The Third Generation Partnership Project Long Term Evolution (3GPP LTE) is a system evolved from the Third Generation (3G) network, and is a mobile communication system based on the packet domain. The system includes a Mobile Station (MS), an Evolved Node B (eNB), an evolved Mobility Management Entity (MME), and a Serving Gateway (SGW)/Packet Data Node Gateway (PDNGW). The communication between the LTE network and an external data network is realized by connecting the external data network with the SGW/PDNGW. The MS is a terminal device, the eNB is a radio access device, and the MME and the SGW/PDNGW are core network devices.
In the LTE system, in order to ensure the security of communication between a User Equipment (UE) and a network side, it is specified in the current protocols that integrity protection is required for a SERVICE REQ message, that is, both the current UE and the MME store a set of corresponding security contexts respectively, and the security contexts include an integrity protection key, an encryption key, and an encryption and decryption protection/encryption and decryption algorithm. The message such as the SERVICE REQ required to be sent between the UE and the MME, and the security contexts currently stored by the UE and the MME should be used by the key and algorithm for an encryption protection.
After the network capability of the UE in the LTE changes, the process of paging the UE by the network side is as follows.
1. After the UE of the LTE registers successfully, if the network capability of the UE in an idle state is changed, a Tracking Area Update (TAU) process needs to be performed on the Non Access Stratum Evolved Packet System Mobility Management (NAS EMM), and the modified parameters are notified to the network. The network capability of the UE is indicated by an Information Element (IE) in the network, and is used by the UE to inform the core network of the algorithms of encryption and decryption, and to inform the core network of the integrity protection supported by the UE, for example, in the LTE system, a newly-added IE in relative to 2G/3G is used by the UE to inform the core network of the algorithms of encryption and decryption, and the integrity protection supported by the UE. As the current UE is in the idle state, the NAS EMM requests a Radio Resource Control (RRC) to establish an air interface RRC connection, and the connection establishment type of the request is a Mobile Originated (MO) SIGNAL. The RRC is a protocol module, and exists in both the UE and the network entity eNB, which may be implemented by software.
2. After the RRC of the UE side receives the connection establishment request of the MO SIGNAL type of the NAS, the RRC determines whether the access of the type is allowed according to access prohibition information in a system information of a current cell (the base station broadcasts the system information in a physical channel). If the access of the connection establishment type is prohibited, the RRC informs the NAS EMM that the connection establishment is failed, and the access of the MO SIGNAL type is prohibited for the cell.
3. The network side sends a paging message to the terminal to locate a position of the UE; and specifically, the MME sends the paging message to the eNB to page the UE.
4. The eNB pages the UE at an Ultimate User (Uu) interface.
5. After receiving the paging message, the RRC of the UE side sends the paging message to the NAS EMM.
6. As the EMM is in the access prohibition state of the MO SIGNAL type, after the NAS EMM receives the paging message, the NAS EMM is required to send a paging response message to the network side; specifically, the EMM is required to send the SERVICE REQ message to the evolved MME, and establishes a user plane bearer.
The network capability of the UE is changed, the UE no longer supports the algorithm of the security context stored by the MME, and the original security context becomes invalid, so at this time, the UE should not use the original security context for protection, and even the UE uses the invalid security context to perform an encryption protection on the SERVICE REQ message, the MME is unable to recognize the message, that is, the MME regards that the paging response is not received, and a new security context cannot be generated. As a result, the RRC connection establishment process should not be triggered. Furthermore, as the RRC connection establishment process cannot be triggered, the paging initiated by the network side is failed, resulting in that the network side cannot page the UE.