[go: up one dir, main page]

CN118826813A - An inter-satellite switching method based on on-satellite processing - Google Patents

An inter-satellite switching method based on on-satellite processing Download PDF

Info

Publication number
CN118826813A
CN118826813A CN202310410044.0A CN202310410044A CN118826813A CN 118826813 A CN118826813 A CN 118826813A CN 202310410044 A CN202310410044 A CN 202310410044A CN 118826813 A CN118826813 A CN 118826813A
Authority
CN
China
Prior art keywords
satellite
switching
communication terminal
target
source
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310410044.0A
Other languages
Chinese (zh)
Inventor
张泽平
李聪聪
周涛
秦恒
陈思璇
方滨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Tonghe Shiyi Telecommunication Science And Technology Research Institute Co ltd
Xingtang Telecommunication Technology Co ltd
Data Communication Science & Technology Research Institute
Original Assignee
Beijing Tonghe Shiyi Telecommunication Science And Technology Research Institute Co ltd
Xingtang Telecommunication Technology Co ltd
Data Communication Science & Technology Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Tonghe Shiyi Telecommunication Science And Technology Research Institute Co ltd, Xingtang Telecommunication Technology Co ltd, Data Communication Science & Technology Research Institute filed Critical Beijing Tonghe Shiyi Telecommunication Science And Technology Research Institute Co ltd
Priority to CN202310410044.0A priority Critical patent/CN118826813A/en
Publication of CN118826813A publication Critical patent/CN118826813A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B7/00Radio transmission systems, i.e. using radiation field
    • H04B7/14Relay systems
    • H04B7/15Active relay systems
    • H04B7/185Space-based or airborne stations; Stations for satellite systems
    • H04B7/1851Systems using a satellite or space-based relay
    • H04B7/18513Transmission in a satellite or space-based system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/24Reselection being triggered by specific parameters
    • H04W36/32Reselection being triggered by specific parameters by location or mobility data, e.g. speed data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/20Manipulation of established connections
    • H04W76/27Transitions between radio resource control [RRC] states

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Astronomy & Astrophysics (AREA)
  • Aviation & Aerospace Engineering (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to an inter-satellite switching method based on-satellite processing, which belongs to the field of low-orbit satellite mobile communication and comprises the following steps: after receiving the information reported by the satellite communication terminal, the source satellite determines a target satellite for inter-satellite switching and updates a security context; the source satellite sends a switching request to the target satellite based on the information reported by the satellite communication terminal; the target satellite executes a switching preparation process based on the switching request and sends a switching request response to the source satellite; the source satellite sends a switching command to the satellite communication terminal based on the switching request response, and the satellite communication terminal performs switching and establishes connection with the target satellite; and after the target satellite and the ground gateway station perform interactive completion path conversion, notifying the source satellite to release terminal resources to complete switching. The method does not depend on the ground station to finish the switching request and the switching confirmation during switching, encrypts and protects the switching security context, improves the efficiency during switching in a satellite system and ensures the security of communication data.

Description

一种基于星上处理的星间切换方法An inter-satellite switching method based on on-satellite processing

技术领域Technical Field

本发明属于低轨卫星移动通信领域,尤其涉及一种基于星上处理的星间切换方法。The invention belongs to the field of low-orbit satellite mobile communications, and in particular relates to an inter-satellite switching method based on on-satellite processing.

背景技术Background Art

卫星通信系统朝着与地面网络融合成天地一体化信息网络的趋势发展,卫星接入具有广域覆盖的优势,由于低轨卫星移动速度快,会导致频繁的星间切换过程,为保证服务连续性,需要解决接入卫星的安全切换问题,保障切换过程中安全上下文信息安全传输,不被攻击者窃取。Satellite communication systems are developing towards the trend of integrating with ground networks to form an integrated space-ground information network. Satellite access has the advantage of wide-area coverage. Due to the fast movement speed of low-orbit satellites, frequent inter-satellite switching processes will occur. In order to ensure service continuity, it is necessary to solve the problem of secure switching of access satellites and ensure that security context information is securely transmitted during the switching process to prevent it from being stolen by attackers.

典型的接入卫星星间切换包括卫星通信终端主动发起和被动响应两种方式。无论何种方式,在发生切换时,都需要终端与目标卫星建立通信链路从而完成切换。现有的大部分卫星系统在切换时,需要依靠地面站完成切换请求和切换确认,并对终端身份进行认证后通过建立新的会话密钥发送至目标卫星完成通信链路的建立。这种依托地面站的切换方式增加了链路通信时延,切换效率较低,此外,新建立的会话密钥及安全上下文没有进行保护,容易遭到攻击,导致切换后的通信数据没有安全保障。Typical inter-satellite handovers for accessing satellites include two methods: active initiation by satellite communication terminals and passive response. Regardless of the method, when a handover occurs, the terminal needs to establish a communication link with the target satellite to complete the handover. Most existing satellite systems rely on ground stations to complete handover requests and handover confirmations, and after authenticating the terminal identity, they establish a new session key and send it to the target satellite to complete the establishment of the communication link. This handover method relying on ground stations increases the link communication delay and has low switching efficiency. In addition, the newly established session key and security context are not protected and are vulnerable to attacks, resulting in the lack of security for the communication data after the handover.

发明内容Summary of the invention

鉴于上述的分析,本发明旨在提供一种基于星上处理的星间切换方法,切换时不依赖地面站完成切换请求和切换确认,并在切换时对安全上下文进行加密和完整性保护,提高了星间切换的效率并保证了通信数据的安全。In view of the above analysis, the present invention aims to provide an inter-satellite switching method based on on-board processing, which does not rely on the ground station to complete the switching request and switching confirmation during switching, and encrypts and integrity protects the security context during switching, thereby improving the efficiency of inter-satellite switching and ensuring the security of communication data.

