[go: up one dir, main page]

HK1262351B - Apparatus, system and method of selectively updating key information of a secured wlan connection between a ue and a wlan ap - Google Patents

Apparatus, system and method of selectively updating key information of a secured wlan connection between a ue and a wlan ap Download PDF

Info

Publication number
HK1262351B
HK1262351B HK19122483.1A HK19122483A HK1262351B HK 1262351 B HK1262351 B HK 1262351B HK 19122483 A HK19122483 A HK 19122483A HK 1262351 B HK1262351 B HK 1262351B
Authority
HK
Hong Kong
Prior art keywords
wlan
key
version
enb
key information
Prior art date
Application number
HK19122483.1A
Other languages
Chinese (zh)
Other versions
HK1262351A1 (en
Inventor
I‧乌泽利
O‧哈雷乌维尼
A‧西罗特金
Original Assignee
英特尔公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 英特尔公司 filed Critical 英特尔公司
Publication of HK1262351A1 publication Critical patent/HK1262351A1/en
Publication of HK1262351B publication Critical patent/HK1262351B/en

Links

Description

Apparatus, system, and method for selectively updating key information for secure WLAN connections between a UE and a WLAN AP
Cross-referencing
The present application claims the benefit and priority from U.S. provisional patent application No.62/316,335 entitled "LTE-WLAN authentication WI-FI REKEYING AND end hand", filed on 31/3/2016 and U.S. provisional patent application No.62/327,650 entitled "LTE-WLAN authentication WI-FI REKEYING AND end hand", filed on 26/4/2016, the entire disclosures of which are incorporated herein by reference.
Technical Field
Some embodiments described herein relate generally to selectively updating key information for a secure Wireless Local Area Network (WLAN) connection between a User Equipment (UE) and a WLAN Access Point (AP).
Background
Wireless communication devices (e.g., mobile devices) may be configured to utilize a variety of wireless communication technologies.
For example, a User Equipment (UE) device may be configured to utilize cellular connections (e.g., Universal Mobile Telecommunications System (UMTS) cellular connections or Long Term Evolution (LTE) connections) as well as Wireless Local Area Network (WLAN) connections (e.g., wireless fidelity (WiFi) connections).
There is a need for efficient interworking, integration and/or management of cellular and WLAN radio access technologies.
Drawings
For simplicity and clarity of illustration, elements illustrated in the figures have not necessarily been drawn to scale. For example, the dimensions of some of the elements may be exaggerated relative to other elements for clarity. Further, reference numerals may be repeated among the figures to indicate corresponding or analogous elements. The figures are listed below.
Fig. 1 is a schematic block diagram illustration of a system according to some demonstrative embodiments.
Fig. 2 is a schematic illustration of operations and communications between a User Equipment (UE), first and second cellular managers, and a Wireless Local Area Network (WLAN) Access Point (AP), according to some demonstrative embodiments.
Fig. 3 is a schematic illustration of elements of a User Equipment (UE) according to some demonstrative embodiments.
Fig. 4 is a schematic flow chart illustration of a method of selectively updating key information for a secure WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
Fig. 5 is a schematic flow chart illustration of a method of selectively updating key information for a secure WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
Fig. 6 is a schematic flow chart illustration of a method of selectively updating key information for a secure WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments.
Fig. 7 is a schematic illustration of a product according to some demonstrative embodiments.
Detailed Description
In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of some embodiments. However, it will be understood by those skilled in the art that some embodiments may be practiced without these specific details. In other instances, well-known methods, procedures, components, units and/or circuits have not been described in detail so as not to obscure the discussion.
Discussion herein utilizing terms such as "processing," "computing," "calculating," "determining," "establishing," "analyzing," "checking," or the like, may refer to an operation and/or process of a computer, computing platform, computing system, or other electronic computing device that manipulates and/or transforms data represented as physical (e.g., electronic) quantities within the computer's registers and/or memories into other data similarly represented as physical quantities within the computer's registers and/or memories or other information storage medium that may store instructions to perform the operation and/or process.
The terms "plurality" and "a number" as used herein include, for example, "a number" or "two or more". For example, "a plurality of items" includes two or more items.
References to "one embodiment," "an exemplary embodiment," "various embodiments," etc., indicate that the embodiment described may include a particular feature, structure, or characteristic, but every embodiment may not necessarily include the particular feature, structure, or characteristic. Moreover, repeated use of the phrase "in one embodiment" may, but does not necessarily, refer to the same embodiment.
As used herein, unless otherwise specified the use of the ordinal adjectives "first", "second", "third", etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
Some embodiments may be used in conjunction with various devices and systems, such as Personal Computers (PCs), desktop computers, mobile computers, laptop computers, notebook computers, tablet computers, smartphone devices, server computers, handheld devices, Personal Digital Assistant (PDA) devices, handheld PDA devices, onboard devices, off-board devices, Internet of things (IoT) devices, sensor devices, wearable devices, hybrid devices, onboard devices, off-board devices, mobile or portable devices, consumer devices, non-mobile or non-portable devices, wireless communication stations, wireless communication devices, wireless Access Points (APs), wired or wireless routers, wired or wireless modems, video devices, audio-visual (A/V) devices, wired or wireless networks, wireless domain networks, cellular network devices, wireless Access Points (APs), wireless network devices, wireless communication systems, and methods, A cellular node, a cellular device, a Wireless Local Area Network (WLAN), a multiple-input multiple-output (MIMO) transceiver or device, a single-input multiple-output (SIMO) transceiver or device, a multiple-input single-output (MISO) transceiver or device, a device with one or more internal and/or external antennas, a Digital Video Broadcasting (DVB) device or system, a multi-standard radio device or system, a wired or wireless handheld device (e.g., a smartphone), a Wireless Application Protocol (WAP) device, a vending machine, a point-of-sale terminal, and so forth.
Some embodiments may be used in conjunction with the following devices and/or networks: according to the existing 3rd Generation Partnership Project (3GPP) and/or Long Term Evolution (LTE) specifications (including 3GPP TS 36.300 ("TS 36.300Evolved Universal Radio Access (E-UTRA) and Evolved Universal Radio Access Network (E-UTRAN); Overall description; Stage 2, version 11.7.0Release 11", 9. 2013), 3GPP TS 36.331(ETSI TS 136331; V12.3.0 (2014-09); LTE; Evolved Universal Radio Access (E-A); Radio Resource Control (RRC); Protocol Specification (3GPP TS 36.331) and/or 3GPP TS 24-3 Technical field (3GPP 36.463 V0.2.0-10), evolution technology (E-UTRA); 3GPP TS 36.331, 3GPP 3-European Resource recovery 36 12; evolution Technical field discovery (RRC); 3GPP 3-one, 3-one, 3-one, 3, onesal Terrestrial Radio Access Network (E-UTRAN) and Wireless LAN (WLAN); xw application protocol (XwAP) (Release 13))) and/or future versions and/or derivatives thereof; devices and/or networks operating according to the existing Wireless Gigabit Alliance (WGA) specifications (Wireless Gigabit Alliance, Inc WiGig MAC and PHY Specification Version 1.1,2011 month 4, Final Specification) and/or future versions and/or derivatives thereof; according to the existing IEEE802.11 standards (including IEEE802.11-201(IEEE 802.11-2012, IEEE Standard for Information technology- -Telecommunications and Information exchange between systems Local and statistical areas networks- -Specific details Part11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) details, March 29,2012) and/or IEEP 802.111rREVmcTM(IEEEP802.11REVmcTMDevice and/or network operating under the following data Standard for Information Technology-Telecommunications and Information Exchange Between Systems-Local and metropolar Area Networks-Specific Requirements-Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications)) and/or future versions and/or derivatives thereof, month 6 < D3.0,2014; devices and/or networks operating in accordance with the existing IEEE 802.16 standards (IEEE-Std 802.16,2009Edition, Air Interface for Fixed Broadband Wireless Access Systems; IEEE-Std 802.16e,2005Edition, Physical and Medium Access Control Layers for Combined Fixed and Mobile Access in Licensed Bands; revision of IEEE Std802.16-2009 developed by task group m) and/or future versions and/or derivatives thereof; according to the existing WirelessHDTMA device and/or network operating in a specification and/or future version and/or derivative thereof; units and/or devices that are part of the above-described network, etc.
Some embodiments may be used in conjunction with one or more types of wireless communication signals and/or systems, such as Radio Frequency (RF), Frequency Division Multiplexing (FDM), Orthogonal FDM (OFDM), single-carrier frequency division multiple access (SC-FDMA), Time Division Multiplexing (TDM), Time Division Multiple Access (TDMA), extended TDMA (E-TDMA), General Packet Radio Service (GPRS), extended GPRS, Code Division Multiple Access (CDMA), wideband CDMA (WCDMA), CDMA 2000, single carrier CDMA, multi-carrier modulation (MDM), discrete multi-tone (DMT), BluetoothTMGlobal Positioning System (GPS), wireless fidelity (Wi-Fi), Wi-Max and ZigBeeTMUltra Wideband (UWB), global system for mobile communications (GSM), second generation (2G), 2.5G, 3G, 3.5G, 4G, 4.5G, fifth generation (5G) mobile networks, 3GPP, Long Term Evolution (LTE) cellular systems, LTE advanced cellular systems, High Speed Downlink Packet Access (HSDPA), High Speed Uplink Packet Access (HSUPA), High Speed Packet Access (HSPA), HSPA +, single carrier radio transmission technology (1XRTT), evolution data optimized (EV-DO), enhanced data rates for GSM evolution (EDGE), and the like. Other embodiments may be used in various other devices, systems, and/or networks.
The term "wireless device" as used herein includes, for example, devices capable of wireless communication, communication stations capable of wireless communication, portable or non-portable devices capable of wireless communication, and the like. In some demonstrative embodiments, the wireless device may be or may include a peripheral integrated with the computer or a peripheral attached to the computer. In some demonstrative embodiments, the term "wireless device" may optionally include a wireless service.
The term "communication" as used herein with respect to communication signals includes: transmit communication signals and/or receive communication signals. For example, a communication unit capable of communicating communication signals may include: a transmitter for transmitting a communication signal to at least one other communication unit; and/or a communication receiver for receiving communication signals from at least one other communication unit. The verb "pass" may be used to refer to a sent action or a received action. In one example, the phrase "communicating a signal" may refer to the act of transmitting a signal by a first device and may not necessarily include the act of receiving a signal by a second device. In another example, the phrase "communicating a signal" may refer to the act of receiving a signal by a first device and may not necessarily include the act of transmitting a signal by a second device.
As used herein, the term "circuitry" may refer to, be part of, or include: an application specific integrated circuit ("ASIC"), an integrated circuit, an electronic circuit, a processor (shared, dedicated, or group) and/or memory (shared, dedicated, or group) that execute one or more software or firmware programs, a combinational logic circuit, and/or other suitable hardware components that provide the described functionality. In some embodiments, the circuitry may be implemented in, or functions associated with, one or more software or firmware modules. In some embodiments, the circuitry may comprise logic operable, at least in part, in hardware.
The term "logic" may refer to computational logic, for example, embedded in circuitry of a computing device and/or stored in memory of the computing device. For example, logic may be accessible by a processor of a computing device to execute computing logic to perform computing functions and/or operations. In one example, logic may be embedded in various types of memory and/or firmware (e.g., silicon blocks of various chips and/or processors). Logic may be included in and/or implemented as part of various circuitry (e.g., radio circuitry, receiver circuitry, control circuitry, transmitter circuitry, transceiver circuitry, processor circuitry, etc.). In one example, logic may be embedded in volatile memory and/or non-volatile memory (including random access memory, read only memory, programmable memory, magnetic memory, flash memory, persistent memory, etc.). The one or more processors may execute logic using, for example, memory (e.g., registers, stuck, buffers, etc.) coupled to the one or more processors that is necessary for the execution logic.
The term "antenna" as used herein may include any suitable configuration, structure and/or arrangement of one or more antenna elements, components, units, assemblies and/or arrays. In some embodiments, the antenna may implement transmit and receive functions using separate transmit and receive antenna elements. In some embodiments, the antenna may implement transmit and receive functions using common and/or integrated transmit/receive elements. The antennas may include, for example, phased array antennas, single element antennas, bipolar antennas, switched beam antenna sets, and the like.
The term "cell" as used herein may include a combination of network resources (e.g., downlink and optionally uplink resources). Resources may be controlled and/or allocated, for example, by a node (also referred to as a "base station"), etc. The linking between the carrier frequency of the downlink resource and the carrier frequency of the uplink resource may be indicated in system information transmitted on the downlink resource.
Some exemplary embodiments are described herein with respect to an LTE network. However, other embodiments may be implemented in other suitable cellular networks or systems (e.g., Universal Mobile Telecommunications System (UMTS) cellular systems, GSM networks, 3G cellular networks, 4G cellular networks, 4.5G networks, 5G cellular networks, WiMAX cellular networks, etc.).
Some example embodiments are described herein with respect to a WLAN system, a WiFi system, and/or a WiGig system. However, other embodiments may be implemented in any other suitable non-cellular network.
Some demonstrative embodiments are described herein in relation to a WLAN endpoint (WT) node. However, other embodiments may be implemented in any other WLAN controller, WLAN access device, WLAN Access Point (AP), WLAN Access Controller (AC), and/or WLAN access manager, node, and/or interface.
Some demonstrative embodiments may be used in connection with a deployed heterogeneous network (HetNet) which may utilize, for example, a mix of technologies, frequencies, cell sizes, and/or network architectures including cellular, millimeter wave ("mm wave" or "mmW"), and the like. In one example, a HetNet may include a radio access network having layers of different sized cells ranging from large macro cells to small cells (e.g., pico cells and femto cells). Other embodiments may be used in conjunction with any other suitable wireless communication network.
Other embodiments may be used in conjunction with any other suitable wireless communication network.
Referring now to fig. 1, fig. 1 schematically illustrates a block diagram of a system 100, according to some demonstrative embodiments.
As shown in fig. 1, in some demonstrative embodiments, system 100 may include one or more wireless communication devices capable of communicating content, data, information and/or signals via one or more Wireless Media (WM) 108. For example, system 100 may include at least one User Equipment (UE)102 capable of communicating with one or more wireless communication networks, e.g., as described below.
The wireless medium 108 may include, for example, a radio channel, a cellular channel, an RF channel, a WiFi channel, an IR channel, and so forth. One or more elements of system 100 may optionally be capable of communicating over any suitable wired communication link.
In some demonstrative embodiments, system 100 may include at least one cellular manager 104 to manage communications of a cellular network, e.g., as described below.
In some demonstrative embodiments, cellular manager 104 may include, may operate as, and/or may perform the functions of an evolved node b (eNB). For example, cellular manager 104 may be configured to: performing Radio Resource Management (RRM), radio bearer control, radio admission control (access control), connection mobility management, resource scheduling between a UE radio and an eNB radio (e.g., dynamic allocation of resources to the UE in uplink and downlink), header compression, link encryption of user data flows, packet routing of user data towards a destination (e.g., another eNB or Evolved Packet Core (EPC)), scheduling and/or sending paging messages (e.g., incoming calls and/or connection requests), broadcast information coordination, measurement reporting, and/or any other operations, communications, and/or functions.
In other embodiments, cellular manager 104 may include any other functionality, and/or may perform the functionality of any other cellular node, network controller, base station, or any other node or network device.
In one example, cellular manager 104 may be part of a UMTS. According to this example, cellular manager 104 may perform the functions of a Radio Network Controller (RNC) that may control a plurality of node B devices 157. For example, the node B may be configured to: for example, using Wideband Code Division Multiple Access (WCDMA) and/or time division synchronous code division multiple access (TD-SCDMA) air interface technologies to communicate directly with UEs, e.g., including UE 102. The RNC may comprise, for example, a UMTS RNC configured to control the node B devices 157.
In some demonstrative embodiments, system 100 may include a WLAN endpoint (WT) node 106, which may be configured to: connect to a WLAN network interface, e.g., as described herein.
Some demonstrative embodiments are described below with respect to a WT node for connecting to a WLAN network interface. In other embodiments, additional or alternative endpoint nodes may be used for network interfaces that also connect to any other non-cellular RAT networks (e.g., bluetooth networks, millimeter wave (mmWave) networks, and/or any other networks), for example, in addition to or instead of WLAN networks.
In some demonstrative embodiments, WT node 106 may be configured to: manage access (e.g., Service Set (SS), Basic Service Set (BSS), and extended service set, Homogeneous Extended Service Set (HESS), etc.) to a non-cellular network 107 (e.g., WLAN).
In some demonstrative embodiments, one or more functions of WT node 106 may be implemented, e.g., in the form of, or as a part of, a WLAN access device (e.g., a WLAN Access Point (AP) or a part of a WLAN Access Controller (AC), a part of another device, or a stand-alone device).
In other embodiments, WT node 106 may perform any other functions and/or may perform at least a portion of the functions of any other device capable of controlling and/or managing WLAN wireless access to one or more wired networks.
In one example, WT node 106 may comprise an AP, operate as an AP, and/or perform the functions of an AP, e.g., configured to: communicate directly with the UE102 via a WLAN link.
In another example, a WT node 106 may include, operate as, and/or perform the functions of an AC. According to this example, WT node 106 may control a plurality of AP devices, including, for example, a Lightweight Access Point (LAP) device 158.
In some demonstrative embodiments, UE102 may include, for example, a Mobile Device (MD), a station(STA), mobile computer, laptop computer, notebook computer, tablet computer, ultrabookTMComputers, internet of things (IoT) devices, wearable devices, sensor devices, mobile internet devices, handheld computers, handheld devices, storage devices, PDA devices, handheld PDA devices, onboard devices, off-board devices, hybrid devices (e.g., combining cell phone functionality with PDA device functionality), consumer devices, onboard devices, offboard devices, mobile or portable devices, mobile phones, cell phones, PCS devices, mobile or portable GPS devices, DVB devices, relatively small computing devices, non-desktop computers, "light loader" devices (CSLL) devices, Ultra Mobile Devices (UMD), ultra mobile PCS (umpc), Mobile Internet Devices (MID), "origami" devices or computing devices, video devices, audio devices, a/V devices, gaming devices, media players, smart phones, and the like.
In some demonstrative embodiments, system 100 may include at least one WLAN AP 119. In some demonstrative embodiments, WT node 106 may include, may be operable to, and/or may perform one or more functions of WLAN AP119, e.g., as described below. In other embodiments, WLAN AP119 and WT node 106 may be implemented as two separate and/or independent units, component devices, and/or entities of system 100, e.g., as described below.
In some demonstrative embodiments, UE102, cellular manager 104, WT node 106 and/or WLAN AP119 may include one or more communication interfaces to perform communication between UE102, cellular manager 104, WT node 106, WLAN AP119 and/or with one or more other wireless communication devices, e.g., as described below.
Some demonstrative embodiments include an interface 199 (also known as an "access device interface," "horizontal interface," "Xw interface," "X2-W interface," or "cellular/WLAN interface"), which may include circuitry and/or logic configured to interface, directly or indirectly, for example, between a cellular network element (e.g., cellular manager 104) and a WLAN element (e.g., WT node 106), as described in detail below.
In some demonstrative embodiments, interface 199 may be implemented as an interface between an eNB and a WT node, e.g., as described below. However, in other embodiments, cellular/WLAN interface 199 may be implemented to interface directly between any other cellular device and any other WLAN device. In one example, the cellular/WLAN interface 199 may be implemented to interface directly between an eNB and a WLAN AP or WLAN AC (e.g., WLAN AP 119). In another example, cellular/WLAN interface 199 may be implemented to interface directly between a UMTS RNC and a WT node. In another example, the cellular/WLAN interface 199 may be implemented to interface directly between the UMTS RNC and a WLAN AP or AC (e.g., WLAN AP 119).
In some demonstrative embodiments, interface 199 may be utilized to enhance and/or increase the efficiency of interworking, integration, and/or management of cellular and WLAN radio access technologies.
In some demonstrative embodiments, interface 199 may be configured to: for example, in addition to conveying control plane information, one or more aggregation operations and/or functions are performed and/or supported, e.g., conveying traffic.
In some demonstrative embodiments, interface 199 may be utilized to improve efficiency of resource management, provide efficient load balancing, and/or improve mobility between Radio Access Technology (RAT) networks.
In some demonstrative embodiments, cellular manager 104 may include an interface ("Core Network (CN) interface") 146 (e.g., a vertical interface) including circuitry and/or logic configured to communicate with one or more elements of CN183, e.g., an Evolved Packet Core (EPC).
In some demonstrative embodiments, CN interface 146 may include an S1 vertical interface configured to: for example, if cellular manager 104 performs the functions of an eNB, communication between cellular manager 104 and serving gateway (S-GW)185 is conducted according to the S1 protocol. According to this example, S-GW 187 may interface between cellular manager 104 and Packet Data Network (PDN) gateway (P-GW) 187.
In other embodiments, CN interface 146 may comprise any other vertical interface with one or more elements of CN 183. For example, cellular manager 104 may perform the functions of an RNC in, for example, a UMTS system. According to this example, the CN interfaces 146 may include an interface unit circuit switched (Iu-CS) interface and an interface unit packet switched (Iu-PS) interface to interface between the RNC and one or more packet switched or circuit switched CN elements.
In some demonstrative embodiments, cellular manager 104 may include an interface including circuitry and/or logic to communicate user-plane traffic directly or indirectly between CN183 and UE 102.
In some demonstrative embodiments, cellular manager 104 may communicate the user-plane traffic directly with UE102, e.g., if cellular manager 104 performs the functions of an eNB. In accordance with these embodiments, the cellular manager 104 may include an air interface (e.g., a cellular transceiver (TRx)167) including circuitry and/or logic configured to communicate with the UE102 via a cellular link.
In other embodiments, for example, if cellular manager 104 performs the functions of an RNC, cellular manager 104 may communicate user plane traffic with UE102 via node B157. According to these embodiments, the cellular manager 104 may include a node B interface 161 to communicate between the RNC and the node B157. For example, the node B interface 161 may include an interface unit B (iub).
In some demonstrative embodiments, cellular manager 104 may include a WT node interface 169 (also referred to as a "WLAN interface" or "WLAN control interface") including circuitry and/or logic configured to communicate with WT node 106 and/or with one or more WLAN Stations (STAs), e.g., as described below. In one example, interface 169 may comprise an AP interface, e.g., if WT node 106 performs the functions of an AP. In another example, interface 169 may comprise an AC interface, e.g., if WT node 106 performs the function of an AC. In another example, the interface 169 may include any other non-cellular RAT interface to communicate with nodes of a non-cellular RAT network.
In some demonstrative embodiments, WT node 106 may include a cell manager interface ("cellular interface") 192 including circuitry and/or logic configured to communicate with cellular manager 104. In one example, interface 192 may comprise an eNB interface, e.g., if cellular manager 104 performs the functions of an eNB. In another example, interface 192 may comprise an RNC interface, for example, if cellular manager 104 performs the functions of an RNC.
In some demonstrative embodiments, interfaces 169 and 192 may be configured to: a direct link via interface 199 communicates between cellular manager 104 and WT node 106.
In some demonstrative embodiments, interface 199 may include a point-to-point (P2P) link, e.g., as described below.
In some demonstrative embodiments, interface 199 may be implemented by any wired and/or wireless link, e.g., using any suitable physical layer (PHY) component and/or protocol.
