A user equipment (UE) may be attached via a signaling radio bearer (SRB) to an access node of a radio access network such as en eNodeB of an LTE radio access network. In order to encounter for fraudulent attacks by interceptors of a packet transmitted via the SBR, the receiving user equipment may perform an integrity verification procedure. Such a verification procedure is known from TS 36.323 V11.2.0 (2013-03-18), section 5.1.2.2, in which it is described that a protocol entity of the user equipment may perform following steps for a received Packet Data Convergence Protocol (PDCP) data unit:
The receiving user equipment may firstly decipher and verify integrity protection of the received protocol data unit (PDU). A PDCP sequence number (SN) included in the received PDU is compared against the next expected PDCP SN and the hyper frame number (HFN) is adjusted appropriately to account for PDCP SN wrap around, i.e. a restart of counting of the SN from zero to a maximum available SN number.
Afterwards the integrity verification procedure in the PDCP receiving user equipment takes a parameter called COUNT into account. The parameter COUNT is based on a first parameter called Next_PDCP_RX_SN which is the PDU SN expected by the user equipment to be the next SN of the received PDU in view of the previously received PDU SN, and a second parameter called RX_HFN which corresponds to the HFN assumed to be the valid one in the receiving user equipment. The verification procedure is successful, if the accordingly calculated parameter COUNT has the same value as the COUNT value used by the transmitting entity for integrity protection and included in the received PDU, and if the PDU's content, for example the payload transmitted in the PDU, are equal.
If the above described deciphering and integrity verification is successful, the local variables RX_HFN and Next_PDCP_RX_SN are updated in the user equipment according to the actual received PDCP SN and the PDCP SDU is delivered to respective protocol entities of a higher layer. In this respect, SDU may denote a service data unit. If the integrity verification is not successful, hence fails, the PDCP SDU is discarded and a notification is sent to the protocol entity of a higher layer or to the protocol entities of the higher layers, which notification indicates that the integrity verification has failed. For completeness, section 5.1.2.2 of TS 36.323 V11.2.0 (2013-3-18) defines the above mechanism as a pseudocode and reads as follows:
For SRBs, at reception of a PDCP Data PDU from lower layers, the UE shall:
- if received PDCP SN < Next_PDCP_RX_SN:  - decipher and verify the integrity of the PDU (if applicable) using   COUNT based on RX_HFN + 1 and the received PDCP SN as   specified in the subclauses 5.6 and 5.7, respectively;- else:  - decipher and verify the integrity of the PDU (if applicable) using   COUNT based on RX_HFN and the received PDCP SN as   specified in the subclauses 5.6 and 5.7, respectively;- if integrity verification is applicable and the integrity verification is  passed successfully; or- if integrity verification is not applicable:  - if received PDCP SN < Next_PDCP_RX_SN:   - increment RX_HFN by one;  - set Next_PDCP_RX_SN to the received PDCP SN + 1;  - if Next_PDCP_RX_SN > Maximum_PDCP_SN:   - set Next_PDCP_RX_SN to 0;   - increment RX_HFN by one;  - deliver the resulting PDCP SDU to upper layer;- else, if integrity verification is applicable and the integrity verification  fails:  - discard the received PDCP Data PDU;  - indicate the integrity verification failure to upper layer.
Currently, dual connectivity and RRC message transmission diversity is discussed. In this respect, dual connectivity may relate to a communication scenario as seen from the UE's perspective in which the UE may simultaneously receive from and transmit to at least two different network points, for example access nodes. Dual connectivity is a feature being standardized within the umbrella work of a study item called “small cell enhancements” of 3GPP Rel-12. RRC message transmission diversity or, as it may be shortly called RRC transmission diversity, may be enabled by dual connectivity and may may relate to a communication scenario in which control signaling can be transmitted via at least two connections between a network and a UE. In this regard, control signaling may be used for controlling a receiving entity, for example the UE. Control signaling may be considered as payload for lower layer protocol data units. Control signaling may comprise RRC messages to be used for controlling the UE.
