CN104969578A

CN104969578A - Data transmission method, device and system

Info

Publication number: CN104969578A
Application number: CN201380000225.0A
Authority: CN
Inventors: 庞伶俐; 郑潇潇; 应江威; 陈璟
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2013-04-17
Filing date: 2013-04-17
Publication date: 2015-10-07
Anticipated expiration: 2033-04-17
Also published as: CN104969578B

Abstract

A data transmission method, device and system, wherein the method comprises a user device (UE) which is encapsulated into a non access layer protocol data unit (PDU NAS) or a high data packet (101); the UE transmits the PDU NAS or a high layer packet (102) to the wireless network controller (RNC). The invention can reduce the transmission flow of small data packets, and improve the efficiency of data transmission.

Description

Data transmission method, device and system

Technical Field

The present invention relates to communications technologies, and in particular, to a data transmission method, apparatus, and system.

Background

With the wide application of intelligent terminals (Smart phones) and Machine type communications (MTC for short), the transmission of small data packets is increasing. For example, in a time period when no service data occurs, services such as Email Push (Email Push), instant messaging software MSN, QQ, and Virtual Private Network (VPN) supported by Smart Phone need to interact with a server for keeping alive (keep alive) message, which is a small data packet, in order to keep connection with the server; for another example, in Machine to Machine (M2M) services supported by MTC devices, services such as intelligent meter reading, intelligent transportation, and intelligent medical care transmit small data packets. In a Universal Mobile Telecommunications System (UMTS), User Equipment (UE) performing such a service is usually set in an idle state, and Radio Resource Control (RRC) connection is established to transmit a small data packet when the UE has a small data packet to be transmitted.

However, the existing small data packets have long transmission flows, cause data transmission to have time delay, and have low transmission efficiency.

Disclosure of Invention

The embodiment of the invention provides a data transmission method, a device and a system, which are used for reducing the transmission flow of small data packets and improving the data transmission efficiency.

In a first aspect, an embodiment of the present invention provides a data transmission method, including: the user equipment UE encapsulates the small data packet into a non-access stratum protocol data unit NAS PDU or a high-level data packet; and the UE sends the NAS PDU or a high-layer data packet to a Radio Network Controller (RNC).

In a first possible implementation manner of the first aspect, before the UE sends the NASPDU or higher layer packet to the RNC, the method further includes: the UE adopts a first security parameter to perform security processing on the NASP or the high-level data packet; the sending, by the UE, the NAS PDU or higher layer data packet to the RNC includes: and the UE sends the NAS PDU or a high-level data packet after security processing to an RNC.

According to a first possible implementation manner of the first aspect, in a second possible implementation manner, the sending, by the UE, the NAS PDU or the higher layer data packet after the security processing to the RNC includes: and the UE sends a first message containing the NAS PDU or a higher layer data packet and the first safety parameter to an RNC.

According to a second possible implementation manner of the first aspect, in a third possible implementation manner, the first message includes: an uplink direct transmission message, an initial direct transmission message, or a radio resource control RRC connection request message; alternatively, an RRC connection setup complete message.

According to the first possible implementation manner of the first aspect, in a fourth possible implementation manner, before the sending, by the UE, the NAS PDU or the higher layer data packet after the security processing to the RNC, the method further includes: and the UE sends the first safety parameter to an RNC.

According to a fourth possible implementation manner of the first aspect, in a fifth possible implementation manner, the sending, by the UE, the first security parameter to the RNC includes: the UE sends an RRC connection request message to the RNC, wherein the RRC connection request message comprises first security parameters.

According to a fourth possible implementation manner of the first aspect, in a sixth possible implementation manner, the sending, by the UE, the first security parameter to the RNC includes: the UE sends an RRC connection request message to the RNC, wherein the RRC connection request message comprises a first security parameter and a service request indication.

According to a fifth possible implementation manner or a sixth possible implementation manner of the first aspect, in a seventh possible implementation manner, the RRC connection request message further includes: a small packet transmission indication.

According to a fourth possible implementation manner of the first aspect, in an eighth possible implementation manner, the sending, by the UE, the first security parameter to the RNC includes: the UE sends an RRC connection establishment completion message to an RNC, wherein the RRC connection establishment completion message comprises the first security parameter; the UE sending the NAS PDU or a higher layer data packet to an RNC, including: and after sending the RRC connection setup complete message to an RNC, the UE sends at least one message containing the NAS PDU or a high-layer data packet to the RNC.

According to any one of the fifth to eighth possible implementation manners of the first aspect, in a ninth possible implementation manner, after the UE sends the NAS PDU or a higher layer data packet to an RNC, the method further includes: and the UE receives an RRC connection release message sent by the RNC, wherein the RRC connection release message comprises a downlink data packet.

In a second aspect, an embodiment of the present invention provides a data transmission method, including: a radio network controller RNC receives a non-access stratum protocol data unit NAS PDU or a high-level data packet sent by user equipment UE; the RNC sends a second security parameter acquisition request message to a core network node; the RNC receives a second security parameter acquisition response message sent by the core network node, wherein the second security parameter acquisition response message comprises a second security parameter of the UE; and the RNC decrypts and/or verifies the integrity of the NAS PDU or the high-level data packet by adopting the first safety parameter and the second safety parameter and then sends the NAS PDU or the high-level data packet to the core network node.

In a first possible implementation manner of the second aspect, the receiving, by the RNC, a NASPDU or a higher layer data packet sent by the UE includes: and the RNC receives a first message which is sent by the UE and contains the NAS PDU or a high-layer data packet and the first safety parameter.

According to a first possible implementation manner of the second aspect, in a second possible implementation manner, the first message includes: an uplink direct transmission message, an initial direct transmission message, or a radio resource control RRC connection request message; alternatively, an RRC connection setup complete message.

In a third possible implementation manner of the second aspect, before the RNC receives the NASPDU or the higher layer data packet sent by the UE, the method further includes: and the RNC receives the first safety parameter sent by the UE.

According to a third possible implementation manner of the second aspect, in a fourth possible implementation manner, the receiving, by the RNC, the first security parameter sent by the UE includes: and the RNC receives an RRC connection request message sent by the UE, wherein the RRC connection request message comprises the first security parameter.

According to a third possible implementation manner of the second aspect, in a fifth possible implementation manner, the receiving, by the RNC, the first security parameter sent by the UE includes: and the RNC receives an RRC connection request message sent by the UE, wherein the RRC connection request message comprises the first security parameter and a service request indication.

According to a fourth possible implementation manner or a fifth possible implementation manner of the second aspect, in a sixth possible implementation manner, the RRC connection request message further includes: a small packet transmission indication.

According to the second aspect and any one of the first to sixth possible implementation manners of the second aspect, in a seventh possible implementation manner, the second security parameter acquisition request message is an uplink information exchange request message; and the second security parameter acquisition response message is an uplink information exchange response message.

According to the second aspect and any one of the first to sixth possible implementation manners of the second aspect, in an eighth possible implementation manner, the second security parameter acquisition request message is an initial UE message; the second security parameter acquisition response message is a security mode command message.

According to a third possible implementation manner of the second aspect, in a ninth possible implementation manner, the receiving, by the RNC, the first security parameter sent by the UE includes: the RNC receives an RRC connection establishment completion message sent by the UE, wherein the RRC connection establishment completion message comprises the first security parameter; the receiving, by the RNC, the NAS PDU or the higher layer data packet sent by the UE includes: and after receiving the RRC connection setup complete message sent by the UE, the RNC receives at least one message which is sent by the UE and contains the NAS PDU or a high-level data packet.

In a tenth possible implementation manner, according to any one of the third to ninth possible implementation manners of the second aspect, before the receiving, by the RNC, the NAS PDU or higher layer packet that is sent, the method further includes: and the RNC sends an RRC connection establishment message to the UE, wherein the RRC connection establishment message comprises an integrity protection parameter Fresh, so that the UE adopts a first security parameter and the integrity protection parameter Fresh to perform security processing on the NAS PDU or a high-level data packet.

According to any one of the third to tenth possible implementation manners of the second aspect, in an eleventh possible implementation manner, after the sending, by the RNC, the NAS PDU or a higher layer packet to the core network node, the method further includes: the RNC receives a direct transmission message or a direct information transmission message sent by the core network node, wherein the direct transmission message or the direct information transmission message comprises a downlink data packet; and the RNC sends an RRC connection release message to the UE, wherein the RRC connection release message comprises the response information.

In a third aspect, an embodiment of the present invention provides a data transmission method, including: a core network node receives a second security parameter acquisition request message sent by a Radio Network Controller (RNC), wherein the second security parameter acquisition request message comprises a User Equipment (UE) identifier of UE; the core network node sends a second security parameter acquisition response message to the RNC, wherein the second security parameter acquisition response message comprises a second security parameter corresponding to the UE identifier; and the core network node receives a data message which is sent by the RNC and contains a UE identifier and an NAS PDU or a high-level data packet, wherein the NAS PDU or the high-level data packet is obtained after the RNC receives the data message which is sent by the UE and decrypts and/or verifies the integrity of the NASP PDU or the high-level data packet by adopting the second safety parameter.

In a first possible implementation manner of the third aspect, the second security parameter obtaining request message is an uplink information exchange request message; and the second security parameter acquisition response message is an uplink information exchange response message.

In a second possible implementation manner of the third aspect, the second security parameter obtaining request message is an initial UE message that includes the service request indication; the second security parameter acquisition response message is a security mode command message.

According to the third aspect, the first or second possible implementation manner of the third aspect, in a fourth possible implementation manner, after the receiving, by the core network node, the data message that includes the UE identity and the NAS PDU or the higher layer data packet and is sent by the RNC, the method further includes: and the core network node sends a response message corresponding to the NAS PDU or the high-level data packet to the RNC.

According to a fourth possible implementation manner of the third aspect, in a fifth possible implementation manner, the data message that is received by the core network node and that includes the UE identity and the NAS PDU or the higher layer data packet and is sent by the RNC is: an initial UE message or a direct transmission message; the response message sent by the core network node to the RNC is a direct transmission message or a direct information transmission message.

In a fourth aspect, an embodiment of the present invention provides a data transmission apparatus, including: the processing module is used for encapsulating the small data packet into a non-access stratum protocol data unit (NAS PDU) or a high-level data packet; and the sending module is used for sending the NAS PDU or the high-level data packet to a Radio Network Controller (RNC).

In a first possible implementation manner of the fourth aspect, the processing module is further configured to perform security processing on the NAS PDU or the higher layer data packet by using a first security parameter before sending the NAS PDU or the higher layer data packet to the RNC; the sending module is specifically configured to: and sending the NAS PDU or a high-layer data packet after security processing to an RNC.

According to a first possible implementation manner of the fourth aspect, in a second possible implementation manner, the sending module is specifically configured to: and sending a first message containing the NAS PDU or a higher layer data packet and the first safety parameter to an RNC.

According to a second possible implementation manner of the fourth aspect, in a third possible implementation manner, the first message includes: an uplink direct transmission message, an initial direct transmission message, or a radio resource control RRC connection request message; alternatively, an RRC connection setup complete message.

According to the first possible implementation manner of the fourth aspect, in a fourth possible implementation manner, the method further includes: and the first parameter sending module is used for sending the first safety parameter to the RNC before sending the NAS PDU or the high-level data packet after the safety processing to the RNC.

According to a fourth possible implementation manner of the fourth aspect, in a fifth possible implementation manner, the first parameter sending module is specifically configured to: and sending an RRC connection request message to the RNC, wherein the RRC connection request message contains the first security parameters.

According to a fourth possible implementation manner of the fourth aspect, in a sixth possible implementation manner, the first parameter sending module is specifically configured to: and sending an RRC connection request message to the RNC, wherein the RRC connection request message comprises the first security parameter and a service request indication.

According to a fifth possible implementation manner or a sixth possible implementation manner of the fourth aspect, in a seventh possible implementation manner, the RRC connection request message further includes: a small packet transmission indication.

