WO2024164333A1

WO2024164333A1 - Key distribution method and apparatus, communication device, and storage medium

Info

Publication number: WO2024164333A1
Application number: PCT/CN2023/075520
Authority: WO
Inventors: 陆伟
Original assignee: 北京小米移动软件有限公司
Priority date: 2023-02-10
Filing date: 2023-02-10
Publication date: 2024-08-15
Also published as: CN116349267A

Abstract

Embodiments of the present disclosure provide a key distribution method. The method is executed by a terminal. The method comprises: sending first request information to a first network function, wherein the first request information is used for requesting to acquire a key for the terminal to broadcast sidelink positioning protocol (SLPP) signaling or receive the broadcasted SLPP signaling in sidelink (SL) communication. Here, the terminal sends, to the first network function, a request for acquiring a key for the terminal to broadcast SLPP signaling or receive the broadcasted SLPP signaling in SL communication, so that the key can be acquired, and encryption and integrity protection of data to be transmitted are performed on the basis of the key, thereby ensuring the security of data transmission.

Description

Key distribution method, device, communication equipment and storage medium

Technical Field

本公开涉及无线通信技术领域但不限于无线通信技术领域，尤其涉及一种密钥分发方法、装置、通信设备及存储介质。The present disclosure relates to the field of wireless communication technology but is not limited to the field of wireless communication technology, and in particular to a key distribution method, device, communication equipment and storage medium.

Background Art

在无线通信技术中，对于测距或者侧行链路(SL，Sidelink)定位服务，采用广播方式发送部分SL定位信令是可行的。由于SL定位能力和SL定位辅助数据是用于获得测距结果的信息，需要受到完整性保护以确保不被篡改。SL定位能力和位置信息关系到所涉及的终端的隐私，需要对其进行加密以保护终端的隐私。因此，在启用SL定位广播方式后，如何提供安全密钥并对广播消息进行完整性保护和加密是需要考虑的问题。In wireless communication technology, for ranging or sidelink (SL) positioning services, it is feasible to send part of the SL positioning signaling by broadcasting. Since SL positioning capability and SL positioning assistance data are information used to obtain ranging results, they need to be integrity protected to ensure that they are not tampered with. SL positioning capability and location information are related to the privacy of the terminals involved, and they need to be encrypted to protect the privacy of the terminals. Therefore, after enabling the SL positioning broadcast mode, how to provide security keys and perform integrity protection and encryption on the broadcast messages is a problem that needs to be considered.

发明内容Summary of the invention

本公开实施例公开了一种密钥分发方法、装置、通信设备及存储介质。The embodiments of the present disclosure disclose a key distribution method, apparatus, communication equipment and storage medium.

根据本公开实施例的第一方面，提供一种密钥分发方法，其中，所述方法由终端执行，所述方法包括：According to a first aspect of an embodiment of the present disclosure, a key distribution method is provided, wherein the method is executed by a terminal, and the method includes:

向第一网络功能发送第一请求信息；Sending first request information to the first network function;

其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播侧行链路定位协议SLPP信令或者接收广播的SLPP信令的密钥；所述第一网络功能为所述终端当前所在网络的网络功能。Among them, the first request information is used to request to obtain the key of the terminal broadcasting the side link positioning protocol SLPP signaling or receiving the broadcast SLPP signaling in the side link SL communication; the first network function is the network function of the network where the terminal is currently located.

根据本公开实施例的第二方面，提供一种密钥分发方法，其中，所述方法由第一网络功能执行，所述方法包括：According to a second aspect of an embodiment of the present disclosure, a key distribution method is provided, wherein the method is performed by a first network function, and the method includes:

接收终端发送的第一请求信息；Receiving first request information sent by a terminal;

其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。The first request information is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication.

根据本公开实施例的第三方面，提供一种密钥分发方法，其中，所述方法由第二网络功能或者第三网络功能执行，所述方法包括：According to a third aspect of an embodiment of the present disclosure, a key distribution method is provided, wherein the method is performed by a second network function or a third network function, and the method includes:

向第四网络功能发送第三请求信息；sending third request information to the fourth network function;

其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。The third request information indicates a key for requesting to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication.

根据本公开实施例的第四方面，提供一种密钥分发方法，其中，所述方法由第四网络功能执行，所述方法包括：According to a fourth aspect of an embodiment of the present disclosure, a key distribution method is provided, wherein the method is performed by a fourth network function, and the method includes:

接收终端的第二网络功能或者第三网络功能发送的第三请求信息；receiving third request information sent by the second network function or the third network function of the terminal;

根据本公开实施例的第五方面，提供一种系统，其中，所述系统包括第一网络功能、第二网络功能、第三网络功能和第四网络功能中的至少之一；所述第一网络功能用于实现所述第一网络功能实现的方法；所述第二网络功能用于实现所述第二网络功能实现的方法；所述第三网络功能用于实现所述第三网络功能实现的方法。According to a fifth aspect of an embodiment of the present disclosure, a system is provided, wherein the system includes at least one of a first network function, a second network function, a third network function and a fourth network function; the first network function is used to implement a method for implementing the first network function; the second network function is used to implement a method for implementing the second network function; and the third network function is used to implement the method for implementing the third network function.

根据本公开实施例的第六方面，提供一种密钥分发装置，其中，所述装置包括：According to a sixth aspect of an embodiment of the present disclosure, a key distribution device is provided, wherein the device includes:

发送模块，被配置为向第一网络功能发送第一请求信息；A sending module, configured to send first request information to the first network function;

其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥；所述第一网络功能为所述终端当前所在网络的网络功能。The first request information is used to request the acquisition of the key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication; the first network function is the network function of the network where the terminal is currently located.

根据本公开实施例的第七方面，提供一种密钥分发装置，其中，所述装置包括：According to a seventh aspect of an embodiment of the present disclosure, a key distribution device is provided, wherein the device includes:

接收模块，被配置为接收终端发送的第一请求信息；A receiving module, configured to receive first request information sent by a terminal;

根据本公开实施例的第八方面，提供一种密钥分发装置，其中，所述装置包括：According to an eighth aspect of an embodiment of the present disclosure, a key distribution device is provided, wherein the device includes:

发送模块，被配置为向第四网络功能发送第三请求信息； a sending module, configured to send third request information to the fourth network function;

根据本公开实施例的第九方面，提供一种密钥分发装置，其中，所述装置包括：According to a ninth aspect of an embodiment of the present disclosure, a key distribution device is provided, wherein the device includes:

接收模块，被配置为接收终端的第二网络功能或者第三网络功能发送的第三请求信息；a receiving module, configured to receive third request information sent by the second network function or the third network function of the terminal;

根据本公开实施例的第十方面，提供一种通信设备，所述通信设备，包括：According to a tenth aspect of an embodiment of the present disclosure, a communication device is provided, the communication device including:

处理器；processor;

用于存储所述处理器可执行指令的存储器；a memory for storing instructions executable by the processor;

其中，所述处理器被配置为：用于运行所述可执行指令时，实现本公开任意实施例所述的方法。The processor is configured to implement the method described in any embodiment of the present disclosure when running the executable instructions.

根据本公开实施例的第十一方面，提供一种计算机存储介质，所述计算机存储介质存储有计算机可执行程序，所述可执行程序被处理器执行时实现本公开任意实施例所述的方法。According to an eleventh aspect of the embodiments of the present disclosure, a computer storage medium is provided, wherein the computer storage medium stores a computer executable program, and when the executable program is executed by a processor, the method described in any embodiment of the present disclosure is implemented.

在本公开实施例中，向第一网络功能发送第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播侧行链路定位协议SLPP信令或者接收广播的SLPP信令的密钥；所述第一网络功能为所述终端当前所在网络的网络功能。这里，所述终端向所述第一网络功能发送了用于请求获取在侧行链路SL通信中所述终端广播侧行链路定位协议SLPP信令或者接收广播的SLPP信令的密钥，如此，可以获取所述密钥，基于所述密钥执行待传输数据的加密和完整性保护，从而可以确保数据的传输安全。In an embodiment of the present disclosure, a first request message is sent to a first network function; wherein the first request message is used to request the acquisition of a key for the terminal to broadcast the sidelink positioning protocol SLPP signaling or receive the broadcast SLPP signaling in the sidelink SL communication; the first network function is a network function of the network where the terminal is currently located. Here, the terminal sends a message to the first network function to request the acquisition of a key for the terminal to broadcast the sidelink positioning protocol SLPP signaling or receive the broadcast SLPP signaling in the sidelink SL communication, so that the key can be obtained, and encryption and integrity protection of the data to be transmitted can be performed based on the key, thereby ensuring the security of data transmission.

BRIEF DESCRIPTION OF THE DRAWINGS

图1是根据一示例性实施例示出的一种无线通信系统的结构示意图。Fig. 1 is a schematic structural diagram of a wireless communication system according to an exemplary embodiment.

图2是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 2 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图3是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 3 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图4是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 4 is a schematic flow chart showing a key distribution method according to an exemplary embodiment.

图5是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 5 is a schematic flow chart showing a key distribution method according to an exemplary embodiment.

图6是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 6 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图7是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 7 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图8是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 8 is a schematic flow chart showing a key distribution method according to an exemplary embodiment.

图9是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 9 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图10是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 10 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图11是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 11 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图12是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 12 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图13是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 13 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图14是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 14 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图15是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 15 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图16是根据一示例性实施例示出的一种系统的示意图。Fig. 16 is a schematic diagram of a system according to an exemplary embodiment.

图17是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 17 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图18是根据一示例性实施例示出的一种密钥分发方法的流程示意图。Fig. 18 is a schematic flow chart of a key distribution method according to an exemplary embodiment.

图19是根据一示例性实施例示出的一种密钥分发装置的示意图。Fig. 19 is a schematic diagram of a key distribution device according to an exemplary embodiment.

图20是根据一示例性实施例示出的一种密钥分发装置的示意图。Fig. 20 is a schematic diagram of a key distribution device according to an exemplary embodiment.

图21是根据一示例性实施例示出的一种密钥分发装置的示意图。Fig. 21 is a schematic diagram of a key distribution device according to an exemplary embodiment.

图22是根据一示例性实施例示出的一种密钥分发装置的示意图。Fig. 22 is a schematic diagram of a key distribution device according to an exemplary embodiment.

图23是根据一示例性实施例示出的一种终端的结构示意图。Fig. 23 is a schematic diagram showing the structure of a terminal according to an exemplary embodiment.

图24是根据一示例性实施例示出的一种基站的框图。Fig. 24 is a block diagram of a base station according to an exemplary embodiment.

