In a wireless communication system, which is a next-generation communication system, a wireless portable Internet supports mobility for local area data communication such as a conventional wireless local access network (LAN) that uses a fixed access point. Various wireless portable Internet standards have been proposed, and the international standard of the portable Internet has actively progressed on the IEEE 802.16. The IEEE 802.16 supports a metropolitan area network (MAN) representing an information communication network covering the LAN and the wide area network (WAN).
The IEEE 802.16 wireless MAN system defines a traffic data encryption function in order to securely provide various services. The traffic data encryption function has become a basic requirement for service security as well as network stability.
The currently proposed privacy key management version 2 (PKMv2) is a security key update protocol for generating and distributing a traffic encryption key that encrypts traffic data in the IEEE 802.16 wireless MAN system. According to the PKMv2, each traffic encryption key has a limited lifetime and thus must be periodically updated with a new traffic encryption key for security. Accordingly, a subscriber station and a base station share the same traffic encryption key.
It may cause an excessive load increase of a radio signal channel in the IEEE 802.16 wireless MAN system in the case that a method for updating a group traffic encryption key (GTEK) for a multicast service, a broadcast service, or a multicast-broadcast service (MBS) is processed in the same way that the method for updating a traffic encryption key for a unicast service is processed.
In order to solve the above-stated problem, Korean Patent Laid-Open Publication No. 2005-0089736 disclosed two methods for updating a TEK for a multicast service and a broadcast service. According to this prior art, a base station automatically updates a traffic encryption key (TEK) when it is necessary to update a TEK for a multicast service and a broadcast service, and distributes the updated TEK using a broadcasting channel. Particularly, according to the prior art, a group key encryption key (GKEK) used for encrypting a TEK is generated and distributed first and then the TEK is updated, and thus the base station distributes a newer TEK encrypted with the updated GKEK through a broadcasting channel to all subscriber stations.
Therefore, conventionally, when updating a TEK for the multicast service, broadcast service, or MBS, the base station continuously performs an updating process for a TEK that is valid in the next time interval in order to provide seamless and secure services in the multicast service, broadcast service, or MBS. The base station provides the TEK being valid in the next time interval to the subscriber station through a broadcasting channel and therefore the TEK needs to be encrypted, and a GKEK is used as an input key for the encryption of the TEK. Particularly, the lifetime of the TEK and the lifetime of the GKEK are the same, and a key used for encrypting the TEK is a new GKEK which is updated during the valid lifetime of the current TEK and assigned.
However, it is inefficient to transmit a Key Update Command message for the GKEK update mode whenever the base station updates a TEK so as to provide all the subscriber stations served with the multicast service, broadcast service, or MBS with the same GKEK. Particularly, in the case that a service provider intentionally reduces a lifetime of a TEK for enhancing service security, the number of transmissions of the Key Update Command message for the GKEK mode to each subscriber served with the above service increases in proportion to the number of transmissions of the Key Update Command message for the TEK update mode. Resultantly, the processing amount and radio resource consumption become increased for transmission of the Key Update Command message for the GKEK update mode. In other words, in the case of reducing the lifetime of the TEK for increasing service security, the number of TEK updates is more increased within the same amount of time compared to before the reduction of the lifetime of the TEK, and as a result, the number of GKEK updates also increases. This implies that the resource will be more consumed since the number of transmissions of the Key Update Command message for the GKEK update is increased.
Therefore, a method for reducing an amount of radio channel resources used for transmitting the Key Update Command message for the GKEK update mode while increasing security for the service is required.
The above information disclosed in this Background section is only for enhancement of understanding of the background of the invention and therefore it may contain information that does not form the prior art that is already known in this country to a person of ordinary skill in the art.