According to a fourth possible implementation manner of the fourth aspect, in an eighth possible implementation manner, the first parameter sending module is specifically configured to: sending an RRC connection setup complete message to the RNC, wherein the RRC connection setup complete message comprises the first security parameter; the sending module is specifically configured to: and after sending the RRC connection setup complete message to an RNC, sending at least one message containing the NAS PDU or a higher layer data packet to the RNC.

In a ninth possible implementation manner, according to any one of the fifth to eighth possible implementation manners of the fourth aspect, the method further includes: a receiving module, configured to receive an RRC connection release message sent by the RNC after sending the NAS PDU or the higher layer data packet to the RNC, where the RRC connection release message includes a downlink data packet.

In a fifth aspect, an embodiment of the present invention provides a data transmission apparatus, including: a receiving module, configured to receive a non-access stratum protocol data unit NAS PDU or a high-level data packet sent by a user equipment UE; a second parameter obtaining module, configured to send a second security parameter obtaining request message to the core network node; receiving a second security parameter acquisition response message sent by the core network node, wherein the second security parameter acquisition response message comprises a second security parameter of the UE; the processing module is used for decrypting and/or verifying the integrity of the NAS PDU or the high-level data packet by the RNC by adopting a first safety parameter and a second safety parameter; a sending module, configured to send the NAS PDU or the higher layer data packet to the core network node.

In a first possible implementation manner of the fifth aspect, the receiving module is specifically configured to: and the RNC receives a first message which is sent by the UE and contains the NAS PDU or a high-layer data packet and the first safety parameter.

In a second possible implementation manner, according to the first possible implementation manner of the fifth aspect, the first message includes: an uplink direct transmission message, an initial direct transmission message, or a radio resource control RRC connection request message; alternatively, an RRC connection setup complete message.

In a third possible implementation manner of the fifth aspect, the method further includes: a first parameter receiving module, configured to receive the first security parameter sent by the UE before receiving an NAS PDU or a higher layer data packet sent by the UE.

According to a third possible implementation manner of the fifth aspect, in a fourth possible implementation manner, the first parameter receiving module is specifically configured to: and receiving an RRC connection request message sent by the UE, wherein the RRC connection request message comprises the first security parameter.

According to a third possible implementation manner of the fifth aspect, in a fifth possible implementation manner, the first parameter receiving module is specifically configured to: and receiving an RRC connection request message sent by the UE, wherein the RRC connection request message comprises the first security parameter and a service request indication.

According to a fourth possible implementation manner or a fifth possible implementation manner of the fifth aspect, in a sixth possible implementation manner, the RRC connection request message further includes: a small packet transmission indication.

According to the fifth aspect and any one of the first to sixth possible implementation manners of the fifth aspect, in a seventh possible implementation manner, the second security parameter acquisition request message is an uplink information exchange request message;

and the second security parameter acquisition response message is an uplink information exchange response message.

According to the fifth aspect and any one of the first to sixth possible implementation manners of the fifth aspect, in an eighth possible implementation manner, the second security parameter acquisition request message is an initial UE message; the second security parameter acquisition response message is a security mode command message.

According to a third possible implementation manner of the fifth aspect, in a ninth possible implementation manner, the first parameter receiving module is specifically configured to: receiving an RRC connection setup complete message sent by the UE, wherein the RRC connection setup complete message comprises the first security parameter; the receiving module is specifically configured to: and after receiving the RRC connection setup complete message sent by the UE, receiving at least one message which is sent by the UE and contains the NAS PDU or a higher layer data packet.

In a tenth possible implementation manner, according to any one of the third to ninth possible implementation manners of the fifth aspect, the method further includes: a third parameter sending module, configured to send an RRC connection setup message to the UE before receiving the NAS PDU or the high-level data packet sent by the UE, where the RRC connection setup message includes an integrity protection parameter Fresh, so that the UE performs security processing on the NAS PDU or the high-level data packet by using the first security parameter and the integrity protection parameter Fresh.

According to any one of the third to tenth possible implementation manners of the fifth aspect, in an eleventh possible implementation manner, the receiving module is further configured to receive a direct transmission message or a direct information transmission message sent by the core network node after the NAS PDU or a higher layer data packet is sent to the core network node, where the direct transmission message or the direct information transmission message includes a downlink data packet; the sending module is further configured to send an RRC connection release message to the UE, where the RRC connection release message includes the downlink data packet.

In a sixth aspect, an embodiment of the present invention provides a data transmission apparatus, including: the second parameter transmission module is used for receiving a second security parameter acquisition request message sent by the radio network controller RNC, wherein the second security parameter acquisition request message comprises a UE identifier of user equipment UE; sending a second security parameter acquisition response message to the RNC, wherein the second security parameter acquisition response message comprises a second security parameter corresponding to the UE identifier; a receiving module, configured to receive a data message that is sent by the RNC and includes a UE identifier and an NAS PDU or a high-level data packet, where the NAS PDU or the high-level data packet is obtained after the RNC receives the data message that is sent by the UE and decrypts the NAS PDU or the high-level data packet by using the second security parameter.

In a first possible implementation manner of the sixth aspect, the second security parameter acquisition request message is an uplink information exchange request message; and the second security parameter acquisition response message is an uplink information exchange response message.

In a second possible implementation manner of the sixth aspect, the second security parameter obtaining request message is an initial UE message that includes the service request indication; the second security parameter acquisition response message is a security mode command message.

According to the sixth aspect and the first or second possible implementation manner of the sixth aspect, in a fourth possible implementation manner, the method further includes: a sending module, configured to send, to the RNC, a response message corresponding to an NAS PDU or a higher layer data packet after receiving a data message that includes a UE identifier and the NAS PDU or the higher layer data packet and is sent by the RNC.

According to a fourth possible implementation manner of the sixth aspect, in a fifth possible implementation manner, the data message that is sent by the RNC and includes the UE identity and the NAS PDU or the higher layer data packet, and is received by the core network node is: an initial UE message or a direct transmission message; the response message sent by the core network node to the RNC is a direct transmission message or a direct information transmission message.

In a seventh aspect, an embodiment of the present invention provides a user equipment UE, including:

the processor is used for encapsulating the small data packet into a non-access stratum protocol data unit (NAS PDU) or a high-level data packet;

and the transmitter is used for transmitting the NAS PDU or the high-layer data packet to a Radio Network Controller (RNC).

In a first possible implementation manner of the seventh aspect,

the processor is further configured to perform security processing on the NAS PDU or the higher layer data packet by using a first security parameter before sending the NAS PDU or the higher layer data packet to the RNC.

The transmitter is specifically configured to send the NAS PDU or the higher layer data packet after security processing to an RNC.

According to a first possible implementation manner of the seventh aspect, in a second possible implementation manner, the transmitter is specifically configured to:

and sending a first message containing the NAS PDU or a higher layer data packet and the first safety parameter to an RNC.

According to a first possible implementation manner of the seventh aspect, in a third possible implementation manner, the transmitter is specifically configured to:

and sending the first security parameter to the RNC before sending the NAS PDU or the high-layer data packet after security processing to the RNC.

According to a third possible implementation manner of the seventh aspect, in a fourth possible implementation manner, the transmitter is specifically configured to:

sending an RRC connection setup complete message to the RNC, wherein the RRC connection setup complete message comprises the first security parameter;

and after sending the RRC connection setup complete message to an RNC, sending at least one message containing the NAS PDU or a higher layer data packet to the RNC.

According to the seventh aspect and any one of the first to fourth possible implementation manners of the seventh aspect, in a fifth possible implementation manner, the method further includes:

a receiver, configured to receive an RRC connection release message sent by the RNC after sending the NAS PDU or a higher layer data packet to the RNC, where the RRC connection release message includes a downlink data packet.

In an eighth aspect, an embodiment of the present invention provides a radio network controller RNC, including:

the device comprises a receiver and a control unit, wherein the receiver is used for receiving a non-access stratum protocol data unit (NAS PDU) or a high-level data packet sent by User Equipment (UE);

a transmitter, configured to send a second security parameter acquisition request message to a core network node;

the receiver is further configured to receive a second security parameter acquisition response message sent by the core network node, where the second security parameter acquisition response message includes a second security parameter of the UE;

the processor is used for decrypting and/or verifying the integrity of the NAS PDU or the high-level data packet by adopting the first safety parameter and the second safety parameter;

the transmitter is further configured to transmit the NAS PDU or a higher layer packet to the core network node.

In a first possible implementation manner of the eighth aspect, the receiver is specifically configured to:

and receiving a first message which is sent by the UE and contains the NAS PDU or a higher layer data packet and the first security parameter.

In a second possible implementation manner of the eighth aspect, the receiver is specifically configured to:

and before receiving the NAS PDU or the higher layer data packet sent by the UE, receiving the first security parameter sent by the UE.

According to a second possible implementation manner of the eighth aspect, in a third possible implementation manner, the receiver is specifically configured to:

receiving an RRC connection setup complete message sent by the UE, wherein the RRC connection setup complete message comprises the first security parameter;

and after receiving the RRC connection setup complete message sent by the UE, receiving at least one message which is sent by the UE and contains the NAS PDU or a higher layer data packet.

According to the eighth aspect and any one of the first to third possible implementation manners of the eighth aspect, in a fourth possible implementation manner,

the receiver is further configured to receive a direct transmission message or a direct information transmission message sent by the core network node after the NAS PDU or the higher layer data packet is sent to the core network node, where the direct transmission message or the direct information transmission message includes a downlink data packet;

the transmitter is further configured to transmit an RRC connection release message to the UE, where the RRC connection release message includes the downlink data packet.

In a ninth aspect, an embodiment of the present invention provides a core network node, including:

the receiver is used for receiving a second security parameter acquisition request message sent by the radio network controller RNC, wherein the second security parameter acquisition request message comprises a UE (user equipment) identifier of UE (user equipment);

a transmitter, configured to send a second security parameter acquisition response message to the RNC, where the second security parameter acquisition response message includes a second security parameter corresponding to the UE identity;

the receiver is further configured to receive a data message that is sent by the RNC and includes a UE identifier and an NAS PDU or a higher-level data packet, where the NAS PDU or the higher-level data packet is obtained after the RNC receives the data message that is sent by the UE and decrypts the NAS PDU or the higher-level data packet by using the second security parameter.

In a first possible implementation manner of the ninth aspect, the transmitter is further configured to:

and after receiving the data message which is sent by the RNC and contains the UE identification and the NAS PDU or the higher-layer data packet, sending a response message corresponding to the NAS PDU or the higher-layer data packet to the RNC.

In a tenth aspect, an embodiment of the present invention provides a communication system, including: a radio network controller, RNC, as described in any embodiment of the present invention, and a core network node as described in any embodiment of the present invention.

According to the data transmission method, the device and the system provided by the embodiment of the invention, the small data packet to be transmitted is encapsulated into the NAS PDU or the high-level data packet and is directly carried in the message of the control plane signaling for transmission, so that the process of establishing a data transmission channel by a plurality of user plane signaling can be omitted, the data transmission flow can be greatly reduced, and the data transmission efficiency can be improved.

Drawings

FIG. 1 is a flowchart illustrating a first embodiment of a data transmission method according to the present invention;

FIG. 2 is a flowchart illustrating a second embodiment of a data transmission method according to the present invention;

FIG. 3 is a flowchart of a third embodiment of a data transmission method according to the present invention;

fig. 4 is a signaling flowchart of a fourth embodiment of the data transmission method of the present invention;

fig. 5 is a signaling flowchart of a fifth embodiment of the data transmission method of the present invention;

fig. 6 is a signaling flowchart of a sixth embodiment of the data transmission method of the present invention;

fig. 7 is a signaling flowchart of a seventh embodiment of the data transmission method of the present invention;

FIG. 8 is a schematic structural diagram of a data transmission apparatus according to a first embodiment of the present invention;

FIG. 9 is a schematic structural diagram of a third data transmission apparatus according to the present invention;

FIG. 10 is a schematic structural diagram of a fourth data transmission apparatus according to the present invention;

fig. 11 is a schematic structural diagram of a sixth embodiment of a data transmission device according to the present invention;

fig. 12 is a schematic structural diagram of a seventh data transmission apparatus according to an embodiment of the present invention;

fig. 13 is a schematic structural diagram of an eighth data transmission apparatus according to an embodiment of the present invention;

FIG. 14 is a diagram illustrating a UE according to an embodiment of the present invention;

FIG. 15 is a diagram illustrating an RNC according to an embodiment of the present invention;

fig. 16 is a schematic structural diagram of a core network node according to an embodiment of the present invention;

fig. 17 is a schematic structural diagram of an embodiment of a communication system of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The small data packet in the small data packet corresponding to the embodiment of the present invention refers to the size of the data packet described from the application level, and the small data packet in the embodiment of the present invention mainly refers to the data packet of the MTC device or the keep-alive information of the smart phone. For example: the UE can determine whether the data packet to be sent is a small data packet meeting the requirements of the invention or not through a threshold value configured by the network side, and when the network side indicates that the data packet smaller than 1000 bytes is the small data packet, if the UE sends the data packet smaller than 1000 bytes, the corresponding scheme in the embodiment of the invention is adopted.