DETAILED DESCRIPTION

这里将详细地对示例性实施例进行说明，其示例表示在附图中。下面的描述涉及附图时，除非另有表示，不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本公开实施例相一致的所有实施方式。相反，它们仅是与如所附权利要求书中所详述的、本公开实施例的一些方面相一致的装置和方法的例子。Exemplary embodiments will now be described in detail, examples of which are shown in the accompanying drawings. , and the same numbers in different drawings represent the same or similar elements. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the embodiments of the present disclosure. Instead, they are only examples of devices and methods consistent with some aspects of the embodiments of the present disclosure as detailed in the attached claims.

在本公开实施例使用的术语是仅仅出于描述特定实施例的目的，而非旨在限制本公开实施例。在本公开实施例和所附权利要求书中所使用的单数形式的“一种”和“该”也旨在包括多数形式，除非上下文清楚地表示其他含义。还应当理解，本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。The terms used in the disclosed embodiments are only for the purpose of describing specific embodiments and are not intended to limit the disclosed embodiments. The singular forms of "a" and "the" used in the disclosed embodiments and the appended claims are also intended to include plural forms unless the context clearly indicates other meanings. It should also be understood that the term "and/or" used herein refers to and includes any or all possible combinations of one or more associated listed items.

应当理解，尽管在本公开实施例可能采用术语第一、第二、第三等来描述各种信息，但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如，在不脱离本公开实施例范围的情况下，第一信息也可以被称为第二信息，类似地，第二信息也可以被称为第一信息。取决于语境，如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。It should be understood that although the terms first, second, third, etc. may be used to describe various information in the disclosed embodiments, these information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other. For example, without departing from the scope of the disclosed embodiments, the first information may also be referred to as the second information, and similarly, the second information may also be referred to as the first information. Depending on the context, the word "if" as used herein may be interpreted as "at the time of" or "when" or "in response to determining".

出于简洁和便于理解的目的，本文在表征大小关系时，所使用的术语为“大于”或“小于”。但对于本领域技术人员来说，可以理解：术语“大于”也涵盖了“大于等于”的含义，“小于”也涵盖了“小于等于”的含义。For the purpose of brevity and ease of understanding, the terms "greater than" or "less than" are used herein to characterize size relationships. However, those skilled in the art can understand that the term "greater than" also covers the meaning of "greater than or equal to", and "less than" also covers the meaning of "less than or equal to".

请参考图1，其示出了本公开实施例提供的一种无线通信系统的结构示意图。如图1所示，无线通信系统是基于移动通信技术的通信系统，该无线通信系统可以包括：若干个用户设备110以及若干个基站120。Please refer to FIG1 , which shows a schematic diagram of the structure of a wireless communication system provided by an embodiment of the present disclosure. As shown in FIG1 , the wireless communication system is a communication system based on mobile communication technology, and the wireless communication system may include: a plurality of user equipments 110 and a plurality of base stations 120 .

其中，用户设备110可以是向用户提供语音和/或数据连通性的设备。用户设备110可以经无线接入网(Radio Access Network，RAN)与一个或多个核心网进行通信，用户设备110可以是物联网用户设备，如传感器设备、移动电话和具有物联网用户设备的计算机，例如，可以是固定式、便携式、袖珍式、手持式、计算机内置的或者车载的装置。例如，站(Station，STA)、订户单元(subscriber unit)、订户站(subscriber station)，移动站(mobile station)、移动台(mobile)、远程站(remote station)、接入点、远程用户设备(remote terminal)、接入用户设备(access terminal)、用户装置(user terminal)、用户代理(user agent)、用户设备(user device)、或用户设备(user equipment)。或者，用户设备110也可以是无人飞行器的设备。或者，用户设备110也可以是车载设备，比如，可以是具有无线通信功能的行车电脑，或者是外接行车电脑的无线用户设备。或者，用户设备110也可以是路边设备，比如，可以是具有无线通信功能的路灯、信号灯或者其它路边设备等。The user equipment 110 may be a device that provides voice and/or data connectivity to a user. The user equipment 110 may communicate with one or more core networks via a radio access network (RAN). The user equipment 110 may be an IoT user equipment, such as a sensor device, a mobile phone, and a computer with an IoT user equipment. For example, it may be a fixed, portable, pocket-sized, handheld, computer-built-in, or vehicle-mounted device. For example, a station (STA), a subscriber unit, a subscriber station, a mobile station, a mobile station, a remote station, an access point, a remote terminal, an access terminal, a user terminal, a user agent, a user device, or a user equipment. Alternatively, the user equipment 110 may also be a device of an unmanned aerial vehicle. Alternatively, the user device 110 may be a vehicle-mounted device, such as a driving computer with wireless communication function, or a wireless user device connected to a driving computer. Alternatively, the user device 110 may be a roadside device, such as a street lamp, a signal lamp, or other roadside device with wireless communication function.

基站120可以是无线通信系统中的网络侧设备。其中，该无线通信系统可以是第四代移动通信技术(the 4th generation mobile communication，4G)系统，又称长期演进(Long Term Evolution，LTE)系统；或者，该无线通信系统也可以是5G系统，又称新空口系统或5G NR系统。或者，该无线通信系统也可以是5G系统的再下一代系统。其中，5G系统中的接入网可以称为NG-RAN(New Generation-Radio Access Network，新一代无线接入网)。The base station 120 may be a network-side device in a wireless communication system. The wireless communication system may be a fourth generation mobile communication technology (4G) system, also known as a long term evolution (LTE) system; or, the wireless communication system may be a 5G system, also known as a new air interface system or a 5G NR system. Alternatively, the wireless communication system may be a next generation system of the 5G system. The access network in the 5G system may be called NG-RAN (New Generation-Radio Access Network).

其中，基站120可以是4G系统中采用的演进型基站(eNB)。或者，基站120也可以是5G系统中采用集中分布式架构的基站(gNB)。当基站120采用集中分布式架构时，通常包括集中单元(central unit，CU)和至少两个分布单元(distributed unit，DU)。集中单元中设置有分组数据汇聚协议(Packet Data Convergence Protocol，PDCP)层、无线链路层控制协议(Radio Link Control，RLC)层、媒体访问控制(Media Access Control，MAC)层的协议栈；分布单元中设置有物理(Physical，PHY)层协议栈，本公开实施例对基站120的具体实现方式不加以限定。Among them, the base station 120 can be an evolved base station (eNB) adopted in the 4G system. Alternatively, the base station 120 can also be a base station (gNB) adopting a centralized distributed architecture in the 5G system. When the base station 120 adopts a centralized distributed architecture, it usually includes a centralized unit (central unit, CU) and at least two distributed units (distributed units, DU). The centralized unit is provided with a packet data convergence protocol (Packet Data Convergence Protocol, PDCP) layer, a radio link layer control protocol (Radio Link Control, RLC) layer, and a media access control (Media Access Control, MAC) layer protocol stack; the distributed unit is provided with a physical (Physical, PHY) layer protocol stack. The specific implementation method of the base station 120 is not limited in the embodiment of the present disclosure.

基站120和用户设备110之间可以通过无线空口建立无线连接。在不同的实施方式中，该无线空口是基于第四代移动通信网络技术(4G)标准的无线空口；或者，该无线空口是基于第五代移动通信网络技术(5G)标准的无线空口，比如该无线空口是新空口；或者，该无线空口也可以是基于5G的更下一代移动通信网络技术标准的无线空口。A wireless connection may be established between the base station 120 and the user equipment 110 via a wireless air interface. In different implementations, the wireless air interface is a wireless air interface based on the fourth generation mobile communication network technology (4G) standard; or, the wireless air interface is a wireless air interface based on the fifth generation mobile communication network technology (5G) standard, for example, the wireless air interface is a new air interface; or, the wireless air interface may also be a wireless air interface based on the next generation mobile communication network technology standard of 5G.

在一些实施例中，用户设备110之间还可以建立E2E(End to End，端到端)连接。比如车联网通信(vehicle to everything，V2X)中的V2V(vehicle to vehicle，车对车)通信、V2I(vehicle to Infrastructure，车对路边设备)通信和V2P(vehicle to pedestrian，车对人)通信等场景。In some embodiments, an E2E (End to End) connection may also be established between the user devices 110. For example, in vehicle-to-everything (V2X) communication, V2V (vehicle to vehicle) communication, V2I (vehicle to Infrastructure) communication, and V2P (vehicle to pedestrian) communication, etc.

这里，上述用户设备可认为是下面实施例的终端设备。Here, the above user equipment can be considered as the terminal equipment in the following embodiments.

在一些实施例中，上述无线通信系统还可以包含网络管理设备130。 In some embodiments, the wireless communication system may further include a network management device 130 .

若干个基站120分别与网络管理设备130相连。其中，网络管理设备130可以是无线通信系统中的核心网设备，比如，该网络管理设备130可以是演进的数据分组核心网(Evolved Packet Core，EPC)中的移动性管理实体(Mobility Management Entity，MME)。或者，该网络管理设备也可以是其它的核心网设备，比如服务网关(Serving GateWay，SGW)、公用数据网网关(Public Data Network GateWay，PGW)、策略与计费规则功能单元(Policy and Charging Rules Function，PCRF)或者归属签约用户服务器(Home Subscriber Server，HSS)等。对于网络管理设备130的实现形态，本公开实施例不做限定。Several base stations 120 are respectively connected to a network management device 130. The network management device 130 may be a core network device in a wireless communication system, for example, the network management device 130 may be a mobility management entity (MME) in an evolved packet core (EPC). Alternatively, the network management device may also be other core network devices, such as a serving gateway (SGW), a public data network gateway (PGW), a policy and charging rules function (PCRF), or a home subscriber server (HSS). The embodiments of the present disclosure do not limit the implementation form of the network management device 130.

为了便于本领域内技术人员理解，本公开实施例列举了多个实施方式以对本公开实施例的技术方案进行清晰地说明。当然，本领域内技术人员可以理解，本公开实施例提供的多个实施例，可以被单独执行，也可以与本公开实施例中其他实施例的方法结合后一起被执行，还可以单独或结合后与其他相关技术中的一些方法一起被执行；本公开实施例并不对此作出限定。In order to facilitate the understanding of those skilled in the art, the embodiments of the present disclosure list multiple implementation methods to clearly illustrate the technical solutions of the embodiments of the present disclosure. Of course, those skilled in the art can understand that the multiple embodiments provided by the embodiments of the present disclosure can be executed separately, or can be executed together with the methods of other embodiments of the embodiments of the present disclosure, or can be executed together with some methods in other related technologies separately or in combination; the embodiments of the present disclosure do not limit this.

