WO2025065972A1

WO2025065972A1 - Method and apparatus for communication

Info

Publication number: WO2025065972A1
Application number: PCT/CN2024/071617
Authority: WO
Inventors: Bidi YING; Hang Zhang
Original assignee: Huawei Technologies Co., Ltd.
Priority date: 2023-09-29
Filing date: 2024-01-10
Publication date: 2025-04-03

Abstract

Embodiments of this application provide a method and an apparatus for communication. The method includes: determining a first algorithm based on a first security capability and a security requirement of a communication between a device and a first network function, where the security requirement of the communication includes a security requirement of a service, an application, a mission or a session, where the service, the application, the mission or the session is related to the communication, and the first algorithm includes an encryption algorithm used for protection of the communication and/or an integrity algorithm used for protection of the communication; and transmitting a first message to the first network function, where the first message includes the first algorithm. It could reduce message exchange overhead and improve efficiency of network performance.

Description

METHOD AND APPARATUS FOR COMMUNICATION

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is related to, and claims priority to, United States provisional patent application Serial No. 63/586,462, entitled “SYSTEM AND METHODS FOR ACTIVATION ON SECURITY PROTECTION COMMUNICATIONS” , and filed on September 29, 2023.

The disclosure of the aforementioned application is hereby incorporated by reference in its entirety.

TECHNICAL FIELD

Embodiments of the present invention relate to the field of communications technologies, and more specifically, to a method and an apparatus for communication.

BACKGROUND

Encryption algorithms and integrity algorithms are used for security protection of communication between a user equipment (UE) and network functions in a network. However, since new applications and new services supported by the future network would result new interfaces, exchange for information related to these algorithms would result in a high message overhead. Moreover, it would result in an extra storage overhead and security risk for related network functions to store information related to these algorithms.

SUMMARY

Embodiments of this application provide a method and an apparatus for communication, which can reduce message exchange overhead.

According to a first aspect, an embodiment of the present application provides a method for communication, and the method may be performed by a key management function (KMF) or a chip installed in the KMF. A KMF is a network function that is responsible for key management. The method includes: determining a first algorithm based on a first security capability and a security requirement of a communication between a device and a first network function, where the security requirement of the communication includes a security requirement of a service, an application, a mission or a session, where the service, the application, the mission or the session is related to the communication, and the first algorithm includes an encryption algorithm used for protection of the communication and/or an integrity algorithm used for protection of the communication; and transmitting a first message to the first network function, where the first message includes the first algorithm.

According to a second aspect, an embodiment of the present application provides a method for communication, and the method may be performed by a first network function or a chip installed in the first network function. The method includes: receiving a first message from a KMF, where the first message includes a first algorithm, the first algorithm is determined based on a first security capability and a security requirement of a communication between a device and the first network function, the security requirement of the communication includes a security requirement of a service, an application, a mission or a session, the service, the application, the mission or the session is related to the communication, and the first algorithm includes an encryption algorithm used for protection of the communication and/or an integrity algorithm used for protection of the communication.

According to the above-mentioned technical solution, the KMF is responsible for key management. Algorithms used for protection of the communication is determined by the KMF. For a communication between a UE and a first network function, due to algorithms used for protection of the communication is configured to the first network function by the KMF, it could reduce message exchange overhead and improve efficiency of network performance. Moreover, since algorithms could be determined based on security requirement of a service, an application, a mission or a session related to the communication, it could meet different requirements of different scenarios.

With reference to the first aspect or the second aspect, in some embodiments, the first security capability of the communication includes at least one of: a security capability of the device or a security capability of the first network function.

According to the above-mentioned technical solution, algorithms used for security protection is determined based on the device’s security capability and/or the first network function’s security capability. It could be beneficial for the effective implementation of this security protection.

With reference to the first aspect or the second aspect, in some embodiments, the method further includes: transmitting or receiving a second message, where the second message includes an identifier of the device and the security requirement of the communication. The second message is used to determine whether an activation of security protection of the communication is needed.

With reference to the first aspect, in some embodiments, the method further includes: transmitting a first request for collecting the first security capacity, where the first request is determined based on the security requirement of the communication; and receiving a third message, where the third message includes at least one of: the security capability of the device or the security capability of the first network function.

With reference to the second aspect, in some embodiments, the first security capacity includes a security capability of the device , and the method further includes: receiving a first request for collecting the security capability of the device, where the first request is determined based on the security requirement of the communication; collecting the security capability of the device based on the first request; and transmitting a third message, where the third message includes the security capability of the device.

With reference to the first aspect or the second aspect, in some embodiments, the third message further indicates at least one of: a plurality of encryption algorithms able to be used by the first network function for protection of the communication, or a plurality of integrity algorithms able to be used by the first network function for protection of the communication.

With reference to the first aspect or the second aspect, in some embodiments, the first message further includes an identifier of a first anchor key, and the first algorithm is related to the first anchor key.

With reference to the first aspect or the second aspect, in some embodiments, the method further includes: transmitting or receiving a fourth message, where the fourth message includes an indication for generation of a new anchor key.

In some implementations, the first anchor key includes the new anchor key.

With reference to the first aspect or the second aspect, in some embodiments, the first message further includes first information indicating whether the new anchor key is generated.

With reference to the second aspect, in some embodiments, the first algorithm includes the integrity algorithm used for protection of the communication and the encryption algorithm used for protection of the communication. The method further includes: starting integrity protection of the communication based on the integrity algorithm; and transmitting a fifth message to the device, where the fifth message includes the integrity algorithm, the encryption algorithm, and an identifier of an anchor key that the first algorithm is related to.

According to a third aspect, there is provided a communication apparatus having a function or module to perform the method of the first aspect or the method of the second aspect, or any one of the implementations in these aspects.

According to a fourth aspect, there is provided a chip (or a chip system) . The chip includes at least one processor, the at least one processor is coupled to at least one memory. The at least one memory is configured to store one or more instructions and/or executable computer code. The at least one processor is configured to invoke the one or more instructions and/or executable computer code, so that a communication apparatus installed the chip performs the method of the first aspect or the method of the second aspect, or any possible implementation in these aspects.

Optionally, the chip may further include the at least one memory. Optionally, the chip may further include a communication interface, and the communication interface is configured to input and/or output information or data.

According to a fifth aspect, there is provided a communication apparatus. The communication apparatus includes one or more circuits and one or more communication interfaces. The one or more communication interfaces may include a first interface for receiving (that is, inputting) information and/or data that is to be processed by the one or more circuits and a second interface for transmitting (that is, outputting) information and/or data processed by the one or more circuit. The one or more circuits are configured to process the information and/or data that is to be processed so that the communication apparatus performs the method of the first aspect or the method of the second aspect, or any one of the implementations in these aspects.

According to a sixth aspect, there is provided a communication system. The communication system may include the communication apparatus according to the third aspect to the fifth aspect. For example, the communication system may include the one or more of: the KMF, or the first network function. The communication system may further include a device.

According to a seventh aspect, there is provided a computer storage medium that stores executable computer code, and the executable computer code is used to execute one or more instructions for the method according to the first aspect or any possible implementation of the first aspect, or the second aspect or any possible implementation of the second aspect.

According to an eighth aspect, there is provided a computer program product including one or more instructions, and when the computer product program runs on a computer, the computer performs the method according to the first aspect or any possible implementation of the first aspect, or the second aspect or any possible implementation of the second aspect.

DESCRIPTION OF DRAWINGS

FIG. 1 is a schematic illustration of a communication system.

FIG. 2 illustrates an example communication system.

FIG. 3 illustrates another example of an ED and a base station.

FIG. 4 illustrates units or modules in a device.

FIG. 5 illustrates 6G System conceptual structure.

FIG. 6 is a network scenario according to some embodiments of the present application.

FIG. 7 is an architecture of key management according to some embodiments of the present application.

FIG. 8 is a schematic flowchart of a method for communication according to an embodiment of the present application.

FIG. 9 is a schematic flowchart of a method for communication according to some embodiments of the present application.

FIG. 10 is an example of a call flow about a procedure of security activation according to some embodiments of the present application.

FIG. 11 is another example of a call flow about a procedure of security activation according to some embodiments of the present application.

FIG. 12 is a schematic block diagram of a communication apparatus 10 according to an embodiment of the present application.

FIG. 13 is a schematic block diagram of a communication apparatus 10 according to an embodiment of the present application.

DESCRIPTION OF EMBODIMENTS

In order to understand features and technical contents of embodiments of the present application in detail, implementations of the embodiments of the present application will be described in detail below with reference to the accompanying drawings, and the attached drawings are only for reference and illustration purposes, and are not intended to limit the embodiments of the present applications. In the following technical descriptions, for ease of explanation, numerous details are set forth to provide a thorough understanding of the disclosed embodiments.

The invention at least includes the following parts.

1) Design methods of security protection on data session

The basic concept is that a network function (we call it as a Key Management Function (KMF) is used for selection on algorithms for security protection on sessions or RBs. What’s more, the KMF collects factors for selection on algorithms for security protection on sessions or RBs.

2) Design a procedure about C/M session security protection activation

This embodiment provides a procedure about C/M session security protection activation.

3) Provide a procedure of C/M RB security protection activation

This embodiment provides details about a procedure of C/M RB security protection activation.

Related technologies and concepts are introduced here firstly in order to have better understanding of technical solution proposed by the present application.

The present disclosure relates generally to wireless communications.

Many new trends will trigger the consideration and design of 6G/future wireless networks: a new network infrastructure capability (e.g., cloud natured/friendly infrastructures that are broadly deployed) ; new or relative matured techniques (e.g., artificial intelligence (AI) large scale models, data de-privacy, block chain, etc. ) that have made significant progresses and significantly impact on the entire society and human life; new applications and services (e.g., AI services, data or sensing service, digital world service, etc. ) that are broadly applied in industry/business and used by individual customers; and more global/open/collaborative operation trend (i.e., a more open and more collaborative operation mode are becoming common practice in many fields) .

New expectation and stricter requirements on future networks also drive rethinking and development of new generation of wireless networks. These requirements include: privacy and trustworthiness, simplified standardization, rapid deployment, etc.

All of the above drives sixth generation (6G) network architecture research work.

Our proposed 6G network architecture (X-centric) are: SBA (XaaS service) based; and/or cloud-native. Anything as a service could be denoted as XaaS.

Requirements to 6G system network architecture design include:

1) The proposed 6G network architecture needs to support new 6G services which could be developed/deployed by 3rd parties.

2) The proposed 6G network architecture needs to embrace more open ecosystem to open door to technical capable 3rd parties.

3) The proposed 6G network architecture needs to enable better trustworthiness management.

A solution to enable above requirements is needed.

For ease of understanding the embodiments of this application, a communication system shown in FIGS. 1-4 is firstly used as an example to describe in detail a communication system to which the embodiments of this application are applicable.

Referring to FIG. 1, as an illustrative example without limitation, a simplified schematic illustration of a communication system is provided. The communication system 100 comprises a radio access network 120. The radio access network 120 may be a next generation (e.g. 6G or later) radio access network, or a legacy (e.g. fifth generation (5G) , fourth generation (4G) , third generation (3G) or second generation (2G) ) radio access network. One or more communication electronic devices (ED) 110a-110j (generically referred to as 110) may be interconnected to one another or connected to one or more network nodes (170a, 170b, generically referred to as 170) in the radio access network 120. A core network 130 may be a part of the communication system and may be dependent or independent of the radio access technology used in the communication system 100. Also, the communication system 100 comprises a public switched telephone network (PSTN) 140, the internet 150, and other networks 160.