The core network Node in the embodiment of the present invention may be a Serving General Packet Radio Service Support Node (SGSN), a Gateway General Packet Radio Service Support Node (GGSN), or a signaling Gateway (Signal Gateway, SGW), or an application server.

The high-level data packet according to the embodiment of the present invention is an Internet Protocol (IP) packet of an application layer, and the IP packet may be transmitted through a Dedicated Control Channel (DCCH), a Common Control Channel (CCCH), or a Dedicated Traffic Channel (DTCH).

Fig. 1 is a flowchart of a first embodiment of the data transmission method of the present invention, where an execution main body of the present embodiment is a User Equipment (UE), and the UE may cooperate with an RNC described in the second embodiment and a core network node described in the third embodiment to execute the data transmission method. In this embodiment, after encapsulating a small data packet to be transmitted into a Non Access Stratum protocol data Unit (NAS PDU for short) or a high-level data packet, the UE sends the small data packet to a core network node through a Radio network controller (RNC for short) to transmit the small data packet. As shown in fig. 1, the data transmission method of the present embodiment may be as follows.

Step 101, the UE encapsulates the small data packet into an NAS PDU or a high-level data packet.

And 102, the UE sends the NAS PDU or a high-layer data packet to an RNC.

For example, in step 102, the UE may transmit the NAS PDU or higher layer data packet by using a message such as an Uplink Direct Transfer (Uplink Direct Transfer) message, an Initial Direct Transfer (Initial Direct Transfer) message, or a radio resource control RRC Connection Request (RRC Connection Request) message.

In the prior art, a common data transmission process is that a data transmission channel is established among a UE, an RNC, and a core network node through multiple pieces of signaling, and data is transmitted on the data transmission channel. In the embodiment of the present invention, the transmitted data is considered to be a small data packet, so that the small data packet to be transmitted can be encapsulated into an NAS PDU or a higher layer data packet, and can be directly carried in a control plane signaling message for transmission.

In this embodiment, the small data packets to be transmitted are encapsulated into NAS PDUs or high-level data packets, and are directly carried in the message of the control plane signaling for transmission, so that multiple signaling for establishing a data transmission channel can be omitted, the data transmission flow can be greatly reduced, and the data transmission efficiency can be improved.

Further, after the UE encapsulates the small data packet into an NAS PDU or a higher layer data packet, the data transmission method may further include: and the UE adopts the first security parameter to perform security processing on the NAS PDU or the high-level data packet.

For example, the first security parameter may include a security algorithm and a security parameter, where the security algorithm may include a data encryption and decryption algorithm UEA and/or an integrity protection algorithm UIA; the security parameters include input parameters of encryption and/or integrity protection, such as: the START value, or the anti-replay parameter COUNT-C and/or anti-replay parameter COUNT-I for encryption and decryption or integrity protection. The parameters are needed to be used when the UE encrypts and/or performs integrity protection on the small data packet, and are also needed to be used when the RNC receives the small data packet and then decrypts and/or performs integrity verification on the small data packet.

Further, the sending, by the UE, the NAS PDU or a higher layer packet to the RNC may include: and the UE sends a first message containing the NAS PDU or a higher layer data packet and the first safety parameter to an RNC.

In this embodiment, the NAS PDU or higher layer packet and the first security parameter are sent in the same message. The scheme can be divided into the following two modes in specific implementation.

In a first manner, the first message may be: an Uplink Direct Transfer (Uplink Direct Transfer) message, an Initial Direct Transfer (Initial Direct Transfer) message, or a Radio Resource Control (RRC) Connection Request (RRC Connection Request) message, etc. may be used for the RRC message for transmitting the small packet. By adopting any one of the above messages as the first message, the UE can transmit the small data packet by using only one message, the data transmission process is simplified, the efficiency is high, but the reliability of data transmission is not guaranteed, so that the method is applicable to a scenario with low reliability requirement on the transmission of the small data packet.

Alternatively, in the second mode, the first message may be: RRC connection Setup Complete (RRCConnection Setup Complete) message. The scheme that the UE sends the small data packets by adopting the RRC Connection Setup complete message needs to send the small data packets on the basis of the RRC Connection Setup, so that the method also comprises the processes that the UE sends an RRC Connection request message to the RNC and the RNC returns an RRC Connection Setup (RRC Connection Setup) message to the UE before the UE sends the RRC Connection Setup complete message to the RNC, and therefore, the method is suitable for scenes with high requirements on the reliability of transmission of the small data packets.

Further, before the UE sends the NAS PDU or the higher layer data packet after security processing to the RNC, the data transmission method may further include: and the UE sends the first safety parameter to an RNC.

In this embodiment, the NAS PDU or higher layer packet and the security parameters are sent in two messages, respectively. The scheme can be implemented in the following manner.

In a first manner, the sending, by the UE, the first security parameter to an RNC may include: the UE sends an RRC connection request message to the RNC, wherein the RRC connection request message comprises first security parameters. For example, the RNC may know that the transmission is the transmission of the small data packet through the first security parameter or other manners, so as to trigger a corresponding flow of the small data packet.

In this manner, after receiving the RRC connection Request message, the RNC may use an Uplink Information Exchange Request (Uplink Information Exchange Request) message and an Uplink Information Exchange Response (Uplink Information Exchange Response) message for interaction to obtain the second security parameter. In a specific implementation, the second Security parameter may be obtained by using an Initial UE Message (Initial UE Message), a Security Mode Complete (Security Mode Complete) Message or a Common identification (Common ID) Message, or may also be obtained by using other messages, which is not limited in this embodiment of the present invention.

Or, in the second manner, the sending, by the UE, the first security parameter to the RNC may include: and the UE sends an RRC connection request message to the RNC, wherein the RRC connection request message comprises a first security parameter and a service request indication so as to acquire a second security parameter sent by the core network node.

In this manner, since the RRC connection Request Message includes a Service Request indication (Service Request), the RNC may be triggered to Request the second Security parameter from the core network node by using an Initial UE Message (Initial UE Message) including the Service Request indication after receiving the RRC connection Request Message, and the Initial UE Message may trigger the core network node to perform the transfer of the second Security parameter through a process of SMC (including the core network node sending a Security Mode Command Message to the RNC and the RNC sending a Security Mode Complete Message to the core network node or the core network node sending a Security Mode Command Message to the RNC).

Or, in the two manners, the RRC connection request message sent by the UE to the RNC may further include a small packet transmission indication. The Small Data packet transmission indication may be newly added with Small Data indication information (Small Data Indicator) in the RRC connection request message, or may be indicated by Delay Access (Delay Access) information in an establishment Cause (Establish Cause), or may be set as an indication of Small Data packet transmission in a Service Type (Service Type) in the Service request indication. The small data packet indication may also be in other forms, which is not limited in this embodiment of the present invention.

Further, in an embodiment, the sending, by the UE, the first security parameter to the RNC may include: and the UE sends an RRC connection establishment completion message to the RNC, wherein the RRC connection establishment completion message comprises the first security parameter.

The sending, by the UE, the NAS PDU or a higher layer data packet to the RNC may include: and after sending the RRC connection setup complete message to an RNC, the UE sends at least one message containing the NAS PDU or a high-layer data packet to the RNC. The at least one message may adopt at least one Uplink Direct transmission (Uplink Direct Transfer) message, and each Uplink Direct transmission message may include a small data packet.

The embodiment is suitable for a scene of transmitting a plurality of small data packets after the RRC connection is established.

In a specific implementation, the RRC connection request message sent by the UE to the RNC may further include the security parameter, and at least one uplink direct transmission message is then used to transmit at least one small data packet.

The encryption/decryption and/or integrity protection algorithm employed by the RNC in the above embodiment may be an algorithm predetermined for transmission of small data packets.

Further, in another embodiment, before the UE sends the NAS PDU or higher layer data packet after security processing to the RNC, the data transmission method may further include: the UE receives an RRC connection establishment message sent by the RNC, wherein the RRC connection establishment message comprises an integrity protection parameter Fresh; then, the UE performs security processing on the NAS PDU or the high-level data packet by using security parameters, including: and the UE carries out safety processing on the NAS PDU or a high-level data packet by adopting the first safety parameter and the integrity protection parameter Fresh.

Further, in another embodiment, before the UE performs security processing on the NASPDU or the higher layer data packet by using the first security parameter, the data transmission method may further include: and the UE negotiates with the RNC to determine a security algorithm.

The negotiation process may include two modes, the first mode is a mode in which the RNC directly determines the security algorithm and notifies the UE; the second is a mode that the UE reports the security algorithm supported by the UE to the RNC, the RNC obtains the security algorithm allowed by the node of the core network, and then the RNC determines a security algorithm applicable to both the UE and the node of the core network and notifies the UE, for example: and informing the UE of the security algorithm adopted by the transmission through an RRC Connection Setup message.

In a first manner, the negotiating between the UE and the RNC to determine the security algorithm specifically includes: the method comprises the following steps: the UE receives an RRC connection establishment message or a system broadcast message sent by the RNC, wherein the RRC connection establishment message or the system broadcast message contains a security algorithm indication; step two: and the UE determines the security algorithm according to the security algorithm indication.

In the second manner, the RRC connection request message may further include security algorithm information supported by the UE.

The UE receives an RRC connection setup message sent by the RNC, where the RRC connection setup message includes a security algorithm indication, and may include: and the UE receives an RRC connection establishment message which is sent by the RNC and contains a safety algorithm indication, wherein the safety algorithm indication corresponding to the safety algorithm indication is determined by the RNC according to safety algorithm information supported by the UE and/or a safety algorithm allowed by a core network node.

Further, if there is reception of a Downlink packet after the UE transmits the small packet, where the Downlink packet may be response information or a feedback packet corresponding to the packet transmitted by the UE, the Downlink packet may be included in an RRC Connection Release (RRC Connection Release) message or a Downlink Direct Transfer (Downlink Direct Transfer) message for transmission. For example, after the UE sends the NAS PDU or higher layer packet to the RNC, the method may further include:

and the UE receives an RRC connection release message or a downlink direct transmission message sent by the RNC, wherein the RRC connection release message or the downlink direct transmission message comprises information of a downlink data packet.

Fig. 2 is a flowchart of a second embodiment of the data transmission method of the present invention, where an execution main body of the present embodiment is an RNC, and the RNC can cooperate with the UE described in the first embodiment and the core network node described in the third embodiment to execute the data transmission method. In this embodiment, after receiving the NAS PDU or the higher layer data packet sent by the UE, the RNC sends the NAS PDU or the higher layer data packet to the serving core network node to perform transmission of a small data packet. As shown in fig. 2, the data transmission method of the present embodiment may be as follows.

Step 201, the RNC receives the NAS PDU or higher layer data packet sent by the UE.

Step 202, the RNC sends a second security parameter acquisition request message to the core network node.

For example, the second security parameter acquisition request message may include: the UE Identity of the UE may be, for example, an International Mobile Subscriber Identity (IMSI) of the UE or a Packet temporary Mobile Subscriber Identity (Packet temporary Mobile Subscriber Identity, P-TMSI) of the UE. The second security parameter obtaining request message may be used to obtain key information of the UE, including an encryption key CK and/or an integrity protection key IK.

