A method and an apparatus for performing verification using a shared key are disclosed. The method includes: receiving, by a first network element, a registration request message from a second network element, where the registration request message includes a user identifier, first network identifier information, and second network identifier information, the second network identifier information is obtained by processing the first network identifier information by using a shared key, and the shared key is a key used between the first network element and the second network element; verifying, by the first network element, the registration request message by using the shared key; and sending, by the first network element, a registration response message to the second network element. When receiving a registration request from a visited network, a home network verifies the registration request message by using a shared key, to avoid a spoofing attack from the visited network.

A method and an apparatus for performing verification using a shared key are disclosed. The method includes: receiving, by a first network element, a registration request message from a second network element, where the registration request message includes a user identifier, first network identifier information, and second network identifier information, the second network identifier information is obtained by processing the first network identifier information by using a shared key, and the shared key is a key used between the first network element and the second network element; verifying, by the first network element, the registration request message by using the shared key; and sending, by the first network element, a registration response message to the second network element. When receiving a registration request from a visited network, a home network verifies the registration request message by using a shared key, to avoid a spoofing attack from the visited network.

Methods for determining a default network slice are provided. More specifically, the methods include determining a default Single Network Slice Selection Assistance Information (S-NSSAI) that identifies the default network slice for establishing a Protocol Data Unit (PDU) session for an application in a wireless device without an S-NSSAI association. Various embodiments for determining the S-NSSAI are also disclosed herein. By determining the default network slice, it is possible to eliminate existing ambiguity associated with establishing a PDU session for application without S-NSSAI association, thus helping to reduce implementation complexity in a wireless device and/or a core network node.

A method and an apparatus for switching an RRC state includes: sending, by a communications apparatus, indication information to a network device, where the indication information is used to indicate that the communications apparatus requests to enter an RRC inactive state; after completing a registration process of an RRC connected state, receiving, by the communications apparatus, an RRC connection release message that is sent by the network device based on the indication information, where the RRC connection release message is used to indicate the communications apparatus to enter the RRC inactive state; and entering, by the communications apparatus, the RRC inactive state from the RRC connected state based on the RRC connection release message.

A method and an apparatus for switching an RRC state includes: sending, by a communications apparatus, indication information to a network device, where the indication information is used to indicate that the communications apparatus requests to enter an RRC inactive state; after completing a registration process of an RRC connected state, receiving, by the communications apparatus, an RRC connection release message that is sent by the network device based on the indication information, where the RRC connection release message is used to indicate the communications apparatus to enter the RRC inactive state; and entering, by the communications apparatus, the RRC inactive state from the RRC connected state based on the RRC connection release message.

This disclosure handles a registration procedure in a UE supporting registration to 5GC via untrusted non-3GPP access network and 3GPP access network. More specifically this disclosure defines a UE behavior when a registration procedure is not successful to 5GC via first access network type (e.g. untrusted non-3GPP network access) after transmitting maximum number of registration request message via the first access network type to the 5GC and the UE is registered to 5GC via other access network type (e.g. 3GPP access network (NG-RAN)).

This disclosure handles a registration procedure in a UE supporting registration to 5GC via untrusted non-3GPP access network and 3GPP access network. More specifically this disclosure defines a UE behavior when a registration procedure is not successful to 5GC via first access network type (e.g. untrusted non-3GPP network access) after transmitting maximum number of registration request message via the first access network type to the 5GC and the UE is registered to 5GC via other access network type (e.g. 3GPP access network (NG-RAN)).

A system is disclosed for managing a communication network subscription identifier associated with a device. The system comprises a Core Network node configured to provide a subscription identifier for the device to a Device Management node with management responsibility for the device. The system further comprises a Verification node configured to receive from the Device Management node the subscription identifier and a characteristic of the device, and to bind the subscription identifier to the characteristic such that the subscription identifier is uniquely associated with the characteristic. The system further comprises a Network Access node configured to obtain the subscription identifier from the device. The Verification node, Network Access node and Core Network node are configured to cooperate to verify that the device from which the Network Access node obtained the subscription identifier is in possession of the characteristic that is bound to the subscription identifier.

A system is disclosed for managing a communication network subscription identifier associated with a device. The system comprises a Core Network node configured to provide a subscription identifier for the device to a Device Management node with management responsibility for the device. The system further comprises a Verification node configured to receive from the Device Management node the subscription identifier and a characteristic of the device, and to bind the subscription identifier to the characteristic such that the subscription identifier is uniquely associated with the characteristic. The system further comprises a Network Access node configured to obtain the subscription identifier from the device. The Verification node, Network Access node and Core Network node are configured to cooperate to verify that the device from which the Network Access node obtained the subscription identifier is in possession of the characteristic that is bound to the subscription identifier.

A terminal device comprising a transceiver, a memory, and a processor is provided. The terminal device may send in a network, an IMS registration request to a network device in the network, and may start an IMS timer corresponding to the network. If the terminal device does not receive a registration accept message from the network device when the IMS timer expires, the terminal device deactivates the network. The network may be one of a first network and a second network, the network device may be one of a first network device and a second network device, and each of the first network and the second network corresponds to an IMS timer with a different duration. In this way, different waiting durations may be provided for IMS registration processes in different networks, to improve user communication experience.