In some demonstrative embodiments, WT node 106 may include a network interface 196, including circuitry and/or logic configured to communicate network traffic with wired network 177, e.g., the internet and/or any other network.
In some demonstrative embodiments, WT node 106 may include a WLAN interface 193, including circuitry and/or logic configured to communicate network traffic and/or any other traffic with UE102, either directly or indirectly via a WLAN.
In some demonstrative embodiments, WT node 106 may communicate directly with UE102 via a WLAN link if WT node 106 includes WLAN AP119, operates as WLAN AP119, or performs the functions of WLAN AP 119. In accordance with these embodiments, WLAN interface 193 may include WLAN radio 194 comprising circuitry and/or logic configured to communicate network traffic and/or any other traffic directly with UE102, e.g., via a WLAN link between WT node 106 and UE102, e.g., if WT node 106 includes WLAN AP119, operates as WLAN AP119, or performs the functions of WLAN AP 119.
In some demonstrative embodiments, WT node 106 may communicate indirectly with UE102, e.g., if WT node 106 performs the function of an AC, or if WT node 106 is a separate entity from a WLAN AC or WLAN AP. In accordance with these embodiments, WLAN interface 193 may include, for example, an AP interface (e.g., LAP interface 159) to communicate network traffic and/or any other traffic with WLAN AP119 and/or LAP 158.
In some demonstrative embodiments, WLAN interface 193 may include any other additional or alternative interface to communicate directly and/or indirectly via a WLAN.
In some demonstrative embodiments, UE102 may include a non-cellular RAT transceiver (TRx)163 (e.g., WLAN TRx 163) including circuitry and/or logic configured to communicate with a WLAN device (e.g., with WLAN AP119, WT node 106, and/or with LAP 158) via a WLAN link. Some embodiments are described below with respect to a UE (e.g., UE 102) that includes a WLAN TRx for communicating over a WLAN. In other embodiments, the UE may include any additional or alternative non-cellular RAT TRx (e.g., bluetooth TRx and/or any other TRx) to communicate over any additional or alternative non-cellular RAT network.
In some demonstrative embodiments, UE102 may include a cellular transceiver (TRx)165 including circuitry and/or logic configured to communicate with a cellular network, e.g., via a cellular link, e.g., via a cellular device (e.g., cellular manager 104 and/or node B157).
In some demonstrative embodiments, WLAN AP119 may include a network interface 121 including circuitry and/or logic configured to communicate with at least one network node. In one example, network interface 121 may comprise a WT node interface to communicate with WT node 106. In another example, network interface 121 may include a cellular manager interface to communicate with cellular manager 104, e.g., via interface 199, e.g., if WLAN AP119 is implemented by and/or co-located with WT node 106.
In some demonstrative embodiments, WLAN AP119 may include a WLAN TRx122 including circuitry and/or logic configured to communicate traffic with UE102, e.g., via a WLAN link between WLAN AP119 and UE 102.
In some demonstrative embodiments, WLAN TRx163, cellular TRx 165, cellular TRx 167, WLAN TRx122 and/or WLAN radio 194 may include one or more wireless transmitters, receivers and/or transceivers including circuitry and/or logic to process, encode, decode, transmit and/or receive wireless communication signals, RF signals, frames, blocks, transmission streams, packets, messages, data items and/or data.
In some demonstrative embodiments, WLAN TRx 167, WLAN TRx122, and/or WLAN radio 194 may include: one or more wireless receivers (Rx) comprising circuitry and/or logic for receiving wireless communication signals, RF signals, frames, blocks, transport streams, packets, messages, data items, and/or data; and/or one or more wireless transmitters (Tx) that contain circuitry and/or logic for transmitting wireless communication signals, RF signals, frames, blocks, transmission streams, packets, messages, data items, and/or data. For example, WLAN TRx 167, WLAN TRx122, and/or WLAN radio 194 may include circuitry; logic; radio Frequency (RF) elements, circuits and/or logic; baseband elements, circuitry and/or logic; modulation elements, circuitry and/or logic; demodulation elements, circuitry and/or logic; an amplifier; an analog-to-digital converter and/or a digital-to-analog converter; a filter; and the like.
In some demonstrative embodiments, cellular TRx 167 and/or cellular TRx 165 may include a multiple-input multiple-output (MIMO) transmitter-receiver system (not shown) capable of performing an antenna beamforming method, if desired. In other embodiments, cellular TRx 167 and/or cellular TRx 165 may include any other transmitter and/or receiver.
In some demonstrative embodiments, cellular TRx 167 and/or cellular TRx 165 may include LTE, WCDMA, and/or TD-SCDMA modulator and/or demodulator circuitry (not shown) configured to: modulate and/or demodulate downlink signals to be communicated over, for example, a downlink channel between cellular manager 104 and UE102, and/or modulate and/or demodulate uplink signals to be communicated over, for example, an uplink channel between UE102 and cellular manager 104. In other embodiments, cellular TRx 167 and/or cellular TRx 165 may include any other modulators and/or demodulators.
In some demonstrative embodiments, cellular TRx 167 and/or cellular TRx 165 may include a turbo decoder and/or a turbo encoder (not shown) including circuitry and/or logic to encode and/or decode the data bits into data symbols, if desired. In some demonstrative embodiments, cellular TRx 167 and/or cellular TRx 165 may include an OFDM and/or SC-FDMA modulator and/or demodulator (not shown) configured to: OFDM signals are communicated over Downlink (DL) channels and/or SC-FDMA signals are communicated over Uplink (UL) channels.
In some demonstrative embodiments, UE102 may establish a WLAN link with WLAN AP 119. For example, the WLAN TRx163 may be operable and/or perform the functions of one or more STAs (e.g., one or more WiFi STAs, WLAN STAs, and/or DMG STAs). The WLAN link may include an uplink and/or a downlink. The WLAN downlink may include, for example, a unidirectional link from the WLAN AP119 to one or more STAs. The uplink may include, for example, a unidirectional link from the STA to the WLAN AP 119.
In some demonstrative embodiments, WT node 106 may be configured to: e.g., in a co-sited LTE/WLAN aggregation implementation, operates to and/or performs one or more functions of the WLAN AP 119.
In some demonstrative embodiments, WT node 106 may be configured to: controls and/or communicates with one or more WLAN APs 119 (e.g., a plurality of WLAN APs 119), e.g., as described below.
In some demonstrative embodiments, UE102, cellular manager 104, WLAN AP119, and/or WT node 106 may include or may be associated with one or more antennas. In one example, WLAN TRx163 and/or cellular TRx 165 may be associated with at least two antennas (e.g., antennas 112 and 114) or any other number of antennas (e.g., one antenna or more than two antennas); cellular TRx 167 may be associated with at least two antennas (e.g., antennas 132 and 134) or any other number of antennas (e.g., one antenna or more than two antennas); WLAN radio 194 may be associated with one or more antennas 135; and/or WLAN TRx122 may be associated with one or more antennas 124.
In some demonstrative embodiments, antennas 112, 114, 132, 134, 135 and/or 124 may include any type of antenna suitable for transmitting and/or receiving wireless communication signals, blocks, frames, transmission streams, packets, messages and/or data. For example, antennas 112, 114, 132, 134, 124, and/or 135 may include any suitable configuration, structure, and/or arrangement of one or more antenna elements, components, units, assemblies, and/or arrays. For example, antennas 112, 114, 132, 134, 124, and/or 135 may include a phased array antenna, a bipolar antenna, a single element antenna, a set of switched beam antennas, and/or the like.
In some embodiments, antennas 112, 114, 132, 134, 124, and/or 135 may implement transmit and receive functions using separate transmit and receive antenna elements. In some embodiments, antennas 112, 114, 132, 134, 124, and/or 135 may implement transmit and receive functions using common and/or integrated transmit/receive elements.
In some demonstrative embodiments, cellular manager 104 may include at least one controller component 182, UE102 may include at least one controller component 197, WLAN AP119 may include at least one controller component 123, and/or WT node 106 may include at least one controller component 149. The controllers 182, 197, 123, and/or 149 may be configured to: triggering one or more communications; generating and/or triggering communication and/or transmission of one or more messages; and/or perform one or more functions, operations, and/or processes, e.g., as described below.
In some demonstrative embodiments, controllers 182, 197, 123 and/or 149 may include circuits and/or logic, e.g., one or more processors including circuits and/or logic, memory circuits and/or logic, Media Access Control (MAC) circuits and/or logic, physical layer (PHY) circuits and/or logic, and/or any other circuits and/or logic configured to perform the functions of controllers 182, 197, 123 and/or 149, respectively. Additionally or alternatively, one or more functions of controllers 182, 197, and/or 149 may be implemented by logic executable by a machine and/or one or more processors, e.g., as described below.
In one example, controller 182 may comprise circuitry and/or logic (e.g., one or more processors comprising circuitry and/or logic) configured to cause, request, and/or trigger cellular manager 104 to perform one or more operations, communications, and/or functions, e.g., as described herein. In one example, the controller 197 may comprise circuitry and/or logic (e.g., one or more processors comprising circuitry and/or logic) configured to cause, request and/or trigger the UE102 to perform one or more operations, communications and/or functions, e.g., as described herein. In one example, the controller 123 may comprise circuitry and/or logic (e.g., one or more processors comprising circuitry and/or logic) configured to cause, request, and/or trigger the WLAN AP119 to perform one or more operations, communications, and/or functions, e.g., as described herein. In one example, controller 149 may comprise circuitry and/or logic (e.g., one or more processors comprising circuitry and/or logic) configured to cause, request and/or trigger WT node 106 to perform one or more operations, communications and/or functions, e.g., as described herein.
In some demonstrative embodiments, cellular manager 104 may include a message processor 144 configured to: generates, processes and/or accesses one or more messages communicated by cellular manager 104. In one example, the message processor 144 may be configured to: generate one or more messages to be sent by cellular manager 104, and/or message processor 144 may be configured to: access and/or process one or more messages received by cellular manager 104, e.g., as described below.
In some demonstrative embodiments, UE102 may include a message processor 198 configured to: one or messages communicated by the UE102 are generated, processed, and/or accessed. In one example, the message processor 198 may be configured to: generate one or more messages to be sent by the UE102, and/or the message processor 198 may be configured to: access and/or process one or more messages received by UE102, e.g., as described below.
In some demonstrative embodiments, WLAN AP119 may include a message processor 125 configured to: generates, processes and/or accesses one or more messages communicated by the WLAN AP 119. In one example, the message processor 125 may be configured to: generate one or more messages to be transmitted by the WLAN AP119, and/or the message processor 125 may be configured to: access and/or process one or more messages received by WLAN AP119, e.g., as described below.
In some demonstrative embodiments, WT node 106 may include a message processor 150 configured to: one or messages communicated by WT node 106 are generated, processed and/or accessed. In one example, the message processor 150 may be configured to: generate one or more messages to be sent by WT node 106, and/or message processor 150 may be configured to: access and/or process one or more messages received by WT node 106, e.g., as described below.
In some demonstrative embodiments, message processors 144, 198, 125 and/or 150 may include circuits, e.g., processor circuits, memory circuits, Medium Access Control (MAC) circuits, physical layer (PHY) circuits, and/or any other circuits configured to perform the functions of message processors 144, 198, 125 and/or 150. Additionally or alternatively, one or more functions of message processors 144, 198, 125, and/or 150 may be implemented by machine and/or logic that one or more processors may execute, for example, as described below.
In some demonstrative embodiments, at least a portion of the functionality of message processor 144 may be implemented as part of cellular TRx 167 and/or WT node interface 169; at least a portion of the functionality of the message processor 198 may be implemented as part of the cellular TRx 165 and/or the WLAN TRx 163; at least a portion of the functionality of the message processor 125 may be implemented as part of the WLAN TRx 122; and/or at least a portion of the functionality of message processor 150 may be implemented as part of interface 192 and/or interface 193.
In some demonstrative embodiments, at least a portion of the functionality of message processor 144 may be implemented as part of controller 182; at least a portion of the functionality of message processor 198 may be implemented as part of controller 197; at least a portion of the functionality of the message processor 125 may be implemented as part of the controller 123; and/or at least a portion of the functionality of message processor 150 may be implemented as part of controller 149.
In other embodiments, at least a portion of the functionality of message processor 144 may be implemented as part of any other element of cellular manager 104, at least a portion of the functionality of message processor 198 may be implemented as part of any other element of UE102, at least a portion of the functionality of message processor 125 may be implemented as part of any other element of WLAN AP119, and/or at least a portion of the functionality of message processor 150 may be implemented as part of any other element of WT node 106.
In some demonstrative embodiments, at least a portion of the functionality of controller 197 and/or message processor 198 may be implemented by an integrated circuit, e.g., a chip, e.g., a system-on-a-chip (SoC). In one example, a chip or SoC may be configured to: performs one or more functions of the cellular transceiver 165 and/or the WLAN TRx 163. For example, the chip or SoC may include one or more elements of the controller 197, message processor 198, and/or one or more elements of the cellular transceiver 165 and/or the WLAN TRx 163. In one example, the controller 197, message processor 198, cellular transceiver 163, and WLAN TRx163 may be implemented as part of a chip or SoC. In other embodiments, the controller 197, message processor 198, cellular transceiver 165, and/or WLAN TRx163 may be implemented by one or more additional or alternative elements of the UE 102.
In some demonstrative embodiments, at least a portion of the functionality of controller 182 and/or message processor 144 may be implemented by an integrated circuit, e.g., a chip, e.g., a system-on-a-chip (SoC). In one example, a chip or SoC may be configured to: performs one or more functions of cellular transceiver 167 and/or WT node interface 169. For example, the chip or SoC may include one or more elements of controller 182, message processor 144, and/or one or more elements of cellular transceiver 167 and/or WT node interface 169. In one example, controller 182, message processor 144, cellular transceiver 167, and WT node interface 169 may be implemented as part of a chip or SoC. In other embodiments, controller 182, message processor 144, cellular transceiver 167, and/or WT node interface 169 may be implemented by one or more additional or alternative elements of cellular manager 104.
In some demonstrative embodiments, at least a portion of the functionality of controller 149 and/or message processor 150 may be implemented by an integrated circuit, e.g., a chip, e.g., a system-on-a-chip (SoC). In one example, a chip or SoC may be configured to: performs one or more functions of WLAN interface 193 and/or cellular manager interface 192. For example, the chip or SoC may include the controller 149, one or more elements of the message processor 150, and/or one or more elements of the WLAN interface 193 and/or the cellular manager interface 192. In one example, the controller 149, message processor 150, WLAN interface 193, and cellular manager interface 192 may be implemented as part of a chip or SoC. In other embodiments, controller 149, message processor 150, WLAN interface 193, and/or cellular manager interface 192 may be implemented by one or more additional or alternative elements of WT node 106.
In some demonstrative embodiments, at least a portion of the functionality of controller 123 and/or message processor 125 may be implemented by an integrated circuit, e.g., a chip, e.g., a system-on-a-chip (SoC). In one example, a chip or SoC may be configured to: performs one or more functions of network interface 121 and/or WLAN TRx 122. For example, the chip or SoC may include controller 123, one or more elements of message processor 125, and/or one or more elements of WLAN TRx122 and/or network interface 1212. In one example, the controller 123, message processor 125, WLAN TRx122, and network interface 121 may be implemented as part of a chip or SoC. In other embodiments, the controller 123, message processor 125, WLAN TRx122, and/or network interface 121 may be implemented by one or more additional or alternative elements of the WLAN AP 119.
In some demonstrative embodiments, cellular manager 104, WT node 106, WLAN AP119 and/or UE102 may further include, for example, one or more of a processor, an input unit, an output unit, a memory unit and/or a storage unit. For example, cellular manager 104 may include a processor 173 and/or a memory 174; WT node 106 may include processor 175 and/or memory 176; the WLAN AP may include a processor 129 and/or a memory 127; and/or UE102 may include memory 151, processor 152, input unit 153, output unit 154, and/or storage unit 155. UE102, cellular manager 104, WLAN AP119, and/or WT node 106 may optionally include other suitable hardware components and/or software components. In some demonstrative embodiments, some or all of the components of one or more of UE102, cellular manager 104, WLAN AP119 and/or WT node 106 may be enclosed in a common housing or package and may be interconnected or operatively associated using one or more wired or wireless links. In other embodiments, components of one or more of UE102, cellular manager 104, WLAN AP119, and/or WT node 106 may be distributed among multiple or separate devices.
In some demonstrative embodiments, processors 173, 175, 129 and/or 152 may include, for example, a Central Processing Unit (CPU), a Digital Signal Processor (DSP), one or more processor cores, a single-core processor, a dual-core processor, a multi-core processor, a microprocessor, a host processor, a controller, a plurality of processors or controllers, a chip, a microchip, one or more circuits, a loop, a logic unit, an Integrated Circuit (IC), an application-specific IC (asic), or any other suitable multi-purpose or application-specific processor or controller. For example, processor 173 may execute instructions of, for example, an Operating System (OS) of cellular manager 104 and/or one or more suitable applications; processor 175 may execute instructions of the OS of WT node 106 and/or one or more suitable applications; the processor 129 may execute instructions of the OS of the WLAN AP119 and/or one or more suitable applications; and/or processor 152 may execute instructions of an OS of UE102 and/or one or more suitable applications.
In some exemplary embodiments, the input unit 153 may include, for example, a keyboard, a keypad, a mouse, a touch screen, a touch pad, a trackball, a stylus, a microphone, or other suitable pointing device or input device. Output unit 154 includes, for example, a monitor, screen, touch screen, flat panel display, Light Emitting Diode (LED) display unit, Liquid Crystal Display (LCD) display unit, plasma display unit, one or more audio speakers or headphones, or other suitable output device.
In some demonstrative embodiments, memory units 174, 176 and/or 151 may include, for example, Random Access Memory (RAM), read-only memory (ROM), Dynamic RAM (DRAM), synchronous DRAM (SD-RAM), flash memory, volatile memory, non-volatile memory, cache memory, a buffer, a short-term memory unit, a long-term memory unit, or other suitable memory units. Storage unit 155 includes, for example, a hard disk drive, a floppy disk drive, a Compact Disk (CD) drive, a CD-ROM drive, a DVD drive, or other suitable removable or non-removable storage units. For example, memory unit 174 may store data processed by cellular manager 104; memory unit 151 may store data processed by UE 102; the memory unit 127 may store data processed by the WLAN AP 119; and/or memory unit 176 may store data processed by WT node 106.
In some demonstrative embodiments, UE102 may be configured to: a cellular connection (e.g., an LTE cellular connection or any other cellular connection) is utilized to communicate with cellular manager 104, and a WLAN connection (e.g., a WiFi connection, an mmWave connection, a wireless P2P connection, or any other WLAN connection) is utilized to communicate with WLAN AP119, which may be connected to, implemented by, and/or controlled by WT node 106, for example.
In some demonstrative embodiments, one or more elements of system 100 may perform the functions of a HetNet, which may utilize a deployment of technologies, frequencies, cell sizes, and/or a mix of network architectures, e.g., including cellular, WLAN, and the like.
For example, hetnets may be configured to: services are provided through a first wireless communication environment (e.g., a cellular network) and maintained when switching to another communication environment (e.g., a WLAN). The HetNet architecture may enable utilization of a mix of wireless communication environments (e.g., WLAN environments and cellular environments), for example, to optimally respond to changes in consumer demand, reduce power consumption, reduce cost, increase efficiency, and/or achieve any other benefit.
In one example, the system 100 can utilize a multi-tier, multi-radio access technology (multi-RAT) Het-Net architecture that includes a hierarchy of small cells (e.g., pico, femto, relay, wifi aps, etc.) overlaid on top of a macro cellular deployment to augment network capacity.
In another example, the system 100 may utilize a multi-RAT small cell that integrates multiple radios (e.g., WiFi and 3GPP air interfaces) in a single infrastructure device.
In other embodiments, system 100 may implement any other architecture and/or deployment.
In some demonstrative embodiments, UE102 and/or cellular manager 104 may be configured to: one or more evolved UMTS terrestrial radio access network (E-UTRAN) radio access bearers (E-RABs) are established between UE102 and S-GW 185, e.g., via cellular manager 104.
In some demonstrative embodiments, UE102, cellular manager 104 and/or WT node 106 may be configured to: the communication is performed according to an LTE/WLAN protocol aggregation (LWA) scheme, for example, as described below.
In some demonstrative embodiments, the LTE/WLAN protocol stack aggregation may be configured to: enabling LTE interworking with a WLAN protocol stack.
In some demonstrative embodiments, the LTE/WLAN protocol stack aggregation may be configured to: WLAN mobility is anchored at cellular manager 104.
In some demonstrative embodiments, cellular manager 104 and/or WT node 106 may be configured according to a non-co-sited LTE/WLAN aggregated network architecture, e.g., where cellular manager 104 and WT node 106 are not co-sited as part of an integrated device, and/or where interface 199 is not an internal interface.
In some demonstrative embodiments, cellular manager 104 and/or WT node 106 may be configured according to a co-sited LTE/WLAN aggregated network architecture, e.g., where cellular manager 104 and WT node 106 may be co-sited as part of an integrated device, and/or where interface 199 is an internal interface.
Current solutions for establishing a secure connection between a WLAN Station (STA) and a WLAN AP assume that the connection establishment between the WLAN STA and the WLAN AP is applied over the air as a shared medium and is therefore not secure. Thus, current solutions require, for example, that association procedures and/or authentication procedures be performed before allowing communication of secure traffic between the WLAN AP and the WLAN STA.
For example, some specifications and/or protocols (e.g., IEEE802.11 specifications) may define one or more protocols ("IEEE 802.11 protocols") for establishing a connection between a WLAN STA (e.g., a mobile UE) and a WLAN AP. The IEEE802.11 protocols all require the wireless station and the WLAN AP to participate in authentication and association processes, for example, to establish security keys to be used to establish a secure connection between the wireless station and the WLAN AP. For example, the IEEE802.11 protocol requires that both the WLAN STA and the WLAN AP support and use complex algorithms and protocols (e.g., operations and/or procedures according to the IEEE802.1X specification, operations and/or procedures according to the Extensible Authentication Protocol (EAP), operations and/or procedures according to the Security Attribute Exchange (SAE) protocol, operations and/or procedures according to the limited field encryption protocol, and/or operations and/or procedures according to the elliptic curve encryption protocol), as well as one or more authentication devices in the network (e.g., an authentication, authorization, and accounting (AAA) server).
In some demonstrative embodiments, UE102 and WLAN AP119 may be configured to: for example, a secure connection is established according to an authentication process that may utilize a security key (e.g., a Pairwise Master Key (PMK)). For example, the PMK may be used, e.g., during a four-way (4-way) handshake process, to generate one or more security keys (e.g., one or more Transient Keys (TK)), which may be used to secure communications between the UE102 and the WLAN AP 119. For example, UE102 and/or WLAN AP119 may be configured to: the security keys are used to encrypt/decrypt traffic transmitted from UE102 to WLAN AP119 and/or from WLAN AP119 to UE 102.
In some demonstrative embodiments, the LWA scheme may utilize a WLAN authentication procedure, which may, for example, employ a connection between cellular manager 114 and WLAN AP119, e.g., via an internal interface (e.g., if WLAN AP119 is co-located with cellular manager 114) or via an external interface (e.g., via interface 199 and/or WT node 106).
In some demonstrative embodiments, cellular manager 104 may be configured to: enabling the UE102 and WLAN AP119 to use coordination of the PMK, e.g., as described below.
In some demonstrative embodiments, controller component 182 may be configured to: controls the transmission of the first key information from cellular manager 104 to UE102 and the second key information from cellular manager 104 to WLAN AP119, e.g., as described below.
In some demonstrative embodiments, the second key information provided to WLAN AP119 may be based on the first key information provided to UE102, e.g., as described below.
In some demonstrative embodiments, the first and second key information may be configured to: coordination of UE102 and WLAN AP119 using PMK is facilitated, e.g., for 4-way handshaking, e.g., as described below.