FIG. 2 illustrates an example communication system 100. In general, the communication system 100 enables multiple wireless or wired elements to communicate data and other content. The purpose of the communication system 100 may be to provide content, such as voice, data, video, and/or text, via broadcast, multicast, groupcast, unicast, etc. The communication system 100 may operate by sharing resources, such as carrier spectrum bandwidth, between its constituent elements. The communication system 100 may include a terrestrial communication system and/or a non-terrestrial communication system. The communication system 100 may provide a wide range of communication services and applications (such as earth monitoring, remote sensing, passive sensing and positioning, navigation and tracking, autonomous delivery and mobility, etc. ) . The communication system 100 may provide a high degree of availability and robustness through a joint operation of a terrestrial communication system and a non-terrestrial communication system. For example, integrating a non-terrestrial communication system (or components thereof) into a terrestrial communication system can result in what may be considered a heterogeneous network comprising multiple layers. Compared to conventional communication networks, the heterogeneous network may achieve better overall performance through efficient multi-link joint operation, more flexible functionality sharing, and faster physical layer link switching between terrestrial networks and non-terrestrial networks.

The terrestrial communication system and the non-terrestrial communication system could be considered sub-systems of the communication system. In the example shown in FIG. 2, the communication system 100 includes electronic devices (ED) 110a-110d (generically referred to as ED 110) , radio access networks (RANs) 120a, 120b, a non-terrestrial communication network 120c, a core network 130, a public switched telephone network (PSTN) 140, the Internet 150, and other networks 160. The RANs 120a, 120b include respective base stations (BSs) 170a, 170b, which may be generically referred to as terrestrial transmit and receive points (T-TRPs) 170a, 170b. The non-terrestrial communication network 120c includes an access node 172, which may be generically referred to as a non-terrestrial transmit and receive point (NT-TRP) 172.

Any ED 110 may be alternatively or additionally configured to interface, access, or communicate with any T-TRP 170a, 170b and NT-TRP 172, the Internet 150, the core network 130, the PSTN 140, the other networks 160, or any combination of the preceding. In some examples, ED 110a may communicate an uplink and/or downlink transmission over a terrestrial air interface 190a with T-TRP 170a. In some examples, the EDs 110a-110d may also communicate directly with one another via one or more sidelink air interfaces 190b. In some examples, ED 110d may communicate an uplink and/or downlink transmission over a non-terrestrial air interface 190c with NT-TRP 172.

The air interfaces 190a and 190b may use similar communication technology, such as any suitable radio access technology. For example, the communication system 100 may implement one or more channel access methods, such as code division multiple access (CDMA) , space division multiple access (SDMA) , time division multiple access (TDMA) , frequency division multiple access (FDMA) , orthogonal FDMA (OFDMA) , or single-carrier FDMA (SC-FDMA, also known as discrete Fourier transform spread OFDMA, DFT-s-OFDMA) in the air interfaces 190a and 190b. The air interfaces 190a and 190b may utilize other higher dimension signal spaces, which may involve a combination of orthogonal and/or non-orthogonal dimensions.

The non-terrestrial air interface 190c can enable communication between the ED 110d and one or multiple NT-TRPs 172 via a wireless link or simply a link. For some examples, the link is a dedicated connection for unicast transmission, a connection for broadcast transmission, or a connection between a group of EDs 110 and one or multiple NT-TRPs 172 for multicast transmission.

The RANs 120a and 120b are in communication with the core network 130 to provide the EDs 110a 110b, and 110c with various services such as voice, data, and other services. The RANs 120a and 120b and/or the core network 130 may be in direct or indirect communication with one or more other RANs (not shown) , which may or may not be directly served by core network 130, and may or may not employ the same radio access technology as RAN 120a, RAN 120b or both. The core network 130 may also serve as a gateway access between (i) the RANs 120a and 120b or EDs 110a 110b, and 110c or both, and (ii) other networks (such as the PSTN 140, the Internet 150, and the other networks 160) . In addition, some or all of the EDs 110a 110b, and 110c may include functionality for communicating with different wireless networks over different wireless links using different wireless technologies and/or protocols. Instead of wireless communication (or in addition thereto) , the EDs 110a 110b, and 110c may communicate via wired communication channels to a service provider or switch (not shown) , and to the Internet 150. PSTN 140 may include circuit switched telephone networks for providing plain old telephone service (POTS) . Internet 150 may include a network of computers and subnets (intranets) or both, and incorporate protocols, such as Internet Protocol (IP) , Transmission Control Protocol (TCP) , User Datagram Protocol (UDP) . EDs 110a 110b, and 110c may be multimode devices capable of operation according to multiple radio access technologies, and incorporate multiple transceivers necessary to support such.

FIG. 3 illustrates another example of an ED 110 and a base station 170a, 170b and/or 170c. The ED 110 is used to connect persons, objects, machines, etc. The ED 110 may be widely used in various scenarios including, for example, cellular communications, device-to-device (D2D) , vehicle to everything (V2X) , peer-to-peer (P2P) , machine-to-machine (M2M) , machine-type communications (MTC) , internet of things (IoT) , virtual reality (VR) , augmented reality (AR) , mixed reality (MR) , metaverse, digital twin, industrial control, self-driving, remote medical, smart grid, smart furniture, smart office, smart wearable, smart transportation, smart city, drones, robots, remote sensing, passive sensing, positioning, navigation and tracking, autonomous delivery and mobility, etc.

Each ED 110 represents any suitable end user device for wireless operation and may include such devices (or may be referred to) as a user equipment/device (UE) , a wireless transmit/receive unit (WTRU) , a mobile station, a fixed or mobile subscriber unit, a cellular telephone, a station (STA) , a machine type communication (MTC) device, a personal digital assistant (PDA) , a smartphone, a laptop, a computer, a tablet, a wireless sensor, a consumer electronics device, a smart book, a vehicle, a car, a truck, a bus, a train, or an IoT device, wearable devices (such as a watch, a pair of glasses, head mounted equipment, etc. ) , an industrial device, or an apparatus in (e.g. communication module, modem, or chip) or comprising the forgoing devices, among other possibilities. Future generation EDs 110 may be referred to using other terms. The base station 170a and 170b is a T-TRP and will hereafter be referred to as T-TRP 170. Also shown in FIG. 3, a NT-TRP will hereafter be referred to as NT-TRP 172. Each ED 110 connected to T-TRP 170 and/or NT-TRP 172 can be dynamically or semi-statically turned-on (i.e., established, activated, or enabled) , turned-off (i.e., released, deactivated, or disabled) and/or configured in response to one of more of: connection availability and connection necessity.

The ED 110 includes a transmitter 201 and a receiver 203 coupled to one or more antennas 204. Only one antenna 204 is illustrated to avoid congestion in the drawing. One, some, or all of the antennas 204 may alternatively be panels. The transmitter 201 and the receiver 203 may be integrated, e.g. as a transceiver. The transceiver is configured to modulate data or other content for transmission by at least one antenna 204 or network interface controller (NIC) . The transceiver is also configured to demodulate data or other content received by the at least one antenna 204. Each transceiver includes any suitable structure for generating signals for wireless or wired transmission and/or processing signals received wirelessly or by wire. Each antenna 204 includes any suitable structure for transmitting and/or receiving wireless or wired signals.

The ED 110 includes at least one memory 208. The memory 208 stores instructions and data used, generated, or collected by the ED 110. For example, the memory 208 could store software instructions or modules configured to implement some or all of the functionality and/or embodiments described herein and that are executed by one or more processing unit (s) (e.g., a processor 210) . Each memory 208 includes any suitable volatile and/or non-volatile storage and retrieval device (s) . Any suitable type of memory may be used, such as random access memory (RAM) , read only memory (ROM) , hard disk, optical disc, subscriber identity module (SIM) card, memory stick, secure digital (SD) memory card, on-processor cache, and the like.

The ED 110 may further include one or more input/output devices (not shown) or interfaces (such as a wired interface to the Internet 150 in FIG. 1) . The input/output devices or interfaces permit interaction with a user or other devices in the network. Each input/output device or interface includes any suitable structure for providing information to or receiving information from a user, and/or for network interface communications. Suitable structures include, for example, a speaker, microphone, keypad, keyboard, display, touch screen, etc.

The ED 110 includes the processor 210 for performing operations including those operations related to preparing a transmission for uplink transmission to the NT-TRP 172 and/or the T-TRP 170; those operations related to processing downlink transmissions received from the NT-TRP 172 and/or the T-TRP 170; and those operations related to processing sidelink transmission to and from another ED 110. Processing operations related to preparing a transmission for uplink transmission may include operations such as encoding, modulating, transmit beamforming, and generating symbols for transmission. Processing operations related to processing downlink transmissions may include operations such as receive beamforming, demodulating and decoding received symbols. Depending upon the embodiment, a downlink transmission may be received by the receiver 203, possibly using receive beamforming, and the processor 210 may extract signaling from the downlink transmission (e.g. by detecting and/or decoding the signaling) . An example of signaling may be a reference signal transmitted by the NT-TRP 172 and/or by the T-TRP 170. In some embodiments, the processor 210 implements the transmit beamforming and/or the receive beamforming based on the indication of beam direction, e.g. beam angle information (BAI) , received from the T-TRP 170. In some embodiments, the processor 210 may perform operations relating to network access (e.g. initial access) and/or downlink synchronization, such as operations relating to detecting a synchronization sequence, decoding and obtaining the system information, etc. In some embodiments, the processor 210 may perform channel estimation, e.g. using a reference signal received from the NT-TRP 172 and/or from the T-TRP 170.

Although not illustrated, the processor 210 may form part of the transmitter 201 and/or part of the receiver 203. Although not illustrated, the memory 208 may form part of the processor 210.

The processor 210, the processing components of the transmitter 201, and the processing components of the receiver 203 may each be implemented by the same or different one or more processors that are configured to execute instructions stored in a memory (e.g. in the memory 208) . Alternatively, some or all of the processor 210, the processing components of the transmitter 201, and the processing components of the receiver 203 may each be implemented using dedicated circuitry, such as a programmed field-programmable gate array (FPGA) , an application-specific integrated circuit (ASIC) , or a hardware accelerator such as a graphics processing unit (GPU) or an artificial intelligence (AI) accelerator.

The T-TRP 170 may be known by other names in some implementations, such as a base station, a base transceiver station (BTS) , a radio base station, a network node, a network device, a device on the network side, a transmit/receive node, a Node B, an evolved NodeB (eNodeB or eNB) , a Home eNodeB, a next Generation NodeB (gNB) , a transmission point (TP) , a site controller, an access point (AP) , a wireless router, a relay station, a terrestrial node, a terrestrial network device, a terrestrial base station, a base band unit (BBU) , a remote radio unit (RRU) , an active antenna unit (AAU) , a remote radio head (RRH) , a central unit (CU) , a distributed unit (DU) , a positioning node, among other possibilities. The T-TRP 170 may be a macro BS, a pico BS, a relay node, a donor node, or the like, or combinations thereof. The T-TRP 170 may refer to the forgoing devices or refer to apparatus (e.g. a communication module, a modem, or a chip) in the forgoing devices.