如图2所示，本实施例中提供一种密钥分发方法，其中，所述方法由终端执行，所述方法包括：As shown in FIG. 2 , this embodiment provides a key distribution method, wherein the method is executed by a terminal, and the method includes:

步骤21、向第一网络功能发送第一请求信息；Step 21: Sending a first request message to the first network function;

这里，本公开所涉及的终端可以是但不限于是手机、可穿戴设备、车载终端、路侧单元(RSU，Road Side Unit)、智能家居终端、工业用传感设备和/或医疗设备等。在一些实施例中，该终端可以是Redcap终端或者预定版本的新空口NR终端(例如，R17的NR终端)。Here, the terminal involved in the present disclosure may be, but is not limited to, a mobile phone, a wearable device, a vehicle-mounted terminal, a road side unit (RSU, Road Side Unit), a smart home terminal, an industrial sensor device and/or a medical device, etc. In some embodiments, the terminal may be a Redcap terminal or a predetermined version of a new air interface NR terminal (for example, an R17 NR terminal).

本公开中的第一网络功能可以是接入和移动性管理功能(AMF，Access and Mobility Management Function)，但不限于是AMF。本公开中的第二网络功能可以是策略控制功能(PCF，Policy Control Function)，但不限于是PCF。本公开中的第三网络功能可以是定位管理功能(LMF，Location Management Function)，但不限于是LMF。本公开中的第四网络功能可以是中心密钥管理功能，但不限于是中心密钥管理功能。The first network function in the present disclosure may be an access and mobility management function (AMF), but is not limited to AMF. The second network function in the present disclosure may be a policy control function (PCF), but is not limited to PCF. The third network function in the present disclosure may be a location management function (LMF), but is not limited to LMF. The fourth network function in the present disclosure may be a central key management function, but is not limited to a central key management function.

在一个实施例中，向第一网络功能发送第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播侧行链路定位协议(SLPP，Sidelink Position Procotol)信令或者接收广播的SLPP信令的密钥；所述第一请求信息指示所述终端的身份标识和请求获取所述密钥的指示符。In one embodiment, a first request message is sent to a first network function; wherein the first request message is used to request to obtain a key for the terminal to broadcast Sidelink Positioning Protocol (SLPP) signaling or receive broadcast SLPP signaling in a sidelink SL communication; the first request message indicates an identity of the terminal and an indicator for requesting to obtain the key.

在一个实施例中，通过注册请求消息向所述第一网络功能发送第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播侧行链路定位协议SLPP信令或者接收广播的SLPP信令的密钥。In one embodiment, a first request message is sent to the first network function via a registration request message; wherein the first request message is used to request a key for the terminal to broadcast the sidelink positioning protocol SLPP signaling or receive the broadcast SLPP signaling in the sidelink SL communication.

在一个实施例中，向第一网络功能发送第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播侧行链路定位协议SLPP信令或者接收广播的SLPP信令的密钥。接收所述第一网络功能发送的第一响应信息；其中，所述第一响应信息指示所述密钥。In one embodiment, a first request message is sent to a first network function, wherein the first request message is used to request to obtain a key for the terminal to broadcast a sidelink positioning protocol SLPP signaling or receive a broadcast SLPP signaling in a sidelink SL communication. A first response message sent by the first network function is received, wherein the first response message indicates the key.

在一个实施例中，向第一网络功能发送第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播侧行链路定位协议SLPP信令或者接收广播的SLPP信令的密钥。通过注册接受消息接收所述第一网络功能发送的所述第一响应信息。In one embodiment, a first request message is sent to a first network function, wherein the first request message is used to request a key for the terminal to broadcast a sidelink positioning protocol SLPP signaling or receive a broadcast SLPP signaling in a sidelink SL communication. The first response message sent by the first network function is received through a registration acceptance message.

本公开实施例中，向第一网络功能发送第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播侧行链路定位协议SLPP信令或者接收广播的SLPP信令的密钥。这里，所述终端向第一网络功能发送了用于请求获取在侧行链路SL通信中所述终端广播侧行链路定位协议SLPP信令或者接收广播的SLPP信令的密钥，如此，可以获取所述密钥，基于所述密钥执行待传输数据的加密和完整性保护，从而可以确保数据的传输安全。In the embodiment of the present disclosure, a first request message is sent to a first network function; wherein the first request message is used to request the acquisition of a key for the terminal to broadcast a sidelink positioning protocol SLPP signaling or receive a broadcast SLPP signaling in the sidelink SL communication. Here, the terminal sends a key to the first network function for requesting the terminal to broadcast a sidelink positioning protocol SLPP signaling or receive a broadcast SLPP signaling in the sidelink SL communication, so that the key can be obtained, and encryption and integrity protection of the data to be transmitted are performed based on the key, thereby ensuring the security of data transmission.

需要说明的是，本领域内技术人员可以理解，本公开实施例提供的方法，可以被单独执行，也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。It should be noted that those skilled in the art can understand that the method provided in the embodiments of the present disclosure can be executed alone or together with some methods in the embodiments of the present disclosure or some methods in related technologies.

如图3所示，本实施例中提供一种密钥分发方法，其中，所述方法由终端执行，所述方法包括：As shown in FIG3 , this embodiment provides a key distribution method, wherein the method is executed by a terminal and includes:

步骤31、接收所述第一网络功能发送的第一响应信息；Step 31: receiving a first response message sent by the first network function;

其中，所述第一响应信息指示在侧行链路SL通信中所述终端广播侧行链路定位协议SLPP信令或者接收广播的SLPP信令的密钥。 The first response information indicates a key for the terminal to broadcast Sidelink Positioning Protocol SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication.

在一个实施例中，向第一网络功能发送第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播侧行链路定位协议SLPP信令或者接收广播的SLPP信令的密钥；所述第一请求信息指示所述终端的身份标识和请求获取所述密钥的指示符；所述第一网络功能为所述终端当前所在网络的网络功能。In one embodiment, a first request message is sent to a first network function; wherein the first request message is used to request the acquisition of a key for the terminal to broadcast a sidelink positioning protocol SLPP signaling or receive a broadcast SLPP signaling in a sidelink SL communication; the first request message indicates the identity of the terminal and an indicator for requesting the acquisition of the key; the first network function is a network function of the network where the terminal is currently located.

如图4所示，本实施例中提供一种密钥分发方法，其中，所述方法由第一网络功能执行，所述方法包括：As shown in FIG. 4 , this embodiment provides a key distribution method, wherein the method is performed by a first network function, and the method includes:

步骤41、接收终端发送的第一请求信息；Step 41, receiving first request information sent by the terminal;

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥；所述第一请求信息指示所述终端的身份标识和请求获取所述密钥的指示符。In one embodiment, a first request message sent by a terminal is received; wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication; the first request message indicates the identity of the terminal and an indicator for requesting to obtain the key.

在一个实施例中，通过注册请求消息接收所述终端发送的所述第一请求信息；；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。In one embodiment, the first request information sent by the terminal is received through a registration request message; wherein the first request information is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。确定是否允许所述终端广播所述SLPP信令或者接收广播的所述SLPP信令。In one embodiment, a first request message sent by a terminal is received; wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in sidelink SL communication. Determine whether to allow the terminal to broadcast the SLPP signaling or receive the broadcast SLPP signaling.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。基于终端签约信息，确定是否允许所述终端广播所述SLPP信令或者接收广播的所述SLPP信令。In one embodiment, a first request message sent by a receiving terminal is used to request a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication. Based on the terminal subscription information, it is determined whether the terminal is allowed to broadcast the SLPP signaling or receive the broadcast SLPP signaling.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。向第二网络功能发送第二请求信息；其中，所述第二请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥；所述第二网络功能为所述终端当前所在网络的网络功能。In one embodiment, a first request message sent by a terminal is received; wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication. A second request message is sent to a second network function; wherein the second request message indicates a key for requesting to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication; and the second network function is a network function of the network where the terminal is currently located.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。向第二网络功能发送第二请求信息；其中，所述第二请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥；所述第二请求信息指示所述终端的身份标识和请求获取所述密钥的指示符。In one embodiment, a first request message sent by a receiving terminal is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication. A second request message is sent to a second network function; wherein the second request message indicates a key for requesting to obtain a key for the terminal to broadcast SLPP signaling in a sidelink SL communication. Or receive a key of a broadcast SLPP signaling; the second request information indicates the identity of the terminal and an indicator requesting to obtain the key.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。确定是否允许所述终端广播所述SLPP信令或者接收广播的所述SLPP信令。响应于允许所述终端广播所述SLPP信令或者接收广播的所述SLPP信令，向第二网络功能发送第二请求信息；其中，所述第二请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。In one embodiment, a first request message sent by a receiving terminal is used to request the acquisition of a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication. Determine whether to allow the terminal to broadcast the SLPP signaling or receive the broadcast SLPP signaling. In response to allowing the terminal to broadcast the SLPP signaling or receive the broadcast SLPP signaling, a second request message is sent to a second network function; wherein the second request message indicates a key for requesting the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。确定是否允许所述终端广播所述SLPP信令或者接收广播的所述SLPP信令。响应于允许所述终端广播所述SLPP信令，向所述第二网络功能发送所述第二请求信息；或者，响应于允许所述终端接收广播的所述SLPP信令，向所述第二网络功能发送所述第二请求信息。In one embodiment, a first request message sent by a terminal is received; wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in sidelink SL communication. Determine whether to allow the terminal to broadcast the SLPP signaling or receive the broadcast SLPP signaling. In response to allowing the terminal to broadcast the SLPP signaling, send the second request message to the second network function; or, in response to allowing the terminal to receive the broadcast SLPP signaling, send the second request message to the second network function.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。向第二网络功能发送第二请求信息；其中，所述第二请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。接收第二网络功能或者第三网络功能发送的第二响应信息；其中，所述第二响应信息指示所述密钥。In one embodiment, a first request message sent by a terminal is received; wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication. A second request message is sent to a second network function; wherein the second request message indicates a key for requesting to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication. A second response message sent by the second network function or a third network function is received; wherein the second response message indicates the key.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。通过通知消息(例如，Nlmf_Broadcast_CipheringKeyData)接收所述第三网络功能发送的所述第二响应信息；其中，所述第二响应信息指示所述密钥。In one embodiment, a first request message sent by a terminal is received; wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in sidelink SL communication. The second response message sent by the third network function is received through a notification message (e.g., Nlmf_Broadcast_CipheringKeyData); wherein the second response message indicates the key.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。向第二网络功能发送第二请求信息；其中，所述第二请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。接收第二网络功能或者第三网络功能发送的第二响应信息；其中，所述第二响应信息指示所述密钥。存储所述密钥。In one embodiment, a first request message sent by a terminal is received; wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication. A second request message is sent to a second network function; wherein the second request message indicates a key for requesting to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication. A second response message sent by the second network function or a third network function is received; wherein the second response message indicates the key. The key is stored.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。向所述终端发送第一响应信息；其中，所述第一响应信息指示所述密钥。In one embodiment, a first request message sent by a terminal is received, wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in sidelink SL communication. A first response message is sent to the terminal, wherein the first response message indicates the key.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。通过注册接受消息向所述终端发送所述第一响应信息；其中，所述第一响应信息指示所述密钥。In one embodiment, a first request message sent by a terminal is received; wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in sidelink SL communication. The first response message is sent to the terminal through a registration acceptance message; wherein the first response message indicates the key.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。确定是否允许所述终端广播所述SLPP信令或者接收广播的所述SLPP信令。响应于确定允许所述终端广播所述SLPP信令，向所述终端发送所述第一响应信息；或者，响应于确定允许所述终端接收广播的所述SLPP信令，向所述终端发送所述第一响应信息。In one embodiment, a first request message sent by a terminal is received; wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in sidelink SL communication. Determine whether to allow the terminal to broadcast the SLPP signaling or receive the broadcast SLPP signaling. In response to determining that the terminal is allowed to broadcast the SLPP signaling, send the first response message to the terminal; or, in response to determining that the terminal is allowed to receive the broadcast SLPP signaling, send the first response message to the terminal.

