METHOD AND APPARATUS FOR LAWFUL INTERCEPTION FOR AKMA ROAMING ARCHITECTURE

Information

  • Patent Application
  • 20240114345
  • Publication Number
    20240114345
  • Date Filed
    September 26, 2023
    8 months ago
  • Date Published
    April 04, 2024
    2 months ago
Abstract
A method, apparatus, and computer program for receiving an application session establishment request comprising an authentication and key management for applications, AKMA, Key Identifier, A-KID; producing an application key request (Naanf_AKMA_ApplicationKey_Get_request) comprising information elements AKMA Key Identifier A-KID; an application function identifier, AF_ID; and an application encryption key indication (Nnef_AKMA_AF_Encryption_Key_Indication); and sending the produced application key request (Naanf_AKMA_ApplicationKey_Get_request) to a home AKMA anchor function, hAAnF, or to a network exposure function, NEF, for enabling lawful interception in the VPLMN.
Description
TECHNICAL FIELD

Various example embodiments relate to lawful interception for AKMA roaming architecture.


BACKGROUND

This section illustrates useful background information without admission of any technique described herein representative of the state of the art.


Authentication and Key management for Applications based on 3GPP credentials, AKMA, is being standardized. For example, clause 4.2 of 3GPP TS 33.535 V17.6.0 specifies that the following network elements are parts of AKMA architecture: an AKMA anchor function, AAnF, an application function, AF, a network exposure function, NEF, an authentication server function, AUSF, and a unified data management, UDM. Clause 4.3 of 3GPP TS 33.535 V17.6.0 specifies that the following service-based interfaces, SBIs, are involved in the AKMA architecture: a service-based interface exhibited by the NEF, Nnef, a service-based interface exhibited by the UDM, Nudm, and a service-based interface exhibited by the AAnF, Naanf. The AKMA architecture has been used as a solution to protect communication between user equipment, UE, and the AF, in the scenarios of proximity-based services, ProSe, and message service for massive internet of things, MioT, over the 5G System, MSGin5G. Roaming aspects have not been adequately addressed in the current release of 3GPP 17. In particular, it is desirable to standardize a new roaming architecture for the AKMA. It is further desirable that the new AKMA roaming architecture provides support for lawful interception.


An authentication proxy is missing in the AKMA. The authentication proxy in the AKMA could help to improve cost effectiveness and relieve the application servers, AS, of some security tasks.


SUMMARY

The scope of protection sought for various embodiments of the invention is set out by the independent claims. The embodiments and features, if any, described in this specification that do not fall under the scope of the independent claims are to be interpreted as examples useful for understanding various embodiments of the invention.





BRIEF DESCRIPTION OF THE DRAWINGS

For a more complete understanding of example embodiments of the present invention, reference is now made to the following descriptions taken in connection with the accompanying drawings in which:



FIG. 1 shows an architectural drawing of a system of an example embodiment;



FIG. 2 shows a simplified signaling diagram of some features of example embodiments related to using an internal application function, AF of a home public land mobile network, HPLMN, and a remote AF;



FIG. 3 shows a simplified signaling diagram of some features of example embodiments related to an external AF; and



FIG. 4 shows a block diagram of an apparatus of an example embodiment.





DETAILED DESCRIPTION OF THE DRAWINGS

An example embodiment of the present invention and its potential advantages are understood by referring to FIGS. 1 through 4 of the drawings. In this document, like reference signs denote like parts or steps.



FIG. 1 shows an architectural drawing of a system of an example embodiment. In FIG. 1, user equipment, UE, 110 with a mobile subscription 112 is roaming in a visited network that is a visited public land mobile network, VPLMN 120. The home and visited networks depend on the subscription used by the UE and vary for different subscriptions. The VPLMN 120 comprises normal structures and functionalities to support 3GPP 5G operations. It is useful for understanding some embodiments of present disclosure to note following parts of the VPLMN: an access and mobility management function 122; a visited PLMN AKMA anchor function, vAAnF, 124; and an internal application function, AF, 126 of the VPLMN. FIG. 1 further comprises a home public land mobile network, HPLMN 130 of the subscription 112 in use by the user equipment 110. Among others, the HPLMN 130 comprises an internal Application Function, AF, 132; a unified data management 134; a home PLMN akma anchor function, hAAnF, 136; and an authentication server function, AUSF, 138. The system 100 further comprises a network exposure function, NEF, 140; and an external AF 150.


