The third generation partnership project (3GPP) has initiated a long term evolution (LTE) project to bring new technology, new network architecture and configuration, and new applications and services to a wireless cellular network in order to provide improved spectral efficiency, reduced latency, faster user experiences, and richer applications and services with less cost.
In the wireless communication network, user data privacy and user data accuracy are always the main concerns. The data privacy and accuracy concerns are addressed by data block encryption, (i.e., ciphering for both user data and control messages), and implementation of ARQ protocol on the data path to recover lost or inaccurate data.
FIG. 1 shows a conventional third generation (3G) universal terrestrial radio access network (UTRAN) 100. The UTRAN 100 includes a user equipment (UE) 110, a Node-B 120 and a radio network controller (RNC) 130. In the UTRAN 100, security procedural entities 112, 132, (i.e., cipher entities), are located in the UE 110 and the RNC 130, along with outer ARQ entities 114, 134, (i.e., radio link control (RLC) acknowledged mode (AM) entities). Both the cipher entities 112, 132 and the outer ARQ entities 114, 134 use RLC protocol data unit (PDU) sequence numbers (SNs) as an input for the data block encryption/decryption and for ARQ operation.
In LTE, the architecture of the UTRAN 100 will be changed. The RNC 130 no longer exists. An evolved Node-B (eNode-B) will assume medium access control (MAC) and some radio resource control (RRC) functionalities. Original RLC sub-layer and the data security, (or ciphering), entity in the RNC 130 will have to be re-located in LTE to maintain the necessary data encryption and data ARQ functionalities. Given this new LTE network architecture, the issue is where the outer ARQ entities and the data security entities shall be located and how the two formerly co-located entities cooperate to work in the LTE system.
FIG. 2 shows a proposed LTE network 200 with respect to outer ARQ entities. The LTE network 200 includes a UE 210, an eNode-B 220 and an access gateway (aGW) 230. In the proposed LTE network 200, outer ARQ entities 212 and 222 are located in the UE 210 and the eNode-B 220, respectively. Placing the outer ARQ entity 222 in the eNode-B 220 would be optimal with respect to retransmission delay, retransmission PDU size, simple protocol complexity, low buffering requirements and possible hybrid ARQ (H-ARQ) and outer ARQ interaction. However, this approach does not have a user data security process in mind.
It would be optimal to place user data security entities in the UE 210 and the aGW 230, which is a network anchor node, for the following reasons. First, the security parameters of the UE 210 (or user), (such as UE security credentials, encryption key sets, or the like), may be kept in a safer place, (i.e., aGW 230), where the interaction of UE authentication with a home subscriber server (HSS) is administered. Second, user data may be protected all the way from the aGW 230 to the UE 210 without requiring an additional scheme to achieve at least the same level of security as in the conventional UTRAN 100. Third, eNode-B physical protection may be simplified, thus increasing the total system security protection and the system cost effectiveness, and simplifying the eNodeB functionality. Forth, inter-Node-B handover and inter-aGW handover would be easier from less security context transfer, (between eNode-Bs if the data security entity is located on an eNode-B). However, the drawback on this approach is that the outer ARQ is not taken into consideration.
Simply putting the data security entities in the eNode-B 220 or putting outer ARQ entities in the aGW 230 will not meet LTE security requirements and data retransmission performance requirements. Therefore, it would be desirable to provide an architecture and operational scheme which provides the best possible performances with respect to the data security functionality and the outer ARQ functionality for the new LTE network architecture.