如图5所示，本实施例中提供一种密钥分发方法，其中，所述方法由第一网络功能执行，所述方法包括：As shown in FIG5 , this embodiment provides a key distribution method, wherein the method is performed by a first network function, and the method includes:

步骤51、确定是否允许所述终端广播所述SLPP信令或者接收广播的所述SLPP信令。Step 51: Determine whether the terminal is allowed to broadcast the SLPP signaling or receive the broadcasted SLPP signaling.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。基于终端签约信息，确定是否允许所述终端广播所述SLPP信令或者接收广播的所述SLPP信令。In one embodiment, a first request message sent by a receiving terminal is received; wherein the first request message is used to request to obtain The key of the terminal broadcasting SLPP signaling or receiving the broadcast SLPP signaling in the link SL communication. Based on the terminal subscription information, determining whether the terminal is allowed to broadcast the SLPP signaling or receive the broadcast SLPP signaling.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。确定是否允许所述终端广播所述SLPP信令或者接收广播的所述SLPP信令。响应于允许所述终端广播所述SLPP信令或者接收广播的所述SLPP信令，向第二网络功能发送第二请求信息；其中，所述第二请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥；所述第二网络功能为所述终端当前所在网络的网络功能。In one embodiment, a first request message sent by a receiving terminal is used to request the acquisition of a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication. Determine whether the terminal is allowed to broadcast the SLPP signaling or receive the broadcast SLPP signaling. In response to allowing the terminal to broadcast the SLPP signaling or receive the broadcast SLPP signaling, a second request message is sent to a second network function; wherein the second request message indicates a key for requesting the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication; the second network function is a network function of the network where the terminal is currently located.

如图6所示，本实施例中提供一种密钥分发方法，其中，所述方法由第一网络功能执行，所述方法包括：As shown in FIG6 , this embodiment provides a key distribution method, wherein the method is performed by a first network function, and the method includes:

步骤61、向第二网络功能发送第二请求信息；Step 61: Send a second request message to the second network function;

其中，所述第二请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥；所述第二网络功能为所述终端当前所在网络的网络功能。The second request information indicates a key for requesting the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication; and the second network function is a network function of the network where the terminal is currently located.

如图7所示，本实施例中提供一种密钥分发方法，其中，所述方法由第一网络功能执行，所述方法包括：As shown in FIG. 7 , this embodiment provides a key distribution method, wherein the method is performed by a first network function, and the method includes:

步骤71、接收第二网络功能或者第三网络功能发送的第二响应信息；Step 71: Receive second response information sent by the second network function or the third network function;

其中，所述第二响应信息指示在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。The second response information indicates a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。向第二网络功能发送第二请求信息；其中，所述第二请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。接收第二网络功能或者第三网络功能发送的第二响应信息；其中，所述第二响应信息指示所述密钥；所述第二网络功能为所述终端当前所在网络的网络功能。In one embodiment, a first request message sent by a terminal is received; wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication. A second request message is sent to a second network function; wherein the second request message indicates a key for requesting to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in a sidelink SL communication. A second response message sent by a second network function or a third network function is received; wherein the second response message indicates the key; the second network function is a network function of the network where the terminal is currently located.

在一个实施例中，接收终端发送的第一请求信息；其中，所述第一请求信息用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。通过通知消息(例如，Nlmf_Broadcast_CipheringKeyData)接收所述第三网络功能发送的所述第二响应信息；其中，所述第二响应信息指示所述密钥。In one embodiment, a first request message sent by a terminal is received; wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in sidelink SL communication. The second response message sent by the third network function is received through a notification message (e.g., Nlmf_Broadcast_CipheringKeyData); wherein the first request message is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in sidelink SL communication. The second response message indicates the key.

如图8所示，本实施例中提供一种密钥分发方法，其中，所述方法由第一网络功能执行，所述方法包括：As shown in FIG8 , this embodiment provides a key distribution method, wherein the method is performed by a first network function, and the method includes:

步骤81、向所述终端发送第一响应信息；Step 81: Sending a first response message to the terminal;

其中，所述第一响应信息指示在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。The first response information indicates a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication.

如图9所示，本实施例中提供一种密钥分发方法，其中，所述方法由第二网络功能或者第三网络功能执行，所述方法包括：As shown in FIG. 9 , this embodiment provides a key distribution method, wherein the method is performed by a second network function or a third network function, and the method includes:

步骤91、向第四网络功能发送第三请求信息；Step 91: Send third request information to the fourth network function;

在一个实施例中，向第四网络功能发送第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。接收所述第四网络功能发送的第三响应信息；其中，所述第三响应信息指示所述密钥。In one embodiment, a third request message is sent to a fourth network function, wherein the third request message indicates a key for requesting to obtain a SLPP signaling broadcast by the terminal or receiving a broadcast SLPP signaling in a sidelink SL communication. A third response message sent by the fourth network function is received, wherein the third response message indicates the key.

在一个实施例中，向第四网络功能发送第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。接收所述第四网络功能发送的第三响应信息；其中，所述第三响应信息指示所述密钥。向所述第一网络功能发送第二响应信息；其中，所述第二响应信息指示所述密钥。In one embodiment, a third request message is sent to a fourth network function; wherein the third request message indicates a key for requesting to obtain a key for broadcasting SLPP signaling or receiving broadcast SLPP signaling by the terminal in sidelink SL communication. A third response message sent by the fourth network function is received; wherein the third response message indicates the key. A second request message is sent to the first network function; wherein the third request message indicates a key for requesting to obtain a key for broadcasting SLPP signaling or receiving broadcast SLPP signaling by the terminal in sidelink SL communication. response information; wherein, the second response information indicates the key.

在一个实施例中，在一个实施例中，向第四网络功能发送第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。接收所述第四网络功能发送的第三响应信息；其中，所述第三响应信息指示所述密钥。通过通知消息(例如，Nlmf_Broadcast_CipheringKeyData)向所述第一网络功能发送所述第二响应信息；其中，所述第二响应信息指示所述密钥。In one embodiment, in one embodiment, a third request message is sent to a fourth network function; wherein the third request message indicates a key for requesting to obtain a SLPP signaling broadcast by the terminal or receiving a broadcast SLPP signaling in a sidelink SL communication. A third response message sent by the fourth network function is received; wherein the third response message indicates the key. The second response message is sent to the first network function through a notification message (e.g., Nlmf_Broadcast_CipheringKeyData); wherein the second response message indicates the key.

在一个实施例中，接收终端的第一网络功能发送的第二请求信息；其中，所述第二请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。向第四网络功能发送第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。In one embodiment, a second request message sent by a first network function of a receiving terminal is sent; wherein the second request message indicates a key for requesting to obtain a broadcast SLPP signaling or receiving a broadcast SLPP signaling by the terminal in a sidelink SL communication. A third request message is sent to a fourth network function; wherein the third request message indicates a key for requesting to obtain a broadcast SLPP signaling or receiving a broadcast SLPP signaling by the terminal in a sidelink SL communication.

在一个实施例中，接收终端的第一网络功能发送的第二请求信息；其中，所述第二请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥；所述第二请求信息指示所述终端的身份标识和请求获取所述密钥的指示符。向第四网络功能发送第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。In one embodiment, a second request message sent by a first network function of a receiving terminal is sent; wherein the second request message indicates a key for requesting to obtain a broadcast SLPP signaling or receiving a broadcast SLPP signaling of the terminal in a sidelink SL communication; the second request message indicates an identity of the terminal and an indicator for requesting to obtain the key. A third request message is sent to a fourth network function; wherein the third request message indicates a key for requesting to obtain a broadcast SLPP signaling or receiving a broadcast SLPP signaling of the terminal in a sidelink SL communication.

如图10所示，本实施例中提供一种密钥分发方法，其中，所述方法由第二网络功能或者第三网络功能执行，所述方法包括：As shown in FIG. 10 , this embodiment provides a key distribution method, wherein the method is performed by a second network function or a third network function, and the method includes:

步骤101、接收所述第四网络功能发送的第三响应信息；Step 101: receiving third response information sent by the fourth network function;

其中，所述第三响应信息指示在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。The third response information indicates a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication.

在一个实施例中，向第四网络功能发送第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。接收所述第四网络功能发送的第三响应信息；其中，所述第三响应信息指示所述密钥。向所述第一网络功能发送第二响应信息；其中，所述第二响应信息指示所述密钥。In one embodiment, a third request message is sent to a fourth network function, wherein the third request message indicates a key for requesting to obtain a SLPP signaling broadcast by the terminal or receiving a broadcast SLPP signaling in a sidelink SL communication. A third response message sent by the fourth network function is received, wherein the third response message indicates the key. A second response message is sent to the first network function, wherein the second response message indicates the key.

如图11所示，本实施例中提供一种密钥分发方法，其中，所述方法由第二网络功能或者第三网络功能执行，所述方法包括：As shown in FIG. 11 , this embodiment provides a key distribution method, wherein the method is performed by a second network function or a third network function, and the method includes:

步骤111、向所述第一网络功能发送第二响应信息；Step 111: Send second response information to the first network function;

在一个实施例中，在一个实施例中，向第四网络功能发送第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。接收所述第四网络功能发送的第三响应信息；其中，所述第三响应信息指示所述密钥。通过通知消息(例如，Nlmf_Broadcast_CipheringKeyData)向所述第一网络功能发送所述第二响应信息；其中，所述第二响应信息指示所述密钥。 In one embodiment, in one embodiment, a third request message is sent to a fourth network function; wherein the third request message indicates a key for requesting to obtain a SLPP signaling broadcast by the terminal or receiving a broadcast SLPP signaling in a sidelink SL communication. A third response message sent by the fourth network function is received; wherein the third response message indicates the key. The second response message is sent to the first network function through a notification message (e.g., Nlmf_Broadcast_CipheringKeyData); wherein the second response message indicates the key.

