in some manner.
  • any one of the various illustrative logical blocks, units, processors, means, circuits, methods and functions described in connection with the aspects disclosed herein can be implemented by electronic hardware (e.g., a digital implementation, an analog implementation, or a combination of the two) , firmware, various forms of program or design code incorporating instructions (which can be referred to herein, for convenience, as "software” or a “software unit” ) , or any combination of these techniques.
  • a processor, device, component, circuit, structure, machine, unit, etc. can be configured to perform one or more of the functions described herein.
  • IC integrated circuit
  • DSP digital signal processor
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • the logical blocks, units, and circuits can further include antennas and/or transceivers to communicate with various components within the network or within the device.
  • a general-purpose processor can be a microprocessor, but in the alternative, the processor can be any conventional processor, controller, or state machine.
  • a processor can also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other suitable configuration to perform the functions described herein. If implemented in software, the functions can be stored as one or more instructions or code on a computer-readable medium. Thus, the steps of a method or algorithm disclosed herein can be implemented as software stored on a computer-readable medium.
  • Computer-readable media includes both computer storage media and communication media including any medium that can be enabled to transfer a computer program or code from one place to another.
  • a storage media can be any available media that can be accessed by a computer.
  • such computer-readable media can include RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to store desired program code in the form of instructions or data structures and that can be accessed by a computer.
  • unit refers to software, firmware, hardware, and any combination of these elements for performing the associated functions described herein. Additionally, for purpose of discussion, the various units are described as discrete units; however, as would be apparent to one of ordinary skill in the art, two or more units may be combined to form a single unit that performs the associated functions according to embodiments of the present disclosure.
  • memory or other storage may be employed in embodiments of the present disclosure.
  • memory or other storage may be employed in embodiments of the present disclosure.
  • any suitable distribution of functionality between different functional units, processing logic elements or domains may be used without detracting from the present disclosure.
  • functionality illustrated to be performed by separate processing logic elements, or controllers may be performed by the same processing logic element, or controller.
  • references to specific functional units are only references to a suitable means for providing the described functionality, rather than indicative of a strict logical or physical structure or organization.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A wireless communication method is disclosed. The method comprises transmitting, by a first wireless communication node to a wireless communication terminal, security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.