本发明提供了一种基于星上处理的星间切换方法,具体包括如下步骤:The present invention provides an inter-satellite handover method based on on-satellite processing, which specifically comprises the following steps:

源卫星收到卫星通信终端上报的信息后确定星间切换的目标卫星和更新安全上下文;After receiving the information reported by the satellite communication terminal, the source satellite determines the target satellite for inter-satellite handover and updates the security context;

源卫星基于卫星通信终端上报的信息向目标卫星发送切换请求;The source satellite sends a handover request to the target satellite based on the information reported by the satellite communication terminal;

目标卫星基于切换请求执行切换预备过程,并向源卫星发送切换请求响应;The target satellite performs a handover preparation process based on the handover request and sends a handover request response to the source satellite;

源卫星基于切换请求响应向卫星通信终端发送切换命令,卫星通信终端执行切换与目标卫星建立连接;The source satellite sends a switching command to the satellite communication terminal based on the switching request response, and the satellite communication terminal executes the switching to establish a connection with the target satellite;

目标卫星与地面信关站进行交互完成路径转换后通知源卫星释放终端资源完成切换。After the target satellite interacts with the ground gateway to complete the path conversion, it notifies the source satellite to release terminal resources to complete the switch.

进一步的,所述更新安全上下文包括:Further, the updating of the security context includes:

源卫星收到卫星通信终端上报的信息后,根据卫星基站密钥KsNB水平派生或根据下一跳密钥NH垂直派生新的卫星基站密钥KsNB*;After receiving the information reported by the satellite communication terminal, the source satellite derives a new satellite base station key KsNB* horizontally according to the satellite base station key KsNB or vertically according to the next hop key NH;

源卫星对KsNB*进行加密和完整性保护,得到加密和完整性保护的KsNB*,即更新后的安全上下文。The source satellite encrypts and integrity protects KsNB* to obtain the encrypted and integrity protected KsNB*, that is, the updated security context.

进一步的,所述切换请求包括目标卫星ID、终端上下文、更新后的安全上下文和终端支持的RRC和UP密钥衍生算法。Furthermore, the handover request includes a target satellite ID, a terminal context, an updated security context, and RRC and UP key derivation algorithms supported by the terminal.

进一步的,所述目标卫星基于切换请求执行切换预备过程包括:Further, the target satellite performs a handover preparation process based on the handover request, including:

目标卫星对所述切换请求中更新后的安全上下文进行完整性校验和解密获得KsNB*,基于KsNB*派生AS层安全密钥,用于保证卫星通信终端与目标卫星之间空口的安全通信;The target satellite performs integrity check and decryption on the updated security context in the handover request to obtain KsNB*, and derives an AS layer security key based on KsNB* to ensure secure communication of the air interface between the satellite communication terminal and the target satellite;

目标卫星基于终端上下文和QoS为卫星通信终端保留空口RRC无线资源并创建数据无线承载标识。The target satellite reserves air interface RRC radio resources for the satellite communication terminal based on the terminal context and QoS and creates a data radio bearer identifier.

进一步的,所述切换请求响应包括目标卫星ID、数据无线承载标识、目标卫星的AS安全算法和衍生RRC密钥和UP密钥所使用的算法ID以及参数。Furthermore, the handover request response includes a target satellite ID, a data radio bearer identifier, an AS security algorithm of the target satellite, and an algorithm ID and parameters used to derive an RRC key and an UP key.

进一步的,所述源卫星基于切换请求响应向卫星通信终端发送切换命令,卫星通信终端执行切换与目标卫星建立连接包括:Further, the source satellite sends a switching command to the satellite communication terminal based on the switching request response, and the satellite communication terminal executes the switching to establish a connection with the target satellite, including:

源卫星向卫星通信终端发送切换命令消息,所述切换命令消息包括基于切换请求响应得到的所述衍生RRC密钥和UP密钥所使用的算法ID以及参数以所述目标卫星的AS安全算法;The source satellite sends a handover command message to the satellite communication terminal, wherein the handover command message includes an algorithm ID and parameters used by the derived RRC key and UP key obtained based on the handover request response and an AS security algorithm of the target satellite;

卫星通信终端收到切换命令后进入切换中断时间;After receiving the switching command, the satellite communication terminal enters the switching interruption time;

源卫星向目标卫星发送状态转换消息后,向目标卫星转发数据包,目标卫星缓存所述数据包;After the source satellite sends a state transition message to the target satellite, the source satellite forwards the data packet to the target satellite, and the target satellite caches the data packet;

卫星通信终端向目标卫星发送切换确认消息,在检测到目标卫星的同步信号后与目标卫星建立连接。The satellite communication terminal sends a switching confirmation message to the target satellite and establishes a connection with the target satellite after detecting the synchronization signal of the target satellite.

进一步的,所述卫星通信终端收到切换命令后进入切换中断时间包括:Further, the satellite communication terminal enters the switching interruption time after receiving the switching command, including:

卫星通信终端从源卫星去附着并衍生与目标卫星同步的KsNB*;The satellite communication terminal detaches from the source satellite and derives KsNB* synchronized with the target satellite;

卫星通信终端根据KsNB*使用所述目标卫星的AS安全算法衍生与目标卫星同步的AS层安全密钥。The satellite communication terminal derives an AS layer security key synchronized with the target satellite based on KsNB* using the AS security algorithm of the target satellite.

进一步的,所述目标卫星与地面信关站进行交互完成路径转换包括:Further, the target satellite interacts with the ground gateway to complete the path conversion, including:

目标卫星向地面信关站发送路径转换请求消息;The target satellite sends a path switching request message to the ground gateway;

地面信关站转发所述路径转换请求消息到核心网的AMF;The ground gateway forwards the path switching request message to the AMF of the core network;

核心网的AMF生成新的{NH,NCC}对,并对该NH进行加密和完整性保护;The AMF of the core network generates a new {NH, NCC} pair and encrypts and integrity protects the NH;

AMF发送路径转换响应消息到地面信关站,所述路径转换响应消息包括所述加密和完整性保护的新的{NH,NCC}对;The AMF sends a path switching response message to the ground gateway, where the path switching response message includes the encrypted and integrity protected new {NH, NCC} pair;

地面信关站转发路径转换响应消息到目标卫星。The ground gateway forwards the path switching response message to the target satellite.

进一步的,所述通知源卫星释放终端资源完成切换包括:Further, the notifying the source satellite to release terminal resources to complete the handover includes:

目标卫星发送上下文释放消息给源卫星;The target satellite sends a context release message to the source satellite;

源卫星基于上下文释放消息释放卫星通信终端的资源,完成切换。The source satellite releases the resources of the satellite communication terminal based on the context release message, completing the handover.

