WO2024232612A1 - Method and device for linking two techniques for managing keys in dual connectivity in mobile communication system - Google Patents

Abstract

The present disclosure relates to a 5G or 6G communication system to support a higher data transmission rate. An operation of a master node (MN) connected to a user terminal in a wireless communication system according to the present disclosure may comprise the steps of: selecting a first secondary node (SN) counter value for a first target SN that does not support an optional secondary cell group (SCG) function; on the basis of the first SN counter value, generating a first key value for secure communication between the user terminal and the first target SN; transmitting, to the first target SN, the first key value corresponding to the first target SN; selecting multiple second SN counter values for a second target SN supporting the optional SCG function; on the basis of the multiple second SN counter values, generating multiple second key values for secure communication between the user terminal and the second target SN; transmitting, to the second target SN, the multiple second key values corresponding to the second target SN; and transmitting, to the user terminal, conditional PSCell change (CPC) configuration information, the first SN counter value, and the multiple second SN counter values.

Description

Method and device for linking two techniques for managing keys during dual connection in a mobile communication system

The present disclosure relates to a method and device for linking two techniques used to manage keys when a terminal has dual connectivity in a wireless communication system.

5G mobile communication technology defines a wide frequency band to enable fast transmission speeds and new services, and can be implemented not only in the sub-6GHz frequency band, such as 3.5 gigahertz (3.5GHz), but also in the ultra-high frequency band called millimeter wave (㎜Wave), such as 28GHz and 39GHz ('Above 6GHz'). In addition, in the case of 6G mobile communication technology, which is called the system after 5G communication (Beyond 5G), implementation in the terahertz (THz) band (for example, 3 THz band at 95GHz) is being considered to achieve a transmission speed that is 50 times faster than 5G mobile communication technology and an ultra-low delay time that is reduced to one-tenth.

In the early stages of 5G mobile communication technology, the goal was to support services and satisfy performance requirements for enhanced Mobile Broadband (eMBB), Ultra-Reliable Low-Latency Communications (URLLC), and massive Machine-Type Communications (mMTC). The technologies included beamforming and massive MIMO to mitigate path loss of radio waves in ultra-high frequency bands and increase the transmission distance of radio waves, support for various numerologies (such as operation of multiple subcarrier intervals) and dynamic operation of slot formats for efficient use of ultra-high frequency resources, initial access technology to support multi-beam transmission and wideband, definition and operation of BWP (Bidth Part), new channel coding methods such as LDPC (Low Density Parity Check) codes for large-capacity data transmission and Polar Code for reliable transmission of control information, and L2 pre-processing (L2 Standardization has been made for network slicing, which provides dedicated networks specialized for specific services, and pre-processing.

Currently, discussions are underway on improving and enhancing the initial 5G mobile communication technology in consideration of the services that the 5G mobile communication technology was intended to support, and physical layer standardization is in progress for technologies such as V2X (Vehicle-to-Everything) to help autonomous vehicles make driving decisions and increase user convenience based on their own location and status information transmitted by vehicles, NR-U (New Radio Unlicensed) for the purpose of system operation that complies with various regulatory requirements in unlicensed bands, NR terminal low power consumption technology (UE Power Saving), Non-Terrestrial Network (NTN), which is direct terminal-satellite communication to secure coverage in areas where communication with terrestrial networks is impossible, and Positioning.

In addition, standardization of wireless interface architecture/protocols for technologies such as the Industrial Internet of Things (IIoT) to support new services through linkage and convergence with other industries, Integrated Access and Backhaul (IAB) to provide nodes for expanding network service areas by integrating wireless backhaul links and access links, Mobility Enhancement including Conditional Handover and Dual Active Protocol Stack (DAPS) handover, and 2-step RACH for NR to simplify random access procedures is also in progress, and standardization of system architecture/services for 5G baseline architecture (e.g. Service based Architecture, Service based Interface) for grafting Network Functions Virtualization (NFV) and Software-Defined Networking (SDN) technologies, and Mobile Edge Computing (MEC) that provides services based on the location of the terminal is also in progress.

When such 5G mobile communication systems are commercialized, an explosive increase in connected devices will be connected to the communication network, which will require enhanced functions and performance of 5G mobile communication systems and integrated operation of connected devices. To this end, new research will be conducted on improving 5G performance and reducing complexity, AI service support, metaverse service support, drone communications, etc. using extended reality (XR), artificial intelligence (AI), and machine learning (ML) to efficiently support augmented reality (AR), virtual reality (VR), and mixed reality (MR).

In addition, the development of these 5G mobile communication systems will require new waveforms to ensure coverage in the terahertz band of 6G mobile communication technology, multi-antenna transmission technologies such as Full Dimensional MIMO (FD-MIMO), Array Antenna, and Large Scale Antenna, metamaterial-based lenses and antennas to improve the coverage of terahertz band signals, high-dimensional spatial multiplexing technology using Orbital Angular Momentum (OAM), and Reconfigurable Intelligent Surface (RIS) technology, as well as full duplex technology to improve the frequency efficiency and system network of 6G mobile communication technology, satellite, and AI (Artificial Intelligence) from the design stage and AI-based communication technology that implements end-to-end AI support functions to realize system optimization, and ultra-high-performance communication and computing resources to provide services with a level of complexity that goes beyond the limits of terminal computing capabilities. It could serve as a basis for the development of next-generation distributed computing technologies that utilize this.

The UE can perform dual connectivity. In the dual connectivity, a base station providing macrocell coverage may become a master base station (MN: Master Node) and process both the control plane and the user plane, and another base station having smallcell coverage may be called a secondary base station (SN: Secondary Node) and perform an auxiliary role of processing only the user plane. That is, the MN can process control signaling, and the SN may be used to improve a data transmission speed. The MN may provide CPC (Conditional PSCell Change) configuration information to the UE, and the UE may evaluate the condition, and if it satisfies the condition, request a change to the corresponding SN. In addition, the UE may store CPC configuration information for multiple SNs provided by the MN, and may continuously perform an SN change request whenever the condition is satisfied after evaluation.

Based on the above discussion, the present disclosure aims to solve the following problem. There may be multiple techniques for managing keys to be used for security in dual connectivity. For example, when a new technique is introduced, there may exist base stations that have been updated to use the new technique and base stations that have not yet been updated and cannot use the new technique. In this case, a new method is needed for two different types of base stations to be interoperable. The present disclosure proposes a technique that enables the above method to solve the problem.

In a wireless communication system according to one embodiment of the present invention, an operation method of an MN (Master Node) connected to a user terminal may include: a step of selecting a first SN counter value for a first target SN (Secondary Node) that does not support an optional SCG (Secondary Cell Group) function; a step of generating a first key value for secure communication between the user terminal and the first target SN based on the first SN counter value; a step of transmitting a first key value corresponding to the first target SN to the first target SN; a step of selecting a plurality of second SN counter values for a second target SN that supports the optional SCG function; a step of generating a plurality of second key values for secure communication between the user terminal and the second target SN based on the plurality of second SN counter values; a step of transmitting a plurality of second key values corresponding to the second target SN to the second target SN; and a step of transmitting CPC (Conditional PSCell Change) setting information, the first SN counter value, and the plurality of second SN counter values to the user terminal.

The operating method of the above MN may further include the steps of: receiving, from the first target SN, information on whether the first target SN supports the optional SCG function; and receiving, from the second target SN, information on whether the second target SN supports the optional SCG function.

The above CPC setting information may include information on whether the first target SN or the second target SN supports the optional SCG function.

The operating method of the above MN may further include a step of receiving, from the first target SN or the second target SN, a rejection message for a key value received by the first target SN or the second target SN or a request message for an additional key value.

The method of operating the above MN may further include a step of transmitting information on whether the first target SN that does not support the optional SCG function is reusable to the user terminal.

The operation method of the above MN may further include the steps of: receiving, from the user terminal, a request for reuse of the first target SN if reuse of the first target SN is possible; selecting a third SN counter value for the first target SN and generating a third key value based on the selected third SN counter value; transmitting the third key value to the first target SN; and transmitting the third SN counter value corresponding to the third key value to the user terminal.

According to another embodiment of the present invention, a method for operating a user terminal in a wireless communication system may include the steps of: receiving, from a Master Node (MN) connected to the user terminal, CPC (Conditional PSCell Change) configuration information, a first SN counter value corresponding to a first key value transmitted to a first target SN (Secondary Node) that does not support an optional SCG (Secondary Cell Group) function, and a plurality of second SN counters corresponding to a plurality of second key values transmitted to a second target SN that supports the optional SCG function; generating a first key value or a second key value based on at least one of the first SN counter value or the plurality of second SN counter values; and performing an SN change to a first target SN through the first key value or an SN change to a second target SN through the second key value.

The above CPC setting information includes information on whether the first target SN or the second target SN supports the optional SCG function, and the replacement to the second target SN performed by the user terminal can be performed multiple times using a plurality of second key values generated based on the CPC setting information.

According to another embodiment of the present invention, a MN (Master Node) connected to and operating with a user terminal in a wireless communication system may be configured to include a communication unit and a control unit, wherein the control unit selects a first SN counter value for a first target SN (Secondary Node) that does not support an optional SCG (Secondary Cell Group) function, generates a first key value for secure communication between the user terminal and the first target SN based on the first SN counter value, transmits a first key value corresponding to the first target SN to the first target SN, selects a plurality of second SN counter values for a second target SN that supports the optional SCG function, generates a plurality of second key values for secure communication between the user terminal and the second target SN based on the plurality of second SN counter values, transmits a plurality of second key values corresponding to the second target SN to the second target SN, and transmits CPC (Conditional PSCell Change) setting information, the first SN counter value, and the plurality of second SN counter values to the user terminal. can be set to transmit.

Various embodiments of the present disclosure can provide a device and method capable of effectively providing a service in a wireless communication system.

According to one embodiment of the present disclosure, when a new technique for managing a security key is introduced in a case where dual connectivity is used, a method for efficiently applying the new technique in a case where an updated base station and an unupdated base station coexist can be presented.

The effects obtainable from the present disclosure are not limited to the effects mentioned in the various embodiments, and other effects not mentioned will be clearly understood by those skilled in the art to which the present disclosure belongs from the description below.

FIG. 1A illustrates a communication network including core network entities in a wireless communication system according to various embodiments of the present disclosure.

FIG. 1b illustrates a wireless environment including a core network in a wireless communication system according to various embodiments of the present disclosure.

FIG. 2a illustrates an example of a functional structure of a terminal according to embodiments of the present disclosure.

FIG. 2b illustrates an example of a functional structure of a base station according to embodiments of the present disclosure.

FIG. 2c illustrates an example of a functional structure of a core network object according to embodiments of the present disclosure.

FIG. 3 is a diagram illustrating a method for managing a key in dual connectivity according to an embodiment of the present disclosure.

FIG. 4 is a diagram illustrating a procedure for changing a secondary node in dual connectivity based on the method disclosed in FIG. 3.

FIG. 5 is a diagram illustrating another method for managing keys in dual connectivity according to one embodiment of the present disclosure.

FIG. 6 is a diagram illustrating a procedure for changing a secondary node in dual connectivity based on the method disclosed in FIG. 5.

FIG. 7 is a diagram illustrating a procedure for continuously changing a secondary node in dual connectivity by linking the two methods disclosed in FIG. 3 and FIG. 5.

FIG. 8 is a diagram illustrating another procedure for continuously changing a secondary node in dual connectivity by linking the two methods disclosed in FIGS. 3 and 5.

FIG. 9 is a diagram illustrating another method for managing keys in dual connectivity according to one embodiment of the present disclosure.

FIG. 10 is a diagram illustrating a procedure for changing a secondary node in dual connectivity based on the method disclosed in FIG. 9.

FIG. 11 is a diagram illustrating a procedure for continuously changing a secondary node in dual connectivity by linking the two methods disclosed in FIG. 3 and FIG. 9.

FIG. 12 is a diagram illustrating another procedure for continuously changing a secondary node in dual connectivity by linking the two methods disclosed in FIG. 3 and FIG. 9.

FIG. 13 is a diagram illustrating another method for managing keys in dual connectivity according to one embodiment of the present disclosure.

FIG. 14 is a diagram illustrating a procedure for changing a secondary node in dual connectivity based on the method disclosed in FIG. 13.

FIG. 15 is a diagram illustrating another procedure for continuously changing a secondary node in dual connectivity by linking the two methods disclosed in FIG. 3 and FIG. 13.

