Apparatus, system and method for secure direct communication in proximity based services
First Claim
1. A mobile communication system, comprising:
- a central processing unit coupled to a memory storing instructions for executing;
a first and a second UEs (User Equipments) implemented by a transceiver and a controller that support Proximity Services (ProSe);
a first ProSe Function that su arts the ProSe and communicates with the plurality of UEs via a PC3 interface; and
a second ProSe Function that supports the ProSe and communicates with the plurality of UEs via the PC3 interface, wherein the first and second ProSe functions are deployed in different network nodes,wherein the first UE sends a first message for a discovery to the first ProSe Function via PC3,wherein the first ProSe Function directly sends a first information on security to the first UE via PC3,wherein the first UE receives the first information on security from the first ProSe Function which communicated with a ProSe Application Server via a PC2 interface based on the first message for discovery from the first UE,wherein the second UE sends a second message for the discovery to the second ProSe Function via PC3,wherein the second ProSe Function directly sends a second information on security to the second UE via PC3,wherein the second UE receives the second information on security from the second ProSe Function which communicated with the ProSe Application Server via the PC2 interface based on the second message for discovery from the first UE, andwherein the second UE receives a protected message transmitted from the first UE on a PC5 interface based on the first information and the second information.
1 Assignment
0 Petitions
Accused Products
Abstract
In order for effectively ensuring security for direct communication in ProSe, a ProSe Function acquires from a 3rd party root keys for each of UEs to derive a pair of session keys for securely conducting direct communication with different UEs, and distributes the acquired root keys to each of the UEs. Each of the UEs derives the session keys by using one of the distributed root keys. Moreover, a plurality of UEs, which form a communication system, and are allowed to conduct direct communication with each other when the UEs are in proximity to each other, share public keys of the UEs therebetween through a node which supports the direct communication upon successfully registering the UEs with the node. Each of the UEs verifies at least a request for the direct communication by using one of the public keys.
-
Citations
13 Claims
-
1. A mobile communication system, comprising:
-
a central processing unit coupled to a memory storing instructions for executing; a first and a second UEs (User Equipments) implemented by a transceiver and a controller that support Proximity Services (ProSe); a first ProSe Function that su arts the ProSe and communicates with the plurality of UEs via a PC3 interface; and a second ProSe Function that supports the ProSe and communicates with the plurality of UEs via the PC3 interface, wherein the first and second ProSe functions are deployed in different network nodes, wherein the first UE sends a first message for a discovery to the first ProSe Function via PC3, wherein the first ProSe Function directly sends a first information on security to the first UE via PC3, wherein the first UE receives the first information on security from the first ProSe Function which communicated with a ProSe Application Server via a PC2 interface based on the first message for discovery from the first UE, wherein the second UE sends a second message for the discovery to the second ProSe Function via PC3, wherein the second ProSe Function directly sends a second information on security to the second UE via PC3, wherein the second UE receives the second information on security from the second ProSe Function which communicated with the ProSe Application Server via the PC2 interface based on the second message for discovery from the first UE, and wherein the second UE receives a protected message transmitted from the first UE on a PC5 interface based on the first information and the second information. - View Dependent Claims (2, 3)
-
-
4. ProSe (Proximity Services) Functions in a mobile communication system that includes a central processing unit coupled to a memory storing instructions for executing a first UE (User Equipment) and a second UE, implemented by a transceiver and a controller, which supports ProSe and a ProSe Application Server, the ProSe Functions comprising:
-
a first ProSe Function including a first transmission unit that supports the ProSe and communicates with the first and the second UEs via a PC3 interface and sends a first information on security to the first UE by communicating with the ProSe Application Server via a PC2 interface based on a first message for a discovery from the first UE; and a second ProSe Function including a second transmission unit that supports the ProSe and communicates with the plurality of UEs via the PC3 interface and sends a second information on security to a second UE which comprises another UE among the plurality of UEs by communicating with the ProSe Application Server via the PC2 interface based on a second message for a discovery from the second UE, wherein the first and second ProSe functions are deployed in different network nodes, and receiving the first message directly for a discovery from the first UE and directly sending the first information on security to the second UE, and receiving the second message for the discovery from the second UE and sending a second information on security to the first UE, wherein the second UE receives a protected message transmitted from the first UE on a PC5 interface based on the first information and the second information. - View Dependent Claims (5)
-
-
6. A first UE (User Equipment) and a second UE in a mobile communication system that includes a central processing unit coupled to a memory storing instructions for executing ProSe (Proximity Services) Functions including a first ProSe Function that supports the ProSe and communicates with the plurality of UEs via a PC3 interface, a second ProSe Function that supports the ProSe and communicates with the plurality of UEs via the PC3 interface, and a ProSe application server that communicates with the first ProSe function and the second ProSe function via a PC2 interface
wherein the first UE includes a first transceiver that provides the ProSe, and receives a first information on security from the first ProSe Function which discovery from the first UE, and wherein the second UE includes a second transceiver that provides the ProSe, and receives a second information on security from the second ProSe Function which communicates with the ProSe Application Server based on a second message for the discovery from the second UE, wherein the first and second ProSe functions are deployed in different network nodes, wherein the first UE sends a direct communication request message to the second UE, wherein the second transceiver is configured to send a second message for the discovery to the second ProSe Function, and to directly receive a second information on security from the second ProSe Function, and wherein the second UE receives a protected message transmitted from the first UE on a PC5 interface based on the first information and the second information.
