A network node configured to perform a process that includes receiving a PDU Session Establishment Request message for establishing a PDU session, wherein the PDU Session Establishment Request message was transmitted by a UE and includes a PDU session ID. The process also includes communicating a Session Management (SM) Request comprising the PDU Session Establishment Request to an SMF. The process also includes receiving from the SMF a message that includes: i) the PDU Session ID identifying the PDU session, ii) a PDU Session Establishment Accept message, and iii) a user plane (UP) security policy for the PDU session, wherein the UP security policy for the PDU session indicates: i) whether UP confidentiality protection shall be activated or not for all data radio bearers (DRBs) belonging to the PDU session, and/or ii) whether UP integrity protection shall be activated or not for all data radio bearers (DRBs) belonging to the PDU session.

A network node configured to perform a process that includes receiving a PDU Session Establishment Request message for establishing a PDU session, wherein the PDU Session Establishment Request message was transmitted by a UE and includes a PDU session ID. The process also includes communicating a Session Management (SM) Request comprising the PDU Session Establishment Request to an SMF. The process also includes receiving from the SMF a message that includes: i) the PDU Session ID identifying the PDU session, ii) a PDU Session Establishment Accept message, and iii) a user plane (UP) security policy for the PDU session, wherein the UP security policy for the PDU session indicates: i) whether UP confidentiality protection shall be activated or not for all data radio bearers (DRBs) belonging to the PDU session, and/or ii) whether UP integrity protection shall be activated or not for all data radio bearers (DRBs) belonging to the PDU session.

In one implementation, a method for providing end-to-end communication security for a controller area network (CANbus) in an automotive vehicle across which a plurality of electronic control units (ECU) communicate is described. Such an automotive vehicle can include, for example, a car or truck with multiple different ECUs that are each configured to control various aspects of the vehicle's operation, such as an infotainment system, a navigation system, various engine control systems, and/or others.

In one implementation, a method for providing end-to-end communication security for a controller area network (CANbus) in an automotive vehicle across which a plurality of electronic control units (ECU) communicate is described. Such an automotive vehicle can include, for example, a car or truck with multiple different ECUs that are each configured to control various aspects of the vehicle's operation, such as an infotainment system, a navigation system, various engine control systems, and/or others.

Systems and methods for federated privacy management are disclosed. In one embodiment, a method for federated privacy management may include: (1) receiving, at a user management node, and from a client application executing on an electronic device, a device identifier; (2) receiving, by the user management node, and from a second layer node in a multi-layer federated privacy management network, data comprising at least one of browsing data and application data from a web host or a server, wherein the data is in response to an internet protocol request from the client application via a first layer node and the second layer node to the web host or the server, and the data is associated with the device identifier; (3) receiving, at the user management node, a request for the data from the client application using the device identifier; and (4) communicating the data to the client application.

Disclosed is a secure and adaptive waveforms multiplexing system in advanced-level wireless communication systems (such as 5G and beyond systems).

Disclosed is a secure and adaptive waveforms multiplexing system in advanced-level wireless communication systems (such as 5G and beyond systems).

– A network connection method is performed by a terminal, and the method comprises: establishing a pre-connection with a to-be-accessed device, and the to-be-accessed device being a device to access network; generating a first key pair, and sending a first public key In the first key pair to the to-be-accessed device; generating a first shared key based on the first key pair and first key negotiation information corresponding to the to-be-accessed device; encrypting network configuration information of a network device by using the first shared key, to obtain encrypted network configuration information; and sending the encrypted network configuration information to the to-be-accessed device, to allow the to-be-accessed device to decrypt the encrypted network configuration information by a second shared key, and access the network device based on the decrypted network configuration information. –

One disclosed example method includes obtaining a meeting cryptographic key; transmitting, from a client device to a video conference provider, a request to initiate an encrypted video conference, the encrypted video conference including a plurality of participants; distributing the meeting cryptographic key to each participant of the plurality of participants; obtaining a public cryptographic key of a key pair, the key pair including the public cryptographic key and a private cryptographic key; encrypting the meeting cryptographic key using the public cryptographic key; transmitting, from the client device to the video conference provider, a request to record the video conference; encrypting audio and video from a microphone and image sensor of the client device using the meeting cryptographic key; transmitting the encrypted audio and video to the video conference provider; and providing the encrypted meeting cryptographic key to the video conference provider.

A method and apparatus for data transfer in RRC_INACTIVE state is provided. Method for data transfer in RRC_INACTIVE state includes receiving a RRCRelease, determining a radio bearer configured for second resume procedure based on the first information for second resume procedure, receiving from the base station a system information, initiating second resume procedure, restoring configuration of the radio bearer configured for second resume procedure stored in UE Inactive AS context, re-establishing PDCP entity of the radio bearer configured for second resume procedure, resuming the radio bearer configured for second resume procedure and transmitting to the base station a RRCResumeRequest.