进一步的,所述卫星通信终端上报的信息包括:Furthermore, the information reported by the satellite communication terminal includes:

卫星通信终端的切换申请消息;Switching application message of satellite communication terminal;

或,卫星通信终端上报的测量报告。Or, measurement reports reported by satellite communication terminals.

本发明至少可以实现下述之一的有益效果:The present invention can achieve at least one of the following beneficial effects:

通过从安全上下文全生命周期维护的角度提出卫星承载安全切换控制面的方案,将星间切换方法从依靠地面站完成切换请求和切换确认调整到星上处理完成,通过星上RRC消息处理实现卫星终端与卫星间单跳信令消息交互,无需经过地面信关站处理,大幅降低切换流程传输路径的传播时延,提高了星间切换的效率。By proposing a solution for satellite-borne secure switching control plane from the perspective of full life cycle maintenance of security context, the inter-satellite switching method is adjusted from relying on ground stations to complete switching requests and switching confirmations to on-board processing. Single-hop signaling message interaction between satellite terminals and satellites is achieved through on-board RRC message processing, without the need for processing by ground signal gateways, which greatly reduces the propagation delay of the switching process transmission path and improves the efficiency of inter-satellite switching.

通过基于星上切换更新安全上下文,并通过公钥加密机制对安全上下文的密钥信息进行机密性和完整性保护,提升了安全上下文在切换中的安全性,进而提升了后续空口信令和业务数据传输的安全性。By updating the security context based on on-satellite switching and protecting the confidentiality and integrity of the security context key information through a public key encryption mechanism, the security of the security context during switching is improved, thereby improving the security of subsequent air interface signaling and service data transmission.

本发明的其他特征和优点将在随后的说明书中阐述,并且,部分优点可从说明书中变得显而易见,或者通过实施本发明而了解。本发明的目的和其他优点可通过说明书、权利要求书以及附图中所特别指出的内容中来实现和获得。Other features and advantages of the present invention will be described in the following description, and some advantages may become apparent from the description, or may be understood by practicing the present invention. The purpose and other advantages of the present invention may be realized and obtained through the contents particularly pointed out in the description, claims and drawings.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

附图仅用于示出具体实施例的目的,而并不认为是对本发明的限制,在整个附图中,相同的参考符号表示相同的部件。The drawings are only for the purpose of illustrating particular embodiments and are not to be considered limiting of the present invention. Like reference symbols denote like components throughout the drawings.

图1为本发明星间切换方法流程图;FIG1 is a flow chart of an inter-satellite handover method according to the present invention;

图2为星间切换流程示意图;FIG2 is a schematic diagram of the inter-satellite handover process;

图3为切换过程中安全上下文KsNB的更新流程;FIG3 is a flow chart showing the update process of the security context KsNB during the handover process;

图4为卫星切换对KsNB*机密性和完整性保护;Figure 4 shows the confidentiality and integrity protection of KsNB* by satellite switching;

图5为卫星切换对NH机密性和完整性保护;Figure 5 shows the confidentiality and integrity protection of NH by satellite switching;

图6为星上安全处理流程。Figure 6 shows the onboard safety process.

具体实施方式DETAILED DESCRIPTION

下面结合附图来具体描述本发明的优选实施例,其中,附图构成本申请一部分,并与本发明的实施例一起用于阐释本发明的原理,并非用于限定本发明的范围。The preferred embodiments of the present invention are described in detail below in conjunction with the accompanying drawings, wherein the accompanying drawings constitute a part of this application and are used together with the embodiments of the present invention to illustrate the principles of the present invention, but are not used to limit the scope of the present invention.

实施例一Embodiment 1

本发明的一个具体实施例,公开了一种基于星上处理的星间切换方法,具体包括:A specific embodiment of the present invention discloses an inter-satellite handover method based on on-satellite processing, which specifically includes:

步骤S01、源卫星收到卫星通信终端上报的信息后确定星间切换的目标卫星和更新安全上下文。Step S01: After receiving information reported by a satellite communication terminal, the source satellite determines the target satellite for inter-satellite handover and updates the security context.

具体的,所述卫星通信终端上报的信息包括卫星通信终端的切换申请消息或卫星通信终端上报的测量报告,分别对应卫星通信终端主动发起或被动响应两种方式。Specifically, the information reported by the satellite communication terminal includes a handover application message of the satellite communication terminal or a measurement report reported by the satellite communication terminal, which respectively corresponds to two modes of active initiation or passive response by the satellite communication terminal.

具体的,卫星通信终端主动发起场景:Specifically, the satellite communication terminal actively initiates the following scenario:

卫星通信终端UE从源卫星的覆盖区域移动到目标卫星的覆盖区域过程中,当UE在源卫星覆盖区域中的卫星信号强度(Satellite Signal Received Power,SSRP)低于门限值ss-Measure时,UE开始测量邻区(目标卫星的覆盖区域)的卫星信号强度;UE通过测量发现邻区的SSRP越来越高,信号逐步变强,当持续时间timeToTrigger(时间参数)内SSRPB>SSRPA且SSRPB>ss-Measure时,UE确定目标卫星信号相较于源卫星信号稳定且更强,则生成切换申请消息Handover Application发送给源卫星。其中,SSRPB表示目标卫星覆盖区域的卫星信号强度,SSRPA表示源卫星覆盖区域的卫星信号强度。When the satellite communication terminal UE moves from the coverage area of the source satellite to the coverage area of the target satellite, when the satellite signal strength (Satellite Signal Received Power, SSRP) of the UE in the coverage area of the source satellite is lower than the threshold value ss-Measure, the UE starts to measure the satellite signal strength of the neighboring area (the coverage area of the target satellite); the UE finds through measurement that the SSRP of the neighboring area is getting higher and higher, and the signal is gradually getting stronger. When SSRP B > SSRP A and SSRP B > ss-Measure within the duration timeToTrigger (time parameter), the UE determines that the target satellite signal is more stable and stronger than the source satellite signal, and generates a handover application message Handover Application to send to the source satellite. Among them, SSRP B represents the satellite signal strength in the coverage area of the target satellite, and SSRP A represents the satellite signal strength in the coverage area of the source satellite.