Description

Method, Device and Computer Program Product for Wireless Communication
This document is directed generally to wireless communications, and in particular to 5th generation (5G) communications or 6th generation (6G) communications.
User plane connection refers to the dedicated communication path established between a User Equipment (UE) and the network for the transmission of user data. It serves as the conduit for delivering information such as voice, video, and data packets between the UE and the network components, including the Access and Mobility Management Function (AMF) , Session Management Function (SMF) , User Plane Function (UPF) , and ultimately, the destination. The user plane connection ensures efficient and reliable data transmission, supporting high-speed and low-latency communication services in the network. However, a secured user plane connection for a positioning related service is still a topic to be discussed.
This document relates to methods, systems, and computer program products for a wireless communication.
One aspect of the present disclosure relates to a wireless communication method. In an embodiment, the wireless communication method includes: transmitting, by a first wireless communication node to a wireless communication terminal, security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
Various embodiments may preferably implement the following features:
Preferably, the security related information comprises at least one of:
a key for the user plane connection;
an identifier of a key for the user plane connection;
a key derivation indicator indicating the wireless communication terminal to derive a key for the user plane connection; or
an address of a management function managing a key for the user plane connection.
Preferably, the method further comprises:
receiving, by the first wireless communication node from the second wireless  communication node, user plane information indicating the wireless communication terminal establishing the user plane connection between the wireless communication terminal and the second wireless communication node based on an identifier of the wireless communication terminal.
Preferably, the user plane connection is used for a position-related service, and the position-related service comprises positioning the wireless communication terminal.
Preferably, the user plane information comprises at least one of:
an identifier of the wireless communication terminal;
an identifier of the second wireless communication node;
an identifier of a key for the user plane connection;
a request for a key for the user plane connection;
a key for the user plane connection; or
an address of a management function managing a key for the user plane connection.
Preferably, the method further comprising at least one of:
transmitting, by the first wireless communication node to the second wireless communication node, a location management request comprising at least one of an identifier of the wireless communication terminal or an identifier of the first wireless communication node; or
receiving, by the first wireless communication node from the second wireless communication node, a response for a location management request comprising at least one of an identifier of the wireless communication terminal or an identifier of the first wireless communication node.
Preferably, the location management request allows the second wireless communication node to store mapping information between the wireless communication terminal and the first wireless communication node.
Preferably, the method further comprises:
receiving, by the first wireless communication node from the second wireless communication node, an identifier of a key for the user plane connection; and
transmitting, by the first wireless communication node to the wireless communication terminal, the identifier of the key for the user plane connection to allow the wireless communication terminal to use a key shared between the second wireless communication node and  the wireless communication terminal as the key for the user plane connection.
Preferably, the method further comprises:
generating, by the first wireless communication node, a key for the user plane connection; and
transmitting, by the first wireless communication node to the wireless communication terminal, an identifier of the key for the user plane connection and a key derivation indicator indicating the wireless communication terminal to derive the key for the user plane connection.
Preferably, the method further comprising at least one of:
receiving, by the first wireless communication node from the second wireless communication node, a request for the key for the user plane connection; or
transmitting, by the first wireless communication node to the second wireless communication node, the key for the user plane connection and the identifier of the key for the user plane connection.
Preferably, the method further comprises:
generating, by the first wireless communication node, the key for the user plane connection according to at least one of: an uplink non-access stratum, NAS, count, a key for a communication between the first wireless communication node and the wireless communication terminal, a Subscription Permanent Identifier, SUPI, or an identifier of the second wireless communication node.
Preferably, the method further comprises:
receiving, by the first wireless communication node from the second wireless communication node, a key for the user plane connection and an identifier of the key for the user plane connection; and
transmitting, by the first wireless communication node to the wireless communication terminal, the key for the user plane connection and the identifier of the key for the user plane connection.
Preferably, the method further comprises:
receiving, by the first wireless communication node from the second wireless communication node, a key for the user plane connection and an identifier of the key for the user plane connection, wherein the key for the user plane connection and the identifier of the key for the  user plane connection are acquired from a management function; and
transmitting, by the first wireless communication node to the wireless communication terminal, the key for the user plane connection and the identifier of the key for the user plane connection.
Preferably, the method further comprises:
receiving, by the first wireless communication node from the second wireless communication node, an identifier of a key for the user plane connection and an address of a management function managing the key for the user plane connection; and
transmitting, by the first wireless communication node to the wireless communication terminal, the identifier of the key for the user plane connection and the address of the management function managing the key for the user plane connection to allow the wireless communication terminal to acquire the key for the user plane connection from the management function.
Another aspect of the present disclosure relates to a wireless communication method. In an embodiment, the wireless communication method includes: receiving, by a wireless communication terminal from a first wireless communication node, security related information; and establishing or updating, by the wireless communication terminal, a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
Various embodiments may preferably implement the following features:
Preferably, the security related information comprises at least one of:
a key for the user plane connection;
an identifier of a key for the user plane connection;
a key derivation indicator indicating the wireless communication terminal to derive a key for the user plane connection; or
an address of a management function managing a key for the user plane connection.
Preferably, the method further comprises:
receiving, by the wireless communication terminal from the second wireless communication node via the first wireless communication node, user plane information indicating the wireless communication terminal establishing the user plane connection between the wireless communication terminal and the second wireless communication node.
Preferably, the user plane connection is used for a position-related service, and the position-related service comprises positioning the wireless communication terminal.
Preferably, the user plane information comprises at least one of:
an identifier of the wireless communication terminal;
an identifier of the second wireless communication node;
an identifier of a key for the user plane connection;
a request for a key for the user plane connection;
a key for the user plane connection; or
an address of a management function managing a key for the user plane connection.
Preferably, the method further comprises:
receiving, by the wireless communication terminal from the second wireless communication node via the first wireless communication node, an identifier of a key for the user plane connection; and
establishing or updating, by the wireless communication terminal, the user plane connection based on a key shared between the second wireless communication node and the wireless communication terminal identified by the received identifier of the key.
Preferably, the method further comprises:
receiving, by the wireless communication terminal from the first wireless communication node, an identifier of the key for the user plane connection and a key derivation indicator indicating the wireless communication terminal to derive the key for the user plane connection.
generating, by the first wireless communication node, a key for the user plane connection based on the key derivation indicator; and
establishing or updating, by the wireless communication terminal, the user plane connection based on the generated key.
Preferably, the method further comprises:
generating, by the wireless communication terminal, the key for the user plane connection according to at least one of: an uplink non-access stratum, NAS, count, a key for a communication between the first wireless communication node and the wireless communication terminal, a Subscription Permanent Identifier, SUPI, or an identifier of the second wireless  communication node.
Preferably, the method further comprises:
receiving, by the wireless communication terminal from the second wireless communication node via the first wireless communication node, a key for the user plane connection and an identifier of the key for the user plane connection; and
establishing or updating, by the wireless communication terminal, the user plane connection based on the received key and the identifier of the key.
Preferably, the method further comprises:
receiving, by the wireless communication terminal from the second wireless communication node via the first wireless communication node, a key for the user plane connection and an identifier of the key for the user plane connection, wherein the key for the user plane connection and the identifier of the key for the user plane connection are acquired from a management function; and
establishing or updating, by the wireless communication terminal, the user plane connection based on the received key and the identifier of the key.
Preferably, the method further comprises:
receiving, by the wireless communication terminal from the second wireless communication node via the first wireless communication node, an identifier of a key for the user plane connection and an address of a management function managing the key for the user plane connection;
acquiring, by the wireless communication terminal from the management function, the key for the user plane connection based on the identifier of the key and the address of the management function; and
establishing or updating, by the wireless communication terminal, the user plane connection based on the key and the identifier of the key.
Another aspect of the present disclosure relates to a wireless communication method. In an embodiment, the wireless communication method includes: transmitting, by a second wireless communication node to a first wireless communication node, a request message to request the first wireless communication node transmitting to a wireless communication terminal security related information to allow the wireless communication terminal to establish or update a user plane  connection between the wireless communication terminal and the second wireless communication node, wherein the user plane connection is protected based on the security related information.
Various embodiments may preferably implement the following features:
Preferably, the security related information comprises at least one of:
a key for the user plane connection;
an identifier of a key for the user plane connection;
a key derivation indicator indicating the wireless communication terminal to derive a key for the user plane connection; or
an address of a management function managing a key for the user plane connection.
Preferably, the method further comprises:
transmitting, by the second wireless communication node to the first wireless communication node, user plane information indicating the wireless communication terminal establishing the user plane connection between the wireless communication terminal and the second wireless communication node based on an identifier of the wireless communication terminal.
Preferably, the user plane connection is used for a position-related service, and the position-related service comprises positioning the wireless communication terminal.
Preferably, the user plane information comprises at least one of:
an identifier of the wireless communication terminal;
an identifier of the second wireless communication node;
an identifier of a key for the user plane connection;
a request for a key for the user plane connection;
a key for the user plane connection; or
an address of a management function managing a key for the user plane connection.
Preferably, the method further comprising at least one of:
receiving, by the second wireless communication node from the first wireless communication node, a location management request comprising at least one of an identifier of the wireless communication terminal or an identifier of the first wireless communication node; or
transmitting, by the second wireless communication node to the first wireless communication node, a response for a location management request comprising at least one of an  identifier of the wireless communication terminal or an identifier of the first wireless communication node.
Preferably, the location management request allows the second wireless communication node to store mapping information between the wireless communication terminal and the first wireless communication node.
Preferably, the method further comprises:
transmitting, by the second wireless communication node to the wireless communication terminal via the first wireless communication node, an identifier of a key for the user plane connection to allow the wireless communication terminal to establish or update the user plane connection based on a key shared between the second wireless communication node and the wireless communication terminal identified by the transmitted identifier of the key.
Preferably, the method further comprises:
transmitting, by the second wireless communication node to the first wireless communication node, a request for the key for the user plane connection to allow the first wireless communication node to generate the key for the user plane connection and transmit an identifier of the key and a key derivation indicator to the wireless communication terminal indicating the wireless communication terminal to derive the key for the user plane connection; and