The terms used in this disclosure are only used to describe specific embodiments and may not be intended to limit the scope of other embodiments. The singular expression may include the plural expression unless the context clearly indicates otherwise. The terms used herein, including technical or scientific terms, may have the same meaning as commonly understood by a person of ordinary skill in the art described in this disclosure. Among the terms used in this disclosure, terms defined in general dictionaries may be interpreted as having the same or similar meaning as the meaning they have in the context of the related art, and shall not be interpreted in an ideal or overly formal meaning unless explicitly defined in this disclosure. In some cases, even if a term is defined in this disclosure, it cannot be interpreted to exclude embodiments of the present disclosure.

In the various embodiments of the present disclosure described below, a hardware-based approach is described as an example. However, since the various embodiments of the present disclosure include techniques using both hardware and software, the various embodiments of the present disclosure do not exclude a software-based approach.

3GPP, which is in charge of cellular mobile communication standards, is naming a new core network structure 5G core (5GC) and standardizing it in order to evolve from the existing 4G LTE system to the 5G system. 5GC supports the following differentiated functions compared to the evolved packet core (EPC), which is the network core for the existing 4G.

First, 5GC introduces the network slice function. As a requirement of 5G, 5GC must support various types of terminal types and services (e.g., eMBB, URLLC, or mMTC services). Different types of services have different requirements for the core network. For example, eMBB services require high data rates, and URLLC services require high reliability and low delay. One of the technologies proposed to satisfy these various service requirements is network slicing.

Network slicing is a method of virtualizing a single physical network to create multiple logical networks, and each network slice instance (NSI) can have different characteristics. Therefore, each NSI can satisfy various service requirements by having a network function (NF) that matches its characteristics. If an NSI that matches the characteristics of the service required for each terminal is allocated, multiple 5G services can be supported efficiently.

Second, 5GC can easily support the network virtualization paradigm by separating the mobility management function and the session management function. In 4G LTE (long term evolution), services could be provided through signaling exchange with a single core equipment called the mobility management entity (MME) that was responsible for registration, authentication, mobility management, and session management functions for all terminals. However, in 5G, the number of terminals increases explosively, and the mobility and traffic/session characteristics that must be supported according to the type of each terminal are becoming more specialized. Therefore, if a single equipment such as MME supports all functions, the scalability of adding entities for each required function will inevitably decrease. Therefore, various functions are being developed based on a structure that separates the mobility management function and the session management function to improve scalability in terms of the functional/implementation complexity and signaling load of the core equipment in charge of the control plane.

Hereinafter, various embodiments will be described in detail with the attached drawings. In addition, when describing embodiments of the present disclosure, if it is determined that a specific description of a related known function or configuration may unnecessarily obscure the gist of the embodiments, the detailed description will be omitted. In addition, the terms described below are terms defined in consideration of the functions in the embodiments, and these may vary depending on the intention or custom of the user or operator. Therefore, the definitions should be made based on the contents throughout this specification.

For the same reason, some components in the attached drawings are exaggerated, omitted, or schematically illustrated. In addition, the size of each component does not entirely reflect the actual size. The same or corresponding components in each drawing are given the same reference numbers.

The advantages and features of the present disclosure, and the methods for achieving them, will become apparent by referring to the embodiments described in detail below together with the accompanying drawings. However, the present disclosure is not limited to the embodiments disclosed below, but may be implemented in various different forms, and the embodiments are provided only to make the present disclosure complete and to fully inform those skilled in the art of the scope of the disclosure, and the present disclosure is defined only by the scope of the claims. Like reference numerals refer to like elements throughout the specification.

At this time, it will be understood that each block of the processing flow diagrams and combinations of the flow diagrams can be performed by computer program instructions. These computer program instructions can be loaded onto a processor of a general-purpose computer, a special-purpose computer, or other programmable data processing equipment, so that the instructions executed by the processor of the computer or other programmable data processing equipment create a means for performing the functions described in the flow diagram block(s). These computer program instructions can also be stored in a computer-available or computer-readable memory that can be directed to a computer or other programmable data processing equipment to implement the function in a specific manner, so that the instructions stored in the computer-available or computer-readable memory can also produce an article of manufacture that includes an instruction means for performing the functions described in the flow diagram block(s). Since the computer program instructions may be installed on a computer or other programmable data processing apparatus, a series of operational steps may be performed on the computer or other programmable data processing apparatus to produce a computer-executable process, so that the instructions executing the computer or other programmable data processing apparatus may also provide steps for executing the functions described in the flowchart block(s).

Additionally, each block may represent a module, segment, or portion of code that contains one or more executable instructions for performing a particular logical function(s). It should also be noted that in some alternative implementation examples, the functions mentioned in the blocks may occur out of order. For example, two blocks shown in succession may in fact be performed substantially concurrently, or the blocks may sometimes be performed in reverse order, depending on the functionality they perform.

Here, the term '~ part' used in various embodiments of the present disclosure means a software or hardware component such as an FPGA or ASIC, and the '~ part' can perform certain roles. However, the '~ part' is not limited to software or hardware. The '~ part' may be configured to be in an addressable storage medium and may be configured to play one or more processors. Accordingly, as an example, the '~ part' may include components such as software components, object-oriented software components, class components, and task components, and processes, functions, properties, procedures, subroutines, segments of program code, drivers, firmware, microcode, circuits, data, databases, data structures, tables, arrays, and variables. The functionality provided in the components and '~ parts' may be combined into a smaller number of components and '~ parts' or further separated into additional components and '~ parts'. Additionally, the components and '~parts' may be implemented to regenerate one or more CPUs within the device or secure multimedia card.

Hereinafter, the base station is an entity that performs resource allocation of the terminal, and may be at least one of an eNode B (eNB), a Node B, a BS (base station), a RAN (radio access network), an AN (access network), a RAN node, a NR NB, a gNB, a wireless access unit, a base station controller, or a node on a network. The terminal may include a UE (user equipment), an MS (mobile station), a cellular phone, a smartphone, a computer, or a multimedia system capable of performing a communication function. In various embodiments of the present disclosure, a case where the terminal is a UE will be described as an example. In addition, although various embodiments of the present disclosure are described below using a system based on LTE, LTE-A, or NR as an example, various embodiments of the present disclosure may be applied to other communication systems having similar technical backgrounds or channel types. In addition, various embodiments of the present disclosure may be applied to other communication systems through some modifications without significantly departing from the scope thereof at the discretion of a person having skilled technical knowledge.

In the following description, terms used to identify connection nodes, terms referring to network objects, terms referring to messages, terms referring to interfaces between network objects, terms referring to various identification information, etc. are examples for convenience of explanation. Therefore, the present disclosure is not limited to the terms described below, and other terms referring to objects having equivalent technical meanings may be used.

In addition, although the present disclosure describes various embodiments using terms used in some communication standards (e.g., 3rd Generation Partnership Project (3GPP)), these are only examples for explanation. The various embodiments of the present disclosure can be easily modified and applied to other communication systems. Hereinafter, some terms used in the core network of the present disclosure are defined in advance.

AMF Access and Mobility Management Function

CN Core Network

CNF Containerized Network Function

DNN Data Network Name

PCF Policy Control Function

HSS Home Subscriber Server

SMF Session Management Function

UDM User Data Management

UPF User Plane Function

CNF Containerized Network Function

VNF Virtual Network Function

AMF Access and Mobility Management Function

CN Core Network

CNF Containerized Network Function

DNN Data Network Name

PCF Policy Control Function

HSS Home Subscriber Server

SMF Session Management Function

UDM User Data Management

UPF User Plane Function

CNF Containerized Network Function

VNF Virtual Network Function

FIG. 1A illustrates a communication network including core network entities in a wireless communication system according to embodiments of the present disclosure. A 5G mobile communication network may be configured to include a 5G user equipment (UE) (110), a 5G radio access network (RAN) (120), and a 5G core network.

The 5G core network may be configured to include network functions such as an access and mobility management function (AMF) (150) that provides a mobility management function of a UE, a session management function (SMF) (160) that provides a session management function, a user plane function (UPF) (170) that performs a data transfer role, a policy control function (PCF) (180) that provides a policy control function, a unified data management (UDM) (153) that provides data management functions such as subscriber data and policy control data, or a unified data repository (UDR) that stores data of various network functions.

Referring to FIG. 1A, a user equipment (UE) (110) may perform communication via a wireless channel formed with a base station (e.g., an eNB, a gNB), i.e., an access network. In some embodiments, the UE (110) may be a device used by a user and configured to provide a user interface (UI). As an example, the UE (110) may be a terminal mounted (equipment) on a vehicle for driving. In some other embodiments, the UE (110) may be a device performing machine type communication (MTC) that is operated without user intervention, or may be an autonomous vehicle. UE may be referred to as a 'terminal', a 'vehicle terminal', a 'user equipment (UE)', a 'mobile station', a 'subscriber station', a 'remote terminal', a 'wireless terminal', or a 'user device' or other terms having an equivalent technical meaning thereto, other than an electronic device. As the terminal, in addition to the UE, a customer-premises equipment (CPE) or a dongle type terminal may be used. The CPE connects to the NG-RAN node like the UE, and may also provide a network to other communication equipment (e.g., a laptop).

Referring to FIG. 1A, AMF (150) provides a function for connection and mobility management of a terminal (110) unit, and basically, one terminal (110) can be connected to one AMF (150). Specifically, AMF (150) can perform at least one of the following functions: signaling between core network nodes for mobility between 3GPP access networks, an interface (N2 interface) between wireless access networks (e.g., 5G RAN) (120), NAS signaling with the terminal (110), identification of SMF (160), and provision of session management (SM) messages between the terminal (110) and SMF (160). Some or all of the functions of AMF (150) can be supported within a single instance of AMF (150).

Referring to FIG. 1A, the SMF (160) provides a session management function, and when the terminal (110) has multiple sessions, each session can be managed by a different SMF (160). Specifically, the SMF (160) can perform at least one of the following functions: session management (e.g., session establishment, modification, and release, including tunnel maintenance between the UPF (170) and the access network node), selection and control of UP (user plane) functions, traffic steering setup for routing traffic to an appropriate destination in the UPF (170), termination of the SM portion of the NAS message, downlink data notification (DDN), initiator of AN-specific SM information (e.g., transmitting to the access network via the N2 interface via the AMF (150)). Some or all of the functions of the SMF (160) can be supported within a single instance of one SMF (160).

In 3GPP systems, conceptual links connecting NFs within a 5G system may be referred to as reference points. Reference points may also be referred to as interfaces. The following are examples of reference points (hereinafter, interchangeably referred to as interfaces) included in the 5G system architecture expressed across various embodiments of the present disclosure.

- N1: Reference point between UE (110) and AMF (150)

- N2: Reference point between (R)AN(120) and AMF(150)

- N3: Reference point between (R)AN(120) and UPF(170)

- N4: Reference point between SMF(160) and UPF(170)

- N5: Reference point between PCF (180) and AF (130)

- N6: Reference point between UPF (170) and DN (140)

- N7: Reference point between SMF(160) and PCF(180)

- N8: Reference point between UDM (153) and AMF (150)

- N9: Reference point between two core UPFs (170)

- N10: Reference point between UDM(153) and SMF(160)

- N11: Reference point between AMF(150) and SMF(160)

- N12: Reference point between AMF (150) and authentication server function (AUSF) (151)

- N13: Reference point between UDM (153) and authentication server function (151)

- N14: Reference point between two AMFs (150)

- N15: For non-roaming scenario, reference point between PCF (180) and AMF (150), for roaming scenario, reference point between PCF (180) and AMF (150) within visited network

FIG. 1b illustrates a wireless environment including a core network in a wireless communication system according to embodiments of the present disclosure. Referring to FIG. 1b, the wireless communication system includes a radio access network (RAN) (120) and a core network (CN).

The wireless access network (120) is a network that is directly connected to a user device, for example, a terminal (110), and is an infrastructure that provides wireless access to the terminal (110). The wireless access network (120) includes a set of a plurality of base stations including a base station (125), and the plurality of base stations can perform communication through interfaces formed between each other. At least some of the interfaces between the plurality of base stations can be wired or wireless. The base station (125) can have a structure separated into a central unit (CU) and a distributed unit (DU). In this case, one CU can control a plurality of DUs. In addition to the base station, the base station (125) can be referred to as an 'access point (AP)', a 'next generation node B (gNB)', a '5G node (5th generation node)', a 'wireless point', a 'transmission/reception point (TRP)', or other terms having an equivalent technical meaning. The terminal (110) connects to a wireless access network (120) and communicates with a base station (125) through a wireless channel. The terminal (110) may be referred to as a 'user equipment (UE)', a 'mobile station', a 'subscriber station', a 'remote terminal', a 'wireless terminal', a 'user device', or other terms having an equivalent technical meaning.

