ProHoster > Блог > Nchịkwa > Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha

Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha

Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha

N'ụzọ doro anya, iwere mmepe nke ọkọlọtọ nzikọrịta ozi ọhụrụ n'echeghị echiche maka usoro nchekwa bụ mgbalị siri ike na enweghị isi.

5G Security Architecture - usoro nchekwa na usoro etinyere na ya Netwọk ọgbọ nke ise ma na-ekpuchi akụkụ netwọkụ niile, site na isi ruo na oghere redio.

Netwọk ọgbọ nke ise bụ, n'ezie, evolushọn Ọgbọ 4th LTE netwọk. Teknụzụ ịnweta redio enweela mgbanwe kachasị mkpa. Maka netwọk ọgbọ nke ise, ọhụrụ Oke (Radio Access Technology) - 5G Redio ọhụrụ. Banyere isi nke netwọkụ ahụ, ọ nwebeghị mgbanwe dị ukwuu dị otú ahụ. N'akụkụ a, emebela ihe nchekwa nchekwa nke netwọkụ 5G na-emesi ike na iji teknụzụ ndị dị mkpa emebere na ọkọlọtọ 4G LTE.

Agbanyeghị, ọ dị mma ịmara na ịtụgharị uche n'ihe egwu ama ama dị ka mwakpo nke ikuku ikuku na oyi akwa akara (egosi ụgbọ elu), ọgụ DDOS, Mwakpo Man-In-The-Middle, wdg, kpaliri ndị na-ahụ maka telecom ka ha mepụta ụkpụrụ ọhụrụ ma jikọta usoro nchekwa ọhụrụ kpamkpam n'ime netwọkụ ọgbọ nke ise.

Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha

Ihe ndị dị mkpa

Na 2015, International Telecommunication Union chepụtara ụdị mbụ nke atụmatụ zuru ụwa ọnụ maka mmepe nke netwọk ọgbọ nke ise, nke mere okwu nke ịmepụta usoro nchebe na usoro na netwọk 5G ji bụrụ nke siri ike karị.

Teknụzụ ọhụrụ ahụ na-enye ọsọ mbufe data dị egwu (karịa 1 Gbps), nkwụsị nke na-erughị 1 ms yana ikike ijikọ ihe dị ka nde ngwaọrụ n'otu oge n'ime radius 1 km1. Ihe ndị dị otú ahụ kachasị elu maka netwọk ọgbọ nke ise na-egosipụtakwa na ụkpụrụ nke nzukọ ha.

Nke bụ isi bụ ntọhapụ, nke pụtara ntinye nke ọtụtụ ọdụ data mpaghara na ebe nhazi ha na mpụta netwọkụ. Nke a mere ka o kwe omume ibelata igbu oge mgbe M2M- mkparịta ụka ma na-ebelata isi netwọkụ n'ihi iji ọtụtụ ngwaọrụ IoT rụọ ọrụ. Ya mere, njedebe nke netwọk ndị na-esote na-agbasawanye ruo n'ọdụ ụgbọ ala, na-enye ohere ịmepụta ebe nkwurịta okwu mpaghara na ịnye ọrụ igwe ojii na-enweghị ihe ize ndụ nke igbu oge dị egwu ma ọ bụ ịjụ ọrụ. Dị ka o kwesịrị ịdị, ụzọ mgbanwe gbanwere maka ịkparịta ụka n'Ịntanet na ndị ahịa na-enwe mmasị na ndị na-awakpo, n'ihi na ọ meghere ohere ọhụrụ maka ha ịwakpo ma ozi njirimara nzuzo na ihe ndị dị na netwọk n'onwe ha iji mee ka ịgọnarị ọrụ ma ọ bụ weghara ihe onwunwe kọmputa nke onye ọrụ.

Isi adịghị ike nke netwọk ọgbọ nke ise

Nnukwu ọgụ elu

Na-agụ iheMgbe ị na-ewu netwọk mgbasa ozi nke ọgbọ nke atọ na nke anọ, ndị na-arụ ọrụ telecom na-ejedebe naanị na otu ndị na-ere ahịa ma ọ bụ ọtụtụ ndị na-eweta ngwa ngwa na ngwanrọ ozugbo. Ya bụ, ihe niile nwere ike ịrụ ọrụ, dị ka ha na-ekwu, "site na igbe" - o zuru ezu iji wụnye na hazie ngwá ọrụ zụrụ n'aka onye na-ere ahịa; ọ dịghị mkpa iji dochie ma ọ bụ gbakwunye software nwe. Usoro ọgbara ọhụrụ na-emegide ụzọ a “oge gboo” ma bụrụkwa nke a na-eme ka netwọọdụ mebere nke ọma, ụzọ ndị na-ere ahịa dị iche iche na-esi arụ ọrụ na ụdị ngwanrọ dị iche iche. Teknụzụ dị ka SDN (English Software Defined Network) na NFV (English Network Functions Virtualization), nke na-eduga na ntinye nke nnukwu sọftụwia wuru na ndabere nke koodu mepere emepe na usoro na ọrụ nke ijikwa netwọk nkwukọrịta. Nke a na-enye ndị na-awakpo ohere ka ha nyochaa netwọk onye na-arụ ọrụ nke ọma ma chọpụta ọnụ ọgụgụ dị ukwuu nke adịghị ike, nke, n'aka nke ya, na-abawanye elu ọgụ nke netwọk ọgbọ ọhụrụ ma e jiri ya tụnyere ndị dị ugbu a.