如图12所示，本实施例中提供一种密钥分发方法，其中，所述方法由第二网络功能或者第三网络功能执行，所述方法包括：As shown in FIG. 12 , this embodiment provides a key distribution method, wherein the method is performed by a second network function or a third network function, and the method includes:

步骤121、接收终端的第一网络功能发送的第二请求信息；Step 121: receiving second request information sent by a first network function of a terminal;

其中，所述第二请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。The second request information indicates a key for requesting to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication.

如图13所示，本实施例中提供一种密钥分发方法，其中，所述方法由第四网络功能执行，所述方法包括：As shown in FIG. 13 , this embodiment provides a key distribution method, wherein the method is performed by a fourth network function, and the method includes:

步骤131、接收终端的第二网络功能或者第三网络功能发送的第三请求信息；Step 131: Receive third request information sent by a second network function or a third network function of a terminal;

在一个实施例中，接收终端的第二网络功能或者第三网络功能发送的第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。响应于接收到所述第三请求信息，生成所述密钥。In one embodiment, a third request message sent by a second network function or a third network function of a receiving terminal is received; wherein the third request message indicates a key for requesting to obtain a SLPP signaling broadcast by the terminal or receiving a broadcast SLPP signaling in a sidelink SL communication. In response to receiving the third request message, the key is generated.

在一个实施例中，接收终端的第二网络功能或者第三网络功能发送的第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。响应于接收到所述第三请求信息，生成所述密钥。所述密钥包括以下之一：非对称私钥和公钥；对称完整性和加密密钥。In one embodiment, a third request message sent by a second network function or a third network function of a receiving terminal is sent; wherein the third request message indicates a key for requesting to obtain a SLPP signaling broadcast by the terminal or receiving a broadcast SLPP signaling in a sidelink SL communication. In response to receiving the third request message, the key is generated. The key includes one of the following: an asymmetric private key and a public key; a symmetric integrity and encryption key.

在一个实施例中，接收终端的第二网络功能或者第三网络功能发送的第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。向所述第二网络功能或者所述第三网络功能发送第三响应信息；其中，所述第三响应信息指示所述密钥。In one embodiment, a third request message sent by a second network function or a third network function of a receiving terminal is sent; wherein the third request message indicates a key for requesting to obtain a SLPP signaling broadcast by the terminal or receiving a broadcast SLPP signaling in a sidelink SL communication. A third response message is sent to the second network function or the third network function; wherein the third response message indicates the key.

在一个实施例中，接收终端的第二网络功能或者第三网络功能发送的第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。响应于接收到所述第三请求信息，生成所述密钥。所述密钥包括以下之一：非对称私钥和公钥对称完整性和加密密钥。向所述第二网络功能或者所述第三网络功能发送第三响应信息；其中，所述第三响应信息指示所述密钥。In one embodiment, a third request message sent by a second network function or a third network function of a receiving terminal is sent; wherein the third request message indicates a key for requesting to obtain a SLPP signaling broadcast by the terminal or receiving a broadcast SLPP signaling in a sidelink SL communication. In response to receiving the third request message, the key is generated. The key includes one of the following: an asymmetric private key and The method further comprises: sending a third response message to the second network function or the third network function, wherein the third response message indicates the key.

如图14所示，本实施例中提供一种密钥分发方法，其中，所述方法由第四网络功能执行，所述方法包括：As shown in FIG. 14 , this embodiment provides a key distribution method, wherein the method is performed by a fourth network function, and the method includes:

步骤141、生成在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。Step 141: Generate a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in sidelink SL communication.

在一个实施例中，接收终端的第二网络功能或者第三网络功能发送的第三请求信息；其中，所述第三请求信息指示用于请求获取在侧行链路SL通信中所述终端广播SLPP信令或者接收广播的SLPP信令的密钥。响应于接收到所述第三请求信息，生成所述密钥。所述密钥包括以下之一：非对称私钥和公钥；对称完整性和加密密钥。向所述第二网络功能或者所述第三网络功能发送第三响应信息；其中，所述第三响应信息指示所述密钥。In one embodiment, a third request message sent by a second network function or a third network function of a receiving terminal is sent; wherein the third request message indicates a key for requesting to obtain a SLPP signaling broadcast by the terminal or receiving a broadcast SLPP signaling in a sidelink SL communication. In response to receiving the third request message, the key is generated. The key includes one of the following: an asymmetric private key and a public key; a symmetric integrity and encryption key. A third response message is sent to the second network function or the third network function; wherein the third response message indicates the key.

如图15所示，本实施例中提供一种密钥分发方法，其中，所述方法由第四网络功能执行，所述方法包括：As shown in FIG. 15 , this embodiment provides a key distribution method, wherein the method is performed by a fourth network function, and the method includes:

步骤151、向所述第二网络功能或者所述第三网络功能发送第三响应信息；Step 151: Send third response information to the second network function or the third network function;

如图16所示，本实施例中提供一种系统，其中，所述系统包括第一网络功能161、第二网络功能162、第三网络功能163和第四网络功能164中的至少之一；所述第一网络功能161用于实现所述第一网络功能161实现的方法；所述第二网络功能162用于实现所述第二网络功能162实现的方法；所述第三网络功能163用于实现所述第三网络功能163实现的方法。As shown in FIG16 , a system is provided in this embodiment, wherein the system includes at least one of a first network function 161, a second network function 162, a third network function 163, and a fourth network function 164; the first network function 161 is used to implement the method for implementing the first network function 161; the second network function 162 is used to implement the method for implementing the second network function 162; the third network function 163 is used to implement the method for implementing the fourth network function 164; the fourth network function 164 is used to implement the method for implementing the first network function 161; the fourth network function 164 is used to implement the method for implementing the second network function 164; the fourth network function 164 is used to implement the method for implementing the third network function 163; the fourth network function 164 is used to implement the method for implementing the third network function 164; the fourth network function 164 is used to implement the method for implementing the third network The third network function 163 is used to implement the method for implementing the third network function 163.

为了更好地理解本公开实施例，以下通过2个示例性实施例对本公开技术方案做进一步说明：In order to better understand the embodiments of the present disclosure, the technical solution of the present disclosure is further described below through two exemplary embodiments:

在一个实施例中，对于能够测距或者SL定位的终端，它应该能够广播SLPP信令，而不必执行发现过程和链路建立过程。因此，可以在注册过程中就向终端提供安全密钥。In one embodiment, for a terminal capable of ranging or SL positioning, it should be able to broadcast SLPP signaling without having to perform a discovery process and a link establishment process. Therefore, security keys can be provided to the terminal during the registration process.

在一个实施例中，为了执行SLPP信令广播，假设关于是否允许具有测距或者SL定位能力的终端广播和/或接收SLPP信令的信息包括在UE签约信息中。基于签约信息中的这种信息，核心网络然后可以确定在UE向网络注册时向UE提供所需的安全密钥。In one embodiment, in order to perform SLPP signaling broadcast, it is assumed that information about whether a terminal with ranging or SL positioning capability is allowed to broadcast and/or receive SLPP signaling is included in the UE subscription information. Based on this information in the subscription information, the core network can then determine to provide the required security keys to the UE when the UE registers with the network.

在一个实施例中，对于测距或者SL定位服务，服务中涉及的两个或更多UE可能签约的运营商不同。如果涉及的UE与不同的运营商签约，则一个公共陆地移动网(PLMN，Public Land Mobile Network)中的5GC NF不可能为属于不同PLMN的所有涉及的UE创建相同的安全密钥。因此，建议使用可以与不同PLMN连接的集中式密钥管理功能，用于创建和提供到不同PLMN中的5GC NF的安全密钥。然后，5GC NF在其自己的PLMN中将安全密钥提供给UE。In one embodiment, for ranging or SL positioning services, two or more UEs involved in the service may be subscribed to different operators. If the UEs involved are subscribed to different operators, it is impossible for the 5GC NF in one Public Land Mobile Network (PLMN) to create the same security key for all the involved UEs belonging to different PLMNs. Therefore, it is recommended to use a centralized key management function that can be connected to different PLMNs to create and provide security keys to the 5GC NFs in different PLMNs. The 5GC NF then provides the security key to the UE in its own PLMN.

在一个实施例中，提供安全密钥的5GC NF可以是将密钥作为UE安全策略配置信息的一部分发送给UE的PCF；或者可以是使用3GPP TS 23.273【3】的条款6.14.2中定义的现有流程向UE发送密钥的LMF。In one embodiment, the 5GC NF providing the security keys can be a PCF that sends the keys to the UE as part of the UE security policy configuration information; or it can be a LMF that sends the keys to the UE using the existing procedures defined in clause 6.14.2 of 3GPP TS 23.273 [3].

示例1：Example 1:

如图17所示，本实施例中提供一种密钥分发方法，所述方法包括：As shown in FIG. 17 , this embodiment provides a key distribution method, the method comprising:

步骤1701、待广播SLPP信令的UE(B-UE)向其AMF发送(可以是周期性地)注册请求消息(对应本公开中的第一请求信息)，该注册请求消息包含B-UE ID和请求广播密钥(对应本公开中的密钥)的指示符。Step 1701. The UE (B-UE) to broadcast SLPP signaling sends (perhaps periodically) a registration request message (corresponding to the first request information in the present disclosure) to its AMF. The registration request message includes the B-UE ID and an indicator for requesting a broadcast key (corresponding to the key in the present disclosure).

步骤1702、B-UE的AMF与统一数据管理(UDM，Unified Data Management)检查是否允许B-UE根据UE签约信息广播SLPP信令。Step 1702: The AMF and Unified Data Management (UDM) of B-UE check whether B-UE is allowed to broadcast SLPP signaling according to the UE contract information.

步骤1703、如果允许B-UE广播SLPP信令，B-UE的AMF向B-UE的PCF发送UE策略创建请求(对应本公开中的第二请求信息)，指示为请求广播方的广播密钥。Step 1703: If B-UE is allowed to broadcast SLPP signaling, the AMF of B-UE sends a UE policy creation request (corresponding to the second request information in the present disclosure) to the PCF of B-UE, indicating the broadcast key of the requesting broadcaster.

步骤1704、B-UE的PCF向中央密钥管理功能发送密钥请求(对应本公开中的第三请求信息)，请求用于广播SLPP信令的广播密钥。Step 1704: The PCF of the B-UE sends a key request (corresponding to the third request information in the present disclosure) to the central key management function, requesting a broadcast key for broadcasting SLPP signaling.