In some demonstrative embodiments, the PMK may include a reference S-K, which may correspond to WT node 106WTThe key of (2) is, for example, as described below.
In some demonstrative embodiments, the PMK may be based on a counter value (e.g., a WT counter provided by WT node 106) and may be known to cellular manager 104 and UE102, denoted as KenbE.g., an eNB key (KeNB).
In some demonstrative embodiments, controller 149 may be configured to: causing WT node 106 to send the WT counter to cellular manager 104, e.g., via interface 199. In one example, the controller 182 may be configured to: for example, a WT counter is obtained from WT node 106 when a WT session is generated between cellular node 104 and WT node 106, and/or at one or more additional or alternative instances.
In some demonstrative embodiments, the first key information provided from cellular manager 104 to UE102 may include a WT counter. For example, the controller 182 may be configured to: causing cellular manager 104 to send a message (e.g., a Radio Resource Control (RRC) message) to UE102 including the WT counter.
In one example, the controller 182 may be configured to: such that cellular manager 104 provides the eNB key to UE102 via an RRC message (e.g., as part of a handshake (e.g., an LTE handshake)), for example, between cellular manager 104 and UE 102.
In some demonstrative embodiments, controller component 197 may be configured to: the PMK is determined based on a WT counter provided by cellular manager 104 and an eNB key corresponding to cellular manager 104.
In some demonstrative embodiments, the second key information provided from cellular manager 104 to WLAN AP119 may include a PMK.
In some demonstrative embodiments, controller component 182 may be configured to: for example, the PMK is determined based on a WT counter of WT node 106 and an eNB key corresponding to cellular manager 104.
In some demonstrative embodiments, controller component 182 may be configured to: causing cellular manager 104 to provide the second key information including the PMK to WLAN AP119, e.g., directly or via WT node 106. For example, the controller component 182 may be configured to: causing cellular manager 104 to send a message to WT node 106, e.g., via interface 199, including the PMK and an indication of UE102 that is to use the PMK (e.g., the MAC address of UE 102) and/or an indication of a WLAN AP (e.g., the MAC address or Service Set Identifier (SSID)).
In some demonstrative embodiments, an eNB (e.g., cellular manager 104) may, for example, be based on the eNB's KeNBAnd a WT counter (e.g., of a WT node 106 connected between the eNB and the WLAN AP) generates a PMK (e.g., key S-K) to be used to establish a secure session between a UE (e.g., UE 102) and a WLAN AP (e.g., WLAN AP119)WT)。
In some demonstrative embodiments, an eNB (e.g., cellular manager 104) may be configured to: secret key S-KWTTo WT node(e.g., WT node 106) that can encrypt the S-KWTTo a WLAN AP (e.g., WLAN AP 119).
In some demonstrative embodiments, an eNB (e.g., cellular manager 104) may communicate the WT counter to UE102, e.g., using an RRC protocol, and UE102 may, e.g., be based on the secret key S-KWTAnd K of eNBeNBE.g. independently deriving the secret S-KWT
In some demonstrative embodiments, keys S-K may be used, for example, when establishing an LWA session between a UE (e.g., UE 102) and an eNB (e.g., cellular manager 104) via a WLAN AP (e.g., WLAN AP119)WTMay be used as a PMK by a UE (e.g., UE 102) and a WLAN AP (e.g., WLAN AP119) for WLAN authentication.
In some demonstrative embodiments, the secret key S-K to be used at UE102 and WLAN AP119WTThe coordination and/or synchronization of (a) may enable at least elimination of time consuming ieee802.1x authentication processes, e.g., while allowing generation of one or more actual security keys (e.g., TK) using only a 4-way handshake process to secure communications between WLAN AP119 and UE 102.
In some exemplary embodiments, when establishing an LWA session using a first version of PMK, it may be preferable to choose not to generate and/or choose not to use a new or second version of PMK during the active LWA session, e.g., as described below.
In some demonstrative embodiments, in some cases, generating the new K may be triggered, e.g., based on a handover of the UE (e.g., intra-eNB handover or inter-eNB handover) or thereaftereNB. For example, an intra-eNB handover may include a handover of a UE from a first cell to a second cell in the same eNB. For example, an inter-eNB handover may include a handover of a UE from a first cell of a first eNB to a second cell of a second eNB. inter-eNB and/or intra-eNB handovers may trigger generation of a new K for a UE being handed overeNB
In other embodiments, the generation of the new K may be triggered by the eNB based on any other additional or alternative event and/or for any other reasoneNB. In one example, the eNB may generate a new KeNBE.g. to refresh K periodicallyeNB
In some demonstrative embodiments, a first eNB (also referred to as eNodeB #1) (e.g., first cellular manager 104) may be based, for example, on K of eNodeB #1eNBAnd the WT counter generates the PMK. eNodeB #1 may, for example, communicate the PMK to WLAN AP119, e.g., by directly providing the PMK to WLAN AP119 (e.g., if WLAN AP119 is co-located with eNodeB #1) or by providing the PMK to WT node 106 connected to WLAN AP119 (e.g., if WLAN AP119 is not co-located with eNodeB # 1).
In some demonstrative embodiments, eNodeB #1 may provide the WT counter to UE102, e.g., via RRC signaling.
In some demonstrative embodiments, K of eNodeB #1 may be owned, e.g., upon LWA activation by eNodeB #1, and based on receipt of the WT countereNBMay be able to derive the PMK, e.g., independently.
In some demonstrative embodiments, UE102 and WLAN AP119 may begin a 4-way handshake process, e.g., once the same PMK is set at WLAN AP119 and UE102, e.g., to generate one or more security keys (e.g., a set of transient keys), which may be used by UE102 and/or WLAN AP119 for encryption and/or decryption processes, e.g., to secure communications over the WLAN link between WLAN AP119 and UE102, e.g., during an LWA session of UE102 via WLAN AP 119.
In some demonstrative embodiments, generation of the new K may be triggered, e.g., by eNodeB #1, e.g., as a result of an inter-eNB handover, or for any other reasoneNB(ii) a Or, for example, the generation of a new K may be triggered by a second eNB (also referred to as "eNodeB # 2") (e.g., the second cellular manager 104) as a result of intra-eNB handovereNB
For example, eNodeB #2 may take care of the LWA connection of UE102 after the inter-eNB handover process from eNodeB #1 to eNodeB # 2.
In some demonstrative embodiments, it may not be advantageous, e.g., to base eNodeB #2 on K of eNodeB #2eNBGenerate a new PMK for UE102 and WLAN AP119, andand/or cause UE102 and WLAN AP119 to use the new PMK. For example, providing the new PMK to WLAN AP119 and/or UE102 may trigger re-association and/or re-keying processes at WLAN AP119 and/or UE102, which may result in packet loss and/or service degradation.
In some exemplary embodiments, it may not be advantageous, for example, when the LWA is active, e.g., even when triggering generation of a new KeNBAt this time, a new S-K is generated at the eNBWTAnd/or PMK, and/or use of new S-K at UE and WLAN APWTAnd/or PMK, for example, as described below.
In some demonstrative embodiments, it may not be easy to ensure that WLAN AP119 and UE102 start using the new PMK at the same time. Thus, generating and/or using a new PMK during an active LWA session of the UE102 via the WLAN AP119 may require disabling the LWA, e.g., before transitioning to using the new PMK (e.g., before handover), and potentially reactivating the LWA, e.g., after handover, to enable use of the new PMK.
However, disabling of LWA may at least result in service degradation, e.g., LTE capacity may degrade without WLAN connectivity.
For example, the requirement is based on when a new K is generatedeNBGenerating and using new S-KWTAnd/or the PMK may cause the WLAN AP and the UE to begin a re-association or re-keying process to enable use of the new S-KWTAnd/or PMK. However, the reassociation process may be lengthy and may result in service degradation. Although the re-keying process may be faster, if the re-keying process is not synchronized between the WLAN AP and the UE, some packet loss may occur because the WLAN AP may buffer and send packets encrypted with the old transient key based on the old PMK. While in theory multiple key identifiers may be used for different keys (e.g., for old and new keys), in practice this may rarely be the case. Furthermore, using multiple key identifiers may require a complex synchronization mechanism when roaming between WLAN APs, as each WLAN AP may need to know the key identifier used by the previous WLAN AP.
In some demonstrative embodiments, cellular manager 104, UE102, WT node 106 and/or WLAN AP119 may be configured to: implementations may be configured to enable one or more mechanisms, e.g., at least PMK refresh processing, which may be smoother (e.g., with reduced or even no packet loss), e.g., as described below.
In some demonstrative embodiments, cellular manager 104, UE102, WT node 106 and/or WLAN AP119 may be configured to: generating, transmitting, and/or using key information (e.g., of the PMK) is selectively deferred while the LWA session of the UE102 via the WLAN AP119 is active, e.g., as described below.
Some demonstrative embodiments may be implemented, for example, to enhance the LWA scheme, e.g., such that handover (e.g., LTE handover) may not require LWA disablement, which may in turn require WLAN reassociation, which may in turn result in packet loss and/or one or more other adverse effects, e.g., including at least an effect that may be significant to the user.
Some demonstrative embodiments may be implemented, e.g., to allow intra-eNB Handover (HO) and/or inter-eNB HO, e.g., while reducing and/or avoiding packet loss on the WLAN link of an active LWA session, e.g., as described below.
In some demonstrative embodiments, an LWA session may be established between an eNB (e.g., cellular manager 104) and a UE (e.g., UE 102) via a WLAN AP (e.g., WLAN AP 119). For example, a UE (e.g., UE 102) and a WLAN AP (e.g., WLAN AP119) may establish a secure WLAN connection based on a first version of the PMK ("old PMK" or "current PMK"), which may be facilitated by the eNB.
In some demonstrative embodiments, an eNB (e.g., cellular manager 104) may be configured to: for example, the WLAN AP (e.g., WLAN AP119) and the UE (e.g., UE 102) are kept unaware of the second version of the PMK ("new PMK") as long as the LWA session is active, e.g., as described below.
In some demonstrative embodiments, an eNB (e.g., cellular manager 104) may be configured to: the transmission of the differential key information (which may trigger a new PMK) to both the WLAN AP (e.g., WLAN AP119) and the UE (e.g., UE 102), e.g., as described below. Thus, the eNB may allow the UE and the WLAN AP to continue using the same transient key generated based on the old PMK, e.g., for encryption/decryption of traffic for the LWA session.
In some demonstrative embodiments, deferring the transmission of the key information to WLAN AP119 and UE102 may enable deferring the re-keying process for generating the new transient key. Thus, deferring the transmission of key information to the WLAN AP119 and the UE102 may enable, for example, even if the eNB 104 is to generate new key information (e.g., a new K)eNB) The LWA session is also kept active.
In one example, new key information may be generated while the UE remains connected to the same WLAN AP119, e.g., at intra-eNB HO for a co-sited LWA use case (where the eNB 104 and WLAN AP119 are co-sited or integrated in the same device). In another example, the new key information may be generated at an inter-eNB HO between two enbs connected to the same WLAN AP 119.
In some demonstrative embodiments, cellular node 104, WT node 106, WLAN AP119 and/or UE102 may be configured to: generation, modification, and/or updating of one or more security keys (e.g., one or more transient keys) is deferred so that communications over the WLAN link between WLAN AP119 and UE102 are secure, e.g., when an LWA session of UE102 via WLAN AP119 is active, e.g., as described below.
In some demonstrative embodiments, cellular node 104, WLAN AP119, WT node 106, and/or UE102 may be configured such that the one or more security keys may not be generated, modified, and/or updated, e.g., even for as long as during the lifetime of the LWA session, e.g., as described below.
In some demonstrative embodiments, cellular node 104, WLAN AP119, WT node 106 and/or UE102 may be configured to: such as even during inter-NB or intra-eNB handover of the UE102 and/or even in response to generating a new KeNBMay be different from the K used to generate the PMK on which the UE102 and WLAN AP119 generate the security key (e.g., TK) are basedeNBVersion of (d) alsoOne or more security keys (e.g., TK) cannot be generated, modified and/or updated.
In some demonstrative embodiments, an eNB (e.g., cellular manager 104) may be configured to: for example, while an LWA session of the UE via the WLAN AP is active, selectively deferring transmission of the updated version of the key information to the UE and the WLAN AP, e.g., as described below. According to these embodiments, the updated version of the key information may not be known, e.g., by the WLAN AP and/or the UE, as long as the updated version of the key information is not communicated from the eNB, for example. Thus, the UE and the WLAN AP may continue to use the same security key (e.g., transient key) to secure traffic communications between the UE and the WLAN AP, e.g., without triggering a re-association process and/or a re-keying process.
In some demonstrative embodiments, for example, when UE102 is handed over from eNodeB #1 to eNodeB #2, WLAN AP119 and UE102 may be allowed to continue using the K provided based on eNodeB #1 during the initial 4-way handshake process, e.g., while UE102 remains connected to the same WLAN AP119eNBThe same TK generated from PMK.
In some demonstrative embodiments, cellular node 104, WT node 106, UE102 and/or WLAN AP119 may be configured to: for example, the WLAN AP119 and the UE102 are enabled and/or allowed to use K only during an initial 4-way handshake process for generating transient keys for the LWA sessioneNBAnd PMK.
In some demonstrative embodiments, cellular node 104, UE102, WT node 106 and/or WLAN AP119 may be configured to: allowing, for example, for transient keys for LWA sessions to not be regenerated, modified, and/or updated even as long as the LWA session is active.
In some demonstrative embodiments, cellular node 104, UE102, WT node 106 and/or WLAN AP119 may be configured to: for example, allowing the WLAN AP119 and the UE102 to be agnostic to any PMK modifications even if the eNB has changed, e.g., due to intra-eNB handover.
In some demonstrative embodiments, an eNB (e.g., cellular manager 104) may be configured to: for example, as long as there are active LWA sessions for UE102 via WLAN AP119, choose not to generate a new PMK for UE 102.
In some demonstrative embodiments, the eNB (e.g., cellular manager 104) may be configured to: even if a new PMK is generated for UE102, for example, as long as the LWA session of UE102 via WLAN AP119 is active, it is selected to defer updating WLAN AP119 and/or UE102 with respect to the new PMK.
In some demonstrative embodiments, an eNB (e.g., cellular manager 104) may be configured to: for example, the WLAN AP119 and/or UE102 are updated with respect to the new PMK only before or during the LWA session establishment.
In some demonstrative embodiments, cellular manager 104 may be configured to: for example, updating the WLAN AP119 and/or the UE102 with respect to the new PMK is selectively deferred upon an intra-eNB handover when the UE102 remains connected to the same WLAN AP119 (e.g., under an eNB-WLAN AP integrated co-sited implementation), e.g., as described above.
In some demonstrative embodiments, controller component 182 may be configured to: controls the selective transmission of the first key information from cellular node 104 to UE102 and the second key information from cellular node 104 to WLAN AP 119.
In some demonstrative embodiments, the second key information may be based on the first key information, e.g., as described above.
In one example, the first key information may include, for example, a WT counter corresponding to WT node 106, and the second key information may be based on the WT counter and an eNB key of cellular node 104. For example, the second key information may include a PMK based on the eNB key and the WT counter, e.g., as described above.
In some demonstrative embodiments, controller component 182 may be configured to: for example, when an active LWA session of the UE102 is ongoing via the WLAN AP119, the transmission of the first key information to the UE102 and the second key information to the WLAN AP119 is selected to be deferred, e.g., as described above.
In some demonstrative embodiments, controller component 182 may be configured to: when the first key information and the second key information are based on an eNB key generated by the eNB 104 after the LWA session establishment of the UE102 via the WLAN AP119, the selection is to defer the transmission of the first key information to the UE102 and the second key information to the WLAN AP119, e.g., as described above.
In some demonstrative embodiments, controller component 182 may be configured to: prior to the LWA session establishment, the eNB 104 is caused to transmit a first version of the first key information to the UE102 and a first version of the second key information to the WLAN AP119, e.g., as described above.
In some demonstrative embodiments, controller component 182 may be configured to: for example, the transmission of the second version of the first key information in place of the first version of the first key information to the UE102 and the transmission of the second version of the second key information in place of the first version of the second key information to the WLAN AP119 are deferred, at least as long as the LWA session is active, e.g., as described above.
In some demonstrative embodiments, the LWA session may include a session handed over from another eNB to eNB 104, e.g., according to an intra-eNB handover, e.g., as described above. For example, the controller component 182 may be configured to: for example, after handover of the UE102 from another eNB to the eNB 104, when the first key information and the second key information are to be determined based on the eNB key of the eNB 104, transmission of the first key information to the UE102 and the second key information to the WLAN AP119 is deferred.
In some demonstrative embodiments, controller component 182 may be configured to: for example, the transmission of the first key information to the UE102 and/or the transmission of the second key information to the WLAN AP119 is deferred, at least as long as the LWA session is active, e.g., as described above. In other embodiments, the controller component 182 may be configured to: deferring transmission of the first key information to the UE102 and/or the second key information to the WLAN AP119 for any other shorter or longer duration.
Referring to fig. 2, fig. 2 schematically illustrates operations and communications between a UE 204, a first eNB203 (eNodeB #1), a second eNB233 (eNodeB #2) and a WLAN AP219, according to some demonstrative embodiments.
In some demonstrative embodiments, eNB203 may include an LTE component 202, which may be configured to: communicate with a WT node 206 (e.g., a router) via an interface 210 (e.g., an Xw interface); and/or eNB233 may include LTE component 232, which may be configured to: communicate with WT node 206 via interface 240 (e.g., an Xw interface).
In some demonstrative embodiments, WT node 206 may be configured to: controls and/or communicates with one or more WLAN APs (e.g., WLAN AP 219).
In one example, LTE component 202 may perform one or more roles and/or functions of first cellular manager 104 (fig. 1), LTE component 232 may perform one or more roles and/or functions of second cellular manager 104 (fig. 1), WT node 206 may perform one or more roles and/or functions of WT node 106 (fig. 1), WLAN AP219 may perform one or more roles and/or functions of WLAN AP119 (fig. 1), and/or interfaces 210 and/or 240 may perform one or more functions of interface 199 (fig. 1).
In some demonstrative embodiments, LTE component 202 may be configured to: communicate with the UE 204 via a cellular link 212. For example, UE 204 may perform one or more functions of UE102 (fig. 1).
In some demonstrative embodiments, eNB203 may trigger UE 204 to set the PMK at UE 204, e.g., via a secure LTE connection over link 212, e.g., based on eNB key (KeNB #1) of eNB203, e.g., as indicated by arrow 262, e.g., as described above.
In some demonstrative embodiments, eNB203 may trigger setting of the same PMK at WLAN AP219 as set at UE 204, e.g., by providing the PMK to WLAN AP219 via secure Xw interface 210, e.g., as indicated by arrow 264.
In some demonstrative embodiments, once the PMK is established at WLAN AP219, WLAN AP219 may initiate a 4-way handshake with UE 204, e.g., to generate one or more transient keys shared between WLAN AP219 and UE 204, e.g., as described above, as indicated at block 266.
In some demonstrative embodiments, WLAN AP219 and UE 204 may begin using the transient key to secure traffic communicated between UE 204 and WLAN AP219, e.g., over WiFi link 239. For example, the WLAN AP219 and the UE 204 use the transient key for ciphering and/or deciphering (e.g., IEEE802.11 ciphering/deciphering) of packets (e.g., PDCP packets) of the LWA session between the eNB203 and the UE 204, e.g., as described above.
In some demonstrative embodiments, eNB203 may select to refresh KeNB # 1. However, the eNB203 may choose not to generate a new PMK, for example, because there is a session of the UE 204 that is ongoing via the WLAN AP 219. Thus, the WLAN AP219 and UE 204 may not need to be updated with changes to the KeNB.
In some demonstrative embodiments, UE 204 may be handed over from eNB203 to eNB233, e.g., according to an eNB HO process, to enable eNB233 to replace eNB203 with respect to UE 204, as indicated by arrow 268.
In some demonstrative embodiments, eNB233 may be informed, as part of the HO process, of: there is already an ongoing LWA session with the UE 204. Thus, while the eNB233 may use a different or new KeNB (KeNB #2), e.g., instead of KeNB #1 of eNB203, the eNB233 may choose not to generate a new PMK for the UE 204. Thus, the WLAN AP219 and UE 204 may not need to be updated with changes to the KeNB.
Referring back to fig. 1, in some demonstrative embodiments, cellular node 104 may be configured to perform the selection as to whether to trigger an update of the security key between UE102 and WLAN AP119, e.g., as described above.
In some demonstrative embodiments, when an eNB (e.g., cellular manager 104) generates a new eNB key and/or PMK and there is already an established LWA WiFi session for UE102 via WLAN AP119, the eNB may choose not to update WLAN AP119 and/or UE102 with the new PMK and/or eNB key, e.g., as described above.
In some demonstrative embodiments, UE102, WT node 106 and/or WLAN AP119 may be configured to, for example, even if the eNB generates new key information (e.g., a new eNB key and/or PMK) and conveys the new information to UE102, WT node 106 and/or WLAN AP 119: for example, as long as there are active LWA WiFi sessions between the WLAN AP119 and the UE102, it is chosen not to use new information, e.g., as described above. In one example, the new information should be used only when the active LWA WiFi session is terminated and a new active LWA WiFi session is established, for example.
In some demonstrative embodiments, UE102 may be configured to: for example, even if a new version of the first security information is received at the UE102 from the cellular node 104, the choice is made whether to defer updating of the security keys between the UE102 and the WLAN AP119, e.g., as described above.
In some demonstrative embodiments, controller component 197 may be configured to: the security key is determined based on a first version of the key information from the eNB (e.g., cellular mode 104) to determine one or more shared keys for securing communications with the WLAN AP119 during the LWA session via the WLAN AP 119.
For example, the security key may comprise a PMK and the first version of the key information may comprise a first version of an eNB key from the cellular node 104, e.g., as described above.
For example, the controller component 197 may be configured to: for example, one or more shared keys comprising one or more TKs are determined from a four-way handshake with WLAN AP119 using the PMK, e.g., as described above.
In some demonstrative embodiments, controller component 197 may be configured to: for example, even when a second version of key information is received from the cellular network during the LWA session via the WLAN AP119 instead of the first version of key information, it is selected to continue to use the shared key based on the first version of key information.
In some demonstrative embodiments, the first and second versions of the key information may be received from the same eNB.
For example, UE102 may receive a first version of the eNB key of cellular node 104 from cellular node 104, e.g., before or during LWA session establishment, and UE102 may receive a second version of the eNB key of cellular node 104 from cellular node 104, e.g., while the LWA session via WLAN AP119 is still active, e.g., as described above.
In some demonstrative embodiments, first and second versions of key information may be received from a first eNB and a second eNB, respectively.
For example, the UE102 may receive a first version of the eNB key of the first eNB 104 from the first cellular node 104, e.g., before or during an LWA session establishment, and the UE102 may receive a second version of the eNB key of the second eNB 104 from the second eNB 104, e.g., after a session handover of the LWA session to the second eNB 104.
In some demonstrative embodiments, controller component 197 may be configured to: for example, the shared key based on the first version of the key information is selected to continue to be used, at least as long as the LWA session is active, e.g., as described above.
In some demonstrative embodiments, the WLAN AP may be configured to: for example, even if a new version of the second security information is received at the UE102 from the cellular node 104, the choice is made whether to defer updating of the security key between the WLAN AP119 and the WLAN AP119, e.g., as described above.
In some demonstrative embodiments, controller assembly 123 may be configured to: the one or more shared keys are determined based on a first version of a security key from an eNB (e.g., cellular manager 104) to secure communications during an LWA session of UE102 via WLAN AP119, e.g., as described above.
For example, the controller component 123 may be configured to: one or more shared keys, e.g., including one or more transient keys, are determined based on a first version of a security key, which may include a first version of a PMK that may be based on an eNB key and a WT counter, e.g., as described above.
For example, the controller component 123 may be configured to: for example, one or more shared keys, e.g., including one or more transient keys, are determined based on a four-way handshake using the PMK, e.g., as described above.
In some demonstrative embodiments, controller assembly 123 may be configured to: for example, even when a second version of the security key is received during the LWA session of the UE102 in place of the first version of the security key, it is selected to continue to use the shared key based on the first version of the security key, e.g., as described above.
In some demonstrative embodiments, controller assembly 123 may be configured to: for example, the shared key based on the first version of the security key is selected to continue to be used even at least as long as the LWA session is active, e.g., as described above.
