摘要 |
Methods (100, 200, 300) and apparatus (400, 500, 600, 700, 800, 900) are disclosed for establishing a key for direct communication between a User Equipment device, UE, and a device. The methods and apparatus cooperate to form a system for securing direct communication between a UE and a device over an interface. The system comprises a UE (20), a device (30) and a Direct Communication Element (40). The UE (20) is configured to establish a UE shared key with a Bootstrapping Server Function, BSF (50), using a Generic Bootstrapping Architecture, GBA, procedure, to discover the device (30) through a discovery procedure after establishing the UE shared key, and to derive a direct communication key from at least the UE shared key. The device (30) is configured to receive a transaction identifier associated with the UE shared key from the UE (20), to send the transaction identifier to the Direct Communication Element (40), and to receive the direct communication key from the Direct Communication Element (40). The Direct Communication Element (40) is configured to receive the transaction identifier from the device (30), to obtain a shared session key from the BSF (50); to derive the direct communication key, and to send the direct communication key to the device (30).;Also disclosed are a computer product operable to carry out methods according to the present invention and a computer program product comprising a computer readable medium having such a computer product stored thereon. |
主权项 |
1. A method, performed by a User Equipment (UE) for obtaining a key for direct communication with a device over an interface, the method comprising:
establishing a UE shared key with a Bootstrapping Server Function, BSF, using a Generic Bootstrapping Architecture, GBA, procedure, and receiving from the BSF a transaction identifier associated with the UE shared key; discovering the device through a discovery procedure after receipt of the transaction identifier; sending the transaction identifier and a Direct Communication Element identifier to the device and requesting the device to obtain the direct communication key; deriving a session shared key from at least the UE shared key and the Direct Communication Element identifier; and deriving a direct communication key from at least the session shared key and an identifier of the device. |