Security key derivation in dual connectivity

1 . A method for establishing a secure communication link between a mobile station and a secondary base station in a mobile communication system comprising the mobile station, a master and the secondary base station, the mobile station being initialized for communication with the master and the secondary base station, detecting, by the master or by the secondary base station, a potential security breach including: a condition where a sequence counter of packet data units of an established secure communication link between the mobile station and the secondary base station is to wrap-up since initialization of the communication between the mobile station and the secondary base station, and a condition where a communication link identification is to be reused for establishing the secure communication link with the secondary base station since initialization of the communication between the mobile station and the secondary base station; and, in case the potential security breach is detected by the secondary base station, signaling the detected security breach to the master base station; incrementing, by the master base station, in response to the detected or signaled potential security breach, a freshness counter for re-initializing the communication between the mobile station and the secondary base station; and re-initializing, by the mobile station and by the secondary base station, the communication there between, the re-initializing step being performed under the control of the master base station and further includes deriving a same security key based on said incremented freshness counter, and establishing the secure communication link utilizing the same, derived security key. 2 . The method according to claim 1 , wherein the re-initialization step is performed by the mobile station and by the secondary base station without re-initializing the communication between the mobile station and the master base station. 3 . The method according to claim 1 , wherein the secondary base station performs the step of detecting the condition where the sequence counter is to wrap-up, and wherein either the master or the secondary base station performs the step of detecting the condition where a communication link identification is to be reused. 4 . The method according to claim 1 , wherein the step of re-initializing the communication between the mobile station and the secondary base station further includes: deriving, by the master base station, a security key based on the incremented freshness counter for the communication between the mobile station and the secondary base station, and transmitting said derived security key and the incremented freshness counter to the secondary base station; generating, by the secondary base station, a re-configuration message for re-initializing the communication between the mobile station and the secondary base station including the incremented freshness counter and transmitting the re-configuration message to the master base station; forwarding, by the master base station, the re-configuration message including the incremented freshness counter to the mobile station; and deriving, by the mobile station, a same security key based on the freshness counter included in the forwarded re-configuration message for establishing on the basis of the same, derived security key the secure communication link between the mobile station and the secondary base station. 5 . The method according to claim 1 , wherein the step of re-initializing the communication between the mobile station and the secondary base station further includes: generating and transmitting, by the master base station, a re-configuration message for re-initializing the communication between the mobile station and the secondary base station including the incremented freshness counter to the mobile station; deriving, by the master base station, a security key based on the incremented freshness counter for the communication between the mobile station and the secondary base station, and transmitting, by the master base station, said derived security key to the secondary base station; deriving, by the mobile station, a same security key based on the freshness counter included in the transmitted re-configuration message for establishing on the basis of the same, derived security key the secure communication link between the mobile station and the secondary base station; and wherein the step of deriving and transmitting said derived security key to the secondary base station is performed, by the master base station, before or after the step of transmitting the re-configuration message including the incremented freshness counter to the mobile station is performed by the master base station. 6 . The method according to claim 5 , wherein the master base station additionally transmits the incremented freshness counter to the secondary base station. 7 . The method according to claim 4 , wherein the step of deriving, by the mobile station, a same security key based on the incremented freshness counter included in the transmitted re-configuration message, further includes: determining, by the mobile station, whether the incremented freshness counter, included in the transmitted re-configuration message, differs from a previous freshness counter included in a previously transmitted re-configuration message, and only in case of a different, incremented freshness counter, performing the step of deriving the same security key by the mobile station. 8 . The method according to claim 4 , further comprising the step of transmitting, by the mobile station, a re-configuration complete message to the master or to the secondary base station; and, in case the re-configuration complete message is transmitted by the mobile station to the master base station, the step of forwarding, by the master base station, said re-configuration complete message to the secondary base station. 9 . The method according to claim 8 , wherein the step of transmitting, and forwarding the reconfiguration complete message is performed after the step of re-initializing, by the mobile station and the secondary base station the communication there between. 10 . The method according to claim 4 , wherein the re-configuration message, generated by the master or the secondary base station, further includes a dedicated preamble or indicates a dedicated preamble from among a plurality of pre-configured preambles for performing a Random Access CHannel, RACH, procedure between the mobile station and the secondary base station; and the method further includes the step of: performing between the mobile station and the secondary base station the RACH procedure utilizing the dedicated preamble included in the re-configuration message or utilizing the indicated dedicated preamble from the plurality of pre-configured preambles, respectively. 11 . The method according to claim 10 , wherein the step of performing the RACH procedure is performed between the mobile station and the secondary base station after the step of re-initializing, by the mobile station, the communication with the secondary base station, and before the step of re-initializing, by secondary base station, the communication with the mobile station. 12 . The method according to claim 10 , wherein the plurality of pre-configured preambles, from among which the re-configuration message indicates the dedicated preamble to be used for performing the RACH procedure, are pre-configured using an X2 interface between the master and the secondary base station. 13 . The method according to claim 4 , wherein the step of transmitting and/or forwarding the re-configuration mes