Ọnụ ọgụgụ buru ibu nke ngwaọrụ IoT

Na-agụ iheKa ọ na-erule 2021, ihe dị ka 57% nke ngwaọrụ ejikọrọ na netwọkụ 5G ga-abụ ngwaọrụ IoT. Nke a pụtara na ọtụtụ ndị ọbịa ga-enwe obere ikike nzuzo (lee ebe 2) ma, yabụ, ọ ga-adị mfe na mwakpo. Ọnụ ọgụgụ dị ukwuu nke ngwaọrụ ndị dị otú ahụ ga-eme ka ohere nke botnet gbasaa ma mee ka o kwe omume ịme ọbụna ọgụ DDoS dị ike ma kesaa.

Ikike nzuzo nzuzo nke ngwaọrụ IoT nwere oke

Na-agụ iheDị ka e kwuru na mbụ, netwọk ọgbọ nke 5 na-arụsi ọrụ ike na-eji ngwaọrụ ndị dị n'akụkụ, nke na-eme ka o kwe omume iwepụ akụkụ nke ibu site na netwọk netwọk ma si otú ahụ belata nkwụsị. Nke a dị mkpa maka ọrụ ndị dị mkpa dị ka njikwa ụgbọ ala ndị na-adịghị mma, usoro ịdọ aka ná ntị mberede IMS na ndị ọzọ, ndị na-ahụ na ọ dị ntakịrị igbu oge dị oke egwu, n'ihi na ndụ mmadụ na-adabere na ya. N'ihi njikọ nke ọnụ ọgụgụ dị ukwuu nke ngwaọrụ IoT, nke, n'ihi obere nha na obere ike ha nwere, nwere obere akụrụngwa mgbakọ na mwepụ, netwọk 5G na-adị mfe na mwakpo ndị e mere iji gbochie njikwa na ịmegharị ngwaọrụ ndị ahụ. Dịka ọmụmaatụ, enwere ike ịnwe ọnọdụ ebe ngwaọrụ IoT bụ akụkụ nke sistemụ ahụ butere ọrịa "smart ụlọ", ụdị malware dị ka Ransomware na ransomware. Ọnọdụ nke njide njikwa nke ụgbọ ala ndị na-enweghị onye na-anata iwu na ozi igodo site na igwe ojii nwekwara ike ime. N'ụzọ nkịtị, adịghị ike a bụ n'ihi nkwụsị nke netwọk ọgbọ ọhụrụ, ma paragraf na-esote ga-akọwapụta nsogbu nke nkwụsịtụ nke ọma.

Decentralization na mgbasawanye nke ókèala netwọk

Na-agụ iheNgwa ndị dị n'akụkụ, na-arụ ọrụ nke cores netwọk mpaghara, na-eme njem nke okporo ụzọ onye ọrụ, arịrịọ nhazi, yana caching na nchekwa mpaghara nke data onye ọrụ. Ya mere, ókèala nke netwọk ọgbọ nke ise na-agbasawanye, na mgbakwunye na isi, na mpụta, gụnyere ọdụ data mpaghara na 5G-NR (5G New Radio) redio interfaces. Nke a na-emepụta ohere ịwakpo akụrụngwa mgbakọ na mwepụ nke ngwaọrụ mpaghara, nke bụ ihe nchebe na-adịghị ike nke mbụ karịa etiti etiti nke netwọk netwọk, na ebumnuche nke ime ka a jụ ọrụ. Nke a nwere ike ibute nkwụsị nke ịnweta ịntanetị maka mpaghara niile, arụ ọrụ na-ezighi ezi nke ngwaọrụ IoT (dịka ọmụmaatụ, na sistemụ ụlọ mara mma), yana enweghị ọrụ enyemaka IMS.

Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha

Agbanyeghị, ETSI na 3GPP ebipụtala ihe karịrị ụkpụrụ iri na-ekpuchi akụkụ dị iche iche nke nchekwa netwọkụ 10G. Ihe ka ukwuu n'ime usoro akọwara ebe ahụ bụ iji chebe onwe ya pụọ ​​​​na adịghị ike (gụnyere ndị akọwara n'elu). Otu n'ime ndị bụ isi bụ ọkọlọtọ TS 23.501 ụdị 15.6.0, na-akọwa nche nche architecture nke 5th ọgbọ netwọk.

5G architecture

Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha
Nke mbụ, ka anyị tụgharịa gaa na isi ụkpụrụ nke ụkpụrụ ụlọ ọrụ netwọkụ 5G, nke ga-egosipụta n'ụzọ zuru ezu ihe pụtara na mpaghara ọrụ nke modul ngwanrọ ọ bụla yana ọrụ nchekwa 5G ọ bụla.

