Abstract: A certificate notification method, including reporting a certificate of a first terminal to a server, obtaining public key maintenance information including a public key corresponding to a certificate of each of one or more terminals within a preset area range and certificate identification information corresponding to the certificate of the corresponding terminal, receiving a communication message including certificate identification information corresponding to a certificate of the second terminal and a signature generated by the second terminal, determining, according to certificate identification information and the public key maintenance information, a public key corresponding to the certificate of the second terminal, and verifying, according to the public key corresponding to the certificate of the second terminal, the signature generated by the second terminal.

Abstract: This application discloses a method applied to a scenario in which a terminal device moves from a first AN node to a second AN node. The method includes: receiving identification information of a to-be-activated session from the terminal device via the second AN node; sending a context release command to the first AN node when a signaling connection of the terminal device exits between an AMF node and the first AN node; receiving a context release complete message carrying identification information of an active session of the terminal device from the first AN node; when the to-be-activated session and the active session have a same session, sending a first request message to request to deactivate the same session to an SMF node corresponding to the same session; and after the same session is deactivated, sending, to the SMF node, a second request message to request to activate the same session.

Abstract: This application discloses an information exchange method and apparatus. In the method, a terminal device transmits attach request information to a core network device, receives attach accept information of the core network device, where the attach accept information includes a first integrity check code; the terminal device obtains a second integrity check code based on the attach accept information; and the terminal device obtains, if the first integrity check code is the same as the second integrity check code, a third integrity check code based on encrypted attach complete information, and transmits encrypted attach complete information to which the third integrity check code is added to the core network device. This reduces data exchange procedures, reduces an amount of data of exchanged information, and reduces a time consumed in an information exchange process performed between the terminal device and the core network device.

Abstract: This application provides a parameter protection method and device, and a system. The method includes: obtaining, by an authentication server function (AUSF) entity in a home public land mobile network (HPLMN), a key, where the key is used to protect transmission of a parameter between a terminal and the HPLMN; sending, by another entity in the HPLMN, the parameter to the AUSF entity, where the another entity is an entity that needs to send the parameter to the terminal; and performing, by the AUSF entity, security protection processing on the parameter based on a security algorithm and the key. The AUSF entity performs security protection processing on the parameter that needs to be sent to the terminal, and the HPLMN can protect the parameter that is to be sent to the terminal.

Abstract: In accordance with an embodiment, the application discloses a communication method, an apparatus, and a system, and relates to the communications field, to help a terminal device in an RRC-inactive state perform a mobility-triggered TAU. The method includes the operations of: in response to determining that a TAI of a location of a terminal device in an RRC-inactive state does not belong to a TAL of the terminal device, switching, by the terminal device, to a CM idle state; sending, by the terminal device, a registration request message to an AMF by using a target RAN node, where the registration request message is used to request to allocate a TAL to the terminal device; and receiving, by the terminal device by using the target RAN node, a registration accept message sent by the AMF, where the registration accept message includes the allocated TAL. Embodiments of this application are applied to a scenario in which the terminal device moves between registration areas.

Abstract: This application discloses a communications method and apparatus The method includes: receiving, by a radio access network (RAN) node, a first message from an access and mobility management function (AMF) node, where the first message includes specified area related information of a terminal device, and the specified area related information is used to indicate a specified area of the terminal device; and when the RAN node determines, based on the specified area related information and first location information of the terminal device, that the terminal device moves out of the specified area, sending, by the RAN node, the first location information or first indication information to the AMF node or an SMF node, where the first indication information is used to indicate that the terminal device already moves out of the specified area.

Abstract: Embodiments of the present disclosure disclose a session activation method, device, and system, and relate to the field of the communications technologies, to resolve an existing problem of relatively high signaling overheads during PDU session activation. The method includes: receiving, by a control plane node, indication information from an AMF node, where the indication information is used to indicate that the AMF node receives a service request message sent by a terminal device; and sending, by the control plane node, an identifier of a to-be-activated PDU session of the terminal device to an SMF node or the AMF node based on the indication information. The embodiments of the present disclosure are used in a PDU session activation process.

Abstract: Embodiments of the present disclosure disclose a method, an apparatus, and a system for data transmission. The method includes: broadcasting, by a relay device, a first message, where the first message is used to indicate that the relay device supports data forwarding; receiving, by the relay device, a second message from a remote device, where the second message includes data of the remote device; and sending, by the relay device, the data to a core network device based on the second message. In the present method, after receiving the first message broadcast by the relay device, the remote device directly sends the data of the remote device to the relay device without establishing a connection dedicated for transmitting the data of the remote device between the remote device and the relay device, thereby reducing signaling and reducing power consumption of the remote device.

Abstract: This application discloses a handover method to hand over relay UE and remote UE between different eNBs. The handover method includes: a source eNB determines based on a measurement report of the relay UE, to hand over the relay UE to a target eNB; sends a first handover required message to a source MME of the relay UE and sends a second handover required message to a source MME of the remote UE; the source MME sends a mobility management context of the remote UE and a mobility management context of the relay UE to a target MME to which the target eNB belongs; the target MME receives a redirection request message from the source MME; and sends information about the remote UE and information about the relay UE to the target eNB.