In some embodiments, the parts of the T-TRP 170 may be distributed. For example, some of the modules of the T-TRP 170 may be located remote from the equipment that houses the antennas 256 for the T-TRP 170, and may be coupled to the equipment that houses the antennas 256 over a communication link (not shown) sometimes known as front haul, such as common public radio interface (CPRI) . Therefore, in some embodiments, the term T-TRP 170 may also refer to modules on the network side that perform processing operations, such as determining the location of the ED 110, resource allocation (scheduling) , message generation, and encoding/decoding, and that are not necessarily part of the equipment that houses the antennas 256 of the T-TRP 170. The modules may also be coupled to other T-TRPs. In some embodiments, the T-TRP 170 may actually be a plurality of T-TRPs that are operating together to serve the ED 110, e.g. through the use of coordinated multipoint transmissions.

The T-TRP 170 includes at least one transmitter 252 and at least one receiver 254 coupled to one or more antennas 256. Only one antenna 256 is illustrated to avoid congestion in the drawing. One, some, or all of the antennas 256 may alternatively be panels. The transmitter 252 and the receiver 254 may be integrated as a transceiver. The T-TRP 170 further includes a processor 260 for performing operations including those related to: preparing a transmission for downlink transmission to the ED 110, processing an uplink transmission received from the ED 110, preparing a transmission for backhaul transmission to the NT-TRP 172, and processing a transmission received over backhaul from the NT-TRP 172. Processing operations related to preparing a transmission for downlink or backhaul transmission may include operations such as encoding, modulating, precoding (e.g. multiple input multiple output (MIMO) precoding) , transmit beamforming, and generating symbols for transmission. Processing operations related to processing received transmissions in the uplink or over backhaul may include operations such as receive beamforming, demodulating received symbols, and decoding received symbols. The processor 260 may also perform operations relating to network access (e.g. initial access) and/or downlink synchronization, such as generating the content of synchronization signal blocks (SSBs) , generating the system information, etc. In some embodiments, the processor 260 also generates an indication of beam direction, e.g. BAI, which may be scheduled for transmission by a scheduler 253. The processor 260 performs other network-side processing operations described herein, such as determining the location of the ED 110, determining where to deploy the NT-TRP 172, etc. In some embodiments, the processor 260 may generate signaling, e.g. to configure one or more parameters of the ED 110 and/or one or more parameters of the NT-TRP 172. Any signaling generated by the processor 260 is sent by the transmitter 252. Note that “signaling” , as used herein, may alternatively be called control signaling. Signaling may be transmitted in a physical layer control channel, e.g. a physical downlink control channel (PDCCH) , in which case the signaling may be known as dynamic signaling. Signaling transmitted in a downlink physical layer control channel may be known as downlink control information (DCI) . Siganling transmitted in an uplink physical layer control channel may be known as uplink control information (UCI) . Signaling transmitted in a sidelink physical layer control channel may be known as sidelink control information (SCI) . Signaling may be included in a higher-layer (e.g., higher than physical layer) packet transmitted in a physical layer data channel, e.g. in a physical downlink shared channel (PDSCH) , in which case the signaling may be known as higher-layer signaling, static signaling, or semi-static signaling. Higher-layer signaling may also refer to radio resource control (RRC) protocol signaling or Media Access Control –Control Element (MAC-CE) signaling.

The scheduler 253 may be coupled to the processor 260. The scheduler 253 may be included within or operated separately from the T-TRP 170. The scheduler 253 may schedule uplink, downlink, sidelink, and/or backhaul transmissions, including issuing scheduling grants and/or configuring scheduling-free (e.g., “configured grant” ) resources. The T-TRP 170 further includes a memory 258 for storing information and data. The memory 258 stores instructions and data used, generated, or collected by the T-TRP 170. For example, the memory 258 could store software instructions or modules configured to implement some or all of the functionality and/or embodiments described herein and that are executed by the processor 260.

Although not illustrated, the processor 260 may form part of the transmitter 252 and/or part of the receiver 254. Also, although not illustrated, the processor 260 may implement the scheduler 253. Although not illustrated, the memory 258 may form part of the processor 260.

The processor 260, the scheduler 253, the processing components of the transmitter 252, and the processing components of the receiver 254 may each be implemented by the same or different one or more processors that are configured to execute instructions stored in a memory, e.g. in the memory 258. Alternatively, some or all of the processor 260, the scheduler 253, the processing components of the transmitter 252, and the processing components of the receiver 254 may be implemented using dedicated circuitry, such as a programmed FPGA, a hardware accelerator (e.g., a GPU or AI accelerator) , or an ASIC.

Although the NT-TRP 172 is illustrated as a drone only as an example, the NT-TRP 172 may be implemented in any suitable non-terrestrial form, such as satellites and high altitude platforms, including international mobile telecommunication base stations and unmanned aerial vehicles, for example. Also, the NT-TRP 172 may be known by other names in some implementations, such as a non-terrestrial node, a non-terrestrial network device, or a non-terrestrial base station. The NT-TRP 172 includes a transmitter 272 and a receiver 274 coupled to one or more antennas 280. Only one antenna 280 is illustrated to avoid congestion in the drawing. One, some, or all of the antennas may alternatively be panels. The transmitter 272 and the receiver 274 may be integrated as a transceiver. The NT-TRP 172 further includes a processor 276 for performing operations including those related to: preparing a transmission for downlink transmission to the ED 110, processing an uplink transmission received from the ED 110, preparing a transmission for backhaul transmission to T-TRP 170, and processing a transmission received over backhaul from the T-TRP 170. Processing operations related to preparing a transmission for downlink or backhaul transmission may include operations such as encoding, modulating, precoding (e.g. MIMO precoding) , transmit beamforming, and generating symbols for transmission. Processing operations related to processing received transmissions in the uplink or over backhaul may include operations such as receive beamforming, demodulating received symbols, and decoding received symbols. In some embodiments, the processor 276 implements the transmit beamforming and/or receive beamforming based on beam direction information (e.g. BAI) received from the T-TRP 170. In some embodiments, the processor 276 may generate signaling, e.g. to configure one or more parameters of the ED 110. In some embodiments, the NT-TRP 172 implements physical layer processing, but does not implement higher layer functions such as functions at the medium access control (MAC) or radio link control (RLC) layer. As this is only an example, more generally, the NT-TRP 172 may implement higher layer functions in addition to physical layer processing.

The NT-TRP 172 further includes a memory 278 for storing information and data. Although not illustrated, the processor 276 may form part of the transmitter 272 and/or part of the receiver 274. Although not illustrated, the memory 278 may form part of the processor 276.

The processor 276, the processing components of the transmitter 272, and the processing components of the receiver 274 may each be implemented by the same or different one or more processors that are configured to execute instructions stored in a memory, e.g. in the memory 278. Alternatively, some or all of the processor 276, the processing components of the transmitter 272, and the processing components of the receiver 274 may be implemented using dedicated circuitry, such as a programmed FPGA, a hardware accelerator (e.g., a GPU or AI accelerator) , or an ASIC. In some embodiments, the NT-TRP 172 may actually be a plurality of NT-TRPs that are operating together to serve the ED 110, e.g. through coordinated multipoint transmissions.

The T-TRP 170, the NT-TRP 172, and/or the ED 110 may include other components, but these have been omitted for the sake of clarity.

One or more steps of the embodiment methods provided herein may be performed by corresponding units or modules, according to FIG. 4. FIG. 4 illustrates units or modules in a device, such as in the ED 110, in the T-TRP 170, or in the NT-TRP 172. For example, a signal may be transmitted by a transmitting unit or by a transmitting module. A signal may be received by a receiving unit or by a receiving module. A signal may be processed by a processing unit or a processing module. Other steps may be performed by an AI or machine learning (ML) module. The respective units or modules may be implemented using hardware, one or more components or devices that execute software, or a combination thereof. For instance, one or more of the units or modules may be a circuit such as an integrated circuit. Examples of an integrated circuit includes a programmed FPGA, a GPU, or an ASIC. For instance, one or more of the units or modules may be logical such as a logical function performed by a circuit, by a portion of an integrated circuit, or by software instructions executed by a processor. It will be appreciated that where the modules are implemented using software for execution by a processor for example, the modules may be retrieved by a processor, in whole or part as needed, individually or together for processing, in single or multiple instances, and that the modules themselves may include instructions for further deployment and instantiation.

Additional details regarding the EDs 110, the T-TRP 170, and the NT-TRP 172 are known to those of skill in the art. As such, these details are omitted here.

The solution described in the application is applicable to a next generation (e.g. 6G or later) network, or a legacy (e.g. 5G, 4G, 3G or 2G) network.

The proposed 6G system architecture is defined to support 6G XaaS services by using techniques such as network function virtualization and network slicing. The 6G system architecture utilizes service-based interactions between 6G services.

The 6G system leverages service-based architecture and XaaS concept. XaaS services in the 6G system are categorized into three layers. For illustrative purpose, the 6G system conceptual structure is shown in FIG. 5.

An infrastructure layer includes infrastructures supporting 6G services. Among them are wireless networks (e.g., a RAN, and a core network (CN) ) infrastructures, cloud/data center infrastructures, satellite networks, storage/database infrastructures, and sensing networks, and etc. These infrastructures can be provided by a single provider or by multiple providers.

Each of the infrastructures could have its control and management functions, denoted as C/M functions, for infrastructure management. Each of these infrastructures is one type of infrastructure as a service.

A control and management (C/M) layer includes control and management services of the 6G system. They are developed and deployed by using slicing techniques and utilizing resource provided by infrastructure layer. In the 6G system conceptual structure:

- resource management (RM) as a service provides a capability of life-cycle management of a variety of slices and over-the-air resource assignment to wireless devices.

- mission management (MM) as a service provides a capability to program provisioning of XaaS services at service layer to provide mission services. A 6G mission is defined as a service provided to customers by the 6G system. A mission can be a type of services which is provided by a single 6G XaaS service or a type of services that needs contributions from multiple XaaS services.

- confederation network (CONET) as a service provides a capability to enable multiple partners jointly provide 6G services. This capability is provided by confederation formation, mutual authentication, mutual authorization among partners and negotiation of agreement on recording and retracing of selected actions performed by partners, in order to assure a trustworthy environment of 6G system operations.

- service provisioning management (SPM) as a service provides a capability of control and management of 6G service access by customers and provisioning of requested services. The capability is provided by unified mutual authentication, authorization and policy, key management, quality of service (QoS) assurance and charging between any pair of XaaS service provider and customer. The customers include end-customers not only in physical world, but also digital representatives in digital world.

- connectivity management (CM) as a service leverages 5G connectivity management functions, but with extension to include digital world.

- protocol as a service provides a capability to design service customized protocol stacks for identified interfaces. The protocol stacks could be pre-defined for on-demand selection, or could be on-demand designed.

- network security as a service provides a capability for owners of infrastructures to detect potential security risks of their infrastructures.

- XaaS services in C/M Layer support control and management of the 6G system itself and also provide support to verticals if requested. One example is that RM service can serve RAN for over-the-air resource management and can also provide service to a vertical for the vertical’s over-the-air resource allocation to its end-customers. The XaaS in C/M layer can be deployed by using slicing technique.