  • Nkewa nke oghere netwọk n'ime ihe ndị na-ahụ maka ọrụ nke usoro iwu ụgbọ elu omenala (site na English UP - User Plane) na ihe ndị na-ahụ maka ọrụ nke protocol ụgbọ elu njikwa (site na English CP - Control Plane), nke na-abawanye mgbanwe n'ihe gbasara scaling na deployment nke netwọk, i.e. Centralized ma ọ bụ decentralized ọnyịnye nke onye akụrụngwa netwọk ọnụ ga-ekwe omume.
  • Nkwado usoro slicing netwọk, dabere na ọrụ enyere ndị otu nke ndị ọrụ njedebe.
  • Mmejuputa ihe netwọkụ n'ụdị mebere netwọk ọrụ.
  • Nkwado maka ohere n'otu oge na ọrụ etiti na mpaghara, ya bụ mmejuputa echiche igwe ojii (site na Bekee. igwe igwe) na oke (sitere na bekee. ọnụ ọgụgụ dị iche iche) ngụkọta oge.
  • Mmejuputa iwu convergent ụkpụrụ ụlọ na-ejikọta ụdị netwọkụ ohere dị iche iche - 3GPP 5G Redio ọhụrụ na na-abụghị 3GPP (Wi-Fi, wdg) - nwere otu isi netwọkụ.
  • Nkwado nke algọridim otu na usoro nyocha, n'agbanyeghị ụdị netwọk ịnweta.
  • Nkwado maka ọrụ netwọk na-enweghị steeti, nke na-ekewapụta akụrụngwa agbakọtara na ụlọ ahịa akụrụngwa.
  • Nkwado maka ịgbagharị na okporo ụzọ okporo ụzọ ma site na netwọk ụlọ (site na ebe obibi Bekee na-agbagharị agbagharị) na mpaghara "ọdịda" (site na mpaghara mpaghara Bekee) na netwọk ndị ọbịa.
  • A na-egosipụta mmekọrịta dị n'etiti ọrụ netwọk n'ụzọ abụọ: dabere na ọrụ и interface.

Echiche nchekwa netwọk nke ọgbọ nke ise gụnyere:

  • Nyocha onye ọrụ site na netwọk.
  • Nyocha netwọkụ site n'aka onye ọrụ.
  • Mkparịta ụka nke igodo cryptographic n'etiti netwọk na akụrụngwa onye ọrụ.
  • Izo ya ezo na njikwa iguzosi ike n'ezi ihe nke okporo ụzọ akara.
  • Izo ya ezo na njikwa nke iguzosi ike n'ezi ihe nke okporo ụzọ onye ọrụ.
  • Nchedo NJ onye ọrụ.
  • Chebe ihu n'etiti ihe netwọkụ dị iche iche dabere na echiche nke ngalaba nchekwa netwọkụ.
  • Mwepu nke dị iche iche n'ígwé nke usoro slicing netwọk na ịkọwa ọkwa nchekwa nke oyi akwa ọ bụla.
  • Nyocha onye ọrụ na nchebe okporo ụzọ na ọkwa nke ọrụ njedebe (IMS, IoT na ndị ọzọ).

Modul sọftụwia igodo yana atụmatụ nchekwa netwọkụ 5G

Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha AMF (nke sitere na Ịnweta Bekee & Ọrụ Njikwa Mobility - nnweta na ọrụ njikwa ngagharị) - na-enye:

  • Nhazi ọdụ ụgbọ elu njikwa.
  • Nhazi nke ngbanwe okporo ụzọ na-egosi RRC, izo ya ezo na nchebe nke iguzosi ike n'ezi ihe nke data ya.
  • Nhazi nke ngbanwe okporo ụzọ na-egosi Them, izo ya ezo na nchebe nke iguzosi ike n'ezi ihe nke data ya.
  • Ijikwa ndebanye aha nke akụrụngwa onye ọrụ na netwọkụ yana nyochaa steeti ndebanye aha ga-ekwe omume.
  • Ijikwa njikọ nke akụrụngwa onye ọrụ na netwọkụ yana nyochaa steeti enwere ike.
  • Jikwaa nnweta akụrụngwa onye ọrụ na netwọkụ na steeti CM-IDLE.
  • Njikwa ngagharị nke akụrụngwa onye ọrụ na netwọkụ na steeti CM-njikọ.
  • Nbufe ozi dị mkpirikpi n'etiti akụrụngwa onye ọrụ na SMF.
  • Njikwa ọrụ ebe.
  • Oke NJ eriri EPS iji mekọrịta EPS.

SMF (Bekee: Ọrụ Nlekọta Oge - ọrụ njikwa oge) - na-enye:

  • Njikwa nnọkọ nkwurịta okwu, ya bụ imepụta, mgbanwe na mwepụta nke nnọkọ, gụnyere idowe ọwara n'etiti netwọk ohere na UPF.
  • Nkesa na njikwa adreesị IP nke akụrụngwa onye ọrụ.
  • Ịhọrọ ọnụ ụzọ UPF maka iji.
  • Nhazi mmekọrịta ya na PCF.
  • njikwa mmanye iwu QoS.
  • Nhazi ngwa ọrụ nke onye ọrụ na-eji usoro DHCPv4 na DHCPv6.
  • Nyochaa nchịkọta data tarifu na ịhazi mmekọrịta na usoro ịgba ụgwọ.
  • Nkwanye ọrụ enweghị nkebi (site na Bekee. SSC - Oge na ịga n'ihu ọrụ).
  • Mmekọrịta na netwọk ndị ọbịa n'ime mkpagharị.

