Inventor: Xin Qiu BACKGROUND

Field

[0001] The present disclosure relates to systems and methods for securely transmitting information in a content distribution network, and in particular to a system and method for transmitting keys and other sensitive information within that network.

Description of the Related Art

[0002] The dissemination of content such as media programs and other data is performed via cable transmission, satellite transmission, and transmission via the Internet. Increasingly, such dissemination is performed to mobile devices using wireless broadband networks such as LTE (long term evolution).

[0003] 5G is the fifth generation of cellular network technology, which also can be used to disseminate data, but at higher rates than that of LTE and previous broadband cellular network technologies. Security architectures, procedures, and information flows needed to protect mission critical services inherent in applications such as push-to-talk (MCPTT), video (MCVideo) and data (MCData), which together are referred to as “MCX” are described in “3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Security of the mission critical service; (Release 16)” published by the 3RD GENERATION PARTNERSHIP PROJECT (3GPPP), September 2019, which is hereby incorporated by reference.

[0004] This specification describes procedures for the provision of key material from a key management server to a key management client. While such key materials can be securely provided within an HTTPS construct using encrypted communications, additional security is desired.

BRIEF DESCRIPTION OF THE DRAWINGS

[0005] Referring now to the drawings in which like reference numbers represent corresponding parts throughout:

[0006] FIG. 1 is a diagram illustrating a key management functional model;

[0007] FIG. 2 presents a diagram illustrating security procedures for key management; and [0008] FIG. 3 is a diagram illustrating exemplary processing steps for providing user key material from a server to a client;

[0009] FIG. 4 is a diagram presenting an exemplary computer system that could be used to implement processing elements of the geolocation system.

DESCRIPTION

[0010] In the following description, reference is made to the accompanying drawings which form a part hereof, and in which are shown byway of illustration several embodiments. It is understood that other embodiments may be utilized and structural changes may be made without departing from the scope of the present disclosure.

[0011] FIG. 1 is a diagram of key reference points for a key management server. These reference points include one or more key management clients, communicatively coupled to a key management server. The key management clients may include a key management client incorporated into a group management server, a key management client incorporated into an MCX server, and a key management client incorporated into a user equipment (UE). Any of the key management clients are responsible for interfacing with the key management server to request identity-specific key material from the key management s erver.

The transfer of key material between the KMS and the KMC is protected by using a transport key (TrK) to encrypt the key material before it is transmitted from the KMS to the KMC.

[0012] FIG. 2 is a diagram of security procedures used for key management and provisioning user key material from the key management server to the key management client (which may consist of any of the key management clients described above). The key management client (KMC) establishes a connection to the key management server (KMS). This message may be secured by an HTTP proxy and may be through a secure HTTP (HTTPS).

[0013] The KMC makes a request for user key material from the KMS by transmitting an access token. The authentication token is used by the KMS to authenticate the request. The request also includes an identifier of the transport key (TrK) and may contain an identifier of an integrity key (InK) (e.g. InK- ID).

[0014] The request for user key material may include, for example, a request to set up the user, a request to obtain new key material from the KMS, a request to obtain external KMS certificates.

[0015] The KMS provides a response based on the authenticated user and the request. The response may include new key material and optionally, a new transport key (TrK) or integrity key (InK), as well as relevant certificates

[0016] The key material is encrypted using the transport key (TrK), and may also be signed by the transport key or the integrity key (InK). The transport key (TrK), integrity key (InK) and their identifiers (TrK-ID, InK- ID) are provisioned to the KMC via an out of band (OOB) transmission and stored in tamper-resistant or tamper-proof storage such as trusted storage of the KMC..

[0017] To further secure the foregoing exchange protocol, the transport key identifier (TrK-ID) and/or the integrity key identifier (InK-ID) may be compromised, as they are protected only by the security offered by the communication link (e.g. HTTPS) when transmitted from the KMC to the KMS. To prevent or at least detect such compromise, the foregoing protocol is modified so that the transport key identifier (TrK-ID) (and optionally, the integrity key identifier (InK-ID)) is included with the key material before encryption by the transport key (TrK). The KMC can then compare the value of the transport key (TrK-ID) with the value of the transport key identifier (TrK-ID) in its trusted store to validate the response before performing further processing.

[0018] FIG. 3 is a diagram illustrating exemplary processing steps for providing user key material from a server such as KMS to a client such as the KMC. In block 302, a first message is received from the KMC in the KMS, the first message having a user key material request, an access token, and an identifier of a transport key (TrK-ID). In block 304, the user key material request is validated according to the access token. In block 306, a response is generated having user key material responsive to the user key material request. In block 308, this response is encrypted according to the transport key (TrK). In block 310, a second message comprising the response is transmitted to from the KMS to the KMC. In block 312, the second message is decrypted according to the transport key (TrK), and in block 314, the second message is validated using the identifier of the transport key (TrK-ID).