A service layer includes 6G services which provide services to customers. In the 6G system conceptual structure:

- AI service is denoted as NET4AI as a service. Artificial intelligence service provides AI capability to support a variety of AI applications.

- Service of data collection, data sanitization, data analysis and data delivery are denoted as DAM as a service. This service provides a capability of lifecycle management of statistic data, including acquisition, de-privatization, analysis and delivery of data which are information statistic data from any types of sensors, devices, network functions, and etc.

- Service of storage and sharing of data is denoted as NET4Data as a service. This service provides a capability to trustworthily storage and share data under the control of owners of data and following recognized authorities’ regulations on control of identified data.

- Service to provide digital world is denoted as NET4DW as a service. Digital world service provides a capability to construct, control and manage digital world. Digital world is defined as digital realization of physical world.

- 6G block chain service is denoted as NET4BC as a service. This service provides a capability to support 6G block chain services.

- 6G connectivity service is denoted as NET4CON as a service. Enhanced connectivity service, e.g., network for connectivity (NET4CON) as a service. This service provides a capability to support exchange of messages and data among new 6G services.

All XaaS services at this layer are developed and deployed by using resource provided in infrastructure and utilizing network function virtualization and slicing techniques. the capability of each of 6G services is provided by its control and management functions and service specific data process functions.

In addition to support 6G XaaS services at service layer, 6G system leverages 5G system for provisioning of vertical services. The difference between 6G XaaS services and other verticals are that a vertical is a pure customer which needs other XaaS services to enable its operation, while each of XaaS services provide their capabilities to 6G customers.

Any pair of XaaS services of the 6G system could also be mutual customer and provider of each other. Some of example are that: an infrastructure owner provides its resource to XaaS services in service layer and C/M layer; RM services may need the capabilities provided by NET4AI, DAM and NET4DW for its resource management for vertical slicing; CONET service and NET4Data service may need the capability provided by NET4BC for their operation.

The key concepts of 6G system includes that:

- define basic XaaS Services by decoupling comprehensive types of services into basic XaaS services. A basic XaaS service provides unique capability to enable a specific type of service, such as NET4AI service, NET4DW service, DAM service, NET4Data service, block chain service, mission management service, etc.

- allow joint operation of the 6G system by multiple partners.

- define data plane of the 6G system which includes processing functions of data plane of XaaS services. Programing the interconnection of these functions, by mission management service, enables to support a variety of customized customer services.

- simplify 6G system architecture by categorizing basic control services and management services and combining them as basic XaaS services in C/M layer.

- define C/M Plane of the 6G system which includes C/M functions in XaaS services and may include 5G CP (e.g., AMF) depending on implementation options.

- define basic architecture structure (BAS) which is a unified basic structure with minimized number of interfaces and is independent of types of infrastructures.

- simplify standardization, development and deployment of the 6G system using the BAS concept, while supporting a variety of infrastructure deployment scenarios.

- adapt to a variety of deployment scenarios by applying the BAS or a subset of it to infrastructures based on capability, capacity and requirement of the infrastructure networks.

- leverage SBI interface concept and apply SBI interaction in both 6G C/M plane and 6G data plane.

- simplify SBI interfaces by introducing trustworthy gateways (GWs) in data plane and C/M plane of the 6G system.

- improve trustworthiness from perspectives of operation of the 6G system by introducing CONET capability, NET4BC capability and anonymous service provisioning provided by the trustworthy GWs in the C/M plane and data plane of the 6G system.

- improve trustworthiness from perspective of end customer privacy protection by unified mutual authentication, IDM, data sanitization and etc. provided by SPM service, DAM service and 6G Block Chain service.

- simplify roaming management of wireless devices, in physical world and digital world, by unified authentication including all participated partners and customers.

- support multiple development paths from 5G system to 6G system by defining multiple architecture options without incurring much efforts due to the introduction of the BAS concept.

- support backward compatibility by utilizing benefits of SBA and its add-on feature. 5G users can use the 6G system to access 5G services.

- support future extension by adding new XaaS services with minimized impact on standardization and deployment, due to the introduced anonymous service provisioning concept implemented in trustworthy GWs in 6G C/M plane and in 6G data plane.

Currently, security procedures between a user equipment (UE) and network functions would be involved when the UE is capable of connecting to a network. For illustrative purpose, a key hierarchy or key framework involved in the current security procedures could include: keys for protection of non-access stratum (NAS) signals with a particular integrity/encryption algorithm (also be referred to as keys for NAS integrity/ciphering) , keys for protection of user plane (UP) traffic with a particular integrity/encryption algorithm (also be referred to as keys for UP integrity/ciphering) , and keys for protection of RRC signaling with a particular integrity/encryption algorithm (also be referred to as keys RRC integrity/ciphering) . These keys could be used to perform security protection on NAS interface, data from a UE to a RAN, and RRC interface, respectively; these keys could be derived from a long-term shared key known by the UE and the network. For example, keys for UP integrity/ciphering may be indirectly derived from the long-term shared key with UE’s information and serving network’s information. The UE’s information may include PCI or UE’s ID. These keys for UP integrity/ciphering are used for data protection from UE to RAN, after a PDU session is established. These keys for UP integrity/ciphering could be used for secure multiple PDU session. However, applying the same key to secure multiple communication sessions may lead to data leakage when the key is compromised.

As mentioned above, new applications and services would be supported in the future network, e.g., AI service, data service, sensing service and digital world service. These services can be developed and deployed by using resource provided by infrastructure (e.g., radio access network, data center or other infrastructure) and utilizing network function virtualization and slicing techniques. Any service could be referred to as anything as a service (XaaS) . In a XaaS module, there may be multiple network functions. These network functions could be classified into two categories: C/M functions and data processing functions. The data processing functions are used for processing data and could only exist in a service layer of XaaS. The C/M functions are used for control and management and could exist in a service layer and C/M layer of XaaS. A service provider of XaaS could also be referred to as a XaaS service.

FIG. 6 is a network scenario according to some embodiments of the present application. As shown in FIG. 6, the control/management trustworthy gateway (C/M-TW-GW) is a network function and could be defined as an endpoint of a C/M session at network side. The setup of the C/M session is for the device or the XaaS service to transmit the control message. The C/M session could be defined as a secured logical connection between a device (e.g., a UE) and its serving C/M-TW-GW. The data trustworthy gateway (Data-TW-GW) is a network function could be defined as an endpoint of data session of a device. The setup of the data session is for the device or the XaaS service to participate in processing data. The data session could be defined as a secured logical connection between a device and its serving Data-TW-GW. The radio bearer (RB) handler is a network function and could be implemented as a radio access network (RAN) . The RB handler could be defined as a logical function which performs RB protocol stack operations after getting configurations. The RB handler could be connected both other infrastructures (e.g., a core network and/or a third-part cloud) and C/M-TW-GW. Communications between the device and the RB handler could include a C/M RB or a data RB. The C/M RB could be defined as an over-the-air connection for carrying control signaling for over-the-air interface management and C/M plane messages. The data RB could be an over-the-air connection for carrying data plane traffic. In this scenario, there may be more network functions, e.g., authentication server, authorization server.

As shown in FIG. 6, there are some interfaces used for connecting these NFs within the network scenario. For example, the interface I could be defined as a set of security features that enables a device to authenticate and access services via the network securely, and to protect against attacks on the radio interfaces. For another example, the interface II could be defined as a set of security features that enables the system shown in FIG. 6 to securely exchange C/M session between a device and a C/M-TW-GW or securely exchange data session between the device and the Data-TW-GW. For still another example, the interface III could be defined as a set of security features that enables the system to securely exchange C/M session between the XaaS service and the C/M-TW-GW or securely exchange data session between the XaaS service and a Data-TW-GW. In other words, the interface I could support a connection between a device and an RB handler; the interface II could support a connection between a device and a C/M-TW-GW/Data-TW-GW; the interface III could support a connection between a XaaS service and a C/M-TW-GW/Data-TW-GW. For still another example, the interface IV could support a connection between the RB handler and the C/M-TW-GW/Data-TW-GW.

In this scenario, security procedures between a device (e.g., a UE) and network functions would be involved when the device is capable of connecting to a network. For example, when the device is capable of connecting to a C/M-TW-GW and/or connecting to an RB handler, the security procedures may include a primary authentication and key agreement procedures. The primary authentication and key agreement procedures are to enable mutual authentication between the device and a severing network and to provide keying materials that can be used between the device and the severing network. The keying materials can be used for signaling security protection on the interface I and interface II in subsequent security procedures. For another example, when a service is requested by the device, the security procedures may include a secondary primary authentication and key agreement procedures. The secondary authentication and key agreement procedures are to enable mutual authentication between the device and the XaaS service, and to provide keying materials that can be used between the device and the XaaS service in subsequent security procedures. The keying materials can be used for data security protection on an interface I and an interface II in subsequent security procedures.

Since new services, network functions and interfaces may be involved in the future network, security protection on the new interfaces may be involved. For illustrative purpose, taking the scenario shown in FIG. 6 as an example, there may be plurality of intermediate keys and terminal keys used for security protection, such as keys for protection of the C/M session (also referred to as C/M session keys, or keys used for C/M session) , keys for protection of data session (also referred to as data session keys, or keys used for data session) , keys for protection of C/M RB (also referred to as C/M RB keys, or keys used for C/M RB) , keys for protection of data RB (also referred to as data RB keys, or keys used for data RB) and so on.

The 6G System shall allow for use of encryption and integrity protection algorithms for C/M session keys, C/M RB keys, data session keys, data RB keys, derived from a shared key. Keys used for C/M session, C/M RB, data session, data RB, shall be dependent on the algorithms with which they are used. C/M session keys or data session keys could be derived from an anchor key, and could be configured to a serving C/M-TW-GW/Data-TW-GW. The anchor key could be generated based on a shared key known by a device and a network. C/M RB keys and data RB keys could be derived from an RB handler’s key, and could be configured to RB endpoints. The RB handler’s key could be an intermediate key and be derived from the anchor key. All keys are generated by SPM-KMFs (also be referred to as KMFs) . These SPM-KMFs may be deployed into a hierarchy structure (FIG. 6 is an example of a scenario) , and are responsible for key generation, key refresh and key revocation.

The security protection on these interfaces may include integrity protection and confidentiality protection on these interfaces; correspondingly, integrity algorithms and encryption algorithms related to these keys could be involved. For example, C/M session keys could include a key used for protection of the C/M session with a particular integrity algorithm and a key used for protection of the C/M session with a particular encryption algorithm. In other words, the system shown in FIG. 6 could allow for use of integrity algorithms and encryption algorithms for C/M session keys, data session keys, C/M RB keys and data RB keys. The keys used for protection of C/M session, data session, C/M RB and data RB shall be dependent on algorithms with which they are used.

In some implementations, a key management function (KMF) could be involved in the future network. The KMF could be a network function, that is responsible for key generations and key configurations. Moreover, the KMF could be responsible for keys refresh and key revocation. For example, the C/M session keys, data session keys, C/M RB keys and data RB keys could be generated by one or more KMFs.

Before the security protections on C/M sessions, Data sessions, C/M RBs, and Data RBs, the communication parties have to agree on the encryption and integrity algorithm. Encryption and integrity protection take place in the device and in the C/M-TW-GW, Data-TW-GW, RB handler. What encryption methods used for protection on sessions and RBs should be addressed. In other words, activation of ciphering and integrity protection for signal messages and data messages should be done before communications between a device and the network starts.