UPF (Ọrụ ụgbọ elu onye ọrụ bekee - ọrụ ụgbọ elu onye ọrụ) - na-enye:

  • Mmekọrịta na netwọk data mpụga, gụnyere ịntanetị zuru ụwa ọnụ.
  • Ngwungwu ndị ọrụ na-ebugharị.
  • Ịka akara ngwugwu dị ka atumatu QoS siri dị.
  • Nchọpụta ngwungwu onye ọrụ (dịka ọmụmaatụ, nchọpụta ngwa dabere na mbinye aka).
  • Na-enye akụkọ gbasara ojiji okporo ụzọ.
  • UPF bụkwa ebe arịlịka maka ịkwado ngagharị ma n'ime yana n'etiti teknụzụ ịnweta redio dị iche iche.

UDM (English Unified Data Management - database jikọrọ ọnụ) - na-enye:

  • Ijikwa data profaịlụ onye ọrụ, gụnyere ichekwa na imegharị ndepụta ọrụ dịịrị ndị ọrụ yana paramita ha kwekọrọ.
  • Ọchịchị SUPI
  • Mepụta nzere nyocha 3GPP aKA.
  • Nweta ikike dabere na data profaịlụ (dịka ọmụmaatụ, mmachi ngagharị).
  • Njikwa ndebanye aha onye ọrụ, ya bụ nchekwa nke ijere AMF ozi.
  • Nkwado maka ọrụ enweghị nkebi na nnọkọ nkwurịta okwu, ya bụ ịchekwa SMF e kenyere na nnọkọ nkwurịta okwu ugbu a.
  • Njikwa nnyefe SMS.
  • Ọtụtụ UDM dị iche iche nwere ike ijere otu onye ọrụ n'ofe azụmahịa dị iche iche.

UDR (English Unified Data Repository - nchekwa nke data jikọrọ ọnụ) - na-enye nchekwa data onye ọrụ dị iche iche ma bụrụkwa, n'ezie, nchekwa data nke ndị debanyere aha netwọkụ niile.

UDSF (Ọrụ Nchekwa data enweghị nhazi nke bekee - ọrụ nchekwa data enweghị nhazi) - na-ahụ na modul AMF na-echekwa ọnọdụ dị ugbu a nke ndị ọrụ edebanyere aha. N'ozuzu, enwere ike ịnye ozi a dị ka data nke usoro na-adịghị agwụ agwụ. Enwere ike iji ọnọdụ onye ọrụ hụ na nnọkọ ndị debanyere aha na-enweghị nkwụsị na enweghị nkwụsị, ma n'oge a na-eme atụmatụ iwepụ otu n'ime AMF na ọrụ ahụ, yana n'ọnọdụ mberede. N'okwu abụọ ahụ, AMF ndabere ga-ebuli ọrụ ahụ site na iji ọnọdụ echekwara na USDF.

Ijikọta UDR na UDSF n'otu ikpo okwu anụ ahụ bụ mmejuputa atumatu nke ọrụ netwọk ndị a.

PCF (Bekee: Ọrụ njikwa amụma - ọrụ njikwa amụma) - na-emepụta ma na-ekenye ụfọdụ atumatu ọrụ nye ndị ọrụ, gụnyere paramita QoS na iwu nchaji. Dịka ọmụmaatụ, iji bufee otu ma ọ bụ ụdị okporo ụzọ ọzọ, enwere ike ịmepụta ọwa mebere nke nwere njirimara dị iche iche. N'otu oge ahụ, enwere ike iburu n'uche ihe achọrọ nke ọrụ ahụ nke onye na-edeba aha chọrọ, ọkwa nke netwọk netwọk, ọnụ ọgụgụ nke okporo ụzọ riri, wdg.

NEF (Ọrụ ekpughere netwọkụ Bekee - ọrụ mkpughe netwọkụ) - na-enye:

  • Nhazi mmekọrịta echekwabara nke nyiwe mpụga na ngwa nwere isi netwọkụ.
  • Jikwaa paramita QoS na iwu ịchaji maka ndị ọrụ akọwapụtara.

SEAF (Bekee: Ọrụ Anchor Security) - yana AUSF, na-enye nyocha nke ndị ọrụ mgbe ị na-edebanye aha na netwọkụ na teknụzụ ọ bụla.

AUSF (English Authentication Server Function - Authentication server function) - na-arụ ọrụ nke ihe nkesa nyocha na-anata ma na-edozi arịrịọ sitere na SEAF wee bugharịa ha na ARPF.