receiving, by the second wireless communication node from the first wireless communication node, the key for the user plane connection and the identifier of the key for the user plane connection.
Preferably, the method further comprises:
transmitting, by the second wireless communication node to the wireless communication terminal via the first wireless communication node, a key for the user plane connection and an identifier of the key to allow the wireless communication terminal to establish or update the user plane connection based on the key and the identifier of the key.
Preferably, the method further comprises:
acquiring, by the second wireless communication node from a management function, a key for the user plane connection and an identifier of the key based on at least one of an identifier of the second wireless communication node or an identifier of the wireless communication terminal; and
transmitting, by the second wireless communication node to the wireless communication terminal via the first wireless communication node, the key for the user plane connection and the identifier of the key for the user plane connection to allow the wireless communication terminal to establish or update the user plane connection based on the key and the identifier of the key.
Preferably, the method further comprises:
acquiring, by the second wireless communication node from a management function, a key for the user plane connection and an identifier of the key based on at least one of an identifier of the second wireless communication node or an identifier of the wireless communication terminal; and
transmitting, by the second wireless communication node to the wireless communication terminal via the first wireless communication node, the identifier of the key for the user plane connection and an address of the management function managing the key for the user plane connection to allow the wireless communication terminal to acquire the key for the user plane connection from the management function.
Another aspect of the present disclosure relates to a first wireless communication node. In an embodiment, the first wireless communication node includes a communication unit and a processor. The processor is configured to: transmit, through the communication unit to a wireless communication terminal, security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
Another aspect of the present disclosure relates to a wireless communication terminal. In an embodiment, the wireless communication terminal includes a communication unit and a processor. The processor is configured to: receive, via the communication unit from a first wireless communication node, security related information; and establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
Another aspect of the present disclosure relates to a second wireless communication node. In an embodiment, the second wireless communication node includes a communication unit  and a processor. The processor is configured to: transmit, via the communication unit to a first wireless communication node, a request message to request the first wireless communication node transmitting to a wireless communication terminal security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and the second wireless communication node, wherein the user plane connection is protected based on the security related information.
The present disclosure relates to a computer program product comprising a computer-readable program medium code stored thereupon, the code, when executed by a processor, causing the processor to implement a wireless communication method recited in any one of foregoing methods.
The exemplary embodiments disclosed herein are directed to providing features that will become readily apparent by reference to the following description when taken in conjunction with the accompanying drawings. In accordance with various embodiments, exemplary systems, methods, devices and computer program products are disclosed herein. It is understood, however, that these embodiments are presented by way of example and not limitation, and it will be apparent to those of ordinary skill in the art who read the present disclosure that various modifications to the disclosed embodiments can be made while remaining within the scope of the present disclosure.
Thus, the present disclosure is not limited to the exemplary embodiments and applications described and illustrated herein. Additionally, the specific order and/or hierarchy of steps in the methods disclosed herein are merely exemplary approaches. Based upon design preferences, the specific order or hierarchy of steps of the disclosed methods or processes can be re-arranged while remaining within the scope of the present disclosure. Thus, those of ordinary skill in the art will understand that the methods and techniques disclosed herein present various steps or acts in a sample order, and the present disclosure is not limited to the specific order or hierarchy presented unless expressly stated otherwise.
The above and other aspects and their implementations are described in greater detail in the drawings, the descriptions, and the claims.
FIG. 1 shows a schematic diagram of a network according to an embodiment of the present disclosure.
FIG. 2 shows a schematic diagram of a procedure according to an embodiment of the  present disclosure.
FIG. 3 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
FIG. 4 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
FIG. 5 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
FIG. 6 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
FIG. 7 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
FIG. 8 shows a schematic diagram of a procedure according to an embodiment of the present disclosure.
FIG. 9 shows an example of a schematic diagram of a wireless communication terminal according to an embodiment of the present disclosure.
FIG. 10 shows an example of a schematic diagram of a wireless communication node according to an embodiment of the present disclosure.
FIGs. 11 to 13 show flowcharts of wireless communication methods according to some embodiments of the present disclosure.
FIG. 1 shows a schematic diagram of a network according to an embodiment of the present disclosure. In some embodiments, the network functions (NFs) in the 5GC include:
Access and Mobility Management Function (AMF) : Manages access and mobility-related functions such as authentication, security, session management, and mobility management for user devices (UE) in the network.
Session Management Function (SMF) : Handles session-related functions such as the establishment, modification, and termination of data sessions for the UE. It ensures efficient data routing and manages Quality of Service (QoS) policies.
User Data Repository (UDR) : Stores and manages user-related data, including subscription and profile information, authentication credentials, and service-related data. It provides the necessary information for various network functions.
Policy Control Function (PCF) : Enforces policy rules and manages QoS for individual users or groups of users. It ensures that network resources are allocated appropriately and that service-level agreements are met.
Network Exposure Function (NEF) : Enables authorized third-party applications and services to access network data and functions securely. It provides standardized interfaces for external service providers to interact with the 5GC.
Network Repository Function (NRF) : Maintains a registry of network functions and their corresponding addresses in the 5GC. It assists in the discovery and selection of network functions during service setup and operation.
Location Retrieval Function (LRF) : Retrieves location information of UEs for location-based services. It provides the necessary positioning data to support services that require location awareness.
Gateway Mobile Location Center (GMLC) : Provides location-based services by retrieving location information from the LRF and delivering it to authorized applications or services.
Location Management Function (LMF) : Manages location-related functions, including tracking the location of UEs, updating location information, and supporting mobility management in the network.
In some embodiments, the 5GC collaborates with the NG-RAN and UE to enable seamless connectivity and advanced services. The NG-RAN provides the wireless access network for UEs, while the 5GC manages the core network functions.
In some embodiments, ranging-based service provides the distance between two or more UEs and/or the direction of one UE (i.e., Target UE) from another UE (i.e., Reference UE) via the PC5 interface (also referred to as PC5) .
In some embodiments, Sidelink Positioning utilizes the PC5 interface to provide absolute location, relative position, or ranging information of a UE. By using Sidelink Positioning, the location of a Target UE can be determined based on the information obtained from a located UE.
In some embodiments, the Ranging/SL Positioning service can be accessed by authorized SL Positioning Client UEs, 5GC NFs, or AFs (application functions) to obtain relative  position or distance/direction results between UEs capable of Ranging/SL Positioning. Additionally, authorized 5GC NFs, AFs, or the LCS (Location Services) client can use the service to obtain the absolute position of a Target UE if it is determined that Ranging/SL Positioning is applicable.
In some embodiments, the LMF may trigger the user plane connection establishment after receiving a location request from the AMF if the target UE (also referred to as the UE in this disclosure) does not have a user plane connection (also referred to as user plane in the present disclosure) with the LMF. In some embodiments, the LMF may trigger the user plane connection update if the LMF determines to refresh a key for a user plane connection. Some embodiments of the present disclosure provide a method to establish or update the security user plane connection for the UE and LMF.
In some embodiments, the LMF may trigger the establishment of a user plane connection after receiving a location request from the AMF if the target UE does not have a user plane connection with the LMF. Additionally, the AMF subscribes from the LMF to obtain the status of the LCS user plane connection for the target UE using an Nlmf_Location_UPNotify Subscribe message if the UE supports user plane positioning. FIG. 2 illustrates the procedure initiated by the LMF to support positioning over the user plane connection between the UE and LMF. The procedure includes at least one of the following operations, steps and/or configurations.
1. Based on the UE's user plane positioning capability, control plane congestion status (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF. The LMF may invoke the Nnrf_NFDiscovery service operation to obtain control plane congestion status.
Steps 2 to 7 are skipped if there is already a user plane connection context of the target UE in the LMF and the LMF determines to utilize the user plane connection for positioning.
The LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and it is based on implementation and local configuration to determine which positioning method requires the user plane connection.
2. [Conditional] If the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF, the LMF sends user plane information to the AMF to indicate that the UE should utilize the user plane over TLS for positioning. The user plane information includes the user plane positioning address of the LMF and  security-related information.
3. [Conditional] When the AMF receives the user plane information from the LMF in step 2, it forwards it to the UE via a DL NAS TRANSPORT message.
4. [Conditional] If there is no established applicable PDU session for user plane positioning, the UE uses the URSP (User plane radio separation protocol) as defined in TS 23.503 to establish the PDU session for user plane positioning, which includes user plane positioning related parameters. The UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the positioning service.
5. [Conditional] The AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service.
6. [Conditional] If the LMF knows the UE's IP address information, it may notify the UE to set up the secure user plane connection using the known UE IP address.
7. [Conditional] The UE establishes a secured user plane connection with the LMF. If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
8. [Conditional] The LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established.
9. [Conditional] The AMF stores the LCS-UP connection context as part of the UE context.
10. If the LMF or the UE determines to utilize the user plane connection for positioning, and the secure user plane connection is established, LPP (LTE Positioning Protocol) messages are transferred between the UE and LMF for UE-based positioning, UE-assisted positioning, and the delivery of assistance data. Supplementary services event report messages from the UE may also be transferred to the LMF via the established user plane connection.
In some embodiments, the UE may trigger the establishment of a user plane connection if the UE does not have a user plane connection with the LMF. FIG. 3 illustrates the procedure initiated by the UE to support positioning over the user plane connection between the UE and LMF.
In some embodiments, the UE may trigger the user plane connection establishment if the UE does not have a user plane connection (also referred to as user plane in the present  disclosure) with the LMF. In some embodiments, the UE may trigger the user plane connection update if the UE determines to refresh a key for a user plane connection. Some embodiments of the present disclosure provide a method to establish or update the security user plane connection for the UE and LMF.
FIG. 3 shows a schematic diagram of a procedure according to an embodiment of the present disclosure. In FIG. 3, a procedure triggered by the UE to support positioning over the user plane connection between the UE and the LMF is adopted. In some embodiments, the procedure includes at least one of the following operations, steps and/or configurations.
1. The UE may send a request (e.g., a user plane establishment request) to the AMF (e.g., via the NAS Message) . In some embodiments, the request includes a UP (uplink) Positioning Initiation (e.g., for a positioning related service) . In some embodiments, the UE may send the request to the AMF if the UE decides to prepare a user plane connection for upcoming positioning requests.
2. [Conditional] The AMF may select an LMF. In some embodiments, the AMF may select an LMF based on the UE ID. In some embodiments, the AMF may select an LMF capable of establishing a user plane session for positioning with the UE. In some embodiments, the AMF may select an LMF if the UE is authorized based on the UE Subscription to use the user plane positioning.
3. [Conditional] The AMF sends a request (e.g., an Nlmf_Location_UPConfig Request) to the LMF. In some embodiments, the request to the LMF is to request the setup of an LCS(Location Services) -UP connection.
4. [Conditional] The LMF sends response information (e.g., user plane information) to the AMF. In some embodiments, the response information (e.g., user plane information) is transmitted via a Namf_Communication_N1N2MessageTransfer message. In some embodiments, the response information (e.g., user plane information) may be transmitted if the LMF accepts utilizing the user plane for positioning and there is no established secure user plane connection between the UE and LMF. In some embodiments, the response information (e.g., user plane information) may be transmitted to the AMF to indicate that the UE accepts and utilizes the user plane connection for positioning. In some embodiments, the response information includes the user plane positioning address of the LMF and security-related information.
