A network node selectively encrypts messages between a user plane node and a control plane node in a network system. The user plane node and the control plane node negotiate a connection and indicate an encryption level for the connection. The encryption level is selected from an Information Element (IE) level, a message level, or a feature level. The user plane node and the control plane node selectively encrypt at least a portion of the messages between the user plane node and the control plane node based on the encryption level for the connection.

A network node selectively encrypts messages between a user plane node and a control plane node in a network system. The user plane node and the control plane node negotiate a connection and indicate an encryption level for the connection. The encryption level is selected from an Information Element (IE) level, a message level, or a feature level. The user plane node and the control plane node selectively encrypt at least a portion of the messages between the user plane node and the control plane node based on the encryption level for the connection.

The present disclosure provides a method and a device used for wireless communications, comprising: transmitting a first transmission on a first SDU, including transmitting a first MAC PDU group; the first MAC PDU group at least comprises a first MAC PDU; receiving a first signaling and a first status report, the first signaling being used to indicate that a first ID is renewed as a second ID; the first status report is used to indicate that the first SDU is not received yet; and performing a second transmission on the first SDU, including transmitting a second MAC PDU group; the second MAC PDU group at least comprises a second MAC PDU; the first signaling is used to trigger the first status report. By transmitting the first SDU in a rational way, the present disclosure helps improve reliability and prevent risks in communications.

The present disclosure provides a method and a device used for wireless communications, comprising: transmitting a first transmission on a first SDU, including transmitting a first MAC PDU group; the first MAC PDU group at least comprises a first MAC PDU; receiving a first signaling and a first status report, the first signaling being used to indicate that a first ID is renewed as a second ID; the first status report is used to indicate that the first SDU is not received yet; and performing a second transmission on the first SDU, including transmitting a second MAC PDU group; the second MAC PDU group at least comprises a second MAC PDU; the first signaling is used to trigger the first status report. By transmitting the first SDU in a rational way, the present disclosure helps improve reliability and prevent risks in communications.

Embodiments herein relate to for example a method performed by a radio network node for handling a communication of a user equipment, UE, in a wireless communication network. The radio network node transmits a handover command for handing over the UE, from a source cell to a target cell, wherein a security parameter for encrypting data communicated between the radio network node and the UE is retained during the handover. Furthermore, the radio network node maintains a sequence number status for reception and/or transmission of a signalling radio bearer of the UE during the handover from the source cell to the target cell, and/or at a fallback from the target cell to the source cell, when the UE triggers the fallback to the source cell.

A base station for a mobile telecommunications system, comprising circuitry configured to: obtain time-sensitive network information or enhanced positioning assistance information; encrypt the time-sensitive network information or the enhanced positioning assistance information for including the encrypted time-sensitive network information or the encrypted enhanced positioning assistance information in system information; and transmit the system information to a user equipment in a cell, wherein the encryption is performed if the cell hosts and shares functionalities of a non-public cell and a public cell.

A technique for processing Bluetooth Mesh packets that comprise erroneous cyclic redundancy check (CRC) values. The disclosed mesh node receives packets, each of which comprising a Protocol Data Unit (PDU) and a cyclic redundancy check (CRC) field. The PDU comprises an AD Data field with multiple octets; the AD Data field itself comprises a Network Identifier (NID) field. After determining the value of the CRC field in a first packet to be invalid, and subject to further checks, the mesh node selects a selected set of one or more NID values, based on the validity of the value of the NID field in the first packet. The mesh node then processes at least some of the multiple octets in the AD Data field in the first packet in accordance with a set of network keys that hash to the one or more NID values in the selected set.

A technique for processing Bluetooth Mesh packets that comprise erroneous cyclic redundancy check (CRC) values. The disclosed mesh node receives packets, each of which comprising a Protocol Data Unit (PDU) and a cyclic redundancy check (CRC) field. The PDU comprises an AD Data field with multiple octets; the AD Data field itself comprises a Network Identifier (NID) field. After determining the value of the CRC field in a first packet to be invalid, and subject to further checks, the mesh node selects a selected set of one or more NID values, based on the validity of the value of the NID field in the first packet. The mesh node then processes at least some of the multiple octets in the AD Data field in the first packet in accordance with a set of network keys that hash to the one or more NID values in the selected set.

Disclosed are a terminal verification method, an AP device, a terminal and a system, wherein the AP device is an encrypted AP device. The method comprises: receiving a connection request sent by a first terminal, wherein the connection request comprises identification information of the first terminal; querying an authorization list according to the identification information of the first terminal, wherein the authorization list includes identification information of terminals located within a preset password-free range; and returning an authorization response to the first terminal when the authorization list includes the identification information of the first terminal, wherein the authorization response is used for instructing the first terminal to establish a network connection with the AP device. The AP device does not need to verify a first terminal located within a password-free range, thereby reducing the number of first terminals that require identity verification within a WLAN coverage range, reducing the resource consumption of the identity verification for the AP device, and enabling the use of a WLAN to be more convenient.

Disclosed are a terminal verification method, an AP device, a terminal and a system, wherein the AP device is an encrypted AP device. The method comprises: receiving a connection request sent by a first terminal, wherein the connection request comprises identification information of the first terminal; querying an authorization list according to the identification information of the first terminal, wherein the authorization list includes identification information of terminals located within a preset password-free range; and returning an authorization response to the first terminal when the authorization list includes the identification information of the first terminal, wherein the authorization response is used for instructing the first terminal to establish a network connection with the AP device. The AP device does not need to verify a first terminal located within a password-free range, thereby reducing the number of first terminals that require identity verification within a WLAN coverage range, reducing the resource consumption of the identity verification for the AP device, and enabling the use of a WLAN to be more convenient.