In some demonstrative embodiments, WT node 106 may be configured to: for example, even if a new version of the second security information is received at WT node 106 from cellular node 104, the choice is whether to defer triggering WLAN AP119 to update the security key between UE102 and WLAN AP119, e.g., as described above.
In some demonstrative embodiments, interface 199 may receive a security key corresponding to UE102 from cellular manager 104. For example, the security key may include a PMK that may be based, for example, on a WT counter of WT node 106 and an eNB key of cellular manager 104, e.g., as described above.
In some demonstrative embodiments, controller component 149 may be configured to: controls the selective transmission of security keys to the WLAN AP119, e.g., as described above.
In some demonstrative embodiments, controller component 149 may be configured to: for example, when an active LWA session of the UE102 is ongoing via the WLAN AP119, it is selected to defer transmission of the security key to the WLAN AP 119.
In some demonstrative embodiments, controller component 149 may be configured to: for example, the security key is selected to be deferred from being transferred to the WLAN P119 at least as long as the LWA session is active.
In some demonstrative embodiments, controller component 149 may be configured to: for example, prior to or during LWA session establishment, WT node 106 is caused to transmit a first version of a security key (e.g., a first PMK) to WLAN AP119, e.g., as described above.
In some demonstrative embodiments, controller component 149 may be configured to: for example, the option is to defer transmission of a second version of the security key (e.g., a second PMK) to the WLAN AP119 that may replace the first version of the security key, at least as long as the LWA session is active.
For example, interface 192 may receive a first PMK corresponding to UE102, e.g., prior to or during LWA session establishment for UE102 via WLAN AP119, and controller component 149 may cause WT node 106 to transmit the first PMK to WLAN AP119, e.g., to allow WLAN AP119 to establish one or more TKs with UE102 based on the PMK, e.g., as described above.
For example, the interface 192 may receive the second PMK corresponding to the UE102, e.g., while the LWA session of the UE102 via the WLAN AP119 is active, e.g., as described above. According to this example, the controller component 149 may choose to defer transmission of the second PMK to the WLAN AP119, e.g., to allow the WLAN AP119 to continue using the same TK based on the first PMK for the LWA session, e.g., as described above, for example, as long as the LWA session is active.
In some demonstrative embodiments, cellular manager 104, WLAN AP119 and/or UE102 may be configured to: implementing a suspend/resume mechanism that may be configured to: for example, during the process of updating the transient key between WLAN AP119 and UE102, communications of traffic between WLAN AP119 and UE102 may be controllably suspended and/or resumed, e.g., as described above.
In some demonstrative embodiments, the suspend/resume mechanism may be configured to: for example, handover (e.g., inter-eNB handover or intra-eNB handover) is enabled while reducing or even avoiding packet loss, e.g., as described below.
In some demonstrative embodiments, the suspend/resume mechanism may be configured for implementation with respect to intra-eNB and/or inter-eNB handovers, e.g., in co-sited LWA scenarios and/or non co-sited LWA scenarios.
In some demonstrative embodiments, WLAN AP119 and/or UE102 may be able to store traffic to be transmitted ("Uplink (UL) data") when performing a PMK update, e.g., until a new transient key is generated based on the new PMK, e.g., as described below.
In some exemplary embodiments, as described above, for example, when generating is based on a new KeNBThe WLAN AP may be required to start a new re-keying process between the WLAN AP and the UE when the PMK is new. This re-keying process can potentially result in packet loss.
In some demonstrative embodiments, WLAN AP119 and/or UE102 may be configured to: for example, during the re-keying process (e.g., during a 4-way handshake following a PMK update), their data transmissions in both uplink and downlink are selectively "suspended". For example, the WLAN AP119 and/or the UE102 may be configured to: for example, after a new transient key is generated and available at the WLAN AP119 and the UE102, data transmission resumes, e.g., as described below.
In some demonstrative embodiments, an eNB (e.g., cellular node 104) may be configured to: for example, when a new LWA WiFi session is established with UE102 via WLAN AP119, WLAN AP119 and/or the UE are updated with respect to the PMK to be used by WLAN AP119 and UE102 ("current PMK"), e.g., as described above. The current PMK may be based, for example, on a current (e.g., most recent) KeNB
In some demonstrative embodiments, the eNB may be configured to: WLAN AP119 and UE102 are updated with respect to the PMK (e.g., the current PMK or a new PMK that is to replace the current PMK). For example, the controller component 182 may be configured to: for example, cellular manager 104 is caused to first update UE102 with respect to the PMK before updating WLAN AP119 with respect to the PMK. This may allow, for example, the WLAN AP119 to have the PMK already installed on the UE102 when it is to begin a 4-way handshake process with the UE102 based on the PMK.
In some demonstrative embodiments, once a party of the WLAN connection between WLAN AP119 and UE102 recognizes that the 4-way handshake process has begun, that party should cease all UL operations, e.g., by ceasing any transmission of data packets to the other party, and should resume UL operations to the other party, e.g., only after the 4-way handshake process is completed and a new transient key is established, e.g., as described below.
In some demonstrative embodiments, until one party (e.g., each party (either WLAN AP or UE)) identifies that the other party has initiated/accepted the 4-way handshake process, the party should continue all Downlink (DL) operations based on the "old" transient key (which is based on the current PMK), e.g., by accepting encrypted data of data packets from the other party and decrypting the received packets using the "old" key, e.g., as described below.
In some demonstrative embodiments, e.g., only after one party (e.g., each party (either WLAN AP or UE)) recognizes that the other party has initiated/accepted the 4-way handshake process, the party should stop all DL operations, e.g., by choosing to stop accepting data packets from the other party and stop using the "old" key, e.g., as described below.
In some demonstrative embodiments, both parties (e.g., the UE and the WLAN AP) may be allowed to resume UL & DL operations, e.g., using the "new" transient key, e.g., only after the 4-way handshake process is fully completed and the new transient key is established, e.g., as described below.
In some demonstrative embodiments, the eNB (e.g., cellular node 104) may generate the new PMK from the new KeNB, e.g., due to an intra-eNB or inter-eNB Handover (HO), and for any other reason, e.g., as described above.
In some demonstrative embodiments, the eNB (e.g., cellular node 104) may send a new WT counter to UE102, which may trigger UE102 to generate a new PMK, e.g., as described above.
In some demonstrative embodiments, UE102 may be configured to: waiting for the WLAN AP119 to start a 4-way handshake process, e.g., based on the new PMK, e.g., as described above.
In some demonstrative embodiments, UE102 may be configured to: for example, UL transmissions to WLAN AP119 continue to be processed and DL traffic received from WLAN AP119 is processed while using one or more "old" or "current" transient keys, e.g., based on the current PMK, with respect to encryption and/or decryption.
In some demonstrative embodiments, the eNB (e.g., cellular manager 104) may send the new PMK to WLAN AP119 internally or using an Xw interface (e.g., interface 199) (e.g., via WT node 106) (e.g., updating Xw-AP procedures according to the enhanced eNB configuration).
In some demonstrative embodiments, WLAN AP119 may receive the new PMK and may initiate a 4-way handshake process with UE102, e.g., based on the new PMK.
In some demonstrative embodiments, WLAN AP119 may be configured to: for example, all UL operations not related to the 4-way handshake are suspended or stopped by stopping sending data packets towards the UE 102. For example, WLAN AP119 may store some or all of the information for the pending UL transmission, e.g., at least until the 4-way handshake process is completed.
In some demonstrative embodiments, WLAN AP119 may choose to continue DL operation, e.g., to decrypt data packets received from UE102, e.g., while decrypting using the "old" or "current" transient key, e.g., to prevent the loss of packets from UE102 that are already "on the air".
In some demonstrative embodiments, UE102 may receive the first message of the 4-way handshake process from WLAN AP119 and may, for example, immediately stop or suspend all UL and DL operations, e.g., related to the 4-way handshake. For example, during the phase of receipt of the first message of the 4-way handshake, there may be no new data packet expected from the WLAN AP 119.
In some demonstrative embodiments, WLAN AP119 may receive the second message of the 4-way handshake process from UE102 and may, for example, immediately stop or suspend all DL operations, e.g., not related to the 4-way handshake. For example, during the phase of receipt of the second message of the 4-way handshake, there may be no new data packet expected from the UE102 and, therefore, no decryption operation may need to be performed.
In some demonstrative embodiments, WLAN AP119 and UE102 may be allowed to resume UL and DL operations, e.g., to transfer data between WLAN AP119 and UE102, e.g., once the 4-way handshake process is successfully completed and both parties share the same set of new or recent transient keys, e.g., based on the new PMK.
In some demonstrative embodiments, controller assembly 123 may be configured to: a first version of one or more shared keys (e.g., TK) is determined based on a first version of a security key (e.g., a first PMK) to secure communications during an LWA session of the UE102 via the WLAN AP119, e.g., as described above.
In some demonstrative embodiments, controller assembly 123 may be configured to: a four-way handshake with the UE102 is initiated based on the second version of the security key (e.g., based on the second PMK), as described above.
In some demonstrative embodiments, controller assembly 123 may be configured to: causing the WLAN AP119 to send the first message of the four-way handshake to the UE102 and suspend transmission of traffic of the LWA session to the UE102, e.g., as described above.
In some demonstrative embodiments, controller assembly 123 may be configured to: causing the WLAN AP119 to continue processing traffic from the LWA session of the UE102, e.g., based on the first version of the shared key, e.g., as described above.
In some demonstrative embodiments, controller assembly 123 may be configured to: for example, upon receiving the second message of the four-way handshake from UE102, WLAN AP119 is caused to suspend processing traffic for the LWA session from UE102, e.g., as described above.
In some demonstrative embodiments, controller assembly 123 may be configured to: upon completion of the four-way handshake with the UE102, e.g., based on the second version of the shared key, which may be generated based on the second version of the security key, the WLAN AP119 is caused to resume traffic conveying the LWA session with the UE102, as described above.
In some demonstrative embodiments, controller component 197 may be configured to: determining a security key (e.g., PMK) based on a first version of key information (e.g., a first version of an eNB key from an eNB); and determining one or more shared keys (e.g., one or more TKs) based on the security key to secure communications with WLAN AP119 during the LWA session via WLAN AP119, e.g., as described above.
In some demonstrative embodiments, controller component 197 may be configured to: a new security key (e.g., a new PMK) is determined based on a second version of the key information (e.g., a second version of the eNB key), e.g., as described above.
In some demonstrative embodiments, controller component 197 may be configured to: the choice is to continue using the shared key based on the first version of the key information (e.g., based on the first eNB key), e.g., until a first message based on a four-way handshake of the new security key with the WLAN AP119 is received, e.g., as described above.
In some demonstrative embodiments, controller component 197 may be configured to: causing the UE102 to suspend delivering traffic for the LWA session upon receiving the first message and resume delivering traffic for the LWA session, e.g., upon completion of a four-way handshake with the WLAN AP119 based on the new security key (e.g., the new PMK), as described above.
Referring to fig. 3, fig. 3 schematically illustrates elements of a UE device 300 according to some demonstrative embodiments. For example, one or more elements of UE device 300 may perform the functions of one or more elements of UE102 (fig. 1). In one example, one or more elements of UE device 300 may be configured to: perform one or more operations and/or functions of one or more of the cellular TRx 165 (fig. 1), the WLAN TRx163 (fig. 1), the controller 197 (fig. 1), the message processor 198 (fig. 1), and/or one or more other elements of the UE102 (fig. 1). In some demonstrative embodiments, embodiments of the UE may be implemented as a system using any suitably configured hardware and/or software. Fig. 3 illustrates example components of a UE device 300 for one embodiment.
In some demonstrative embodiments, UE device 300 may include application circuitry 302, baseband circuitry 304, radio-frequency (RF) circuitry 306, front-end module (FEM) circuitry 308, and one or more antennas 310, coupled together at least as shown.
In one example, the application circuitry 302 may be configured to: perform at least a portion of the functionality of controller 197 (FIG. 1) and/or message processor 198 (FIG. 1); and/or baseband circuitry 304, RF circuitry 306, and/or FEM circuitry 308 may be configured to: performs at least a portion of the functions of cellular TRx 165 (fig. 1), WLAN TRx163 (fig. 1), controller 197 (fig. 1), and/or message processor 198 (fig. 1).
In some demonstrative embodiments, application circuitry 302 may include one or more application processors. For example, the application circuitry 302 may include circuitry such as, but not limited to, one or more single-core or multi-core processors. The processor may include any combination of general-purpose processors and special-purpose processors (e.g., graphics processors, application processors, etc.). The processor may be coupled to and/or may include memory/storage and may be configured to: the instructions stored in the memory/storage are executed to enable various applications and/or operating systems to run on the system.
In some demonstrative embodiments, baseband circuitry 304 may include circuitry, e.g., but not limited to, one or more single-core or multi-core processors. Baseband circuitry 304 may include one or more baseband processors and/or control logic to process baseband signals received from the receive signal path of RF circuitry 306 and to generate baseband signals for the transmit signal path of RF circuitry 306. Baseband processing circuitry 304 may interface with application circuitry 302, e.g., to generate and process baseband signals and control operation of RF circuitry 306. For example, in some embodiments, the baseband circuitry 304 may include a second generation (2G) baseband processor 304a, a third generation (3G) baseband processor 304b, a fourth generation (4G) baseband processor 304c, and/or other baseband processors 304d for other existing generations, generations in development or to be developed in the future (e.g., fifth generation (5G), 6G, etc.). Baseband circuitry 304 (e.g., one or more of baseband processors 304 a-d) may process various radio control functions that enable communication with one or more radio networks via RF circuitry 306. The radio control functions may include, but are not limited to, signal modulation/demodulation, encoding/decoding, radio frequency shifting, and the like. In some embodiments, the modulation/demodulation circuitry of baseband circuitry 304 may include Fast Fourier Transform (FFT), precoding, and/or constellation mapping/demapping functionality. In some embodiments, the encoding/decoding circuitry of baseband circuitry 304 may include convolution, tail-biting convolution, turbo, viterbi, and/or Low Density Parity Check (LDPC) encoder/decoder functionality. Embodiments of modulation/demodulation and encoder/decoder functions are not limited to these examples, and other suitable functions may be included in other embodiments.
In some demonstrative embodiments, baseband circuitry 304 may include elements of a protocol stack, e.g., elements of an Evolved Universal Terrestrial Radio Access Network (EUTRAN) protocol, including, e.g., a Physical (PHY) element, a Medium Access Control (MAC) element, a Radio Link Control (RLC) element, a Packet Data Convergence Protocol (PDCP) element, and/or a Radio Resource Control (RRC) element. The Central Processing Unit (CPU)304e of the baseband circuitry 304 may be configured to: for example, elements of the protocol stack are run for signaling of the PHY, MAC, RLC, PDCP, and/or RRC layers. In some embodiments, the baseband circuitry may include one or more audio Digital Signal Processors (DSPs) 304 f. The audio DSP 304f may alternatively include elements for compression/decompression and echo cancellation, and/or may include other suitable processing elements in other embodiments. In some embodiments, the components of baseband circuitry 304 may be suitably combined in a single chip, a single chipset, or disposed on the same circuit board. In some embodiments, some or all of the constituent components of the baseband circuitry 304 and the application circuitry 302 may be implemented together, for example, on a system on a chip (SOC).
In some demonstrative embodiments, baseband circuitry 304 may provide communication compatible with one or more radio technologies. For example, in some embodiments, baseband circuitry 304 may support communication with an Evolved Universal Terrestrial Radio Access Network (EUTRAN) and/or other Wireless Metropolitan Area Networks (WMANs), Wireless Local Area Networks (WLANs), Wireless Personal Area Networks (WPANs), and/or one or more additional or alternative networks. Embodiments in which baseband circuitry 304 is configured to support radio communications of more than one wireless protocol may be referred to as multi-mode baseband circuitry.
In some demonstrative embodiments, RF circuitry 306 may enable communication with a wireless network using modulated electromagnetic radiation over a non-solid medium. In various embodiments, the RF circuitry 306 may include switches, filters, amplifiers, and the like to facilitate communication with the wireless network. RF circuitry 306 may include a receive signal path that may include circuitry to down-convert RF signals received from FEM circuitry 308 and provide baseband signals to baseband circuitry 304. RF circuitry 306 may also include a transmit signal path, which may include circuitry to up-convert baseband signals provided by baseband circuitry 304 and provide an RF output signal to FEM circuitry 308 for transmission.
In some demonstrative embodiments, RF circuitry 306 may include a receive signal path and a transmit signal path. The receive signal path of RF circuitry 306 may include mixer circuitry 306a, amplifier circuitry 306b, and filter circuitry 306 c. The transmit signal path of RF circuitry 306 may include filter circuitry 306c and mixer circuitry 306 a. RF circuitry 306 may further include synthesizer circuitry 306d for synthesizing the frequencies used by mixer circuitry 306a for the receive signal path and the transmit signal path. In some embodiments, the mixer circuit 306a of the receive signal path may be configured to: the RF signal received from FEM circuit 308 is downconverted based on the synthesized frequency provided by synthesizer circuit 306 d. Amplifier circuit 306b may be configured to: the downconverted signal is amplified, and the filter circuit 306c may be, for example, a Low Pass Filter (LPF) or a Band Pass Filter (BPF) configured to: unwanted signals are removed from the down-converted signal to generate an output baseband signal. The output baseband signal may be provided to baseband circuitry 304 for further processing. In some embodiments, the output baseband signal may be a zero frequency baseband signal, but this is not required. In some embodiments, mixer circuit 306a of the receive signal path may comprise a passive mixer, although the scope of the embodiments is not limited in this respect.
In some demonstrative embodiments, mixer circuit 306a of the transmit signal path may be configured to: the input baseband signal is upconverted based on the synthesized frequency provided by synthesizer circuit 306d to generate an RF output signal for FEM circuit 308. The baseband signal may be provided by baseband circuitry 304 and may be filtered by filter circuitry 306 c. Filter circuit 306c may include a Low Pass Filter (LPF), although the scope of the embodiments is not limited in this respect.
In some demonstrative embodiments, mixer circuitry 306a of the receive signal path and mixer circuitry 306a of the transmit signal path may include two or more mixers and may be arranged for quadrature down-conversion and/or up-conversion, respectively. In some embodiments, mixer circuit 306a of the receive signal path and mixer circuit 306a of the transmit signal path may include two or more mixers and may be arranged for image rejection (e.g., Hartley image rejection). In some embodiments, mixer circuit 306a and mixer circuit 306a of the receive signal path may be arranged for direct down-conversion and/or direct up-conversion, respectively. In some embodiments, mixer circuit 306a of the receive signal path and mixer circuit 306a of the transmit signal path may be configured for superheterodyne operation.
In some demonstrative embodiments, the output baseband signal and the input baseband signal may be analog baseband signals, although the scope of the embodiments is not limited in this respect. In some alternative embodiments, the output baseband signal and the input baseband signal may be digital baseband signals. In these alternative embodiments, RF circuitry 306 may include analog-to-digital converter (ADC) and digital-to-analog converter (DAC) circuitry, and baseband circuitry 304 may include a digital baseband interface to communicate with RF circuitry 306.
In some dual-mode embodiments, separate radio IC circuits may be provided for processing signals with respect to each spectrum, although the scope of the embodiments is not limited in this respect.
In some demonstrative embodiments, synthesizer circuit 306d may be a fractional-N synthesizer or a fractional-N/N +1 synthesizer, although the scope of the embodiments is not limited in this respect as other types of frequency synthesizers may be suitable. For example, the synthesizer circuit 306d may be a delta-sigma synthesizer, a frequency multiplier, or a synthesizer including a phase locked loop with a frequency divider.
In some demonstrative embodiments, synthesizer circuit 306d may be configured to: the output frequency used by mixer circuit 306a of RF circuit 306 is synthesized based on the frequency input and the divider control input. In some embodiments, the synthesizer circuit 306d may be a fractional N/N +1 synthesizer.
In some exemplary embodiments, the frequency input may be provided by a Voltage Controlled Oscillator (VCO), but this is not required. The divider control input may be provided by the baseband circuitry 304 or the application processor 302, depending on the desired output frequency. In some embodiments, the divider control input (e.g., N) may be determined from a look-up table based on the channel indicated by the application processor 302.
In some demonstrative embodiments, synthesizer circuit 306d of RF circuit 306 may include a divider, a delay-locked loop (DLL), a multiplexer, and a phase accumulator. In some embodiments, the divider may be a dual-mode divider (DMD) and the phase accumulator may be a Digital Phase Accumulator (DPA). In some embodiments, the DMD may be configured to: the input signal is divided by N or N +1 (e.g., based on a carry) to provide a fractional division ratio. In some example embodiments, a DLL may include a set of cascaded tunable delay elements, a phase detector, a charge pump, and a D-type flip-flop. In these embodiments, the delay elements may be configured to decompose the VCO period into Nd equal phase groups, where Nd is the number of delay elements in the delay line. In this way, the DLL provides negative feedback to help ensure that the total delay through the delay line is one VCO cycle.
In some demonstrative embodiments, synthesizer circuit 306d may be configured to: a carrier frequency is generated as the output frequency, while in other embodiments the output frequency may be a multiple of the carrier frequency (e.g., twice the carrier frequency, four times the carrier frequency) and used in conjunction with a quadrature generator and divider circuit to generate a plurality of signals at the carrier frequency having a plurality of different phases relative to each other. In some embodiments, the output frequency may be the LO frequency (fLO). In some embodiments, the RF circuitry 306 may include an IQ/polar converter.
In some demonstrative embodiments, FEM circuitry 308 may include a receive signal path, which may include circuitry configured to operate on RF signals received from one or more antennas 310, amplify the received signals, and provide an amplified version of the received signals to RF circuitry 306 for further processing. FEM circuitry 308 may further include a transmit signal path, which may include circuitry configured to amplify signals provided by RF circuitry 306 for transmission by one or more of the one or more antennas 310.
In some demonstrative embodiments, FEM circuitry 308 may include a TX/RX switch to switch between transmit mode and receive mode operation. The FEM circuitry may include a receive signal path and a transmit signal path. The receive signal path of the FEM circuitry may include a Low Noise Amplifier (LNA) to amplify the received RF signal and provide the amplified received RF signal as an output (e.g., to RF circuitry 306). The transmit signal path of the FEM circuitry 308 may include: a Power Amplifier (PA) to amplify an input RF signal (e.g., provided by RF circuitry 306); and one or more filters to generate RF signals for subsequent transmission by, for example, one or more of the one or more antennas 310.
In some embodiments, the UE device 300 may include one or more additional or alternative elements, such as memory/storage, a display, a camera, sensors, and/or an input/output (I/O) interface.
Referring to fig. 4, fig. 4 schematically illustrates a method of selectively updating key information for a secure WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments. In some embodiments, one or more operations of the method of fig. 4 may be performed by: a wireless communication system (e.g., system 100 (fig. 1)); a cellular manager (e.g., an eNB (e.g., cellular manager 104 (fig. 1), eNB203 (fig. 2), and/or eNB233 (fig. 2)); an interface (e.g., cellular TRx 167 (fig. 1) and/or WLAN node interface 169 (fig. 1)); a message processor (e.g., message processor 144 (FIG. 1)); and/or a controller (e.g., controller 182 (fig. 1)).