There have three issues: (1) Who selects encryption algorithm and integrity algorithm? (2) What are the factors to consider when selecting algorithm? (3) How are these factors to be collected?

In 3GPP, 33.501, to activate security protection on NAS messages, the AMF shall choose one NAS ciphering algorithm and one NAS integrity protection algorithm to establish NAS security contexts. To activate security protection on RB messages, the AMF shall send the device a list of ciphering algorithms and integrity algorithms to the gNB/ng-eNB. Then the gNB/ng-eNB shall choose the ciphering algorithm and the integrity protection algorithm, to establish AS security contexts. However, the above methods have the following issues:

1) High communication overhead

Since the change of the AMF at N2-Handover or mobility registration update results in the change of algorithm to be used for establishing NAS security, there has information exchanges between the old AMF and the target AMF. This information is about ciphering algorithms and NAS integrity protection algorithms. These frequent information exchanges may lead to higher communication overhead. Similarly, at handover from a source gNB over Xn to a target gNB, the source gNB shall include the ciphering and integrity algorithms used in the source cell in the handover request message. What’s more, at handover from a source gNB to a target gNB over N2, the target AMF shall send the ciphering and integrity algorithms to the target gNB. These information exchanges may have a large communication overhead.

2) High storage overhead

As discussed before, AMFs and gNBs keep the exchanged ciphering algorithms and the exchanged integrity algorithms. These may bring extra storage overhead and some security risks. For example, if one of them is compromised, the information shall be disclosed.

As mentioned above, in 6G System, SPM-KMF is introduced to manage keys and configure keys to RB handler, C/M-TW-GW, Data-TW-GW. To solve the above issues, we enable SPM-KMF to generate security capabilities and activate security protection on session messages and RB messages. What we do are as followers: 1) who triggers activate security protection? Is that RB handler, C/M-TW-GW, Data-TW-GW, or SPM-KMF, or AF (e.g., XaaS service) ? What call flows about security protection activation? 2) Currently, only algorithm ID is the main input for security capabilities. But, in 6G System, there may have more factors, e.g., service ID, or application ID or session ID. So, how to select algorithm to improve efficiency is very important.

For illustrative purpose, FIG. 7 is an architecture of key management according to some embodiments of the present application.

As shown in FIG. 7, a SPM-KMF-Anchor (also be referred to as a KMF-Anchor) could be responsible for generating and refreshing anchor key. An anchor key could be used to determine whether an authentication is needed between a device and a network.

A SPM-KMF-Session (also be referred to as a KMF-Session) could be responsible for generating and refreshing session keys. Session keys are keys used for protection on session between a device and a C/M-TW-GW/Data-TW-GW. In other words, session keys could include C/M session keys and/or data session keys. Moreover, the KMF-Session could be responsible for configuring session keys. For example, a C/M-TW-GW or Data-TW-GW could be connected to the KMF-Session, and the KMF-Session could configure session keys to the C/M-TW-GW or Data-TW-GW.

A SPM-KMF-RB (also be referred to as a KMF-RB) could be responsible for generating and refreshing RB keys. RB keys are keys used for protection on an RB between a device and an RB handler. In other words, RB keys could include C/M RB keys and /or data RB keys. KMF-RB could be responsible for configuring RB keys. For example, an RB handler could be connected to the KMF-RB, and KMF-RB could configure the RB keys to the RB handler. Moreover, KMF-RB could be responsible for activation on security protection on communication between a device and an RB handler.

In some implementations, at least two of KMF-RB, KMF-Session and KMF-Anchor are integrated into one network function, e.g., a KMF. For example, KMF#1 is a network function, where KMF-RB, KMF-Session and KMF-Anchor could be integrated into the KMF#1. In some implementations, KMF-RB, KMF-Session and KMF-Anchor are distributed among different network functions. For example, KMF#2, KMF#3 and KMF #4 are different network functions, and KMF#2, KMF#3 and KMF #4 could be taken as example of KMF-Anchor, KMF-Session and KMF-RB, respectively.

A SPM-Authen (also be referred to as an authentication server) is a network function that could be responsible for triggering a C/M signaling protection. The C/M signaling protection could include C/M keys generation and C/M keys configuration. The C/M keys could include at least one of C/M session keys and C/M RB keys. The authentication server could be connected to KMF-Anchor. A shared key could be delivered to the KMF-Anchor, after a device is successfully authenticated by the authentication server. For illustrative purpose, the shared key could be a long-term key, e.g., an extended master session key (EMSK) . The shared key should be known by the device. These intermediate keys and terminal keys, e.g., C/M session keys, C/M RB keys and data session keys, could be derived indirectly from the shared key.

A SPM-Author (also be referred to as an authorization server) could be a network function that are used for service management. The authorization server could be responsible for triggering a data protection that could include data keys generation and data keys configuration. The data keys may include at least one of data session keys and data RB keys. The authorization server could be connected to the KMF-Anchor. Keys for protection on data session could be generated and configured to a Data-TW-GW, after a device is successfully service authorized by the authorization server.

FIG. 8 is a schematic flowchart of a method for communication according to some embodiments of the present application. The method 300 shown in FIG. 8 includes steps S310 and S320. The following separately describes the steps in detail.

At S310, a KMF determines a first algorithm based on a first security capability and a security requirement of a communication between a device and a first network function.

In some embodiments, the first network function could be a C/M-TW-GW or a Data-TW-GW. Correspondingly, the communication between the device and the first network function could be a C/M session between the device and the C/M-TW-GW or a data session whose endpoint is the Data-TW-GW. In this scenario, the KMF could include a KMF-Session.

In some embodiments, the first network function could be an RB handler. Correspondingly, the communication between the device and the first network function could be a C/M RB or a data RB. In this scenario, the KMF include a KMF-RB.

At least one service, application, session or mission could be related to the communication between the device and the first network function. A mission may be a type of service that is provided by a single XaaS service or a type of services that needs contributions from multiple XaaS services. In some implementations, the security requirement of the communication could include a security requirement of a service, an application, a session or a mission.

For illustrative purpose, a mission #1 could include a data session #1, and a mission #2 could include a data session #2 and a data session #3. The data session #1 could be associated with an application #1 (e.g., an application for data analysis provided or supported by DAM) and an application #2 (e.g., an application for data collection provided or supported by DAM) . The data session #2 could be associated with a service #1 (e.g., a service provided or supported by NET4AI) , and the data session #3 could be associated with a service #2 (e.g., a service provided or supported by NET4Data) and a service #3 (e.g., a service supported or provided by NET4DW) .

For example, security requirements of the data session #1 could include security requirements of the application #1 and security requirements of the application #2. For another example, security requirements of the data session #3 shall include security requirements of the service #2 and security requirements of the service #3.

In some implementations, keys for security protection of the communication between the device and the first network function could have different levels, e.g., keys for service/application, keys for session or keys for mission. For illustrative purpose, a key for service/application could be used for protection of a service/application related to the communication (e.g., a C/M session, or a data session) . A key for session could be used for protection of a session related to the communication. A key for mission could be used for protection of all session (s) belonging to a mission. In some embodiments, the keys for security protection of the communication may include keys for a device. A key for device could be used for protection of all C/M session (s) /data session (s) belonging to a device. In other words, security protection of C/M session or data session may be performed per service/application, per session, per mission or per device.

The first algorithm could include an encryption algorithm and/or an integrity algorithm used for protection of the communication between the device and the first network function. For illustrative purpose, by taking a C/M session as an example, keys for protection of the C/M session could include a key used for confidentiality protection of the C/M session and a key used for integrity protection of the C/M session. The first algorithm could include an encryption algorithm related to the key used for confidentiality protection of the C/M session, and an integrity algorithm related to the key used for integrity protection of the C/M session.

For illustrative purpose, it is supposed that service #1 is related to a C/M session, and the service #1 has a high security requirement. The KMF may select an algorithm with a high complexity from a plurality of algorithms, and the selected algorithm could be used for the protection of the C/M session.

In some implementations, the first security capability of the communication could include at least one of: a security capability of the device, or a security capability of the first network function. The security capability could indicate process capabilities that could be provided to perform the security protection on the communication. For example, the security process capability of the device could indicate encryption algorithms/integrity algorithms that could be implemented by the device. For another example, the security capability of the device could indicate at least one of: an efficiency, a compatibility or a performance of algorithms that could be performed by the device to protect the communication. For another example, the security process capability of the first network function could indicate encryption algorithms/integrity algorithms that could be implemented by the first network function.

At S320, the KMF transmits a first message to the first network function and the first message includes the first algorithm. Correspondingly, the first network function receives the first message.

In some embodiments, the KMF could receive a second message from the first network function. The second message could include an ID of the device and the security requirement of the communication. The KMF could determine whether a security protection activation is needed for the communication based on the security requirement of the communication. When a security protection activation is needed, the KMF could determine the first algorithm based on the security requirement of the communication and the first security capability.

In some implementations, the KMF could transmit a first request for collecting the first security capability. The first request is determined based on the security requirement of the communication. The KMF could further receive a third message. The third message could further include at least one of: the security capability of the device or the security capability of the first network function. For example, the KMF could transmit a request for the security capability of a C/M-TW-GW to the C/M-TW-GW, and the C/M-TW-GW could transmit a response including its security capability to the KMF.

In some embodiments, the third message could indicate at least one of: a plurality of encryption algorithms able to be used by the first network function for protection of the communication, or a plurality of integrity algorithms able to be used by the first network function for protection of the communication.

For example, a C/M-TW-GW could transmit a message including a list of algorithms that could be performed at the C/M-TW-GW to perform protection on a C/M session. The KMF could receive the message and select the first algorithm from the list of algorithms.

In some implementations, the first message could further include an ID of a first anchor key, where the first algorithm is related to the first anchor key.

For illustrative purpose, by taking a C/M-TW-GW as an example of the first network function, keys used for protection of a C/M session between the device and the C/M-TW-GW could be derived from an anchor key directly or indirectly, and these keys could be used for protection of the C/M session with the selected particular encryption/integrity algorithms.

In some implementations, the KMF could receive a fourth message. The fourth message could include an indication for generation of a new anchor key, and the first anchor key include the new anchor key.

The fourth message could be transmitted by the first network function.

In some embodiments, the third message and the fourth message could be a same message. In other words, a message may include at least one of: the security capability of the device and the security capability of the first network function, and the message further includes an indication for generation of a new anchor key.

In some implementations, the first message could further include information indicating the whether the new anchor key is generated.

In some implementations, the first algorithm comprises the integrity algorithm used for protection of the communication and the encryption algorithm used for protection of the communication. The first network function could perform integrity protection of the communication based on the integrity algorithm; and transmit a fifth message to the device. The fifth message comprises the integrity algorithm, the encryption algorithm, and an identifier of an anchor key that the first algorithm is related to.

For illustrative purpose, by taking the scenario shown in FIG. 6 as an example, a communication method provided in this application will be described in combination with FIG. 9.