ARPF (Bekee: Ebe nchekwa nzere nzere na ọrụ nhazi - ọrụ nke ịchekwa na nhazi nzere) - na-enye nchekwa nke igodo nzuzo nkeonwe (KI) na paramita nke algọridim nke cryptographic, yana ọgbọ nke vectors nyocha dabere na 5G-AKA ma ọ bụ EP-AKA. Ọ dị na etiti data nke onye na-ahụ maka telecom nke ụlọ, na-echebe ya site na mmetụta anụ ahụ nke mpụga, na, dịka iwu, jikọtara ya na UDM.

SCMF (Ọrụ njikwa ọnọdụ nchekwa Bekee - ọrụ njikwa nchekwa gburugburu) - Na-enye njikwa okirikiri ndụ maka nchekwa nchekwa 5G.

SPCF (Ọrụ njikwa amụma nchekwa bekee - ọrụ njikwa amụma nchekwa) - na-ahụ maka nhazi na ntinye nke amụma nchekwa n'ihe metụtara ndị ọrụ akọwapụtara. Nke a na-eburu n'uche ikike nke netwọkụ ahụ, ikike nke akụrụngwa onye ọrụ na ihe achọrọ nke ọrụ a kapịrị ọnụ (dịka ọmụmaatụ, ọkwa nchebe nke ọrụ nkwurịta okwu dị oke mkpa na ọrụ ịntanetị brọdband nwere ike ịdị iche). Ngwa nke atumatu nchekwa gụnyere: nhọrọ nke AUSF, nhọrọ nke nyocha algọridim, nhọrọ nke nzuzo data na njikwa iguzosi ike n'ezi ihe algọridim, mkpebi nke ogologo na ndụ okirikiri igodo.

SIDF (Ihe njirimara ndenye aha bekee na-ewepụ ọrụ nzuzo - ọrụ nchọpụta onye ọrụ) - na-eme ka mwepụta njirimara ndebanye aha na-adịgide adịgide nke onye debanyere aha (SUPI) site na njirimara zoro ezo (Bekee SUCI), natara dị ka akụkụ nke arịrịọ usoro nyocha "Auth Ama Req".

Ihe nchekwa achọrọ maka netwọk nkwukọrịta 5G

Na-agụ iheNyocha onye ọrụ: Netwọk 5G na-eje ozi ga-enyocha SUPI onye ọrụ na usoro 5G AKA n'etiti onye ọrụ na netwọk.

Na-eje ozi nyocha netwọkụ: Onye ọrụ ga-enyocha 5G na-eje ozi netwọk ID, na-enweta nkwenye site na iji igodo na-aga nke ọma nke enwetara site na usoro 5G AKA.

Ikike onye ọrụ: Netwọk na-eje ozi ga-enye onye ọrụ ikike site na iji profaịlụ njirimara enwetara site na netwọk onye na-ahụ maka telecom ụlọ.

Ikike nke netwọk ozi site na netwọk onye na-arụ ọrụ ụlọ: A ga-enyerịrị onye ọrụ nkwenye na ejikọrọ ya na netwọk ọrụ nke netwọk onye na-ahụ maka ụlọ nyere ikike inye ọrụ. Ikike pụtara nke ọma n'echiche na a na-ahụta ya site na imecha usoro 5G AKA nke ọma.

Ikike nke netwọk ịnweta site na netwọk onye na-arụ ọrụ ụlọ: Onye ọrụ ga-enwerịrị nkwenye na ejikọrọ ya na netwọk ohere nke netwọk onye na-ahụ maka ụlọ nyere ikike inye ọrụ. Ikike pụtara n'ụzọ doro anya n'echiche na a na-akwado ya site na ịmepụta nchekwa nke netwọk ohere nke ọma. A ghaghị iji ụdị ikike a maka ụdị netwọk ịnweta ọ bụla.

Ọrụ mberede na-akwadoghị: Iji mezuo usoro iwu chọrọ na mpaghara ụfọdụ, netwọk 5G ga-enyerịrị ohere na-akwadoghị maka ọrụ mberede.

Isi netwọkụ na netwọk ohere redio: Isi netwọkụ 5G na netwọọdụ ohere redio 5G ga-akwadorịrị iji 128-bit encryption na iguzosi ike n'ezi algọridim iji hụ na nchekwa. AS и Them. Oghere netwọkụ ga-akwadorịrị igodo nzuzo 256-bit.