[0019] In one embodiment, the identifier of the transport key (TrK-ID) forms a part of a digital certificate certified by a trusted entity, and the second message is validated via the digital certificate. The second message is validated using the sender's certificate which is validated through its certificate chain to the root. The identifier (TrK-ID) of the transport key is extracted from the sender's certificate after the certificate chain validation which can m turn be used to compare with the TrK-ID received m the first message. In addition, TrK-ID doesn't have to be limited to a identifier, it can be a user profile or any information that uniquely identifies the user.

[0020] In another embodiment, the response further comprises the identifier of the transport key (TrK- ID). For example, the identifier of the transport key (TrK-ID) may simply be concatenated with the uer key material (e.g. User key Material | Tk-ID). Upon receipt of the second message, the KMC decrypts the message, thus decrypting and recovering the identifier of the transport key, and compares the decrypted value of the identifier of the transport key with the identifier of the transport key stored in trusted storage. The second message is verified only if the two values match.

[0021] In still another embodiment the second message further comprises the identifier of the transport key (Tr-K-ID), and the KMC compares the decrypted value of the identifier of the transport key with the identifier of the transport key (TrK-ID) received in the second message. Again, the second message is verified only if the two values match.

[0022] In still further embodiments, the integrity key ID (InK-ID) can be included with the first message, and that integrity key ID (InK-ID) included in the response before encryption by the KMS. Upon decryption of the second message, the identifier of the integrity key ID (InK-ID) can be extracted and compared to the identifier of the integrity key ID (InK-ID) stored in trusted storage or included as a part of the second message. In either case, the second message is verified only if the two values match.

Hardware Environment

[0023] FIG. 4 illustrates an exemplary computer system 400 that could be used to implement processing elements of the above disclosure, including the KMC and KMS. The computer 402 comprises a processor 404 and a memory, such as random access memory (RAM) 406. The computer 402 is operatively coupled to a display 422, which presents images such as windows to the user on a graphical user interface 418B. The computer 402 may be coupled to other devices, such as a keyboard 414, a mouse device 416, a printer 428, etc. Of course, those skilled in the art will recognize that any combination of the above components, or any number of different components, peripherals, and other devices, may be used with the computer 402.

[0024] Generally, the computer 402 operates under control of an operating system 408 stored in the memory 406, and interfaces with the user to accept inputs and commands and to present results through a graphical user interface (GUI) module 418A. Although the GUI module 418B is depicted as a separate module, the instructions performing the GUI functions can be resident or distributed in the operating system 408, the computer program 410, or implemented with special purpose memory and processors. The computer 402 also implements a compiler 412 which allows an application program 410 written in a programming language such as COBOL, C++, FORTRAN, or other language to be translated into processor 404 readable code. After completion, the application 410 accesses and manipulates data stored in the memory 406 of the computer 402 using the relationships and logic that was generated using the compiler 412. The computer 402 also optionally comprises an external communication device such as a modem, satellite link, Ethernet card, or other device for communicating with other computers.

[0025] In one embodiment, instructions implementing the operating system 408, the computer program 410, and the compiler 412 are tangibly embodied in a computer-readable medium, e.g., data storage device 420, which could include one or more fixed or removable data storage devices, such as a zip drive, floppy disc drive 424, hard drive, CD-ROM drive, tape drive, etc. Further, the operating system 408 and the computer program 410 are comprised of instructions which, when read and executed by the computer 402, causes the computer 402 to perform the operations herein described. Computer program 410 and/ or operating instructions may also be tangibly embodied in memory 406 and/ or data communications devices 430, thereby making a computer program product or article ofmanufacture.

As such, the terms “article of manufacture,” “program storage device” and “computer program product” as used herein are intended to encompass a computer program accessible from any computer readable device or media.

[0026] Those skilled in the art will recognize many modifications may be made to this configuration without departing from the scope of the present disclosure. For example, those skilled in the art will recognize that any combination of the above components, or any number of different components, peripherals, and other devices, may be used. [0027] The foregoing description of the preferred embodiment has been presented for the purposes of illustration and description. It is not intended to be exhaustive or to limit the disclosure to the precise form disclosed. Many modifications and variations are possible in light of the above teaching. It is intended that the scope of rights be limited not by this detailed description, but rather by the claims appended hereto.