具体的,卫星通信终端被动响应场景;Specifically, the satellite communication terminal passively responds to the scenario;

源卫星通过RRC Connection Reconfiguration对覆盖区域内的UE进行测量配置,UE根据相关配置监测无线信道。基于源卫星下发的测量配置项,UE执行测量,当满足持续timeToTrigger时间内接收目标卫星的信号质量高于门限值且较源卫星的信号更强,触发切换事件,生成测量报告并上报源卫星。The source satellite performs measurement configuration on the UE in the coverage area through RRC Connection Reconfiguration, and the UE monitors the wireless channel according to the relevant configuration. Based on the measurement configuration items sent by the source satellite, the UE performs measurement. When the signal quality received from the target satellite is higher than the threshold value and stronger than the signal of the source satellite within the continuous timeToTrigger time, a handover event is triggered, and a measurement report is generated and reported to the source satellite.

具体的,步骤S01包括以下步骤:Specifically, step S01 includes the following steps:

S011、源卫星收到卫星通信终端上报的信息后进行目标切换判决,确定目标卫星。具体地,上报信息中包括目标卫星ID。S011. After receiving the information reported by the satellite communication terminal, the source satellite performs a target switching decision and determines the target satellite. Specifically, the reported information includes the target satellite ID.

S012、源卫星收到卫星通信终端上报的信息后,根据卫星基站密钥KsNB水平派生或根据下一跳密钥NH垂直派生新的卫星基站密钥KsNB*。S012. After receiving the information reported by the satellite communication terminal, the source satellite derives a new satellite base station key KsNB* horizontally according to the satellite base station key KsNB or vertically according to the next hop key NH.

具体的,源卫星基站sNB(Satellite Node B)在初次接入成功或者上一次切换完成后,存有KsNB(卫星基站密钥)或者NH(下一跳密钥)。源卫星根据KsNB水平派生或NH垂直派生新的KsNB*。图3示出了切换过程中安全上下文KsNB的更新流程,即根据KsNB水平派生或NH垂直派生新的KsNB*。Specifically, after the first access is successful or the last handover is completed, the source satellite base station sNB (Satellite Node B) stores KsNB (satellite base station key) or NH (next hop key). The source satellite derives a new KsNB* horizontally or vertically based on KsNB. Figure 3 shows the update process of the security context KsNB during the handover process, that is, deriving a new KsNB* horizontally or vertically based on KsNB.

S013、源卫星对KsNB*进行加密和完整性保护,得到加密和完整性保护的KsNB*,即更新后的安全上下文。S013. The source satellite encrypts and integrity protects KsNB* to obtain the encrypted and integrity protected KsNB*, that is, the updated security context.

具体的,对KsNB*的保护机制基于公钥密码体制完成的,源卫星利用预置的目标卫星的密钥保护密钥PK对KsNB*进行加密和完整性保护。具体的,星间切换的每颗卫星提前预存其他卫星与公钥信息对应表,切换时基于对应表和目标卫星ID找到目标卫星的公钥信息。图4示出了源卫星对KsNB*机密性和完整性保护流程。Specifically, the protection mechanism for KsNB* is based on the public key cryptography system. The source satellite uses the preset key protection key PK of the target satellite to encrypt and protect the integrity of KsNB*. Specifically, each satellite in inter-satellite switching stores the correspondence table between other satellites and public key information in advance. When switching, the public key information of the target satellite is found based on the correspondence table and the target satellite ID. Figure 4 shows the confidentiality and integrity protection process of KsNB* by the source satellite.

步骤S02、源卫星基于卫星通信终端上报的信息向目标卫星发送切换请求。Step S02: The source satellite sends a switching request to the target satellite based on the information reported by the satellite communication terminal.

具体的,所述切换请求Handover Request包括目标卫星ID、终端上下文UEContext info、更新后的安全上下文(即加密和完整性保护的KsNB*)和终端支持的RRC和UP密钥衍生算法。具体的,源卫星和卫星通信终端建立连接后,源卫星从终端收到所述终端支持的RRC和UP密钥衍生算法。Specifically, the handover request Handover Request includes the target satellite ID, the terminal context UEContext info, the updated security context (i.e., the encrypted and integrity protected KsNB*), and the RRC and UP key derivation algorithms supported by the terminal. Specifically, after the source satellite and the satellite communication terminal establish a connection, the source satellite receives the RRC and UP key derivation algorithms supported by the terminal from the terminal.

步骤S03、目标卫星基于切换请求执行切换预备过程,并向源卫星发送切换请求响应。Step S03: The target satellite performs a handover preparation process based on the handover request and sends a handover request response to the source satellite.

具体的,切换预备过程Handover Preparation包括:Specifically, the handover preparation process includes:

目标卫星对所述切换请求中更新后的安全上下文进行完整性校验和解密获得KsNB*,利用支持的RRC-enc-alg、RRC-int-alg、UP-int-al和UP-enc-alg等算法基于KsNB*派生AS层安全密钥(包括KRRCint,KRRCenc,KUPint,KUPenc),用于保证卫星通信终端与目标卫星之间空口的安全通信;The target satellite performs integrity check and decryption on the updated security context in the handover request to obtain KsNB*, and uses supported RRC-enc-alg, RRC-int-alg, UP-int-al and UP-enc-alg algorithms to derive AS layer security keys (including KRRCint, KRRCenc, KUPint, KUPenc) based on KsNB* to ensure secure communication of the air interface between the satellite communication terminal and the target satellite;

目标卫星基于终端上下文和QoS为卫星通信终端保留空口RRC无线资源并创建数据无线承载标识DRB ID(UL/DL)。The target satellite reserves air interface RRC radio resources for the satellite communication terminal based on the terminal context and QoS and creates a data radio bearer identifier DRB ID (UL/DL).

具体的,所述切换请求响应包括目标卫星ID、数据无线承载标识、目标卫星的AS安全算法和衍生RRC密钥和UP密钥所使用的算法ID以及参数。Specifically, the handover request response includes the target satellite ID, the data radio bearer identifier, the AS security algorithm of the target satellite, and the algorithm ID and parameters used to derive the RRC key and the UP key.

具体的,目标卫星对切换请求中更新后的安全上下文解密时,使用与源卫星加密时的加密公钥对应的私钥进行解密,获取KsNB*。Specifically, when the target satellite decrypts the updated security context in the handover request, it uses the private key corresponding to the encryption public key used by the source satellite for encryption to decrypt and obtain KsNB*.

