COMMUNICATION SYSTEM
First Claim
1. A mobile communication device for communicating user plane data via first communication apparatus, of a communication network, that operates a first communication cell, and for receiving control plane signalling related to user plane communication from second communication apparatus, of the communication network, that operates a second communication cell, said mobile communication device comprising:
- a receiving circuit configured to receive security information;
an obtaining circuit configured to obtain, from said security information, at least one user plane security parameter for providing user plane security for said user plane communication via said first communication apparatus and at least one control plane security parameter for providing control plane security for control plane communication via said second communication apparatus; and
an applying circuit configured to apply said at least one user plane security parameter in said user plane communication via said first communication apparatus and configured to apply said at least one control plane security parameter in said control plane communication via said second communication apparatus.
1 Assignment
0 Petitions
Accused Products
Abstract
A communication system is described in which user plane communication and control plane communication for a particular mobile communication device can be split between a base station that operates a small cell and a macro base station. Appropriate security for the user plane and control plane communications is safeguarded by ensuring that each base station is able to obtain or derive the correct security parameters for protecting the user plane or control plane communication for which it is responsible.
17 Citations
48 Claims
-
1. A mobile communication device for communicating user plane data via first communication apparatus, of a communication network, that operates a first communication cell, and for receiving control plane signalling related to user plane communication from second communication apparatus, of the communication network, that operates a second communication cell, said mobile communication device comprising:
-
a receiving circuit configured to receive security information; an obtaining circuit configured to obtain, from said security information, at least one user plane security parameter for providing user plane security for said user plane communication via said first communication apparatus and at least one control plane security parameter for providing control plane security for control plane communication via said second communication apparatus; and an applying circuit configured to apply said at least one user plane security parameter in said user plane communication via said first communication apparatus and configured to apply said at least one control plane security parameter in said control plane communication via said second communication apparatus. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. Communication apparatus for operating a communication cell via which a mobile communication device can engage in user plane communication, in a communication network in which further communication apparatus operates a further cell and provides control plane signalling related to said user plane communication, the communication apparatus comprising:
-
an operating circuit configured to operate said communication cell via which said mobile communication device can engage in user plane communication; a receiving circuit configured to receive security information; an obtaining circuit configured to obtain, from said security information, at least one user plane security parameter for providing user plane security for said user plane communication; and an applying circuit configured to apply said user plane security parameter to user plane communication via said first communication apparatus. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. Communication apparatus for operating a communication cell via which control plane signalling is provided to a mobile communication device, in a communication network in which further communication apparatus operates a further cell via which said mobile communication device can engage in user plane communication to which said control plane signalling relates, the communication apparatus comprising:
-
an operating circuit configured to operate said communication cell via which said control plane signalling is provided to a mobile communication device; a receiving circuit configured to receive security information from a communication entity of said communication network; an obtaining circuit configured to obtain, from said security information, at least one control plane security parameter for providing control plane security for said control plane signalling provided to said mobile communication device, and at least one further security parameter; a providing circuit configured to provide security information comprising said further security parameter to said further communication apparatus; and an applying circuit configured to apply said at least one control plane security parameter when providing said control plane signalling to said mobile communication device. - View Dependent Claims (24, 25, 26, 27, 28)
-
-
29. A communication entity for a communication network in which a mobile communication device engages in user plane communication via first communication apparatus that operates a first communication cell, and in which the mobile communication device receives control plane signalling related to said user plane communication from second communication apparatus that operates a second communication cell, said communication entity comprising:
-
a receiving circuit configured to receive security information from a further communication entity of said communication network; an obtaining circuit configured to obtain, from said security information, at least one root security parameter which can be used in the derivation of;
at least one user plane security parameter for providing user plane security for said user plane communication via said first communication apparatus; and
at least one control plane security parameter for providing control plane security for control plane communication via said second communication apparatus; anda providing circuit configured to provide security information comprising said root security parameter to said first communication apparatus in a first message and to said second communication apparatus in a second message. - View Dependent Claims (30, 31, 32, 33)
-
-
34. Communication apparatus for operating a communication cell via which control plane signalling is provided to a mobile communication device, in a communication network in which further communication apparatus operates a further cell via which said mobile communication device can engage in user plane communication to which said control plane signalling relates, the communication apparatus comprising:
-
an operating circuit configured to operate said communication cell via which said control plane signalling is provided to a mobile communication device; means for receiving a receiving circuit configured to receive security information from a communication entity of said communication network; an obtaining circuit configured to obtain, from said security information, at least one control plane security parameter for providing control plane security for said control plane signalling provided to said mobile communication device; a transmitting circuit configured to transmit, to said mobile communication device, an indicator that user plane and control plane are provided by different respective communication apparatus; and an applying circuit configured to apply said at least one control plane security parameter when providing said control plane signalling to said mobile communication device. - View Dependent Claims (35)
-
-
36. A mobile communication device for communicating user plane data via first communication apparatus, of a communication network, that operates a first communication cell, and for receiving control plane signalling related to user plane communication from second communication apparatus, of the communication network, that operates a second communication cell, said mobile communication device comprising:
-
a first obtaining circuit configured to obtain a first set of security parameters for said user plane communication, from a first authenticated key agreement (AKA) procedure in respect of said first communication apparatus, and for generating an associated first security context; a second obtaining circuit configured to obtain a second set of security parameters for control plane communication, from a second authenticated key agreement (AKA) procedure in respect of said second communication apparatus, and for generating an associated second security context; and a maintaining circuit configured to maintain said first security context and said second security context.
