P
USRE48631EActiveUtilityPatentIndex 73

Method and system for selective protection of data exchanged between user equipment and network

Assignee: SAMSUNG ELECTRONICS CO LTDPriority: Jun 8, 2012Filed: Jun 10, 2013Granted: Jul 6, 2021
Est. expiryJun 8, 2032(~5.9 yrs left)· nominal 20-yr term from priority
Inventors:BAGHEL SUDHIR KUMARAGIWAL ANILRAJADURAI RAJAVELSAMY
H04L 63/0428H04W 12/67H04W 12/033Y02D30/70H04L 63/20H04W 12/02H04W 8/22H04L 63/04H04W 52/0209H04W 12/12
73
PatentIndex Score
4
Cited by
18
References
36
Claims

Abstract

A method and system for providing selective protection of data exchanged between user equipment (UE) and network is disclosed. The selective protection is applied to a packet, a bearer or an access point name for secure exchange of data between the UE and the network. The network decides to apply selective protection based on configuration of network, configuration of UE, load in the network, battery power availability of UE, type of application running on UE. Further, the UE can request for selective protection based on the type of application running on UE and the battery level availability of the UE. The selective protection is either enabled or disabled dynamically by the network. Further, various mechanisms for applying selective protection for each bearer, each packet and each Access Point Name (APN) are disclosed. Additionally, the method for identifying a secured and a non secured bearer has also been disclosed.

Claims

exact text as granted — not AI-modified
The invention claimed is: 
     
       1. A method for performed by a network node in a communication system, the method comprising:
 receiving a message including an access point name (APN) from a terminal; 
 identifying whether the terminal supports a selective protection mechanism; 
 determining whether to perform the selective protection for at least one packet associated with at least one bearer corresponding to the APN included in the received message, if when the terminal supports the selecting protection mechanism; and 
 applying the selective protection to the at least one packet associated with at least one bearer, if when it is determined to perform the selective protection is determined. 
 
     
     
       2. The method as in  claim 1 , wherein the applying the selective protection further comprises:
 applying the selective protection to at least one of a packet, a bearer, and the access point name (APN). 
 
     
     
       3. The method as in  claim 1 , wherein the identifying further comprises:
 receiving an indication for indicating a terminal capability corresponding to the selective protection from the terminal; and 
 determining the terminal supports the selective protection mechanism if when the indication is received from the terminal. 
 
     
     
       4. The method as in  claim 1 ,
 wherein the applying the selective protection further comprises:
 applying the selective protection to the at least one bearer; and 
 providing an indication indicating whether the bearer is secured or unsecured with other another network node, 
 
 wherein the at least one bearer is associated with at least one of a quality of service QoS class identifier (QCI), a secured or a non-secured indication, and an Allocation and Retention Priority (ARP). 
 
     
     
       5. The method as in  claim 1 ,
 wherein the applying the selective protection further comprises:
 applying the selective protection to the at least one packet associated with the at least one bearer corresponding to a type of application running on the terminal, and  
 
 wherein the selective protection is indicated in a reserved bit, and 
 wherein the reserved bit is set to one if the protection is enabled on the packet associated with the at least one bearer. 
 
     
     
       6. The method as in  claim 2 ,
 wherein the applying the selective protection further comprises:
 applying the selective protection to the at least one the APN, upon receiving a service request from the terminal, 
 
 wherein the service request from the terminal comprises the at least one APN, and 
 wherein the applying the selective protection to the APN, if when the message is a service request message which includes the APN and a security indication. 
 
     
     
       7. A network node in a communication system, the network node comprising: 
 a transceiver configured to receive a message including an access point name (APN) from a terminal; and 
 a controllerat least one processor configured to:
 receive, via the transceiver, a message including an access point name (APN) from a terminal;    identify whether the terminal supports a selective protection mechanism;   determine whether to perform the selective protection for at least one packet associated with at least one bearer corresponding to the APN included in the received message if when the terminal supports the selecting protection mechanism; and   apply the selective protection to the at least one packet associated with at least one bearer if whether when it is determined to perform the selective protection is determined.   
 