步骤S04、源卫星基于切换请求响应向卫星通信终端发送切换命令,卫星通信终端执行切换与目标卫星建立连接。Step S04: The source satellite sends a switching command to the satellite communication terminal based on the switching request response, and the satellite communication terminal executes the switching to establish a connection with the target satellite.

步骤S04包括以下步骤:Step S04 includes the following steps:

S041、源卫星向卫星通信终端发送切换命令消息,所述切换命令消息包括所述目标卫星的AS安全算法和基于切换请求响应得到的所述衍生RRC密钥和UP密钥所使用的算法ID以及参数。S041. The source satellite sends a switching command message to the satellite communication terminal, where the switching command message includes the AS security algorithm of the target satellite and the algorithm ID and parameters used by the derived RRC key and UP key obtained based on the switching request response.

S042、卫星通信终端收到切换命令后进入切换中断时间。S042. After receiving the switching command, the satellite communication terminal enters the switching interruption time.

具体的,卫星通信终端进入切换中断时间期间,卫星通信终端从源卫星去附着并基于与源卫星一直同步的卫星基站密钥KsNB或下一跳密钥衍生与目标卫星同步的KsNB*;Specifically, during the handover interruption time period, the satellite communication terminal detaches from the source satellite and derives KsNB* synchronized with the target satellite based on the satellite base station key KsNB or the next hop key that has been synchronized with the source satellite;

卫星通信终端根据衍生的与目标卫星同步的KsNB*,使用所述目标卫星的AS安全算法衍生AS层安全密钥(包括KRRCint,KRRCenc,KUPint,KUPenc),与步骤S03中所述目标卫星AS层安全密钥同步。The satellite communication terminal derives AS layer security keys (including KRRCint, KRRCenc, KUPint, KUPenc) based on the derived KsNB* synchronized with the target satellite using the AS security algorithm of the target satellite, and synchronizes with the AS layer security keys of the target satellite in step S03.

S043、源卫星向目标卫星发送状态转换消息后,向目标卫星转发数据包,目标卫星缓存所述数据包。S043: After sending a state transfer message to the target satellite, the source satellite forwards the data packet to the target satellite, and the target satellite buffers the data packet.

具体的,目标卫星通过状态转换消息SN Status Transfer知晓从哪个数据包开始发送或者接收。源卫星在发送SN Status Transfer后,开始转发来自核心网经过地面信关站发来的下行数据包,目标卫星则缓存这些数据包等待卫星通信终端接入完成。Specifically, the target satellite knows which data packet to start sending or receiving through the status transfer message SN Status Transfer. After sending SN Status Transfer, the source satellite starts forwarding downlink data packets sent from the core network through the ground gateway, and the target satellite caches these data packets and waits for the satellite communication terminal to complete access.

S044、卫星通信终端向目标卫星发送切换确认消息,在检测到目标卫星的同步信号后与目标卫星建立连接。S044. The satellite communication terminal sends a switching confirmation message to the target satellite, and establishes a connection with the target satellite after detecting the synchronization signal of the target satellite.

具体的,卫星通信终端UE向目标卫星发送切换确认消息Handover Confirm,在UE检测到目标卫星的同步信号后接入到目标卫星。一旦同步完成,UE发起非竞争的随机接入。UE与目标卫星之间建立起RRC连接,及SRB信令无线承载和DRB数据无线承载。UE成功接入目标卫星标志着UE可以发送或接收来自目标卫星缓存的数据包,切换中断时间周期结束。Specifically, the satellite communication terminal UE sends a handover confirmation message Handover Confirm to the target satellite, and accesses the target satellite after the UE detects the synchronization signal of the target satellite. Once the synchronization is completed, the UE initiates a non-competitive random access. An RRC connection, SRB signaling radio bearer and DRB data radio bearer are established between the UE and the target satellite. The successful access of the UE to the target satellite indicates that the UE can send or receive data packets from the cache of the target satellite, and the handover interruption time period ends.

至此,UE和目标卫星之间无线链路上的所有RRC信令消息和用户数据包均使用AS层安全密钥安全的传输。At this point, all RRC signaling messages and user data packets on the wireless link between the UE and the target satellite are securely transmitted using the AS layer security key.

步骤S05、目标卫星与地面信关站进行交互完成路径转换后通知源卫星释放终端资源完成切换。Step S05: After the target satellite interacts with the ground gateway to complete the path switching, it notifies the source satellite to release the terminal resources to complete the switching.

步骤S05具体包括以下步骤:Step S05 specifically includes the following steps:

S051、目标卫星向地面信关站发送路径转换请求消息Path Switch Request。S051. The target satellite sends a path switch request message Path Switch Request to the ground gateway.

S052、地面信关站转发所述路径转换请求消息到核心网的AMF。S052. The ground gateway forwards the path switching request message to the AMF of the core network.

S053、核心网的AMF基于所述路径转换请求消息生成新的{NH,NCC}对,并调用地面密码机利用密钥保护密钥(PK,Protection Key)对该NH进行加密和完整性保护。S053. The AMF of the core network generates a new {NH, NCC} pair based on the path switching request message, and calls the ground cryptographic machine to encrypt and integrity protect the NH using the key protection key (PK).

具体的,核心网地面密码机提前预置保存每颗卫星的ID与PK公钥对应表,加密该NH时调用基于对应表找到目标卫星的公钥信息PK进加密。Specifically, the core network ground cipher machine pre-sets and saves the ID and PK public key correspondence table of each satellite in advance, and calls the public key information PK of the target satellite found based on the correspondence table for encryption when encrypting the NH.

S054、AMF发送路径转换响应消息Path Switch Request Ack到地面信关站,所述路径转换响应消息包括所述加密和完整性保护的新的{NH,NCC}对。S054. AMF sends a path switch response message Path Switch Request Ack to the ground gateway, where the path switch response message includes the encrypted and integrity protected new {NH, NCC} pair.

S055、地面信关站转发路径转换响应消息的Path Switch Request Ack到目标卫星。S055. The ground gateway forwards the Path Switch Request Ack of the path switch response message to the target satellite.

至此,卫星通信终端与目标卫星之间,目标卫星与地面信关站之间均建立了上下行传输通道和承载。At this point, uplink and downlink transmission channels and bearers have been established between the satellite communication terminal and the target satellite, and between the target satellite and the ground gateway.

