To meet the demand for wireless data traffic having increased since deployment of 4G communication systems, efforts have been made to develop an improved 5G or pre-5G communication system. Therefore, the 5G or pre-5G communication system is also called a ‘Beyond 4G Network’ or a ‘Post LTE System’. The 5G communication system is considered to be implemented in higher frequency (mmWave) bands, e.g., 60 GHz bands, so as to accomplish higher data rates. To decrease propagation loss of the radio waves and increase the transmission distance, the beamforming, massive multiple-input multiple-output (MIMO), Full Dimensional MIMO (FD-MIMO), array antenna, an analog beam forming, large scale antenna techniques are discussed in 5G communication systems. In addition, in 5G communication systems, development for system network improvement is under way based on advanced small cells, cloud Radio Access Networks (RANs), ultra-dense networks, device-to-device (D2D) communication, wireless backhaul, moving network, cooperative communication, Coordinated Multi-Points (CoMP), reception-end interference cancellation and the like. In the 5G system, Hybrid FSK and QAM Modulation (FQAM) and sliding window superposition coding (SWSC) as an advanced coding modulation (ACM), and filter bank multi carrier (FBMC), non-orthogonal multiple access (NOMA), and sparse code multiple access (SCMA) as an advanced access technology have been developed.
The Internet, which is a human centered connectivity network where humans generate and consume information, is now evolving to the Internet of Things (IoT) where distributed entities, such as things, exchange and process information without human intervention. The Internet of Everything (IoE), which is a combination of the IoT technology and the Big Data processing technology through connection with a cloud server, has emerged. As technology elements, such as “sensing technology”, “wired/wireless communication and network infrastructure”, “service interface technology”, and “Security technology” have been demanded for IoT implementation, a sensor network, a Machine-to-Machine (M2M) communication, Machine Type Communication (MTC), and so forth have been recently researched. Such an IoT environment may provide intelligent Internet technology services that create a new value to human life by collecting and analyzing data generated among connected things. IoT may be applied to a variety of fields including smart home, smart building, smart city, smart car or connected cars, smart grid, health care, smart appliances and advanced medical services through convergence and combination between existing Information Technology (IT) and various industrial applications.
In line with this, various attempts have been made to apply 5G communication systems to IoT networks. For example, technologies such as a sensor network, Machine Type Communication (MTC), and Machine-to-Machine (M2M) communication may be implemented by beamforming, MIMO, and array antennas. Application of a cloud Radio Access Network (RAN) as the above-described Big Data processing technology may also be considered to be as an example of convergence between the 5G technology and the IoT technology.
Device-to-device (D2D) communication is being studied in communication standard groups to enable data communication services between a plurality of user equipment (UEs). During the D2D communication a transmitting D2D UE may transmit data packets to a group of D2D UEs or broadcast data packets to all the D2D UEs. The D2D communication between the transmitter and receiver(s) are connectionless in nature (i.e., there is no connection setup between the transmitter and receiver before the transmitter starts transmitting the data packets). During the transmission, the transmitter includes the source identification (ID) and the destination ID in the data packets. The source ID is set to the UE ID of the transmitter. The destination ID is the broadcast ID or group ID or UE ID of an intended recipient of the transmitted packet.
One of the requirements of D2D communication is that a UE in out of coverage of a network should be able to communicate with the network via another UE (i.e., UE-to-network relay which is in coverage of network and is in proximity of a remote UE. This is illustrated in FIG. 1.
FIG. 1 is a flow diagram illustrating a D2D communication between a remote UE and a UE-to-network relay according to the related art.
Referring to FIG. 1, communication between a remote UE and a UE-to-network relay includes a remote UE 102, UE-to-network relay 104, an e node B (eNB) 106, an evolved packet core (EPC) 108 and a public safety server 110. The remote UE 102 communicates with the UE-to-network relay 104 using D2D communication. Further requirements of the D2D communication is that UEs out of proximity with each other should be able to communicate via another UE (i.e., UE-to-UE relay) which is in proximity to both UEs.
In order to support the security for the D2D communication a proximity-based service (ProSe) group key (PGK) is defined. The PGK is specific to a group of D2D UEs. Multiple PGKs per group may be pre-provisioned in the UE. Each of these PGKs for a same group is identified using a PGK ID (usually, 8 bits in size). Each PGK also has an expiry time associated with the PKG. If the UE wants to send data packets to a group, then the UE derives a ProSe traffic key (PTK) from the PGK corresponding to that group. The PTK is identified using PTK ID. The PTK is a group member specific key generated from the PGK. Each PTK is also associated with a PTK ID counter (usually, 16 bits in size). For encrypting data the combination of <PTK, packet data convergence protocol (PDCP) counter> is unique. The PDCP counter is updated for every packet transmitted. If the PDCP counter rolls over, then a new PTK is generated from the PGK. PTK=key derivation function (KDF) (PGK, PTK ID, group member identity of transmitter). A ProSe encryption key (PEK) is also generated whenever PTK is generated. PEK=KDF (PTK, algorithm ID). Algorithm ID identifies the security algorithm, for example, SNOW third generation (3G) integrity algorithms or advanced encryption standard (AES) encryption algorithm, like so. The key hierarchy is illustrated in FIG. 2.
FIG. 2 is a flow diagram illustrating a key hierarchy for D2D group communication according to the related art.
Referring to FIG. 2, a PGK ID, a PTK ID and a PDCP counter value are transmitted along with a data packet. The PTK ID, the PGK ID and the PDCP counter value are included by the transmitter along with the secured data packet. The receiver generates the PTK used by transmitter using the PTK ID, the PGK ID and a destination ID (identifying the group) received along with the packet for decryption.
During the group communication the security key (i.e., PGK) is already known to both the transmitter and receiver(s). In case of communication between remote UE 102 and UE-to-network relay 104 wherein the remote UE and UE-to-network relay belong to different groups, then a different security key (i.e., PGK) is available at the remote UE 102 and the UE-to-network relay 104. So communication between the remote UE 102 and the UE-to-network relay 104 cannot be secured. In other words, the UE-to-network relay 104 may not belong to all/any of the groups (formed by the network (e.g. ProSe function)), which implies, the UE-to-network relay 104 may not have all the group keys to secure or decrypt the packets to be relayed. Further, the UE-to-network relay 104 which belongs to a specific group(s) may need to take the role/functionality of relaying packets securely to all other (or specific) group members (e.g., for mission critical communication, only one UE-to-network relay 104 is in coverage of network).
Thus, there is a need for a method and system for securing communication between remote UE and UE-to-network relay.
The above information is presented as background information only to assist with an understanding of the present disclosure. No determination has been made, and no assertion is made, as to whether any of the above might be applicable as prior art with regard to the present disclosure.