As indicated at block 402, the method may include: communicating with the WLAN AP at the eNB. For example, cellular manager 104 (fig. 1) may communicate with WLAN AP119 (fig. 1), e.g., directly or via WT node 106 (fig. 1), as described above.
As indicated at block 404, the method may include: communicating with the UE via a cellular interface. For example, cellular manager 104 (fig. 1) may communicate with UE102 (fig. 1), e.g., as described above.
As indicated at block 406, the method may include: when the LWA session of the UE is ongoing via the WLAN AP, an option is selected to defer the transmission of the first key information from the eNB to the UE and the second key information from the eNB to the WLAN AP. For example, when the LWA session of UE102 (fig. 1) is ongoing via WLAN AP119 (fig. 1), controller component 182 (fig. 1) may choose to defer transmission of the first key information from cellular manager 104 (fig. 1) to UE102 (fig. 1) and the second key information from cellular manager 104 (fig. 1) to WLAN AP119 (fig. 1), e.g., as described above.
Referring to fig. 5, fig. 5 schematically illustrates a method of selectively updating key information for a secure WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments. In some embodiments, one or more operations of the method of fig. 5 may be performed by: a wireless communication system (e.g., system 100 (fig. 1)); a UE (e.g., UE102 (fig. 1), UE 204 (fig. 2), and/or UE 300 (fig. 3)); an interface (e.g., cellular TRx 165 (fig. 1) and/or WLAN TRx163 (fig. 1)); a message processor (e.g., message processor 198 (FIG. 1)); and/or a controller (e.g., controller 197 (fig. 1)).
As indicated at block 502, the method may include: a security key is determined based on a first version of key information from an eNB of a cellular network. For example, the controller component 197 (fig. 1) may determine the security key based on a first version of the key information from the cellular manager 104 (fig. 1) of the cellular network, e.g., as described above.
As indicated at block 504, the method may include: based on the security key, one or more shared keys for securing communications with the WLAN AP during the LWA session via the WLAN AP are determined. For example, the controller component 197 (fig. 1) may determine one or more shared keys (e.g., one or more TKs) to secure communications during the LWA session via the WLAN AP119 (fig. 1), e.g., as described above.
As indicated at block 506, the method may include: for example, even when a second version of key information is received from the cellular network during the LWA session in place of the first version of key information, it is selected to continue to use the shared key based on the first version of key information. For example, the controller component 197 (fig. 1) may elect to continue to use the shared key based on the first version of the key information, e.g., as described above, even when a second version of the key information is received from the cellular network during the LWA session in place of the first version of the key information.
Referring to fig. 6, fig. 6 schematically illustrates a method of selectively updating key information for a secure WLAN connection between a UE and a WLAN AP, in accordance with some demonstrative embodiments. In some embodiments, one or more operations of the method of fig. 6 may be performed by: a wireless communication system (e.g., system 100 (fig. 1)); a WLAN AP (e.g., WLAN AP119 (FIG. 1) and/or WLAN AP219 (FIG. 2)); interfaces (e.g., network interface 121 and/or WLAN TRx122 (fig. 1)); a message processor (e.g., message processor 125 (FIG. 1)); and/or a controller (e.g., controller 123 (fig. 1)).
As indicated at block 602, the method may include: one or more shared keys for securing communications during the LWA session for the UE via the WLAN AP are determined based on the first version of the security key from the eNB. For example, the controller component 123 (fig. 1) may determine, e.g., based on the first PMK, one or more shared keys (e.g., TK) for securing communications with the UE102 (fig. 1) during the LWA session, e.g., as described above.
As indicated at block 604, the method may include: for example, even when a second version of the security key is received during the LWA session in place of the first version of the security key, it is selected to continue to use the shared key based on the first version of the security key. For example, the controller component 123 (fig. 1) may choose to continue using the shared key based on the first version of the PMK, e.g., even when the second version of the PMK is received during the LWA session in place of the first version of the PMK, e.g., as described above.
Referring now to FIG. 7, FIG. 7 schematically illustrates an article of manufacture 700, according to some demonstrative embodiments. The article 700 may include one or more tangible computer-readable non-transitory storage media 702, the one or more tangible computer-readable non-transitory storage media 702 may include computer-executable instructions, e.g., implemented by the logic 704, that when executed by at least one computer processor, cause the at least one computer processor to implement one or more operations at: a cellular manager (e.g., an eNB (e.g., cellular manager 104 (fig. 1), eNB203 (fig. 2), and/or eNB233 (fig. 2)); one or more components of a UE (e.g., UE102 (fig. 1), UE 204 (fig. 2), and/or UE 300 (fig. 3)); one or more components of a WT node (e.g., WT node 106 (fig. 1)); one or more components of a WLAN AP (e.g., WLAN AP119 (fig. 1) and/or WLAN AP219 (fig. 2)); a controller (e.g., controller 182 (fig. 1), controller 197 (fig. 1), controller 123 (fig. 1), and/or controller 149 (fig. 1)) and/or a message processor (e.g., message processor 144 (fig. 1), message processor 198 (fig. 1), message processor 125 (fig. 1), and/or message processor 150 (fig. 1)); and/or perform, trigger, and/or implement one or more operations and/or functions described above with reference to fig. 2, 3, 4, 5, and/or 6 and/or one or more operations and/or functions described herein. The phrase "non-transitory machine readable medium" is intended to include all computer readable media, with the only exception being transitory propagating signals.
In some demonstrative embodiments, product 700 and/or machine-readable storage medium 702 may include one or more types of computer-readable storage media capable of storing data, including volatile memory, non-volatile memory, removable or non-removable memory, erasable or non-erasable memory, writeable or re-writeable memory, and the like. For example, machine-readable storage medium 702 may include RAM, DRAM, double data rate DRAM (DDR-DRAM), SDRAM, static RAM (sram), ROM, programmable ROM (prom), erasable programmable ROM (eprom), electrically erasable programmable ROM (eeprom), compact disk ROM (CD-ROM), compact disk recordable (CD-R), compact disk rewriteable (CD-RW), flash memory (e.g., NOR or NAND flash memory), Content Addressable Memory (CAM), polymer memory, phase change memory, ferroelectric memory, silicon-oxide-nitride-oxide-silicon (SONOS) memory, a disk, a floppy disk, a hard drive, an optical disk, a magnetic disk, a card, a magnetic card, an optical card, a tape, a cartridge, and so forth. A computer-readable storage medium may include any suitable medium relating to downloading or transferring a computer program from a remote computer to a requesting computer, the computer program being carried in a data signal embodied in a carrier wave or other transport medium via a communication link (e.g., a modem, radio, or network connection).
In some demonstrative embodiments, logic 704 may include instructions, data and/or code, which, if executed by a machine, may cause the machine to perform the methods, processes and/or operations described herein. The machine may include, for example, any suitable processing platform, computing device, processing device, computing system, processing system, computer, processor, or the like, and may be implemented using any suitable combination of hardware, software, firmware, or the like.
In some demonstrative embodiments, logic 704 may include, or may be implemented as, software, a software module, an application, a program, a subroutine, instructions, an instruction set, computing code, words, values, symbols, and the like. The instructions may include any suitable type of code, such as source code, compiled code, interpreted code, executable code, static code, dynamic code, and the like. The instructions may be implemented according to a predetermined computer language, manner or syntax, for instructing a processor to perform a certain function. The instructions may be implemented using any suitable high-level, low-level, object-oriented, Visual, compiled and/or interpreted programming language (e.g., C, C + +, Java, BASIC, Matlab, Pascal, Visual BASIC, assembly language, machine code, etc.).
Examples of the invention
The following examples pertain to other embodiments.
Example 1 includes an apparatus of an evolved node b (enb), comprising: a Wireless Local Area Network (WLAN) interface to communicate with a WLAN Access Point (AP); a cellular transceiver to communicate with a User Equipment (UE); and a controller assembly configured to: control selective transmission of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, the second key information based on the first key information, the controller component configured to: select to defer transmission of the first key information to the UE and the second key information to the WLAN AP when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP.
Example 2 includes the subject matter of example 1, and optionally, wherein the controller assembly is configured to: prior to establishing the LWA session, causing the eNB to transmit a first version of the first key information to the UE and a first version of the second key information to the WLAN AP, the controller component configured to: postponing transmitting a second version of the first key information to the UE and a second version of the second key information to the WLAN AP, the second versions of the first and second key information replacing the first versions of the first and second key information, at least as long as the LWA session is active.
Example 3 includes the subject matter of example 1, and optionally, wherein the LWA session comprises a session handed over from another eNB to the eNB.
Example 4 includes the subject matter of any of examples 1-3, and optionally, wherein the controller component is to: postponing transmitting the first key information to the UE and the second key information to the WLAN AP at least as long as the LWA session is active.
Example 5 includes the subject matter of any of examples 1-4, and optionally, wherein the first key information comprises a WLAN endpoint (WT) counter and the second key information is based on the WT counter and an eNB key of the eNB.
Example 6 includes the subject matter of example 5, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
Example 7 includes the subject matter of example 5 or 6, and optionally, wherein the eNB key comprises a key generated by the eNB after the LWA session establishment.
Example 8 includes the subject matter of any of examples 1-7, and optionally, one or more antennas, a memory, and a processor.
Example 9 includes an apparatus comprising: circuitry and logic configured to: triggering an evolved node B (eNB) to communicate with a Wireless Local Area Network (WLAN) Access Point (AP); communicate with a User Equipment (UE) via a cellular interface; and selecting to defer transmission of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, the second key information being based on the first key information, when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP.
Example 10 includes the subject matter of example 9, and optionally, wherein the apparatus is configured to: prior to establishing the LWA session, causing the eNB to transmit a first version of the first key information to the UE and a first version of the second key information to the WLAN AP; and postponing transmitting a second version of the first key information to the UE and a second version of the second key information to the WLAN AP at least as long as the LWA session is active, the second versions of the first and second key information replacing the first versions of the first and second key information.
Example 11 includes the subject matter of example 9, and optionally, wherein the LWA session comprises a session handed over from another eNB to the eNB.
Example 12 includes the subject matter of any one of examples 9-11, and optionally, wherein the apparatus is configured to: causing the eNB to defer transmission of the first key information to the UE and transmission of the second key information to the WLAN P at least as long as the LWA session is active.
Example 13 includes the subject matter of any of examples 9-12, and optionally, wherein the first key information comprises a WLAN endpoint (WT) counter and the second key information is based on the WT counter and an eNB key of the eNB.
Example 14 includes the subject matter of example 13, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
Example 15 includes the subject matter of example 13 or 14, and optionally, wherein the eNB key comprises a key generated by the eNB after the LWA session establishment.
Example 16 includes the subject matter of any of examples 9-15, and optionally, one or more antennas, a memory, and a processor.
Example 17 includes a system of cellular communication, comprising: an evolved node B (eNB), the eNB comprising: one or more antennas; a memory; a processor; a Wireless Local Area Network (WLAN) interface to communicate with a WLAN Access Point (AP); a cellular transceiver to communicate with a User Equipment (UE); and a controller assembly configured to: control selective transmission of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, the second key information based on the first key information, the controller component configured to: select to defer transmission of the first key information to the UE and the second key information to the WLAN AP when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP.
Example 18 includes the subject matter of example 17, and optionally, wherein the controller component is configured to: prior to establishing the LWA session, causing the eNB to transmit a first version of the first key information to the UE and a first version of the second key information to the WLAN AP, the controller component configured to: postponing transmitting a second version of the first key information to the UE and a second version of the second key information to the WLAN AP, the second versions of the first and second key information replacing the first versions of the first and second key information, at least as long as the LWA session is active.
Example 19 includes the subject matter of example 17, and optionally, wherein the LWA session comprises a session handed over from another eNB to the eNB.
Example 20 includes the subject matter of any one of examples 17-19, and optionally, wherein the controller component is to: deferring transmission of the first key information to the UE and the second key information to the WLAN AP at least as long as the LWA session is active.
Example 21 includes the subject matter of any of examples 17-20, and optionally, wherein the first key information comprises a WLAN endpoint (WT) counter and the second key information is based on the WT counter and an eNB key of the eNB.
Example 22 includes the subject matter of example 21, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
Example 23 includes the subject matter of example 21 or 22, and optionally, wherein the eNB key comprises a key generated by the eNB after the LWA session establishment.
Example 24 includes a method to be performed at an evolved node b (enb), the method comprising: communicating with a Wireless Local Area Network (WLAN) Access Point (AP); communicate with a User Equipment (UE) via a cellular interface; and selecting to defer transmission of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, the second key information being based on the first key information, when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP.
Example 25 includes the subject matter of example 24, and optionally, comprising: prior to establishing the LWA session, causing the eNB to transmit a first version of the first key information to the UE and a first version of the second key information to the WLAN AP; and postponing transmitting a second version of the first key information to the UE and a second version of the second key information to the WLAN AP at least as long as the LWA session is active, the second versions of the first and second key information replacing the first versions of the first and second key information.
Example 26 includes the subject matter of example 24, and optionally, wherein the LWA session comprises a session handed over from another eNB to the eNB.
Example 27 includes the subject matter of any one of examples 24-26, and optionally, comprising: deferring transmission of the first key information to the UE and the second key information to the WLAN AP at least as long as the LWA session is active.
Example 28 includes the subject matter of any of examples 24-27, and optionally, wherein the first key information comprises a WLAN endpoint (WT) counter and the second key information is based on the WT counter and an eNB key of the eNB.
Example 29 includes the subject matter of example 28, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
Example 30 includes the subject matter of example 28 or 29, and optionally, wherein the eNB key comprises a key generated by the eNB after the LWA session establishment.
Example 31 includes an article comprising one or more tangible computer-readable non-transitory storage media comprising computer-executable instructions operable to: when executed by at least one computer processor, enable the at least one computer processor to implement operations at an evolved node B (eNB), the operations comprising: communicating with a Wireless Local Area Network (WLAN) Access Point (AP); communicate with a User Equipment (UE) via a cellular interface; and selecting to defer transmission of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, the second key information being based on the first key information, when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP.
Example 32 includes the subject matter of example 31, and optionally, wherein the operations comprise: prior to establishing the LWA session, causing the eNB to transmit a first version of the first key information to the UE and a first version of the second key information to the WLAN AP; and postponing transmitting a second version of the first key information to the UE and a second version of the second key information to the WLAN AP at least as long as the LWA session is active, the second versions of the first and second key information replacing the first versions of the first and second key information.
Example 33 includes the subject matter of subject matter 31, and optionally, wherein the LWA session comprises a session handed over from another eNB to the eNB.
Example 34 includes the subject matter of any one of examples 31-33, and optionally, wherein the operations comprise: deferring transmission of the first key information to the UE and the second key information to the WLAN AP at least as long as the LWA session is active.
Example 35 includes the subject matter of any one of examples 31-34, and optionally, wherein the first key information comprises a WLAN endpoint (WT) counter and the second key information is based on the WT counter and an eNB key of the eNB.
Example 36 includes the subject matter of example 35, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
Example 37 includes the subject matter of example 35 or 36, and optionally, wherein the eNB key comprises a key generated by the eNB after the LWA session establishment.
Example 38 includes an apparatus of cellular communication by an evolved node b (enb), the apparatus comprising: means for communicating with a Wireless Local Area Network (WLAN) Access Point (AP); means for communicating with a User Equipment (UE) via a cellular interface; and means for selecting to defer transmission of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP, the second key information based on the first key information.
Example 39 includes the subject matter of example 38, and optionally, means for: prior to establishing the LWA session, causing the eNB to transmit a first version of the first key information to the UE and a first version of the second key information to the WLAN AP; and postponing transmitting a second version of the first key information to the UE and a second version of the second key information to the WLAN AP at least as long as the LWA session is active, the second versions of the first and second key information replacing the first versions of the first and second key information.
Example 40 includes the subject matter of subject matter 38, and optionally, wherein the LWA session comprises a session handed over from another eNB to the eNB.
Example 41 includes the subject matter of any one of examples 38-40, and optionally, means for: deferring transmission of the first key information to the UE and the second key information to the WLAN AP at least as long as the LWA session is active.
Example 42 includes the subject matter of any one of examples 38-41, and optionally, wherein the first key information comprises a WLAN endpoint (WT) counter and the second key information is based on the WT counter and an eNB key of the eNB.
Example 43 includes the subject matter of example 42, and optionally, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
Example 44 includes the subject matter of example 42 or 43, and optionally, wherein the eNB key comprises a key generated by the eNB after the LWA session establishment.
Example 45 includes an apparatus of a User Equipment (UE), the apparatus comprising: a cellular transceiver for communicating with a cellular network; a Wireless Local Area Network (WLAN) transceiver to communicate with a WLAN Access Point (AP); and a controller assembly configured to: determining a security key based on a first version of key information from an evolved node B (eNB); and determining, based on the security key, one or more shared keys for securing communications with the WLAN AP during a Long Term Evolution (LTE) WLAN aggregation (LWA) session via the WLAN AP, the controller configured to: when a second version of the key information is received from the cellular network during the LWA session in place of the first version of the key information, selecting to continue using a shared key based on the first version of the key information.
Example 46 includes the subject matter of example 45, and optionally, wherein the controller component is configured to: selecting to continue using a shared key based on the first version of the key information at least as long as the LWA session is active.
Example 47 includes the subject matter of example 45 or 46, wherein the controller component is configured to: determining a new security key based on the second version of the key information; the controller assembly is configured to: selecting to continue to use the shared key based on the first version of the key information until receiving a first message of a four-way handshake with the WLAN AP based on the new security key; the controller component is configured to cause the UE to: upon receiving the first message, suspending communication of traffic of the LWA session; and resuming communication of traffic of the LWA session upon completion of a four-way handshake with the WLAN AP based on the new security key.
Example 48 includes the subject matter of any one of examples 45-47, and optionally, wherein the second version of the key information is from the eNB.
Example 49 includes the subject matter of any one of examples 45-47, and optionally, wherein the second version of the key information is from another eNB after a session handover to the other eNB.
Example 50 includes the subject matter of any one of examples 45-49, and optionally, wherein the controller component is to determine the shared key according to a four-way handshake with the WLAN AP.
Example 51 includes the subject matter of any one of examples 45-50, and optionally, comprising one or more antennas, a memory, and a processor.
Example 52 includes an apparatus comprising: circuitry and logic configured to: triggering User Equipment (UE): determining a security key based on a first version of key information from an evolved node B (eNB) of a cellular network; determine one or more shared keys based on the security key to secure communications with a Wireless Local Area Network (WLAN) Access Point (AP) during a Long Term Evolution (LTE) WLAN aggregation (LWA) session via the WLAN AP; and selecting to continue to use a shared key based on the first version of the key information when a second version of the key information is received from the cellular network in place of the first version of the key information during the LWA session.
Example 53 includes the subject matter of example 52, and optionally, wherein the apparatus is configured to: selecting to continue using a shared key based on the first version of the key information at least as long as the LWA session is active.
Example 54 includes the subject matter of example 52 or 53, and optionally, wherein the apparatus is configured to cause the UE to: determining a new security key based on the second version of the key information; selecting to continue to use the shared key based on the first version of the key information until receiving a first message of a four-way handshake with the WLAN AP based on the new security key; upon receiving the first message, suspending communication of traffic of the LWA session; and resuming communication of traffic of the LWA session upon completion of a four-way handshake with the WLAN AP based on the new security key.
Example 55 includes the subject matter of any one of examples 52-54, and optionally, wherein the second version of the key information is from the eNB.
Example 56 includes the subject matter of any one of examples 52-54, and optionally, wherein the second version of the key information is from another eNB after a session handover to the other eNB.
Example 57 includes the subject matter of any one of examples 52-56, and optionally, wherein the apparatus is configured to cause the UE to: determining the shared key from a four-way handshake with the WLAN AP.
Example 58 includes the subject matter of any one of examples 52-57, and optionally, comprising one or more antennas, a memory, and a processor.
Example 59 includes a system of cellular communication, comprising: user Equipment (UE), the UE comprising: one or more antennas; a memory; a processor; a cellular transceiver for communicating with a cellular network; a Wireless Local Area Network (WLAN) transceiver to communicate with a WLAN Access Point (AP); and a controller assembly configured to: determining a security key based on a first version of key information from an evolved node B (eNB); and determining, based on the security key, one or more shared keys for securing communications with the WLAN AP during a Long Term Evolution (LTE) WLAN aggregation (LWA) session via the WLAN AP, the controller configured to: when a second version of the key information is received from the cellular network during the LWA session in place of the first version of the key information, selecting to continue using a shared key based on the first version of the key information.
Example 60 includes the subject matter of example 59, and optionally, wherein the controller assembly is configured to: selecting to continue using a shared key based on the first version of the key information at least as long as the LWA session is active.