步骤1705、中央密钥管理功能(中心密钥管理功能或者集中式密钥管理功能)生成用于广播SLPP信令的广播密钥。广播密钥可以是：例如，一对非对称私钥和公钥，或一对对称完整性和加密密钥。Step 1705: The central key management function (central key management function or centralized key management function) generates a broadcast key for broadcasting SLPP signaling. The broadcast key can be, for example, a pair of asymmetric private key and public key, or a pair of symmetric integrity and encryption keys.

步骤1706、中央密钥管理功能将密钥响应(对应本公开中的第三响应信息)中的广播密钥(例如私钥)返回到B-UE的PCF。Step 1706: The central key management function returns the broadcast key (eg, private key) in the key response (corresponding to the third response information in the present disclosure) to the PCF of the B-UE.

步骤1707、B-UE的PCF在UE策略创建响应(对应本公开中的第二响应信息)中将广播密钥返回给B-UE的AMF。Step 1707: The PCF of the B-UE returns the broadcast key to the AMF of the B-UE in the UE policy creation response (corresponding to the second response information in the present disclosure).

步骤1708、B-UE的AMF在注册接受消息(对应本公开中的第一响应信息)中向B-UE发送广播密钥。Step 1708: The AMF of B-UE sends a broadcast key to B-UE in a registration acceptance message (corresponding to the first response information in the present disclosure).

步骤1709、待接收广播SL定位信令的UE(R-UE)向其AMF发送(可以是周期性地)注册请求消息(对应本公开中的第一请求信息)，该注册请求消息包含R-UE ID和请求广播密钥的指示符。Step 1709: The UE (R-UE) to receive the broadcast SL positioning signaling sends (possibly periodically) a registration request message (corresponding to the first request information in the present disclosure) to its AMF, where the registration request message contains the R-UE ID and an indicator for requesting a broadcast key.

步骤1710、R-UE的AMF与UDM对照UE签约信息检查R-UE是否被允许接收广播的SLPP信令。Step 1710: The AMF and UDM of the R-UE check whether the R-UE is allowed to receive broadcast SLPP signaling by comparing the UE subscription information.

步骤1711、如果允许R-UE接收广播的SLPP信令，则R-UE的AMF向R-UE的PCF发送UE策略创建请求(对应本公开中的第二请求信息)，指示为请求接收方的广播密钥。Step 1711: If the R-UE is allowed to receive broadcast SLPP signaling, the AMF of the R-UE sends a UE policy creation request (corresponding to the second request information in the present disclosure) to the PCF of the R-UE, indicating the broadcast key of the requesting recipient.

步骤1712、R-UE的PCF向中央密钥管理功能发送密钥请求(对应本公开中的第三请求信息)，以请求用于接收广播的SLPP信令的密钥。Step 1712: The PCF of the R-UE sends a key request (corresponding to the third request information in the present disclosure) to the central key management function to request a key for receiving the broadcast SLPP signaling.

步骤1713、中央密钥管理功能将密钥响应(对应本公开中的第三响应信息)中用于接收广播的SLPP信令的密钥返回给R-UE的PCF。密钥可以是例如在步骤1705中创建的非对称私钥/公钥的公钥。Step 1713: The central key management function returns the key for receiving the broadcast SLPP signaling in the key response (corresponding to the third response information in the present disclosure) to the PCF of the R-UE. The key may be, for example, the public key of the asymmetric private key/public key created in step 1705.

步骤1714、在UE策略创建响应(对应本公开中的第二响应信息)中，R-UE的PCF将用于接收广播的SLPP信令的密钥返回给R-UE的AMF。 Step 1714: In the UE policy creation response (corresponding to the second response information in the present disclosure), the PCF of the R-UE returns the key for receiving the broadcast SLPP signaling to the AMF of the R-UE.

步骤1715、在注册接受消息(对应本公开中的第一响应信息)中，R-UE的AMF向R-UE发送用于接收广播的SLPP信令的密钥。Step 1715: In the registration acceptance message (corresponding to the first response information in the present disclosure), the AMF of the R-UE sends the key for receiving the broadcast SLPP signaling to the R-UE.

步骤1716、B-UE开始广播由从网络接收的广播密钥保护的SLPP信令。Step 1716: B-UE starts broadcasting SLPP signaling protected by the broadcast key received from the network.

步骤1717、R-UE开始监听广播的消息。当从B-UE接收到广播信令时，R-UE用从网络接收到的密钥来验证广播消息。Step 1717: The R-UE starts to monitor the broadcast message. When receiving the broadcast signaling from the B-UE, the R-UE verifies the broadcast message using the key received from the network.

需要说明的是，每个广播秘钥都分配有一个有效计时器。当定时器到期时，UE需要通过再次发起周期性注册过程来请求新的广播密钥。It should be noted that each broadcast key is assigned a validity timer. When the timer expires, the UE needs to request a new broadcast key by initiating a periodic registration process again.

在一个实施例中，向UE提供安全密钥的5GC NF也可以是3GPP TS 23.273【3】的条款6.14.2中定义的分发广播辅助数据的加密密钥的LMF。当待广播SLPP信令的UE需要从核心网络获取定位辅助数据时，使用它。在这种情况下，UE将向AMF发送请求，AMF选择用于调用网络辅助数据传输的LMF。LMF在开始发送网络辅助数据之前，需要获取保护网络辅助数据的安全密钥。In one embodiment, the 5GC NF that provides security keys to the UE can also be the LMF that distributes encryption keys for broadcast assistance data as defined in clause 6.14.2 of 3GPP TS 23.273 [3]. It is used when the UE that is to broadcast SLPP signaling needs to obtain positioning assistance data from the core network. In this case, the UE will send a request to the AMF, and the AMF selects the LMF to invoke the network assistance data transmission. The LMF needs to obtain the security key to protect the network assistance data before starting to send the network assistance data.

示例2：Example 2:

如图18所示，本实施例中提供一种密钥分发方法，所述方法包括：As shown in FIG. 18 , this embodiment provides a key distribution method, the method comprising:

步骤1801、B-UE的LMF接收到网络辅助数据传输请求后，向中央密钥管理功能发送密钥请求，请求UE用于广播SLPP信令的广播密钥(对应本公开中的密钥)。Step 1801: After receiving the network-assisted data transmission request, the LMF of the B-UE sends a key request to the central key management function, requesting the UE to use a broadcast key (corresponding to the key in the present disclosure) for broadcasting SLPP signaling.

步骤1802、中央密钥管理功能将用于SLPP信令广播的安全密钥返回到B-UE的LMF。Step 1802: The central key management function returns the security key used for SLPP signaling broadcast to the LMF of the B-UE.

步骤1803、B-UE的LMF向包含接收到的用于SLPP信令广播的安全密钥的B-UE的AMF调用Nlmf_Broadcast_CipheringKeyData通知服务操作。Step 1803: The LMF of the B-UE calls the Nlmf_Broadcast_CipheringKeyData notification service operation to the AMF of the B-UE containing the received security key for SLPP signaling broadcast.

步骤1804、B-UE的AMF存储从B-UE的LMF接收的广播密钥。Step 1804: The AMF of the B-UE stores the broadcast key received from the LMF of the B-UE.

步骤1805、待广播SLPP信令的B-UE向其AMF发送(周期性的)注册请求消息，该注册请求消息包含B-UE ID和请求广播密钥的指示符。Step 1805: The B-UE to broadcast SLPP signaling sends a (periodic) registration request message to its AMF, which contains the B-UE ID and an indicator for requesting a broadcast key.

步骤1806、B-UE的AMF与UDM一起检查是否允许B-UE根据UE签约信息广播SLPP信令。Step 1806: The AMF of B-UE checks with the UDM whether B-UE is allowed to broadcast SLPP signaling according to the UE subscription information.

步骤1807、B-UE的AMF在注册接受消息中向B-UE发送存储的广播密钥。Step 1807: The AMF of B-UE sends the stored broadcast key to B-UE in the registration accept message.

步骤1808、如在步骤1801中，R-UE的LMF向中央密钥管理功能发送密钥请求，以请求用于UE接收广播的SLPP信令的密钥。Step 1808: As in step 1801, the LMF of the R-UE sends a key request to the central key management function to request a key for the UE to receive the broadcast SLPP signaling.

步骤1809、中央密钥管理功能将用于接收广播的SLPP信令的安全密钥返回给R-UE的LMF。Step 1809: The central key management function returns the security key used to receive the broadcast SLPP signaling to the LMF of the R-UE.

步骤1810、R-UE的LMF向包含接收到的安全密钥的R-UE的AMF调用Nlmf_Broadcast_CipheringKeyData通知服务操作。Step 1810: The LMF of the R-UE calls the Nlmf_Broadcast_CipheringKeyData notification service operation to the AMF of the R-UE containing the received security key.

步骤1811、R-UE的AMF存储从R-UE的LMF接收的广播密钥。Step 1811: The AMF of the R-UE stores the broadcast key received from the LMF of the R-UE.

步骤1812、待接收广播的SLPP信令的R-UE向其AMF发送(可以是周期性地)注册请求消息，该注册请求消息包含R-UE ID和请求广播密钥的指示符。Step 1812: The R-UE to receive the broadcast SLPP signaling sends (possibly periodically) a registration request message to its AMF, where the registration request message contains the R-UE ID and an indicator for requesting a broadcast key.

步骤1813、R-UE的AMF通过UDM对照UE签约信息检查R-UE是否被允许接收广播的SLPP信令。步骤1814、在注册接受消息中，R-UE的AMF将存储的广播密钥发送给R-UE。Step 1813: The AMF of the R-UE checks whether the R-UE is allowed to receive broadcast SLPP signaling by comparing the UE subscription information through UDM. Step 1814: In the registration acceptance message, the AMF of the R-UE sends the stored broadcast key to the R-UE.

步骤1815、B-UE开始广播由从网络接收到的广播密钥保护的SLPP信令。Step 1815: B-UE starts broadcasting SLPP signaling protected by the broadcast key received from the network.

步骤1816、R-UE开始监听广播的消息。当从B-UE接收到广播信令时，R-UE用从网络接收到的密钥来验证广播消息。Step 1816: The R-UE starts to monitor the broadcast message. When receiving the broadcast signaling from the B-UE, the R-UE verifies the broadcast message using the key received from the network.

需要说明的是，在LMF向中央密钥管理功能请求广播密钥的情况下，只能生成对称密钥，因为LMF在发送注册请求之前不知道请求UE是打算广播还是接收SLPP信令。It should be noted that in the case where the LMF requests a broadcast key from the central key management function, only a symmetric key can be generated because the LMF does not know whether the requesting UE intends to broadcast or receive SLPP signaling before sending the registration request.