5. [Conditional] The AMF transmits the response information (e.g., user plane information) to the UE. In some embodiments, the AMF transmits the response information (e.g., user plane information) to the UE via a DL NAS TRANSPORT message. In some embodiments, the AMF transmits the response information (e.g., user plane information) to the UE when the AMF receives the response information (e.g., user plane information) from the LMF.
6. [Conditional] The UE establishes a secured user plane connection with the LMF.
7. [Conditional] The LMF responds to the AMF that the user plane connection between the UE and LMF has been established (e.g., by transmitting a Nlmf_Location_UPConfig Response to the AMF) .
8. [Conditional] The AMF stores the LCS-UP connection context as part of the UE context.
9. [Conditional] After the secure user plane connection is established, if the LMF determines to utilize the user plane connection for positioning upon receiving a positioning request from the AMF, or if the UE determines to utilize the user plane connection for positioning, LPP messages are transferred between the UE and LMF for UE-based positioning, UE-assisted positioning, and the delivery of assistance data. Supplementary services event report messages from the UE may also be transferred to the LMF via the established user plane connection.
In some embodiments of the present disclosure, the LMF sends key ID (identifier) to the UE via the AMF used for establishing or updating the user plane connection. In some embodiments, the UE uses the key to establish or update the user plane connection.
In some embodiments of the present disclosure, the AMF generates the key used for establishing or updating the user plane connection between the UE and the LMF. In some embodiments, the LMF gets the key and key ID from the AMF.
In some embodiments, the AMF generates the key and the key ID. In some embodiments, the key may be derived based on a key used between the AMF and the UE (referred to as KAMF in the present disclosure) .
In some embodiments, if the key is derived based on the KAMF, the AMF sends a key derivation indicator to the UE. Otherwise, the AMF sends the key and the key ID to the UE.
In some embodiments of the present disclosure, the LMF gets the key and key ID used for establishing or updating the user plane connection between the UE and the LMF from another  NF.
In some embodiments, said another NF sends the key and key ID to the LMF.
In some embodiments, the LMF sends the key and key ID to the UE via the AMF.
In some embodiments, the UE uses the key to establish or update the user plane connection.
In some embodiments of the present disclosure, the LMF gets the key and key ID used for establishing or updating the user plane connection between the UE and the LMF from another NF.
In some embodiments, said another NF sends the key and key ID to the LMF.
In some embodiments, the LMF sends the key ID and the address of said NF to the UE via the AMF.
In some embodiments, the UE gets the key from the NF and the UE uses the key to establish or update the user plane connection with the LMF.
In some embodiments, the key used for establishing the user plane connection may indicate the key used in the establishment of the user plane connection which can protect (e.g., encrypt) the data transmitted on the established user plane connection. In some embodiments, the key used for updating the user plane connection may indicate the key used for updating (e.g., refreshing) the security key of the user plane connection and protecting (e.g., encrypting) the data transmitted on the updated user plane connection having the updated security key.
In some embodiments, the LMF may trigger the establishment of a user plane connection after receiving a location information request (also referred to as location management request in the present disclosure) from the AMF if the target UE does not have a user plane connection with the LMF.
FIG. 4 shows a schematic diagram of a procedure according to an embodiment of the present disclosure. In some embodiments, the procedure includes at least one of the following operations, steps and/or configurations.
0a. The AMF transmits a message (e.g., a location information request) to the LMF. In some embodiments, the message includes at least one of a UE ID of the target UE and/or the AMF ID of the AMF.
0b. The LMF sends a response (e.g., a location information response) to the AMF.
0c. The LMF stores the mapping between the AMF ID and the UE ID.
In some embodiments, the AMF may subscribe from the LMF the status of LCS user plane connection for the UE (e.g., by using a Nlmf_Location_UPNotify Subscribe message) if the UE supports the user plane positioning.
1. Based on the UE's user plane positioning capability, control plane congestion status (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF. The LMF may invoke the Nnrf_NFDiscovery service operation to obtain the control plane congestion status.
In some embodiments, the LMF may get the AMF ID from the UDM (Unified Data Management) based on the UE ID.
In some embodiments, the LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and the LMF determines which positioning method requires the user plane connection based on the implementation and local configuration.
2.The LMF sends a message (e.g., user plane information) to the AMF. In some embodiments, the message (e.g., user plane information) is transmitted via a Namf_Communication_N1N2MessageTransfer message. In some embodiments, the message (e.g., user plane information) may be transmitted if the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF. In some embodiments, the message (e.g., user plane information) may be transmitted if the LMF decides to update the key of the user plane for positioning. In some embodiments, the message (e.g., user plane information) is transmitted to the AMF to indicate that the UE may utilize the user plane over TLS (Transport Layer Security) for positioning. In some embodiments, the message (e.g., user plane information) includes the user plane positioning address of the LMF and security-related information. In some embodiments, the security related information includes an identifier (referred to as KLMF ID in the present disclosure) of a key to be used for establishing or updating the secured user plane connection between the UE and the LMF (referred to as KLMF in the present disclosure) . For example, if there is a shared key between the UE and LMF, the security related information includes the identifier of the shared key.
3. The AMF transmits the message (e.g., user plane information) to the UE. In some  embodiments, the AMF transmits the message (e.g., user plane information) to the UE via a DL NAS TRANSPORT message. In some embodiments, the AMF transmits the message (e.g., user plane information) to the UE when the AMF receives the message (e.g., user plane information) from the LMF. In some embodiments, the AMF transmits the message (e.g., user plane information) from the LMF to the UE transparently or non-transparently. In some embodiments, the message (e.g., user plane information) to the UE includes the identifier of the key (KLMF ID) .
4. The UE transmits a message to the AMF (e.g., via the UL NAS TRANSPORT message) in response to the message (e.g., user plane information) from the AMF. If there is no established applicable PDU session for user plane positioning, the UE uses the URSP (User plane radio separation protocol) to establish the PDU session for user plane positioning, which includes user plane positioning related parameters. The UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the positioning service.
5. The AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service.
6. If the LMF knows the UE's IP address information, it may notify the UE to set up the secure user plane connection using the known UE IP address.
7. The UE establishes or updates a secured user plane connection with the LMF based on the key (KLMF) which is identified by the key ID (KLMF ID) . If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
8. The LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established or updated.
9. The AMF stores the LCS-UP connection context as part of the UE context.
10. If the LMF or the UE determines to utilize the user plane connection for positioning, and the secure user plane connection is established or updated, LPP (LTE Positioning Protocol) messages are transferred between the UE and LMF for UE-based positioning, UE-assisted positioning, and the delivery of assistance data. Supplementary services event report messages from the UE may also be transferred to the LMF via the established or updated user plane connection.
FIG. 5 shows a schematic diagram of a procedure according to an embodiment of the present disclosure. In some embodiments, the procedure includes at least one of the following operations, steps and/or configurations.
0a. The AMF transmits a message (e.g., a location information request) to the LMF. In some embodiments, the message includes at least one of a UE ID of the target UE and/or the AMF ID of the AMF.
0b. The LMF sends a response (e.g., a location information response) to the AMF.
0c. The LMF stores the mapping between the AMF ID and the UE ID.
In some embodiments, the AMF may subscribe from the LMF the status of LCS user plane connection for the UE (e.g., by using a Nlmf_Location_UPNotify Subscribe message) if the UE supports the user plane positioning.
1. Based on the UE's user plane positioning capability, control plane congestion status (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF. The LMF may invoke the Nnrf_NFDiscovery service operation to obtain the control plane congestion status.
In some embodiments, the LMF may get the AMF ID from the UDM (Unified Data Management) based on the UE ID.
In some embodiments, the LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and the LMF determines which positioning method requires the user plane connection based on the implementation and local configuration.
2. The LMF sends a message (e.g., user plane information) to the AMF. In some embodiments, the message (e.g., user plane information) is transmitted via a Namf_Communication_N1N2MessageTransfer message. In some embodiments, the message (e.g., user plane information) may be transmitted if the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF. In some embodiments, the message (e.g., user plane information) may be transmitted if the LMF decides to update the key of the user plane for positioning. In some embodiments, the message (e.g., user plane information) is transmitted to the AMF to indicate that the UE may utilize the user plane over TLS (Transport Layer Security) for positioning. In some embodiments, the message (e.g., user  plane information) includes the user plane positioning address of the LMF and security-related information. In some embodiments, if the LMF does not have a key (KLMF) for establishing user plane connection between the UE and LMF, the LMF may transmit the security-related information including a key request to the AMF for requesting the key (KLMF) . In some embodiments, the key request may be transmitted via the Namf_Communication_N1N2Transfer message. In some embodiments, the key request may be transmitted via another message different from the Namf_Communication_N1N2Transfer message.
3. The AMF transmits the message (e.g., user plane information) to the UE. In some embodiments, the AMF transmits the message (e.g., user plane information) to the UE via a DL NAS TRANSPORT message. In some embodiments, the AMF transmits the message (e.g., user plane information) to the UE when the AMF receives the message (e.g., user plane information) from the LMF. In some embodiments, the AMF transmits the message (e.g., user plane information) from the LMF to the UE transparently or non-transparently. In some embodiments, the message (e.g., user plane information) to the UE includes the key (KLMF) and the identifier of the key (KLMF ID) .
In some embodiments, the AMF may generate the key (KLMF) . In some embodiments, the AMF may generate the key (KLMF) based on the KAMF. In some embodiments, in response to the AMF generating the key (KLMF) based on the KAMF, the message (e.g., user plane information) to the UE includes at least one of a key derivation indicator, and/or the identifier of the key (KLMF ID) .
In some embodiments, the AMF may generate the key based on at least one of the NAS (uplink non-access stratum) Count, the KAMF, the SUPI (Subscription Permanent Identifier) , and/or the identifier of the LMF.
In some embodiments, if the UE receives the key derivation indicator in the message (e.g., user plane information) to the UE, the UE the UE may derive the key (KLMF) in the same way that the AMF generates the key (KLMF) . That is, the UE may generate the key (KLMF) based on the at least one of the NAS Count, the KAMF, the SUPI, and/or the identifier of the LMF.
4. The UE transmits a message to the AMF (e.g., via the UL NAS TRANSPORT message) in response to the message (e.g., user plane information) from the AMF. If there is no established applicable PDU session for user plane positioning, the UE uses the URSP (User plane  radio separation protocol) to establish the PDU session for user plane positioning, which includes user plane positioning related parameters. The UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the positioning service.
5. The AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service. In some embodiments, the acknowledgement includes the key (KLMF) and the identifier of the key (KLMF ID) . In some embodiments, the key (KLMF) and the identifier of the key (KLMF ID) may be transmitted to the LMF via a message different from the acknowledgement described above.
6. If the LMF knows the UE's IP address information, it may notify the UE to set up the secure user plane connection using the known UE IP address.
7. The UE establishes or updates a secured user plane connection with the LMF based on the key (KLMF) and the key ID (KLMF ID) . If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
8. The LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established or updated.
9. The AMF stores the LCS-UP connection context as part of the UE context.
10. If the LMF or the UE determines to utilize the user plane connection for positioning, and the secure user plane connection is established or updated, LPP (LTE Positioning Protocol) messages are transferred between the UE and LMF for UE-based positioning, UE-assisted positioning, and the delivery of assistance data. Supplementary services event report messages from the UE may also be transferred to the LMF via the established or updated user plane connection.
FIG. 6 shows a schematic diagram of a procedure according to an embodiment of the present disclosure. In some embodiments, the procedure includes at least one of the following operations, steps and/or configurations.
0a. The AMF transmits a message (e.g., a location information request) to the LMF. In some embodiments, the message includes at least one of a UE ID of the target UE and/or the AMF ID of the AMF.
0b. The LMF sends a response (e.g., a location information response) to the AMF.
0c. The LMF stores the mapping between the AMF ID and the UE ID.
In some embodiments, the AMF may subscribe from the LMF the status of LCS user plane connection for the UE (e.g., by using a Nlmf_Location_UPNotify Subscribe message) if the UE supports the user plane positioning.
1. Based on the UE's user plane positioning capability, control plane congestion status (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF. The LMF may invoke the Nnrf_NFDiscovery service operation to obtain the control plane congestion status.
