Abstract: An example method includes: A data orchestration network element receives a first service request message, determines, based on requirement information on a first data and data service capability information having one-to-one correspondence with one or more data agent network elements, at least one data agent network element from the one or more data agent network elements and operation configuration information corresponding to each of the at least one data agent network element, and sends the operation configuration information. The requirement information is determined based on a service requested by the first service request message, the requirement information corresponds to at least one of the one or more pieces of data service capability information, and the operation configuration information of any one of the at least one data agent network element indicates an operation performed by the any one data agent network element on the first data.

Abstract: An example method includes: A domain data orchestration network element receives first requirement information, determines, based on the first requirement information on first data and one or more pieces of domain data service capability information that are in one-to-one correspondence with one or more domain data agent network elements, at least one domain data agent network element of the one or more domain data agent network elements and operation configuration information corresponding to each of the at least one domain data agent network element, and sends the operation configuration information. Wherein, the first requirement information corresponds to at least one of the one or more pieces of domain data service capability information, and the operation configuration information of any one of the at least one domain data agent network element indicates an operation performed by the any one domain data agent network element on the first data.

Abstract: An example method includes: A first data agent network element obtains first data, receives first indication information and second indication information, where the first indication information includes an indication of an operation performed by the first data agent network element on the first data, the second indication information indicates information about a first network element interacting with the first data agent network element, and the information about the first network element includes address information of the first network element or an identifier of the first network element, or is used to determine the address information that is of the first network element and that is reported by the first data agent network element. The first data agent network element performs the operation on the first data, to obtain first information and sends the first information based on the information about the first network element.

Abstract: A communication method includes: A terminal device determines a first identifier and first domain information, where the first identifier includes an encrypted identifier of the terminal device, and the first domain information indicates a domain in which a network element that manages data information of the terminal device is located. The terminal device sends the first identifier and the first domain information to a first network element. The method may be implemented with an apparatus.

Abstract: A method includes: receiving M scrambled models from M online service nodes; receiving descrambling secrets from T online service nodes, where a descrambling secret of any online service node is determined based on M first shared keys of the online service node corresponding to the M online service nodes and N?M second shared keys of the online service node corresponding to N?M offline service nodes; and determining an aggregated model, where disturbance vectors of the M scrambled models are determined based on the descrambling secrets from the at least T online service nodes, at least N?T+1 first subsecrets determined by each service node based on N first shared keys and a first disturbance item corresponding to the service node, and at least N?T+1 second subsecrets determined by the service node based on N second shared keys and a second disturbance item corresponding to the service node.

Abstract: This application provides a data packet processing method and apparatus, applied to a satellite communications system. An earth surface, space, and network space are divided based on a satellite constellation and an ephemeris of a satellite, and an identifier is allocated to each ground area, each space area, and each network that are sub-divisions of the earth surface, space and network space, to establish a fixed mapping relationship between the EID, the SID, and the NID. In addition, each satellite maintains mapping relationship information recording the mapping relationship. Unless a satellite joins the constellation or one satellite leave service, the mapping relationship recorded in the mapping relationship information does not need to be updated. Based on the mapping relationship information, a satellite may route a data packet, thereby reducing a large amount of signaling interaction caused by establishing and maintaining a routing table in the conventional manner.

Abstract: A data management method, a system, and a device are provided. An example method includes: A data storage entity receives a data access request and sends an access permission verification request to a distributed ledger node storing a data access policy of the client and/or a data access policy of the user. The distributed ledger node verifies, based on an identifier of a client and/or an identifier of a user in the access permission verification request and a distributed ledger, whether the client has data access permission, and sends a first access permission verification response to the data storage entity if the client has the data access permission, where the first access permission verification response indicates that the client has the data access permission. After receiving the first access permission verification response sent from the distributed ledger node, the data storage entity sends corresponding data to the client.

Abstract: This application provides a network function creation method and a communication apparatus. The network function creation method includes: A first entity receives a first request message, where the first request message is used to request to create or select a user network corresponding to a terminal device, and the first request message includes a user identifier of the terminal device. The first entity creates or selects a control plane function based on the user identifier, where the control plane function is used to create or select a user plane function corresponding to the control plane function, and the user plane function is used to support a subscription service corresponding to the user identifier. According to the network function creation method, the control plane function can be created, and the user plane function meeting all session subscriptions of a user can be created by using the control plane function.

Abstract: This application provides a network resource management method and a communication apparatus. The network resource management method includes: A first network element receives a first message from a second network element. The first message carries an identifier of a first terminal device, and the first message is used to request to create or select a first user service node corresponding to the first terminal device. Further, the first network element creates or selects the first user service node based on the identifier of the first terminal device, where the first user service node is configured to provide a network service for the first terminal device.