     
     
       8. The network as in  claim 7 , wherein the controller at least one processor is configured to apply the selective protection to at least one of a packet, a bearer, and the access point name (APN). 
     
     
       9. The network as in  claim 7 , wherein the controller at least one processor is configured to control the transceiver for receiving receive, via the transceiver, an indication for indicating a terminal capability corresponding to the selective protection from the terminal, and determine the terminal supports the selective protection mechanism if when the indication is received from the terminal. 
     
     
       10. The network as in  claim 7 ,
 wherein the controller at least one processor is configured to apply the selective protection to the at least one bearer and to provide an indication indicating whether the bearer is secured or unsecured with other another network node, and  
 wherein the at least one bearer is associated with at least one of a quality of service QoS class identifier (QCI), a secured or a non-secured indication, and an Allocation and Retention Priority (ARP). 
 
     
     
       11. The network as in  claim 8 ,
 wherein the controller at least one processor is configured to apply the selective protection to the at least one packet associated with the at least one bearer corresponding to a type of application running on the terminal, and  
 wherein the selective protection is indicated in a reserved bit, and 
 wherein the reserved bit is set to one if the protection is enabled on the packet associated with the at least one bearer. 
 
     
     
       12. A terminal for selective protection of data in a communication system, wherein the data is exchanged with a wireless network, the terminal comprising:
 a transceiver: and 
 a controllerat least one processor configured to:
 control the transceiver for transmittingtransmit, via the transceiver, a message including an access point name (APN) to a network node;   apply the selective protection to the at least one packet associated with the at least one bearer to the network node if when the terminal support supports a selection protection mechanism;   perform the selective protection for the at least one packet associated with the at least one bearer corresponding to the APN included in the received message is determined by the network node.   
 
     
     
       13. The terminal as in  claim 12 , wherein the controller at least one processor is configured to control the transceiver for transmitting transmit, via the transceiver, the message including the APN based on at least one comprises: of a type of application running on the terminal, a battery power availability of the terminal, and a configuration of the terminal. 
     
     
       14. The terminal as in  claim 12 , wherein the controller at least one processor is configured to control the transceiver for transmitting transmit, via the transceiver, the message including the APN using at least one of an existing non-access stratum (NAS), an existing access stratum (AS) message, a new NAS message and a new AS message. 
     
     
       15. The terminal as in  claim 12 , wherein the controller at least one processor is configured to control the transceiver for transmitting transmit, via the transceiver, the message including the APN corresponding to the a type of application running on the terminal. 
     
     
       16. The method as in  claim 1 , wherein the applying the selective protection further comprises:
 applying the selective protection to the at least one packet associated with at least one bearer based on at least a type of application running on the UE terminal, a battery power availability of the UE terminal, a load in the network, a configuration of the UE terminal, and a configuration of the network. 
 
     
     
       17. The method as in  claim 1 , wherein the selective protection is applied based on at least one of a packet size, an application protocol, and transport layer protocol. 
     
     
       18. The network as in  claim 7 , wherein the controller at least one processor is configured to apply the selective protection based on at least one of a packet size, an application protocol, and transport layer protocol. 
     
     
       19. The method as in  claim 2 , wherein the bearer comprises an indication indicating whether the bearer is to be protected. 
     
     
       20. The network as in  claim 8 , wherein the bearer comprises an indication indicating whether the bearer is to be protected. 
     
     
       21. A method performed by a network node in a communication system, the method comprising:
 receiving a message including an access point name (APN) from a terminal;   identifying whether the terminal supports a selective protection;   determining whether to perform the selective protection for at least one packet associated with at least one bearer corresponding to the APN included in the received message when the terminal supports the selective protection; and   applying the selective protection to the at least one packet associated with the at least one bearer when it is determined to perform the selective protection,   wherein, the applying the selective protection comprises:
 transmitting, to a base station, an indication for the base station to apply the selective protection to the at least one packet associated with the at least one bearer. 
   