In a 5G core network, 5GC, there may remain some operational and security issues in the roaming architecture for the AKMA. In this document, various embodiments are disclosed for providing for lawful interception, LI.

    • a) when the UE 110 is in the VPLMN 120 and the internal AF 132 of the HPLMN is used by the UE 110; or
    • b) when the UE 110 is in the VPLMN 120 and the external AF 150 is used by the UE 110.


In case a), the HPLMN 130 should enable decrypting the user services for LI purposes, e.g., by issuing on an authorized LI request an AKMA encryption key to a function assigned for this purpose, such as a User Plane Function, UPF (not shown). To this end, an encryption key and further information may be needed, such as replay attack protectors (nonces) applied, counters, and/or indication of a cipher algorithm used. In an example embodiment, application encryption key material term comprises the AKMA encryption key or the information required for the hAAnF or the vAAnF to produce the AKMA encryption key and any further information required to decrypt the encrypted data. In case of simplicity, the AKMA encryption key refers herein to the information with which the AKMA encryption can be decrypted.


In case b), the HPLMN 130 has no internal access to the AKMA encryption key. Instead, in an example embodiment, the external AF 150 indicates how the AKMA encryption key is formed so that the HPLMN 130 may be able to obtain the AKMA encryption key. In an example embodiment, the external AF 150 sends the application encryption material to the NEF 140 and the NEF 140 either obtains the AKMA encryption key or passes the application encryption material to the HPLMN 130 or to the VPLMN 120.


There are three main cases for the AKMA encryption key: 1) using an AKMA Application Key, KAF; 2) using a derivative of the KAF; and 3) using a special key that is independent of the KAF.


In deriving the AKMA encryption key from the KAF, the AKMA encryption key can be derived, e.g., by a key derivation function or by encrypting at least the KAF or a portion thereof and optionally some further information, such as a sequence counter, timestamp, or a nonce. For example, the derived AKMA encryption key can be formed with a key derivation function from concatenated or otherwise combined KAF and the nonce. The key derivation function may be advantageous in its processing cost.


The third case may arise particularly when an independently operating data center or computer cloud implements the external AF. In such a case, the neither the HPLMN nor the VPLMN can provide for the LI unless the external AF provides for such capabilities. In an example embodiment where the AKMA encryption key is based on the KAF, the external AF sends an indication via the NEF to the hAAnF. If this indication is set, the hAAnF will push the AKMA encryption key to the vAAnF or to the VPLMN. Otherwise, if this indication is not set, i.e., external AF is using the special key, the hAAnF informs the VPLMN that the AKMA encryption key is not available to the HPLMN. On the other hand, if the external AF needs to send the AKMA encryption key to the vAAnF, then it is passed to the NEF and routed therefrom via the hAAnF to vAAnF. In an example embodiment, instead of the external AF sending the AKMA encryption key, the AAnF fetches the AKMA encryption key from the external AF and provides same to the vAAnF of the VPLMN. It is further possible that the special key is not issued by the external AF when requested by the HPLMN. In that case, the HPLMN may simply indicate to the VPLMN that the AKMA encryption key is not available.



FIG. 2 shows a simplified signaling diagram of some features of example embodiments related to using the internal AF of the HPLMN and the external AF. In FIG. 2, some particularly interesting information elements are indicated. However, it should be appreciated that in some example embodiments, not all the drawn information elements are transferred. FIG. 2 illustrates:


201: Successfully performing a primary authentication by the UE through the VPLMN with the HPLMN. Hence, the UE gains mobile connectivity.


202: Generating an AKMA anchor key, KAKMA, and an AKMA key identifier, A-KID, by the UE and by the AUSF of the HPLMN. In the HPLMN, the AUSF informs the hAAnF of the KAKMA and the A-KID.


203: This is a process of an example embodiment wherein the internal AF of the HPLMN is used.


203a: The UE sends an application session establishment request with the A-KID to the internal AF.


203b: The internal AF then sends an application key request (Naanf_AKMA_ApplicationKey_Get_request) to the hAAnF. In an example embodiment, the application key request comprises the A-KID, the AF_ID, and a key sharing responsibility indication AF_responsible_for_Key_sharing set to Boolean value True.


203c: The hAAnF responds with an application key response message (Naanf_AKMA_ApplicationKey_Get_response). In an example embodiment, the application key response message comprises the KAF.