In some embodiments, the LMF may get the AMF ID from the UDM (Unified Data Management) based on the UE ID.
In some embodiments, the LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and the LMF determines which positioning method requires the user plane connection based on the implementation and local configuration.
2. The LMF sends a message (e.g., user plane information) to the AMF. In some embodiments, the message (e.g., user plane information) is transmitted via a Namf_Communication_N1N2MessageTransfer message. In some embodiments, the message (e.g., user plane information) may be transmitted if the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF. In some embodiments, the message (e.g., user plane information) may be transmitted if the LMF decides to update the key of the user plane for positioning. In some embodiments, the message (e.g., user plane information) is transmitted to the AMF to indicate that the UE may utilize the user plane over TLS (Transport Layer Security) for positioning. In some embodiments, the message (e.g., user plane information) includes the user plane positioning address of the LMF and security-related information. In some embodiments, the message (e.g., user plane information) includes the user plane positioning address of the LMF and security-related information. In some embodiments, if the LMF does not have a key (KLMF) for establishing user plane connection between the UE and LMF, the LMF may transmit the security-related information including a key request to the AMF for requesting the key (KLMF) . In some embodiments, the key request may be transmitted via the  Namf_Communication_N1N2Transfer message. In some embodiments, the key request may be transmitted via another message different from the Namf_Communication_N1N2Transfer message.
3. The AMF transmits the message (e.g., user plane information) to the UE. In some embodiments, the AMF transmits the message (e.g., user plane information) to the UE via a DL NAS TRANSPORT message. In some embodiments, the AMF transmits the message (e.g., user plane information) to the UE when the AMF receives the message (e.g., user plane information) from the LMF. In some embodiments, the AMF transmits the message (e.g., user plane information) from the LMF to the UE transparently or non-transparently. In some embodiments, the message (e.g., user plane information) to the UE includes the key (KLMF) . and the identifier of the key (KLMF ID) .
4. The UE transmits a message to the AMF (e.g., via the UL NAS TRANSPORT message) in response to the message (e.g., user plane information) from the AMF. If there is no established applicable PDU session for user plane positioning, the UE uses the URSP (User plane radio separation protocol) to establish the PDU session for user plane positioning, which includes user plane positioning related parameters. The UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the positioning service.
5. The AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service.
6. If the LMF knows the UE's IP address information, it may notify the UE to set up the secure user plane connection using the known UE IP address.
7. The UE establishes or updates a secured user plane connection with the LMF based on the key (KLMF) and the key ID (KLMF ID) . If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
8. The LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established or updated.
9. The AMF stores the LCS-UP connection context as part of the UE context.
10. If the LMF or the UE determines to utilize the user plane connection for positioning, and the secure user plane connection is established or updated, LPP (LTE Positioning Protocol)  messages are transferred between the UE and LMF for UE-based positioning, UE-assisted positioning, and the delivery of assistance data. Supplementary services event report messages from the UE may also be transferred to the LMF via the established or updated user plane connection.
FIG. 7 shows a schematic diagram of a procedure according to an embodiment of the present disclosure. In some embodiments, the procedure includes at least one of the following operations, steps and/or configurations.
0a. The AMF transmits a message (e.g., a location information request) to the LMF. In some embodiments, the message includes at least one of a UE ID of the target UE and/or the AMF ID of the AMF.
0b. The LMF sends a response (e.g., a location information response) to the AMF.
0c. The LMF stores the mapping between the AMF ID and the UE ID.
In some embodiments, the AMF may subscribe from the LMF the status of LCS user plane connection for the UE (e.g., by using a Nlmf_Location_UPNotify Subscribe message) if the UE supports the user plane positioning.
1. Based on the UE's user plane positioning capability, control plane congestion status (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF. The LMF may invoke the Nnrf_NFDiscovery service operation to obtain the control plane congestion status.
In some embodiments, the LMF may get the AMF ID from the UDM (Unified Data Management) based on the UE ID.
In some embodiments, the LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and the LMF determines which positioning method requires the user plane connection based on the implementation and local configuration.
1a. The LMF transmits a key request to another NF (e.g., a KMF (Key Management Function) ) . The LMF transmits a key request to the KMF to request the key (KLMF) and the identifier of the key (KLMF ID) . In some embodiments, the key request may be transmitted if the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF. In some embodiments, the key request may be transmitted if  the LMF decides to update the key of the user plane for positioning. In some embodiments, the key request message includes at least one of the LMF ID of the LMF and/or the UE ID of the UE.
1b. The KMF sends the key (KLMF) and the identifier of the key (KLMF ID) to the LMF. In some embodiments, the KMF generates the key (KLMF) and the identifier of the key (KLMF ID) based on the at least one of the LMF ID and/or the UE ID.
2. The LMF sends a message (e.g., user plane information) to the AMF. In some embodiments, the message (e.g., user plane information) is transmitted via a Namf_Communication_N1N2MessageTransfer message. In some embodiments, the message (e.g., user plane information) is transmitted to the AMF to indicate that the UE may utilize the user plane over TLS (Transport Layer Security) for positioning. In some embodiments, the message (e.g., user plane information) includes the user plane positioning address of the LMF and security-related information. In some embodiments, the security related information includes an identifier (referred to as KLMF ID in the present disclosure) of a key to be used for establishing or updating the secured user plane connection between the UE and the LMF (referred to as KLMF in the present disclosure) . For example, if there is a shared key between the UE and LMF, the security related information includes the identifier of the shared key.
3. The AMF transmits the message (e.g., user plane information) to the UE. In some embodiments, the AMF transmits the message (e.g., user plane information) to the UE via a DL NAS TRANSPORT message. In some embodiments, the AMF transmits the message (e.g., user plane information) to the UE when the AMF receives the message (e.g., user plane information) from the LMF. In some embodiments, the AMF transmits the message (e.g., user plane information) from the LMF to the UE transparently or non-transparently. In some embodiments, the message (e.g., user plane information) to the UE includes the identifier of the key (KLMF ID) and the key (KLMF) .
4. The UE transmits a message to the AMF (e.g., via the UL NAS TRANSPORT message) in response to the message (e.g., user plane information) from the AMF. If there is no established applicable PDU session for user plane positioning, the UE uses the URSP (User plane radio separation protocol) to establish the PDU session for user plane positioning, which includes user plane positioning related parameters. The UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the  positioning service.
5. The AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service.
6. If the LMF knows the UE's IP address information, it may notify the UE to set up the secure user plane connection using the known UE IP address.
7. The UE establishes or updates a secured user plane connection with the LMF based on the key (KLMF) and the key ID (KLMF ID) . If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
8. The LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established or updated.
9. The AMF stores the LCS-UP connection context as part of the UE context.
10. If the LMF or the UE determines to utilize the user plane connection for positioning, and the secure user plane connection is established or updated, LPP (LTE Positioning Protocol) messages are transferred between the UE and LMF for UE-based positioning, UE-assisted positioning, and the delivery of assistance data. Supplementary services event report messages from the UE may also be transferred to the LMF via the established or updated user plane connection.
FIG. 8 shows a schematic diagram of a procedure according to an embodiment of the present disclosure. In some embodiments, the procedure includes at least one of the following operations, steps and/or configurations.
0a. The AMF transmits a message (e.g., a location information request) to the LMF. In some embodiments, the message includes at least one of a UE ID of the target UE and/or the AMF ID of the AMF.
0b. The LMF sends a response (e.g., a location information response) to the AMF.
0c. The LMF stores the mapping between the AMF ID and the UE ID.
In some embodiments, the AMF may subscribe from the LMF the status of LCS user plane connection for the UE (e.g., by using a Nlmf_Location_UPNotify Subscribe message) if the UE supports the user plane positioning.
1. Based on the UE's user plane positioning capability, control plane congestion status  (e.g., AMF load status) , and other implementation factors, the LMF determines whether to continue the positioning procedure via a user plane connection between the UE and LMF. The LMF may invoke the Nnrf_NFDiscovery service operation to obtain the control plane congestion status.
In some embodiments, the LMF may get the AMF ID from the UDM (Unified Data Management) based on the UE ID.
In some embodiments, the LMF can select the user plane positioning for specific positioning methods (e.g., motion sensor-based method) and the LMF determines which positioning method requires the user plane connection based on the implementation and local configuration.
1a. The LMF transmits a key request to another NF (e.g., the KMF (Key Management Function) ) . The LMF transmits a key request to the KMF to request the key (KLMF) and the identifier of the key (KLMF ID) . In some embodiments, the key request may be transmitted if the LMF decides to utilize the user plane for positioning and there is no established secure user plane connection between the UE and LMF. In some embodiments, the key request may be transmitted if the LMF decides to update the key of the user plane for positioning. In some embodiments, the key request message includes at least one of the LMF ID of the LMF and/or the UE ID of the UE.
1b. The KMF sends the key (KLMF) and the identifier of the key (KLMF ID) to the LMF. In some embodiments, the KMF generates the key (KLMF) and the identifier of the key (KLMF ID) based on the at least one of the LMF ID and/or the UE ID.
2. The LMF sends a message (e.g., user plane information) to the AMF. In some embodiments, the message (e.g., user plane information) is transmitted via a Namf_Communication_N1N2MessageTransfer message. In some embodiments, the message (e.g., user plane information) is transmitted to the AMF to indicate that the UE may utilize the user plane over TLS (Transport Layer Security) for positioning. In some embodiments, the message (e.g., user plane information) includes the user plane positioning address of the LMF and security-related information. In some embodiments, the LMF sends the key (KLMF) and the identifier of the key (KLMF ID) to the AMF (e.g., in the security-related information) . In some embodiments, the message (e.g., user plane information) to the AMF may also include the address of the KMF.
3. The AMF transmits the message (e.g., user plane information) to the UE. In some embodiments, the AMF transmits the message (e.g., user plane information) to the UE via a DL  NAS TRANSPORT message. In some embodiments, the AMF transmits the message (e.g., user plane information) to the UE when the AMF receives the message (e.g., user plane information) from the LMF. In some embodiments, the AMF transmits the message (e.g., user plane information) from the LMF to the UE transparently or non-transparently. In some embodiments, the message (e.g., user plane information) to the UE includes at least one of the key (KLMF) , the identifier of the key (KLMF ID) , and or the address of the KMF.
4. The UE transmits a message to the AMF (e.g., via the UL NAS TRANSPORT message) in response to the message (e.g., user plane information) from the AMF. If there is no established applicable PDU session for user plane positioning, the UE uses the URSP (User plane radio separation protocol) to establish the PDU session for user plane positioning, which includes user plane positioning related parameters. The UE may send an acknowledgement to the LMF through the AMF to indicate the success or failure of utilizing the user plane connection for the positioning service.
5. The AMF sends the acknowledgement received in step 4 to the LMF via the Namf_N1messageNotify service.
6. If the LMF knows the UE's IP address information, it may notify the UE to set up the secure user plane connection using the known UE IP address.
7a. The UE sends a key request to the KMF. In one embodiment, the key request includes the identifier of the key (KLMF ID) . In one embodiment, the key request is for requesting the key (KLMF) identified by the KLMF ID.
7b. The KMF sends a key response to the UE. In one embodiment, the key response includes the key (KLMF) identified by the KLMF ID.
7c. The UE establishes or updates a secured user plane connection with the LMF based on the key (KLMF) and the key ID (KLMF ID) . If the LMF sends its Fully Qualified Domain Name (FQDN) to the UE, a DNS server/resolver is used to resolve the IP address of the LMF (e.g., EASDF or local DNS for local LMF address resolution) .
8. The LMF indicates to the AMF in the Nlmf_Location_UPNotify message that the user plane connection between the UE and LMF has been established or updated.
9. The AMF stores the LCS-UP connection context as part of the UE context.
10. If the LMF or the UE determines to utilize the user plane connection for positioning,  and the secure user plane connection is established or updated, LPP (LTE Positioning Protocol) messages are transferred between the UE and LMF for UE-based positioning, UE-assisted positioning, and the delivery of assistance data. Supplementary services event report messages from the UE may also be transferred to the LMF via the established or updated user plane connection.
It is understood that the procedures described above can be used to generate a key for establishing a secured user plane connection (e.g., the key is used to protect (e.g., encrypt) the data transmitted on the secured user plane connection) or generate a refreshed key to update the user plane connection with the refreshed key (e.g., the refreshed key is used to protect (e.g., encrypt) the data transmitted on the updated user plane connection) .