The core network is a network that manages the entire system, controls the wireless access network (120), and processes data and control signals for terminals (110) transmitted and received through the wireless access network (120). The core network performs various functions, such as control of the user plane and the control plane, processing of mobility, management of subscriber information, charging, and interworking with other types of systems (e.g., long term evolution (LTE) system). In order to perform the various functions described above, the core network may include a number of functionally separated entities having different NFs (network functions). For example, the core network (200) may include an access and mobility management function (AMF) (150), a session management function (SMF) (160), a user plane function (UPF) (170), a policy and charging function (PCF) (180), a network repository function (NRF) (159), a unified data management (UDM) (153), a network exposure function (NEF) (155), and a unified data repository (UDR) (157).

The terminal (110) is connected to the wireless access network (120) and accesses the AMF (150) that performs the mobility management function of the core network. The AMF (150) is a function or device that is in charge of both the connection of the wireless access network (120) and the mobility management of the terminal (110). The SMF (160) is an NF that manages sessions. The AMF (150) is connected to the SMF (160), and the AMF (150) routes a session-related message for the terminal (110) to the SMF (160). The SMF (160) is connected to the UPF (170) and allocates user plane resources to be provided to the terminal (110), and establishes a tunnel for transmitting data between the base station (125) and the UPF (170). PCF (180) controls information related to policy and charging for the session used by the terminal (110).

NRF (159) stores information about NFs installed in a mobile communication service provider network and performs a function of notifying the stored information. NRF (159) can be connected to all NFs. When each NF starts operating in the service provider network, it registers with NRF (159) to notify NRF (159) that the corresponding NF is operating in the network. UDM (153) is an NF that performs a role similar to HSS (home subscriber server) of a 4G network and stores subscription information of a terminal (110) or a context used by a terminal (110) in the network.

NEF (155) plays a role of connecting a third party server and NF within a 5G mobile communication system. It also plays a role of providing data to UDR (157), updating data, or acquiring data. UDR (157) performs a function of storing subscription information of terminal 120, storing policy information, storing data exposed to the outside, or storing information required for a third party application. In addition, UDR (157) also plays a role of providing stored data to another NF.

FIG. 2A illustrates an example of a functional structure of a terminal according to embodiments of the present disclosure. The configuration illustrated in FIG. 2A can be understood as a configuration of a terminal (110). Terms such as '... unit', '... device', etc. used hereinafter mean a unit that processes at least one function or operation, and this can be implemented by hardware or software, or a combination of hardware and software.

Referring to FIG. 2a, the terminal includes a communication unit (205), a storage unit (210), and a control unit (215).

The communication unit (205) performs functions for transmitting and receiving signals through a wireless channel. For example, the communication unit (205) performs a conversion function between a baseband signal and a bit stream according to the physical layer specifications of the system. For example, when transmitting data, the communication unit (205) encodes and modulates a transmission bit stream to generate complex symbols. In addition, when receiving data, the communication unit (205) restores a reception bit stream by demodulating and decoding a baseband signal. In addition, the communication unit (205) up-converts a baseband signal into an RF band signal and then transmits it through an antenna, and down-converts an RF band signal received through the antenna into a baseband signal. For example, the communication unit (205) may include a transmission filter, a reception filter, an amplifier, a mixer, an oscillator, a DAC, an ADC, etc.

In addition, the communication unit (205) may include a plurality of transmit/receive paths. Furthermore, the communication unit (205) may include at least one antenna array composed of a plurality of antenna elements. In terms of hardware, the communication unit (205) may be composed of digital circuits and analog circuits (e.g., radio frequency integrated circuits (RFIC)). Here, the digital circuits and analog circuits may be implemented in one package. In addition, the communication unit (205) may include a plurality of RF chains. Furthermore, the communication unit (205) may perform beamforming.

The communication unit (205) transmits and receives signals as described above. Accordingly, all or part of the communication unit (205) may be referred to as a 'transmitter', a 'receiver', or a 'transmitter-receiver'. In addition, in the following description, transmission and reception performed through a wireless channel are used to mean that processing as described above is performed by the communication unit (205).

The storage unit (210) stores data such as basic programs, application programs, and setting information for the operation of the terminal. The storage unit (210) may be composed of volatile memory, nonvolatile memory, or a combination of volatile memory and nonvolatile memory. In addition, the storage unit (210) provides stored data according to a request from the control unit (215).

The control unit (215) controls the overall operations of the terminal. For example, the control unit (215) transmits and receives signals through the communication unit (205). In addition, the control unit (215) records and reads data in the storage unit (210). In addition, the control unit (215) can perform functions of the protocol stack required by the communication standard. To this end, the control unit (215) may include at least one processor or microprocessor, or may be a part of a processor. In addition, a part of the communication unit (205) and the control unit (215) may be referred to as a CP (communication processor). According to various embodiments, the control unit (215) may control to perform synchronization using a wireless communication network. For example, the control unit (215) may control the terminal to perform operations according to various embodiments described below.

According to various embodiments of the present disclosure, a terminal may be composed of an ME (mobile equipment) and a USIM (universal mobile telecommunications service (UMTS) subscriber identity module). The ME may include an MT (mobile terminal) and a TE (terminal equipment). The MT may be a part where a wireless access protocol operates, and the TE may be a part where a control function operates. For example, in the case of a wireless communication terminal (e.g., a mobile phone), the MT and the TE may be integrated, and in the case of a laptop, the MT and the TE may be separated. The present disclosure may express the ME and the USIM as distinct entities according to the operation of each component, but is not limited thereto, and may express the ME and the USIM as a terminal (e.g., UE) including the ME, or may describe various embodiments of the present disclosure by expressing the ME as a terminal.

Fig. 2b illustrates an example of a functional structure of a base station according to embodiments of the present disclosure. The configuration illustrated in Fig. 2b can be understood as a configuration of a base station (120). Terms such as '... unit', '... unit', etc. used hereinafter mean a unit that processes at least one function or operation, and this can be implemented by hardware or software, or a combination of hardware and software.

Referring to FIG. 2b, the base station includes a wireless communication unit (235), a backhaul communication unit (220), a storage unit (225), and a control unit (230).

The wireless communication unit (235) performs functions for transmitting and receiving signals through a wireless channel. For example, the wireless communication unit (235) performs a conversion function between a baseband signal and a bit stream according to the physical layer standard of the system. For example, when transmitting data, the wireless communication unit (235) encodes and modulates a transmission bit stream to generate complex symbols. In addition, when receiving data, the wireless communication unit (235) restores a reception bit stream by demodulating and decoding a baseband signal.

In addition, the wireless communication unit (235) up-converts a baseband signal into an RF (radio frequency) band signal and transmits it through an antenna, and down-converts an RF band signal received through the antenna into a baseband signal. To this end, the wireless communication unit (235) may include a transmission filter, a reception filter, an amplifier, a mixer, an oscillator, a digital to analog convertor (DAC), an analog to digital convertor (ADC), etc. In addition, the wireless communication unit (235) may include a plurality of transmission and reception paths. Furthermore, the wireless communication unit (235) may include at least one antenna array composed of a plurality of antenna elements.

In terms of hardware, the wireless communication unit (235) may be composed of a digital unit and an analog unit, and the analog unit may be composed of a plurality of sub-units depending on operating power, operating frequency, etc. The digital unit may be implemented with at least one processor (e.g., a digital signal processor (DSP)).

The wireless communication unit (235) transmits and receives signals as described above. Accordingly, all or part of the wireless communication unit (235) may be referred to as a 'transmitter', a 'receiver' or a 'transceiver'. In addition, in the following description, transmission and reception performed through a wireless channel are used to mean that the processing described above is performed by the wireless communication unit (235).

The backhaul communication unit (220) provides an interface for performing communication with other nodes within the network. That is, the backhaul communication unit (220) converts a bit string transmitted from a base station to another node, such as another access node, another base station, an upper node, a core network, etc., into a physical signal, and converts a physical signal received from another node into a bit string.

The storage unit (225) stores data such as basic programs, application programs, and setting information for the operation of the base station. The storage unit (225) may be composed of volatile memory, nonvolatile memory, or a combination of volatile memory and nonvolatile memory. In addition, the storage unit (225) provides stored data according to a request from the control unit (230).

The control unit (230) controls the overall operations of the base station. For example, the control unit (230) transmits and receives signals through the wireless communication unit (235) or through the backhaul communication unit (220). In addition, the control unit (230) records and reads data in the storage unit (225). In addition, the control unit (230) can perform functions of a protocol stack required by a communication standard. According to another implementation example, the protocol stack can be included in the wireless communication unit (235). For this purpose, the control unit (230) can include at least one processor. According to various embodiments, the control unit (230) can control to perform synchronization using a wireless communication network. For example, the control unit (230) can control the base station to perform operations according to various embodiments described below.

FIG. 2C illustrates an example of a functional structure of a core network object according to embodiments of the present disclosure. It illustrates a configuration of a core network object in a wireless communication system according to various embodiments of the present disclosure. The configuration illustrated in FIG. 2C can be understood as a configuration of a device having at least one function among network entities including AMF (150) of FIG. 1. Terms such as '... unit', '... device' used hereinafter mean a unit that processes at least one function or operation, and this can be implemented by hardware or software, or a combination of hardware and software.

Referring to the above drawing 2c, the core network object is configured to include a communication unit (240), a storage unit (245), and a control unit (250).

The communication unit (240) provides an interface for performing communication with other devices within the network. That is, the communication unit (240) converts a bit string transmitted from a core network object to another device into a physical signal, and converts a physical signal received from another device into a bit string. That is, the communication unit (240) can transmit and receive signals. Accordingly, the communication unit (240) may be referred to as a modem, a transmitter, a receiver, or a transceiver. In this case, the communication unit (240) enables the core network object to communicate with other devices or systems via a backhaul connection (e.g., wired backhaul or wireless backhaul) or via a network.

The storage unit (245) stores data such as basic programs, application programs, and setting information for the operation of the core network object. The storage unit (245) may be composed of volatile memory, nonvolatile memory, or a combination of volatile memory and nonvolatile memory. In addition, the storage unit (245) provides stored data according to a request from the control unit (250).

The control unit (250) controls the overall operations of the core network object. For example, the control unit (250) transmits and receives signals through the communication unit (240). In addition, the control unit (250) records and reads data in the storage unit (245). For this purpose, the control unit (250) may include at least one processor. According to various embodiments of the present disclosure, the control unit (250) may control to perform synchronization using a wireless communication network. For example, the control unit (250) may control the core network object to perform operations according to various embodiments described below.

In the following description, terms used to identify connection nodes, terms referring to network entities, terms referring to messages, terms referring to interfaces between network entities, terms referring to various identification information, etc. are examples for convenience of explanation. Therefore, the present disclosure is not limited to the terms described below, and other terms referring to objects having equivalent technical meanings may be used.

For the convenience of explanation below, this disclosure uses terms and names defined in the 5GS (5G system) and NR (new radio) standards, which are the latest standards defined by the 3GPP organization among the existing communication standards. However, this disclosure is not limited by the above terms and names, and can be equally applied to wireless communication networks according to other standards. In particular, this disclosure can be applied to 3GPP 5th generation mobile communication standards (e.g., 5GS and NR).

FIG. 3 is a diagram illustrating a method for managing a key in dual connectivity according to an embodiment of the present disclosure.

The MN (Master node) illustrated in Fig. 3 may be a Master base station connected to the UE. The MN may have an encryption key (or security key, or may be abbreviated as key) K _MN for secure communication with the UE.

The SN (Secondary Node) illustrated in Fig. 3 may be a secondary base station to be connected to the UE for dual connectivity. The SN may obtain a key K _SN for secure communication with the UE through a procedure to be described below.

Below is a description of the individual steps to be performed. Although the steps are presented as if they were performed sequentially, the order of the steps may be changed if the operation is still possible in a different order.

In step 1, the MN may perform one or more of the following processes:

- MN can choose SN counter value. As an example, MN can choose SN counter value by generating SN counter value. SN counter can be a constant value associated with key to be passed to SN as described later. SN counter can be different value for each SN to be connected. SN counter can be different value for each new connection established even if connected SN is same.

- MN can generate K _SN to be transmitted to SN. K _SN can be generated using K _MN and the selected SN counter value. As an example, K _SN can be a key value generated as an output by using K _MN and the selected SN counter value as inputs to KDF (Key Derivation Function).

In step 2, the MN may perform one or more of the following processes:

- MN can send K _SN generated in step 1 to SN.

- The MN can send the SN information related to the security of the UE. For example, the MN can send the SN the types of security algorithms that the UE can use. For example, the MN can send the SN a policy related to the security method that the UE will use.