S056、目标卫星在收到路径转换响应消息后,发送上下文释放消息给源卫星。S056. After receiving the path switching response message, the target satellite sends a context release message to the source satellite.

具体的,目标卫星在收到路径转换响应消息后,对所述加密和完整性保护的新的{NH,NCC}对验证完整性,然后用加密时公钥对应的私钥进行解密,获取响应的新的NH信息。所述加密时公钥即步骤S053中目标卫星的公钥信息。图5示出了卫星切换对NH机密性和完整性保护流程。Specifically, after receiving the path switching response message, the target satellite verifies the integrity of the encrypted and integrity protected new {NH, NCC} pair, and then decrypts it with the private key corresponding to the public key during encryption to obtain the new NH information of the response. The public key during encryption is the public key information of the target satellite in step S053. FIG5 shows the process of satellite switching NH confidentiality and integrity protection.

S057、源卫星基于上下文释放消息释放卫星通信终端的资源,完成切换。S057. The source satellite releases the resources of the satellite communication terminal based on the context release message, thereby completing the handover.

如图2为上述星间切换流程示意图。实施时,定义卫星必须支持的安全切换处理相关RRC、PDCP、RLC、MAC等空口协议,以及卫星星间控制面传输协议、用户面传输协议,使得卫星具备星上协议栈的高层处理能力,能主动响应处理切换信令消息;并且卫星具备星上安全处理功能:卫星基站空口信令/业务数据加解密和完整性保护、卫星星间信令/业务数据加解密和完整性保护以及维护安全上下文等。Figure 2 is a schematic diagram of the above intersatellite handover process. During implementation, the satellite must support secure handover processing related RRC, PDCP, RLC, MAC and other air interface protocols, as well as satellite intersatellite control plane transmission protocol and user plane transmission protocol, so that the satellite has the high-level processing capability of the on-board protocol stack and can actively respond to and process handover signaling messages; and the satellite has on-board security processing functions: encryption and decryption and integrity protection of satellite base station air interface signaling/service data, encryption and decryption and integrity protection of satellite intersatellite signaling/service data, and maintenance of security context, etc.

本实施例公开了一种基于星上处理的星间切换方法,通过从安全上下文全生命周期维护的角度提出卫星承载安全切换控制面的方案,将星间切换方法从依靠地面站完成切换请求和切换确认调整到星上处理完成,通过星上RRC消息处理实现卫星终端与卫星间单跳信令消息交互,无需经过地面信关站处理,大幅降低切换流程传输路径的传播时延,提高了星间切换的效率;通过基于星上切换更新安全上下文,并通过公钥加密机制对安全上下文的密钥信息进行机密性和完整性保护,提升了安全上下文在切换中的安全性,进而提升了后续空口信令和业务数据传输的安全性。The present embodiment discloses an inter-satellite switching method based on on-board processing. By proposing a solution of a satellite-borne secure switching control plane from the perspective of full life cycle maintenance of the security context, the inter-satellite switching method is adjusted from relying on a ground station to complete the switching request and switching confirmation to on-board processing. Single-hop signaling message interaction between a satellite terminal and a satellite is realized through on-board RRC message processing, without the need for processing by a ground signal gateway, which greatly reduces the propagation delay of the switching process transmission path and improves the efficiency of inter-satellite switching. By updating the security context based on on-board switching and protecting the confidentiality and integrity of the key information of the security context through a public key encryption mechanism, the security of the security context during switching is improved, thereby improving the security of subsequent air interface signaling and service data transmission.

实施例二Embodiment 2

本发明的另一个具体实施例,公开了一种基于星上处理的星间切换方法,包括切换准备过程(步骤S21-S23)、切换执行过程(步骤S24)和切换完成过程(步骤S25)。Another specific embodiment of the present invention discloses an inter-satellite handover method based on on-board processing, including a handover preparation process (steps S21-S23), a handover execution process (step S24) and a handover completion process (step S25).

具体的,支持本实施例方法的卫星支持安全切换处理相关控制面和用户面协议,从而卫星具备星上协议栈的高层处理能力,能主动响应处理切换信令消息,维持安全上下文。具体的,卫星处理信令数据的系统包括用户侧收发机、星间侧收发机、星上中央处理单元和星上安全处理单元。其中,所述星上安全处理单元实现卫星基站空口信令/业务数据加解密和完整性保护、卫星星间信令/业务数据加解密和完整性保护、维护安全上下文等;所述中央处理单元实现星上协议栈的高层处理。Specifically, the satellite supporting the method of this embodiment supports the control plane and user plane protocols related to secure switching processing, so that the satellite has the high-level processing capability of the on-board protocol stack, can actively respond to and process the switching signaling message, and maintain the security context. Specifically, the satellite processing signaling data system includes a user-side transceiver, an inter-satellite transceiver, an on-board central processing unit, and an on-board security processing unit. Among them, the on-board security processing unit implements satellite base station air interface signaling/service data encryption and decryption and integrity protection, satellite inter-satellite signaling/service data encryption and decryption and integrity protection, and maintains security context; the central processing unit implements high-level processing of the on-board protocol stack.

具体的,本实施例方法包括:Specifically, the method of this embodiment includes:

步骤S21、源卫星收到卫星通信终端上报的信息后确定星间切换的目标卫星和更新安全上下文。Step S21: After receiving the information reported by the satellite communication terminal, the source satellite determines the target satellite for inter-satellite handover and updates the security context.

具体的,对于卫星通信终端主动发起的切换场景:源卫星用户侧收发机接收卫星通信终端的空口信令(切换申请消息),并发送给星上中央处理单元。Specifically, for a handover scenario actively initiated by a satellite communication terminal: a source satellite user-side transceiver receives an air interface signaling (handover request message) from the satellite communication terminal and sends it to an onboard central processing unit.