-
8. A communication method of a mobile communication system including a first UE (User Equipment) and a second UE implemented by a transceiver and a controller that support Proximity Services (ProSe), a first ProSe Function that supports the ProSe and communicates with the plurality of UEs via a PC3 interface and a second ProSe Function that supports the ProSe and communicates with the plurality of UEs via the PC3 interface, wherein the first and second ProSe functions are deployed in different network nodes, the communication method comprising:
-
sending, by the first UE, a first message for a discovery to the first ProSe Function via PC3; sending, directly by the first ProSe Function, a first information on security to the first UE via PC3, wherein the first UE receives the first information on security from the first ProSe Function which communicated with a ProSe Application Server via a PC2 interface based on the first message for discovery from the first UE; sending, by the second UE, a second message for the discovery to the second ProSe Function via PC3; sending, by the second ProSe Function, a second information on security to the second UE directly via PC3, wherein the second UE receives the second information on security from the second ProSe Function which communicated with the ProSe Application Server via a PC2 interface based on the second message for discovery from the first UE; and receiving, by the second UE, a protected message transmitted from the first UE on a PC5 interface based on the first information and the second information. - View Dependent Claims (9)
-
-
10. A communication method of ProSe Functions (Proximity Services) in a mobile communication system that includes a first UE (User Equipment) and a second UE, implemented by a transceiver and a controller, which supports the ProSe and a ProSe Application Server, the ProSe Functions comprising:
-
a first ProSe Function including a first transmission unit that supports the ProSe and communicates with the first and the second UEs via a PC3 interface and sends a first information on security to the first UE by communicating with the ProSe Application Server via a PC2 interface based on a first message for a discovery from the first UE; and a second ProSe Function including a second transmission unit that supports the ProSe and communicates with the plurality of UEs via the PC3 interface and sends a second information on security to a second UE which comprises another UE among the plurality of UEs by communicating with the ProSe Application Server via a PC2 interface based on a second message for a discovery from the second UE, wherein the first and second ProSe functions are deployed in different network nodes, the communication method comprising; receiving the first message directly for a discovery from the first UE; sending the first information on security to the second UE directly; receiving the second message for the discovery from the second UE; and sending a second information on security to the second UE directly, wherein the second UE receives a protected message transmitted from the first UE on a PC5 interface based on the first information and the second information. - View Dependent Claims (11)
-
-
12. A communication method of a first UE (User Equipment) and a second UE in a mobile communication system that includes ProSe (Proximity Services) Functions including a first ProSe Function that supports the ProSe and communicates with the plurality of UEs via a PC3 interface, a second ProSe Function that supports the ProSe and communicates with the plurality of UEs via the PC3 interface, and a ProSe application server that communicates with the first ProSe function and the second ProSe function via a PC2 interface,
wherein the first UE includes a first transceiver that provides the ProSe, and receives a first information on security from the first ProSe Function which communicates with the ProSe Application Server based on a first mesa e for a discovery from the first UE, and wherein the second UE includes a second transceiver that provides the ProSe and receives a second information on security from the second ProSe Function which communicates with the ProSe Application Server based on a second message for the discovery from the second UE, wherein the first and second ProSe functions are deployed in different network nodes, the communication method comprising: -
sending, by the first UE, a direct communication request message to the second UE; sending, by the second transceiver, a second message for the discovery to the second ProSe Function, and directly receiving a second information on security from the second ProSe Function; and receiving, by the second UE, a protected message transmitted from the first UE on a PC5 interface based on the first information and the second information. - View Dependent Claims (13)
-
Specification