如图19所示，本公开实施例中提供一种密钥分发装置，其中，所述装置包括：As shown in FIG. 19 , a key distribution device is provided in an embodiment of the present disclosure, wherein the device includes:

发送模块191，被配置为向第一网络功能发送第一请求信息；The sending module 191 is configured to send first request information to the first network function;

需要说明的是，本领域内技术人员可以理解，本公开实施例提供的方法，可以被单独执行，也可以与本公开实施例中一些方法或相关技术中的一些方法一起被执行。 It should be noted that those skilled in the art can understand that the method provided in the embodiments of the present disclosure can be executed alone or together with some methods in the embodiments of the present disclosure or some methods in related technologies.

如图20、所示，本公开实施例中提供一种密钥分发装置，其中，所述装置包括：As shown in FIG. 20, a key distribution device is provided in an embodiment of the present disclosure, wherein the device includes:

接收模块201，被配置为接收终端发送的第一请求信息；The receiving module 201 is configured to receive first request information sent by a terminal;

如图21所示，本公开实施例中提供一种密钥分发装置，其中，所述装置包括：As shown in FIG. 21 , a key distribution device is provided in an embodiment of the present disclosure, wherein the device includes:

发送模块211，被配置为向第四网络功能发送第三请求信息；The sending module 211 is configured to send third request information to the fourth network function;

如图22、所示，本公开实施例中提供一种密钥分发装置，其中，所述装置包括：As shown in FIG. 22, a key distribution device is provided in an embodiment of the present disclosure, wherein the device includes:

接收模块221，被配置为接收终端的第二网络功能或者第三网络功能发送的第三请求信息；The receiving module 221 is configured to receive third request information sent by the second network function or the third network function of the terminal;

本公开实施例提供一种通信设备，通信设备，包括：The present disclosure provides a communication device, the communication device comprising:

处理器；processor;

用于存储处理器可执行指令的存储器；a memory for storing processor-executable instructions;

其中，处理器被配置为：用于运行可执行指令时，实现应用于本公开任意实施例的方法。The processor is configured to: implement the method applied to any embodiment of the present disclosure when running the executable instructions.

其中，处理器可包括各种类型的存储介质，该存储介质为非临时性计算机存储介质，在通信设备掉电之后能够继续记忆存储其上的信息。The processor may include various types of storage media, which are non-temporary computer storage media that can continue to memorize information stored thereon after the communication device loses power.

处理器可以通过总线等与存储器连接，用于读取存储器上存储的可执行程序。The processor may be connected to the memory via a bus or the like to read the executable program stored in the memory.

本公开实施例还提供一种计算机存储介质，其中，计算机存储介质存储有计算机可执行程序，可执行程序被处理器执行时实现本公开任意实施例的方法。An embodiment of the present disclosure further provides a computer storage medium, wherein the computer storage medium stores a computer executable program, and when the executable program is executed by a processor, the method of any embodiment of the present disclosure is implemented.

关于上述实施例中的装置，其中各个模块执行操作的具体方式已经在有关该方法的实施例中进行了详细描述，此处将不做详细阐述说明。Regarding the device in the above embodiment, the specific manner in which each module performs operations has been described in detail in the embodiment of the method, and will not be elaborated here.

如图23所示，本公开一个实施例提供一种终端的结构。As shown in FIG. 23 , an embodiment of the present disclosure provides a structure of a terminal.

参照图23所示终端800本实施例提供一种终端800，该终端具体可是移动电话，计算机，数字广播终端，消息收发设备，游戏控制台，平板设备，医疗设备，健身设备，个人数字助理等。Referring to the terminal 800 shown in Figure 23, this embodiment provides a terminal 800, which can be a mobile phone, a computer, a digital broadcast terminal, a message sending and receiving device, a game console, a tablet device, a medical device, a fitness device, a personal digital assistant, etc.

参照图23，终端800可以包括以下一个或多个组件：处理组件802，存储器804，电源组件806，多媒体组件808，音频组件810，输入/输出(I/O)的接口812，传感器组件814，以及通信组件816。23 , the terminal 800 may include one or more of the following components: a processing component 802 , a memory 804 , a power component 806 , a multimedia component 808 , an audio component 810 , an input/output (I/O) interface 812 , a sensor component 814 , and a communication component 816 .

处理组件802通常控制终端800的整体操作，诸如与显示，电话呼叫，数据通信，相机操作和记录操作相关联的操作。处理组件802可以包括一个或多个处理器820来执行指令，以完成上述的方法的全部或部分步骤。此外，处理组件802可以包括一个或多个模块，便于处理组件802和其他组件之间的交互。例如，处理组件802可以包括多媒体模块，以方便多媒体组件808和处理组件802之间的交互。The processing component 802 generally controls the overall operation of the terminal 800, such as operations associated with display, phone calls, data communications, camera operations, and recording operations. The processing component 802 may include one or more processors 820 to execute instructions to complete all or part of the steps of the above-mentioned method. In addition, the processing component 802 may include one or more modules to facilitate the interaction between the processing component 802 and other components. For example, the processing component 802 may include a multimedia module to facilitate the interaction between the multimedia component 808 and the processing component 802.

存储器804被配置为存储各种类型的数据以支持在设备800的操作。这些数据的示例包括用于在终端800上操作的任何应用程序或方法的指令，联系人数据，电话簿数据，消息，图片，视频等。存储器804可以由任何类型的易失性或非易失性存储设备或者它们的组合实现，如静态随机存取存储器(SRAM)，电可擦除可编程只读存储器(EEPROM)，可擦除可编程只读存储器(EPROM)，可编程只读存储器(PROM)，只读存储器(ROM)，磁存储器，快闪存储器，磁盘或光盘。The memory 804 is configured to store various types of data to support operations on the device 800. Examples of such data include instructions for any application or method operating on the terminal 800, contact data, phone book data, messages, pictures, videos, etc. The memory 804 can be implemented by any type of volatile or non-volatile storage device or a combination thereof, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (EPROM), etc. Read-only memory (PROM), read-only memory (ROM), magnetic storage, flash memory, magnetic disk or optical disk.

电源组件806为终端800的各种组件提供电力。电源组件806可以包括电源管理系统，一个或多个电源，及其他与为终端800生成、管理和分配电力相关联的组件。Power component 806 provides power to various components of terminal 800. Power component 806 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power to terminal 800.

多媒体组件808包括在终端800和用户之间的提供一个输出接口的屏幕。在一些实施例中，屏幕可以包括液晶显示器(LCD)和触摸面板(TP)。如果屏幕包括触摸面板，屏幕可以被实现为触摸屏，以接收来自用户的输入信号。触摸面板包括一个或多个触摸传感器以感测触摸、滑动和触摸面板上的手势。触摸传感器可以不仅感测触摸或滑动动作的边界，而且还检测与触摸或滑动操作相关的持续时间和压力。在一些实施例中，多媒体组件808包括一个前置摄像头和/或后置摄像头。当设备800处于操作模式，如拍摄模式或视频模式时，前置摄像头和/或后置摄像头可以接收外部的多媒体数据。每个前置摄像头和后置摄像头可以是一个固定的光学透镜系统或具有焦距和光学变焦能力。The multimedia component 808 includes a screen that provides an output interface between the terminal 800 and the user. In some embodiments, the screen may include a liquid crystal display (LCD) and a touch panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive input signals from the user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundaries of the touch or slide action, but also detect the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 808 includes a front camera and/or a rear camera. When the device 800 is in an operating mode, such as a shooting mode or a video mode, the front camera and/or the rear camera may receive external multimedia data. Each front camera and rear camera may be a fixed optical lens system or have a focal length and optical zoom capability.

音频组件810被配置为输出和/或输入音频信号。例如，音频组件810包括一个麦克风(MIC)，当终端800处于操作模式，如呼叫模式、记录模式和语音识别模式时，麦克风被配置为接收外部音频信号。所接收的音频信号可以被进一步存储在存储器804或经由通信组件816发送。在一些实施例中，音频组件810还包括一个扬声器，用于输出音频信号。The audio component 810 is configured to output and/or input audio signals. For example, the audio component 810 includes a microphone (MIC), and when the terminal 800 is in an operation mode, such as a call mode, a recording mode, and a speech recognition mode, the microphone is configured to receive an external audio signal. The received audio signal can be further stored in the memory 804 or sent via the communication component 816. In some embodiments, the audio component 810 also includes a speaker for outputting audio signals.

I/O接口812为处理组件802和外围接口模块之间提供接口，上述外围接口模块可以是键盘，点击轮，按钮等。这些按钮可包括但不限于：主页按钮、音量按钮、启动按钮和锁定按钮。I/O interface 812 provides an interface between processing component 802 and peripheral interface modules, such as keyboards, click wheels, buttons, etc. These buttons may include but are not limited to: home button, volume button, start button, and lock button.

传感器组件814包括一个或多个传感器，用于为终端800提供各个方面的状态评估。例如，传感器组件814可以检测到设备800的打开/关闭状态，组件的相对定位，例如组件为终端800的显示器和小键盘，传感器组件814还可以检测终端800或终端800一个组件的位置改变，用户与终端800接触的存在或不存在，终端800方位或加速/减速和终端800的温度变化。传感器组件814可以包括接近传感器，被配置用来在没有任何的物理接触时检测附近物体的存在。传感器组件814还可以包括光传感器，如CMOS或CCD图像传感器，用于在成像应用中使用。在一些实施例中，该传感器组件814还可以包括加速度传感器，陀螺仪传感器，磁传感器，压力传感器或温度传感器。The sensor assembly 814 includes one or more sensors for providing various aspects of status assessment for the terminal 800. For example, the sensor assembly 814 can detect the open/closed state of the device 800, the relative positioning of the components, such as the display and keypad of the terminal 800, and the sensor assembly 814 can also detect the position change of the terminal 800 or a component of the terminal 800, the presence or absence of contact between the user and the terminal 800, the orientation or acceleration/deceleration of the terminal 800 and the temperature change of the terminal 800. The sensor assembly 814 may include a proximity sensor configured to detect the presence of nearby objects without any physical contact. The sensor assembly 814 may also include an optical sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 814 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor or a temperature sensor.

通信组件816被配置为便于终端800和其他设备之间有线或无线方式的通信。终端800可以接入基于通信标准的无线网络，如Wi-Fi，2G或3G，或它们的组合。在一个示例性实施例中，通信组件816经由广播信道接收来自外部广播管理系统的广播信号或广播相关信息。在一个示例性实施例中，通信组件816还包括近场通信(NFC)模块，以促进短程通信。例如，在NFC模块可基于射频识别(RFID)技术，红外数据协会(IrDA)技术，超宽带(UWB)技术，蓝牙(BT)技术和其他技术来实现。The communication component 816 is configured to facilitate wired or wireless communication between the terminal 800 and other devices. The terminal 800 can access a wireless network based on a communication standard, such as Wi-Fi, 2G or 3G, or a combination thereof. In an exemplary embodiment, the communication component 816 receives a broadcast signal or broadcast-related information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, the communication component 816 also includes a near field communication (NFC) module to facilitate short-range communication. For example, the NFC module can be implemented based on radio frequency identification (RFID) technology, infrared data association (IrDA) technology, ultra-wideband (UWB) technology, Bluetooth (BT) technology and other technologies.

