Method and system for selective protection of data exchanged between user equipment and network
Abstract
A method and system for providing selective protection of data exchanged between user equipment (UE) and network is disclosed. The selective protection is applied to a packet, a bearer or an access point name for secure exchange of data between the UE and the network. The network decides to apply selective protection based on configuration of network, configuration of UE, load in the network, battery power availability of UE, type of application running on UE. Further, the UE can request for selective protection based on the type of application running on UE and the battery level availability of the UE. The selective protection is either enabled or disabled dynamically by the network. Further, various mechanisms for applying selective protection for each bearer, each packet and each Access Point Name (APN) are disclosed. Additionally, the method for identifying a secured and a non secured bearer has also been disclosed.
Claims
exact text as granted — not AI-modifiedThe invention claimed is:
1. A method for performed by a network node in a communication system, the method comprising:
receiving a message including an access point name (APN) from a terminal;
identifying whether the terminal supports a selective protection mechanism;
determining whether to perform the selective protection for at least one packet associated with at least one bearer corresponding to the APN included in the received message, if when the terminal supports the selecting protection mechanism; and
applying the selective protection to the at least one packet associated with at least one bearer, if when it is determined to perform the selective protection is determined.
2. The method as in claim 1 , wherein the applying the selective protection further comprises:
applying the selective protection to at least one of a packet, a bearer, and the access point name (APN).
3. The method as in claim 1 , wherein the identifying further comprises:
receiving an indication for indicating a terminal capability corresponding to the selective protection from the terminal; and
determining the terminal supports the selective protection mechanism if when the indication is received from the terminal.
4. The method as in claim 1 ,
wherein the applying the selective protection further comprises:
applying the selective protection to the at least one bearer; and
providing an indication indicating whether the bearer is secured or unsecured with other another network node,
wherein the at least one bearer is associated with at least one of a quality of service QoS class identifier (QCI), a secured or a non-secured indication, and an Allocation and Retention Priority (ARP).
5. The method as in claim 1 ,
wherein the applying the selective protection further comprises:
applying the selective protection to the at least one packet associated with the at least one bearer corresponding to a type of application running on the terminal, and
wherein the selective protection is indicated in a reserved bit, and
wherein the reserved bit is set to one if the protection is enabled on the packet associated with the at least one bearer.
6. The method as in claim 2 ,
wherein the applying the selective protection further comprises:
applying the selective protection to the at least one the APN, upon receiving a service request from the terminal,
wherein the service request from the terminal comprises the at least one APN, and
wherein the applying the selective protection to the APN, if when the message is a service request message which includes the APN and a security indication.
7. A network node in a communication system, the network node comprising:
a transceiver configured to receive a message including an access point name (APN) from a terminal; and
a controllerat least one processor configured to:
receive, via the transceiver, a message including an access point name (APN) from a terminal; identify whether the terminal supports a selective protection mechanism; determine whether to perform the selective protection for at least one packet associated with at least one bearer corresponding to the APN included in the received message if when the terminal supports the selecting protection mechanism; and apply the selective protection to the at least one packet associated with at least one bearer if whether when it is determined to perform the selective protection is determined.
8. The network as in claim 7 , wherein the controller at least one processor is configured to apply the selective protection to at least one of a packet, a bearer, and the access point name (APN).
9. The network as in claim 7 , wherein the controller at least one processor is configured to control the transceiver for receiving receive, via the transceiver, an indication for indicating a terminal capability corresponding to the selective protection from the terminal, and determine the terminal supports the selective protection mechanism if when the indication is received from the terminal.
10. The network as in claim 7 ,
wherein the controller at least one processor is configured to apply the selective protection to the at least one bearer and to provide an indication indicating whether the bearer is secured or unsecured with other another network node, and
wherein the at least one bearer is associated with at least one of a quality of service QoS class identifier (QCI), a secured or a non-secured indication, and an Allocation and Retention Priority (ARP).
11. The network as in claim 8 ,
wherein the controller at least one processor is configured to apply the selective protection to the at least one packet associated with the at least one bearer corresponding to a type of application running on the terminal, and
wherein the selective protection is indicated in a reserved bit, and
wherein the reserved bit is set to one if the protection is enabled on the packet associated with the at least one bearer.
12. A terminal for selective protection of data in a communication system, wherein the data is exchanged with a wireless network, the terminal comprising:
a transceiver: and
a controllerat least one processor configured to:
control the transceiver for transmittingtransmit, via the transceiver, a message including an access point name (APN) to a network node; apply the selective protection to the at least one packet associated with the at least one bearer to the network node if when the terminal support supports a selection protection mechanism; perform the selective protection for the at least one packet associated with the at least one bearer corresponding to the APN included in the received message is determined by the network node.
13. The terminal as in claim 12 , wherein the controller at least one processor is configured to control the transceiver for transmitting transmit, via the transceiver, the message including the APN based on at least one comprises: of a type of application running on the terminal, a battery power availability of the terminal, and a configuration of the terminal.
14. The terminal as in claim 12 , wherein the controller at least one processor is configured to control the transceiver for transmitting transmit, via the transceiver, the message including the APN using at least one of an existing non-access stratum (NAS), an existing access stratum (AS) message, a new NAS message and a new AS message.