Example 61 includes the subject matter of example 59 or 60, wherein the controller component is configured to: determining a new security key based on the second version of the key information; the controller assembly is configured to: selecting to continue to use the shared key based on the first version of the key information until receiving a first message of a four-way handshake with the WLAN AP based on the new security key; the controller component is configured to cause the UE to: upon receiving the first message, suspending communication of traffic of the LWA session; and resuming communication of traffic of the LWA session upon completion of the four-way handshake with the WLAN AP based on the new security key.
Example 62 includes the subject matter of any one of examples 59-61, and optionally, wherein the second version of the key information is from the eNB.
Example 63 includes the subject matter of any one of examples 59-61, and optionally, wherein the second version of the key information is from another eNB after a session handover to the other eNB.
Example 64 includes the subject matter of any one of examples 59-63, and optionally, wherein the controller component is to determine the shared key according to a four-way handshake with the WLAN AP.
Example 65 includes a method to be performed at a User Equipment (UE), the method comprising: determining a security key based on a first version of key information from an evolved node B (eNB) of a cellular network; determine one or more shared keys based on the security key to secure communications with a Wireless Local Area Network (WLAN) Access Point (AP) during a Long Term Evolution (LTE) WLAN aggregation (LWA) session via the WLAN AP; and selecting to continue to use a shared key based on the first version of the key information when a second version of the key information is received from the cellular network in place of the first version of the key information during the LWA session.
Example 66 includes the subject matter of example 65, and optionally, comprising: selecting to continue using a shared key based on the first version of the key information at least as long as the LWA session is active.
Example 67 includes the subject matter of example 65 or 66, and optionally, comprising: determining a new security key based on the second version of the key information; selecting to continue to use the shared key based on the first version of the key information until receiving a first message of a four-way handshake with the WLAN AP based on the new security key; upon receiving the first message, suspending communication of traffic of the LWA session; and resuming communication of traffic of the LWA session upon completion of the four-way handshake with the WLAN AP based on the new security key.
Example 68 includes the subject matter of any one of examples 65-67, and optionally, wherein the second version of the key information is from the eNB.
Example 69 includes the subject matter of any one of examples 65-67, and optionally, wherein the second version of the key information is from another eNB after a session handover to the other eNB.
Example 70 includes the subject matter of any one of examples 65-69, and optionally, comprising: determining the shared key from a four-way handshake with the WLAN AP.
Example 71 includes an article comprising one or more tangible computer-readable non-transitory storage media comprising computer-executable instructions operable to: when executed by at least one computer processor, enable the at least one computer processor to implement operations at a User Equipment (UE), the operations comprising: determining a security key based on a first version of key information from an evolved node B (eNB) of a cellular network; determine one or more shared keys based on the security key to secure communications with a Wireless Local Area Network (WLAN) Access Point (AP) during a Long Term Evolution (LTE) WLAN aggregation (LWA) session via the WLAN AP; and selecting to continue to use a shared key based on the first version of the key information when a second version of the key information is received from the cellular network in place of the first version of the key information during the LWA session.
Example 72 includes the subject matter of example 71, and optionally, wherein the operations comprise: selecting to continue using a shared key based on the first version of the key information at least as long as the LWA session is active.
Example 73 includes the subject matter of example 71 or 72, and optionally, wherein the operations comprise: determining a new security key based on the second version of the key information; selecting to continue to use the shared key based on the first version of the key information until receiving a first message of a four-way handshake with the WLAN AP based on the new security key; upon receiving the first message, suspending communication of traffic of the LWA session; and resuming communication of traffic of the LWA session upon completion of a four-way handshake with the WLAN AP based on the new security key.
Example 74 includes the subject matter of any one of examples 71-73, and optionally, wherein the second version of the key information is from the eNB.
Example 75 includes the subject matter of any one of examples 71-73, and optionally, wherein the second version of the key information is from another eNB after a session handover to the other eNB.
Example 76 includes the subject matter of any one of examples 71-75, and optionally, wherein the operations comprise: determining the shared key from a four-way handshake with the WLAN AP.
Example 77 includes an apparatus of cellular communication by a User Equipment (UE), the apparatus comprising: means for determining a security key based on a first version of key information from an evolved node B (eNB) of a cellular network; means for determining one or more shared keys based on the security key to secure communications with a Wireless Local Area Network (WLAN) Access Point (AP) during a Long Term Evolution (LTE) WLAN aggregation (LWA) session via the WLAN AP; and means for selecting to continue using a shared key based on the first version of the key information when a second version of the key information is received from the cellular network in place of the first version of the key information during the LWA session.
Example 78 includes the subject matter of example 77, and optionally, comprising: means for selecting to continue using a shared key based on the first version of the key information at least as long as the LWA session is active.
Example 79 includes the subject matter of example 77 or 78, and optionally, means for: determining a new security key based on the second version of the key information; selecting to continue to use the shared key based on the first version of the key information until receiving a first message of a four-way handshake with the WLAN AP based on the new security key; upon receiving the first message, suspending communication of traffic of the LWA session; and resuming communication of traffic of the LWA session upon completion of the four-way handshake with the WLAN AP based on the new security key.
Example 80 includes the subject matter of any one of examples 77-79, and optionally, wherein the second version of the key information is from the eNB.
Example 81 includes the subject matter of any one of examples 77-79, and optionally, wherein the second version of the key information is from another eNB after a session handover to the other eNB.
Example 82 includes the subject matter of any one of examples 77-81, and optionally, comprising: means for determining the shared key based on a four-way handshake with the WLAN AP.
Example 83 includes an apparatus of a Wireless Local Area Network (WLAN) Access Point (AP), the apparatus comprising: a radio to communicate with a User Equipment (UE); and a controller assembly configured to: determine one or more shared keys based on a first version of a security key from an evolved node B (eNB) to secure communications during a Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE via the WLAN AP, the controller component configured to: when a second version of the security key is received during the LWA session in place of the first version of the security key, selecting to continue using a shared key based on the first version of the security key.
Example 84 includes the subject matter of example 83, and optionally, wherein the controller component is configured to: selecting to continue using a shared key based on the first version of the security key at least as long as the LWA session is active.
Example 85 includes the subject matter of example 83 or 84, and optionally, wherein the controller component is configured to: initiating a four-way handshake with the UE based on the second version of the security key, the controller component configured to: causing the WLAN AP to send a first message of the four-way handshake to the UE; suspending transmission of traffic for the LWA session to the UE and continuing to process traffic for the LWA session from the UE based on the shared key, the controller component configured to: causing the WLAN AP to suspend processing traffic of the LWA session from the UE upon receiving a second message of the four-way handshake from the UE; and resuming communication of traffic of the LWA session upon completion of the four-way handshake with the UE based on the second version of the security key.
Example 86 includes the subject matter of any one of examples 83-85, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an eNB key and a WLAN endpoint (WT) counter.
Example 87 includes the subject matter of any of examples 83-86, and optionally, one or more antennas, a memory, and a processor.
Example 88 includes an apparatus comprising: circuitry and logic configured to: triggering a Wireless Local Area Network (WLAN) Access Point (AP) to determine one or more shared keys based on a first version of a security key from an evolved node B (eNB) to secure communications during a Long Term Evolution (LTE) WLAN aggregation (LWA) session of a User Equipment (UE) via the WLAN AP; and selecting to continue using a shared key based on the first version of the security key when a second version of the security key is received during the LWA session in place of the first version of the security key.
Example 89 includes the subject matter of example 88, and optionally, wherein the apparatus is configured to: causing the WLAN AP to: selecting to continue using a shared key based on the first version of the key information at least as long as the LWA session is active.
Example 90 includes the subject matter of example 88 or 89, and optionally, wherein the apparatus is configured to: causing the WLAN AP to: initiating a four-way handshake with the UE based on the second version of the security key; sending a first message of the four-way handshake to the UE; suspending transmission of traffic of the LWA session to the UE and continuing to process traffic of the LWA session from the UE based on the shared key; suspending processing of traffic of the LWA session from the UE upon receiving a second message of the four-way handshake from the UE; and resuming communication of traffic of the LWA session upon completion of the four-way handshake with the UE based on the second version of the security key.
Example 91 includes the subject matter of any one of examples 88-90, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an eNB key and a WLAN endpoint (WT) counter.
Example 92 includes the subject matter of any one of examples 88-91, and optionally, one or more antennas, a memory, and a processor.
Example 93 includes a system of wireless communication, comprising: a Wireless Local Area Network (WLAN) Access Point (AP), the WLAN AP comprising: one or more antennas; a memory; a processor; a radio to communicate with a User Equipment (UE); and a controller assembly configured to: determine one or more shared keys based on a first version of a security key from an evolved node B (eNB) to secure communications during a Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE via the WLAN AP, the controller component configured to: when a second version of the security key is received during the LWA session in place of the first version of the security key, selecting to continue using a shared key based on the first version of the security key.
Example 94 includes the subject matter of example 93, and optionally, wherein the controller component is configured to: selecting to continue using a shared key based on the first version of the security key at least as long as the LWA session is active.
Example 95 includes the subject matter of example 93 or 94, and optionally, wherein the controller component is configured to: initiating a four-way handshake with the UE based on the second version of the security key, the controller component configured to: causing the WLAN AP to send a first message of the four-way handshake to the UE; suspending transmission of traffic for the LWA session to the UE and continuing to process traffic for the LWA session from the UE based on the shared key, the controller component configured to: causing the WLAN AP to suspend processing traffic of the LWA session from the UE upon receiving a second message of the four-way handshake from the UE; and resuming communication of the traffic of the LWA session upon completion of the four-way handshake with the UE based on the second version of the security key.
Example 96 includes the subject matter of any one of examples 93-95, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an evolved node b (enb) key and a WLAN endpoint (WT) counter.
Example 97 includes a method to be performed at a Wireless Local Area Network (WLAN) Access Point (AP), the method comprising: determine one or more shared keys based on a first version of a security key from an evolved node B (eNB) to secure communications during a Long Term Evolution (LTE) WLAN aggregation (LWA) session of a User Equipment (UE) via the WLAN AP; and selecting to continue using a shared key based on the first version of the security key when a second version of the security key is received during the LWA session in place of the first version of the security key.
Example 98 includes the subject matter of example 97, and optionally, comprising: selecting to continue using a shared key based on the first version of the security key at least as long as the LWA session is active.
Example 99 includes the subject matter of example 97 or 98, and optionally, comprising: initiating a four-way handshake with the UE based on the second version of the security key; sending a first message of the four-way handshake to the UE; suspending transmission of traffic for the LWA session to the UE and continuing to process traffic for the LWA session from the UE based on the shared key; suspending processing of traffic of the LWA session from the UE upon receiving a second message of the four-way handshake from the UE; and resuming communication of traffic of the LWA session upon completion of the four-way handshake with the UE based on the second version of the security key.
Example 100 includes the subject matter of any one of examples 97-99, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an eNB key and a WLAN endpoint (WT) counter.
Example 101 includes an article comprising one or more tangible computer-readable non-transitory storage media comprising computer-executable instructions operable to: when executed by at least one computer processor, enable the at least one computer processor to implement operations at a Wireless Local Area Network (WLAN) Access Point (AP), the operations comprising: determine one or more shared keys based on a first version of a security key from an evolved node B (eNB) to secure communications during a Long Term Evolution (LTE) WLAN aggregation (LWA) session of a User Equipment (UE) via the WLAN AP; and selecting to continue using a shared key based on the first version of the security key when a second version of the security key is received during the LWA session in place of the first version of the security key.
Example 102 includes the subject matter of example 101, and optionally, wherein the operations comprise: selecting to continue using a shared key based on the first version of the security key at least as long as the LWA session is active.
Example 103 includes the subject matter of example 101 or 102, and optionally, wherein the operations comprise: initiating a four-way handshake with the UE based on the second version of the security key; sending a first message of the four-way handshake to the UE; suspending transmission of traffic of the LWA session to the UE and continuing to process traffic of the LWA session from the UE based on the shared key; suspending processing of traffic of the LWA session from the UE upon receiving a second message of the four-way handshake from the UE; and resuming communication of traffic of the LWA session upon completion of the four-way handshake with the UE based on the second version of the security key.
Example 104 includes the subject matter of any one of examples 101-103, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an evolved node b (enb) key and a WLAN endpoint (WT) counter.
Example 105 includes an apparatus of communication by a Wireless Local Area Network (WLAN) Access Point (AP), the apparatus comprising: means for determining one or more shared keys based on a first version of a security key from an evolved node B (eNB) to secure communications during a Long Term Evolution (LTE) WLAN aggregation (LWA) session of a User Equipment (UE) via the WLAN AP; and means for selecting to continue using a shared key based on the first version of the security key when a second version of the security key is received during the LWA session in place of the first version of the security key.
Example 106 includes the subject matter of example 105, and optionally, comprising: means for selecting to continue using a shared key based on the first version of the security key at least as long as the LWA session is active.
Example 107 includes the subject matter of example 105 or 106, and optionally, comprising: means for initiating a four-way handshake with the UE based on the second version of the security key; means for sending a first message of the four-way handshake to the UE; means for suspending transmission of traffic of the LWA session to the UE and continuing to process traffic of the LWA session from the UE based on the shared key; means for suspending processing traffic of the LWA session from the UE upon receiving a second message of the four-way handshake from the UE; and means for resuming communication of traffic of the LWA session upon completion of the four-way handshake with the UE based on the second version of the security key.
Example 108 includes the subject matter of any of example 105-107, and optionally, wherein the security key comprises a Pairwise Master Key (PMK) based on an evolved node b (enb) key and a WLAN endpoint (WT) counter.
Example 109 includes an apparatus of a Wireless Local Area Network (WLAN) endpoint (WT) node, the apparatus comprising: a first interface for communicating with a WLAN Access Point (AP); a second interface for receiving a security key corresponding to a User Equipment (UE) from an evolved node B (eNB); and a controller assembly configured to: controlling selective transmission of the security key to the WLAN AP, the controller component configured to: select to defer transmission of the security key to a WLAN AP when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP.
Example 110 includes the subject matter of example 109, and optionally, wherein the controller component is to: deferring transmission of the security key to the WLAN AP at least as long as the LWA session is active.
Example 111 includes the subject matter of example 109 or 110, and optionally, wherein the controller component is configured to: prior to establishing the LWA session, having the WT node send a first version of the security key to the WLAN AP, the controller component configured to: deferring transmission of a second version of the security key to the WLAN AP, the second version of the security key replacing the first version of the security key, at least as long as the LWA session is active.
Example 112 includes the subject matter of any of example 109 and 111, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
Example 113 includes the subject matter of any one of examples 109 and 112, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.
Example 114 includes the subject matter of any one of examples 109 and 113, and optionally, comprising one or more antennas, a memory, and a processor.
Example 115 includes an apparatus comprising: circuitry and logic configured to: triggering a Wireless Local Area Network (WLAN) endpoint (WT) node to receive a security key corresponding to a User Equipment (UE) from an evolved node B (eNB); and select to defer transmission of the security key to a WLAN Access Point (AP) when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP.
Example 116 includes the subject matter of example 115, and optionally, wherein the apparatus is configured to cause the WT node to: deferring transmission of the security key to the WLAN P at least as long as the LWA session is active.
Example 117 includes the subject matter of example 115 or 116, and optionally, wherein the apparatus is configured to cause the WT node to: sending a first version of the security key to the WLAN AP prior to establishing the LWA session; and postponing transmission of the second version of the security key to the WLAN AP at least as long as the LWA session is active, the second version of the security key replacing the first version of the security key.
Example 118 includes the subject matter of any of examples 115-117, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
Example 119 includes the subject matter of any one of examples 115-118, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.
Example 120 includes the subject matter of any one of examples 115-119, and optionally, one or more antennas, a memory, and a processor.
Example 121 includes a system of wireless communication comprising a Wireless Local Area Network (WLAN) endpoint (WT) node, the WT node comprising: one or more antennas; a memory; a processor; a first interface for communicating with a WLAN Access Point (AP); a second interface to receive a security key corresponding to a User Equipment (UE) from an evolved node B (eNB); and a controller assembly configured to: controlling selective transmission of the security key to the WLAN AP, the controller component configured to: select to defer transmission of the security key to a WLAN AP when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP.
Example 122 includes the subject matter of example 121, and optionally, wherein the controller component is to: deferring transmission of the security key to the WLAN AP at least as long as the LWA session is active.
Example 123 includes the subject matter of example 121 or 122, and optionally, wherein the controller component is configured to: prior to establishing the LWA session, causing the WT node to transmit a first version of the security key to the WLAN AP, the controller component configured to: deferring transmission of a second version of the security key to the WLAN AP, the second version of the security key replacing the first version of the security key, at least as long as the LWA session is active.
Example 124 includes the subject matter of any one of examples 121-123, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
Example 125 includes the subject matter of any one of examples 121-124, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.
Example 126 includes a method to be performed at a Wireless Local Area Network (WLAN) endpoint (WT) node, the method comprising: receiving a security key corresponding to a User Equipment (UE) from an evolved node B (eNB); and select to defer transmission of the security key to a WLAN Access Point (AP) when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP.
Example 127 includes the subject matter of example 126, and optionally, comprising: postponing transmission of the security key to the WLAN P at least as long as the LWA session is active.
Example 128 includes the subject matter of example 126 or 127, and optionally, comprising: sending a first version of the security key to the WLAN AP prior to establishing the LWA session; and postponing transmission of the second version of the security key to the WLAN AP at least as long as the LWA session is active, the second version of the security key replacing the first version of the security key.
Example 129 includes the subject matter of any one of examples 126 and 128, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
Example 130 includes the subject matter of any one of examples 126 and 129, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.
Example 131 includes an article comprising one or more tangible computer-readable non-transitory storage media comprising computer-executable instructions operable to: when executed by at least one computer processor, enable the at least one computer processor to implement operations at a Wireless Local Area Network (WLAN) endpoint (WT) node, the operations comprising: receiving a security key corresponding to a User Equipment (UE) from an evolved node B (eNB); and select to defer transmission of the security key to a WLAN Access Point (AP) when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP.
Example 132 includes the subject matter of example 131, and optionally, wherein the operations comprise: deferring transmission of the security key to the WLAN AP at least as long as the LWA session is active.
Example 133 includes the subject matter of example 131 or 132, and optionally, wherein the operations comprise: sending a first version of the security key to the WLAN AP prior to establishing the LWA session; and postponing transmission of the second version of the security key to the WLAN AP at least as long as the LWA session is active, the second version of the security key replacing the first version of the security key.
Example 134 includes the subject matter of any one of examples 131 and 133, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
Example 135 includes the subject matter of any one of examples 131 and 134, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.
Example 136 includes an apparatus of wireless communication by a Wireless Local Area Network (WLAN) endpoint (WT) node, the apparatus comprising: means for receiving a security key corresponding to a User Equipment (UE) from an evolved node B (eNB); and means for selecting to defer transmission of the security key to a WLAN Access Point (AP) when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP.
Example 137 includes the subject matter of example 136, and optionally, comprising: means for deferring transmission of the security key to the WLAN AP at least as long as the LWA session is active.
Example 138 includes the subject matter of example 136 or 137, and optionally, comprising: means for: sending a first version of the security key to the WLAN AP prior to establishing the LWA session; and postponing transmission of the second version of the security key to the WLAN AP at least as long as the LWA session is active, the second version of the security key replacing the first version of the security key.
Example 139 includes the subject matter of any of examples 136-138, and optionally, wherein the security key comprises a Pairwise Master Key (PMK).
Example 140 includes the subject matter of any of example 136 and 139, and optionally, wherein the security is based on a WT counter of the WT node and an eNB key of the eNB.
Functions, operations, components, and/or features described herein with reference to one or more embodiments may be combined with, or utilized in combination with, one or more other functions, operations, components, and/or features described herein with reference to one or more other embodiments, or vice versa.
Although specific features have been illustrated and described herein, many modifications, substitutions, changes, and equivalents will now occur to those skilled in the art. It is, therefore, to be understood that the appended claims are intended to cover all such modifications and changes as fall within the spirit of the disclosure.

