Search

EP-4740692-A1 - SYSTEM AND METHOD OF HANDLING INTEGRITY FAILURE FOR IDLE MODE NAS

EP4740692A1EP 4740692 A1EP4740692 A1EP 4740692A1EP-4740692-A1

Abstract

SYSTEM AND METHOD OF HANDLING INTEGRITY FAILURE FOR IDLE MODE NAS The present disclosure relates to handling integrity failures for idle mode procedure in a communication network An AMF receives, from a UE, a request for an idle mode procedure. The request includes a MAC and a UE uplink SQN. The AMF determines integrity failure when a MAC value calculated at the AMF is different from the MAC value received from the UE. The AMF calculates a gap count by comparing the UE uplink SQN and an AMF uplink SQN, and updates an overflow count stored at the AMF based on comparison of the gap count and a configured gap count pre-stored at the AMF to make the overflow count stored at the AMF equal to an overflow count stored at the UE. The AMF performs integrity validation of the NAS message based on the updated overflow count and the UE uplink SQN received from the UE. Ref.

Inventors

  • BHATNAGAR, AAYUSH
  • BISHT, BIRENDRA
  • Singh, Harbinder Pal
  • GUPTA, AMIT K
  • Bhatt, Naresh
  • Vedma, Jayakrishna

Assignees

  • Jio Platforms Limited

Dates

Publication Date
20260513
Application Date
20240626

Claims (18)