In the paragraphs below, details will be described along with some examples, but the present disclosure is not limited to the example below.
FIG. 9 relates to a diagram of a wireless communication terminal 30 according to an embodiment of the present disclosure. The wireless communication terminal 30 may be a tag, a mobile phone, a laptop, a tablet computer, an electronic book or a portable computer system and is not limited herein. The wireless communication terminal 30 may be used to implement the UE described in this disclosure. The wireless communication terminal 30 may include a processor 300 such as a microprocessor or Application Specific Integrated Circuit (ASIC) , a storage unit 310 and a communication unit 320. The storage unit 310 may be any data storage device that stores a program code 312, which is accessed and executed by the processor 300. Embodiments of the storage code 312 include but are not limited to a subscriber identity module (SIM) , read-only memory (ROM) , flash memory, random-access memory (RAM) , hard-disk, and optical data storage device. The communication unit 320 may a transceiver and is used to transmit and receive signals (e.g., messages or packets) according to processing results of the processor 300. In an embodiment, the communication unit 320 transmits and receives the signals via at least one antenna 322 or via wiring.
In an embodiment, the storage unit 310 and the program code 312 may be omitted and the processor 300 may include a storage unit with stored program code.
The processor 300 may implement any one of the steps in exemplified embodiments on the wireless communication terminal 30, e.g., by executing the program code 312.
The communication unit 320 may be a transceiver. The communication unit 320 may as an alternative or in addition be combining a transmitting unit and a receiving unit configured to transmit and to receive, respectively, signals to and from a wireless communication node.
In some embodiments, the wireless communication terminal 30 may be used to perform the operations of the UE described in this disclosure. In some embodiments, the processor 300 and the communication unit 320 collaboratively perform the operations described in this disclosure. For example, the processor 300 performs operations and transmit or receive signals, message, and/or information through the communication unit 320.
FIG. 10 relates to a diagram of a wireless communication node 40 according to an embodiment of the present disclosure. The wireless communication node 40 may be a satellite, a base station (BS) , a gNB, a network entity, a Domain Name System (DNS) server, a Mobility Management Entity (MME) , Serving Gateway (S-GW) , Packet Data Network (PDN) Gateway (P-GW) , a radio access network (RAN) , a next generation RAN (NG-RAN) , a data network, a core network, a communication node in the core network, or a Radio Network Controller (RNC) , and is not limited herein. In addition, the wireless communication node 40 may include (perform) at least one network function such as an access and mobility management function (AMF) , a session management function (SMF) , a user place function (UPF) , a policy control function (PCF) , an application function (AF) , etc. The wireless communication node 40 may be used to implement the node, the network, the network functions (e.g., the AMF, the LMF, etc. ) , or the network node described in this disclosure. The wireless communication node 40 may include a processor 400 such as a microprocessor or ASIC, a storage unit 410 and a communication unit 420. The storage unit 410 may be any data storage device that stores a program code 412, which is accessed and executed by the processor 400. Examples of the storage unit 412 include but are not limited to a SIM, ROM, flash memory, RAM, hard-disk, and optical data storage device. The communication unit 420 may be a transceiver and is used to transmit and receive signals (e.g., messages or packets) according to processing results of the processor 400. In an embodiment, the communication unit 420 transmits and receives the signals via at least one antenna 422 or via wiring.
In an embodiment, the storage unit 410 and the program code 412 may be omitted. The processor 400 may include a storage unit with stored program code.
The processor 400 may implement any steps described in exemplified embodiments on  the wireless communication node 40, e.g., via executing the program code 412.
The communication unit 420 may be a transceiver. The communication unit 420 may as an alternative or in addition be combining a transmitting unit and a receiving unit configured to transmit and to receive, respectively, signals, messages, or information to and from a wireless communication node or a wireless communication terminal.
In some embodiments, the wireless communication node 40 may be used to perform the operations of the AMF or the LMF described in this disclosure. In some embodiments, the processor 400 and the communication unit 420 collaboratively perform the operations described in this disclosure. For example, the processor 400 performs operations and transmit or receive signals through the communication unit 420.
A wireless communication method is also provided according to an embodiment of the present disclosure. In an embodiment, the wireless communication method may be performed by using a wireless communication node (e.g., an AMF) . In an embodiment, the wireless communication node may be implemented by using the wireless communication node 40 described in this disclosure, but is not limited thereto.
Referring to FIG. 11, in an embodiment, the wireless communication method includes: transmitting, by a first wireless communication node to a wireless communication terminal, security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
Details in this regard can be ascertained with reference to the paragraphs above, and will not be repeated herein.
Another wireless communication method is also provided according to an embodiment of the present disclosure. In an embodiment, the wireless communication method may be performed by using a wireless communication terminal (e.g., a UE) . In an embodiment, the wireless communication terminal may be implemented by using the wireless communication terminal 30 described in this disclosure, but is not limited thereto.
Referring to FIG. 12, in an embodiment, the wireless communication method includes receiving, by a wireless communication terminal from a first wireless communication node,  security related information; and establishing or updating, by the wireless communication terminal, a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
Details in this regard can be ascertained with reference to the paragraphs above, and will not be repeated herein.
Another wireless communication method is also provided according to an embodiment of the present disclosure. In an embodiment, the wireless communication method may be performed by using a wireless communication node (e.g., an LMF) . In an embodiment, the wireless communication node may be implemented by using the wireless communication node 40 described in this disclosure, but is not limited thereto.
Referring to FIG. 13, in an embodiment, the wireless communication method includes transmitting, by a second wireless communication node to a first wireless communication node, a request message to request the first wireless communication node transmitting to a wireless communication terminal security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and the second wireless communication node, wherein the user plane connection is protected based on the security related information
Details in this regard can be ascertained with reference to the paragraphs above, and will not be repeated herein.
In some embodiments, the wireless communication terminal used in the present disclosure may indicate the UE described above.
In some embodiments, the first wireless communication node used in the present disclosure may indicate the AMF described above.
In some embodiments, the second wireless communication node used in the present disclosure may indicate the LMF described above.
In some embodiments, the management function used in the present disclosure may be the KMF described above.
While various embodiments of the present disclosure have been described above, it  should be understood that they have been presented by way of example only, and not by way of limitation. Likewise, the various diagrams may depict an example architectural or configuration, which are provided to enable persons of ordinary skill in the art to understand exemplary features and functions of the present disclosure. Such persons would understand, however, that the present disclosure is not restricted to the illustrated example architectures or configurations, but can be implemented using a variety of alternative architectures and configurations. Additionally, as would be understood by persons of ordinary skill in the art, one or more features of one embodiment can be combined with one or more features of another embodiment described herein. Thus, the breadth and scope of the present disclosure should not be limited by any one of the above-described exemplary embodiments.
It is understood that, in the present disclosure, the term “and/or” or symbol “/” may include any and all combinations of one or more of the associated listed items. For example, A and/or B and/or C includes any and all combinations of one or more of A, B, and C, including A, B, C, A and B, A and C, B and C, and a combination of A and B and C. Likewise, A/B/C includes any and all combinations of one or more of A, B, and C, including A, B, C, A and B, A and C, B and C, and a combination of A and B and C.
It is also understood that any reference to an element herein using a designation such as "first, " "second, " and so forth does not generally limit the quantity or order of those elements. Rather, these designations can be used herein as a convenient means of distinguishing between two or more elements or instances of an element. Thus, a reference to first and second elements does not mean that only two elements can be employed, or that the first element must precede the second element in some manner.
Additionally, a person having ordinary skill in the art would understand that information and signals can be represented using any one of a variety of different technologies and techniques. For example, data, instructions, commands, information, signals, bits and symbols, for example, which may be referenced in the above description can be represented by voltages, currents, electromagnetic waves, magnetic fields or particles, optical fields or particles, or any combination thereof.
A skilled person would further appreciate that any one of the various illustrative logical blocks, units, processors, means, circuits, methods and functions described in connection with the  aspects disclosed herein can be implemented by electronic hardware (e.g., a digital implementation, an analog implementation, or a combination of the two) , firmware, various forms of program or design code incorporating instructions (which can be referred to herein, for convenience, as "software" or a "software unit” ) , or any combination of these techniques.
To clearly illustrate this interchangeability of hardware, firmware and software, various illustrative components, blocks, units, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware, firmware or software, or a combination of these techniques, depends upon the particular application and design constraints imposed on the overall system. Skilled artisans can implement the described functionality in various ways for each particular application, but such implementation decisions do not cause a departure from the scope of the present disclosure. In accordance with various embodiments, a processor, device, component, circuit, structure, machine, unit, etc. can be configured to perform one or more of the functions described herein. The term “configured to” or “configured for” as used herein with respect to a specified operation or function refers to a processor, device, component, circuit, structure, machine, unit, etc. that is physically constructed, programmed and/or arranged to perform the specified operation or function.
Furthermore, a skilled person would understand that various illustrative logical blocks, units, devices, components and circuits described herein can be implemented within or performed by an integrated circuit (IC) that can include a general-purpose processor, a digital signal processor (DSP) , an application specific integrated circuit (ASIC) , a field programmable gate array (FPGA) or other programmable logic device, or any combination thereof. The logical blocks, units, and circuits can further include antennas and/or transceivers to communicate with various components within the network or within the device. A general-purpose processor can be a microprocessor, but in the alternative, the processor can be any conventional processor, controller, or state machine. A processor can also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other suitable configuration to perform the functions described herein. If implemented in software, the functions can be stored as one or more instructions or code on a computer-readable medium. Thus, the steps of a method or algorithm disclosed herein can be implemented as software stored on a computer-readable medium.
Computer-readable media includes both computer storage media and communication media including any medium that can be enabled to transfer a computer program or code from one place to another. A storage media can be any available media that can be accessed by a computer. By way of example, and not limitation, such computer-readable media can include RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to store desired program code in the form of instructions or data structures and that can be accessed by a computer.
In this document, the term "unit" as used herein, refers to software, firmware, hardware, and any combination of these elements for performing the associated functions described herein. Additionally, for purpose of discussion, the various units are described as discrete units; however, as would be apparent to one of ordinary skill in the art, two or more units may be combined to form a single unit that performs the associated functions according to embodiments of the present disclosure.
Additionally, memory or other storage, as well as communication components, may be employed in embodiments of the present disclosure. It will be appreciated that, for clarity purposes, the above description has described embodiments of the present disclosure with reference to different functional units and processors. However, it will be apparent that any suitable distribution of functionality between different functional units, processing logic elements or domains may be used without detracting from the present disclosure. For example, functionality illustrated to be performed by separate processing logic elements, or controllers, may be performed by the same processing logic element, or controller. Hence, references to specific functional units are only references to a suitable means for providing the described functionality, rather than indicative of a strict logical or physical structure or organization.
Various modifications to the implementations described in this disclosure will be readily apparent to those skilled in the art, and the general principles defined herein can be applied to other implementations without departing from the scope of the claims. Thus, the disclosure is not intended to be limited to the implementations shown herein, but is to be accorded the widest scope consistent with the novel features and principles disclosed herein, as recited in the claims below.