In an embodiment, according to the background of a framework of key management (as shown in FIG. 6) , we provide a basic concept of how to activate security protection on session communications and RB communications (as shown in FIG. 9) . The objective of this embodiment is to provide a method of security protection activation on session communications and RB communications. There have three ways to trigger security protection activation on session communications and RB communications. There are: (1) device, (2) network (RB handler, C/M-TW-GW, Data-TW-GW) , (3) SPM-KMF. This trigger can be done by receiving a request from them.

Referring to FIG. 9, as an illustrative example without limitation, a simplified schematic illustration of a principle of security protection activation is provided. When receiving a request from a device, a network function (e.g., RB handler, C/M-TW-GW, or Data-TW-GW) , a SPM-KMF shall determine whether it needs security protection activation. The SPM-KMF may be a SPM-KMF-Session in FIG. 7, or a SPM-KMF-RB in FIG. 7. After that, the SPM-KMF collects factors for selection one ciphering algorithm and one integrity protection algorithm. Then, the SPM-KMF selects an algorithm for ciphering, an algorithm for integrity protection. The SPM-KMF configures these algorithms to the device, or the C/M-TW-GW, or the Data-TW-GW, or RB handler.

Details about the FIG. 9 are as followers:

(1) How to determine whether it needs security protection activation.

A SPM-KMF shall determine whether it needs security protection activation or not according to service security requirements from a network, local policies from a network operator. Note that security requirements from a network shall include service security requirements from a device, network security performances.

(2) What factors for selection algorithms

Factors for selection algorithms may include information from a network, information from a device, information from a C/M-TW-GW or a Data-TW-GW, information from a SPM-KMF. For example, information from a network may include a level of security required by the device, or a level of security required by service/application, or a level of security required by a session. Information from the device may include security capabilities of the device, e.g., security capability, e.g., efficiency, compatibility, performances of algorithms for ciphering and integrity. Information from a C/M-TW-GW or a Data-TW-GW may include security capabilities of the C/M-TW-GW or the Data-TW-GW, e.g., security capability, e.g., efficiency, compatibility, performances of algorithms for ciphering and integrity. Information from a SPM-KMF may include local policies, or time window for validation of selected algorithms.

(3) How to configure algorithms

One algorithm for session ciphering shall be configured to a device and a serving C/M-TW-GW. One algorithm for session integrity protection shall be configured to a device and a serving Data-TW-GW. One algorithm for RB ciphering shall be configured to a device and a serving RB handler. One algorithm for RB integrity protection shall be configured to a device and a serving RB handler.

FIG. 9 is a schematic flowchart of a method 400 according to some embodiments of the present application. A method of security protection activation on session communications or RB communications could be provided according to the method 400. The method 400 shown in FIG. 9 could include steps S402 to S412. The following separately describes the steps in detail.

At S402, receive a request from a device or a network function.

There may be different ways to trigger a security protection on a session communication and/or an RB communication. The security protection could be trigger by the device, the KMF or the network (e.g., an RB handler, a C/M-TW-GW or a Data-TW-GW in the network) .

In some implementations, a device or a network function (e.g., an RB handler, a C/M-TW-GW or a Data-TW-GW in the network) could transmit a request to trigger the security protection; correspondingly, the KMF could receive the request.

At S404, determine whether a security protection activation is needed for the session communication and/or the RB communication.

When receiving a request from the device or a network function, the KMF shall determine whether a security protection activation is needed. For illustrative purpose, taking the scenario shown in FIG. 7 as an example, the KMF-Session or KMF-RB shown in FIG. 7 could make this decision.

The KMF could determine whether the security protection activation is needed based on at least one of: service security requirements from a network or local policies from a network operator. The security requirement from network could include service security requirement from the device and network security performance.

At S406, collect factors for algorithm selection.

The KMF could collect factors for selection an encryption algorithm and an integrity algorithm, when a security protection activation is needed.

In some implementations, the factors for selection algorithms could include at least one of: information from the network, information from the device, information from the C/M-TW-GW/Data-TW-GW, or information from the KMF. For example, the information from the network could include: a level of security required by the device, a level of security required by the service/application related to the communication, or a level of security required by the session/mission related to the communication. For another example, the information from the device could include security capability of the device. The security capability of the device could indicate at least one of: an efficiency, a compatibility or a performance of algorithms that could be performed by the device to protect the communication. For another example, the information from the C/M-TW-GW/Data-TW-GW may include security capability of the C/M-TW-GW/Data-TW-GW. The security capability of the C/M-TW-GW/Data-TW-GW could indicate at least one of: an efficiency, a compatibility or a performance of algorithms that could be performed by the C/M-TW-GW/Data-TW-GW to protect the communication. For still another example, the information from the KMF could include local policies, or time windows for validation of selected algorithms.

At S408, select encryption/integrity algorithms.

The KMF could generate keys used for protection of the communication.

The KMF could select the encryption algorithms and integrity algorithms related to these keys.

For illustrative purpose, taking the scenario shown in FIG. 6 as an example, Table 1 illustrates some examples for how to select algorithms. As shown in Table 1, it is supposed that the service, application or session related to a communication may have a low security requirement, a middle security requirement or a high security requirement. Furthermore, it is supposed that the device or a network function (e.g., an RB handler, a C/M-TW-GW or a Data-TW-GW) may have a low security capability, a middle security capability or a strong security capability.

Table 1: factors on how to select algorithms

In an embodiment, as shown in Table 1, the KMF may select an algorithm with a high complexity from a plurality of algorithms, when a service related to the communication has high security requirement and the device has a strong security capability.

In another embodiment, as shown in Table 1, the KMF may select an algorithm with a middle complexity, when a session related to the communication has high security requirement and the device has a low security capability.

At S410, configure algorithms.

The KMF could configure the selected algorithms to the device and related network function (e.g., the C/M-TW-GW/Data-TW-GW or the RB handler) .

In an embodiment, for a C/M session, an encryption algorithm and an integrity algorithm could be configured to the device and the serving C/M-TW-GW. For example, the KMF could transmit a message indicating an ID of the selected algorithm to the device and the C/M-TW-GW.

In another embodiment, for a data session, an encryption algorithm and an integrity algorithm could be configured to the device and the serving Data-TW-GW.

In still another embodiment, for a C/M RB or a data RB, an encryption algorithm and an integrity algorithm could be configured to the device and the RB handler.

The method of security protection activation could have the following new feature compared to prior arts in 3GPP 33.501.

1) SPM-KMF has a new feature of determination which algorithm for security protection.

2) SPM-KMF selects algorithms according to collected factors

These new features bring some benefits, e.g., reduces communication overhead due to handover, reduces storage overhead due to keep exchanged information.

For illustrative purpose, by taking a C/M session as an example of the communication between the device and the first network function, an example of a call flow about a procedure of security activation according to some embodiments of the present application is shown in FIG. 10.

Before C/M session security protection can be activated, the serving C/M-TW-GW and the device need to establish a C/M session security context. The C/M session security context is created as the result of an authentication procedure and a key generation procedure between the serving C/M-TW-GW and the device. The C/M session security context shall include the anchor key with the associated 6g Key Set Identifier (6gKSI) , the device security capabilities, the uplink and downlink C/M session COUNT values. The key set identifier 6gKSI has the value of the anchor key. The device security capabilities shall include algorithms for session level, algorithms for RB layer.

When a new C/M session security context is derived using the same anchor key, a SPM-KMF-Session notifies that a new anchor key shall not be derived to the serving C/M-TW-GW. The serving C/M-TW-GW shall increase the downlink C/M session COUNT by one. When a new C/M session security context is created from a new anchor key, the SPM-KMF-Session notifies that a new anchor key shall be derived to the serving C/M-TW-GW. The serving C/M-TW-GW shall then set both the uplink and downlink C/M session COUNT counters of this C/M session security context to zero. Details of C/M session security protection activation are seen as follows (specified in FIG. 10. )

Note that details of this embodiment could be used in Data Session security protection activation. In this scenario, a C/M-TW-GW should be replaced by a Data-TW-GW.

As shown in FIG. 10, a serving C/M-TW-GW is taken as an example of the first network function, and a KMF-Session shown in FIG. 7 could be used to determine algorithms used to protection of the C/M session.

At S501, a serving C/M-TW-GW transmits a message 1 to a KMF-Session.

The message 1 could be used for request security context for the device. The message 1 could include an ID of the device and security requirements.

The message 1 could be taken as an example of the second message mentioned in method 300.

At S502, the KMF-Session determines whether a security protection activation is needed.

At S503, the KMF-Session transmits a message 3 to the C/M-TW-GW.

The message 3 could be used to request factor (s) for selection algorithms. The message 3 could include an indication of request for the factor (s) .

The message 3 could be taken as an example of the first request mentioned in method 300.

At S504, the C/M-TW-GW collects factors from the device.

These factors could include security capability of the device, security requirement from the device.

At S505, the C/M-TW-GW transmits a message 5 to the KMF-Session.

The message 5 could include the factors used to select algorithms. For example, the message 5 could include: security capability of the device and/or security capability of the C/M-TW-GW. The message 5 could further include a list of algorithms that could be performed at the device and the C/M-TW-GW for protection of the C/M session.

The message 5 could be taken as an example of the third message mentioned in method 300.

In some embodiments, the message 5 could further include indication of generation new anchor key, and uplink or downlink C/M session COUNT value. In this scenario, the message 5 could be taken as an example of the fourth message mentioned in method 300.

At S506, the KMF-Session selects algorithms used for protection of the C/M session.

For example, the KMF-Session could be configured a list of encryption algorithms and a list of integrity algorithms that are allowed to be used by the device and the C/M-TW-GW. The KMF-Session could select at least one encryption algorithm and at least one integrity algorithm for protection of the C/M session based on the security capabilities included in the message 5.

In some implementations, the KMF-Session could generate a new anchor key based on the downlink C/M session COUNT value and the indication of generation new anchor key. The KMF-Session could determine an ID of an anchor key that the selected algorithms are related to. An ID of an anchor could also be referred to as a 6th generation keyset identifier (6gKSI) .

For example, when a new anchor key is generated, the KMF-Session could derive new C/M session keys from the new anchor key. When the selected algorithms are used for protection of the C/M session with the new C/M session keys, the selected algorithms are related to the new anchor key.

In some embodiments, the KMF-Session could determine a new-anchor-key flag that indicates whether a new anchor key is generated by the KMF-Session.

At S507, the KMF-Session transmits a message 7 to the C/M-TW-GW.

The message 7 could include the selected algorithms and the 6gKSI that the selected algorithms are related to. The message 7 could be taken as an example of the first message mentioned in method 300.

In some implementations, the message 7 further include the new-anchor-key flag and the new anchor key.

At S508, the C/M-TW-GW performs integrity protection on the C/M session.

The step S508 may include step S508a to S508c.

At S508a, the C/M-TW-GW starts integrity protection on the C/M session.

The C/M-TW-GW could activate integrity protection of the C/M session before it transmits a message 8b to the device.

In some embodiments, the C/M-TW-GW could reset downlink C/M session COUNT value to be zero when the new-anchor-key flag indicates that a new anchor key is generated by the KMF-Session.

At S508b, the C/M-TW-GW transmits the message 8b to the device.

The message 8b could include security capability of the device, the selected algorithms and the 6gKSI that the selected algorithms are related to.

The message 8b could further include a message authentication code (MAC) .

