DEVICES AND METHOD FOR MTC GROUP KEY MANAGEMENT
First Claim
1. A communication system comprising:
- a group of MTC (Machine-Type-Communication) devices that communicate with a core network; and
a gateway to the core network for the group, the gateway distributing to each of the MTC devices a first key for securely conducting group communication,wherein upon distributing the first key, the gateway protects confidentiality and integrity of the first key by using;
a second key that is preliminarily shared between the gateway and each of the MTC devices, and that is used for the gateway to authenticate each of the MTC devices as a member of the group;
ora third key that is shared between an MTC-IWF (MTC Inter-Working Function) and each of the MTC devices, and that is used to derive temporary keys for securely conducting individual communication between the MTC-IWF and each of the MTC devices, the MTC-IWF serving as an entering point to the core network for an SCS (Service Capability Server) that communicates with the group through the core network.
1 Assignment
0 Petitions
Accused Products
Abstract
In order to improve security upon distributing a group key, there is provided a gateway (20) to a core network for a group of MTC devices (10_1-10_n) communicating with the core network. The gateway (20) protects confidentiality and integrity of a group key, and distributes the protected group key to each of the MTC devices (10_1-10_n). The protection is performed by using: a key (Kgr) that is preliminarily shared between the gateway (20) and each of the MTC devices (10_1-10_n), and that is used for the gateway (20) to authenticate each of the MTC devices (10_1-10_n) as a member of the group; or a key (K_iwf) that is shared between an MTC-IWF (50) and each of the MTC devices (10_1-10_n), and that is used to derive temporary keys for securely conducting individual communication between the MTC-IWF (50) and each of the MTC devices (10_1-10_n).
50 Citations
18 Claims
-
1. A communication system comprising:
-
a group of MTC (Machine-Type-Communication) devices that communicate with a core network; and a gateway to the core network for the group, the gateway distributing to each of the MTC devices a first key for securely conducting group communication, wherein upon distributing the first key, the gateway protects confidentiality and integrity of the first key by using; a second key that is preliminarily shared between the gateway and each of the MTC devices, and that is used for the gateway to authenticate each of the MTC devices as a member of the group;
ora third key that is shared between an MTC-IWF (MTC Inter-Working Function) and each of the MTC devices, and that is used to derive temporary keys for securely conducting individual communication between the MTC-IWF and each of the MTC devices, the MTC-IWF serving as an entering point to the core network for an SCS (Service Capability Server) that communicates with the group through the core network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A gateway to a core network for a group of MTC devices communicating with the core network, the gateway comprising:
-
protection means for protecting confidentiality and integrity of a first key for securely conducting group communication; and distribution means for distributing the protected first key to each of the MTC devices, wherein the protection means is configured to perform the protection by using; a second key that is preliminarily shared between the gateway and each of the MTC devices, and that is used for the gateway to authenticate each of the MTC devices as a member of the group;
ora third key that is shared between an MTC-IWF and each of the MTC devices, and that is used to derive temporary keys for securely conducting individual communication between the MTC-IWF and each of the MTC devices, the MTC-IWF serving as an entering point to the core network for an SCS that communicates with the group through the core network. - View Dependent Claims (12, 13, 14, 15)
-
-
16. An MTC device that is grouped to communicate with a core network, the MTC device comprising:
-
reception means for receiving, from a gateway to the core network for a group of MTC devices, a first key for securely conducting group communication, confidentiality and integrity of the first key being protected with a second key or a third key, wherein the second key is preliminarily shared between the gateway and each of the MTC devices, and used for the gateway to authenticate each of the MTC devices as a member of the group, wherein the third key is shared between an MTC-IWF and each of the MTC devices, and used to derive temporary keys for securely conducting individual communication between the MTC-IWF and each of the MTC devices, the MTC-IWF serving as an entering point to the core network for an SCS that communicates with the group through the core network.
-
-
17. A method of controlling operations in a gateway to a core network for a group of MTC devices that communicates with the core network, the method comprising:
-
protecting confidentiality and integrity of a first key for securely conducting group communication; and distributing the protected first key to each of the MTC devices, wherein the protection is performed by using; a second key that is preliminarily shared between the gateway and each of the MTC devices, and that is used for the gateway to authenticate each of the MTC devices as a member of the group;
ora third key that is shared between an MTC-IWF and each of the MTC devices, and that is used to derive temporary keys for securely conducting individual communication between the MTC-IWF and each of the MTC devices, the MTC-IWF serving as an entering point to the core network for an SCS that communicates with the group through the core network.
-
-
18. A method of controlling operations in an MTC device that is grouped to communicate with a core network, the method comprising:
-
receiving, from a gateway to the core network for a group of MTC devices, a first key for securely conducting group communication, confidentiality and integrity of the first key being protected with a second key or a third key, wherein the second key is preliminarily shared between the gateway and each of the MTC devices, and used for the gateway to authenticate each of the MTC devices as a member of the group, wherein the third key is shared between an MTC-IWF and each of the MTC devices, and used to derive temporary keys for securely conducting individual communication between the MTC-IWF and each of the MTC devices, the MTC-IWF serving as an entering point to the core network for an SCS that communicates with the group through the core network.
-
Specification