A method for validating vehicle-to-X messages by a computing apparatus of a vehicle comprises receiving at least one vehicle-to-X message comprising information for regulating the traffic flow, and validating the at least one message, wherein, within the framework of the validation, at least a part of the message content comprised by the at least one message is checked for the consistency thereof. A device for validating vehicle-to-X messages and a vehicle are also disclosed.

A method and device for applying a different security policy, per service traffic, to a protocol data unit (PDU) session in a wireless communication system. The method comprises receiving, by a session management function (SMF) managing a session for a user equipment (UE), first configuration information about a first user plane security policy of the UE from a unified data management (UDM) managing subscription information about the UE, receiving, by the SMF, second configuration information about a second user plane security policy to be applied to a specific service data flow from a policy and control function (PCF) managing a policy and charging control (PCC) rule, and determining a user plane security policy to be applied to the UE based on one selected from the first user plane security policy and the second user plane security policy according to priority.

This application relates to the field of wireless communications technologies. Embodiments of this application provide a security protection method, an apparatus, and a system, to resolve a problem of low efficiency in handing over a terminal between serving base stations. The method in this application includes: receiving, by a target access network device, a correspondence between user plane information and a security policy from a source access network device; and determining, by the target access network device based on the correspondence between user plane information and a security policy, a first user plane protection algorithm corresponding to the user plane information, where the first user plane protection algorithm includes one or both of a user plane encryption algorithm and a user plane integrity protection algorithm. This application is applicable to a procedure in which the terminal is handed over between serving base stations.

This application relates to the field of wireless communications technologies. Embodiments of this application provide a security protection method, an apparatus, and a system, to resolve a problem of low efficiency in handing over a terminal between serving base stations. The method in this application includes: receiving, by a target access network device, a correspondence between user plane information and a security policy from a source access network device; and determining, by the target access network device based on the correspondence between user plane information and a security policy, a first user plane protection algorithm corresponding to the user plane information, where the first user plane protection algorithm includes one or both of a user plane encryption algorithm and a user plane integrity protection algorithm. This application is applicable to a procedure in which the terminal is handed over between serving base stations.

A network node (30A, 30B) is configured for use in a wireless communication network (10). The network node (30A, 30B) is configured to acquire radio access capability information (28) of a wireless device (14). The radio access capability information (28) of the wireless device (14) indicates radio access capabilities of the wireless device (14). The network node (30A, 30B) is configured to determine if the wireless communication network (10) received the radio access capability information (28) of the wireless device (14) before access stratum security (24) was activated for the wireless device (14). If the wireless communication network (10) received the radio access capability information (28) of the wireless device (14) before access stratum security (24) was activated for the wireless device (14) according to that determination, the network node (30A, 30B) is configured to re-acquire the radio access capability information (28) of the wireless device (14) after access stratum security (24) is activated for the wireless device (14).

A network node (30A, 30B) is configured for use in a wireless communication network (10). The network node (30A, 30B) is configured to acquire radio access capability information (28) of a wireless device (14). The radio access capability information (28) of the wireless device (14) indicates radio access capabilities of the wireless device (14). The network node (30A, 30B) is configured to determine if the wireless communication network (10) received the radio access capability information (28) of the wireless device (14) before access stratum security (24) was activated for the wireless device (14). If the wireless communication network (10) received the radio access capability information (28) of the wireless device (14) before access stratum security (24) was activated for the wireless device (14) according to that determination, the network node (30A, 30B) is configured to re-acquire the radio access capability information (28) of the wireless device (14) after access stratum security (24) is activated for the wireless device (14).

The present disclosure relates exposure notification, and in particular to techniques for verification of positive test results from public health authorities where individuals submit notice using public health approved mobile applications for exposure notification and/or contact tracing. When an individual attempts to submit a positive test result notification in a mobile application, the associated device's mobile number will be requested. This mobile number will then be sent a verification code to be entered in the application. At this point, these codes shall be stored digitally in escrow. A regular data feed from a health authority shall be provided that shall include an agreed encryption (irreversibly encrypted or reversibly encrypted) of the mobile numbers associated with any reported test. Any results submitted in the application that have a matching encryption of the mobile numbers shall be released from the escrow for subsequent notification.

The present disclosure relates exposure notification, and in particular to techniques for verification of positive test results from public health authorities where individuals submit notice using public health approved mobile applications for exposure notification and/or contact tracing. When an individual attempts to submit a positive test result notification in a mobile application, the associated device's mobile number will be requested. This mobile number will then be sent a verification code to be entered in the application. At this point, these codes shall be stored digitally in escrow. A regular data feed from a health authority shall be provided that shall include an agreed encryption (irreversibly encrypted or reversibly encrypted) of the mobile numbers associated with any reported test. Any results submitted in the application that have a matching encryption of the mobile numbers shall be released from the escrow for subsequent notification.

Embodiments are disclosed that include systems and methods performed by vehicle-to-everything (V2X) system participant to determine whether a misbehavior condition may have occurred based on the generation and/or receipt of a V2X message. The detection of a misbehavior condition may occur if the V2X message is generated and/or received too frequently or not frequently enough. In addition, a misbehavior condition may be detected if the generated and/or received V2X message does include the appropriate security credential.

Embodiments are disclosed that include systems and methods performed by vehicle-to-everything (V2X) system participant to determine whether a misbehavior condition may have occurred based on the generation and/or receipt of a V2X message. The detection of a misbehavior condition may occur if the V2X message is generated and/or received too frequently or not frequently enough. In addition, a misbehavior condition may be detected if the generated and/or received V2X message does include the appropriate security credential.