Claims (44)

  1. A wireless communication method comprising:
    transmitting, by a first wireless communication node to a wireless communication terminal, security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
  2. The wireless communication method of claim 1, wherein the security related information comprises at least one of:
    a key for the user plane connection;
    an identifier of a key for the user plane connection;
    a key derivation indicator indicating the wireless communication terminal to derive a key for the user plane connection; or
    an address of a management function managing a key for the user plane connection.
  3. The wireless communication method of claim 1 or 2, further comprising:
    receiving, by the first wireless communication node from the second wireless communication node, user plane information indicating the wireless communication terminal establishing the user plane connection between the wireless communication terminal and the second wireless communication node based on an identifier of the wireless communication terminal.
  4. The wireless communication method of any of claims 1 to 3, wherein the user plane connection is used for a position-related service, and the position-related service comprises positioning the wireless communication terminal.
  5. The wireless communication method of any of claims 1 to 4, wherein the user plane information comprises at least one of:
    an identifier of the wireless communication terminal;
    an identifier of the second wireless communication node;
    an identifier of a key for the user plane connection;
    a request for a key for the user plane connection;
    a key for the user plane connection; or
    an address of a management function managing a key for the user plane connection.
  6. The wireless communication method of any of claims 1 to 5, further comprising at least one of:
    transmitting, by the first wireless communication node to the second wireless communication node, a location management request comprising at least one of an identifier of the wireless communication terminal or an identifier of the first wireless communication node; or
    receiving, by the first wireless communication node from the second wireless communication node, a response for a location management request comprising at least one of an identifier of the wireless communication terminal or an identifier of the first wireless communication node.
  7. The wireless communication method of claim 6, wherein the location management request allows the second wireless communication node to store mapping information between the wireless communication terminal and the first wireless communication node.
  8. The wireless communication method of any of claims 1 to 7, further comprising:
    receiving, by the first wireless communication node from the second wireless communication node, an identifier of a key for the user plane connection; and
    transmitting, by the first wireless communication node to the wireless communication terminal, the identifier of the key for the user plane connection to allow the wireless communication terminal to use a key shared between the second wireless communication node and the wireless communication terminal as the key for the user plane connection.
  9. The wireless communication method of any of claims 1 to 7, further comprising:
    generating, by the first wireless communication node, a key for the user plane connection; and
    transmitting, by the first wireless communication node to the wireless communication terminal, an identifier of the key for the user plane connection and a key derivation indicator indicating the wireless communication terminal to derive the key for the user plane connection.
  10. The wireless communication method of claim 9, further comprising at least one of:
    receiving, by the first wireless communication node from the second wireless communication node, a request for the key for the user plane connection; or
    transmitting, by the first wireless communication node to the second wireless communication node, the key for the user plane connection and the identifier of the key for the user plane connection.
  11. The wireless communication method of claim 9 or 10, further comprising:
    generating, by the first wireless communication node, the key for the user plane connection according to at least one of: an uplink non-access stratum, NAS, count, a key for a communication between the first wireless communication node and the wireless communication terminal, a Subscription Permanent Identifier, SUPI, or an identifier of the second wireless communication node.
  12. The wireless communication method of any of claims 1 to 7, further comprising:
    receiving, by the first wireless communication node from the second wireless communication node, a key for the user plane connection and an identifier of the key for the user plane connection; and
    transmitting, by the first wireless communication node to the wireless communication terminal, the key for the user plane connection and the identifier of the key for the user plane connection.
  13. The wireless communication method of any of claims 1 to 7, further comprising:
    receiving, by the first wireless communication node from the second wireless communication node, a key for the user plane connection and an identifier of the key for the user plane connection, wherein the key for the user plane connection and the identifier of the key for the user plane connection are acquired from a management function; and
    transmitting, by the first wireless communication node to the wireless communication terminal, the key for the user plane connection and the identifier of the key for the user plane connection.
  14. The wireless communication method of any of claims 1 to 7, further comprising:
    receiving, by the first wireless communication node from the second wireless communication node, an identifier of a key for the user plane connection and an address of a management function managing the key for the user plane connection; and
    transmitting, by the first wireless communication node to the wireless communication terminal, the identifier of the key for the user plane connection and the address of the management function managing the key for the user plane connection to allow the wireless communication terminal to acquire the key for the user plane connection from the management function.
  15. A wireless communication method comprising:
    receiving, by a wireless communication terminal from a first wireless communication node, security related information; and
    establishing or updating, by the wireless communication terminal, a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
  16. The wireless communication method of claim 15, wherein the security related  information comprises at least one of:
    a key for the user plane connection;
    an identifier of a key for the user plane connection;
    a key derivation indicator indicating the wireless communication terminal to derive a key for the user plane connection; or
    an address of a management function managing a key for the user plane connection.
  17. The wireless communication method of claim 15 or 16, further comprising:
    receiving, by the wireless communication terminal from the second wireless communication node via the first wireless communication node, user plane information indicating the wireless communication terminal establishing the user plane connection between the wireless communication terminal and the second wireless communication node.
  18. The wireless communication method of any of claims 15 to 17, wherein the user plane connection is used for a position-related service, and the position-related service comprises positioning the wireless communication terminal.
  19. The wireless communication method of any of claims 15 to 18, wherein the user plane information comprises at least one of:
    an identifier of the wireless communication terminal;
    an identifier of the second wireless communication node;
    an identifier of a key for the user plane connection;
    a request for a key for the user plane connection;
    a key for the user plane connection; or
    an address of a management function managing a key for the user plane connection.
  20. The wireless communication method of any of claims 15 to 19, further comprising:
    receiving, by the wireless communication terminal from the second wireless communication node via the first wireless communication node, an identifier of a  key for the user plane connection; and
    establishing or updating, by the wireless communication terminal, the user plane connection based on a key shared between the second wireless communication node and the wireless communication terminal identified by the received identifier of the key.
  21. The wireless communication method of any of claims 15 to 19, further comprising:
    receiving, by the wireless communication terminal from the first wireless communication node, an identifier of the key for the user plane connection and a key derivation indicator indicating the wireless communication terminal to derive the key for the user plane connection.
    generating, by the first wireless communication node, a key for the user plane connection based on the key derivation indicator; and
    establishing or updating, by the wireless communication terminal, the user plane connection based on the generated key.
  22. The wireless communication method of claim 21, further comprising:
    generating, by the wireless communication terminal, the key for the user plane connection according to at least one of: an uplink non-access stratum, NAS, count, a key for a communication between the first wireless communication node and the wireless communication terminal, a Subscription Permanent Identifier, SUPI, or an identifier of the second wireless communication node.
  23. The wireless communication method of any of claims 15 to 19, further comprising:
    receiving, by the wireless communication terminal from the second wireless communication node via the first wireless communication node, a key for the user plane connection and an identifier of the key for the user plane connection; and
    establishing or updating, by the wireless communication terminal, the user plane connection based on the received key and the identifier of the key.
  24. The wireless communication method of any of claims 15 to 19, further comprising:
    receiving, by the wireless communication terminal from the second wireless communication node via the first wireless communication node, a key for the user plane connection and an identifier of the key for the user plane connection, wherein the key for the user plane connection and the identifier of the key for the user plane connection are acquired from a management function; and
    establishing or updating, by the wireless communication terminal, the user plane connection based on the received key and the identifier of the key.
  25. The wireless communication method of any of claims 15 to 19, further comprising:
    receiving, by the wireless communication terminal from the second wireless communication node via the first wireless communication node, an identifier of a key for the user plane connection and an address of a management function managing the key for the user plane connection;
    acquiring, by the wireless communication terminal from the management function, the key for the user plane connection based on the identifier of the key and the address of the management function; and
    establishing or updating, by the wireless communication terminal, the user plane connection based on the key and the identifier of the key.
  26. A wireless communication method comprising:
    transmitting, by a second wireless communication node to a first wireless communication node, a request message to request the first wireless communication node transmitting to a wireless communication terminal security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and the second wireless communication node, wherein the user plane connection is protected based on the security related information.
  27. The wireless communication method of claim 26, wherein the security related  information comprises at least one of:
    a key for the user plane connection;
    an identifier of a key for the user plane connection;
    a key derivation indicator indicating the wireless communication terminal to derive a key for the user plane connection; or
    an address of a management function managing a key for the user plane connection.
  28. The wireless communication method of claim 26 or 27, further comprising:
    transmitting, by the second wireless communication node to the first wireless communication node, user plane information indicating the wireless communication terminal establishing the user plane connection between the wireless communication terminal and the second wireless communication node based on an identifier of the wireless communication terminal.
  29. The wireless communication method of any of claims 26 to 28, wherein the user plane connection is used for a position-related service, and the position-related service comprises positioning the wireless communication terminal.
  30. The wireless communication method of any of claims 26 to 29, wherein the user plane information comprises at least one of:
    an identifier of the wireless communication terminal;
    an identifier of the second wireless communication node;
    an identifier of a key for the user plane connection;
    a request for a key for the user plane connection;
    a key for the user plane connection; or
    an address of a management function managing a key for the user plane connection.
  31. The wireless communication method of any of claims 26 to 30, further comprising at least one of:
    receiving, by the second wireless communication node from the first wireless  communication node, a location management request comprising at least one of an identifier of the wireless communication terminal or an identifier of the first wireless communication node; or
    transmitting, by the second wireless communication node to the first wireless communication node, a response for a location management request comprising at least one of an identifier of the wireless communication terminal or an identifier of the first wireless communication node.
  32. The wireless communication method of claim 31, wherein the location management request allows the second wireless communication node to store mapping information between the wireless communication terminal and the first wireless communication node.
  33. The wireless communication method of any of claims 26 to 32, further comprising:
    transmitting, by the second wireless communication node to the wireless communication terminal via the first wireless communication node, an identifier of a key for the user plane connection to allow the wireless communication terminal to establish or update the user plane connection based on a key shared between the second wireless communication node and the wireless communication terminal identified by the transmitted identifier of the key.
  34. The wireless communication method of any of claims 26 to 32, further comprising:
    transmitting, by the second wireless communication node to the first wireless communication node, a request for the key for the user plane connection to allow the first wireless communication node to generate the key for the user plane connection and transmit an identifier of the key and a key derivation indicator to the wireless communication terminal indicating the wireless communication terminal to derive the key for the user plane connection; and
    receiving, by the second wireless communication node from the first wireless communication node, the key for the user plane connection and the identifier of  the key for the user plane connection.
  35. The wireless communication method of any of claims 26 to 32, further comprising:
    transmitting, by the second wireless communication node to the wireless communication terminal via the first wireless communication node, a key for the user plane connection and an identifier of the key to allow the wireless communication terminal to establish or update the user plane connection based on the key and the identifier of the key.
  36. The wireless communication method of any of claims 26 to 32, further comprising:
    acquiring, by the second wireless communication node from a management function, a key for the user plane connection and an identifier of the key based on at least one of an identifier of the second wireless communication node or an identifier of the wireless communication terminal; and
    transmitting, by the second wireless communication node to the wireless communication terminal via the first wireless communication node, the key for the user plane connection and the identifier of the key for the user plane connection to allow the wireless communication terminal to establish or update the user plane connection based on the key and the identifier of the key.
  37. The wireless communication method of any of claims 26 to 32, further comprising:
    acquiring, by the second wireless communication node from a management function, a key for the user plane connection and an identifier of the key based on at least one of an identifier of the second wireless communication node or an identifier of the wireless communication terminal; and
    transmitting, by the second wireless communication node to the wireless communication terminal via the first wireless communication node, the identifier of the key for the user plane connection and an address of the management function managing the key for the user plane connection to allow the wireless communication terminal to acquire the key for the user plane connection from the  management function.
  38. A first wireless communication node, comprising:
    a communication unit; and
    a processor configured to: transmit, through the communication unit to a wireless communication terminal, security related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
  39. The first wireless communication node of claim 38, wherein the processor is further configured to perform a wireless communication method of any of claims 2 to 14.
  40. A wireless communication terminal, comprising:
    a communication unit; and
    a processor configured to: receive, via the communication unit from a first wireless communication node, security related information; and establish or update a user plane connection between the wireless communication terminal and a second wireless communication node, wherein the user plane connection is protected based on the security related information.
  41. The wireless communication terminal of claim 40, wherein the processor is further configured to perform a wireless communication method of any of claims 16 to 25.
  42. A second wireless communication node, comprising:
    a communication unit; and
    a processor configured to: transmit, via the communication unit to a first wireless communication node, a request message to request the first wireless communication node transmitting to a wireless communication terminal security  related information to allow the wireless communication terminal to establish or update a user plane connection between the wireless communication terminal and the second wireless communication node, wherein the user plane connection is protected based on the security related information.
  43. The second wireless communication node of claim 42, wherein the processor is further configured to perform a wireless communication method of any of claims 27 to 37.
  44. A computer program product comprising a computer-readable program medium code stored thereupon, the code, when executed by a processor, causing the processor to implement a wireless communication method recited in any one of claims 1 to 37.
PCT/CN2023/108190 2023-07-19 2023-07-19 Method, device and computer program product for wireless communication WO2024156175A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2023/108190 WO2024156175A1 (en) 2023-07-19 2023-07-19 Method, device and computer program product for wireless communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2023/108190 WO2024156175A1 (en) 2023-07-19 2023-07-19 Method, device and computer program product for wireless communication