对于卫星通信终端被动响应的切换场景:For the switching scenario of the satellite communication terminal passive response:

源卫星星上中央处理单元生成RRC连接重配置消息(测量配置),并调用星上安全处理单元对RRC信令进行加密和完整性保护。RRC消息通过用户侧收发机发送给卫星通信终端。卫星通信终端接收机将信令转发到终端安全模块,安全模块对RRC信令进行完整性校验和解密。终端根据卫星下发的测量配置进行测量,触发事件后上报测量报告给源卫星。源卫星用户侧收发机接收卫星通信终端的测量报告,并发送给星上中央处理单元。The source satellite's onboard central processing unit generates an RRC connection reconfiguration message (measurement configuration) and calls the onboard security processing unit to encrypt and integrity protect the RRC signaling. The RRC message is sent to the satellite communication terminal through the user-side transceiver. The satellite communication terminal receiver forwards the signaling to the terminal security module, which performs integrity verification and decryption on the RRC signaling. The terminal performs measurements according to the measurement configuration sent by the satellite, and reports the measurement report to the source satellite after the event is triggered. The source satellite user-side transceiver receives the measurement report from the satellite communication terminal and sends it to the onboard central processing unit.

具体的,步骤S21包括以下步骤:Specifically, step S21 includes the following steps:

S211、源卫星的中央处理单元收到卫星通信终端上报的信息后进行目标切换判决,确定目标卫星。S211. After receiving the information reported by the satellite communication terminal, the central processing unit of the source satellite makes a target switching decision and determines the target satellite.

S212、源卫星的中央处理单元,收到卫星通信终端上报的信息后,根据卫星基站密钥KsNB水平派生或根据下一跳密钥NH垂直派生新的卫星基站密钥KsNB*。S212. After receiving the information reported by the satellite communication terminal, the central processing unit of the source satellite horizontally derives a new satellite base station key KsNB* according to the satellite base station key KsNB or vertically derives the next hop key NH.

S213、源卫星的星上安全处理单元对KsNB*进行加密和完整性保护,得到加密和完整性保护的KsNB*,即更新后的安全上下文。S213. The onboard security processing unit of the source satellite encrypts and integrity protects KsNB* to obtain the encrypted and integrity protected KsNB*, that is, the updated security context.

步骤S22、源卫星基于卫星通信终端上报的信息向目标卫星发送切换请求。Step S22: The source satellite sends a switching request to the target satellite based on the information reported by the satellite communication terminal.

具体的,源卫星的中央处理单元从安全处理单元提取KsNB*,将其封装于切换请求。源卫星通过星间侧收发机发送切换请求给目标卫星。Specifically, the central processing unit of the source satellite extracts KsNB* from the security processing unit and encapsulates it in the switching request. The source satellite sends the switching request to the target satellite through the inter-satellite side transceiver.

步骤S23、目标卫星基于切换请求执行切换预备过程,并向源卫星发送切换请求响应。Step S23: The target satellite performs a handover preparation process based on the handover request and sends a handover request response to the source satellite.

具体的,目标卫星的卫星星间侧收发机接收源卫星的切换请求,将其转发至目标卫星的星上中央处理单元;中央处理单元传输该信息给星上安全处理单元;星上安全处理单元用对应的私钥进行解密获取KsNB*,并将KsNB*安全存储在本地。星上安全处理单元使用安全算法参数派生AS层相关安全密钥。Specifically, the satellite inter-satellite transceiver of the target satellite receives the switching request of the source satellite and forwards it to the on-board central processing unit of the target satellite; the central processing unit transmits the information to the on-board security processing unit; the on-board security processing unit decrypts with the corresponding private key to obtain KsNB*, and stores KsNB* securely locally. The on-board security processing unit uses the security algorithm parameters to derive the AS layer related security keys.

目标卫星为终端的接入预留空口资源并创建数据无线承载标识。星上中央处理单元生成切换请求响应消息,通过星间侧收发机发送到源卫星。The target satellite reserves air interface resources for the terminal access and creates a data radio bearer identifier. The on-board central processing unit generates a handover request response message and sends it to the source satellite via the inter-satellite transceiver.

步骤S24、源卫星基于切换请求响应向卫星通信终端发送切换命令,卫星通信终端执行切换与目标卫星建立连接。Step S24: The source satellite sends a switching command to the satellite communication terminal based on the switching request response, and the satellite communication terminal executes the switching to establish a connection with the target satellite.

具体的,源卫星星间侧接收机接收切换响应消息;通过用户侧收发机将切换命令承载在下行控制信道发送到卫星通信终端。卫星通信终端接收机接收切换命令,终端安全处理模块派生与目标卫星同步的KsNB*和AS层安全密钥。Specifically, the source satellite intersatellite side receiver receives the handover response message; the user side transceiver carries the handover command in the downlink control channel and sends it to the satellite communication terminal. The satellite communication terminal receiver receives the handover command, and the terminal security processing module derives the KsNB* and AS layer security keys synchronized with the target satellite.

步骤S25、目标卫星与地面信关站进行交互完成路径转换后通知源卫星释放终端资源完成切换。Step S25: After the target satellite interacts with the ground gateway to complete the path switching, it notifies the source satellite to release the terminal resources to complete the switching.

如图6示意了本实施例中星上安全处理流程。FIG6 illustrates the on-board safety processing flow in this embodiment.

相比于现有技术,本实施例公开的基于星上处理的星间切换方法,其有益效果与实施例一的有益效果基本相同,在此不再一一赘述。Compared with the prior art, the inter-satellite switching method based on on-satellite processing disclosed in this embodiment has substantially the same beneficial effects as those of the first embodiment, and will not be described in detail herein.

需要说明的是,上述实施例基于相同的发明构思,未重复描述之处,可相互借鉴。It should be noted that the above embodiments are based on the same inventive concept and parts not described repeatedly can be used as reference for each other.

以上所述,仅为本发明较佳的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到的变化或替换,都应涵盖在本发明的保护范围之内。The above description is only a preferred specific implementation manner of the present invention, but the protection scope of the present invention is not limited thereto. Any changes or substitutions that can be easily conceived by any technician familiar with the technical field within the technical scope disclosed by the present invention should be covered within the protection scope of the present invention.