15. The terminal as in claim 12 , wherein the controller at least one processor is configured to control the transceiver for transmitting transmit, via the transceiver, the message including the APN corresponding to the a type of application running on the terminal.
16. The method as in claim 1 , wherein the applying the selective protection further comprises:
applying the selective protection to the at least one packet associated with at least one bearer based on at least a type of application running on the UE terminal, a battery power availability of the UE terminal, a load in the network, a configuration of the UE terminal, and a configuration of the network.
17. The method as in claim 1 , wherein the selective protection is applied based on at least one of a packet size, an application protocol, and transport layer protocol.
18. The network as in claim 7 , wherein the controller at least one processor is configured to apply the selective protection based on at least one of a packet size, an application protocol, and transport layer protocol.
19. The method as in claim 2 , wherein the bearer comprises an indication indicating whether the bearer is to be protected.
20. The network as in claim 8 , wherein the bearer comprises an indication indicating whether the bearer is to be protected.
21. A method performed by a network node in a communication system, the method comprising:
receiving a message including an access point name (APN) from a terminal; identifying whether the terminal supports a selective protection; determining whether to perform the selective protection for at least one packet associated with at least one bearer corresponding to the APN included in the received message when the terminal supports the selective protection; and applying the selective protection to the at least one packet associated with the at least one bearer when it is determined to perform the selective protection, wherein, the applying the selective protection comprises:
transmitting, to a base station, an indication for the base station to apply the selective protection to the at least one packet associated with the at least one bearer.
22. The method as in claim 21, wherein the applying the selective protection further comprises:
applying the selective protection to at least one of a bearer and the access point name (APN).
23. The method as in claim 21, wherein the identifying further comprises:
receiving an indication for indicating a terminal capability corresponding to the selective protection from the terminal; and determining the terminal supports the selective protection when the indication is received from the terminal.
24. The method as in claim 21,
wherein the applying the selective protection further comprises:
applying the selective protection to the at least one bearer, and
providing an indication indicating whether the at least one bearer is secured or unsecured with another network node, and
wherein the at least one bearer is associated with at least one of a quality of service QoS class identifier (QCI), a secured or a non-secured indication, and an Allocation and Retention Priority (ARP).
25. The method as in claim 21, wherein the applying the selective protection further comprises:
applying the selective protection to the at least one packet associated with the at least one bearer corresponding to a type of application running on the terminal, wherein the selective protection is indicated in a reserved bit.
26. The method as in claim 22,
wherein the applying the selective protection further comprises:
applying the selective protection to the APN, upon receiving a service request from the terminal,
wherein the service request from the terminal comprises the APN, and wherein the applying the selective protection to the APN when the message is a service request message which includes the APN and a security indication.
27. A network node in a communication system, the network node comprising:
a transceiver; and at least one processor configured to:
receive, via the transceiver, a message including an access point name (APN) from a terminal,
identify whether the terminal supports a selective protection,
determine whether to perform the selective protection for at least one packet associated with at least one bearer corresponding to the APN included in the received message when the terminal supports the selective protection, and
apply the selective protection to the at least one packet associated with the at least one bearer when it is determined to perform the selective protection,
wherein the at least one processor is configured to apply the selective protection by transmitting, to a base station via the transceiver, an indication for applying the selective protection to the at least one packet associated with the at least one bearer.
28. The network node as in claim 27, wherein the at least one processor is configured to apply the selective protection to at least one of a bearer and the access point name (APN).
29. The network node as in claim 27, wherein the at least one processor is configured to:
receive, from the terminal via the transceiver, an indication for indicating a terminal capability corresponding to the selective protection, and determine that the terminal supports the selective protection if the indication is received from the terminal.
30. The network node as in claim 27,
wherein the at least one processor configured to:
apply the selective protection to the at least one bearer, and
provide an indication indicating whether the at least one bearer is secured or unsecured with another network node,
wherein the at least one bearer is associated with at least one of a quality of service QoS class identifier (QCI), a secured or a non-secured indication, and an Allocation and Retention Priority (ARP).
31. The network node as in claim 28,
wherein the at least one processor is configured to apply the selective protection to the at least one packet associated with the at least one bearer corresponding to a type of application running on the terminal, and wherein the selective protection is indicated in a reserved bit.
32. The method as in claim 21, wherein the applying the selective protection further comprises:
applying the selective protection to the at least one packet associated with at least one bearer based on at least one of a type of application running on the terminal, a battery power availability of the terminal, a load in the network, a configuration of the terminal, and a configuration of the network.
33. The method as in claim 21, wherein the selective protection is applied based on at least one of a packet size, an application protocol, and transport layer protocol.
34. The network node as in claim 27, wherein the at least one processor is configured to apply the selective protection based on at least one of a packet size, an application protocol, and transport layer protocol.
35. The method as in claim 22, wherein the bearer comprises an indication indicating whether the bearer is to be protected.
36. The network node as in claim 28, wherein the bearer comprises an indication indicating whether the bearer is to be protected.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.