Various security measures are employed to protect the messages exchanged between a network, such as a universal mobile telecommunications system (UMTS) terrestrial radio access network (UTRAN) and a mobile terminal so as to permit messages to be exchanged therebetween in a secure manner. Among other security measures, a security configuration may be established between the network, such as a radio network controller (RNC), and a mobile terminal that establishes the ciphering and integrity protection that is to be provided for the messages subsequently exchanged therebetween. For increased security, the security configuration may be changed from time to time. However, the security configuration must be changed in the same fashion by both the network and the mobile terminal as a mismatch in the security configurations of the network and the mobile terminal may result in a loss of service.
In order to change the security configuration, the network and the mobile terminal generally engage in a predefined signaling sequence. This signaling sequence may take some time, and indeed, may include a period of time during which the network has completed the transition to the new security configuration, but the mobile terminal has not yet completed the transition. During this time period, the mobile terminal may be awaiting an acknowledgement from the network indicating that the security configuration procedure has been completed by the network. Until the mobile terminal receives this acknowledgement, however, the change in the security configuration will not have been completed by the mobile terminal.
In some instances, a mobile terminal may revert to the prior security configuration after the network has completed the transition to the new security configuration. This possibility is exacerbated by the time delay following the completion of the network's security configuration transition to the acknowledgement of the security configuration transition that is to be provided by the network to the mobile terminal. Although the mobile terminal may revert to the prior security configuration for various reasons, the mobile terminal may revert to the prior security configuration in an instance in which a cell update, such as a cell reselection, occurs during the transition to a new security configuration. However, the network may have already completed the transition to the new security configuration and may be unaware of the reversion of the mobile terminal to the prior security configuration. The subsequent mismatch between the security configurations of the network and the mobile terminal may thereafter disadvantageously cause a loss of signal.
Some mobile terminals may be configured to provide an information element with the cell update message affirmatively indicating that the mobile terminal has reverted to the prior security configuration. For networks that have been updated so as to recognize and respond to such an information element in the cell update message, the network may interpret a cell update message that does not include such an information element as being indicative of the mobile terminal having also completed the transition to the new security configuration. However, some mobile terminals, such as legacy or older mobile terminals, may not be configured to provide such an information element with the cell update message. As such, these mobile terminals may provide a cell update message that fails to include an information element, even in an instance in which the mobile terminal has reverted to the prior security configuration. As such, the network may be effectively left to guess as to whether the mobile terminal has not included the additional information element with the cell update message because the mobile terminal did not revert to the prior security configuration but is operating, instead, in conformance with the new security configuration or whether the mobile terminal has simply not been configured to provide the additional information element in conjunction with the cell update message. Indeed, a network that has been updated may interpret such a cell update message that lacks an information element as an indication that the mobile terminal has not reverted to the prior security configuration, but is operating in accordance with the new security configuration, even though the mobile terminal may simply not be configured to provide the additional information element regardless of the security configuration in which the mobile terminal is operating. Further, a network that has not been upgraded to recognize such information elements may automatically revert to the prior security configuration in an instance in which a cell update message, either with or without the additional information element, is received during the transition to a new security configuration. In either scenario in which the network has been updated or in which the network has not been updated, a security configuration mismatch may be created between the network and the mobile terminal which may, in turn, result in a loss of service.
In another approach, the mobile terminal may provide an indication upon connection establishment, such as radio resource control (RRC) connection establishment, that the mobile terminal will provide the additional information element in conjunction with a cell update message to indicate that the mobile terminal has reverted to the prior security configuration. Based upon this indication provided by the mobile terminal in conjunction with the connection establishment, a network, such as an RNC, may appropriately respond to the inclusion of an information element or the lack of an information element relating to the security configuration of the mobile terminal in the cell update message. In this approach, however, the network, such as the RNC, is required to determine the capability of the mobile terminal with respect to the provision of this additional information element in conjunction with the cell update procedure in that the RNC needs to check the capability of the mobile terminal as well as the contents of a received cell update message to determine which security configuration is used. Additionally, this approach may not be readily implementable previously released mobile terminals, that is, legacy mobile terminals, since the mobile terminal is required to have a new capability reporting in uplink signaling.