Abstract: This application provides a session processing method and device. The method includes: receiving, by an SMF entity, a PDU session establishment request, where the PDU session establishment request is used to request to establish a PDU session for a terminal device; determining, by the SMF entity based on reference information, to authenticate the PDU session; and sending, by the SMF entity, an authentication request to a third-party authentication entity by using a network exposure function NEF entity. A control-plane-based PDU session authentication manner is provided, so that the terminal device and the third-party authentication entity that is in a DN may be required to perform mutual authentication, and unauthorized user access may be rejected, thereby improving security of the DN, and reducing network resources.

Abstract: A status switching method and apparatus are provided, to resolve a problem that signaling overheads increase when a terminal fails to perform a service request procedure in MICO mode. The method includes: obtaining, by a first mobility management network element from a terminal device, indication information and identification information of the terminal device, where the indication information is used to indicate that the terminal device is in mobile initiated connection only MICO mode; and if there is no context information of the terminal device in the first mobility management network element, requesting, by the first mobility management network element, the context information from a second mobility management network element based on the indication information and the identification information.

Abstract: This application provides a communication method and a communications device. The method includes: obtaining, by a first communications device, authorization information, where the authorization information indicates that a second communications device is a device that needs to perform time synchronization; and providing, by the first communications device, time information for the second communications device based on the authorization information; or obtaining, by the first communications device, authorization information, where the authorization information indicates that the second communications device is not a device that needs to perform time synchronization; and skipping, by the first communications device, providing time information for the second communications device based on the authorization information, to avoid broadcasting the time information to all communications devices, so that a time synchronization service can be provided for a specific communications device.

Abstract: A communication method and a communications apparatus, the method including obtaining, by a session management function entity, parameter information, determining, by the session management function entity, an access technology type for a protocol data unit (PDU) session of a terminal device according to the parameter information, and sending, by the session management function entity, indication information to an access and mobility management function entity, where the indication information indicates the access technology type of the PDU session.

Abstract: Embodiments of the present disclosure relate to a data transmission method, user equipment, and a control plane node. User equipment (UE) determines a security attribute of a session of the UE; the UE sends a session establishment request message to a control plane node when the security attribute of the session of the UE does not meet a security requirement of an application. The session establishment request message is used to request to establish a session corresponding to the security requirement of the application. Embodiments of the disclosed method reduce an unnecessary signaling exchange caused by establishment of a new session in a data transmission process to facilitate meeting requirements of different services.

Abstract: This application discloses a communication method and a communications device, to resolve a problem of how to select a session manage function (SMF) entity for user equipment (UE). The method includes: determining, by a first SMF entity based on status information, to select an SMF entity for UE; and sending, by the first SMF entity, an indication message to an access and mobility management function (AMF) entity, where the indication message is used to instruct the AMF entity to select an SMF entity for the UE.

Abstract: Embodiments of this application provide a network handover method and a related device. The method includes: when receiving a user terminal handover request that is sent by a source radio access network node and that carries a target base station identifier, determining, by a source mobility management function entity based on the target base station identifier, to trigger inter-RAT network handover; sending a first message to a source session management function entity; receiving a second message sent by the source session management function entity, where the second message includes a session management context; and sending a relocation request to a target mobility management function entity, where the relocation request is used to instruct the target mobility management function entity to perform inter-RAT network handover on the user terminal. In this way, data continuity in an inter-RAT network handover process is ensured.

Abstract: An authorization and verification method including receiving, by a mobility management entity of a remote device, an initial device message sent by a base station, where the initial device message comprises a non-access stratum message of the remote device and an identifier of a relay device, triggering, by the mobility management entity of the remote device based on the initial device message, verification on an association relationship between the remote device and the relay device, and sending, by the mobility management entity of the remote device after determining that the association relationship is verified, an initial context setup request message to the base station.

Abstract: Embodiments of the present disclosure provide a session management method and an apparatus. The method includes: receiving, by a first session management SM entity, first session context information from a second SM entity; further, generating, by the first SM entity, second session context information based on the first session context information; and sending the second session context information to a terminal. As can be learned, a session in a tracking area update procedure of the terminal is updated in a scenario in which an MM entity and an SM entity are separated.

Abstract: The present invention provides a data transmission method and apparatus, where the method includes: performing, by UE, security processing on a NAS PDU by using a security parameter and a security algorithm, where data to be transmitted is encapsulated in the NAS PDU; and sending, by the UE, the NAS PDU to a serving SGSN by using an RNC. The present invention can improve efficiency of transmitting a small data packet, and further provide a security mechanism to ensure security of transmitting the small data packet.

Abstract: This application provides a handover method, including: determining, by a mobility management (MM) network element, to hand over a session management (SM) for a user equipment (UE), and selecting target SM network element; and triggering, by the mobility management network element, a process of setting up a channel by the target SM network element, where the channel includes a user plane data channel between a target user plane (UP) function entity and a target base station. Therefore, it is possible to hand over a network in which a control plane (CP) is separated from a UP and an MM and an SM in the CP are separated from each other.