EP-4740119-A1 - METHOD FOR MANAGING THE SECURITY OF A CONNECTION AND ASSOCIATED ELECTRONIC DEVICE

Abstract

The invention relates to a method for managing the security of a connection between a user terminal and a telecommunications network, the method comprising the following steps, which are implemented by a security module (AVS) of the user terminal (UE): generating a history of events that relate to the security of the connection; analysing the generated history; transmitting, to a control module (AVSC) of the telecommunications network, a result of the analysis through a secure session.

Inventors

• HARTMANN, CHARLES
• MOUQUET, ANTOINE

Assignees

• ORANGE

Dates

Publication Date

20260513

Application Date

20240626

Claims (15)

1. Method for managing the security of a connection between a user terminal (UE) and a telecommunications network (HPMN) managed by a telecommunications operator, the method comprising: a generation (S250), by a security module (AVS) of the user terminal (UE), of a history of events relating to the security of said connection, the security module (AVS) being managed by the telecommunications operator; an analysis (S260), by the security module (AVS), of the generated history; and, a transmission (S270), by the security module (AVS) and to a control module (AVSC) of the telecommunications network, of a result of the analysis through a secure session, the control module (AVSC) being managed by the telecommunications operator.
2. Management method according to claim 1, in which the user terminal (UE) is connected to the telecommunications network (HPMN) through a visited telecommunications network (VPMN) managed by another telecommunications operator, and the event history includes data relating to the security of said visited telecommunications network.
3. The management method of claim 1, further comprising a transmission, by the security module (AVS), of a plurality of security parameter test requests to the telecommunications network or a visited telecommunications network managed by another telecommunications operator, and the analysis (S260) comprises a determination of a behavior of the telecommunications network or the visited telecommunications network in response to the transmissions.
4. Management method according to one of claims 1 to 3, in which the analysis (S260) comprises determining a score representative of a degree of security of said connection based on the history generated.
5. Management method according to one of claims 1 to 4, further comprising: a reception, by a radio module (BB) of the user terminal (UE) of a signaling message from the telecommunications network (HPMN) or from a visited telecommunications network (VPMN) managed by another telecommunications operator; and, access, by the security module (AVS), to the signaling message through an application programming interface (API) provided by the radio module.
6. Management method according to one of claims 1 to 5, in which the user terminal (UE) comprises a second security module, the security module (AVS), called the first security module, and the second security module being isolated from each other, the method further comprising, following reception, by a radio module (BB) of the user terminal (UE) of a signaling message, a determination, by the radio module (BB), of a recipient security module from among the first security module (AVS) and the second security module (AVS).
7. Management method according to one of claims 1 to 6, in which the session is secured by the use of “Non Access Stratum” protocols between the security module (AVS) and a module (AMF) for managing access and mobility of the telecommunications network; or the use of a secure hypertext transfer protocol (HTTPS) between the security module (AVS) and the control module (AVSC).
8. Management method according to one of claims 1 to 7, in which the security module (AVS) includes an application programming interface (API) comprising a function for accessing the event history and/or the result of the analysis, said application programming interface being accessible by a computer application of the user terminal (UE).
9. Management method according to one of claims 1 to 8, in which the event history is generated from at least one of: data relating to a use of an authentication protocol for at least a portion of the connection between the user terminal (UE) and said telecommunications network, such as the portion of the connection between the user terminal (UE) and a base station (gNB) to which said user terminal (UE) is connected; data relating to a use of an encryption algorithm for at least a portion of the connection between the user terminal (UE) and the telecommunications network, such as the portion of the connection between the user terminal (UE) and a base station (gNB) to which said user terminal (UE) is connected; data relating to the integrity check implemented by the user terminal (UE) and/or a base station (gNB) to which said user terminal (UE) is connected; data relating to the use of an encryption algorithm to encrypt user terminal (UE) context data; a modification of a temporary identifier (GUTI) of the user terminal (UE); a transmission, by the user terminal (UE), of an IMSI identifier or a SUCI identifier; data relating to encryption or integrity control of a PDCP layer; data relating to a context switch in the context of an intercellular transfer; data relating to the security of the “Non Access Stratum” (NAS) protocols used between the user terminal (UE) and the telecommunications network; data relating to switching to a previous generation connection; and, data resulting from the reception of messages from a cell neighboring a cell in which said user terminal (UE) is located.
10. Computer program comprising instructions for implementing a management method according to any one of claims 1 to 9, when said program is executed by a computer.
11. Computer-readable recording medium on which a computer program according to claim 10 is recorded.
12. Electronic device (UE, UICC) capable of managing the security of a connection between a user terminal (UE) and a telecommunications network (HPMN) managed by a telecommunications operator, the electronic device (UE, UICC) comprising a security module (AVS) managed by the telecommunications operator, the security module (AVS) comprising: a sub-module (MOD_GEN) for generating a history of events relating to the security of said connection; a submodule (MOD_DET) for analyzing the generated history; and, a sub-module (MOD_TX) for transmitting, to a control module (AVSC) managed by said telecommunications operator and belonging to said telecommunications network, a result of said analysis through a secure session.
13. Electronic device according to claim 12, the electronic device being a secure element (UICC) including an application (USIM) managed by the telecommunications operator, said application (USIM) comprising the security module (AVS).
14. Electronic device according to claim 12, the electronic device being a user terminal (UE), and the security module (AVS) being deployed in a secure execution environment (TEE) of said user terminal (UE).
15. Communication system comprising a first electronic device (UE, UICC) according to any one of claims 12 to 14, and a second electronic device (DE) comprising a control module (AVSC), the control module (AVSC) comprising: a sub-module (MOD_RX) for receiving, from the security module (AVS) of the first electronic device, a result of said analysis through a secure session; and, a submodule (MOD_VER) for checking the security of the connection based on said result.