Step 203, the RNC receives a second security parameter acquisition response message sent by the core network node, where the second security parameter acquisition response message includes a second security parameter of the UE.

The second security parameter acquisition response message may also include the UE identity, IMSI or P-TMSI of the UE.

And step 204, after decrypting and/or integrity checking the NAS PDU or the high-level data packet by the RNC by adopting the first safety parameter and the second safety parameter, sending the NAS PDU or the high-level data packet to the core network node.

In this embodiment, the RNC receives a small data packet encapsulated into an NAS PDU or a high-level data packet, and obtains a second security parameter for decrypting and/or performing integrity check on the NAS PDU or the high-level data packet from the core network node, and then sends the decrypted and/or integrity checked NAS PDU or the high-level data packet to the core network node, so that multiple signaling for establishing a user plane data transmission channel can be omitted, thereby greatly reducing the data transmission flow and improving the data transmission efficiency.

In the above embodiment, the sequence of step 201 with step 202 and step 203 may be changed, for example, in an embodiment, step 202 and step 203 may be executed first, and then step 201 may be executed.

Further, the receiving, by the RNC, the NAS PDU or higher layer packet sent by the UE may include: and the RNC receives a first message which is sent by the UE and contains the NAS PDU or a high-layer data packet and the first safety parameter.

For example, in a first manner, the first message may be: the uplink direct transmission message, the initial direct transmission message, or the radio resource control RRC connection request message, or may be other messages that can be used to send the small data packet. By adopting any one of the above messages as the first message, only one message is adopted between the RNC and the UE to transmit the small data packet, the data transmission process is simplified, the efficiency is higher, but the reliability of the data transmission cannot be guaranteed, so that the method and the device can be suitable for scenes with low reliability requirements on the transmission of the small data packet.

Alternatively, in the second mode, the first message may be: RRC connection setup complete message. The method comprises the steps that the UE sends an RRC Connection request message to the RNC and the RNC returns an RRC Connection Setup (RRC Connection Setup) message to the UE before the RNC receives the RRC Connection Setup complete message sent by the UE, so that the method is suitable for a scene with high requirements on the transmission reliability of the small data packets.

Further, before the RNC receives the NAS PDU or the higher layer data packet sent by the UE, the data transmission method may further include: and the RNC receives the first safety parameter sent by the UE.

In this embodiment, the NAS PDU or higher layer packet and the security parameters are sent in two messages, respectively. The scheme can be implemented in various ways as follows.

In a first manner, the receiving, by the RNC, the first security parameter sent by the UE may include: and the RNC receives an RRC connection request message sent by the UE, wherein the RRC connection request message comprises the first security parameter. For example, the RNC may know that the transmission is the transmission of the small data packet through the first security parameter or other manners, so as to trigger a corresponding flow of the small data packet.

Or, in the second mode, the receiving, by the RNC, the first security parameter sent by the UE may include: and the RNC receives an RRC connection Request message sent by the UE, wherein the RRC connection Request message comprises the first security parameter and a Service Request instruction (Service Request).

In this way, the second security parameter acquisition request message may be an initial UE message including the service request indication; the second security parameter acquisition response message may be a security mode command message. In general, the initial UE message containing the Service request indication (Service Requst) may trigger the core network node to perform the transfer of the second Security parameter through a process of SMC (including the core network node sending a Security mode Command message to the RNC and the RNC sending a Security mode complete message to the core network node).

Or, in any two manners, the receiving, by the RNC, the RRC connection request message sent by the UE may further include: and transmitting an instruction of small data packets, so that the RNC determines to interact with a core network node to acquire a second security parameter according to the instruction of small data packet transmission.

For example, the second security parameter acquisition Request message may be an uplink information Exchange Request (uplinkInformationexchange Request) message; the second security parameter acquisition Response message may be an Uplink Information Exchange Response (Uplink Information Exchange Response) message.

Or, the second security parameter acquisition request message may be an initial UE message; the second security parameter acquisition response message may be a security mode command message or a Common identification (Common ID) message. Alternatively, the second security parameter acquisition request message and the second security parameter acquisition response message may also be other messages, which is not limited in the embodiment of the present invention.

Further, in an embodiment, the receiving, by the RNC, the first security parameter sent by the UE may include: and the RNC receives an RRC connection establishment completion message sent by the UE, wherein the RRC connection establishment completion message comprises the first security parameter.

The receiving, by the RNC, the NAS PDU or the higher layer data packet sent by the UE includes: and after receiving the RRC connection setup complete message sent by the UE, the RNC receives at least one message which is sent by the UE and contains the NAS PDU or a high-level data packet. The at least one message may adopt at least one Uplink Direct transmission (Uplink Direct Transfer) message, and each Uplink Direct transmission message may include a small data packet.

During specific implementation, the RNC may further receive an RRC connection request message sent by the UE, where the RRC connection request message carries the security parameter, and then transmit at least one small data packet by using at least one uplink direct transmission message.

Further, in another embodiment, before the RNC receives the NASPDU or higher layer data packet, the data transmission method may further include: and the RNC sends an RRC connection establishment message to the UE, wherein the RRC connection establishment message comprises an integrity protection parameter Fresh, so that the UE adopts a first security parameter and the integrity protection parameter Fresh to perform security processing on the NAS PDU or a high-level data packet.

Further, if there is reception of a downlink data packet after the UE transmits the small data packet, where the downlink data packet may be response information or a feedback data packet corresponding to the data packet transmitted by the UE, the downlink data packet may be included in an RRC Connection Release (RRC Connection Release) message for transmission. For example, after the RNC sends the NAS PDU or a higher layer data packet to the core network node, the data transmission method may further include: the RNC receives a downlink data packet sent by the core network node; for example, the RNC sends an RRC connection release message or a downlink direct transmission message to the UE, where the RRC connection release message includes a downlink data packet.

The downlink data packet information sent by the core network node and received by the RNC may also be: a Direct Transfer (Direct Transfer) message or a Direct Information Transfer (Direct Information Transfer) message. In practical implementation, if SCCP connection is established between the RNC and the core network node, the response message may be transmitted using a Direct Transfer message, and if SCCP connection is not established between the RNC and the core network node, the response message may be transmitted using a Direct Information Transfer message.

Fig. 3 is a flowchart of a third embodiment of the data transmission method of the present invention, where an execution main body of the present embodiment is a core network node, and the core network node may cooperate with the UE described in the first embodiment and the RNC described in the second embodiment to execute the data transmission method. In this embodiment, the RNC receives and decrypts an NAS PDU or a higher layer data packet sent by the UE, and then sends the NAS PDU or the higher layer data packet to the core network node. As shown in fig. 3, the data transmission method of the present embodiment may be as follows.

Step 301, a core network node receives a second security parameter acquisition request message sent by an RNC, where the second security parameter acquisition request message includes a UE identity of a user equipment UE.

The second security parameter may be a key of the UE, including an encryption/decryption key and/or an integrity protected key.

It should be noted that the second security parameter acquisition request message includes a UE identifier of a UE, so that the core network node acquires the second security parameter of the UE, and if the core network node already knows the UE identifier of the UE before step 301 or can know the UE identifier of the UE through other manners, the second security parameter acquisition request message in step 301 may not carry the UE identifier of the UE.

Further, the second security parameter may also comprise an encryption and/or integrity protection algorithm.

Step 302, the core network node sends a second security parameter acquisition response message to the RNC, where the second security parameter acquisition response message includes a second security parameter corresponding to the UE identity.

Step 303, the core network node receives a data message which is sent by the RNC and contains a UE identity and an NASPDU or a high-level data packet, where the NAS PDU or the high-level data packet is obtained after the RNC receives the data message which is sent by the UE and decrypts and/or performs integrity check on the NAS PDU or the high-level data packet by using the second security parameter.

It should be noted that, if the core network node knows the UE identity of the UE before step 303, the data message in step 303 may not carry the UE identity.

In this embodiment, the second security parameter is transmitted to the RNC through the second security parameter acquisition request message and the second security parameter acquisition response message between the core network node and the RNC, so that the RNC decrypts and/or verifies the integrity of the NAS PDU or the high-level data packet after security processing sent by the UE, and receives the data message containing the UE identifier and the NAS PDU or the high-level data packet sent by the RNC through the core network node, thereby implementing transmission of small data packets, reducing the flow of data transmission, and improving the efficiency of data transmission.

Further, the second security parameter acquisition request message may be an uplink information exchange request message; the second security parameter acquisition response message may be an uplink information exchange response message.

Further, the second security parameter acquisition request message may be an initial UE message including the Service request indication (Service Requst); then, the second security parameter acquisition response message may be a security mode command message. This is because normally the Service requust may trigger the SMC procedure, and therefore the second security parameter may be communicated through the SMC command message.

Further, if there is downlink data reception information after the UE sends the small data packet, after the core network node receives the data message including the UE identity and the NAS PDU or the higher layer data packet sent by the RNC, the data transmission method may further include: and the core network node sends a downlink data packet to the RNC.

For example, the data message containing the UE identity and the NASPDU or higher layer data packet sent by the RNC and received by the core network node may be: an initial UE message or a direct transmission message; the response message sent by the core network node to the RNC may be a direct transfer message or a direct information transfer message. It should be noted that, if the core network node and the RNC already make explicit the UE corresponding to the transmission data in the interaction process, the UE identity may not be included in the data transmission.

The following describes the technical solution of the data transmission method of the present invention in detail by using several specific embodiments.

Fig. 4 is a signaling flowchart of a fourth embodiment of the data transmission method of the present invention, and as shown in fig. 4, the data transmission method of this embodiment may be as follows.

Step 401, the UE encapsulates the small data packet into an NAS PDU or a higher layer data packet.

In step 401, after encapsulating the small data packet into an NAS PDU or a higher layer data packet, the UE further performs security processing on the NAS PDU or the higher layer data packet by using a first security parameter, where the first security parameter includes an input parameter of the security processing, and further may include a security algorithm, where the security algorithm may include a ciphering algorithm or an integrity protection algorithm, or both; the input parameters of the security processing include Start, which is applicable to both the encryption algorithm and the integrity protection algorithm, or the encryption and decryption parameters Count-C and the integrity protection parameter Count-I.

Step 402, the UE sends a first message containing the NAS PDU or a higher layer data packet and a first security parameter to the RNC.

For example, the UE contends for resources through a random access procedure to transmit a NAS PDU or a higher layer packet. At this time, the UE is in an idle state, the Bearer used for sending the NAS PDU or the higher layer data packet may be a Bearer agreed by the network side and the UE, and for example, the Bearer configuration SRB1 (Signaling Radio Bearer) or TRB (transport Radio Bearer) included in a System Information Block (SIB) broadcast message may be adopted to agree the used Bearer, where SRB1/TRB is information for indicating Bearer configuration and mainly includes information of a logical channel, a transport channel, and the like for data transmission.

In order to decrypt and \ or perform integrity check on the NAS PDU or the higher layer data packet by the RNC, the first message also needs to simultaneously carry parameters required for decryption and \ or performing integrity check: START or COUNT-C/COUNT-I, the specific carried parameters depend on the first security parameters of the UE in step 401.

The first message may be an uplink direct transfer message, an initial direct transfer message, or a radio resource control RRC connection request message.

Step 403, after receiving the first message, the RNC sends a second security parameter acquisition request message to the core network node, where the second security parameter acquisition request message includes a UE identity of the UE.

For example, the second security parameter may be a key of the UE, including a ciphering key CK and/or a security protection key IK. The second security parameter acquisition Request message may be an Uplink Information Exchange Request message.

Step 404, the core network node sends a second security parameter acquisition response message to the RNC, where the second security parameter acquisition response message includes a second security parameter corresponding to the UE identity.

For example, the core network node may query, according to the UE identity, a second security parameter corresponding to the UE identity. The second security parameter acquisition Request response message may be an Uplink Information Exchange response message Uplink Information Exchange Request message.

Step 405, the RNC uses the first security parameter and the second security parameter to decrypt and \ or perform integrity check on the NASP or the high-level data packet.

In step 406, the RNC sends a data message containing the UE identity and the decrypted and/or integrity-verified NAS PDU or higher layer data packet to the core network node.