In some embodiments, the message 8b could further include a flag requesting the complete initial C/M session message. In some embodiments, the message 8b could further include a the new-anchor-key flag. For example, when the new-anchor-key flag indicates that a new anchor key is generated by the KMF-Session, the new-anchor-key flag could indicate that a new anchor key should be generated at the device.

The message 8b could be taken as an example of the fifth message mentioned in the method 300.

At S508c, the C/M-TW-GW starts uplink deciphering for the C/M session.

The C/M-TW-GW could activate uplink deciphering for the C/M session after it transmits a message 8b.

At S509, the device performs security protection on the C/M session.

The device shall verify the message 8b. For example, the device could check whether the security capability of the device in the message 8b matches the security capability of the device stored in the device. It could ensure that the received message is not modified by an attacker. For another example, the device could verify the integrity protection by using the indicated integrity algorithm and a C/M session integrity key related to the indicated 6gKSI.

The step S509 may include step S509a and S509b.

At S509a, the device starts uplink ciphering, downlink deciphering and integrity protection on the C/M session.

In some embodiments, the device may start integrity protection of the C/M session and ciphering/deciphering of the C/M session with the security context indicated by the 6gKSI, when a verification of the integrity of the message 8b is successful.

In some embodiments, the device may generate a new anchor key based on the downlink C/M session COUNT value when the new-anchor-key flag indicates that a new anchor key should be generated at the device. The device may generate new C/M session keys based on the new anchor key. The device could reset uplink C/M session COUNT value to be zero when the new-anchor-key flag indicates that a new anchor key should be generated at the device.

At S509b, the device transmits a message 9b to the C/M-TW-GW.

The message 9b could be a message that is complete and ciphered. The message 9b could include a MAC.

At S510, the C/M-TW-GW starts downlink ciphering.

In an embodiment, for a call flow of C/M session activation procedure (e.g., as shown in FIG. 10) , details may by are as followers:

1. A serving C/M-TW-GW shall send a message1 to a SPM-KMF-Session.

2. The SPM-KMF-Session determines whether it needs security protection activation.

3. The SPM-KMF-Session sends a message3 to the serving C/M-TW-GW.

4. The serving C/M-TW-GW collects factors from the device. These factors shall include security capabilities for the device, security requirements from the device.

5. The serving C/M-TW-GW sends a message5 to the SPM-KMF-Session.

In some embodiments, the message 5 could also be taken as an example of the fourth message mentioned in method 300.

6. The SPM-KMF-Session may generate a new anchor key based on the downlink C/M session COUNT value due to the indication of the new anchor key required. The SPM-KMF-Session selects one C/M session ciphering algorithm and one C/M session integrity algorithm based on the device security capabilities, the 6gKSI for identifying the new anchor key, a new-anchor-key flag which indicates whether the SPM-KMF-Session generates the new anchor key. The SPM-KMF-Session may generate new C/M session keys.

NOTE: each serving C/M-TW-GW shall be configured via network management with lists of algorithms which are allowed for usage. There shall be one list for C/M session integrity algorithms, and one for C/M session ciphering algorithms.

7. The SPM-KMF-Session shall send a message7 to the serving C/M-TW-GW.

The message 7 could be taken as an example of the first message mentioned in method 300.

8. a) The serving C/M-TW-GW activates the C/M session integrity protection before sending a message8b. The serving C/M-TW-GW may reset downlink C/M session COUNT value to be zero if the new-anchor-key flag indicates the new anchor key should be required.

b) The serving C/M-TW-GW sends the message8b to the device.

c) The serving C/M-TW-GW activates C/M session uplink deciphering after sending the message8b.

9. a) The device shall verify the message8b. The device checks that the device security capabilities match the ones stored in the device to ensure that these were not modified by an attacker and verifies the integrity protection using the indicated C/M session integrity algorithm and the C/M session integrity key based on the anchor key indicated by the 6gKSI. If the verification of the integrity of the message8b is successful, the device shall start C/M session integrity protection and ciphering/deciphering with the security context indicated by the 6gKSI. The device may generate a new anchor key based on the downlink C/M session COUNT value if the new-anchor-key flag indicates the new anchor key should be required. The 6G device may generate new C/M session keys based on the new anchor key. The 6G device may reset uplink C/M session COUNT value to be zero if the new-anchor-key flag indicates the new anchor key should be required.

b) The device sends a message9b to the serving C/M-TW-GW ciphered and integrity protected.

10. The serving C/M-TW-GW activates C/M session downlink ciphering.

In this embodiment, we provide an example of how to activate C/M session security protection. This example illustrates the basic concepts of the embodiment 1. Later, we provide a procedure of C/M session activation. Compared to 3GPP, 33.501, we add new features (as shown in step 1, 2, 3, 4, 5, 6, 7) in the figure 8. These new features could improve efficiency of the network performance.

For illustrative purpose, by taking a C/M RB as an example of the communication between the device and the first network function, another example of a call flow about a procedure of security activation according to some embodiments of the present application is shown in FIG. 11.

Each RB handler shall be configured via network management with lists of algorithms which are allowed for usage. There shall be one list for integrity algorithms, and one for ciphering algorithms. A SPM-KMF-RB establishes the device security capability, and may also establish a new C/M RB security context. Details are seen in the FIG. 11. Messages’ names in the data download procedure are seen in a Table 3, and contents of each message are also seen in the Table 3. Note that details of this embodiment could be used in Data RB security protection activation.

As shown in FIG. 11, a serving RB handler is taken as an example of the first network function, and a KMF-RB shown in FIG. 7 could be used to determine algorithms used to protection of the C/M RB. The KMF-RB could establish the device security capability, and a new C/M RB security context.

At S601, the RB handler transmits a message 1 to the KMF-RB.

The message 1 could be taken as an example of the second message mentioned in the method 300.

At S602, the KMF-RB determines whether a security protection activation is needed for the C/M RB.

At S603, the KMF-RB transmit at least one message to request factor (s) for selection algorithms.

The step S603 may include step S603a and S603b.

At S603a, the KMF-RB transmits a message 3a to the RB handler.

The message 3a could include an indication of request for the factor (s) .

At S603b, the KMF-RB transmits a message 3b to the KMF-Session.

The message 3b could include an indication of request for the factor (s) , a 6gKSI and the ID of the device.

The message 3a and message 3B could be taken as examples of the first request mentioned in the method 300.

At S604, the RB handler collects factors from the device.

For example, these factors could include security capability of the device, security requirement from the device.

At S605, the RB handler transmits a message 5 to the KMF-RB.

The message 5 could include security capability of the device and/or security capability of the RB handler.

In some embodiments, the message 5 could further include a list of algorithms that could be performed at the device and the RB handler for protection of the C/M RB.

The message 5 could be taken as an example of the third message mentioned in the method 300.

At S606, the KMF-Session transmits a message 6 to the KMF RB.

In some embodiments, the message 6 could include indication of generation new anchor key, and uplink or downlink C/M session COUNT value.

In some embodiments, the message 6 could further include a new anchor key.

The message 6 could be taken as an example of the fourth message mentioned in the method 300.

At S607, the KMF-RB selects algorithms used for protection of the C/M RB.

For example, the KMF-RB could be configured a list of encryption algorithms and a list of integrity algorithms that are allowed to be used by the device and the RB handler. The KMF-RB could select at least one encryption algorithm and at least one integrity algorithm for protection of the C/M RB.

In some embodiments, the KMF-RB could generate new C/M RB keys due to the device mobility, due to local policies from the network operator or due to the update of the anchor key.

At S608, the KMF-RB transmits a message 8 to the RB handler.

The message 8 could include the selected algorithms.

In some embodiments, the message 8 could include the new C/M RB keys.

The message 8 could be taken as an example of the first message mentioned in the method 300.

At S609, the RB handler performs security protection on the C/M RB.

The step S609 may include S609a to S609d.

At S609a, the RB handler starts integrity protection on the C/M RB.

The RB handler could activate C/M RB integrity protection.

At S609b, the RB handler transmits the message 9b to the device.

The message 9b could be integrity protected with a C/M RB integrity key based on the current key of the RB handler. The message 9b could include the selected integrity algorithm (s) and the selected encryption algorithm. The message 9b could further include a message authentication code –integrity (MAC-I) .

The message 9b could be taken as an example of the fifth message mentioned in the method 300.

At S609c, the RB handler starts downlink ciphering on the C/M RB.

The KMF-RB could activate C/M RB downlink ciphering at the RB handler after the KMF-RB sends the message 9b.

At S609d, the RB handler starts uplink deciphering on the C/M RB.

The RB handler could activate C/M RB uplink deciphering at the RB handler after receiving a message 10b.

At S610, the device performs security protection on the C/M RB.

The step S610 could include S610a to S610c.

At S610a, the device verifies MAC-I, and starts downlink deciphering and integrity protection on the C/M session.

In some embodiments, the device could verify the message 9b. when the device could start the integrity protection of the C/M RB and downlink deciphering, when a verification of the integrity of the message 9b is successful.

At S610b, the device transmits a message 10b to the RB handler.

The message 10b could include the MAC-I.

At S610c, the device starts uplink ciphering on the C/M RB.

The device could activate uplink encryption at the device after the device sends the message 10b.

The method proposed in embodiments of the present application is described in detail above, and a communication apparatus provided by the present application will be described in detail below.

In an embodiment, for a call flow of C/M RB activation procedure (as shown in FIG. 11) , details are as followers:

1. A serving RB handler shall send a message1 to a SPM-KMF-RB.

2. The SPM-KMF-RB determines whether it needs security protection activation.

3. The SPM-KMF-RB sends a message3a to the serving RB handler. The SPM-KMF-RB sends a message3b to a SPM-KMF-Session.

4. The serving RB handler collects factors from the device. These factors shall include security capabilities for the device, security requirements from the device.

5. The serving RB handler sends a message5 to the SPM-KMF-RB.

6. The SPM-KMF-Session sends a message6 to the SPM-KMF-RB.

7. The SPM-KMF-RB selects one C/M RB ciphering algorithm and one C/M RB integrity algorithm. The SPM-KMF-RB may also generate new C/M RB keys due to the device mobility or local policies from an operator or due to the new anchor key.

8. The SPM-KMF-RB shall send a message8 to the serving RB handler.

9. a) The RB handler activates C/M RB integrity protection.

b) The RB handler sends a message9b to the device. This message9b shall be integrity protected with C/M RB integrity key based on the current key of the RB handler.

c) The RB handler activates C/M RB downlink ciphering (encryption) at the RB handler after sending the message9b.

d) The RB handler activates C/M RB uplink deciphering (decryption) at the RB handler after receiving the message10b.

10. a) The device shall verify the message9b. If the verification of the integrity of the message9b is successful, the device shall start C/M RB integrity protection and downlink deciphering.

b) The device sends a message10b to the RB handler.

c) The device activates uplink ciphering (encryption) at the device after sending the message10b.

We provide an example of how to activate C/M RB security protection. This example illustrates the basic concepts of the embodiment Compared to 3GPP, 33.501, we add new features (as shown in step 1, 2, 3, 4, 5, 6, 7, 8) . These new features could improve efficiency of the network performance.

FIG. 12 is a schematic block diagram of a communication apparatus 10 according to some embodiments of the present application. The communication apparatus may be a communication device or an apparatus applied to the communication device and capable of realizing corresponding functions of any one of the network functions in the embodiments of the present application, for example, the apparatus may be a chip, a chip system or a circuit, which is not limited. The communication device may be the KMF or the first network function, or the chip installed in any one of these network functions.