In step 3, SN may perform one or more of the following processes:

- SN can select the security algorithm to be used in secure communication with UE.

- SN can derive keys to be used with UE from the received K _SN . In the above derivation process, a key corresponding to the selected security algorithm can be derived.

- SN can select the security method to use with the UE based on the security policy received in step 2.

In step 4, SN may perform one or more of the following processes:

- SN can transmit the security algorithm of its choice to MN.

- SN can transmit the security method it is using.

In step 5, the MN may perform one or more of the following processes:

- MN can transmit the SN Counter value selected in step 1 to the UE.

- MN can transmit information received from SN in step 4 to UE.

In step 6, the UE may perform one or more of the following processes:

- The UE can generate K _SN using the K _MN it has and the SN Counter value received in step 5.

In step 7, the UE can notify the MN that the task is completed.

At step 8, the MN can notify the SN that the task is completed.

FIG. 4 is a diagram illustrating a procedure for changing a secondary node in dual connectivity based on the method disclosed in FIG. 3.

The MN (Master node) illustrated in Fig. 4 may be a Master base station connected to the UE. The MN may have a key K _MN for secure communication with the UE.

The S-SN (Source-Secondary Node) illustrated in Fig. 4 may be a secondary base station connected to the UE for dual connectivity. The S-SN may have a key K _SN for secure communication with the UE.

A plurality of T-SNs (Target-Secondary Nodes) illustrated in Fig. 4 may be candidate secondary base stations to be connected to the UE instead of the S-SN for dual connectivity. The T-SN may obtain a key K _SN for secure communication with the UE through a procedure to be described below.

The procedure of Fig. 4 is disclosed based on the procedure of Fig. 3. In other words, most of the procedures of Fig. 4 correspond to the procedures disclosed in Fig. 3. Therefore, for readability, contents already illustrated in Fig. 3 may not be described in the disclosure of Fig. 4.

Below is a description of the individual steps to be performed. Although the steps are presented as if they were performed sequentially, the order of the steps may be changed if the operation is still possible in a different order.

In step 1, the MN may perform one or more of the following processes:

- MN can choose SN counter values. SN counter may have different values for each SN to be connected. SN counter may have different values for each new connection established even if the connected SN is the same.

- MN can generate K _SNs to be transmitted to T-SNs. Each K _SN can be generated using the value of K _MN and one of the selected SN counters.

In step 2, the MN may perform one or more of the following processes:

- MN can perform the procedure corresponding to step 2 of Figure 3 for each T-SN.

In step 3, T-SNs may perform one or more of the following processes:

- Each T-SN can perform the procedure corresponding to step 4 of Figure 3 for the MN.

In step 4, the MN may perform one or more of the following processes:

- The MN can provide the UE with a list of selected T-SNs.

- The MN may provide the UE with conditional information about when each T-SN can be selected. The information may be included as part of the Conditional PSCell Change (CPC) configuration.

- The MN can provide the UE with the SN Counter values corresponding to the K _SNs assigned to each T-SN. Later, the UE can use this information to determine which T-SN holds the K _SN generated using which SN Counter value.

In step 5, the UE can notify the MN that the task is completed.

In step 5a, the MN can inform the S-SN about the progress of the task. As an example, the MN can inform the S-SN that the UE has received the CPC configuration.

In step 6, the UE may perform one or more of the following processes:

- The UE can select a T-SN to replace the S-SN based on the information received in step 4. As an example, the UE can select a T-SN that can be replaced from the received T-SN list based on the received condition information (e.g., CPC configuration).

- The UE can generate a key K _SN to be used for secure communication with the selected T-SN using the K _MN it has and the SN Counter value received in step 4.

In step 7, the UE may notify the MN that the task is complete. At this time, one or more of the following information may be transmitted to the MN:

- The UE can transmit information to the MN that can designate the T-SN to which it will be associated.

In step 8, the MN can request the S-SN to disconnect.

In step 9, the S-SN can notify the MN that the disconnection is complete.

In step 10, the MN can notify the T-SN to which the UE is connected that the task is complete.

FIG. 5 is a diagram illustrating another method for managing keys in dual connectivity according to one embodiment of the present disclosure.

The MN (Master node) illustrated in Fig. 5 may be a Master base station connected to the UE. The MN may have an encryption key (or security key, or may be abbreviated as key) K _MN for secure communication with the UE.

The SN (Secondary Node) illustrated in Fig. 5 may be a secondary base station to be connected to the UE for dual connectivity. The SN may obtain a key K _SN for secure communication with the UE through a procedure to be described below.

Below, we provide a description of the individual steps to be performed. Although the steps are presented as if they were performed sequentially, the order of the steps may be changed if the operation is still possible in a different order.

In step 1, the MN may perform one or more of the following processes:

- The MN can send the SN information related to the security of the UE. For example, the MN can send the SN the types of security algorithms that the UE can use. For example, the MN can send the SN a policy related to the security method that the UE will use.

In step 2, SN may perform one or more of the following processes:

- SN can select the security algorithm to be used in secure communication with UE.

- SN can select the security method to use with the UE based on the security policy received in step 2.

In step 3, SN may perform one or more of the following processes:

- SN can transmit the security algorithm of its choice to MN.

- SN can transmit the security method it is using.

In step 4, the MN may perform one or more of the following processes:

- MN can transmit information received from SN in step 4 to UE.

In step 5, the UE may perform one or more of the following processes:

- The UE can select an SN counter value. As an example, the MN can select an SN counter value by generating an SN counter value. The SN counter can be a constant value associated with a key to be delivered to the SN described later. The SN counter can be a different value for each SN to be connected. The SN counter can be a different value each time a new connection is established, even if the connected SN is the same.

- The UE can generate K _SN using the K _MN it has and the selected SN Counter value. As an example, K _SN can be a key value generated as an output by using K _MN and the selected SN counter value as inputs of a KDF (Key Derivation Function).

In step 6, the UE may notify the MN that the task is completed. At this time, the UE may additionally perform one or more of the following steps:

- The UE can transmit the SN Counter value selected in step 5 to the MN.

In step 7, the MN may perform one or more of the following processes:

- MN can generate K _SN to be transmitted to SN. K _SN can be generated using K _MN and the SN counter value received in step 6.

At step 8, the MN can notify the SN that the task is completed. At this time, the MN can additionally perform one or more of the following steps:

- MN can send K _SN generated in step 7 to SN.

FIG. 6 is a diagram illustrating a procedure for changing a secondary node in dual connectivity based on the method disclosed in FIG. 5.

The MN (Master node) illustrated in Fig. 6 may be a Master base station connected to the UE. The MN may have a key K _MN for secure communication with the UE.

The S-SN (Source-Secondary Node) illustrated in Fig. 6 may be a secondary base station connected to the UE for dual connectivity. The S-SN may have a key K _SN for secure communication with the UE.

The T-SN (Target-Secondary Node) illustrated in Fig. 6 may be a candidate secondary base station to be connected to the UE instead of the S-SN for dual connectivity. The T-SN may obtain a key K _SN for secure communication with the UE through a procedure to be described below.

The procedure of Fig. 6 is disclosed based on the procedure of Fig. 5. In other words, most of the procedures of Fig. 6 correspond to the procedures disclosed in Fig. 5. Therefore, for readability, contents already illustrated in Fig. 5 may not be described in the disclosure of Fig. 6.

Below is a description of the individual steps to be performed. Although the steps are presented as if they were performed sequentially, the order of the steps may be changed if the operation is still possible in a different order.

In step 1, the MN may perform one or more of the following processes:

- MN can perform the procedure corresponding to step 1 of Fig. 5 for each T-SN.

In step 2, T-SNs may perform one or more of the following processes:

- Each T-SN can perform the procedure corresponding to step 3 of Figure 5 for the MN.

In step 3, the MN may perform one or more of the following processes:

- The MN can provide the UE with a list of selected T-SNs.

- The MN may provide the UE with conditional information about when each T-SN can be selected. The information may be included as part of the Conditional PSCell Change (CPC) configuration.

In step 4, the UE can notify the MN that the task is completed.

In step 4a, the MN can inform the S-SN about the progress of the task. As an example, the MN can inform the S-SN that the UE has received the CPC configuration.

In step 5, the UE may perform one or more of the following processes:

- The UE can select a T-SN to replace the S-SN based on the information received in step 3. As an example, the UE can select a T-SN that can be replaced from the received T-SN list based on the received condition information (e.g., CPC configuration).

- The UE can select the SN Counter value to be used for key generation for secure communication with the selected T-SN.

- The UE can generate a key K _SN to be used for secure communication with the selected T-SN using the K _MN it possesses and the selected SN Counter value.

In step 6, the UE may notify the MN that the task is completed. At this time, the UE may additionally perform one or more of the following steps:

- The UE can transmit information to the MN that can designate the T-SN to which it will be associated.

- The UE can transmit the SN counter value selected in step 5 to the MN.

In step 7, the MN may perform one or more of the following processes:

- MN can generate K _SN to be transmitted to T-SN to be connected to UE. The K _SN can be generated using K _MN and SN counter value received in step 6.

In step 8, the MN can request the S-SN to disconnect.

In step 9, the S-SN can notify the MN that the disconnection is complete.

In step 10, the MN may notify the T-SN to which the UE is connected that the task is completed. At this time, the MN may additionally perform one or more of the following steps:

- MN can send the K _SN generated in step 7 to T-SN.

FIG. 7 is a diagram illustrating a procedure for continuously changing a secondary node in dual connectivity by linking the two methods disclosed in FIG. 3 and FIG. 5.

The MN (Master node) illustrated in Fig. 7 may be a Master base station connected to the UE. The MN may have a key K _MN for secure communication with the UE.

The S-SN (Source-Secondary Node) illustrated in Fig. 7 may be a secondary base station connected to the UE for dual connectivity. The S-SN may have a key K _SN for secure communication with the UE.

The T-SN (Target-Secondary Node) illustrated in Fig. 7 may be a candidate secondary base station to be connected to the UE instead of the S-SN for dual connectivity. The T-SN may obtain a key K _SN for secure communication with the UE through a procedure to be described later. At this time, T-SN (OLD) may mean an SN operating in the manner described in Fig. 3. At this time, T-SN (NEW) may mean an SN operating in the manner described in Fig. 5. T-SN (OLD) may mean an SN that does not support the Selective SCG function to be described later, and T-SN (NEW) may mean an SN that supports the Selective SCG function to be described later.

Let us define the term Selective SCG. Through FIG. 4 and FIG. 6, the process of UE receiving CPC configuration information from MN and then using it to replace SN is initiated. Selective SCG refers to a technology that continuously replaces SN by using CPC configuration information received by UE. In other words, it refers to a technology that, after UE receives CPC configuration from MN, replaces SN by using it, and if it wants to replace to a new SN later, it does not receive CPC configuration from MN again and repeats the process of using already provided CPC configuration to replace to a new SN. When Selective SCG technology is used, one SN can be selected multiple times by UE.

The procedure of Fig. 7 is disclosed based on the procedures of Figs. 3 and 5. In other words, most of the procedures of Fig. 7 correspond to the procedures disclosed in Figs. 3 and 5. Therefore, for readability, contents already illustrated in Figs. 3 and 5 may not be described in the disclosure of Fig. 7.

Below, we provide a description of the individual steps to be performed. Although the steps are presented as if they were performed sequentially, the order of the steps may be changed if the operation is still possible in a different order.

In step 1, the MN may perform one or more of the following processes:

- MN can choose SN counter values. SN counter may have different values for each SN to be connected. SN counter may have different values for each new connection established even if the connected SN is the same.

- MN can generate K _SNs to be transmitted to T-SNs. Each K _SN can be generated using the value of K _MN and one of the selected SN counters.

In step 2, the MN may perform one or more of the following processes:

- MN can perform the procedure corresponding to step 2 of Fig. 3 for each T-SN.

- The MN can send an indicator to each T-SN asking how it operates. That is, the MN can send an indicator asking whether the corresponding T-SN operates in the manner described in Fig. 3 or in the manner described in Fig. 5. This action can be interpreted as having the same meaning as sending an indicator asking whether the corresponding T-SN supports the selective SCG function. If the MN knows in advance how the counterpart T-SN operates (or what functions it supports), the transmission of the indicator can be omitted. This indicator can also be understood as a request message for information about the operating manner of the T-SN or information about whether it supports the selective SCG function.

In step 3, T-SNs may perform one or more of the following processes:

- Each T-SN can perform the procedure corresponding to step 4 of Fig. 3 or step 3 of Fig. 5 for the MN.