Claims (10)

1. An inter-satellite switching method based on-satellite processing is characterized by comprising the following steps:
After receiving the information reported by the satellite communication terminal, the source satellite determines a target satellite for inter-satellite switching and updates a security context;
the source satellite sends a switching request to the target satellite based on the information reported by the satellite communication terminal;
the target satellite executes a switching preparation process based on the switching request and sends a switching request response to the source satellite;
the source satellite sends a switching command to the satellite communication terminal based on the switching request response, and the satellite communication terminal performs switching and establishes connection with the target satellite;
And after the target satellite and the ground gateway station perform interactive completion path conversion, notifying the source satellite to release terminal resources to complete switching.
2. The inter-star handoff method of claim 1, wherein updating the security context comprises:
After receiving the information reported by the satellite communication terminal, the source satellite horizontally derives a new satellite base station key KsNB according to the satellite base station key KsNB or vertically derives a new satellite base station key NH according to the next hop key;
The source satellite encrypts and integrity protects KsNB, ksNB of encryption and integrity protection, i.e., updated security context.
3. The inter-satellite handover method of claim 2, wherein the handover request includes a target satellite ID, a terminal context, an updated security context, and RRC and UP key derivation algorithms supported by the terminal.
4. The inter-satellite handover method according to claim 3, wherein the target satellite performing a handover preparation process based on a handover request comprises:
The target satellite carries out integrity check and decryption on the updated security context in the switching request to obtain KsNB, derives an AS layer security key based on KsNB, and is used for ensuring the secure communication of an air interface between the satellite communication terminal and the target satellite;
the target satellite reserves air interface RRC radio resources for the satellite communication terminal based on the terminal context and QoS and creates a data radio bearer identification.
5. The inter-satellite handoff method of claim 4 wherein the handoff request response includes a target satellite ID, a data radio bearer identification, an AS security algorithm for the target satellite, and algorithm IDs and parameters used to derive RRC keys and UP keys.
6. The inter-satellite handoff method according to claim 5, wherein said source satellite transmitting a handoff command to a satellite communication terminal based on a handoff request response, the satellite communication terminal performing handoff to establish a connection with a target satellite comprises:
the source satellite sends a switching command message to the satellite communication terminal, wherein the switching command message comprises an algorithm ID and parameters used by the derived RRC key and the UP key obtained based on a switching request response and an AS security algorithm of the target satellite;
the satellite communication terminal enters the switching interruption time after receiving the switching command;
After the source satellite sends a state conversion message to the target satellite, forwarding a data packet to the target satellite, and caching the data packet by the target satellite;
The satellite communication terminal transmits a switching confirmation message to the target satellite, and establishes connection with the target satellite after detecting the synchronous signal of the target satellite.
7. The inter-satellite handover method according to claim 6, wherein the satellite communication terminal entering a handover interruption time after receiving a handover command comprises:
The satellite communication terminal is detached from the source satellite and derives KsNB which is synchronous with the target satellite;
the satellite communication terminal derives an AS layer security key synchronized with the target satellite according to KsNB x using the AS security algorithm of the target satellite.
8. The inter-satellite handoff method according to claim 6, wherein said interaction completion path switching between said target satellite and a ground gateway station comprises:
the target satellite sends a path conversion request message to the ground gateway station;
The ground gateway station forwards the path conversion request message to the AMF of the core network;
AMF of core network generates new { NH, NCC } pair, and encrypts and integrity protects the NH;
The AMF sends a path switch response message to the ground gateway station, wherein the path switch response message comprises the new { NH, NCC } pair of encryption and integrity protection;
The ground gateway station forwards the path switch response message to the target satellite.
9. The inter-satellite handoff method according to claim 8, wherein said notifying a source satellite of a terminal resource completion handoff comprises:
The target satellite sends a context release message to the source satellite;
the source satellite releases the resources of the satellite communication terminal based on the context release message to complete the switching.
10. The inter-satellite switching method according to claim 1, wherein the information reported by the satellite communication terminal includes:
a switching application message of the satellite communication terminal;
or, the satellite communication terminal reports the measurement report.
CN202310410044.0A 2023-04-17 2023-04-17 An inter-satellite switching method based on on-satellite processing Pending CN118826813A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310410044.0A CN118826813A (en) 2023-04-17 2023-04-17 An inter-satellite switching method based on on-satellite processing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310410044.0A CN118826813A (en) 2023-04-17 2023-04-17 An inter-satellite switching method based on on-satellite processing

Publications (1)

Publication Number Publication Date
CN118826813A true CN118826813A (en) 2024-10-22

Family

ID=93079125

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310410044.0A Pending CN118826813A (en) 2023-04-17 2023-04-17 An inter-satellite switching method based on on-satellite processing

Country Status (1)

Country Link
CN (1) CN118826813A (en)

Similar Documents

Publication Publication Date Title
US11653265B2 (en) Reestablishment of lost radio link between user equipment and source node using cryptographic verification based on a secret key
US10567957B1 (en) Dual connectivity mode of operation of a user equipment in a wireless communication network
KR101078615B1 (en) Encryption in a wireless telecommunications
TWI393414B (en) Secure session keys context
US9999086B2 (en) Packet data transfer re-establishment
CN103155615B (en) Lightweight data transmission mechanism
CN114946219B (en) Radio network node, user equipment (UE) and method performed therein
CN109417740B (en) Maintain security key usage during handover of the same wireless terminal
US9848323B2 (en) Method for resolving security issues using NH and NCC pairs in mobile communication system
US20080181411A1 (en) Method and system for protecting signaling information
US20230403617A1 (en) Managing integrated access and backhaul mobility
US20040228491A1 (en) Ciphering activation during an inter-rat handover procedure
US20240031893A1 (en) Managing ue connections after network topology change
WO2010065008A1 (en) Method and system for pre-authentication
US20090088134A1 (en) Mobile station, radio access network apparatus mobility switching station, mobile communication system, and communication service access method
WO2011127791A1 (en) Method and system for establishing enhanced key when terminal moves to enhanced universal terrestrial radio access network(utran)
CN101309503A (en) Wireless handover method, base station and terminal
CN101931953A (en) Method and system for generating safety key bound with device
KR20070061409A (en) Security Context Propagation Method for Handover of Mobile Internet System
CN118826813A (en) An inter-satellite switching method based on on-satellite processing
Krichene et al. Securing roaming and vertical handover in fourth generation networks
US8713317B2 (en) Method and system for encrypting data in a wireless communication system
CN101167380A (en) Method and device for generating session key
KR101717571B1 (en) Method and system for encryption in wireless communicaton system
TWI399068B (en) Systems and methods for key management for wireless communications systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination