Security management method and apparatus for group communication in mobile communication system

US 9,894,065 B2
Filed: 09/27/2013
Issued: 02/13/2018
Est. Priority Date: 09/27/2012
Status: Active Grant

First Claim

Patent Images

1. A security management method for group communication performed by a server in a mobile communication system, the method comprising:

receiving a security key including a user identification security key;

generating a session security key for session protection in a group communication;

mapping the session security key to a group identity for identifying a specific group to which a user equipment (UE) using the group communication belongs, wherein the session security key includes information on the specific group to which the UE belongs;

transmitting the group identity and the session security key to the UE, the session security key being ciphered using the user identification security key;

generating a traffic key for protection of traffic, the traffic key ciphered using the session security key, wherein the traffic key includes information on the specific group to which the traffic key belongs; and

transmitting the group identity and the traffic key to the UE,wherein the traffic key is deciphered by using the session security key at the UE.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to a security management method and an apparatus for group communication when a terminal interacts and communicates with a mobile communication system. The security management method for group communication performed in a server, which manages the group communication in the mobile communication system according to one embodiment of the present invention, includes the steps of: generating a session security key for session protection in the group communication, and mapping the session security key to a group identifier for identifying a specific group to which a terminal using the group communication belongs; transmitting the group identifier and the session security key to the terminal; and generating a traffic key for protecting traffic and transmitting the group identifier and the traffic key to the terminal.

21 Citations

22 Claims

1. A security management method for group communication performed by a server in a mobile communication system, the method comprising:
- receiving a security key including a user identification security key;
  
  generating a session security key for session protection in a group communication;
  
  mapping the session security key to a group identity for identifying a specific group to which a user equipment (UE) using the group communication belongs, wherein the session security key includes information on the specific group to which the UE belongs;
  
  transmitting the group identity and the session security key to the UE, the session security key being ciphered using the user identification security key;
  
  generating a traffic key for protection of traffic, the traffic key ciphered using the session security key, wherein the traffic key includes information on the specific group to which the traffic key belongs; and
  
  transmitting the group identity and the traffic key to the UE,wherein the traffic key is deciphered by using the session security key at the UE.
- View Dependent Claims (2, 3, 4, 5, 6, 21)
- - 2. The security management method of claim 1, further comprising:
    - receiving group information for the group communication from the UE; and
      
      assigning the group identity corresponding to the group information.
  - 3. The security management method of claim 2, wherein the group information includes information about at least one of an area and a cell to which the UE belongs.
  - 4. The security management method of claim 1, further comprising receiving the group identity from the UE, conditioned upon the UE knowing the group identity.
  - 5. The security management method of claim 1, further comprising:
    - in response to receiving a machine type communication (MTC) security function identity and group information from the UE that uses MTC, transmitting the group information to another server that generates the security key related to use of an application; and
      
      receiving the security key related to use of the application and a session key of the application from said another server.
  - 6. The security management method of claim 1, wherein the session security key is used for each UE during deciphering of the traffic key.
  - 21. The security management method of claim 1,wherein the session security key is ciphered using a user identification security key when the session security key is transmitted to the UE, the user identification security key is generated based on an application session key, and the application session key is generated based on a master session key associated with the UE.

7. A server in a mobile communication system, the server comprising:
- a communication interface configured to transmit and receive data in the mobile communication system; and
  
  a controller configured to;
  
  control the communication interface to receive a security key including a user identification security key;
  
  generate a session security key for session protection in a group communication;
  
  map the session security key for session protection to a group identity for identifying a specific group to which a user equipment (UE) using the group communication belongs, wherein the session security key includes information on the specific group to which the UE belongs;
  
  control the communication interface to transmit the group identity and the session security key to the UE, the transmitted session security key being ciphered using the user identification security key;
  
  generate a traffic key for protection of traffic, the traffic key ciphered using the session security key, wherein the traffic key includes information on the specific group to which the traffic key belongs; and
  
  control the communication interface to transmit the group identity and the traffic key to the UE,wherein the traffic key is deciphered by using the session security key at the UE.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The server of claim 7, wherein the controller is configured to control the communication interface to receive, via the communication interface, group information for the group communication from the UE;
    - and assign a group identity corresponding to the group information.
  - 17. The server of claim 16, wherein the group information includes information about at least one of an area and a cell to which the UE belongs.
  - 18. The server of claim 7, wherein the controller is configured to control the communication interface to receive, via the communication interface, the group identity from the UE, conditioned upon the UE knowing the group identity.
  - 19. The server of claim 7, wherein the traffic key is deciphered by using the session security key at the UE, wherein the controller is configured to transmit, via the communication interface, in response to receiving a machine type communication (MTC) security function identity and a group information from the UE that uses MTC, the group information to another server that generates the security key related to use of an application;
    - and receive, via the communication interface, the security key related to use of the application and a session key of the application from said another server.
  - 20. The server of claim 7, wherein the session security key is used for each UE during deciphering of the traffic key.

8. A security management method by a user equipment (UE) in a mobile communication system, the method comprising:
- transmitting information about a specific group to which the UE using a group communication belongs, to a server that manages a group communication;
  
  receiving a session security key for the group communication, wherein the received session security key is ciphered using a user identification security key, wherein the session security key is mapped to a group identity for identifying a specific group to which a UE using the group communication belongs, and wherein the session security key includes information on the specific group;
  
  receiving a traffic key for protection of traffic from the server that has received the information about the specific group, the traffic key ciphered using the session security key, wherein the traffic key includes information on the specific group to which the traffic key belongs;
  
  deciphering the traffic key using the received session security key; and
  
  performing the group communication through the server using the deciphered traffic key.
- View Dependent Claims (9, 10, 11, 22)
- - 9. The security management method of claim 8, wherein the information about the specific group to which the UE belongs includes information about at least one of an area and a cell to which the UE belongs.
  - 10. The security management method of claim 8, wherein the information about the specific group to which the UE belongs includes a group identity corresponding to the specific group.
  - 11. The security management method of claim 8, wherein the receiving further comprises receiving an assigned group identity from the server based on the information about the specific group.
  - 22. The security management method of claim 8, wherein the session security key is ciphered using a user identification security key when the session security key is transmitted to the UE, the user identification security key is generated based on an application session key, and the application session key is generated based on a master session key associated with the UE.

12. A user equipment (UE) in a mobile communication system, the UE comprises:
- a transceiver configured to transmit and receive data in the mobile communication system; and
  
  a controller configured to;
  
  control the transceiver to transmit information about a specific group to which the UE using a group communication belongs, to a server that manages the group communication;
  
  control the transceiver to receive a session security key for the group communication, wherein the received session security key is ciphered using a user identification security key, wherein the session security key is mapped to a group identity for identifying a specific group to which a UE using the group communication belongs, and wherein the session security key includes information on the specific group;
  
  control the transceiver to receive a traffic key for protection of traffic from the server that has received the information about the specific group, the traffic key ciphered using the session security key, wherein the traffic key includes information on the specific group to which the traffic key belongs;
  
  decipher the traffic key using the received session security key; and
  
  perform the group communication through the server using the deciphered traffic key.
- View Dependent Claims (13, 14, 15)
- - 13. The UE of claim 12, wherein the information about the specific group to which the UE belongs includes information about at least one of an area and a cell to which the UE belongs.
  - 14. The UE of claim 12, wherein the information about the specific group to which the UE belongs includes a group identity corresponding to the specific group.
  - 15. The UE of claim 12, wherein the controller is configured to control the transceiver to receive, via the transceiver, an assigned group identity from the server based on the information about the specific group.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Suh, Kyung-Joo
Primary Examiner(s)
Cribbs, Malcolm

Application Number

US14/432,179
Publication Number

US 20150244720A1
Time in Patent Office

1,600 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 63/062   for key distribution, e.g. ...

H04L 63/065   for group communications cr...

H04L 63/0876   based on the identity of th...

H04W 12/0431   Key distribution or pre-dis...

H04W 4/08   User group management

H04W 4/70   Services for machine-to-mac...

Security management method and apparatus for group communication in mobile communication system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

21 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Security management method and apparatus for group communication in mobile communication system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links