- If the T-SN is an SN operating in the manner described in FIG. 5, the T-SN may transmit an indicator indicating that it is an SN operating in the manner described in FIG. 5. Alternatively, if the T-SN is an SN operating in the manner described in FIG. 5 and has received an indicator asking for the operating mode from the MN in step 2, the T-SN may transmit an indicator indicating that it is an SN operating in the manner described in FIG. 5. Such indicators may mean information about the operating mode of each T-SN or information about whether selective SCG function is supported.

In step 4, the MN may perform one or more of the following processes:

- The MN can provide the UE with a list of selected T-SNs.

- The MN may provide the UE with conditional information about when each T-SN can be selected. The information may be included as part of the Conditional PSCell Change (CPC) configuration.

- The MN can provide the UE with the SN Counter values corresponding to the K _SNs assigned to each T-SN. Later, the UE can use this information to determine which T-SN holds the K _SN generated using which SN Counter value.

- The MN can inform the UE of the functionality supported by each T-SN. As an example, the ME can transmit to the UE information about whether each T-SN is an SN operating in the manner described in Fig. 3 or an SN operating in the manner described in Fig. 5. This can be interpreted as meaning the same as informing whether the corresponding T-SN is an SN supporting the selective SCG functionality or not. The information can be included as part of the CPC (Conditional PSCell Change) configuration.

- The MN may provide the UE with policy information on whether the SN operating in the manner described in Fig. 3 can be reused. The SN operating in the manner described in Fig. 3 does not support selective SCG by default, and therefore the SN cannot be selected sequentially without additional work. In other words, additional work is required for the SN operating in the manner described in Fig. 3 to be reused. The policy information may include whether this additional work is allowed. The policy information may be included as a part of the CPC (Conditional PSCell Change) configuration.

In step 5, the UE can notify the MN that the task is completed.

In step 5a, the MN can inform the S-SN about the progress of the task. As an example, the MN can inform the S-SN that the UE has received the CPC configuration.

The process of performing selective SCG will be explained below.

CASE1. The selected T-SN is based on Fig. 5.

- When the T-SN is initially selected or re-selected, steps 5 to 10 disclosed in FIG. 6 may be performed.

- When the corresponding T-SN is initially selected, steps 6 to 10 disclosed in Fig. 4 can be performed.

CASE2. Selected T-SN is based on Fig. 3 & Non-reusable Policy

- The T-SN can be selected only once, and at this time, steps 6 to 10 disclosed in Fig. 4 can be performed.

CASE3. Selected T-SN is based on Fig. 3 & Reusable Policy

- When the corresponding T-SN is initially selected, steps 6 to 10 disclosed in Fig. 4 can be performed.

- If the corresponding T-SN is re-selected, the following process may be performed. The UE may request the MN to connect to the corresponding T-SN. At this time, the UE may transmit a series of information necessary for the MN to recognize that 'the corresponding T-SN operates based on Fig. 3 and has been re-selected'. For example, the UE may additionally transmit information to the MN about 'the fact that the corresponding T-SN operates based on Fig. 3' and/or 'the fact that the corresponding T-SN has been re-selected'. If the MN already knows the above information, the transmission of such information may be omitted. In addition, one of the following processes may be additionally performed.

■ Steps 1 to 8 of Fig. 3 can be performed. Additionally, a procedure for releasing S-SN (steps 8 to 9 of Fig. 4) can be performed.

■ Steps 5 to 7 of FIG. 5 may be performed. Thereafter, steps 2 to 4 of FIG. 3 may be performed. Thereafter, step 8 of FIG. 3 may be performed. In addition, a procedure for releasing S-SN (steps 8 to 9 of FIG. 4) may be performed.

FIG. 8 is a diagram illustrating another procedure for continuously changing a secondary node in dual connectivity by linking the two methods disclosed in FIGS. 3 and 5.

The MN (Master node) illustrated in Fig. 8 may be a Master base station connected to the UE. The MN may have a key K _MN for secure communication with the UE.

The S-SN (Source-Secondary Node) illustrated in Fig. 8 may be a secondary base station connected to the UE for dual connectivity. The S-SN may have a key K _SN for secure communication with the UE.

The T-SN (Target-Secondary Node) illustrated in Fig. 8 may be a candidate secondary base station to be connected to the UE instead of the S-SN for dual connectivity. The T-SN may obtain a key K _SN for secure communication with the UE through a procedure to be described later. At this time, T-SN (OLD) may mean an SN operating in the manner described in Fig. 3. At this time, T-SN (NEW) may mean an SN operating in the manner described in Fig. 5. T-SN (OLD) may mean an SN that does not support the Selective SCG function to be described later, and T-SN (NEW) may mean an SN that supports the Selective SCG function to be described later.

The procedure of Fig. 8 is disclosed based on the procedures of Figs. 3 and 5. In other words, most of the procedures of Fig. 8 correspond to the procedures disclosed in Figs. 3 and 5. Therefore, for readability, contents already illustrated in Figs. 3 and 5 may not be described in the disclosure of Fig. 8.

Below is a description of the individual steps to be performed. Although the steps are presented as if they were performed sequentially, the order of the steps may be changed if the operation is still possible in a different order.

In step 1, the MN may perform one or more of the following processes:

- MN can select SN counter values for T-SN(OLD). SN counter may have different values for each SN. Also, even for the same SN, if a new connection is established, SN Counter may have to have a new value.

- MN can generate K _SNs to be delivered to T-SN (OLD). Each K _SN can be generated using the value of K _MN and one of the selected SN counters.

In step 2, the MN may perform one or more of the following processes:

- MN can perform the procedure corresponding to step 2 of Fig. 3 for each T-SN (OLD).

- MN can perform the procedure corresponding to step 1 of Fig. 5 for each T-SN (NEW).

In step 3, T-SNs may perform one or more of the following processes:

- Each T-SN can perform the procedure corresponding to step 4 of Fig. 3 or step 3 of Fig. 5 for the MN.

In step 4, the MN may perform one or more of the following processes:

- The MN can provide the UE with a list of selected T-SNs.

- The MN may provide the UE with conditional information about when each T-SN can be selected. The information may be included as part of the Conditional PSCell Change (CPC) configuration.

- MN can provide UE with SN Counter values corresponding to K _SNs assigned to each T-SN (OLD). Later, UE can determine which T-SN (OLD) has K _SN generated using which SN Counter value through this information.

- The MN can transmit to the UE information about the functionality supported by each T-SN. As an example, the ME can transmit to the UE information about whether each T-SN is an SN operating in the manner described in Fig. 3 or an SN operating in the manner described in Fig. 5. This can be interpreted as meaning the same as indicating whether the corresponding T-SN is an SN supporting the selective SCG functionality or not. The information can be included as a part of the CPC (Conditional PSCell Change) configuration.

- The MN may send policy information to the UE, including whether it can reuse the SN operating in the manner described in Fig. 3. For a more detailed description, see the disclosure of Fig. 7. The information may be included as part of the Conditional PSCell Change (CPC) configuration.

In step 5, the UE can notify the MN that the task is completed.

In step 5a, the MN can inform the S-SN about the progress of the task. As an example, the MN can inform the S-SN that the UE has received the CPC configuration.

The process of performing selective SCG will be explained below.

CASE1. The selected T-SN is based on Fig. 5.

- Steps 5 to 10 disclosed in Fig. 6 can be performed.

CASE2. Selected T-SN is based on Fig. 3 & Non-reusable Policy

- The T-SN can be selected only once, and at this time, steps 6 to 10 disclosed in Fig. 4 can be performed.

CASE3. Selected T-SN is based on Fig. 3 & Reusable Policy

- When the corresponding T-SN is initially selected, steps 6 to 10 disclosed in Fig. 4 can be performed.

- If the corresponding T-SN is re-selected, the following process may be performed. The UE may request the MN to connect to the corresponding T-SN. At this time, the UE may transmit a series of information necessary for the MN to recognize that 'the corresponding T-SN operates based on Fig. 3 and has been re-selected'. For example, the UE may additionally transmit information to the MN about 'the fact that the corresponding T-SN operates based on Fig. 3' and/or 'the fact that the corresponding T-SN has been re-selected'. If the MN already knows the above information, the transmission of such information may be omitted. In addition, one of the following processes may be additionally performed.

■ Steps 1 to 8 of Fig. 3 can be performed. Additionally, a procedure for releasing S-SN (steps 8 to 9 of Fig. 4) can be performed.

■ Steps 5 to 7 of FIG. 5 may be performed. Thereafter, steps 2 to 4 of FIG. 3 may be performed. Thereafter, step 8 of FIG. 3 may be performed. In addition, a procedure for releasing S-SN (steps 8 to 9 of FIG. 4) may be performed.

FIG. 9 is a diagram illustrating another method for managing keys in dual connectivity according to one embodiment of the present disclosure.

The MN (Master node) illustrated in Fig. 9 may be a Master base station connected to the UE. The MN may have an encryption key (or security key, or may be abbreviated as key) K _MN for secure communication with the UE.

The SN (Secondary Node) illustrated in Fig. 9 may be a secondary base station to be connected to the UE for dual connectivity. The SN may obtain a key K _SN for secure communication with the UE through a procedure to be described below.

Below is a description of the individual steps to be performed. Although the steps are presented as if they were performed sequentially, the order of the steps may be changed if the operation is still possible in a different order.

In step 1, the MN may perform one or more of the following processes:

- MN can select SN counter values. As an example, MN can select SN counter values by generating SN counter values. SN counter can be a constant value associated with a key to be passed to SN, which will be described later.

- MN can generate K _SNs to be transmitted to SN. Each K _SN can be generated using K _MN and one of the selected SN counter values. As an example, each K _SN can be a key value generated as an output by using K _MN and one of the selected SN counter values as inputs to a KDF (Key Derivation Function).

In step 2, the MN may perform one or more of the following processes:

- MN can send K _SNs generated in step 1 to SN.

- The MN can send the SN information related to the security of the UE. For example, the MN can send the SN the types of security algorithms that the UE can use. For example, the MN can send the SN a policy related to the security method that the UE will use.

In step 3, SN may perform one or more of the following processes:

- SN can select the security algorithm to be used in secure communication with UE.

- SN can derive keys to be used with UE from the received K _SNs . In the above derivation process, a key corresponding to the selected security algorithm can be derived.

- SN can select the security method to use with the UE based on the security policy received in step 2.

In step 4, SN may perform one or more of the following processes:

- SN can transmit the security algorithm of its choice to MN.

- SN can transmit the security method it is using.

In step 5, the MN may perform one or more of the following processes:

- MN can transmit the SN Counter values selected in step 1 to the UE.

- MN can transmit information received from SN in step 4 to UE.

In step 6, the UE may perform one or more of the following processes:

- The UE can select one of the received SN counter values.

- You can generate K _SN using the K _MN you have and the SN Counter value selected above.

In step 7, the UE may notify the MN that the task is complete. At this time, one or more of the following processes may be performed:

- The UE can transmit to the MN information indicating the SN counter value selected by it in step 6 (in the drawing, this information is indicated as KI). The information may be the SN counter value selected by the UE in step 6. The information may be third information that allows the UE to specify the SN counter value selected by it in step 6. If the MN can determine which SN counter value was selected by the UE without transmitting the information, the transmission of the information may be omitted.

At step 8, the MN can notify the SN that the task is completed. At this time, one or more of the following processes can be performed.

- The MN may transmit to the SN information indicating the K _MN corresponding to the SN counter value selected by the UE in step 6. If it is possible to determine which SN counter value has been selected without transmitting the above information, the transmission of the above information may be omitted.

FIG. 10 is a diagram illustrating a procedure for changing a secondary node in dual connectivity based on the method disclosed in FIG. 9.

The MN (Master node) illustrated in Fig. 10 may be a Master base station connected to the UE. The MN may have a key K _MN for secure communication with the UE.

The S-SN (Source-Secondary Node) illustrated in Fig. 10 may be a secondary base station connected to the UE for dual connectivity. The S-SN may have a key K _SN for secure communication with the UE.

The T-SN (Target-Secondary Node) illustrated in Fig. 10 may be a candidate secondary base station to be connected to the UE instead of the S-SN for dual connectivity. The T-SN may obtain a key K _SN for secure communication with the UE through a procedure to be described below.

The procedure of Fig. 10 is disclosed based on the procedure of Fig. 9. In other words, most of the procedures of Fig. 10 correspond to the procedures disclosed in Fig. 9. Therefore, for readability, contents already illustrated in Fig. 9 may not be described in the disclosure of Fig. 10.

Below is a description of the individual steps to be performed. Although the steps are presented as if they were performed sequentially, the order of the steps may be changed if the operation is still possible in a different order.