Ihe nchekwa dị mkpa maka akụrụngwa onye ọrụ

Na-agụ ihe

  • Akụrụngwa onye ọrụ ga-akwadorịrị izo ya ezo, nchekwa nkwụsi ike, yana nchebe megide mwakpo mkpọgharị maka data onye ọrụ ebufere n'etiti ya na netwọk ohere redio.
  • Akụrụngwa onye ọrụ ga-emerịrị usoro nzuzo nzuzo na nchekwa data dịka netwọk ohere redio na-eduzi.
  • Akụrụngwa onye ọrụ ga-akwadorịrị izo ya ezo, nchekwa nkwụsi ike, yana nchebe megide mwakpo mmeghari maka okporo ụzọ akara RRC na NAS.
  • Akụrụngwa onye ọrụ ga-akwadorịrị algọridim nke cryptographic ndị a: NEA0, NIA0, 128-NEA1, 128-NIA1, 128-NEA2, 128-NIA2
  • Akụrụngwa onye ọrụ nwere ike ịkwado algọridim nke cryptographic ndị a: 128-NEA3, 128-NIA3.
  • Akụrụngwa onye ọrụ ga-akwadorịrị algọridim nke cryptographic ndị a: 128-EEA1, 128-EEA2, 128-EIA1, 128-EIA2 ma ọ bụrụ na ọ kwadoro njikọ na netwọk ohere redio E-UTRA.
  • Nchedo nke nzuzo nke data onye ọrụ na-ebufe n'etiti akụrụngwa onye ọrụ na netwọk ohere redio bụ nhọrọ, mana a ga-enyerịrị ya mgbe ọ bụla iwu kwadoro.
  • Nchedo nzuzo maka okporo ụzọ akara RRC na NAS bụ nhọrọ.
  • Ekwesịrị ichekwa ma chekwaa igodo na-adịgide adịgide nke onye ọrụ na mpaghara echekwara nke ọma nke akụrụngwa onye ọrụ.
  • E kwesịghị ibunye njirimara ndenye aha na-adịgide adịgide nke onye debanyere aha n'ederede doro anya na netwọk ịnweta redio belụsọ maka ozi dị mkpa maka ntụgharị ziri ezi (dịka ọmụmaatụ. MCC и MNC).
  • A ga-echekwarịrị igodo ọha nke netwọk onye na-ahụ maka ụlọ, ihe nchọpụta igodo, ihe nchọpụta atụmatụ nchekwa, na ihe nhụta ụzọ. USIM.

Ejikọtara algọridim nzuzo ọ bụla na ọnụọgụ ọnụọgụ abụọ:

  • "0000": NEA0 - Nzube nke na-enweghị isi
  • "0001": 128-NEA1 - 128-bit snow 3G dabere algọridim
  • "0010" 128-NEA2 - 128-bit AES dabere algọridim
  • "0011" 128-NEA3 - 128-bit ZUC dabere algọridim.

Data izo ya ezo site na iji 128-NEA1 na 128-NEA2Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha

PS A na-agbaziri sekit ahụ TS 133.501

Ọgbọ nke ntinye simulated site na algọridim 128-NIA1 na 128-NIA2 iji hụ na iguzosi ike n'ezi ihe.Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha

PS A na-agbaziri sekit ahụ TS 133.501

Ihe nchekwa achọrọ maka ọrụ netwọkụ 5G

Na-agụ ihe

  • AMF ga-akwadorịrị nyocha mbụ site na iji SUCI.
  • SEAF ga-akwadorịrị nyocha mbụ site na iji SUCI.
  • UDM na ARPF ga-echekwaba igodo na-adịgide adịgide nke onye ọrụ wee hụ na echedoro ya na izu ohi.
  • AUSF ga-enye SUPI naanị na netwọk na-eje ozi na mpaghara mgbe nyocha mbụ gara nke ọma site na iji SUCI.
  • NEF agaghị ebufe ozi netwọkụ zoro ezo na mpụga ngalaba nchekwa onye ọrụ.

Usoro nchekwa ntọala

ntụkwasị obi ngalaba

Na netwọk ọgbọ nke ise, ntụkwasị obi na ihe netwọk na-ebelata ka ihe ndị na-apụ na isi netwọkụ. Echiche a na-emetụta mkpebi ndị etinyere na nhazi nchekwa 5G. Yabụ, anyị nwere ike ikwu maka ụdị ntụkwasị obi nke netwọkụ 5G nke na-ekpebi omume nke usoro nchekwa netwọkụ.

N'akụkụ onye ọrụ, UICC na USIM hibere ngalaba ntụkwasị obi.

N'akụkụ netwọk, ngalaba ntụkwasị obi nwere usoro mgbagwoju anya.

Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha E kewara netwọk ohere redio ụzọ abụọ - DU (site na ngalaba nkesa Bekee - ngalaba netwọk kesara) na CU (site na English Central Units - Central nkeji nke netwọk). Ha na-etolite ọnụ gNB - interface redio nke ọdụ netwọkụ 5G. DU enweghị ohere ịnweta data onye ọrụ ozugbo n'ihi na enwere ike ibunye ya na ngalaba akụrụngwa na-echekwara. A ga-etinyerịrị CU na ngalaba netwọk echedoro, ebe ọ bụ na ha na-ahụ maka ịkwụsị okporo ụzọ site na usoro nchekwa AS. Na isi nke netwọk dị AMF, nke na-akwụsị okporo ụzọ site na usoro nchekwa NAS. Nkọwapụta 3GPP 5G dị ugbu a na-akọwa nchikota AMF na ọrụ nchekwa SEAF, nwere igodo mgbọrọgwụ (nke a makwaara dị ka "igodo arịlịka") nke netwọkụ gara (ije ozi). AUSF na-ahụ maka ịchekwa igodo enwetara mgbe nyochachara nke ọma. Ọ dị mkpa maka ojiji ọzọ n'ọnọdụ ebe ejikọrọ onye ọrụ n'otu oge na ọtụtụ netwọk ohere redio. ARPF na-echekwa nzere onye ọrụ ma bụrụ ihe analọgụ USIM maka ndị debanyere aha. UDR и UDM na-echekwa ozi onye ọrụ, nke a na-eji chọpụta mgbagha maka ịmepụta nzere, NJ onye ọrụ, hụ na ọ ga-aga n'ihu nnọkọ, wdg.