203d: The internal AF pushes the AKMA encryption key to the vAAnF with an application encryption indication (KAF_ENC_IND), and


203e: The internal AF also sends an application session establishment response message to the UE. The application encryption indication (KAF_ENC_IND) of the previous step indicates by a first value (e.g., 1) that the KAF is used as an AKMA encryption key; by a second value (e.g., 2), that a derivative of the KAF is used as the AKMA encryption key; and by a third value (e.g., 3) that a special key independent of the KAF is used as the AKMA encryption key.


204: This is a process of an example embodiment wherein the external AF of the HPLMN is used.


204a: The UE sends an application session establishment request with the A-KID to the external AF, as in 203a to the internal AF.


204b: The external AF produces and sends an application key request (Naanf_AKMA_ApplicationKey_Get_request) comprising the A-KID; the AF_ID; and the application encryption indication (KAF_ENC_IND) explained in connection with step 203d.


204c: The hAAnF responds to the external AF with the application key response. In an example embodiment, the application key response comprises the KAF.


204d: The hAAnF pushes or otherwise provides the KAF to the vAAnF together with the application encryption indication (KAF_ENC_IND).


In an example embodiment, if the indication value received at hAAnF has a third value (e.g., 3), indicating that a special AKMA encryption key is used for encryption′, the hAAnF shall provide only the indication to VPLMN without any keys, unless the hAAnF has received the special AKMA encryption key from the NEF. FIG. 3 shows an example embodiment in which the external AF has provided the NEF with the special AKMA encryption key and the same has been forwarded by the NEF to the hAAnF.


The application encryption indication provides certainty on the key material delivered by HPLMN to VPLMN. Without this indication, the VPLMN could not be certain whether the KAF is used as the AKMA encryption key or a KAF derivative is used for as the AKMA encryption key, or a key independent of KAF is used as the AKMA encryption key.


204e: The vAAnF stores the AKMA encryption key for enabling a subsequent lawful interception.


204f: The external AF sends an application session establishment response message to the UE, as the internal AF in 203e.



FIG. 3 shows a simplified signalling diagram of some features of example embodiments related to an external AF, comprising steps:


201-202: as in FIG. 2.


303: This is a process of an example embodiment wherein the external AF is used.


303a: The UE sends an application session establishment request with the A-KID to the external AF.


303b: The external AF sends the application key request, (Naanf_AKMA_ApplicationKey_Get_request) to the hAAnF. In an example embodiment, the application key request comprises the A-KID, the AF_ID, and a key sharing responsibility indication AF_responsible_for_Key_sharing set to Boolean value True. Based on this indication, AAnF does not share any key to VPLMN.


303c: The hAAnF responds with the application key response (Naanf_AKMA_ApplicationKey_Get_response) message with KAF to the external AF.


303d: The external AF generates the AKMA encryption key.


303e: The external AF sends an encryption key indication message (Nnef_AKMA_AF_Encryption_Key_Indication) to the NEF. Note: as the interface here is the Nnef, the message is accordingly named as the Nnef_AKMA_AF_Encryption_Key_Indication. In an example embodiment, the encryption key indication message comprises the A-KID, KAF_ENC_IND, AKMA_ENC_key and GPSI. Note: if the external AF has formed the AKMA_ENC_key of or based on the KAF, AKMA_ENC_key may be omitted in an example embodiment. In another example embodiment, the KAF_ENC_IND is omitted.


303f: The NEF forwards the AKMA encryption key (AKMA_ENC_KEY) by an encryption key indication message (Naanf_AKMA_AF_Encryption_Key_Indication) to the hAAnF.


303g: the hAAnF sends the KAF_ENC_IND and/or the AKMA encryption key by an encryption key indication message (Naanf_AKMA_AF_Encryption_Key_Indication) to the vAAnF. In an example embodiment, this message further comprises the A-KID.


303h: At some point of time, the external AF sends the Application session establishment response to the UE.



FIG. 4 shows a block diagram of an apparatus 400 according to an embodiment of the invention. In an example embodiment, the apparatus 400 is used to implement one or more of the network functions or the UE. Moreover, it is possible that the apparatus 400 be used to implement one or more network functions for a given number or particular users. For example, the hAAnF may be implemented for one user by the apparatus 400 and with other equipment for another user.


