In an aspect, the present disclosure includes a method, apparatus, and computer readable medium for wireless communications for configuring of a NAS COUNT value of a mapped EPS security context associated with an intersystem change of a UE from a 5G system to an EPS. The aspect includes generating, by a UE, a mapped EPS security context associated with an intersystem change of the UE from a 5G system to an EPS, wherein the mapped EPS security context comprises security parameters created based a 5G security context used for the 5G system, the security parameters enabling security-related communications between the UE and a network entity; determining an UL NAS COUNT value and the DL NAS COUNT value for the mapped EPS security context; and transmitting, by the UE, a NAS message to the network entity, the NAS message including the UL NAS COUNT value of the mapped EPS security context.

The present disclosure generally relates to the field of Radio Resource Control (RRC). More specifically, the present disclosure relates to techniques of supporting and initiating RRC connection establishment in a wireless communication network. A method embodiment relates to supporting RRC connection establishment in a wireless communication network and comprises setting up context information during a first RRC connection establishment procedure to establish a first RRC connection towards a radio access network element (200) of the wireless communication network implementing a first Radio Access Technology (RAT). The context information is associated with a wireless communication device (100) of the wireless communication network and is usable for a second RRC connection establishment procedure to establish a second RRC connection towards a radio access network element of the wireless communication network implementing a second RAT.

A method, an apparatus, and a system for dual-connectivity communication, where the method may include: sending, by a master Node, a first message to a secondary Node, where the first message includes a user plane security policy, and the user plane security policy is used by the secondary Node to determine a user plane security protection method between the secondary Node and a user terminal; receiving, by the master Node, a second message from the secondary Node, where the second message includes user plane security enabling type indication information, and the user plane security enabling type indication information is used to indicate a user plane security protection method between the secondary Node and the user terminal; and sending, by the master Node, a third message to the user terminal, where the third message includes the user plane security enabling type indication information.

A method for batch handover authentication and key agreement oriented to a heterogeneous network generally includes the following steps: A, system establishment and participant registration: users participating in authentication register on the LTE-A network to obtain their respective identity information; B, access authentication: when a large number of users request access to the WLAN, the target network WLAN is discovered by using the ANDSF, and the leader sends a complete group authentication message to the AAA server of the WLAN to request identity authentication; if the authentication succeeds, the AAA server of the WLAN returns an identity authentication response; C, if the authentication fails, the continued execution of the protocol is terminated. The method effectively realizes batch authentication of users during handover from the LTE-A network to the WLAN, and thus has high authentication efficiency, small signaling overheads, and high security.

A handover method and apparatus, and a communications device, are provided. The handover method includes sending first information to a source node, where the first information includes a first handover indication; or receiving first target information sent by the source node, where the first target information is used by the terminal to access a target node.

Embodiments of the present invention disclose a method, an apparatus, and a system for establishing a security context and relates to the communications field, so as to comprehensively protect UE data. The method includes: acquiring an encryption algorithm of an access node; acquiring a root key and deriving, according to the root key and the encryption algorithm, an encryption key of the access node; sending the encryption key and the encryption algorithm to the access node, so that the access node starts downlink encryption and uplink decryption; sending the encryption algorithm of the access node to the UE so as to negotiate the encryption algorithm with the UE; and instructing the access node to start downlink encryption and uplink decryption and instructing, during algorithm negotiation, the UE to start downlink decryption and uplink encryption.

A user equipment (UE) has both cellular and non-cellular links. The network sends it a first indication to maintain using a first set of security keys generated from a parameter specific to a source access node after the UE hands over the cellular link to a target access node without changing a wireless termination (WT) that is connected with the UE via the non-cellular link. The network uses that key to maintain the non-cellular link with the UE after the cellular link handover. From the UE's perspective it uses that key to authenticate its non-cellular link prior to the cellular link handover, but this handover does not change the WT which communicates with the UE via the non-cellular link so the UE can, only in response to receiving a first indication associated with the handover, use that same key to maintain that non-cellular link after the handover.

Because of the line-of-sight character of optical wireless communication and a limited field-of-view of optical receivers, the coverage of an access point and the overlapping coverage area of adjacent access points in an optical system are smaller as compared to a RF system. It turns more challenging to support an end point (110) to roam securely in an optical multi-cell wireless communication network. To speed up the derivation of a new pairwise transient key with a new access point during a handover procedure, the end point of this invention comprises a controller (118) that is configured to act as a second supplicant (1181), on behalf of a first supplicant (1186) comprised in a host processor (1185), to communicate with an authenticator to establish a new pairwise transient key for the end point (110) and a candidate access point, and an active pairwise transient key with the currently associated access point is used to secure the communication for new key derivation.

This application provides a data processing method and apparatus, and a computer storage medium. When a PDCP entity over a UM DRB is re-established, or when a cell handover occurs and the PDCP entity over a UM DRB uses a key used before the handover, the PDCP entity determines a first SDU, where the first SDU is an SDU that is associated with a sequence number by the PDCP entity but whose corresponding data has not been transmitted through an air interface; and delivers a PDU corresponding to the first SDU to an RLC entity. Data corresponding to the first SDU is redelivered, to avoid a data packet loss caused by preprocessing of the PDCP entity.

A method of a user equipment (UE) in a wireless communication system includes: transmitting, to a core entity, a tracking area update (TAU) request message including UE radio capability information associated with a UE radio capability identity (ID); receiving, from the core entity, a security mode command message for requesting UE radio capability ID information, based on the UE radio capability information; and transmitting, to the core entity, a security mode complete message including the UE radio capability ID information.