If the core network node knows the UE identity of the UE before step 406, the data message of step 406 may not include the UE identity.

In this embodiment, the UE encapsulates the small data packet to be transmitted into an NAS PDU or a high-level data packet, and directly carries the NAS PDU or the high-level data packet in the control plane signaling to send to the RNC, and after the RNC obtains the first security parameter and the second security parameter of the UE, decrypts and/or protects the integrity of the NAS PDU or the high-level data packet sent by the UE, and sends the NAS PDU or the high-level data packet to the core network node through one control plane signaling, so that the transmission of the small data packet is completed through four signaling messages, the flow of data transmission is simplified, and the efficiency of data transmission is improved.

Fig. 5 is a signaling flowchart of a fourth embodiment of the data transmission method of the present invention, and as shown in fig. 5, the data transmission method of this embodiment may be as follows.

Step 501, the UE sends an RRC connection request message to the RNC.

In a specific implementation, when the UE is ready to transmit a small data packet, the UE may first perform a random access procedure to acquire resources to send a subsequent RRC connection signaling.

The RRC Connection Request message (RRC Connection Request) may include small data packet indication information to inform the RNC and the core network node that the UE is ready to send a small data packet, so that the RNC and the core network node start a small data packet transmission process. The small packet indication information may be a small data indicator newly added in the RRC Connection Request message, or may be a Delay Tolerant Connection (Delay Access) in an establishment Cause (Establish Cause). Alternatively, the Service Type (Service Type) in the Service request indication may be set as the indication of the small packet transmission. The small data packet indication may also be in other forms, which is not limited in this embodiment of the present invention.

Further, if a security protection algorithm needs to be negotiated, the information of the security capability of the UE, such as the UEA and/or the UIA supported by the UE, may be carried in the RRC ConnectionRequest message.

Optionally, the UE may also report an input parameter STRAT of the ciphering algorithm and/or the integrity protection algorithm, or COUNT-C and/or COUNT-I, in the RRC Connection Request message.

Optionally, the UE may also report a KSI identifying an encryption/decryption algorithm and/or an integrity protection algorithm in the RRC Connection Request message, so that the RNC forwards the KSI to the core network node, and then the core network node queries information of a security context corresponding to the UE in the core network node.

Step 502, the RNC sends a second security parameter acquisition request message to the core network node.

The scenario of step 502 is that after the RNC parses the small packet indication information of the RRC Connection Request message in step 501, the RNC requests the core network node for information required for subsequent encryption/decryption and/or integrity check.

For example, the second security parameter may include a ciphering key CK and/or an integrity protection key IK of the UE, or may also include other related information of security processing. The second security parameter acquisition request message may further include a UE identity of the UE, for example: and P-TMSI or IMSI, so that the core network node acquires the safety processing information corresponding to the UE according to the UE identification.

In this embodiment, the second Security parameter acquisition Request message may be an Uplink Information Exchange Request (Uplink Information Exchange Request) message, where the Uplink Information Exchange Request message may include a second Security parameter Request indication, for example, the Uplink Information Exchange Request message may include a Small Data Transmission Indicator and \ or a Security Information Request.

Step 503, sending, by the core network node, a second security parameter acquisition response message to the RNC, where the second security parameter acquisition response message includes the second security parameter of the UE.

For example, the second security parameter acquisition Response message may be an uplink information Exchange Response (uplinkInformationExhangeResponse) message, which may include CK and/or IK, and P-TMSI or IMSI of the UE. It should be noted that, if the core network node and the RNC already make explicit the UE corresponding to the transmission data in the interaction process, the UE identity may not be included in the data transmission.

Further, if a security protection algorithm needs to be negotiated, the Uplink Information exchange response message may also carry a list of UEA and/or UIA algorithms allowed by the core network node, so that the RNC determines the encryption and/or integrity check algorithm used in the data transmission according to the UEA and/or UIA supported by the UE and the UEA and/or UIA allowed by the core network node.

In a specific implementation, before the second security parameter acquisition response message sent by the core network node to the RNC, there may also be a process of establishing a Signaling Connection Control Part (SCCP).

It should be noted that, the messages used for transmitting the second security parameter between the RNC and the core network node in step 502 and step 503 may also use other signaling messages, which is not limited in this embodiment of the present invention. Moreover, before the interaction of the RNC and the core network node for transmitting the second security parameter this time, or other manners may be adopted to make the RNC and the core network node clearly identify the UE identifier of the corresponding UE, so the UE identifier may not be included in the interaction process.

And step 504, the RNC determines a security algorithm adopted by the data transmission according to the UEA and/or UIA supported by the UE and the UEA and/or UIA allowed by the core network node, and generates an integrity protection parameter Fresh.

Wherein, step 504 is an optional step, if the UE, the RNC and the core network node do not need to negotiate the UEA and/or UIA, for example, the UE is notified of the UEA and/or UIA used for transmitting the small data packet through a System Information Block (SIB) message, and the UE does not need to execute step 504 when the UE does not use Fresh as a parameter for the security processing of the NAS PDU or the higher layer data packet. In addition, in step 504, the RNC determines that only one of the two operations, namely the security algorithm used in the transmission and the operation of generating the Fresh by the RNC, can be executed.

Step 505, the RNC sends an RRC connection setup message to the UE.

Optionally, the RRC Connection Setup (RRC Connection Setup) message includes a security algorithm used by the RNC to determine the data transmission, and/or a Fresh generated by the RNC.

Step 506, the UE sends an RRC connection setup complete message to the RNC, where the RRC connection setup complete message includes an NAS PDU or a higher layer data packet.

For example, the NAS PDU or the upper layer data packet is formed by encapsulating, by the UE, a small data packet to be transmitted into the NAS PDU or the upper layer data packet, and the NAS PDU or the upper layer data packet may be obtained by performing security processing on input parameters Start or Count-C and/or Count-I of the UEA and/or UIA, and the Fresh.

Optionally, if the RRC Connection Request message in step 501 does not carry the information of the input parameters Start, Count-C, Count-I, and/or UIA of UEA and/or UIA, it may also be carried in the RRC Connection Setup Complete message (RRC Connection Setup Complete) message in step 506.

If there is no downlink data packet received after the small data packet transmission is completed, the RRC connection may be released after the completion of the step 506, or the RRC connection may be released after the completion of the subsequent step 508. Specifically, the RRC connection may be released in the following three ways.

The first method is as follows: after the UE completes sending the RRC Connection Setup Complete message, the UE directly releases the RRC Connection.

The second method comprises the following steps: after receiving the RLC ACK corresponding to the RRC Connection Setup Complete message, the UE releases the RRC Connection.

The third method comprises the following steps: after receiving the RRC Connection Setup Complete message, the RNC transmits an RRC Connection Release message to the UE to Release the RRC Connection.

In step 507, after receiving the RRC connection setup complete message, the RNC decrypts and/or performs integrity check on the NAS PDU or the higher layer data packet included therein.

And step 508, the RNC sends the decrypted and/or integrity-checked NAS PDU or a high-level data packet to a core network node.

For example, step 508 may send the NASPDU or higher layer packet to the core network node via an Initial UE Message (Initial UE Message).

The Initial UE Message may contain the UE IMSI or the P-TMSI. The Initial UEMessage may also contain small packet indication information.

In particular implementations, other messages may also be used to send the NAS PDU or higher layer packet to a core network node.

If no SCCP connection is established by the core network node in step 503, the core network node may establish an SCCP connection for the UE in step 508.

If there is reception of the downlink data packet after the small data packet transmission is completed, the following steps 509 to 510 are performed.

Step 509, the core network node sends the downlink data packet to the RNC.

The downlink packet may be feedback information of the NAS PDU or the higher layer packet, or may be another downlink packet.

For example, if SCCP connection is established, the downlink data packet may be sent through a Direct Transfer message, and at this time, if a data transmission channel for the UE between the RNC and the core network node is not established, the Direct Transfer message needs to include an identifier IMSI/P-TMSI of the UE; if no SCCP connection is established, the feedback Information can be sent through a Direct Information Transfer message; alternatively, other messages may be used to send the feedback information.

The downlink data packet is also encapsulated in the form of an NAS PDU or a higher layer data packet.

Step 510, after receiving the downlink data packet, the RNC sends the downlink data packet to the UE.

For example, the feedback information may be carried in RRC Connection Release and sent to the UE.

In order to ensure the correctness of the data packet transmission, at this time, the RRC Connection Release message may be sent in an RLC-AM mode, and when the RNC determines whether the UE has released the RRC Connection and whether the UE re-enters the idle state according to whether RLC-ACK for the RRC Connection Release message is received.

Alternatively, the following procedure may be employed to transmit the feedback information and release the RRC connection.

And the RNC transmits the feedback information to the UE by adopting a Downlink Direct Transfer message, and after waiting for the UE to transmit the confirmation information, the RNC transmits an RRC Connection Release message to Release the RRC Connection of the UE.

In this embodiment, the small data packet and the security information of the small data packet are transmitted through signaling such as a process of establishing an RRC connection between the UE and the RNC, an uplink information exchange process, an initial UE message, and a direct transmission message, so that a transmission flow of the small data packet is simplified, thereby improving data transmission efficiency.

Fig. 6 is a signaling flowchart of a sixth embodiment of the data transmission method of the present invention, the method of this embodiment is similar to the data transmission method of the embodiment shown in fig. 5, and the difference is that in this embodiment, an SMC process is used for transmitting a second security parameter between an RNC and a core network node, and a Service Request needs to be carried in an RRC Connection Request message in order to trigger the SMC process. As shown in fig. 6, the data transmission method of the present embodiment may be as follows.

Step 601, the UE sends an RRC connection request message to the RNC, where the RRC connection request message includes a service request indication.

The Service Request indication (Service Request) may be used to trigger a subsequent SMC procedure.

The RRC Connection Request message (RRC Connection Request) may further include small packet indication information.

Optionally, the UE may also report an input parameter STRAT of an encryption algorithm and an integrity protection algorithm, or COUNT-C and \ or COUNT-i, in the RRC Connection Request message;

optionally, the UE may also report the KSI identifying the encryption/decryption algorithm/integrity protection algorithm in the RRC Connection Request message, so that the RNC forwards the KSI to the core network node, and then the core network node queries information of the security context corresponding to the UE in the core network node.

Step 602, the RNC sends a second security parameter acquisition request message to the core network node, where the second security parameter acquisition request message includes the service request indication.

For example, the second security parameter acquisition request message may be an initial UE message.

And 603, the core network node sends an SMC command message to the RNC, wherein the SMC command message contains the second safety parameter of the UE.

In step 602, since the initial UE message including the service request indication may trigger the SMC procedure, the core network node may use the SMC command message as the second security parameter acquisition response message.

In actual implementation, there may also be a process of SCCP establishment before step 603. Also after step 603 the RNC sends an SMC complete message to the core network node.

Further, if a security protection algorithm needs to be negotiated, the Uplink Information exchange response message may also carry a list of UEA and/or UIA algorithms allowed by the core network node, so that the RNC determines the security algorithm used for the data transmission according to the UEA and/or UIA supported by the UE and the UEA and/or UIA allowed by the core network node.

Step 604, the RNC determines the security algorithm adopted by the data transmission according to the UEA and/or UIA supported by the UE and the UEA and/or UIA allowed by the core network node, and generates an integrity protection parameter Fresh.

Step 604 is an optional step, and if the UE, the RNC, and the core network node do not need to negotiate the UEA and/or the UIA, for example, the UEA and/or the UIA is notified by a System Information Block (SIB) message, and if the UE does not use Fresh as a parameter for the security processing of the NAS PDU or the higher layer data packet, step 604 does not need to be executed. In step 604, the RNC determines that only one of the two operations, namely the security algorithm used in the transmission and the operation of generating the Fresh by the RNC, may be executed.

Step 605, the RNC sends an RRC connection setup message to the UE.

Step 606, the UE sends an RRC connection setup complete message to the RNC, where the RRC connection setup complete message includes an NAS PDU or a higher layer data packet.

Optionally, if the RRC Connection Request message in step 601 does not carry the information of the input parameters Start or Count-C and/or Count-I of UEA and/or UIA, it may also be carried in the RRC Connection Setup Complete message (RRC Connection Setup Complete) in step 606.