The apparatus 400 comprises at least one memory 440 comprising instructions 446 and/or data 448. The at least one memory 440 may comprise non-volatile memory 444 and/or main memory 442. The apparatus 400 further comprises at least one processor 420 configured to execute the instructions 446 stored in the at least one memory 440 for controlling the operation of the apparatus 400, and at least one communication unit 410 for communicating with other nodes. The instructions 446 and/or the data 448, or parts thereof, may be transferred by the at least one processor 420 between the non-volatile memory 444 and the main memory 442. The at least one memory 440 may comprise random access memory (RAM) and/or read-only memory (ROM). The at least one memory 440 may comprise at least one RAM chip, and/or at least one ROM chip, and/or at least one flash memory chip. The at least one memory 440 may comprise solid-state, magnetic, and/or optical memory, for example. The at least one memory 440 may be at least in part accessible to the at least one processor 420. The at least one memory 440 may be at least in part external to the apparatus 400. The at least one communication unit 410 may comprise, for example, at least one of: a local area network (LAN) port; a wireless local area network (WLAN) unit; a Bluetooth unit; a cellular data communication unit; or a satellite data communication unit. The at least one processor 420 may comprise, for example, any one or more of: a master control unit (MCU); a microprocessor; a digital signal processor (DSP); an application specific integrated circuit (ASIC); a field programmable gate array; or a microcontroller. The apparatus may comprise a user interface 430, such as a keyboard and/or a graphical user interface (GUI).


The apparatus 400 as drawn can be a dedicated computer or server computer, for example. In an example embodiment, the apparatus is implemented using cloud computing such that the apparatus comprises a plurality of processors and memories that implement a large number of different functionalities including, for example, one or more of the network functions described in the foregoing. The apparatus can further support virtualization such that one or more of different functionalities provided by the apparatus may be implemented on a virtualization platform, comprising for example one or more virtualized computers, virtualized computer servers, and/or virtualized network entities running on one or more virtualization servers.


As used in this application, the term “circuitry” may refer to one or more or all of the following:

    • (a) hardware-only circuit implementations (such as implementations in only analog and/or digital circuitry) and;
    • (b) combinations of hardware circuits and software, such as (as applicable):
    • (i) a combination of analog and/or digital hardware circuit(s) with software/firmware; and
    • (ii) any portions of hardware processor(s) with software (including digital signal processor(s)), software, and memory(ies) that work together to cause an apparatus, such as a mobile phone or server, to perform various functions); and
    • (c) hardware circuit(s) and or processor(s), such as a microprocessor(s) or a portion of a microprocessor(s), that requires software (e.g., firmware) for operation, but the software may not be present when it is not needed for operation.


This definition of circuitry applies to all uses of this term in this application, including in any claims. As a further example, as used in this application, the term circuitry also covers an implementation of merely a hardware circuit or processor (or multiple processors) or portion of a hardware circuit or processor and its (or their) accompanying software and/or firmware. The term circuitry also covers, for example and if applicable to the particular claim element, a baseband integrated circuit or processor integrated circuit for a mobile device or a similar integrated circuit in server, a cellular network device, or other computing or network device.


Without in any way limiting the scope, interpretation, or application of the claims appearing below, a technical effect of one or more of the example embodiments disclosed herein is that lawful interception support can be improved in 5G networks. Another technical effect of one or more of the example embodiments disclosed herein is that processing related to application function encryption may be reduced for roaming UE.


Embodiments of the present invention may be implemented in software, hardware, application logic or a combination of software, hardware, and application logic. In an example embodiment, the application logic, software, or an instruction set is maintained on any one of various conventional computer-readable media. In the context of this document, a “computer-readable medium” may be any transitory or non-transitory media or means that can contain, store, communicate, propagate, or transport the instructions for use by or in connection with an instruction execution system, apparatus, or device, such as a computer, with one example of a computer described and depicted in FIG. 4. A computer-readable medium may comprise a computer-readable storage medium that may be any media or means that can contain or store the instructions for use by or in connection with an instruction execution system, apparatus, or device, such as a computer.


If desired, the different functions discussed herein may be performed in a different order and/or concurrently with each other. Furthermore, if desired, one or more of the before-described functions may be optional or may be combined.


Although various aspects of the invention are set out in the independent claims, other aspects of the invention comprise other combinations of features from the described embodiments and/or the dependent claims with the features of the independent claims, and not solely the combinations explicitly set out in the claims.


It is also noted herein that while the foregoing describes example embodiments of the invention, these descriptions should not be viewed in a limiting sense. Rather, there are several variations and modifications which may be made without departing from the scope of the present invention as defined in the appended claims.


As used herein, “at least one of the following: <a list of two or more elements>” and “at least one of <a list of two or more elements>” and similar wording, where the list of two or more elements are joined by “and” or “or”, mean at least any one of the elements, or at least any two or more of the elements, or at least all the elements.