In step 1, the MN may perform one or more of the following processes:

- MN can select SN counter values. Multiple SN counter values can be allocated per each T-SN.

- MN can generate K _SNs to be delivered to each T-SN. Each K _SN can be generated using the value of K _MN and one of the selected SN counters.

In step 2, the MN may perform one or more of the following processes:

- MN can perform the procedure corresponding to step 2 of Fig. 9 for each T-SN.

In step 3, T-SNs may perform one or more of the following processes:

- Each T-SN can perform the procedure corresponding to step 4 of Fig. 9 for the MN.

In step 4, the MN may perform one or more of the following processes:

- The MN can provide the UE with a list of selected T-SNs.

- The MN may provide the UE with conditional information about when each T-SN can be selected. The information may be included as part of the Conditional PSCell Change (CPC) configuration.

- The MN can provide the UE with the SN Counter values corresponding to the K _SNs assigned to each T-SN. Later, the UE can determine which T-SN has the K _SNs generated using which SN Counter values through this information.

In step 5, the UE can notify the MN that the task is completed.

In step 5a, the MN can inform the S-SN about the progress of the task. As an example, the MN can inform the S-SN that the UE has received the CPC configuration.

In step 6, the UE may perform one or more of the following processes:

- The UE can select a T-SN to replace the S-SN based on the information received in step 4. As an example, the UE can select a T-SN that can be replaced from the received T-SN list based on the received condition information (e.g., CPC configuration).

- The UE can generate a key K _SN to be used for secure communication with the selected T-SN by using the K _MN it possesses and one of the SN Counter values associated with the selected T-SN received in step 4.

In step 7, the UE may notify the MN that the task is complete. At this time, one or more of the following processes may be performed.

- The UE can transmit information to the MN that can designate the T-SN to which it will be associated.

- The UE can transmit to the MN information indicating the SN counter value selected by it in step 6 (in the drawing, this information is indicated as KI). The information may be the SN counter value selected by the UE in step 6. The information may be third information that allows the UE to specify the SN counter value selected by it in step 6. If it is possible to determine which SN counter value has been selected without transmitting the information, the transmission of the information may be omitted.

In step 8, the MN can request the S-SN to disconnect.

In step 9, the S-SN can notify the MN that the disconnection is complete.

In step 10, the MN may notify the T-SN to which the UE is connected that the task is completed. At this time, one or more of the following processes may be performed.

- The MN may transmit to the T-SN information indicating the K _MN corresponding to the SN counter value selected by the UE in step 6. If it is possible to determine which SN counter value has been selected without transmitting the above information, the transmission of the above information may be omitted.

FIG. 11 is a diagram illustrating a procedure for continuously changing a secondary node in dual connectivity by linking the two methods disclosed in FIG. 3 and FIG. 9.

The MN (Master node) illustrated in Fig. 11 may be a Master base station connected to the UE. The MN may have a key K _MN for secure communication with the UE.

The S-SN (Source-Secondary Node) illustrated in Fig. 11 may be a secondary base station connected to the UE for dual connectivity. The S-SN may have a key K _SN for secure communication with the UE.

The T-SN (Target-Secondary Node) illustrated in Fig. 11 may be a candidate secondary base station to be connected to the UE instead of the S-SN for dual connectivity. The T-SN may obtain a key K _SN for secure communication with the UE through a procedure to be described later. At this time, T-SN (OLD) may mean an SN operating in the manner described in Fig. 3. At this time, T-SN (NEW) may mean an SN operating in the manner described in Fig. 9. T-SN (OLD) may mean an SN that does not support the Selective SCG function to be described later, and T-SN (NEW) may mean an SN that supports the Selective SCG function to be described later.

The procedure of Fig. 11 is disclosed based on the procedures of Fig. 3 and Fig. 9. In other words, most of the procedures of Fig. 11 correspond to the procedures disclosed in Fig. 3 and Fig. 9. Therefore, for readability, contents already illustrated in Fig. 3 and Fig. 9 may not be described in the disclosure of Fig. 11.

Below is a description of the individual steps to be performed. Although the steps are presented as if they were performed sequentially, the order of the steps may be changed if the operation is still possible in a different order.

In step 1, the MN may perform one or more of the following processes:

- MN can select SN counter values. Multiple SN counter values can be allocated for each T-T-SN.

- MN can generate K _SNs to be delivered to each T-SN. Each K _SN can be generated using the value of K _MN and one of the selected SN counters.

In step 2, the MN may perform one or more of the following processes:

- MN can perform the procedure corresponding to step 2 of Fig. 9 for each T-SN.

- The MN can send an indicator to each T-SN asking how it operates. In other words, it can send an indicator asking whether the corresponding T-SN operates in the manner described in Fig. 3 or in the manner described in Fig. 9. This can be interpreted as having the same meaning as sending an indicator asking whether the corresponding T-SN supports the selective SCG function. Such indicators can mean information about the operating manner of each T-SN or information itself about whether the selective SCG function is supported.

In step 3, T-SNs may perform one or more of the following processes:

- Each T-SN can perform the procedure corresponding to step 4 of Fig. 3 or step 4 of Fig. 9 for the MN.

- If the T-SN is an SN that operates in the manner described in Fig. 3, the T-SN can store only one of the K _SN values received in step 2 (e.g., the earliest one among the received K _SN values).

- If the T-SN is an SN that operates in the manner described in Fig. 9, the T-SN can store all of the K _SN values received in step 2. In addition, if the T-SN is an SN that operates in the manner described in Fig. 9, it can transmit an indicator indicating that it is an SN that operates in the manner described in Fig. 9.

In step 4, the MN may perform one or more of the following processes:

- The MN can provide the UE with a list of selected T-SNs.

- The MN may provide the UE with conditional information about when each T-SN can be selected. The information may be included as part of the Conditional PSCell Change (CPC) configuration.

- The MN can provide the UE with the SN Counter value(s) corresponding to the K _SN (s) assigned to each T-SN. Later, the UE can determine which T-SN holds the K _SN (s) generated using which SN Counter value(s) through this information.

- The MN can inform the UE of the functionality supported by each T-SN. As an example, the ME can inform the UE of whether each T-SN is an SN operating in the manner described in Fig. 3 or an SN operating in the manner described in Fig. 9. This can be interpreted as meaning the same as informing whether the corresponding T-SN is an SN supporting the selective SCG functionality or not. The above information can be included as part of the CPC (Conditional PSCell Change) configuration.

- The MN may provide the UE with policy information on whether it can reuse the SN operating in the manner described in Figure 3. For further details, see Figure 7. The information may be included as part of the Conditional PSCell Change (CPC) configuration.

In step 5, the UE can notify the MN that the task is completed.

In step 5a, the MN can inform the S-SN about the progress of the task. As an example, the MN can inform the S-SN that the UE has received the CPC configuration.

The process of performing selective SCG will be explained below.

CASE1. The selected T-SN is based on Fig. 9.

- Steps 6 to 10 disclosed in Fig. 10 can be performed.

- When a T-SN is selected multiple times, the UE may select the SN Counter values associated with the corresponding T-SN it currently possesses in a specific order. As an example, the UE may select the smallest value among the SN Counter values associated with the corresponding T-SN it currently possesses. The SN Counter values used in this way may be discarded after use.

- When a T-SN is selected multiple times, the T-SN may select the K _SNs it has in a specific order. As an example, the T-SN may select the K _SN associated with the lowest SN counter that the current UE keeps in relation to itself. The K _SN value used in this way may be discarded when the connection with the UE is released.

CASE2. Selected T-SN is based on Fig. 3 & Non-reusable Policy

- The T-SN can be selected only once, and at this time, steps 6 to 10 disclosed in Fig. 4 can be performed.

CASE3. Selected T-SN is based on Fig. 3 & Reusable Policy

- When the corresponding T-SN is initially selected, steps 6 to 10 disclosed in Fig. 4 can be performed.

- If the corresponding T-SN is re-selected, the following process may be performed. The UE may request the MN to connect to the corresponding T-SN. At this time, the UE may transmit a series of information necessary for the MN to recognize that 'the corresponding T-SN operates based on Fig. 3 and has been re-selected'. For example, the UE may additionally transmit information to the MN about 'the fact that the corresponding T-SN operates based on Fig. 3' and/or 'the fact that the corresponding T-SN has been re-selected'. If the MN already knows the above information, the transmission of such information may be omitted. In addition, one of the following processes may be additionally performed.

■ Steps 1 to 8 of Fig. 3 can be performed.

■ The procedure for releasing S-SN (steps 8 to 9 of Fig. 4) can be performed.

FIG. 12 is a diagram illustrating another procedure for continuously changing a secondary node in dual connectivity by linking the two methods disclosed in FIG. 3 and FIG. 9.

The MN (Master node) illustrated in Fig. 12 may be a Master base station connected to the UE. The MN may have a key K _MN for secure communication with the UE.

The S-SN (Source-Secondary Node) illustrated in Fig. 12 may be a secondary base station connected to the UE for dual connectivity. The S-SN may have a key K _SN for secure communication with the UE.

The T-SN (Target-Secondary Node) illustrated in Fig. 12 may be a candidate secondary base station to be connected to the UE instead of the S-SN for dual connectivity. The T-SN may obtain a key K _SN for secure communication with the UE through a procedure to be described later. At this time, T-SN (OLD) may mean an SN operating in the manner described in Fig. 3. At this time, T-SN (NEW) may mean an SN operating in the manner described in Fig. 9. T-SN (OLD) may mean an SN that does not support the Selective SCG function to be described later, and T-SN (NEW) may mean an SN that supports the Selective SCG function to be described later.

The procedure of Fig. 12 is disclosed based on the procedures of Fig. 3 and Fig. 9. In other words, most of the procedures of Fig. 12 correspond to the procedures disclosed in Fig. 3 and Fig. 9. Therefore, for readability, contents already illustrated in Fig. 3 and Fig. 9 may not be described in the disclosure of Fig. 12.

Below is a description of the individual steps to be performed. Although the steps are presented as if they were performed sequentially, the order of the steps may be changed if the operation is still possible in a different order.

In step 1, the MN may perform one or more of the following processes:

- MN can select SN counter values for T-SN(OLD). There can be only one SN counter value prepared for the T-SN(OLD).

- MN can select SN counter values for T-SN(NEW). There can be multiple SN counter values prepared for the T-SN(NEW).

- MN can generate K _SN to be delivered to each T-SN (OLD). The K _SN can be generated using K _MN and the SN counter value assigned to the corresponding T-SN (OLD).

- MN can generate K _SNs to be delivered to each T-SN(NEW). The K _SNs can be generated using K _MN and one of the SN counter values assigned to the corresponding T-SN(NEW).

In step 2, the MN may perform one or more of the following processes:

- MN can perform the procedure corresponding to step 2 of Fig. 3 for each T-SN (OLD).

- MN can perform the procedure corresponding to step 2 of Fig. 9 for each T-SN (NEW).

In step 3, T-SNs may perform one or more of the following processes:

- Each T-SN can perform the procedure corresponding to step 4 of Fig. 3 or step 4 of Fig. 9 for the MN.

In step 4, the MN may perform one or more of the following processes:

- The MN can provide the UE with a list of selected T-SNs.

- The MN may provide the UE with conditional information about when each T-SN can be selected. The information may be included as part of the Conditional PSCell Change (CPC) configuration.

- The MN can provide the UE with the SN Counter value(s) corresponding to the K _SN (s) assigned to each T-SN. Later, the UE can determine which T-SN holds the K _SN (s) generated using which SN Counter value(s) through this information.

- The MN can inform the UE of the functionality supported by each T-SN. As an example, the ME can inform the UE of whether each T-SN is an SN operating in the manner described in Fig. 3 or an SN operating in the manner described in Fig. 9. This can be interpreted as meaning the same as informing whether the corresponding T-SN is an SN supporting the selective SCG functionality or not. The above information may be included as part of the Conditional PSCell Change (CPC) configuration.

- The MN can provide the UE with policy information on whether it can reuse the SN operating in the manner described in Fig. 3. For a more detailed description, see Fig. 7.

In step 5, the UE can notify the MN that the task is completed.

In step 5a, the MN can inform the S-SN about the progress of the task. As an example, the MN can inform the S-SN that the UE has received the CPC configuration.

The process of performing selective SCG will be explained below.

CASE1. The selected T-SN is based on Fig. 9.

- Steps 6 to 10 disclosed in Fig. 10 can be performed.

- When a T-SN is selected multiple times, the UE may select the SN Counter values associated with the corresponding T-SN it currently possesses in a specific order. As an example, the UE may select the smallest value among the SN Counter values associated with the corresponding T-SN it currently possesses. The SN Counter values used in this way may be discarded after use.