  1. 1. A method of handling integrity failures in Non-Access Stratum (NAS) message for idle mode procedure in a communication network, the method comprising: receiving, by an Access and Mobility Management Function (AMF), a request for an idle mode procedure from a User Equipment (UE), wherein the request for the idle mode procedure includes a Message Authentication Code (MAC) and a UE uplink Sequence Number (SQN); determining, by the AMF, an integrity failure in relation to the idle mode procedure initiated by the UE when a MAC value calculated at the AMF is different from the MAC value received from the UE; calculating, by the AMF, a gap count by comparing the UE uplink SQN received from the UE and an AMF uplink SQN stored at the AMF; updating, by the AMF, an overflow count stored at the AMF based on comparison of the gap count and a configured gap count pre-stored at the AMF to make the overflow count stored at the AMF equal to an overflow count stored at the UE; and performing, by the AMF, integrity validation of the NAS message based on the updated overflow count and the UE uplink SQN received from the UE.
  2. 2. The method as claimed in claim 1, wherein for performing the integrity validation, the AMF: recalculates a MAC using the UE uplink SQN received from the UE and the updated overflow count; and determines a successful match between the overflow count stored at the AMF and the overflow count stored at the UE.
  3. 3. The method as claimed in claim 1, wherein the request for the idle mode procedure is received as one of a Mobility Request (MR), Periodic Request (PR), and a Service Request (SR).
  4. 4. The method as claimed in claim 3, wherein the request includes one or more of a SQN and a NAS message.
  5. 5. The method as claimed in claim 1, wherein when the UE uplink SQN received from the UE crosses a predefined count and the AMF uplink SQN is less than or equal to the predefined count, the gap count is determined by adding a predefined number to the received UE uplink SQN and subtracting the AMF uplink SQN from a sum.
  6. 6. The method as claimed in claim 1, wherein when the UE uplink SQN received from the UE is less than or equal to a predefined count and the AMF uplink SQN crosses the predefined count, the gap count is determined by adding a predefined number to the AMF uplink SQN and subtracting the UE uplink SQN from a sum.
  7. 7. The method as claimed in claim 1 , wherein when the calculated gap count is less than or equal to the configured gap count pre-stored at the AMF and the UE uplink SQN received from the UE exceeds a predefined count and the AMF uplink SQN is less than or equal to the predefined count, the overflow count is incremented.
  8. 8. The method as claimed in claim 1 , wherein when the calculated gap count is less than or equal to the configured gap count pre-stored at the AMF and the UE uplink SQN received from the UE is less than or equal to a predefined count and the AMF uplink SQN exceeds the predefined count, the overflow count is decremented.
  9. 9. A system for handling integrity failures in Non-Access Stratum (NAS) message for idle mode procedure in a communication network, the system comprising: a User Equipment (UE); and an Access and Mobility Management Function (AMF), wherein the UE is configured to send a request for an idle mode procedure to the AMF, and the request for the idle mode procedure includes a Message Authentication Code (MAC) and a UE uplink Sequence Number (SQN), and the AMF is configured to: receive the request for the idle mode procedure from the UE; determine an integrity failure in relation to the idle mode procedure initiated by the UE when a MAC value calculated at the AMF is different from the MAC value received from the UE; calculate a gap count by comparing the UE uplink SQN received from the UE and an AMF uplink SQN stored at the AMF; update an overflow count stored at the AMF based on comparison of the gap count and a configured gap count pre-stored at the AMF to make the overflow count stored at the AMF equal to an overflow count stored at the UE; and perform integrity validation of the NAS message based on the updated overflow count and the UE uplink SQN received from the UE.
  10. 10. The system as claimed in claim 9, wherein for performing the integrity validation, the AMF: recalculates a MAC value using the UE uplink sequence number received from the UE and the updated overflow count; and determines a successful match between the overflow count stored at the AMF and the overflow count stored at the UE.
  11. 11. The system as claimed in claim 9, wherein the request for the idle mode procedure is received as one of a Mobility Request (MR), Periodic Request (PR), and a Service Request (SR).
  12. 12. The system as claimed in claim 11 , wherein the request includes one or more of a SQN and a NAS message.
  13. 13. The system as claimed in claim 9, wherein when the UE uplink SQN received from the UE crosses a predefined count and the AMF uplink SQN is less than or equal to the predefined count, the gap count is determined by adding a predefined number to the received UE uplink SQN and subtracting the AMF uplink SQN from a sum.
  14. 14. The system as claimed in claim 9, wherein when the UE uplink SQN received from the UE is less than or equal to a predefined count and the AMF uplink SQN crosses the predefined count and is greater than or equal to 0, the gap count is determined by adding a predefined number to the AMF uplink SQN and subtracting the UE uplink SQN from a sum.
  15. 15. The system as claimed in claim 9, wherein when the calculated gap count is less than or equal to the configured gap count pre-stored at the AMF and the UE uplink SQN received from the UE exceeds a predefined count and the AMF uplink SQN is less than or equal to the predefined count, the overflow count is incremented.
  16. 16. The system as claimed in claim 9, wherein when the calculated gap count is less than or equal to the configured gap count pre-stored at the AMF and the UE uplink SQN received from the UE is less than or equal to a predefined count and the AMF uplink SQN exceeds the predefined count, the overflow count is decremented.
  17. 17. A non-transitory computer-readable medium having stored thereon computer- readable instructions that, when executed by a processor, cause the processor to: receive a request for an idle mode procedure from a User Equipment (UE), wherein the request for the idle mode procedure includes a Message Authentication Code (MAC) value and a UE uplink Sequence Number (SQN); determine an integrity failure in relation to the idle mode procedure initiated by the UE when a MAC value calculated at an Access and Mobility Management Function (AMF) is different from the MAC value received from the UE; calculate a gap count by comparing the UE uplink SQN received from the UE and an AMF uplink SQN stored at the AMF; update an overflow count stored at the AMF based on comparison of the gap count and a configured gap count pre-stored at the AMF to make the overflow count stored at the AMF equal to an overflow count stored at the UE; and perform integrity validation of the NAS message based on the updated overflow count and the UE uplink SQN received from the UE.
  18. 18. A User Equipment (UE) comprising: a processor coupled with a memory, wherein said memory stores instructions which when executed by the processor causes the UE to: send a request for an idle mode procedure to an Access and Mobility Management Function (AMF), wherein the request for the idle mode procedure includes a Message Authentication Code (MAC) and a UE uplink Sequence Number (SQN), wherein the AMF is configured to perform the steps as claimed in claim 1.

