System and method for selection of security algorithms
First Claim
1. A method of managing security for a connection between a user device and an Long Term Evolution (LTE) communications network comprising at least one Evolved Universal Terrestrial Radio Access Network (E-UTRAN) base station and a core network, the method comprising:
- receiving, at the core network, security capability information for the user device connecting to the communications network;
obtaining security capability information for one base station of the at least one base stations;
processing, at the core network, the security capability information for the user device and the security capability information for the base station to select a plurality of preferred security policies for a connection between the user device and the base station; and
transmitting the selected plurality of preferred security policies to the base station as a list of preferred security policies from which said base station can select a security policy,wherein the selected security policy relates to at least one of a Radio Resource Control (RRC), a User Plane (UP), and a Non-Access Stratum (NAS) security algorithm selection.
2 Assignments
0 Petitions
Accused Products
Abstract
There is described a method and apparatus for managing security for a connection between a user device and a communications network comprising at least one base station and a core network. In one embodiment, the method includes receiving at the core network security capability information for the user device connecting to the communications network. Security capability information for the base station is then obtained from memory or from the base station itself. The security capability information for the user device and the security capability information for the base station is then processed in the core network to select a security policy for a connection between the user device and the base station and the selected security policy is transmitted to the base station.
37 Citations
30 Claims
-
1. A method of managing security for a connection between a user device and an Long Term Evolution (LTE) communications network comprising at least one Evolved Universal Terrestrial Radio Access Network (E-UTRAN) base station and a core network, the method comprising:
-
receiving, at the core network, security capability information for the user device connecting to the communications network; obtaining security capability information for one base station of the at least one base stations; processing, at the core network, the security capability information for the user device and the security capability information for the base station to select a plurality of preferred security policies for a connection between the user device and the base station; and transmitting the selected plurality of preferred security policies to the base station as a list of preferred security policies from which said base station can select a security policy, wherein the selected security policy relates to at least one of a Radio Resource Control (RRC), a User Plane (UP), and a Non-Access Stratum (NAS) security algorithm selection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 28)
-
-
22. A gateway for managing security for a connection between a user device and an Long Term Evolution (LTE) communications network comprising at least one Evolved Universal Terrestrial Radio Access Network (E-UTRAN) base station and a core network, the gateway comprising:
-
a receiving unit configured to receive security capability information for the user device connecting to the communications network; an obtaining unit configured to obtain security capability information for a base station of the at least one base stations; a processing unit configured to process the security capability information for the user device and the security capability information for the base station to select a plurality of preferred security policies for a connection between the user device and the base station; and a transmitting unit configured to transmit the plurality of preferred selected security policies to the base station as a list of preferred security policies from which said base station can select a security policy, wherein the selected plurality of preferred security policies relates to at least one of a Radio Resource Control (RRC), a User Plane (UP), and a Non-Access Stratum (NAS) security algorithm selection. - View Dependent Claims (23, 24, 25, 26)
-
-
27. An Evolved Universal Terrestrial Radio Access Network (E-UTRAN) gateway for managing security for a connection between a user device and a communications network comprising at least one base station and a core network, the gateway comprising:
-
a receiver for receiving security capability information for the user device connecting to the communications network; a device for obtaining security capability information for the base station; a processor for processing the security capability information for the user device and the security capability information for the base station to select a plurality of preferred security policies for a connection between a user device and the base station; and a transmitter for transmitting the selected plurality of preferred security to the base station as a list of preferred security policies from which said base station can select a security policy, wherein the selected security policy relates to at least one of a Radio Resource Control (RRC), a User Plane (UP), and a Non-Access Stratum (NAS) security algorithm selection.
-
-
29. A user device for connecting to a Long Term Evolution (LTE) communications network comprising at least one Evolved Universal Terrestrial Radio Access Network (E-UTRAN) base station and a core network, the user device comprising:
-
a transmitter for transmitting security capability information for the user device to the core network; and a connection unit configured to establish a connection to the base station using a selected security policy; wherein the selected security policy is selected by the base station, from a preferred list of security policies comprising a plurality of preferred security policies selected by the core network based on the security capability information for the user device and security capability information for the base station; and wherein the selected security policy relates to at least one of Radio Resource Control (RRC), User Plane (UP) and Non-Access Stratum (NAS) security algorithm selection.
-
-
30. A method performed by a user device for connecting to a Long Term Evolution (LTE) communications network comprising at least one Evolved Universal Terrestrial Radio Access Network (E-UTRAN) base station and a core network, the method comprising:
-
transmitting security capability information for the user device to the core network; and establishing a connection to the base station using a selected security policy; wherein the selected security policy is selected by the base station, from a preferred list of security policies comprising a plurality of preferred security policies selected by the core network based on the security capability information for the user device and security capability information for the base station; and wherein the selected security policy relates to at least one of Radio Resource Control (RRC), User Plane (UP) and Non-Access Stratum (NAS) security algorithm selection.
-
Specification