Claims (23)

1. An apparatus of an evolved node b (enb), comprising:
a Wireless Local Area Network (WLAN) interface to: communicating with a WLAN Access Point (AP);
a cellular transceiver to: communicating with a User Equipment (UE); and
a controller assembly configured to: control selective transmission of first key information from the eNB to the UE and second key information from the eNB to the WLAN AP, the second key information based on the first key information, the controller component configured to: select to defer transmission of the first key information to the UE and the second key information to the WLAN AP when an active Long Term Evolution (LTE) WLAN aggregation (LWA) session of the UE is ongoing via the WLAN AP,
wherein the controller assembly is configured to:
prior to establishing the LWA session, having the eNB communicate a first version of the first key information to the UE and a first version of the second key information to the WLAN AP,
the controller assembly is configured to: postponing transmitting a second version of the first key information to the UE and a second version of the second key information to the WLAN AP, the second versions of the first and second key information replacing the first versions of the first and second key information, at least as long as the LWA session is active.
2. The apparatus of claim 1, in which the LWA session comprises a session handed over from another eNB to the eNB.
3. The apparatus of any of claims 1-2, wherein the first key information comprises a WLAN endpoint (WT) counter and the second key information is based on the WT counter and an eNB key of the eNB.
4. The apparatus of claim 3, wherein the second key information comprises a Pairwise Master Key (PMK) based on the eNB key and the WT counter.
5. The apparatus of claim 3, wherein the eNB key comprises a key generated by the eNB after the LWA session establishment.
6. The apparatus of any of claims 1-2, comprising one or more antennas, a memory, and a processor.
7. An apparatus of a Wireless Local Area Network (WLAN) endpoint (WT), comprising:
a memory; and
a processor configured to: triggering a User Equipment (UE) to:
determining a security key based on a first version of key information from an evolved node B (eNB) of a cellular network;
determine one or more shared keys based on the security key to secure communications with a Wireless Local Area Network (WLAN) Access Point (AP) during a Long Term Evolution (LTE) WLAN aggregation (LWA) session via the WLAN AP; and
when a second version of the key information is received from the cellular network during the LWA session in place of the first version of the key information, selecting to continue using a shared key based on the first version of the key information.
8. The apparatus of claim 7, wherein the processor is configured to: selecting to continue using a shared key based on the first version of the key information at least as long as the LWA session is active.
9. The apparatus of claim 7 or 8, wherein the processor is configured to cause the UE to:
determining a new security key based on the second version of the key information;
selecting to continue to use the shared key based on the first version of the key information until receiving a first message of a four-way handshake with the WLAN AP based on the new security key;
upon receiving the first message, suspending communication of traffic of the LWA session; and
resuming communication of traffic of the LWA session upon completion of a four-way handshake with the WLAN AP based on the new security key.
10. The apparatus of claim 7 or 8, wherein the second version of the key information is from the eNB.
11. The apparatus of claim 7 or 8, wherein the second version of the key information is from another eNB after a session handover to the other eNB.
12. The apparatus of claim 7 or 8, wherein the processor is configured to cause the UE to:
determining the shared key from a four-way handshake with the WLAN AP.
13. The apparatus of claim 7 or 8, further comprising one or more antennas.
14. A tangible computer readable non-transitory storage medium having stored thereon computer executable instructions operable to: when executed by at least one computer processor, enable the at least one computer processor to implement operations at a User Equipment (UE), the operations comprising:
determining a security key based on a first version of key information from an evolved node B (eNB) of a cellular network;
determine, based on the security key, one or more shared keys to secure communications with a Wireless Local Area Network (WLAN) Access Point (AP) during a Long Term Evolution (LTE) WLAN aggregation (LWA) session via the WLAN AP; and
when a second version of the key information is received from the cellular network during the LWA session in place of the first version of the key information, selecting to continue using a shared key based on the first version of the key information.
15. The storage medium of claim 14, wherein the operations comprise:
selecting to continue using a shared key based on the first version of the key information at least as long as the LWA session is active.
16. The storage medium of claim 14 or 15, wherein the operations comprise:
determining a new security key based on the second version of the key information;
selecting to continue to use the shared key based on the first version of the key information until receiving a first message of a four-way handshake with the WLAN AP based on the new security key;
upon receiving the first message, suspending communication of traffic of the LWA session; and
resuming communication of traffic of the LWA session upon completion of a four-way handshake with the WLAN AP based on the new security key.
17. The storage medium of claim 14 or 15, wherein the second version of the key information is from the eNB.
18. The storage medium of claim 14 or 15, wherein the operations comprise:
determining the shared key from a four-way handshake with the WLAN AP.
19. A method to be performed at a Wireless Local Area Network (WLAN) Access Point (AP), the method comprising:
determine one or more shared keys based on a first version of a security key from an evolved node B (eNB) to secure communications during a Long Term Evolution (LTE) WLAN aggregation (LWA) session of a User Equipment (UE) via the WLAN AP; and
when a second version of the security key is received during the LWA session in place of the first version of the security key, selecting to continue using a shared key based on the first version of the security key.
20. The method of claim 19, comprising:
selecting to continue using a shared key based on the first version of the security key at least as long as the LWA session is active.
21. The method of claim 19, comprising:
initiating a four-way handshake with the UE based on the second version of the security key;
sending a first message of the four-way handshake to the UE;
suspending transmission of traffic for the LWA session to the UE and continuing to process traffic for the LWA session from the UE in accordance with a shared key based on a first version of the security key;
suspending processing of traffic of the LWA session from the UE upon receiving a second message of the four-way handshake from the UE; and
resuming communication of traffic of the LWA session upon completion of a four-way handshake with the UE based on the second version of the security key.
22. The method of claim 19, wherein the security key comprises a Pairwise Master Key (PMK) based on an eNB key and a WLAN endpoint (WT) counter.
23. A tangible computer readable non-transitory storage medium having stored thereon computer executable instructions operable to: the at least one computer processor, when executed, is enabled to perform the method of any of claims 19-22.
HK19122483.1A 2016-03-31 2016-06-30 Apparatus, system and method of selectively updating key information of a secured wlan connection between a ue and a wlan ap HK1262351B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US62/316,335 2016-03-31
US62/327,650 2016-04-26