Description

SYSTEM AND METHOD OF HANDLING INTEGRITY FAILURE FOR IDLE MODE NAS FIELD OF THE INVENTION [0001] The present invention relates to communication technology and, more particularly, to handling integrity failure for idle mode NAS. BACKGROUND OF THE INVENTION [0002] In 5G networks, Access & Mobility Management Function (AMF) is responsible for managing the mobility and access of User Equipment (UEs). When a UE is in an idle state and needs to perform certain actions like initiating a new service or responding to a paging request, it sends a request to the network. If the AMF detects an integrity failure due to packet loss, corruption, or loss in the received message, it triggers a re-authentication or re-registration process. [0003] Re-authentication involves verifying the identity and security credentials of the UE, while re-registration involves updating the network with the UE's current location and status. These processes ensure the integrity and security of the communication between the UE and the network. By initiating re-authentication or reregistration, the AMF can mitigate potential security risks and maintain the integrity of the network connection. [0004] However, these re-authentication or re-registration procedures performed in the idle mode can be resource consuming. Performing these procedures requires additional processing power, signaling overhead, and network resources. Further, these procedures are also time consuming, resulting in further loss and delaying of network operations. [0005] Thus, there is a need of a solution which solves the above mentioned problems. BRIEF SUMMARY OF THE INVENTION [0006] One or more embodiments of the present disclosure provide a system and a method of handling integrity failures in Non-Access Stratum (NAS) message for idle mode procedure in a communication network. [0007] In one aspect of the present invention, a system for handling integrity failures in Non-Access Stratum (NAS) message for idle mode procedure in a communication network is disclosed. The system includes a User Equipment (UE) and an Access and Mobility Management Function (AMF). The UE is configured to send a request for an idle mode procedure to the AMF. The request for the idle mode procedure includes a Message Authentication Code (MAC) and a UE uplink Sequence Number (SQN). The AMF is configured to: receive the request for the idle mode procedure from the UE; determine an integrity failure in relation to the idle mode procedure initiated by the UE when a MAC value calculated at the AMF using a NAS integrity algorithm is different from the MAC value received from the UE; calculate a gap count by comparing the UE uplink SQN received from the UE and an AMF uplink SQN stored at the AMF; update an overflow count stored at the AMF based on comparison of the gap count and a configured gap count pre-stored at the AMF to make the overflow count stored at the AMF equal to an overflow count stored at the UE; and perform integrity validation of the NAS message based on the updated overflow count and the UE uplink SQN received from the UE. [0008] In one aspect, for performing the integrity validation, the AMF recalculates a MAC value using the UE uplink sequence number received from the UE and the updated overflow count, and determines a successful match between the overflow count stored at the AMF and the overflow count stored at the UE. The request for the idle mode procedure is received as one of a Mobility Request (MR), Periodic Request (PR), and a Service Request (SR). The request includes one or more of a SQN and a NAS message. When the UE uplink SQN received from the UE crosses a predefined count and the AMF uplink SQN is less than or equal to the predefined count, the gap count is determined by adding a predefined number to the received UE uplink SQN and subtracting the AMF uplink SQN from a sum. When the UE uplink SQN received from the UE is less than or equal to a predefined count and the AMF uplink SQN crosses the predefined count and is greater than or equal to 0, the gap count is determined by adding a predefined number to the AMF uplink SQN and subtracting the UE uplink SQN from a sum. When the calculated gap count is less than or equal to the configured gap count pre-stored at the AMF and the UE uplink SQN received from the UE exceeds a predefined count and the AMF uplink SQN is less than or equal to the predefined count, the overflow count is incremented. Alternatively, when the calculated gap count is less than or equal to the configured gap count pre-stored at the AMF and the UE uplink SQN received from the UE is less than or equal to a predefined count and the AMF uplink SQN exceeds the predefined count, the overflow count is decremented. [0009] In another aspect of the present invention, a method of handling integrity failures in Non-Access Stratum (NAS) message for idle mode procedure in a communication network is disclosed. The method includes the step of receiving, by an Access a