Publications (1)

Publication Number Publication Date
WO2024156175A1 true WO2024156175A1 (en) 2024-08-02

Family

ID=91969909

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/108190 WO2024156175A1 (en) 2023-07-19 2023-07-19 Method, device and computer program product for wireless communication

Country Status (1)

Country Link
WO (1) WO2024156175A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112073176A (en) * 2019-06-11 2020-12-11 大唐移动通信设备有限公司 Key updating method and device
WO2022082667A1 (en) * 2020-10-22 2022-04-28 华为技术有限公司 Method and apparatus for secure transmission of data

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112073176A (en) * 2019-06-11 2020-12-11 大唐移动通信设备有限公司 Key updating method and device
WO2022082667A1 (en) * 2020-10-22 2022-04-28 华为技术有限公司 Method and apparatus for secure transmission of data

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 5G System (5GS) Location Services (LCS); Stage 2 (Release 18)", 3GPP TS 23.273, no. V18.2.0, 21 June 2023 (2023-06-21), pages 1 - 164, XP052408934 *
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Study on enhancement to the 5GC LoCation Services (LCS); Phase 3 (Release 18)", 3GPP TR 23.700-71, no. V18.0.0, 21 December 2022 (2022-12-21), pages 1 - 161, XP052234770 *

Similar Documents

Publication Publication Date Title
US12081966B2 (en) Capability of positioning service level for wireless device
KR101073282B1 (en) User plane based location service (LCS) system, method and apparatus
EP3962136A1 (en) Management of access tokens in communication networks
EP1623596B1 (en) Apparatus and method for providing location information
US8019361B2 (en) Provision of location information
US12170899B2 (en) Secure inter-mobile network communication
US20230022005A1 (en) Location Management
EP4118898B1 (en) Handover
US10820231B2 (en) Systems and methods for APN based CoS and QoS control for network services
JP2004517573A (en) How to call privacy on a communication network
WO2022241704A1 (en) Method, device, and system for core network device re-allocation in wireless network
US20240007983A1 (en) Method, device, and system for core network device re-allocation in wireless network
US20080120694A1 (en) Multi-access authentication in communication system
US20240292186A1 (en) Method for location service in edge computing
WO2023041159A1 (en) Apparatus, method, and computer program
WO2024213325A1 (en) Method, apparatus and computer program
WO2024156175A1 (en) Method, device and computer program product for wireless communication
WO2024169126A1 (en) Method, device and computer program product for wireless communication
WO2024156174A1 (en) Method, device and computer program product for wireless communication
WO2023015570A1 (en) Method for location service in edge computing
WO2023004693A1 (en) Method, device and computer program product for wireless communication
WO2024159654A1 (en) Method for selecting/reselecting edge computing traffic routing
US20250119732A1 (en) Encryption key transfer method and device for roaming users in communication networks
WO2024168472A1 (en) Wireless method and device thereof
JP2025510744A (en) Licensing method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23918176

Country of ref document: EP

Kind code of ref document: A1