- When a T-SN is selected multiple times, the T-SN may select the K _SNs it has in a specific order. As an example, the T-SN may select the K _SN associated with the lowest SN counter that the current UE keeps in relation to itself. The K _SN value used in this way may be discarded when the connection with the UE is released.

CASE2. Selected T-SN is based on Fig. 3 & Non-reusable Policy

- The T-SN can be selected only once, and at this time, steps 6 to 10 disclosed in Fig. 4 can be performed.

CASE3. Selected T-SN is based on Fig. 3 & Reusable Policy

- When the corresponding T-SN is initially selected, steps 6 to 10 disclosed in Fig. 4 can be performed.

- When the corresponding T-SN is re-selected, the following process may be performed. The UE may request the MN to connect to the corresponding T-SN. At this time, the UE may notify the MN of a series of information necessary to enable the MN to recognize that 'the corresponding T-SN operates based on Fig. 3 and has been re-selected'. For example, the UE may additionally notify the MN of 'the fact that the corresponding T-SN operates based on Fig. 3' and/or 'the fact that the corresponding T-SN has been re-selected'. If the MN already knows the above information, this notification may be omitted. In addition, one of the following processes may be additionally performed.

■ Steps 1 to 8 of Fig. 3 can be performed.

■ The procedure for releasing S-SN (steps 8 to 9 of Fig. 4) can be performed.

FIG. 13 is a diagram illustrating another method for managing keys in dual connectivity according to one embodiment of the present disclosure.

The MN (Master node) illustrated in Fig. 13 may be a Master base station connected to the UE. The MN may have an encryption key (or security key, or may be abbreviated as key) K _MN for secure communication with the UE.

The SN (Secondary Node) illustrated in Fig. 13 may be a secondary base station to be connected to the UE for dual connectivity. The SN may obtain a key K _SN for secure communication with the UE through a procedure to be described below.

Below, individual descriptions of the steps to be performed in key management according to Fig. 13 are provided. Below, each step is disclosed as if it were performed sequentially, but the order of the steps may be changed if the operation is still possible even if the order of the steps is changed.

In step 1, the MN can perform one or more of the following actions:

- MN can select SN counter values. As an example, MN can select SN counter values by generating SN counter values. SN counter can be a value associated with key K _SN to be passed to SN as a constant, which will be described later.

- MN can generate K _SNs to be transmitted to SN. Each K _SN can be generated using K _MN and one of the selected SN counter values. As an example, each K _SN can be a key value generated as an output by using K _MN and one of the selected SN counter values as inputs to a KDF (Key Derivation Function).

- MN can send K _SNs it generated to SN.

- MN can transmit the SN counter values it generated to SN. Transmission of the above information can be omitted.

- The MN can send the SN security-related information of the UE. For example, the MN can send the SN the types of security algorithms that the UE can use. As another example, the MN can send the SN a policy related to the security method that the UE will use.

In step 2, SN may perform one or more of the following processes:

- SN can select the security algorithm to be used in secure communication with UE.

- SN can derive security keys to be used with UE from K _SNs received from MN. At this time, security keys corresponding to the selected security algorithm can be derived during the derivation process.

- The SN can select the security method to use with the UE based on the security policy received from the MN in step 1.

In step 3, SN may perform one or more of the following processes:

- SN can send information about the security algorithm it has chosen to MN.

- SN can transmit the security method it is using to MN.

In step 4, the MN may perform one or more of the following processes:

- MN can transmit the SN Counter values selected in step 1 to the UE.

- The MN can transmit to the UE information related to the security algorithm or security method received from the SN in step 3.

In step 5, the UE may perform one or more of the following processes:

- The UE can select one of the SN counter values received from the MN.

- The UE can generate K _SN using the K _MN it has and the selected SN Counter value.

- The UE can derive security keys to be used with the SN from the above-mentioned generated K _SN . In the above-mentioned derivation process, the UE can derive security keys corresponding to the security algorithm received in step 4.

In step 6, the UE may notify the MN that the task is complete. At this time, one or more of the following processes may be performed:

- The UE may transmit to the MN the SN counter value it selected in step 5. Transmission of the above information may be omitted.

At step 7, the MN can notify the SN that the task is completed. At this time, one or more of the following processes can be performed.

- The MN may transmit to the SN the SN counter value received from the UE in step 6. Transmission of the above information may be omitted.

[Error handling method]

According to the above disclosure, in steps 1, 6 and 7, the SN counter value may be transmitted or, alternatively, transmission may be omitted. If the information is transmitted, the transmitted information can be used to deal with error situations.

[CASE A]

- SN can check the SN Counter received from MN in step 7 and select the corresponding K _SN value.

- The above method can reduce the possibility of an error in which the UE and SN select different K _SN values.

[CASE B]

- SN may select the K _SN value without checking the SN Counter received from MN in step 7.

- In the above case, the UE and SN may need to select the K _SN values to be used in a predetermined order. As an example, the UE may sequentially select SN counter values in the order in which they were received and then use the K _SN values derived therefrom, and the SN may also sequentially select K _SN values in the order in which they were received and then use them.

- In the above case, the possibility of error in which UE and SN select relatively different K _SN values increases.

- When the above error occurs, SN can check the SN Counter received in step 7 and reselect the corresponding K _SN value. In this way, SN can correct the occurred error.

The above error handling method can be performed as part of step 7.

FIG. 14 is a diagram illustrating a procedure for changing a secondary node in dual connectivity based on the method disclosed in FIG. 13.

The MN (Master node) illustrated in Fig. 14 may be a Master base station connected to the UE. The MN may have a key K _MN for secure communication with the UE.

The S-SN (Source-Secondary Node) illustrated in Fig. 14 may be a secondary base station connected to the UE for dual connectivity. The S-SN may have a key K _SN for secure communication with the UE.

The T-SN (Target-Secondary Node) illustrated in Fig. 14 may be a candidate secondary base station to be connected to the UE instead of the S-SN for dual connectivity. The T-SN may obtain a key K _SN for secure communication with the UE through the procedure described below.

The procedure of Fig. 14 is disclosed based on the procedure of Fig. 13. In other words, most of the procedures of Fig. 14 correspond to the procedures disclosed in Fig. 13. Therefore, for readability, contents already illustrated in Fig. 13 may not be described in the disclosure of Fig. 14.

Below is a description of the individual steps to be performed. Although the steps are presented as if they were performed sequentially, the order of the steps may be changed if the operation is still possible in a different order.

In step 1, the MN may perform one or more of the following processes:

- MN can select SN counter values. Multiple SN counter values can be allocated per each T-SN.

- MN can generate K _SNs to be delivered to each T-SN. Each K _SN can be generated using the value of K _MN and one of the selected SN counters.

- MN can transmit the K _SN values it generated to each T-SN.

- MN can transmit SN counter values to each T-SN. Transmission of the above information can be omitted.

- MN can transmit security-related information to each T-SN. For a detailed description of the security-related information, refer to step 1 of Fig. 13.

In step 2, T-SNs may perform one or more of the following processes:

- Each T-SN can perform procedures corresponding to steps 2 and 3 of Fig. 13.

In step 3, the MN may perform one or more of the following processes:

- The MN can provide the UE with a list of selected T-SNs.

- The MN may provide the UE with conditional information about when each T-SN can be selected. The information may be included as part of the Conditional PSCell Change (CPC) configuration.

- MN can provide UE with SN Counter values 'corresponding to K _SNs allocated to each T-SN'. Later, UE can determine which T-SN has 'K _SNs generated using which SN Counter values' through this information.

In step 4, the UE can notify the MN that the task is completed.

In step 4a, the MN can inform the S-SN about the progress of the task. As an example, the MN can inform the S-SN that the UE has received the CPC configuration.

In step 5, the UE may perform one or more of the following processes:

- The UE can select a T-SN to replace the S-SN based on the information received from the MN in step 3. As an example, the UE can select a T-SN that can be replaced from the received T-SN list based on the received condition information (e.g., CPC configuration).

- The UE can generate a key K _SN to be used for secure communication with the selected T-SN by using the K _MN it possesses and ‘one of the SN Counter values associated with the selected T-SN’ received in step 3.

In step 6, the UE may notify the MN that the task is complete. At this time, one or more of the following processes may be performed.

- The UE can transmit information to the MN that can designate the T-SN to which it will be associated.

- The UE can transmit to the MN the SN counter value it selected in step 5. Transmission of the above information may be omitted.

In step 7, the MN can request the S-SN to disconnect.

In step 8, the S-SN can notify the MN that the disconnection is complete.

In step 9, the MN may notify the T-SN to which the UE is connected that the task is completed. At this time, one or more of the following processes may be performed.

- MN can transmit the 'SN counter value received in step 6' to T-SN. The above information transmission can be omitted.

[Error handling method]

- Through the steps described above, the UE and T-SN can be in secure communication. However, if the K _SN values selected by the UE and the T-SN do not match for some reason, normal secure communication may not be possible. For the error handling method in the above case, refer to the [Error Handling] method disclosed in Fig. 13. That is, confirmation or reselection of the K _SN can be performed through the SN counter value.

- The above error handling method can be performed as part of step 9.

FIG. 15 is a diagram illustrating another procedure for continuously changing a secondary node in dual connectivity by linking the two methods disclosed in FIG. 3 (and FIG. 4) and FIG. 13 (and FIG. 14).

The MN (Master node) illustrated in Fig. 15 may be a Master base station connected to the UE. The MN may have a key K _MN for secure communication with the UE.

The S-SN (Source-Secondary Node) illustrated in Fig. 15 may be a secondary base station connected to the UE for dual connectivity. The S-SN may have a key K _SN for secure communication with the UE.

The T-SN (Target-Secondary Node) illustrated in Fig. 15 may be a candidate secondary base station to be connected to the UE instead of the S-SN for dual connectivity. The T-SN may obtain a key K _SN for secure communication with the UE through a procedure to be described later. At this time, T-SN (OLD) may mean an SN operating in the manner described in Fig. 3 (and Fig. 4). At this time, T-SN (NEW) may mean an SN operating in the manner described in Fig. 13 (and Fig. 14). T-SN (OLD) may mean an SN that does not support the Selective SCG function to be described later, and T-SN (NEW) may mean an SN that supports the Selective SCG function to be described later.

The procedure of FIG. 15 is disclosed based on the procedures of FIG. 3 (and FIG. 4) and FIG. 13 (and FIG. 14). In other words, most of the procedures of FIG. 15 correspond to the procedures disclosed in FIG. 3 (and FIG. 4) and FIG. 13 (and FIG. 14). Therefore, for readability, contents already illustrated in FIG. 3 (and FIG. 4) and FIG. 13 (and FIG. 14) may not be described in the disclosure of FIG. 15.

Below, individual descriptions of the steps to be performed according to the procedure of Figure 15 are provided. Although the steps are disclosed below as if they were performed sequentially, the order of the steps may be changed if the operation is still possible with the order of the steps changed.

In step 1, the MN may perform one or more of the following processes:

[For T-SN(OLD)]

- (Action O) The MN can perform the processes of steps 1 and 2 disclosed in Fig. 3 for each T-SN (OLD). In other words, the MN can select an SN counter value for each T-SN (OLD), generate a K _SN value to be transmitted to the T-SN (OLD) based on the selected SN counter value, and transmit the generated K _SN value to the T-SN (OLD).

- If the MN knows in advance that a particular T-SN is an OLD version, it can immediately perform the above “action O” for that T-SN.

- If the MN does not know in advance that a particular T-SN (OLD) is an OLD version, one or more of the following steps may be performed:

■ The MN can first check the version of the T-SN and then perform “Action O”. For example, the MN can check the version of the T-SN by communicating with the T-SN. As another example, the MN can check the version of the T-SN by obtaining information from the outside without directly communicating with the T-SN.

■ The MN can assume that the version of the T-SN is OLD and perform “Action O”. Later, the MN can check the version of the T-SN and confirm that no additional action is required. The MN can check the version of the T-SM by directly communicating with the T-SN, or by obtaining information from the outside without directly communicating with the T-SN.

■ MN can assume that the version of the T-SN is NEW and perform step 1 of Fig. 13. In this case, the T-SN can respond with a rejection message because it does not support the input received through step 1 of Fig. 13. In the above case, the MN can confirm that the version of the T-SN is OLD and perform “action O” accordingly.

[For T-SN(NEW)]

- (Action N) The MN can perform the step 1 process disclosed in Fig. 13 for each T-SN(NEW). In other words, the MN can select SN counter values for each T-SN(NEW). In addition, the MN can generate K _SN values to be transmitted to the T-SN(NEW) based on the selected SN counter values. In addition, the MN can transmit the generated K _SN values to the T-SN(NEW). In addition, the MN can transmit the selected SN counter values to the T-SN(NEW), but the transmission of the information can be omitted.