Ọkwa igodo na atụmatụ nkesa ha

Na netwọk ọgbọ nke ise, n'adịghị ka netwọk 5G-LTE, usoro nyocha nwere ihe abụọ: nyocha nke mbụ na nke abụọ. Achọrọ nyocha izizi maka ngwaọrụ onye ọrụ niile na-ejikọ na netwọkụ ahụ. Enwere ike ịme nyocha nke abụọ ma ọ bụrụ na achọrọ site na netwọk dị n'èzí, ọ bụrụ na onye debanyere aha jikọọ na ha.

Mgbe emechara nke ọma nke nyocha izizi yana mmepe nke igodo K dị n'etiti onye ọrụ na netwọkụ, a na-ewepụta KSEAF site na igodo K - igodo arịlịka (mgbọrọgwụ) pụrụ iche nke netwọk ozi. N'ikpeazụ, a na-emepụta igodo site na igodo a iji hụ na nzuzo na iguzosi ike n'ezi ihe nke data okporo ụzọ RRC na NAS.

Eserese nwere nkọwaOkwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha
Emebe aha:
CK igodo Cipher
IK (Bekee: Integrity Key) - igodo eji na usoro nchekwa nchekwa data.
CK' (Eng. Cipher Key) - igodo nzuzo ọzọ emepụtara site na CK maka usoro EAP-AKA.
IK' (Igodo Integrity Bekee) - igodo ọzọ ejiri na usoro nchekwa nchekwa data maka EAP-AKA.
KAUSF - emepụtara site na ọrụ ARPF na akụrụngwa onye ọrụ sitere na CK и IK n'oge 5G AKA na EAP-AKA.
KSEAF - igodo arịlịka enwetara site na ọrụ AUSF site na igodo KAMFAUSF.
KAMF - igodo nwetara site na ọrụ SEAF site na igodo KSEAF.
KNASint, KNASenc - igodo enwetara site na ọrụ AMF site na igodo KAMF iji chebe okporo ụzọ akara NAS.
KRRCint, KRRCenc - igodo enwetara site na ọrụ AMF site na igodo KAMF iji chebe okporo ụzọ nrịbama RRC.
KUPint, KUPenc - igodo enwetara site na ọrụ AMF site na igodo KAMF iji chebe okporo ụzọ mgbaàmà AS.
NH - igodo etiti enwetara site na ọrụ AMF site na igodo KAMF iji hụ na nchekwa data n'oge nnyefe.
KgNB - igodo enwetara site na ọrụ AMF site na igodo KAMF iji hụ na nchekwa nke usoro ngagharị.

Atụmatụ maka imepụta SUCI site na SUPI na ọzọ

Atụmatụ maka inweta SUPI na SUCI

Mmepụta SUCI sitere na SUPI na SUPI sitere na SUCI:
Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha

Nyocha

Nyocha izizi

Na netwọk 5G, EAP-AKA na 5G AKA bụ usoro nyocha izizi. Ka anyị kewaa usoro nyocha izizi ụzọ abụọ: nke mbụ bụ maka ịmalite nyocha na ịhọrọ usoro nyocha, nke abụọ na-ahụ maka nyocha n'etiti onye ọrụ na netwọkụ.

Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha

Mmalite

Onye ọrụ na-enyefe arịrịọ ndebanye aha na SEAF, nke nwere NJ ndenye aha zoro ezo nke onye ọrụ.

SEAF na-ezigara AUSF ozi arịrịọ nyocha (Nausf_UEAuthentication_Authenticate Arịrịọ) nwere SNN (Aha netwọk na-eje ozi) na SUPI ma ọ bụ SUCI.

AUSF na-enyocha ma ekwenyere onye na-arịọ arịrịọ SEAF ka ọ jiri SNN enyere. Ọ bụrụ na enyeghị netwọọdụ na-eje ozi ikike iji SNN a, mgbe ahụ AUSF na-aza ozi njehie ikike "Inweghị ikike netwọk ozi" (Nausf_UEAuthentication_Authenticate Response).

AUSF na-arịọrọ nzere nzere UDM, ARPF ma ọ bụ SIDF site na SUPI ma ọ bụ SUCI na SNN.

Dabere na SUPI ma ọ bụ SUCI yana ozi onye ọrụ, UDM/ARPF na-ahọrọ usoro nyocha iji na-esote wee wepụta nzere onye ọrụ.

Nyocha mmekọrịta

Mgbe ị na-eji usoro nyocha ọ bụla, ọrụ netwọk UDM/ARPF ga-ewepụtarịrị vector nyocha (AV).

EAP-AKA: UDM/ARPF buru ụzọ wepụta vector nyocha na nkewa bit AMF = 1, wee wepụta CK' и IK' si CK, IK na SNN ma mebere vector nyocha AV ọhụrụ (RAND, AUTN, XRES*, CK', IK'), nke ezigara na AUSF na ntuziaka iji ya naanị maka EAP-AKA.