In such a LTE based communication scenario, two different network points are usually denoted as Master eNodeB (MeNB) and Secondary eNdeB (SeNB). It is assumed that the RRC protocol, which is responsible of configuring the UE, is terminated within the MeNB. Referring to FIG. 1, a communication scenario comprising a MeNB 12 and a SeNB 14 may be illustrated. The MeNB 12 may be an embodiment of a network node of a communication network, for example a radio access node of a radio access network. The SeNB 14 may be an embodiment of a further network node of the communication network, for example a further radio access node of the radio access network. As illustrated, the MeNB 12 may comprise Media Access Protocol (MAC) protocol layers 16a, 16b, Radio Link Control (RLC) protocol layers 18a, 18b, PDCP protocol layers 20a, 20b, and a Radio Resource Control (RRC) protocol layer 22. The SeNB 14 may comprise MAC protocol layers 24a, 24b, RLC protocol layers 26a, 26b and a PDCP protocol layer 28. According to some embodiments, the SeNB 14 may only comprise the MAC protocol layers 24a, 24b and RLC protocol layers 26a, 26b. According to some embodiments, the MeNB 12 and/or the SeNB 14 may comprise one MAC protocol layer instead of the two MAC protocol layers 16a, 16b, 24a, 24b. A signaling radio bearer may extend between the RRC protocol layer 22 of the MeNB 12 and a UE, and in particular between the RRC protocol layer 22 of the MeNB 12 and a RRC protocol layer of the UE. The signaling radio bearer may be split internally of the MeNB 12 at or below PDCP protocol layer level when seen from a protocol layer perspective, i.e. at or below the PDCP protocol layer 20b, and may utilize the RLC protocol layer 18b and the MAC protocol layer 16b of the MeNB 12 and the RLC protocol layer 26a and the MAC protocol layer 24a of the SeNB 14. Hence, a protocol entity of the PDCP protocol layer 20b in MeNB 12 may be connected with a protocol entity of the RLC protocol layer 26a in the SeNB 14 via a backhaul channel via which the splitted portion of the signaling radio bearer may extend. FIG. 1 illustrates a combined protocol architecture for Release 12 supporting three types of radio bearers, namely:
Type 1: Bearer served by MeNB(left in FIG. 1)Type 2: Bearer served by SeNB(right in FIG. 1)Type 3: Bearer split over both MeNB and SeNB(middle in FIG. 1)
The type 1 bearer may utilize the dotted protocol layers 16a, 18a, 20a in the MeNB 12. The type 2 bearer may utilize the vertically dashed protocol layers 24b, 26b, and 28b in the SeNB 14. The type 3 bearer may utilize the diagonally striped protocol layers 16b, 18b, 20b, 24a, 26a in the MeNB 12 and the SeNB 14. It may be noted that from a UE perspective, the UE can be regarded to be connected to the MeNB 12 via a first signaling radio bearer and to the SeNB 14 via a second signaling radio bearer when seen from a protocol layer perspective below RRC and can be seen to be connected to the MeNB 12 and the SeNB 14 via one signaling bearer at RRC protocol layer level or in other words above a PDCP protocol layer level. For completeness of the description, an arrow 30 in the Figure may indicate an incoming data flow for the MeNB 12, for example from an Internet Protocol (IP) layer. An arrow 32 may indicate an incoming data flow for the SeNB 14. An arrow 34 may indicate a data flow via the backhaul link between the MeNB 12 and the SeNB 14.
To convey RRC messages, signaling radio bearers (SRBs) are used, which may implement the bearer types described above. The simplest case is to transport PDUs via an SRB with type 1, for example to use the SBR via the MeNB link to the UE only. In this case the SRB is terminated in the MeNB. Transport of PDUs may be performed via the dotted protocol layers 16a, 18a, 20a. For type 2, RRC messages need to be transported from MeNB to SeNB and then via an SRB from SeNB to the UE. In this case the SRB is terminated in the SeNB. Transport of PDUs may be performed via the vertically dashed protocol layers 24b, 26ba, 28. To support diversity for the RRC message transmission, for example for an increase of transmission reliability, the split-bearer architecture (type 3) can be used for the SRB. Transport of PDUs may be performed via the diagonally striped protocol layers 16b, 18b, 20b and 24a, 26a by also utilizing the backhaul channel. In this approach, it is envisaged that the PDCP PDU corresponding to the RRC message is duplicated such that a copy is sent on both MeNB and SeNB link to the UE. FIG. 2 illustrates such a copying PDCP PDU containing a RRC message to be transmitted via both MeNB and SeNB link.
In particular, FIG. 2 may illustrate a communication scenario comprising a MeNB 12, a SeNB 14 and a UE 36 connectable to the MeNB 12 and the SeNB 14. The MeNB 12 can be the MeNB illustrated in FIG. 1, and the SeNB can be the SeNB illustrated in FIG. 1. As illustrated, the MeNB 12 may comprise a MAC protocol layer 16b, a RLC protocol layer 18b, a PDCP protocol layer 20b, and a RRC protocol layer 22. The SeNB 14 may comprise a MAC protocol layer 24a and a RLC protocol layer 26a. The UE 36 may comprise MAC protocol layers 38a, 38b, RLC protocol layers 40a, 40b, a PDCP protocol layer 42, and a RRC protocol layer 44. A signaling radio bearer may extend between the RRC protocol layer 22 of the MeNB 12 and the RRC protocol layer 44 of the UE 36. The signaling radio bearer may be indicated in the Figure by the thick line. The signaling radio bearer may be split at or below the PDCP protocol layer level such that a splitted portion of the signaling radio bearer may extend between the RRC protocol layer 22 of the MeNB 12 and the RRC protocol layer 44 of the UE 36 via the RLC protocol layer 26a and the MAC protocol layer 24a of the SeNB 14. Form a perspective of the UE 36 below the RRC layer level, the UE 36 may be regarded to be connected to the MeNB 12 via a first signaling radio bearer and to the SeNB 14 via a second signaling radio bearer. Packet duplication of PDCP protocol data units (PDU) may occur at a point 46 between the RLC protocol layer 18b and the PDCP protocol layer 20b of the MeNB 12. It is noted that the point 46 may be also part of the PDCP layer 20b. Such a protocol data unit 48 comprising a sequence number (SN) X is indicated in the Figure by “PDCP PDU SN X”. The PDUs and the duplicated PDUs are transmitted to the UE 36 via a MeNB link 50 and via a SeNB link 52, respectively.
Since perfect simultaneous coverage of both the MeNB cell and SeNB cell cannot always be assumed, reception of RRC messages via a SRB on the MeNB cell only might introduce delays due to lower layer failures or might fail entirely. This may degrade signaling and mobility robustness. For the envisaged split-SRB protocol architecture (type 3 in FIG. 1), to support diversity of RRC message transmission, PDCP PDUs are duplicated. Currently, duplication detection and discard is not supported intentionally by PDCP. The PDCP procedure described above may lead in case of duplicate received PDCP PDUs to the discard of those duplicate PDUs, but since this discard is part of PDCP security functionality and intended to detect so called “replay attack” in which an interceptor tries to send alternated PDU with same SN after original PDU, an indication of integrity verification failure may be send to upper layers. This registration of a security breach may be unnecessary and may be wrong in case of duplicate received PDCP PDUs.