If there is no downlink feedback information after the small data packet transmission is completed, the RRC connection may be released after the completion of the step 606.

Step 607, after receiving the RRC connection setup complete message, the RNC decrypts and/or performs integrity check on the NAS PDU or the higher layer data packet contained therein.

And step 608, the RNC sends the decrypted and/or integrity-checked NAS PDU or a high-level data packet to a core network node.

If there is reception of the downlink data packet after the small data packet transmission is completed, the following steps 609 to 610 are performed.

Step 609, the core network node sends the downlink data packet to the RNC.

The downlink data packet may be: the feedback information of the NAS PDU or the higher layer packet may be other downlink information.

Step 610, after receiving the downlink data packet, the RNC sends the downlink data packet to the UE.

In this embodiment, the service request indication is carried in the RRC connection request message sent by the UE to the RNC, and the service request indication is also carried in the initial UE message sent by the RNC to the core network node, so as to trigger the core network node to transmit the key information of the UE by using an SMC process, thereby simplifying a small data packet transmission flow and ensuring data security.

In the foregoing embodiment, in the process of acquiring the second security parameter from the core network node by the RNC, a Common identification (Common ID) message may be used to acquire the second security parameter, or other messages may also be used, which is not limited in this embodiment of the present invention.

Fig. 7 is a signaling flowchart of a seventh embodiment of a data transmission method of the present invention, and the method in this embodiment is similar to the data transmission method in the embodiments shown in fig. 5 or fig. 6, except that in this embodiment, the number of small data packets transmitted by the UE may be multiple, and therefore, multiple NAS PDUs or higher layer data packets may be transmitted by using multiple Uplink Direct transmission (Uplink Direct Transfer) messages. As shown in fig. 7, the data transmission method of the present embodiment may be as follows.

Step 701, the UE sends an RRC connection request message to the RNC.

Step 702, the RNC sends a second security parameter acquisition request message to the core network node.

Step 703, the core network node sends a second security parameter acquisition response message to the RNC, where the second security parameter acquisition response message includes the second security parameter of the UE.

Step 704, the RNC determines the security algorithm adopted by the data transmission according to the UEA and/or UIA supported by the UE and the UEA and/or UIA allowed by the node of the core network, and generates an integrity protection parameter Fresh.

It should be noted that step 704 is an optional step, and if the UE, the RNC, and the core network node do not need to negotiate the UEA and/or the UIA, for example, the UEA and/or the UIA is notified by a System Information Block (SIB) message, and the UE does not need to execute step 704 when the UE does not use the Fresh as a parameter for the security processing of the NAS PDU or the higher layer data packet. In step 704, the RNC determines that only one of the two operations, namely the security algorithm used in the transmission and the operation of generating the Fresh by the RNC, may be executed.

Step 705, the RNC sends an RRC connection setup message to the UE.

Step 706, the UE sends an RRC connection setup complete message to the RNC.

Step 707, the UE sends at least one uplink direct transmission message to the RNC, where the uplink direct transmission message includes an NAS PDU or a higher layer data packet.

The Uplink Direct Transfer message may include a NAS PDU or a higher layer packet.

The UE may also transmit NAS PDUs or higher layer packets through the TRBs configured as described above.

If there is no downlink feedback information after the small data packet transmission is completed, the RRC connection may be released after the completion of the step 707.

In step 708, after receiving the RRC connection setup complete message, the RNC decrypts and/or performs integrity check on the NAS PDU or the higher layer data packet contained therein.

And step 709, the RNC sends the decrypted and/or integrity-checked NAS PDU or a high-level data packet to a core network node.

If there is reception of the downlink packet after the transmission of the small packet is completed, the following steps 710 to 711 are performed.

Step 710, the core network node sends the downlink data packet to the RNC.

The downlink data packet may be feedback information of the NAS PDU or the higher layer data packet, or may be other downlink data.

Step 711, after receiving the downlink data packet, the RNC sends the downlink data packet to the UE.

In this embodiment, the transmission of a plurality of small packets can be achieved by transmitting at least one NAS PDU or higher layer packet using at least one uplink direct transmission message. The usage scenario of the embodiment may also be: the data packet to be transmitted is relatively large and larger than the size of a common small data packet, at this time, the data packet to be transmitted can be encapsulated into two or more NAS PDUs or high-layer data packets, and the NAS PDUs or high-layer data packets are sent by using an uplink direct transmission message.

Fig. 8 is a schematic structural diagram of a first data transmission apparatus in an embodiment of the present invention, where the data transmission apparatus 800 of this embodiment may be disposed on a UE, or may be the UE itself, as shown in fig. 8, the data transmission apparatus of this embodiment may include: the device comprises a processing module 11 and a sending module 12, wherein the processing module 11 can be used for encapsulating small data packets into NAS PDUs or higher layer data packets; a sending module 12, configured to send the NAS PDU or a higher layer data packet to an RNC.

The data transmission apparatus of this embodiment may be configured to implement the technical solution of the method embodiment shown in fig. 1, and the implementation principles of the technical solutions implemented by the corresponding UE in any method embodiments shown in fig. 4 to fig. 7 are similar, and are not described herein again.

The data transmission device of the embodiment has the technical effects that small data packets to be transmitted are encapsulated into NAS PDU or high-level data packets and are directly carried in the message of control plane signaling for transmission, so that the process of establishing a data transmission channel by a plurality of user plane signaling can be omitted, the data transmission flow can be greatly reduced, and the data transmission efficiency is improved.

In the foregoing embodiment, the processing module 11 may be further configured to perform security processing on the NASPDU or the higher layer data packet by using a first security parameter before the NAS PDU or the higher layer data packet is sent to the RNC.

The sending module 12 may specifically be configured to: and sending the NASP PDU or the higher-layer data packet after the safety processing to the RNC.

In the second embodiment of the data transmission device of the present invention, the data transmission device of this embodiment may be disposed on the UE, or may be the UE itself. The sending module 12 may specifically be configured to: and sending a first message containing the NAS PDU or a higher layer data packet and the first safety parameter to an RNC.

In the foregoing embodiment, the first message may include: an uplink direct transmission message, an initial direct transmission message, or a radio resource control RRC connection request message; alternatively, an RRC connection setup complete message.

The data transmission apparatus of this embodiment may be configured to execute the technical solution executed by the corresponding UE in the method embodiment shown in fig. 4, and the implementation principle and the technical effect are similar, which are not described herein again.

Fig. 9 is a schematic structural diagram of a third data transmission apparatus in the embodiment of the present invention, and the data transmission apparatus 900 in this embodiment may be disposed on a UE or may be a UE. On the basis of the first embodiment of the data transmission device, the data transmission device of this embodiment may further include: a first parameter sending module 13, where the first parameter sending module 13 may be configured to send the first security parameter to the RNC before sending the security-processed NAS PDU or higher layer packet to the RNC.

Further, the first parameter sending module 13 may be specifically configured to: and sending an RRC connection request message to the RNC, wherein the RRC connection request message contains the first security parameters.

Optionally, the first parameter sending module 13 may be specifically configured to: and sending an RRC connection request message to the RNC, wherein the RRC connection request message comprises the first security parameter and a service request indication.

Further optionally, the RRC connection request message may further include: a small packet transmission indication.

Optionally, the first parameter sending module 13 may be specifically configured to: sending an RRC connection setup complete message to the RNC, wherein the RRC connection setup complete message comprises the first security parameter;

the sending module 12 may be specifically configured to: and after sending the RRC connection setup complete message to an RNC, sending at least one message containing the NAS PDU or a higher layer data packet to the RNC.

Further optionally, in order to meet a scenario that downlink response information also exists, the data transmission apparatus of this embodiment may further include: a receiving module 14, configured to receive an RRC connection release message sent by the RNC after sending the NAS PDU or the higher layer data packet to the RNC, where the RRC connection release message includes a downlink data packet.

The data transmission apparatus of this embodiment may be configured to execute the technical solution executed by the corresponding UE in any one of the method embodiments shown in fig. 5 to fig. 7, and the implementation principle and the technical effect are similar, which are not described herein again.

Fig. 10 is a schematic structural diagram of a fourth data transmission apparatus in the embodiment of the present invention, and the data transmission apparatus 1000 in this embodiment may be disposed on an RNC, or may be an RNC. The data transmission device of the embodiment may include: a receiving module 21, a second parameter obtaining module 22, a processing module 23 and a sending module 24.

The receiving module 21 may be configured to receive a non-access stratum protocol data unit NAS PDU or a higher layer data packet sent by the user equipment UE.

A second parameter obtaining module 22, configured to send a second security parameter obtaining request message to the core network node; and receiving a second security parameter acquisition response message sent by the core network node, wherein the second security parameter acquisition response message comprises a second security parameter of the UE.

The processing module 23 may be configured to decrypt and/or perform integrity check on the NAS PDU or the higher layer data packet by using the first security parameter and the second security parameter by the RNC.

A sending module 24, configured to send the NAS PDU or higher layer packet to the core network node.

The data transmission apparatus of this embodiment may be configured to implement the technical solution of the method embodiment shown in fig. 2, and the implementation principles of the technical solutions implemented by the corresponding RNC in any method embodiments shown in fig. 4 to fig. 7 are similar, and are not described herein again.

The data transmission device of the embodiment has the technical effects that the RNC receives the small data packet which is encapsulated into the NAS PDU or the high-level data packet through the control plane signaling, obtains the second security parameter for decrypting the NAS PDU or the high-level data packet through the core network node, and sends the decrypted NASP PDU or the high-level data packet to the core network node, so that the process of establishing a data transmission channel through a plurality of user plane signaling can be omitted, the data transmission flow can be greatly reduced, and the data transmission efficiency is improved.

In the fifth embodiment of the data transmission apparatus of the present invention, the receiving module 21 may specifically be configured to: and the RNC receives a first message which is sent by the UE and contains the NAS PDU or a high-layer data packet and the first safety parameter.

For further example, the first message may include: an uplink direct transmission message, an initial direct transmission message, or a radio resource control RRC connection request message; alternatively, an RRC connection setup complete message.

The data transmission apparatus of this embodiment may be configured to execute the technical solution executed by the corresponding RNC in the method embodiment shown in fig. 4, and the implementation principle and the technical effect are similar, which are not described herein again.

Fig. 11 is a schematic structural diagram of a sixth embodiment of a data transmission apparatus 1100 according to the present invention, where the data transmission apparatus 1100 of this embodiment may be disposed on an RNC or may be an RNC. On the basis of the fourth embodiment of the data transmission device, the data transmission device of this embodiment may further include: a first parameter receiving module 25, where the first parameter receiving module 25 may be configured to receive the first security parameter sent by the UE before receiving a NAS PDU or a higher layer data packet sent by the UE.

Further, the first parameter receiving module may be specifically configured to: and receiving an RRC connection request message sent by the UE, wherein the RRC connection request message comprises the first security parameter.

Optionally, the first parameter receiving module may be specifically configured to: and receiving an RRC connection request message sent by the UE, wherein the RRC connection request message comprises the first security parameter and a service request indication.

Optionally, the second security parameter acquisition request message may be an uplink information exchange request message; the second security parameter acquisition response message may be an uplink information exchange response message.

Optionally, the second security parameter acquisition request message may be an initial UE message; the second security parameter acquisition response message may be a security mode command message.

Optionally, the first parameter receiving module may be specifically configured to: and receiving an RRC connection setup complete message sent by the UE, wherein the RRC connection setup complete message comprises the first security parameter.

The receiving module may specifically be configured to: and after receiving the RRC connection setup complete message sent by the UE, receiving at least one message which is sent by the UE and contains the NAS PDU or a higher layer data packet.

Further optionally, in order to better ensure the security, the data transmission apparatus of this embodiment may further include: a third parameter sending module 26, configured to send an RRC connection setup message to the UE before receiving the NAS PDU or the higher-level data packet sent by the UE, where the RRC connection setup message includes an integrity protection parameter Fresh, so that the UE performs security processing on the NAS PDU or the higher-level data packet by using the first security parameter and the integrity protection parameter Fresh.