5G AKA: UDM/ARPF na-enweta igodo KAUSF si CK, IK na SNN, emesia ọ na-emepụta 5G HE AV. 5G Home Environment Athentication Vector). 5G HE AV vector nyocha (RAND, AUTN, XRES, KAUSF) ezigara AUSF na ntuziaka ka iji ya maka 5G naanị AKA.

Mgbe nke a AUSF gasịrị, enwetara igodo arịlịka KSEAF site na igodo KAUSF ma ziga arịrịọ na SEAF "Challenge" na ozi "Nausf_UEAuthentication_Authenticate Response", nke nwekwara RAND, AUTN na RES*. Na-esote, a na-ebufe RAND na AUTN na ngwa onye ọrụ site na iji ozi nrịbama NAS echekwara. USIM onye ọrụ na-agbakọ RES* site na RAND na AUTN natara wee ziga ya na SEAF. SEAF tụgharịrị uru a na AUSF maka nkwenye.

AUSF tụlere XRES* echekwara na ya yana RES* natara n'aka onye ọrụ. Ọ bụrụ na enwere egwuregwu, AUSF na UDM na netwọk ụlọ nke onye ọrụ na-eme ka amara ọkwa nke ọma, onye ọrụ na SEAF na-ewepụta igodo n'onwe ya. KAMF si KSEAF yana SUPI maka nzikọrịta ozi ọzọ.

Nyocha nke abụọ

Ụkpụrụ 5G na-akwado nkwenye nke abụọ nhọrọ dabere na EAP-AKA n'etiti akụrụngwa onye ọrụ na netwọk data mpụga. N'okwu a, SMF na-arụ ọrụ nke onye nyocha EAP ma dabere na ọrụ ahụ Aaa- ihe nkesa netwọk dị na mpụga nke na-akwado ma nye onye ọrụ ikike ikike.

Okwu Mmalite na 5G Nche Architecture: NFV, igodo na 2 Nyocha

  • Amanyere iwu nke mbụ njirimara onye ọrụ na netwọkụ ụlọ na-eme ma jiri AMF mepụta ọnọdụ nchekwa NAS nkịtị.
  • Onye ọrụ na-ezigara AMF arịrịọ ka ịmepụta nnọkọ.
  • AMF na-eziga arịrịọ iji guzobe nnọkọ na SMF na-egosi SUPI onye ọrụ.
  • SMF na-akwado nzere onye ọrụ na UDM site na iji SUPI enyere.
  • SMF na-eziga nzaghachi na arịrịọ sitere na AMF.
  • SMF na-amalite usoro nyocha EAP iji nweta ikike ịmepụta nnọkọ site na sava AAA na netwọk mpụga. Iji mee nke a, SMF na onye ọrụ na-agbanwe ozi iji malite usoro ahụ.
  • Onye ọrụ na netwọkụ AAA nke mpụga wee gbanwee ozi iji gosi na nye onye ọrụ ikike ikike. N'okwu a, onye ọrụ na-eziga ozi na SMF, nke na-agbanwe ozi na netwọk mpụga site na UPF.

nkwubi

Ọ bụ ezie na ụlọ nchekwa 5G dabere na iji teknụzụ ndị dị adị, ọ na-ebute ihe ịma aka ọhụrụ kpamkpam. Ọnụ ọgụgụ dị ukwuu nke ngwaọrụ IoT, oke netwọk gbasaa na ihe owuwu ụlọ bụ naanị ụfọdụ isi ụkpụrụ nke ọkọlọtọ 5G na-enye ikike n'efu n'echiche nke ndị omempụ cyber.

Ụkpụrụ bụ isi maka ụlọ nchekwa 5G bụ TS 23.501 ụdị 15.6.0 - nwere isi ihe dị mkpa nke ọrụ nke usoro nchekwa na usoro. Karịsịa, ọ na-akọwa ọrụ nke VNF ọ bụla n'ịhụ na nchekwa nke data onye ọrụ na ọnụ ọgụgụ netwọk, na ịmepụta igodo crypto na n'imejuputa usoro nyocha. Mana ọbụlagodi ọkọlọtọ a anaghị enye azịza maka nsogbu nchekwa dị egwu na-eche ndị na-ahụ maka telecom ihu ọtụtụ oge ka a na-emepụta netwọkụ ọgbọ ọhụrụ siri ike ma tinye ya n'ọrụ.

N'akụkụ a, ọ ga-amasị m ikwere na ihe isi ike nke ịrụ ọrụ na ichebe netwọkụ nke ọgbọ 5 agaghị emetụta ndị ọrụ nkịtị, ndị a na-ekwe nkwa ịgbasa ọsọ na nzaghachi dị ka nwa enyi enyi nne ma nwee mmasị ịnwale ihe niile. ikike ekwuputara nke netwọk ọgbọ ọhụrụ.

Njikọ ndị bara uru

Usoro nkọwapụta 3GPP
5G nchekwa architecture
5G usoro ije
5G Wiki
5G architecture ndetu
Nyocha nchekwa 5G

isi: www.habr.com

Tinye a comment