-
-
37. A communication entity for a communication network in which a mobile communication device is able to engage in user plane communication via first communication apparatus that operates a first communication cell, and in which the mobile communication device is able to receive control plane signalling related to said user plane communication from second communication apparatus that operates a second communication cell, said communication entity comprising:
-
a first performing circuit configured to perform a first authenticated key agreement (AKA) procedure, in respect of said first communication apparatus, for user plane communication and for generating an associated first security context; a second performing circuit configured to perform a second authenticated key agreement (AKA) procedure, in respect of said second communication apparatus, for control plane communication and for generating an associated second security context; and a maintaining circuit configured to maintain said first security context and said second security context.
-
-
38. A method performed by a mobile communication device that is able to communicate user plane data via first communication apparatus, of a communication network, that operates a first communication cell, and is able to receive control plane signalling related to user plane communication from second communication apparatus, of the communication network, that operates a second communication cell, said method comprising:
-
receiving security information; obtaining, from said security information, at least one user plane security parameter for providing user plane security for said user plane communication via said first communication apparatus and at least one control plane security parameter for providing control plane security for control plane communication via said second communication apparatus; and applying said at least one user plane security parameter in said user plane communication via said first communication apparatus and applying said at least one control plane security parameter in said control plane communication via said second communication apparatus. - View Dependent Claims (48)
-
-
39. A method performed by communication apparatus when operating a cell via which a mobile communication device can engage in user plane communication, in a communication network in which further communication apparatus operates a further cell and provides control plane signalling related to said user plane communication, the method comprising:
-
receiving security information; obtaining, from said security information, at least one user plane security parameter for providing user plane security for said user plane communication; and applying said user plane security parameter to said user plane communication via said first communication apparatus.
-
-
40. A method performed by communication apparatus when operating a cell via which control plane signalling is provided to a mobile communication device, in a communication network in which further communication apparatus operates a further cell via which said mobile communication device can engage in user plane communication to which said control plane signalling relates, the method comprising:
-
receiving security information from a communication entity of said communication network; obtaining, from said security information, at least one control plane security parameter for providing control plane security for said control plane signalling provided to said mobile communication device, and at least one further security parameter; providing security information comprising said further security parameter to said further communication apparatus; and applying said at least one control plane security parameter when providing said control plane signalling to said mobile communication device.
-
-
41. A method performed by a communication entity in a communication network in which a mobile communication device engages in user plane communication via first communication apparatus that operates a first communication cell, and in which the mobile communication device receives control plane signalling related to said user plane communication from second communication apparatus that operates a second communication cell, said method comprising:
-
receiving security information from a further communication entity of said communication network; obtaining, from said security information, at least one root security parameter which can be used in the derivation of;
at least one user plane security parameter for providing user plane security for said user plane communication via said first communication apparatus; and
at least one control plane security parameter for providing control plane security for control plane communication via said second communication apparatus; andproviding security information comprising said root security parameter to said first communication apparatus in a first message and to said second communication apparatus in a second message.
-
-
42. A method performed by communication apparatus when operating a communication cell via which control plane signalling is provided to a mobile communication device, in a communication network in which further communication apparatus operates a further cell via which said mobile communication device can engage in user plane communication to which said control plane signalling relates, the method comprising:
-
operating said communication cell via which said control plane signalling is provided to a mobile communication device; receiving security information from a communication entity of said communication network; obtaining, from said security information, at least one control plane security parameter for providing control plane security for said control plane signalling provided to said mobile communication device; transmitting, to said mobile communication device, an indicator that user plane and control plane are provided by different respective communication apparatus; and applying said at least one control plane security parameter when providing said control plane signalling to said mobile communication device.
-
-
43. A method performed by a mobile communication device that is able to communicate user plane data via first communication apparatus, of a communication network, that operates a first communication cell, and that is able to receive control plane signalling related to user plane communication from second communication apparatus, of the communication network, that operates a second communication cell, said method comprising:
-
obtaining a first set of security parameters for said user plane communication, from a first authenticated key agreement (AKA) procedure in respect of said first communication apparatus, and generating an associated first security context; obtaining a second set of security parameters for control plane communication, from a second authenticated key agreement (AKA) procedure in respect of said second communication apparatus, and generating an associated second security context; and maintaining said first security context and said second security context.
-
-
44. A method performed by a communication entity in a communication network in which a mobile communication device is able to engage in user plane communication via first communication apparatus that operates a first communication cell, and in which the mobile communication device is able to receive control plane signalling related to said user plane communication from second communication apparatus that operates a second communication cell, said method comprising:
-
performing a first authenticated key agreement (AKA) procedure, in respect of said first communication apparatus, for said user plane communication and for generating an associated first security context; performing a second authenticated key agreement (AKA) procedure, in respect of said second communication apparatus, for control plane communication and for generating an associated second security context; and maintaining said first security context and said second security context.
-
-
45. (canceled)
-
46. (canceled)
-
47. (canceled)
Specification