Further optionally, in order to satisfy the existence of the downstream packet, for example: in a scenario of response information corresponding to the NAS PDU or the higher layer data packet, the receiving module 21 may be further configured to receive a direct transmission message or a direct information transmission message sent by the core network node after the NAS PDU or the higher layer data packet is sent to the core network node, where the direct transmission message or the direct information transmission message includes a downlink data packet.

The sending module 24 may be further configured to send an RRC connection release message to the UE, where the RRC connection release message includes a downlink data packet.

The data transmission apparatus of this embodiment may be configured to execute the technical solution executed by the corresponding RNC in any one of the method embodiments shown in fig. 5 to fig. 7, and the implementation principle and the technical effect are similar, which are not described herein again.

Fig. 12 is a schematic structural diagram of a seventh embodiment of the data transmission apparatus in the present invention, where the data transmission apparatus 1200 of this embodiment may be disposed on a core network node, or may be the core network node, for example: SGSN, GGSN, SGW or application server, etc. As shown in fig. 12, the data transmission device of the present embodiment may include: a second parameter delivery module 31 and a receiving module 32.

A second parameter transmission module 31, configured to receive a second security parameter obtaining request message sent by the radio network controller RNC, where the second security parameter obtaining request message includes a UE identifier of the UE; and sending a second security parameter acquisition response message to the RNC, wherein the second security parameter acquisition response message comprises a second security parameter corresponding to the UE identifier.

A receiving module 32, configured to receive a data message that is sent by the RNC and includes a UE identifier and an NAS PDU or a higher-level data packet, where the NAS PDU or the higher-level data packet is obtained after the RNC receives the data message that is sent by the UE and decrypts the NAS PDU or the higher-level data packet by using the second security parameter.

The data transmission apparatus of this embodiment may be configured to implement the technical solution of the method embodiment shown in fig. 3, and implement the technical solution executed by the corresponding core network node in any method embodiment shown in fig. 4 in a similar manner, which is not described herein again.

The data transmission device of the embodiment has the technical effects that the second security parameter is transmitted to the RNC through the second security parameter acquisition request message and the second security parameter acquisition request message between the core network node and the RNC, so that the RNC decrypts the NAS PDU or the high-level data packet sent by the UE after security processing, and receives the data message containing the UE identifier and the NAS PDU or the high-level data packet sent by the RNC through the core network node, thereby realizing the transmission of the small data packet, reducing the flow of data transmission and improving the efficiency of data transmission.

Optionally, the second security parameter acquisition request message may be an initial UE message including the service request indication; the second security parameter acquisition response message may be a security mode command message.

Fig. 13 is a schematic structural diagram of an eighth data transmission apparatus according to an embodiment of the present invention, where the data transmission apparatus 1300 of this embodiment may be disposed on a core network node, or may be the core network node, for example: SGSN, GGSN, SGW or application server, etc. In order to satisfy the scenario where there is a downlink data packet, as shown in fig. 13, the data transmission apparatus of this embodiment may further include, on the basis of the apparatus of the embodiment shown in fig. 12: a sending module 33, where the sending module 33 may be configured to send a response message corresponding to the NAS PDU or the higher layer data packet to the RNC after receiving the data message that includes the UE identity and the NAS PDU or the higher layer data packet and is sent by the RNC.

For further example, the data message sent by the RNC and including the UE identity and the NAS PDU or higher layer data packet received by the core network node may be: initial UE messages or direct transfer messages.

The response message sent by the core network node to the RNC may be a direct transfer message or a direct information transfer message.

The data transmission apparatus of this embodiment may be configured to implement the technical solutions executed by the corresponding core network node in any method embodiments shown in fig. 5 to fig. 7, and the implementation principles and technical effects are similar, and are not described herein again.

Fig. 14 is a schematic structural diagram of an embodiment of a UE of the present invention, and as shown in fig. 14, a UE1400 of the present embodiment may include a processor 1401 and a transmitter 1402.

The processor 1401 may be configured to encapsulate the small data packet into a non-access stratum protocol data unit, NASPDU, or a higher layer data packet.

A transmitter 1402 may be configured to transmit the NAS PDU or higher layer packet to a radio network controller RNC.

Further, the processor 1402 may be further configured to perform security processing on the NAS PDU or the higher layer data packet by using a first security parameter before sending the NAS PDU or the higher layer data packet to the RNC.

The transmitter 1402 may be specifically configured to transmit the NASPDU or the higher layer data packet after the security processing to the RNC.

Further, the transmitter 1402 may specifically be configured to: sending a first message comprising the NASP PDU or higher layer packet and the first security parameter to an RNC.

Alternatively, the transmitter 1402 may specifically be configured to: the first security parameter is sent to the RNC before sending the security-processed NASP PDU or higher layer data packet to the RNC.

Further, the transmitter 1402 may specifically be configured to: sending an RRC connection setup complete message to the RNC, wherein the RRC connection setup complete message comprises the first security parameter; and after sending the RRC connection setup complete message to an RNC, sending at least one message containing the NAS PDU or a higher layer data packet to the RNC.

Further, the UE may further include: the receiver 1403 may be configured to receive an RRC connection release message sent by the RNC after the NAS PDU or the higher layer data packet is sent to the RNC, where the RRC connection release message includes a downlink data packet.

The UE of this embodiment may be configured to execute the technical solution of the method embodiment shown in fig. 1, and the implementation principle of the technical solution executed by the UE in any method embodiment shown in fig. 4 to fig. 7 is similar, and is not described herein again.

The technical effect of the UE of this embodiment is that the small data packet to be transmitted is encapsulated into an NASPDU or a high-level data packet, and is directly carried in the message of the control plane signaling for transmission, so that the process of establishing a data transmission channel by multiple user plane signaling can be omitted, the data transmission flow can be greatly reduced, and the data transmission efficiency can be improved.

Fig. 15 is a schematic structural diagram of an RNC embodiment of the present invention, and as shown in fig. 15, an RNC1500 of the present embodiment may include a receiver 1501, a transmitter 1502 and a processor 1503, wherein,

a receiver 1501, configured to receive a non-access stratum protocol data unit NAS PDU or a higher layer data packet sent by a user equipment UE;

a transmitter 1502, configured to send a second security parameter acquisition request message to a core network node;

the receiver 1501 may be further configured to receive a second security parameter acquisition response message sent by the core network node, where the second security parameter acquisition response message includes a second security parameter of the UE;

the processor 1503 may be configured to perform decryption and/or integrity check on the NAS PDU or the higher layer data packet by using the first security parameter and the second security parameter;

the transmitter 1502 may be further configured to transmit the NAS PDU or a higher layer packet to the core network node.

Further, the receiver 1501 may specifically be configured to: and receiving a first message which is sent by the UE and contains the NAS PDU or a higher layer data packet and the first security parameter.

Alternatively, the receiver 1501 may be specifically configured to: and before receiving the NAS PDU or the higher layer data packet sent by the UE, receiving the first security parameter sent by the UE.

Further, the receiver 1501 is specifically configured to: receiving an RRC connection setup complete message sent by the UE, wherein the RRC connection setup complete message comprises the first security parameter; and after receiving the RRC connection setup complete message sent by the UE, receiving at least one message which is sent by the UE and contains the NAS PDU or a higher layer data packet.

Further, the receiver 1501 may be further configured to receive a direct transmission message or a direct information transmission message sent by the core network node after the NAS PDU or the higher layer data packet is sent to the core network node, where the direct transmission message or the direct information transmission message includes a downlink data packet.

The transmitter 1502 may be further configured to transmit an RRC connection release message to the UE, where the RRC connection release message includes the downlink data packet.

The RNC of this embodiment may be used to implement the technical solution of the method embodiment shown in fig. 2, and the implementation principles of the technical solutions implemented by the corresponding RNC in any method embodiments shown in fig. 4 to fig. 7 are similar, and are not described herein again.

The RNC has the technical effects that the RNC receives a small data packet which is encapsulated into an NASDU or a high-level data packet through control plane signaling, obtains a second security parameter for decrypting the NAS PDU or the high-level data packet from a core network node, and sends the decrypted NAS PDU or the high-level data packet to the core network node, so that the process of establishing a data transmission channel by a plurality of user plane signaling can be omitted, the flow of data transmission can be greatly reduced, and the efficiency of data transmission is improved.

Fig. 16 is a schematic structural diagram of a core network node according to an embodiment of the present invention, where the core network node 1600 of this embodiment may be: SGSN, GGSN, SGW or application server, etc. As shown in fig. 16, the core network node of the present implementation may include a receiver 1601 and a transmitter 1602.

The receiver 1601 may be configured to receive a second security parameter obtaining request message sent by the radio network controller RNC, where the second security parameter obtaining request message includes a UE identity of the user equipment UE.

A transmitter 1602, configured to send a second security parameter obtaining response message to the RNC, where the second security parameter obtaining response message includes a second security parameter corresponding to the UE identity.

The receiver 1601 may be further configured to receive a data message that is sent by the RNC and includes a UE identifier and a NASPDU or a higher layer data packet, where the NAS PDU or the higher layer data packet is obtained by the RNC receiving the data message that is sent by the UE and decrypting the NAS PDU or the higher layer data packet by using the second security parameter.

Further, the transmitter 1602 may be further configured to: and after receiving the data message which is sent by the RNC and contains the UE identification and the NAS PDU or the higher-layer data packet, sending a response message corresponding to the NAS PDU or the higher-layer data packet to the RNC.

The core network node of this embodiment may be configured to implement the technical solution of the method embodiment shown in fig. 3, and the implementation principle of the technical solution implemented by the corresponding core network node in any method embodiment shown in fig. 4 to fig. 7 is similar, and is not described herein again.

The core network node of this embodiment has the technical effects that the second security parameter is transferred to the RNC through the second security parameter acquisition request message and the second security parameter acquisition request message between the core network node and the RNC, so that the RNC decrypts the NAS PDU or the high-level data packet sent by the UE after security processing, and receives the data message containing the UE identifier and the NAS PDU or the high-level data packet sent by the RNC through the core network node, thereby realizing the transfer of the small data packet, reducing the flow of data transmission, and improving the efficiency of data transmission.

Fig. 17 is a schematic structural diagram of an embodiment of a communication system of the present invention, and as shown in fig. 17, a communication system 1700 of this embodiment may include an RNC according to any embodiment of the present invention and a core network node according to any embodiment of the present invention.

It should be noted that, in the embodiment of the present invention, the interaction between the UE and the RNC may be forwarded through the base station NordB.

It will be clear to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional modules is merely used as an example, and in practical applications, the above function distribution may be performed by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules to perform all or part of the above described functions. For the specific working processes of the system, the apparatus and the unit described above, reference may be made to the corresponding processes in the foregoing method embodiments, and details are not described here again.

In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, a network device, or the like) or a processor (processor) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.

The above embodiments are only used to describe the technical solutions of the present application in detail, but the above embodiments are only used to help understanding the method and the core idea of the present invention, and should not be construed as limiting the present invention. Those skilled in the art should also appreciate that they can easily conceive of various changes and substitutions within the technical scope of the present disclosure.

Claims

1. A method of data transmission, comprising:

the user equipment UE encapsulates the small data packet into a non-access stratum protocol data unit NAS PDU or a high-level data packet;

and the UE sends the NAS PDU or a high-layer data packet to a Radio Network Controller (RNC).

2. The method of claim 1, wherein before the UE sends the NAS PDU or higher layer packet to the RNC, the method further comprises:

the UE adopts a first security parameter to perform security processing on the NAS PDU or a high-level data packet;

the UE sending the NAS PDU or a higher layer data packet to an RNC, including:

and the UE sends the NAS PDU or a high-level data packet after security processing to an RNC.

3. The method of claim 2, wherein the UE sending the security-processed NAS PDU or higher layer packet to the RNC comprises:

and the UE sends a first message containing the NAS PDU or a higher layer data packet and the first safety parameter to an RNC.

4. The method of claim 3, wherein the first message comprises:

an uplink direct transmission message, an initial direct transmission message, or a radio resource control RRC connection request message; or,

RRC connection setup complete message.