Description

Method for managing the security of a connection and associated electronic device The present invention belongs to the general field of telecommunications, and in particular wireless communications implemented on radio-type networks such as mobile networks (e.g. 2G, 3G, 4G, 5G, B5G – the acronym for “Beyond 5G” – etc.), etc. It relates more particularly to a method for managing the security of a connection between a user terminal and a telecommunications network. It also relates to an electronic device configured to implement such a method. In order to adapt to the continuous and ever-increasing growth of data traffic emitted by wireless telecommunications systems, different technologies are currently being implemented and are still being improved with a view to optimal exploitation in the years to come. The architecture of wireless telecommunications networks currently deployed or in the process of being deployed is defined by the standardization consortium known as 3GPP (Third Generation Partnership Project). This is particularly the case for the so-called second generation (“2G or GSM”), third generation (“3G”), and fourth generation (“4G”) wireless networks. Up to the fourth generation, the network architectures defined by the 3GPP consortium are most often based on specific equipment, dedicated to precise functionalities, whether at the level of the access network or the core network, in particular with regard to the transmission of packets from or to a mobile terminal. The lack of flexibility and scalability inherent in this type of architecture has led the 3GPP consortium to consider the adoption of more flexible architectures for the so-called “5G” generation of wireless networks, in order to be able to respond quickly to extremely diverse demands in terms of traffic and/or quality of service. To meet these extremely diverse constraints, 5G relies in particular on the division of network functions into services, and on the virtualization of these network functions. The virtualization of network functions consists of deploying functions usually satisfied by dedicated and specific equipment on generic servers located in data centers ("data centers" according to Anglo-Saxon terminology). These functions are then implemented in the form of computer programs that can be easily activated, deactivated and configured according to needs. Memory resources or computing capacity can then be allocated dynamically. This division of network functions into services aims, in the long term, to facilitate the deployment of virtualization of the core network (CN) and the radio access network (RAN). More generally, one of the objectives of the 3GPP consortium aims in particular to define a mobile network architecture that allows equipment and/or software modules from different suppliers to communicate. The involvement of different service providers to implement a connection between a user terminal and a telecommunications network results in a loss of control on the part of the operator of a telecommunications network to which a customer has subscribed. However, it is important for the operator to be able to ensure the effective implementation, across the entire network, of a previously determined security policy. Furthermore, even if an operator correctly configures the various equipment in its telecommunications network, a piece of equipment or a network function can be compromised and its security impaired without the operator being alerted. In the context of 5G, this risk is increased by the increase in the number of base stations required to support higher levels of data traffic, and by the increasing complexity of operational models. Finally, a user of a roaming terminal is typically subject to the security policy defined by the network operator in charge of the telecommunications network visited. A roaming agreement in which security measures are defined is generally established between the operator with which the user has taken out a subscription and the operator in charge of the telecommunications network visited, but in this situation, it is also important for the operator with which the user has taken out a subscription to be able to ensure the effective implementation, across the entire network, of a previously determined security policy. The present invention aims to remedy all or part of the drawbacks of the prior art, in particular those set out above, by proposing a solution which allows a telecommunications network operator with whom a customer has taken out a subscription to verify whether a given security policy is actually implemented on a network used by this customer, even though certain functions and/or equipment of said network are not directly under the control of said operator. The invention can also contribute to the automation of security tests, during the experimental phases (verification of suitability for proper operation carried out on a configuration representative of the network, tests i