Technical Field
One or more embodiments of the present disclosure relate to secure radio access with inter-eNB carrier aggregation in radio network systems such as that of 3GPP's Long Term Evolution (LTE). A design according to one or more embodiments uses a set of bearers of a user equipment (UE) that is transmitted over an eNB, while another set of bearers of the UE is transmitted over a different eNB. Specifically, the one or more embodiments of the present invention are used to improve the security of radio networks with inter-eNB aggregation.
Background Art
In LTE and LTE-Advanced networks the security framework depends on the assumption that a user equipment (UE) is served by a single eNB. More specifically, the security-related procedures and the architecture of the core network, eNB, and UE, all depend on the assumption that a UE is served by a single eNB.
According to existing frameworks, an existing eNB may exchange the KeNB of a UE with another eNB when the serving eNB of the UE changes. Put another way, when the inter-eNB handover occurs, the existing eNB may exchange the KeNB with a new eNB. In LTE and LTE-Advanced networks KeNB is a base key specific to a UE and eNB pair and is used to derive a set of keys for ciphering or integrity-protecting the communications between the UE and the eNB over the radio interface. The set of keys derived from the KeNB may include: KRRCenc, KRRCint, KUPenc.
As discussed above, in LTE and LTE-Advanced networks a base key, KeNB, specific to a UE-eNB pair is defined and is used to derive other keys. If there is a change of serving eNB for a UE, the base key for the new pair of eNB and the UE is created. This new key can be created by the previous serving eNB or by the mobile management entity (MME) in the core network. Next, a new set of derived keys are re-derived using the new base key. However, in any scenario, there may be only one base key and only one set of derived keys that are effective at the same time.
In LTE-Advanced, carrier aggregation has been introduced to further enhance network capacity and increase peak throughput. Carrier aggregation according to LTE-Advanced requires the carriers to be operated by a single eNB or, in other words, intra-eNB carrier aggregation. For example, FIG. 1 illustrates intra-eNB carrier aggregation in a core network 101, eNB 102, and UE 105. As can be seen, FIG. 1 depicts Cell 1 103 with a carrier frequency of F1 and Cell 2 104, with a carrier frequency of F2. F1 and F2 in this case are different carrier frequencies, but both are operated by the same eNB 102. If a UE 105 is in the coverage of both cells 103, 104 and supports aggregation of the carriers of frequencies F1 and F2, the two carriers can be aggregated and the UE 105 is served by both the two cells 103, 104. As such, because the carrier frequencies F1 and F2 are different, concurrent transmission over the two cells 103, 104 is possible without introducing interference. Carriers aggregated in this way are referred to as component carriers (CC).
According to intra-eNB carrier aggregation, aggregating more than one CC is simply considered as having additional transmission resources. Deciding which carrier to send a transport block (TB) of a data radio bearer (DRB) in the downlink is basically a scheduling decision of an eNB. After a TB is mapped to a CC, the subsequent physical layer processing such as HARQ, coding, rate matching, modulation, and resource mapping for the TB is performed on the CC. As in the downlink, when a UE receives uplink grants in multiple CCs at the same time (i.e., in one subframe), the UE is allowed to freely map a TB of a RB to any of the CCs. After a TB is mapped to a CC, the subsequent physical layer processing for the TB is performed on a per-CC basis.
Intra-eNB CA has no impact on the security framework. As in the case without CA, only one eNB serves a UE. A base key, KeNB, can be well-defined for a specific pair of a UE and its serving eNB. Also, as in the case without CA, control plane communication between the UE and the eNB is ciphered by KRRCenc, integrity protected by KRRCint, and user plane communication between them is ciphered by KUPenc, all of which are derived from the base key, KeNB.
As LTE and LTE-Advanced continue to grow and expand, a need has arisen to develop inter-eNB carrier aggregation schemes. However, current security schemes are incapable of supporting key generation for inter-eNB carrier aggregation systems.