Claims
  • 1. An apparatus comprising: at least one processor; and at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus at least to perform: receiving from user equipment an application session establishment request comprising as a key identifier an Authentication and Key management for Applications, AKMA, Key Identifier, A-KID;producing an application key request
  • 2. The apparatus of claim 1, wherein the apparatus is an application function of the HPLMN.
  • 3. The apparatus of claim 1, wherein the at least one memory and the instructions, when executed by the at least one processor, further causing the apparatus at least to perform producing the application encryption key material further comprises performing: in case that the KAF as such is used as an AKMA encryption key, arranging that the application encryption key material comprises or consists of the KAF, and the application encryption indication (KAF_ENC_IND) is assigned a first value;in case that a derivative of the KAF is used as the AKMA encryption key,
  • 4. An apparatus, wherein the apparatus is a visited AKMA Anchor Function, vAAnF, of a visited public land mobile network, VPLMN; the apparatus comprising:
  • 5. The apparatus of claim 4, wherein the at least one memory and the instructions, when executed by the at least one processor, further cause the apparatus at least to perform:
  • 6. The apparatus of claim 5, wherein the at least one memory and the instructions, when executed by the at least one processor, further causing the apparatus at least to perform obtaining the AKMA encryption key further comprises performing: arranging that the AKMA encryption key comprises or consists of the KAF, responsively to the application encryption indication (KAF_ENC_IND) indicating that the KAF is used as the AKMA encryption key;arranging that the AKMA encryption key comprises at least one of: the AKMA encryption key derived from KAF, or source data from which the AKMA encryption key is derivable from using the KAF, responsively to the application encryption indication (KAF_ENC_IND) indicating that the AKMA encryption key is derived the from KAF;arranging that the AKMA encryption key comprises or consists of an indication indicating that the KAF is not used for encryption, responsively to the application encryption indication (KAF_ENC_IND) indicating that the KAF is not used for encryption; andstoring the AKMA encryption key.
  • 7. The apparatus of claim 4, wherein the at least one memory and the instructions, when executed by the at least one processor, further causing the apparatus at least to perform providing decrypting entity with the AKMA encryption key further comprises performing: providing the decrypting entity with the AKMA encryption key, responsively to the application encryption indication (KAF_ENC_IND) indicating that the KAF is used as the AKMA encryption key;providing the decrypting entity with at least one of the following, responsively to the application encryption indication (KAF_ENC_IND) indicating that the AKMA encryption key is derived the from KAF: the AKMA encryption key derived from KAF, orthe application encryption key material from which the AKMA encryption key is derivable using the KAF; andproviding the decrypting entity with an indication that the KAF is not used for encryption, responsively to the application encryption indication (KAF_ENC_IND) indicating that the KAF is not used for encryption.
  • 8. The apparatus of claim 7, wherein the at least one memory and the instructions, when executed by the at least one processor, further causing the apparatus at least to perform providing an indication that the KAF is not used for encryption to the decrypting entity, responsively to the application encryption indication (KAF_ENC_IND) indicating that the KAF is not used for encryption, further comprises providing the decrypting entity with a special encryption key when available.
  • 9. An apparatus comprising at least one processor; and at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus at least to perform: receiving an application session establishment request comprising an authentication and key management for applications, AKMA, Key Identifier, A-KID;producing an application key request
  • 10. The apparatus of claim 9, wherein the at least one memory and the instructions, when executed by the at least one processor, further cause the apparatus at least to perform: receiving, responsively to the sent application key request, an application key response (Naanf_AKMA_ApplicationKey_Get_response) comprising an AKMA Application Key (KAF).
  • 11. The apparatus of claim 10, wherein the at least one memory and the instructions, when executed by the at least one processor, further cause the apparatus at least to perform: generating an AKMA encryption key (AKMA_ENC_key) using the AKMA Application Key (KAF), responsively to the receiving of the application key response (Naanf_AKMA_ApplicationKey_Get_response).
  • 12. The apparatus of claim 11, wherein the at least one memory and the instructions, when executed by the at least one processor, further cause the apparatus at least to perform: generating an application function encryption key indication message
  • 13. The apparatus of claim 9, wherein the at least one memory and the instructions, when executed by the at least one processor, further cause the apparatus at least to perform: deriving the AKMA encryption key from application encryption key material comprising the AKMA Application Key (KAF); whereinproducing an application key request is configured to contain the application encryption key material in the application key request.
Priority Claims (1)
Number Date Country Kind
202241055934 Sep 2022 IN national