- If the MN knows in advance that a specific T-SN is a NEW version, it can immediately perform the above “action N” for that T-SN.

- If the MN does not know in advance that a particular T-SN(NEW) is a NEW version, one or more of the following steps may be performed:

■ The MN can first check the version of the T-SN and then perform “action N”. For example, the MN can check the version of the T-SN by communicating with the T-SN. As another example, the MN can check the version of the T-SN by obtaining information from the outside without directly communicating with the T-SN.

■ The MN can assume that the version of the T-SN is OLD and perform “Action O”. Later, the MN can check the version of the T-SN and determine that additional action is required. The MN can check the version of the T-SN by directly communicating with the T-SN, or by obtaining information from the outside without directly communicating with the T-SN. After the MN determines that the T-SN requires additional action, “Action N” can be performed. At this time, if the transmission information of the already performed “Action O” wants to be reused, some actions of “Action N” can be omitted accordingly. For example, since the MN has already transmitted one K _SN value to the T-SN in “Action O”, only the remaining values excluding the already transmitted value can be transmitted in “Action N”.

■ MN can assume that the version of the T-SN is NEW, and perform “Action N”. Later, the MN can check the version of the T-SN and determine that no additional action is necessary. (The MN can check the version of the T-SM by directly communicating with the T-SN, or by obtaining information from the outside without directly communicating with the T-SN. Alternatively, the MN can check the version of the T-SN from the fact that the T-SN did not respond with a rejection message when the “Action N” was performed.)

In step 2, T-SNs may perform one or more of the following processes:

- OLD version T-SN(s) can perform steps 3 to 4 of Fig. 3.

- New version of T-SN(s) can perform steps 2 and 3 of Fig. 13.

In step 3, the MN may perform one or more of the following processes:

- The MN can provide the UE with a list of selected T-SNs.

- The MN may provide the UE with conditional information about when each T-SN can be selected. The information may be included as part of the Conditional PSCell Change (CPC) configuration.

- The MN can provide the UE with 'the SN Counter value(s) corresponding to the K _SN (s) allocated to each T-SN'. Later, the UE can determine which T-SN holds the K _SN (s) generated using which SN Counter value(s) through this information.

- The MN can inform the UE of the functions supported by each T-SN. For example, the MN can inform the UE of whether each T-SN is an SN operating in the manner described in FIG. 3 or an SN operating in the manner described in FIG. 13. (The above information can be transmitted in various ways. For example, the operating manner of a specific T-SN can be informed by the number of SN counter(s) assigned to the specific T-SN. That is, if the value of the SN counter assigned to the specific T-SN is one, the T-SN is an SN operating in the manner described in FIG. 3, and if the value of the SN counter assigned to the specific T-SN is multiple, the T-SN can be an SN operating in the manner described in FIG. 13. However, this is only an example, and the method by which the MN informs the UE of the operating manner of each T-SN is not limited to the above example.) This can be interpreted to mean the same as informing the UE of whether the T-SN is an SN supporting the selective SCG function or not. The above information may be included as part of the Conditional PSCell Change (CPC) configuration.

- The MN can provide the UE with policy information on whether it can reuse the SN operating in the manner described in Fig. 3. For a more detailed description, see Fig. 7.

In step 4, the UE can notify the MN that the task is completed.

In step 4a, the MN can inform the S-SN about the progress of the task. As an example, the MN can inform the S-SN that the UE has received the CPC configuration.

The process of performing selective SCG will be explained below.

CASE1. The selected T-SN is based on Fig. 13 (i.e., T-SN is NEW version)

- Steps 5 to 9 disclosed in Fig. 14 can be performed.

CASE2. The selected T-SN is based on Fig. 3 (i.e. T-SN is OLD version) & non-reusable policy

- The T-SN can be selected only once, and at this time, steps 6 to 10 disclosed in Fig. 4 can be performed.

CASE3. Selected T-SN is based on Fig. 3 (i.e. T-SN is OLD version) & Reusable Policy

- When the corresponding T-SN is initially selected, steps 6 to 10 disclosed in Fig. 4 can be performed.

- When the corresponding T-SN is re-selected, the following process may be performed. The UE may request the MN to connect to the corresponding T-SN. At this time, the UE may notify a series of information necessary for the MN to recognize that 'the corresponding T-SN operates based on Fig. 3 and has been re-selected'. For example, the UE may additionally notify the MN that 'the corresponding T-SN operates based on Fig. 3' and/or 'the corresponding T-SN has been re-selected'. If the MN already knows the above information, this notification may be omitted. In addition, one of the following processes may be additionally performed.

■ Steps 1 to 8 of Fig. 3 can be performed.

The procedure for releasing the S-SN (steps 8 to 9 of FIG. 4) can be performed. It should be noted that the configuration diagrams, example diagrams of control/data signal transmission and reception methods, and example diagrams of operation procedures exemplified in FIGS. 1A to 15 are not intended to limit the scope of the embodiments of the present disclosure. That is, not all components, entities, or operation steps described in FIGS. 1A to 15 should be interpreted as essential components for implementing the disclosure, and the disclosure may be implemented within a scope that does not harm the essence of the disclosure even if only some of the components are included.

The operations of the embodiments described above can be realized by providing a memory device storing the corresponding program code in any component within the device. That is, the control unit within the device can execute the operations described above by reading and executing the program code stored in the memory device by a processor or a CPU (Central Processing Unit).

The various components, modules, etc. of the entity, or terminal device described in the present disclosure may be operated using hardware circuits, for example, logic circuits based on complementary metal oxide semiconductors, firmware, software, and/or hardware and firmware and/or software embedded in a machine-readable medium. For example, various electrical structures and methods may be implemented using electrical circuits such as transistors, logic gates, and application-specific semiconductors.

The methods according to the embodiments described in the claims or specification of the present disclosure may be implemented in the form of hardware, software, or a combination of hardware and software.

In the case of software implementation, a computer-readable storage medium storing one or more programs (software modules) may be provided. The one or more programs stored in the computer-readable storage medium are configured for execution by one or more processors in an electronic device. The one or more programs include instructions that cause the electronic device to execute methods according to embodiments described in the claims or specification of the present disclosure.

These programs (software modules, software) may be stored in a random access memory, a non-volatile memory including flash memory, a read only memory (ROM), an electrically erasable programmable read only memory (EEPROM), a magnetic disc storage device, a compact disc-ROM (CD-ROM), digital versatile discs (DVDs) or other forms of optical storage devices, a magnetic cassette. Or, they may be stored in a memory composed of a combination of some or all of these. In addition, each configuration memory may be included in multiple numbers.

Additionally, the program may be stored in an attachable storage device that is accessible via a communications network, such as the Internet, an Intranet, a local area network (LAN), a wide area network (WAN), or a storage area network (SAN), or a combination thereof. The storage device may be connected to the device performing an embodiment of the present disclosure via an external port. Additionally, a separate storage device on the communications network may be connected to the device performing an embodiment of the present disclosure.

In the specific embodiments of the present disclosure described above, the components included in the disclosure are expressed in the singular or plural form according to the specific embodiments presented. However, the singular or plural expressions are selected to suit the presented situation for the convenience of explanation, and the present disclosure is not limited to the singular or plural components, and even if a component is expressed in the plural form, it may be composed of the singular form, or even if a component is expressed in the singular form, it may be composed of the plural form.

Meanwhile, although the detailed description of the present disclosure has described specific embodiments, it is obvious that various modifications are possible without departing from the scope of the present disclosure. Therefore, the scope of the present disclosure should not be limited to the described embodiments, but should be determined not only by the scope of the claims described below, but also by equivalents of the scope of the claims.

Claims (15)

In a method of operation of a MN (Master Node) connected to a user terminal in a wireless communication system, A step of selecting a first SN counter value for a first target SN (Secondary Node) that does not support an optional SCG (Secondary Cell Group) function; A step of generating a first key value for secure communication between the user terminal and the first target SN based on the first SN counter value; A step of transmitting a first key value corresponding to the first target SN to the first target SN; A step of selecting a plurality of second SN counter values for a second target SN supporting optional SCG functionality; A step of generating a plurality of second key values for secure communication between the user terminal and the second target SN based on the plurality of second SN counter values; A step of transmitting a plurality of second key values corresponding to the second target SN to the second target SN; and A method comprising the step of transmitting, to the user terminal, CPC (Conditional PSCell Change) setting information, the first SN counter value, and the plurality of second SN counter values. In the first paragraph, A step of receiving information on whether the first target SN supports the optional SCG function; and A method further comprising the step of receiving information on whether the second target SN supports the optional SCG function. In the first paragraph, A method wherein the CPC setting information includes information on whether the first target SN or the second target SN supports the optional SCG function. In the first paragraph, A method further comprising the step of receiving, from the first target SN or the second target SN, a rejection message for a key value received by the first target SN or the second target SN or a request message for an additional key value. In the first paragraph, A method further comprising the step of transmitting information on whether the first target SN that does not support the optional SCG function is reusable to the user terminal. In paragraph 5, A step of receiving a request for reuse of the first target SN from the user terminal when reuse of the first target SN is possible; A step of selecting a third SN counter value for the first target SN and generating a third key value based on the selected third SN counter value; a step of transmitting the third key value to the first target SN; and A method further comprising the step of transmitting the third SN counter value corresponding to the third key value to the user terminal. In a method of operating a user terminal in a wireless communication system, A step of receiving, from a Master Node (MN) connected to the user terminal, CPC (Conditional PSCell Change) setting information, a first SN counter value corresponding to a first key value transmitted to a first target SN (Secondary Node) that does not support an optional SCG (Secondary Cell Group) function, and a plurality of second SN counters corresponding to a plurality of second key values transmitted to a second target SN that supports the optional SCG function; generating a first key value or a second key value based on at least one of the first SN counter value or the plurality of second SN counter values; and A method comprising the step of performing an SN change to a first target SN through the first key value or an SN change to a second target SN through the second key value. In Article 7, The above CPC setting information includes information on whether the first target SN or the second target SN supports the optional SCG function. A method characterized in that the replacement with the second target SN can be performed multiple times using a plurality of second key values generated based on the CPC setting information. In a wireless communication system, in a MN (Master Node) that is connected to a user terminal and operates, Department of Communications; and Includes a control unit, The above control unit, Select the first SN counter value for the first target SN (Secondary Node) that does not support the optional SCG (Secondary Cell Group) feature, Generate a first key value for secure communication between the user terminal and the first target SN based on the first SN counter value, To the first target SN, transmit a first key value corresponding to the first target SN, Select multiple second SN counter values for the second target SN supporting the optional SCG feature, Based on the plurality of second SN counter values, a plurality of second key values are generated for secure communication between the user terminal and the second target SN, To the second target SN, a plurality of second key values corresponding to the second target SN are transmitted, An MN configured to transmit CPC (Conditional PSCell Change) setting information, the first SN counter value and the plurality of second SN counter values to the user terminal. In Article 9, The above control unit, Receive information from the first target SN about whether the first target SN supports the optional SCG function, An MN further configured to receive information from the second target SN on whether the second target SN supports the optional SCG function. In Article 9, The above CPC setting information includes information on whether the first target SN or the second target SN supports the optional SCG function. In Article 8, The above control unit, An MN further configured to receive, from the first target SN or the second target SN, a rejection message for a key value received by the first target SN or the second target SN, or a request message for an additional key value. In Article 8, The above control unit, An MN further configured to transmit information on whether the first target SN that does not support the optional SCG feature is reusable to the user terminal. In Article 13, The above control unit, If the reuse of the first target SN is possible, a request for reuse of the first target SN is received from the user terminal, Select a third SN counter value for the first target SN, and generate a third key value based on the selected third SN counter value. Transmit the third key value to the first target SN, The MN is further configured to transmit the third SN counter value corresponding to the third key value to the user terminal. In a user terminal operating in a wireless communication system, Department of Communications; and Includes a control unit, The above control unit, Receive, from a MN (Master Node) connected to the user terminal, CPC (Conditional PSCell Change) setting information, a first SN counter value corresponding to a first key value transmitted to a first target SN (Secondary Node) that does not support an optional SCG (Secondary Cell Group) function, and a plurality of second SN counters corresponding to a plurality of second key values transmitted to a second target SN that supports the optional SCG function; Generate a first key value or a second key value based on at least one of the first SN counter value or the plurality of second SN counter values, A user terminal configured to perform an SN change to a first target SN through the first key value or an SN change to a second target SN through the second key value.

Images