Abstract: Embodiments of this application provide a communication method, a system, and an apparatus. The method includes: A network device obtains at least one piece of location information based on at least one piece of first information in a plurality of pieces of information, where each piece of information corresponds to at least one terminal, and one piece of first information corresponds to the at least one piece of location information; and the network device determines at least one first location range based on the location information, where a terminal in the first location range receives and sends information abnormally. In embodiments of this application, an area in which the information is abnormally received and sent may be determined by detecting the information by the network device, and information receiving and sending of the terminal in the abnormal area may be further restricted.

Abstract: A secure communication method includes receiving, by a first network element, first information and a first signature from a network management network element. The first signature is generated based on a private key of the network management network element and the first information, and the first information is used to describe the first network element. The method also includes sending, by the first network element, the first information and the first signature to a certificate issuing network element. The first information is used to obtain a first certificate, and the first certificate is used to prove an identity of the first network element. The method further includes receiving, by the first network element, the first certificate from the certificate issuing network element.

Abstract: A communication method and apparatus are provided. The method includes: A network repository function network element receives a discovery request message including a type of a network element that requests to be discovered. The network repository function network element determines a second network element based on the type of the network element that requests to be discovered, and sends an identifier of a first dataset, a first token, and an identifier of the second network element to the first network element, where the first token authorizes the first network element to obtain the first dataset. According to the foregoing designs, the network repository function network element can provide, to the first network element, an identifier of a network element and information needed for obtaining the dataset, so that the first network element can determine, based on the dataset, whether to access the network element.

Abstract: This application discloses a communication control method and a communication apparatus, to provide a technical solution for performing communication control on a terminal device based on relative location information between terminal devices, so as to improve precision and flexibility of performing communication control such as access control or service control on the terminal device. In the method, a first network element obtains control indication information for a first terminal device from a second network element, where the control indication information includes a device identifier of a second terminal device that has a location binding relationship with the first terminal device. The first network element obtains relative location information between the first terminal device and the second terminal device. The first network element performs communication control on the first terminal device based on the control indication information and the relative location information.

Abstract: This application pertains to the field of communication technologies, and provides a communication method and apparatus, to implement false base station detection. A false base station may attack a terminal in a denial of service manner, and consequently, the terminal cannot access the false base station after selecting the false base station, in other words, the terminal fails to set up a connection to a cell. In this case, if a first message indicates that a first terminal fails to set up a connection to a cell, it may be determined, based on the first message, that a false base station attack exists in the cell, to implement false base station detection.

Abstract: Embodiments of this application provide a method for obtaining a security classification result and a communication apparatus. The method includes: A security function network element determines to perform security analytics on a target location area; and the security function network element determines a security classification result of the target location area based on first information, where the security classification result indicates a degree to which a potential attack exists in the target location area, the first information is related to behavior information of a terminal device in the target location area, and the behavior information includes traffic data and/or movement track information. According to this application, security analytics may be performed on a location area, to obtain a security classification result of the location area.

Abstract: This application provides a network verification method and apparatus. The method may include: A slice statistics network element (30) receives a slice registration request message (410) from a mobility management network element (20), where the slice registration request message (410) includes an identifier of a terminal device (10) and an identifier of a network slice. In response to the slice registration request message (410), the slice statistics network element (30) determines whether the terminal device (10) occupies a resource of the network slice. The slice statistics network element (30) determines, based on a determining result, whether to count the terminal device (10) into statistics about a terminal accessing the network slice.

Abstract: First user equipment generates a first temporary identifier based on a first key; the first user equipment sends a first request to second user equipment, where the first request is used to establish a communication connection between the first user equipment and the second user equipment, and the first request includes the first temporary identifier and a relay service code; and the first user equipment generates a shared key based on a second key and the relay service code, where the shared key is used to protect the communication connection between the first user equipment and the second user equipment.