     
     
       22. The method as in claim 21, wherein the applying the selective protection further comprises:
 applying the selective protection to at least one of a bearer and the access point name (APN).   
     
     
       23. The method as in claim 21, wherein the identifying further comprises:
 receiving an indication for indicating a terminal capability corresponding to the selective protection from the terminal; and   determining the terminal supports the selective protection when the indication is received from the terminal.   
     
     
       24. The method as in claim 21,
 wherein the applying the selective protection further comprises:
 applying the selective protection to the at least one bearer, and 
 providing an indication indicating whether the at least one bearer is secured or unsecured with another network node, and 
   wherein the at least one bearer is associated with at least one of a quality of service QoS class identifier (QCI), a secured or a non-secured indication, and an Allocation and Retention Priority (ARP).   
     
     
       25. The method as in claim 21, wherein the applying the selective protection further comprises:
 applying the selective protection to the at least one packet associated with the at least one bearer corresponding to a type of application running on the terminal,   wherein the selective protection is indicated in a reserved bit.   
     
     
       26. The method as in claim 22,
 wherein the applying the selective protection further comprises:
 applying the selective protection to the APN, upon receiving a service request from the terminal, 
   wherein the service request from the terminal comprises the APN, and   wherein the applying the selective protection to the APN when the message is a service request message which includes the APN and a security indication.   
     
     
       27. A network node in a communication system, the network node comprising:
 a transceiver; and   at least one processor configured to:
 receive, via the transceiver, a message including an access point name (APN) from a terminal, 
 identify whether the terminal supports a selective protection, 
 determine whether to perform the selective protection for at least one packet associated with at least one bearer corresponding to the APN included in the received message when the terminal supports the selective protection, and 
 apply the selective protection to the at least one packet associated with the at least one bearer when it is determined to perform the selective protection, 
   wherein the at least one processor is configured to apply the selective protection by transmitting, to a base station via the transceiver, an indication for applying the selective protection to the at least one packet associated with the at least one bearer.   
     
     
       28. The network node as in claim 27, wherein the at least one processor is configured to apply the selective protection to at least one of a bearer and the access point name (APN). 
     
     
       29. The network node as in claim 27, wherein the at least one processor is configured to:
 receive, from the terminal via the transceiver, an indication for indicating a terminal capability corresponding to the selective protection, and   determine that the terminal supports the selective protection if the indication is received from the terminal.   
     
     
       30. The network node as in claim 27,
 wherein the at least one processor configured to:
 apply the selective protection to the at least one bearer, and 
 provide an indication indicating whether the at least one bearer is secured or unsecured with another network node, 
   wherein the at least one bearer is associated with at least one of a quality of service QoS class identifier (QCI), a secured or a non-secured indication, and an Allocation and Retention Priority (ARP).   
     
     
       31. The network node as in claim 28,
 wherein the at least one processor is configured to apply the selective protection to the at least one packet associated with the at least one bearer corresponding to a type of application running on the terminal, and   wherein the selective protection is indicated in a reserved bit.   
     
     
       32. The method as in claim 21, wherein the applying the selective protection further comprises:
 applying the selective protection to the at least one packet associated with at least one bearer based on at least one of a type of application running on the terminal, a battery power availability of the terminal, a load in the network, a configuration of the terminal, and a configuration of the network.   
     
     
       33. The method as in claim 21, wherein the selective protection is applied based on at least one of a packet size, an application protocol, and transport layer protocol. 
     
     
       34. The network node as in claim 27, wherein the at least one processor is configured to apply the selective protection based on at least one of a packet size, an application protocol, and transport layer protocol. 
     
     
       35. The method as in claim 22, wherein the bearer comprises an indication indicating whether the bearer is to be protected. 
     
     
       36. The network node as in claim 28, wherein the bearer comprises an indication indicating whether the bearer is to be protected.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.