The communication apparatus 10 includes a processing module 11. The processing module 11 may be a processor, a processing circuit, a processing board, a processing unit, or a processing device, et al. The processing module 11 is configured to implement processing and/or operations implemented inside the communication apparatus except sending the receiving actions.

The communication apparatus 10 may further include a communication module 12. The communication unit 12 is configured to implement a sending action and/or a receiving action. The communication module 12 also may be called a transceiver module, a transceiver, or a transceiver device, et al, and is configured to implement operations of receiving (which may be referred to as inputting) and/or sending (which may be referred to as an outputting) .

For example, if the communication apparatus 10 corresponds to the KMF mentioned in the method 300, the communication module 12 could be configured to transmit the first message to the first network function.

For another example, if the communication apparatus 10 corresponds to the first network function mentioned in the method 300, the communication module 12 could be configured to receive the second message from the first KMF.

Briefly, the operations and/or functions of the apparatus 10 are intended to implement corresponding steps of the foregoing method embodiments.

FIG. 13 is a schematic block diagram of a communication apparatus according to an embodiment of the present application. The communication apparatus 20 includes at least one processor 21. The at least one processor 21 is coupled to at least one memory 22. The at least one memory 22 is configured to store one or more instructions and/or executable computer code. The at least one processor 21 is configured to invoke the one or more instructions and/or executable computer code, so that the communication apparatus 20 implements the method provided in the embodiments of the present application. Optionally, the communication apparatus 20 may further include the at least one memory 22. Optionally, the communication apparatus 20 may further include at least one communication interface 23, and the at least one communication interface 23 is configured to input and/or output information or data.

In an implementation, the communication apparatus 20 may be any one of the network functions in the method embodiments. For example, the communication apparatus 20 may be a KMF-Session, a KMF-RB, a serving C/M-TW-GW, or a serving RB handler. In this implementation, the processor 21 may be a baseband apparatus, and the communication interface 23 may be a radio frequency apparatus.

In another implementation, the communication apparatus 20 may be a chip (or a chip system) installed at a communication device such as a KMF-Session, a KMF-RB, a serving C/M-TW-GW, or a serving RB handler. In this implementation, the processor 21 may be a circuit, for example, a logic circuit, an integrated circuit, etc. The communication interface 23 may be a transceiver, an interface circuit, an input/output interface, a bus, a module, a pin, or other types of interfaces.

An embodiment of the present application further provides a communication system. The communication system may include any one of communication apparatuses according to any one of the method embodiments. For example, the communication system may include one or more of the following network functions: a KMF or a first network function.

An embodiment of the present application further provides a computer storage medium, and the computer storage medium may store one or more instructions for executing any of the foregoing methods.

An embodiment of the present application further provides a computer program product, and the computer program product may store one or more instructions for executing any of the foregoing methods.

In the embodiments of this application, “and/or” describes an association relationship between associated objects and represents that three relationships may exist. For example, A and/or B may represent the following three cases: Only A exists, both A and B exist, and only B exists. The character “/” generally indicates an “or” relationship between the associated objects. “At least one” means one or more. “At least one of A and B” , similar to “Aand/or B” , describes an association relationship between associated objects and represents that three relationships may exist. For example, at least one of A and B may represent the following three cases: Only A exists, both A and B exist, and only B exists.

Besides, the use of a singular form of “a” , “an” and “the” in the embodiments of the present application and the claims appended hereto is also intended to include a plural form, unless otherwise clearly indicated herein by context.

A person of ordinary skill in the art will be aware that, in combination with the examples described in the embodiments disclosed in this specification, units and algorithm steps may be implemented by using electronic hardware or a combination of computer software and electronic hardware. Whether the functions are performed by using hardware or software depends on particular applications and design constraint conditions of the technical solutions. A person skilled in the art may use different methods to implement the described functions for each particular application, but it should not be considered that the embodiment goes beyond the scope of this application.

It would be understood by a person skilled in the art that, for the purpose of convenience and brevity, in a detailed working process of the foregoing system, apparatus, and unit, reference may be made to a corresponding process in the foregoing method embodiments, and details are not described herein again.

In the several embodiments provided in this application, the disclosed system, apparatus, and method may be implemented in other manners. For example, the described apparatus embodiment is merely an example. For example, the unit division is a logical function division and other methods of division may be used in an actual embodiment. For example, a plurality of units or components may be combined or integrated into another system, or some features may be ignored or not performed. In addition, the displayed or discussed mutual couplings or direct couplings or communication connections may be implemented using various communication interfaces. The indirect couplings or communication connections between the apparatuses or units may be implemented in electronic, mechanical, or other forms.

In addition, function units in the embodiments of this application may be integrated into one processing unit, each of the units may exist alone physically, or two or more units may be integrated into one unit.

When the functions are implemented in the form of a software functional unit and sold or used as an independent product, the functions may be stored in a computer-readable storage medium. The technical solutions of this application may be implemented in the form of a software product. The software product is stored in a storage medium, and includes several instructions for instructing a computer device (which may be a personal computer, a server, a network device, or the like) to perform all or some of the steps of the methods described in the embodiments of this application. The foregoing storage medium includes any medium that can store program code, such as a USB flash drive, a removable hard disk, a ROM, a RAM, a magnetic disk, an optical disc or the like.

The units described as separate parts may be or may not be physically separate, and parts displayed as units may be or may not be physical units, may be located in one position, or may be distributed on a plurality of network units. Some or all of the units may be selected based on actual requirements to achieve the objectives of the solutions of the embodiments. In addition, functional units in the embodiments of this application may be integrated into one processing unit, or each of the units may exist alone physically, or two or more units are integrated into one unit.

The foregoing descriptions are merely specific implementations of this application, but are not intended to limit the protection scope of this application. Any variation or replacement readily figured out by a person skilled in the art within the technical scope disclosed in this application shall fall within the protection scope of this application. Therefore, the protection scope of this application shall be subject to the protection scope of the claims.

Claims

A method for communication, performed by a key management function (KMF) , comprising:

determining a first algorithm based on a first security capability and a security requirement of a communication between a device and a first network function, wherein the security requirement for the communication comprises a security requirement of a service, an application, a mission or a session, wherein the service, the application, the mission or the session is related to the communication, and the first algorithm comprises an encryption algorithm used for protection of the communication and/or an integrity algorithm used for protection of the communication; and

transmitting a first message to the first network function, wherein the first message comprises the first algorithm.
The method according to claim 1, wherein the first security capability for the communication comprises at least one of: a security capability of the device or a security capability of the first network function.
The method according to claim 1 or 2, further comprising:

receiving a second message from the first network function, wherein the second message comprises an identifier of the device and the security requirement of the communication;

determining to activate a security protection for the communication is required based on the security requirement of the communication.
The method according to any one of claims 1 to 3, further comprising:

transmit a first request for collecting the first security capacity, wherein the first request is determined based on the security requirement of the communication;

receiving a third message, wherein the third message comprises at least one of: the security capability of the device or the security capability of the first network function.
The method according to claim 4, wherein the third message further indicates at least one of: a plurality of encryption algorithms able to be used by the first network function for protection of the communication, or a plurality of integrity algorithms able to be used by the first network function for protection of the communication.
The method according to any one of claims 1 to 5, wherein the first message further comprises an identifier of a first anchor key, and the first algorithm is related to the first anchor key.
The method according to claim 6, further comprising:

receiving a fourth message, wherein the fourth message comprises an indication for generation of a new anchor key, and the first anchor key comprises the new anchor key.
The method according to claim 7, wherein the first message further comprises first information indicating whether the new anchor key is generated.
A method for communication, performed by a first network function, comprising:

receiving a first message from a first KMF, wherein the first message comprises a first algorithm, the first algorithm is determined based on a first security capability and a security requirement of a communication between a device and a first network function, the security requirement for the communication comprises a security requirement of a service, an application, a mission or a session, the service, the application, the mission or the session is related to the communication, and the first algorithm comprises an encryption algorithm used for protection of the communication and/or an integrity algorithm used for protection of the communication.
The method according to claim 9, wherein the first security capability for the communication comprises at least one of: a security capability of the device or a security capability of the first network function.
The method according to claim 9 or 10, further comprising:

transmitting a second message to the first KMF, wherein the second message comprises an identifier of the device and the security requirement of the communication, and the second message is used to determine whether an activation of a security protection for the communication is needed.
The method according to any one of claims 9 to 11, wherein the first security capacity comprises a security capability of the device, and the method further comprises:

receiving a first request for collecting the security capability of the device, and the first request is determined based on the security requirement of the communication;

collecting the security capability of the device based on the first request; and

transmitting a third message, wherein the third message comprises the security capability of the device.
The method according to claim 12, wherein the third message further indicates at least one of: a plurality of encryption algorithms able to be implemented by the first network function for protection of the communication, or a plurality of integrity algorithms able to be implemented by the first network function for protection of the communication.
The method according to any one of claims 9 to 13, wherein the first message further comprises an identifier of a first anchor key, and the first algorithm is related to the first anchor key.
The method according to claim 14, further comprising:

transmitting a fourth message, wherein the fourth message comprises an indication for generation of a new anchor key.
The method according to claim 15, wherein the first message further comprises first information indicating whether the new anchor key is generated.
The method according to any one of claims 9 to 16, wherein the first algorithm comprises the integrity algorithm used for protection of the communication and the encryption algorithm used for protection of the communication, the method further comprises:

starting an integrity protection of the communication based on the integrity algorithm;

transmitting a fifth message to the device, wherein the fifth message comprises the integrity algorithm, the encryption algorithm, and the ID of the anchor key that the first algorithm is related to.
A communication apparatus, wherein the communication apparatus comprises a processor, the processor is configured to execute one or more instructions stored in a memory, to enable the communication apparatus to implement the method according to any one of claims 1 to 8, or the method according to any one of claims 9 to 17.
The communication apparatus according to claim 18, wherein the communication apparatus further comprises the memory.
The communication apparatus according to claim 18 or 19, wherein the communication apparatus comprises a communication interface, and the communication interface is configured to input and/or output information or data.
A communication apparatus, wherein the communication apparatus comprises a function or unit to implement the method according to any one of claims 1 to 8, or the method according to any one of claims 9 to 17.
A communication apparatus, wherein the communication apparatus comprises a circuit and a communication interface, the communication interface is configured to receive information and/or data that is to be processed by the circuit, and transmit the information and/or data to the circuit; and the circuit is configured to implement the method according to any one of claims 1 to 8, or the method according to any one of claims 9 to 17.
The communication apparatus according to claim 22, wherein the communication interface is further configured to output information and/or data processed by the circuit.
A communication system, comprising one or more communication apparatuses of:

a communication apparatus that performs the method according to any one of claims 1 to 8; and

a communication apparatus that performs the method according to any one of claims 9 to 17.
A computer readable storage medium, comprising one or more instructions, wherein when the one or more instructions are run on a computer, the computer implements the method according to any one of claims 1 to 8, or the method according to any one of claims 9 to 17.
A computer program product, comprising one or more instructions, wherein when the one or more instructions are run on a computer, the computer implements the method according to any one of claims 1 to 8, or the method according to any one of claims 9 to 17.