5. The method of claim 2, wherein before the UE sends the security-processed NAS PDU or higher layer packet to the RNC, the method further comprises:

and the UE sends the first safety parameter to an RNC.

6. The method of claim 5, wherein the UE sends the first security parameter to an RNC, and wherein the sending comprises:

the UE sends an RRC connection request message to the RNC, wherein the RRC connection request message comprises first security parameters.

7. The method of claim 5, wherein the UE sends the first security parameter to an RNC, and wherein the sending comprises:

the UE sends an RRC connection request message to the RNC, wherein the RRC connection request message comprises a first security parameter and a service request indication.

8. The method according to claim 6 or 7, wherein the RRC connection request message further comprises: a small packet transmission indication.

9. The method of claim 5, wherein the UE sends the first security parameter to an RNC, and wherein the sending comprises:

the UE sends an RRC connection establishment completion message to an RNC, wherein the RRC connection establishment completion message comprises the first security parameter;

the UE sending the NAS PDU or a higher layer data packet to an RNC, including:

and after sending the RRC connection setup complete message to an RNC, the UE sends at least one message containing the NAS PDU or a high-layer data packet to the RNC.

10. The method according to any of claims 6-9, wherein after the UE sends the NAS PDU or higher layer packet to the RNC, the method further comprises:

and the UE receives an RRC connection release message sent by the RNC, wherein the RRC connection release message comprises a downlink data packet.

11. A method of data transmission, comprising:

a radio network controller RNC receives a non-access stratum protocol data unit NAS PDU or a high-level data packet sent by user equipment UE;

the RNC sends a second security parameter acquisition request message to a core network node;

the RNC receives a second security parameter acquisition response message sent by the core network node, wherein the second security parameter acquisition response message comprises a second security parameter of the UE;

and the RNC decrypts and/or verifies the integrity of the NAS PDU or the high-level data packet by adopting the first safety parameter and the second safety parameter and then sends the NAS PDU or the high-level data packet to the core network node.

12. The method of claim 11, wherein the RNC receiving the NAS PDU or higher layer packet sent by the UE comprises:

and the RNC receives a first message which is sent by the UE and contains the NAS PDU or a high-layer data packet and the first safety parameter.

13. The method of claim 12, wherein the first message comprises:

RRC connection setup complete message.

14. The method of claim 11, wherein before the RNC receives the NAS PDU or higher layer packet sent by the UE, the method further comprises:

and the RNC receives the first safety parameter sent by the UE.

15. The method of claim 14, wherein the RNC receives the first security parameter sent by the UE, and wherein the method comprises:

and the RNC receives an RRC connection request message sent by the UE, wherein the RRC connection request message comprises the first security parameter.

16. The method of claim 14, wherein the RNC receives the first security parameter sent by the UE, and wherein the method comprises:

and the RNC receives an RRC connection request message sent by the UE, wherein the RRC connection request message comprises the first security parameter and a service request indication.

17. The method according to claim 15 or 16,

the RRC connection request message further includes: a small packet transmission indication.

18. The method according to any one of claims 11 to 17,

the second security parameter acquisition request message is an uplink information exchange request message;

19. The method according to any one of claims 11 to 17,

the second security parameter acquisition request message is an initial UE message;

the second security parameter acquisition response message is a security mode command message.

20. The method of claim 14, wherein the RNC receives the first security parameter sent by the UE, and wherein the method comprises:

the RNC receives an RRC connection establishment completion message sent by the UE, wherein the RRC connection establishment completion message comprises the first security parameter;

the receiving, by the RNC, the NAS PDU or the higher layer data packet sent by the UE includes:

and after receiving the RRC connection setup complete message sent by the UE, the RNC receives at least one message which is sent by the UE and contains the NAS PDU or a high-level data packet.

21. The method according to any of claims 14-20, wherein before the RNC receives the transmitted NAS PDU or higher layer packet, further comprising:

and the RNC sends an RRC connection establishment message to the UE, wherein the RRC connection establishment message comprises an integrity protection parameter Fresh, so that the UE adopts a first security parameter and the integrity protection parameter Fresh to perform security processing on the NAS PDU or a high-level data packet.

22. The method according to any of claims 14-21, wherein after the RNC sends the NAS PDU or higher layer packet to the core network node, further comprising:

the RNC receives a direct transmission message or a direct information transmission message sent by the core network node, wherein the direct transmission message or the direct information transmission message comprises a downlink data packet;

and the RNC sends an RRC connection release message to the UE, wherein the RRC connection release message comprises the response information.

23. A method of data transmission, comprising:

a core network node receives a second security parameter acquisition request message sent by a Radio Network Controller (RNC), wherein the second security parameter acquisition request message comprises a User Equipment (UE) identifier of UE;

the core network node sends a second security parameter acquisition response message to the RNC, wherein the second security parameter acquisition response message comprises a second security parameter corresponding to the UE identifier;

and the core network node receives a data message which is sent by the RNC and contains a UE identifier and an NAS PDU or a high-level data packet, wherein the NAS PDU or the high-level data packet is obtained after the RNC receives the data message which is sent by the UE and decrypts and/or verifies the integrity of the NAS PDU or the high-level data packet by adopting the second safety parameter.

24. The method according to claim 23, wherein the second security parameter acquisition request message is an uplink information exchange request message; and the second security parameter acquisition response message is an uplink information exchange response message.

25. The method of claim 23, wherein the second security parameter acquisition request message is an initial UE message containing the service request indication; the second security parameter acquisition response message is a security mode command message.

26. The method according to any of claims 23-25, wherein after the core network node receives the data message comprising the UE identity and the NAS PDU or higher layer packet sent by the RNC, the method further comprises:

and the core network node sends a response message corresponding to the NAS PDU or the high-level data packet to the RNC.

27. The method of claim 26,

the data message which is sent by the RNC and contains the UE identity and the NAS PDU or the higher layer data packet and is received by the core network node is: an initial UE message or a direct transmission message;

the response message sent by the core network node to the RNC is a direct transmission message or a direct information transmission message.

28. A data transmission apparatus, comprising:

the processing module is used for encapsulating the small data packet into a non-access stratum protocol data unit (NAS PDU) or a high-level data packet;

and the sending module is used for sending the NAS PDU or the high-level data packet to a Radio Network Controller (RNC).

29. The apparatus of claim 28,

the processing module is further configured to perform security processing on the NAS PDU or the high-level data packet by using a first security parameter before sending the NAS PDU or the high-level data packet to the RNC;

the sending module is specifically configured to:

and sending the NAS PDU or a high-layer data packet after security processing to an RNC.

30. The apparatus of claim 29, wherein the sending module is specifically configured to:

31. The apparatus of claim 30, wherein the first message comprises:

RRC connection setup complete message.

32. The apparatus of claim 29, further comprising:

and the first parameter sending module is used for sending the first safety parameter to the RNC before sending the NAS PDU or the high-level data packet after the safety processing to the RNC.

33. The apparatus of claim 32, wherein the first parameter sending module is specifically configured to:

and sending an RRC connection request message to the RNC, wherein the RRC connection request message contains the first security parameters.

34. The apparatus of claim 32, wherein the first parameter sending module is specifically configured to:

and sending an RRC connection request message to the RNC, wherein the RRC connection request message comprises the first security parameter and a service request indication.

35. The apparatus according to claim 34 or 33, wherein the RRC connection request message further comprises: a small packet transmission indication.

36. The apparatus of claim 32, wherein the first parameter sending module is specifically configured to:

the sending module is specifically configured to:

37. The apparatus of any one of claims 33 to 36, further comprising:

a receiving module, configured to receive an RRC connection release message sent by the RNC after sending the NAS PDU or the higher layer data packet to the RNC, where the RRC connection release message includes a downlink data packet.

38. A data transmission apparatus, comprising:

the receiving module is used for receiving a non-access stratum protocol data unit NASDU or a high-level data packet sent by User Equipment (UE);

a second parameter obtaining module, configured to send a second security parameter obtaining request message to the core network node; receiving a second security parameter acquisition response message sent by the core network node, wherein the second security parameter acquisition response message comprises a second security parameter of the UE;

the processing module is used for decrypting and/or verifying the integrity of the NAS PDU or the high-level data packet by the RNC by adopting a first safety parameter and a second safety parameter;

a sending module, configured to send the NAS PDU or the higher layer data packet to the core network node.

39. The apparatus of claim 38, wherein the receiving module is specifically configured to:

40. The apparatus of claim 39, wherein the first message comprises:

RRC connection setup complete message.

41. The apparatus of claim 38, further comprising:

a first parameter receiving module, configured to receive the first security parameter sent by the UE before receiving an NAS PDU or a higher layer data packet sent by the UE.

42. The apparatus of claim 41, wherein the first parameter receiving module is specifically configured to:

and receiving an RRC connection request message sent by the UE, wherein the RRC connection request message comprises the first security parameter.

43. The apparatus of claim 41, wherein the first parameter receiving module is specifically configured to:

and receiving an RRC connection request message sent by the UE, wherein the RRC connection request message comprises the first security parameter and a service request indication.

44. The apparatus of claim 42 or 43,

45. The apparatus of any one of claims 38 to 44,

46. The apparatus of any one of claims 38 to 44,

47. The apparatus of claim 41, wherein the first parameter receiving module is specifically configured to:

the receiving module is specifically configured to:

48. The apparatus of any one of claims 41 to 47, further comprising:

a third parameter sending module, configured to send an RRC connection setup message to the UE before receiving the NAS PDU or the high-level data packet sent by the UE, where the RRC connection setup message includes an integrity protection parameter Fresh, so that the UE performs security processing on the NAS PDU or the high-level data packet by using the first security parameter and the integrity protection parameter Fresh.

49. The apparatus of any one of claims 41 to 48,

the receiving module is further configured to receive a direct transmission message or a direct information transmission message sent by the core network node after the NAS PDU or the high-level data packet is sent to the core network node, where the direct transmission message or the direct information transmission message includes a downlink data packet;

the sending module is further configured to send an RRC connection release message to the UE, where the RRC connection release message includes the downlink data packet.

50. A data transmission apparatus, comprising:

the second parameter transmission module is used for receiving a second security parameter acquisition request message sent by the radio network controller RNC, wherein the second security parameter acquisition request message comprises a UE identifier of user equipment UE; sending a second security parameter acquisition response message to the RNC, wherein the second security parameter acquisition response message comprises a second security parameter corresponding to the UE identifier;

a receiving module, configured to receive a data message that is sent by the RNC and includes a UE identifier and an NAS PDU or a high-level data packet, where the NAS PDU or the high-level data packet is obtained after the RNC receives the data message that is sent by the UE and decrypts the NAS PDU or the high-level data packet by using the second security parameter.

51. The apparatus according to claim 50, wherein the second security parameter acquisition request message is an uplink information exchange request message; and the second security parameter acquisition response message is an uplink information exchange response message.

52. The apparatus of claim 50, wherein the second security parameter acquisition request message is an initial UE message comprising the service request indication; the second security parameter acquisition response message is a security mode command message.

53. The apparatus of any one of claims 50 to 52, further comprising:

a sending module, configured to send, to the RNC, a response message corresponding to an NAS PDU or a higher layer data packet after receiving a data message that includes a UE identifier and the NAS PDU or the higher layer data packet and is sent by the RNC.

54. The apparatus of claim 53,

55. A User Equipment (UE), comprising:

56. The UE of claim 55,

57. The UE of claim 56, wherein the transmitter is further configured to:

58. The UE of claim 56, wherein the transmitter is further configured to:

59. The UE of claim 58, wherein the transmitter is further configured to:

60. The UE of any one of claims 55 to 59, further comprising:

61. A radio network controller, RNC, comprising:

62. The RNC of claim 61, wherein the receiver is specifically configured to:

63. The RNC of claim 61, wherein the receiver is specifically configured to:

64. The RNC of claim 63, wherein the receiver is specifically configured to:

65. The RNC of any one of claims 61-64,

66. A core network node, comprising:

67. The core network node of claim 66, wherein the transmitter is further configured to:

68. A communication system, comprising: a radio network controller, RNC, according to any of claims 61-65 and a core network node according to claim 66 or 67.