在示例性实施例中，终端800可以被一个或多个应用专用集成电路(ASIC)、数字信号处理器(DSP)、数字信号处理设备(DSPD)、可编程逻辑器件(PLD)、现场可编程门阵列(FPGA)、控制器、微控制器、微处理器或其他电子元件实现，用于执行上述方法。In an exemplary embodiment, terminal 800 can be implemented by one or more application-specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable gate arrays (FPGAs), controllers, microcontrollers, microprocessors or other electronic components to perform the above methods.

在示例性实施例中，还提供了一种包括指令的非临时性计算机可读存储介质，例如包括指令的存储器804，上述指令可由终端800的处理器820执行以完成上述方法。例如，非临时性计算机可读存储介质可以是ROM、随机存取存储器(RAM)、CD-ROM、磁带、软盘和光数据存储设备等。In an exemplary embodiment, a non-transitory computer-readable storage medium including instructions is also provided, such as a memory 804 including instructions, and the instructions can be executed by the processor 820 of the terminal 800 to complete the above method. For example, the non-transitory computer-readable storage medium can be a ROM, a random access memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, etc.

如图24所示，本公开一实施例示出一种基站的结构。例如，基站900可以被提供为一网络侧设备。参照图24，基站900包括处理组件922，其进一步包括一个或多个处理器，以及由存储器932所代表的存储器资源，用于存储可由处理组件922的执行的指令，例如应用程序。存储器932中存储的应用程序可以包括一个或一个以上的每一个对应于一组指令的模块。此外，处理组件922被配置为执行指令，以执行上述方法前述应用在所述基站的任意方法。As shown in FIG. 24 , an embodiment of the present disclosure illustrates a structure of a base station. For example, a base station 900 may be provided as a network-side device. Referring to FIG. 24 , the base station 900 includes a processing component 922, which further includes one or more processors, and a memory resource represented by a memory 932 for storing instructions executable by the processing component 922, such as an application. The application stored in the memory 932 may include one or more modules, each corresponding to a set of instructions. In addition, the processing component 922 is configured to execute instructions to execute any method of the aforementioned method applied to the base station.

基站900还可以包括一个电源组件926被配置为执行基站900的电源管理，一个有线或无线网络接口950被配置为将基站900连接到网络，和一个输入输出(I/O)接口958。基站900可以操作基于存储在存储器932的操作系统，例如Windows Server TM，Mac OS XTM，UnixTM，LinuxTM，FreeBSDTM或类似。The base station 900 may also include a power supply component 926 configured to perform power management of the base station 900, a wired or wireless network interface 950 configured to connect the base station 900 to the network, and an input/output (I/O) interface 958. The base station 900 may operate based on an operating system stored in the memory 932, such as Windows Server TM, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM or the like.

本领域技术人员在考虑说明书及实践这里公开的发明后，将容易想到本发明的其它实施方案。本公开旨在涵盖本发明的任何变型、用途或者适应性变化，这些变型、用途或者适应性变化遵循本发明的一般性原理并包括本公开未公开的本技术领域中的公知常识或惯用技术手段。说明书和实施例仅被视为示例性的，本发明的真正范围和精神由下面的权利要求指出。 Those skilled in the art will readily appreciate other embodiments of the present invention after considering the specification and practicing the invention disclosed herein. The present disclosure is intended to cover any variations, uses or adaptations of the present invention that follow the general principles of the present invention and include common knowledge or customary techniques in the art that are not disclosed in the present disclosure. The description and examples are to be considered exemplary only, and the true scope and spirit of the present invention are indicated by the following claims.

应当理解的是，本发明并不局限于上面已经描述并在附图中示出的精确结构，并且可以在不脱离其范围进行各种修改和改变。本发明的范围仅由所附的权利要求来限制。 It should be understood that the present invention is not limited to the exact construction that has been described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present invention is limited only by the appended claims.

Claims

A key distribution method, wherein the method is performed by a terminal, and the method comprises:

Sending first request information to the first network function;

Among them, the first request information is used to request to obtain the key of the terminal broadcasting the side link positioning protocol SLPP signaling or receiving the broadcast SLPP signaling in the side link SL communication; the first network function is the network function of the network where the terminal is currently located.

The method according to claim 1, wherein the sending the first request information to the first network function comprises:

The first request information is sent to the first network function through a registration request message.

The method according to claim 1, wherein the first request information indicates an identity of the terminal and an indicator requesting to obtain the key.

The method according to claim 1, wherein the method further comprises:

Receiving first response information sent by the first network function;

The first response information indicates the key.

The method according to claim 4, wherein the receiving the first response information sent by the first network function comprises:

The first response information sent by the first network function is received through a registration acceptance message.

The method according to claims 1 to 5, wherein the first network function is an access and mobility management function AMF.

A key distribution method, wherein the method is performed by a first network function, and the method comprises:

Receiving first request information sent by a terminal;

The first request information is used to request to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication.

The method according to claim 7, wherein the first request information sent by the receiving terminal comprises:

The first request information sent by the terminal is received through a registration request message.

The method according to claim 7, wherein the first request information indicates an identity of the terminal and an indicator requesting to obtain the key.

The method according to claim 7, wherein the method further comprises:

Determine whether to allow the terminal to broadcast the SLPP signaling or receive the broadcast SLPP signaling.

The method according to claim 10, wherein the determining whether to allow the terminal to broadcast the SLPP signaling or receive the broadcasted SLPP signaling comprises:

Based on the terminal subscription information, it is determined whether the terminal is allowed to broadcast the SLPP signaling or receive the broadcasted SLPP signaling.

The method according to claim 11, wherein the method further comprises:

Sending second request information to the second network function;

The second request information indicates a key for requesting the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication; and the second network function is a network function of the network where the terminal is currently located.

The method according to claim 12, wherein the second network function is a policy control function (PCF).

The method according to claim 13, wherein the sending the second request information to the second network function comprises:

In response to allowing the terminal to broadcast the SLPP signaling, sending the second request information to the second network function;

or,

In response to the SLPP signaling allowing the terminal to receive broadcast, the second request information is sent to the second network function.

The method according to claim 12, wherein the second request information indicates an identity of the terminal and an indicator requesting to obtain the key.

The method according to claim 12, wherein the method further comprises:

Receiving second response information sent by the second network function or the third network function;

The second response information indicates the key.

The method according to claim 16, wherein the third network function is a location management function LMF.

The method according to claim 16, wherein the receiving the second response information sent by the third network function comprises:

The second response information sent by the third network function is received through a notification message.

The method according to claim 16, wherein the method further comprises:

The key is stored.

The method according to claim 7, wherein the method further comprises:

Sending first response information to the terminal;

The first response information indicates the key.

The method according to claim 20, wherein the sending the first response information to the terminal comprises:

In response to determining that the terminal is allowed to broadcast the SLPP signaling, sending the first response information to the terminal;

or,

In response to determining that the terminal is allowed to receive the broadcasted SLPP signaling, the first response information is sent to the terminal.

The first response information is sent to the terminal through a registration acceptance message.

The method according to claims 7 to 22, wherein the first network function is an access and mobility management function AMF.

A key distribution method, wherein the method is performed by a second network function or a third network function, and the method comprises:

sending third request information to the fourth network function;

The third request information indicates a key for requesting to obtain a key for a terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in sidelink SL communication.

The method according to claim 24, wherein the method further comprises:

receiving third response information sent by the fourth network function;

The third response information indicates the key.

The method according to claim 25, wherein the method further comprises:

Sending second response information to the first network function;

The second response information indicates the key.

The method according to claim 26, in response to the method being performed by a third network function; the sending of second response information to the first network function comprises:

The second response information is sent to the first network function through a notification message.

The method according to claim 24, wherein the method further comprises:

receiving second request information sent by the first network function of the terminal;

The second request information indicates a key for requesting to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication.

The method according to claim 24, wherein the second request information indicates the identity of the terminal and an indicator requesting to obtain the key.

The method according to any one of claims 24 to 29, wherein the second network function is a PCF, the third network function is a LMF and/or the fourth network function is a central key management function.

A key distribution method, wherein the method is performed by a fourth network function, and the method comprises:

receiving third request information sent by the second network function or the third network function of the terminal;

The third request information indicates a key for requesting to obtain a key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication.

The method according to claim 31, wherein the method further comprises:

In response to receiving the third request information, the key is generated.

The method according to claim 2, wherein the key comprises one of the following:

Asymmetric private and public keys;

Symmetric integrity and encryption keys.

The method according to claim 31, wherein the method further comprises:

Sending third response information to the second network function or the third network function;

The third response information indicates the key.

The method according to any one of claims 31 to 34, wherein the second network function is a PCF, the third network function is a LMF and/or the fourth network function is a central key management function.

A system, wherein the system includes at least one of a first network function, a second network function, a third network function and a fourth network function; the first network function is used to implement the methods described in claims 7 to 23; the second network function is used to implement the methods described in claims 24 to 30; and the third network function is used to implement the methods described in claims 31 to 35.

The system according to claim 36, wherein the first network function is AMF, the second network function is PCF, the third network function is LMF and/or the fourth network function is a central key management function.

A key distribution device, wherein the device comprises:

A sending module, configured to send first request information to the first network function;

The first request information is used to request the key for the terminal to broadcast SLPP signaling or receive broadcast SLPP signaling in the sidelink SL communication; the second network function is the network function of the network where the terminal is currently located.

A key distribution device, wherein the device comprises:

A receiving module, configured to receive first request information sent by a terminal;

A key distribution device, wherein the device comprises:

a sending module, configured to send third request information to the fourth network function;

A key distribution device, wherein the device comprises:

a receiving module, configured to receive third request information sent by the second network function or the third network function of the terminal;

A communication device, comprising:

antenna;

Memory;

The processor is connected to the antenna and the memory respectively, and is configured to control the transmission and reception of the antenna by executing computer executable instructions stored in the memory, and can implement the method provided in any one of claims 1 to 6, 7 to 23, 24 to 30 or 31 to 35.

A computer storage medium storing computer executable instructions, wherein the computer executable instructions, after being executed by a processor, can implement the method provided in any one of claims 1 to 6, 7 to 23, 24 to 30, or 31 to 35.