Publications (2)

Publication Number Publication Date
HK1262351A1 HK1262351A1 (en) 2020-01-10
HK1262351B true HK1262351B (en) 2023-01-20

Family

ID=

Similar Documents

Publication Publication Date Title
US9893894B2 (en) Systems, methods, and devices for secure device-to-device discovery and communication
CN107925875B (en) Apparatus, system and method for communicating between a cellular manager and a user equipment (UE) via a WLAN node
US10809999B2 (en) Secure firmware upgrade for cellular IoT
WO2017078657A1 (en) Apparatus, system and method of cellular-assisted establishing of a secured wlan connection between a ue and a wlan ap
US10045255B2 (en) Apparatus, system and method of processing PDCP PDUs of an E-RAB
US11140691B2 (en) Long-term evolution (LTE) and wireless local area network (WLAN) aggregation (LWA) connection procedures
AU2018202590A1 (en) Apparatus, system and method of securing communications of a user equipment (ue) in a wireless local area network
EP3412057B1 (en) Packet data convergence protocol (pdcp) operation in a transparent mode
HK1225899A1 (en) Apparatus, system and method of securing communications of a user equipment (ue) in a wireless local area network
HK1252894A1 (en) Measurement method in carrier aggregation and asynchronous dual connectivity
CN108886686B (en) Apparatus, system, and method for selectively updating key information for secure WLAN connections between a UE and a WLAN AP
EP3198986B1 (en) Apparatus, method and product of wireless local area network (wlan) setting of a user equipment (ue)
WO2017172450A1 (en) Packet data convergence protocol optimizations for lte-wlan aggregation
EP3437350A1 (en) Maintaining a wifi connection during handover of a user equipment in a lte network
HK1262351A1 (en) Apparatus, system and method of selectively updating key information of a secured wlan connection between a ue and a wlan ap
HK1262351B (en) Apparatus, system and method of selectively updating key information of a secured wlan connection between a ue and a wlan ap
WO2016164066A1 (en) Apparatus, system and method of traffic steering at a user equipment (ue)
HK1241198A1 (en) Apparatus, system and method of processing pdcp pdus of an e-rab
HK1235972A1 (en) Apparatus, system and method of wireless local area network (wlan) setting of a user equipment(ue)