Abstract: This application discloses a communication method and apparatus, a storage medium, and a program product. The method includes: A server sends training information. The training information includes a global model in a previous round and identifiers of at least two second terminals that participate in a current round of training. A first terminal sends a local model of the first terminal. The local model is obtained based on the global model in the previous round and a shared key. The server receives local models of the at least two second terminals, and aggregates the local models of the at least two second terminals based on a shared key between the at least two second terminals, to obtain an updated global model in the current round. According to the solutions of this application, security in a neural network training process is improved.

Abstract: This application relates to the field of wireless communications technologies, and discloses a satellite location information transmission method, and related apparatus, system, and storage medium. The method includes: receiving satellite location information sent by at least one satellite base station, where the satellite location indicates a location of a satellite base station in a satellite orbit; determining a target satellite base station among the at least one satellite base station based on the received satellite location information; and initiating a random access process to the target satellite base station. The technical solutions provided in the embodiments of this application can reduce UE power consumption.

Abstract: A communication system, method, and apparatus are provided. The communication system includes a first edge cloud deploying first group of user service nodes (USNs) that form a hash ring corresponding to the first edge cloud and a second edge cloud deploying a second group of USNs that form a hash ring corresponding to the second edge cloud. A USN is configured to provide a service for a terminal device corresponding to the USN. The communication system may further include a mapping system including one or more distributed mapping nodes that store information about the USNs on the first and second edge cloud. The information about a USN includes identification information of the USN and identification information of the terminal device corresponding to the USN. When the mapping system includes a plurality of distributed mapping nodes, the mapping nodes form one or more hash rings corresponding to the mapping system.

Abstract: Examples in this application disclose satellite network communication methods, communications apparatuses, and communications systems. One example method includes determining, by a user device, address information of the user device, where the address information includes a second sub-area identifier and a user device identifier (UDID) of the user device, and the second EID indicates a second sub-area which the user device is currently located in, and the second sub-area is one of a plurality of sub-areas divided from earth surface, and sending, by the user device, the address information to a first satellite.

Abstract: The technology of this application relates to a user data management method and a related device, to improve user information security. The method in embodiments of this application includes a data request device sends a first request to a blockchain platform, where the first request indicates that the data request device needs to access a data storage device. The data request device receives first permission information sent by the blockchain platform, where the first permission information indicates whether the data request device has permission to access the data storage device. If the first permission information indicates that the data request device has the permission to access the data storage device, the data request device sends a second request to the data storage device, where the second request includes an access address.

Abstract: Embodiments of this application provide a user data management method and a related device, to improve user data security. The method includes: A data request device sends a first request to a blockchain platform, where the first request indicates that the data request device needs to access a data storage device. The data request device receives first permission information sent by the blockchain platform, where the first permission information indicates whether the data request device has permission to access the data storage device, and the permission is related to signature information of the data request device, an access type, and an operator public key; and sends a second request to the data storage device if the first permission information indicates that the data request device has the permission to access the data storage device, where the second request includes an access address and an operator private key signature.

Abstract: A communication method and a communication system. The method may include: A first network device generates a node identifier, where the node identifier includes a global part and a local part, and the global part is determined based on geographical location information of a region covered by a second network device in which a node is located, for example, the second network device may be a device in mobile edge computing (MEC), and the local part is determined based on identity information of a terminal device associated with the node. The first network device sends the node identifier to the terminal device. In embodiments of this application, the geographical location information is introduced into the node identifier, so that a node that is identified nearby in space can also be short-distance in a physical network, thereby reducing an end-to-end latency.

Abstract: This disclosure provides a communication system and a communication method. The communication system may include a network service node (NSN) and a user service node (USN). The NSN communicates with the USN through an external interface. The NSN includes an authentication function entity and/or an access management function entity. The USN is associated with one more terminal devices. The USN includes the following function entities: a data forwarding function entity, a session management function entity, and a user data storage function entity. The function entities included in the USN communicate with each other through an internal interface. Based on the function entities included in the USN, the USN may provide a basic network service for the associated one or more terminal devices.

Abstract: This application provides methods and apparatuses for communication. In an example method, a first digital reflection (DR) receives a first message, where the first message includes data to be sent to a first terminal device and an identifier of the first terminal device, and the first DR is associated with the first terminal device. The first DR transmits the data to the first terminal device based on a local locator (LLOC) of the first terminal device, where the first DR stores a twin-globally unique temporary identity (TWIN-GUTI) of the first terminal device, the TWIN-GUTI includes the LLOC, the LLOC corresponds to the identifier of the first terminal device, the first DR is deployed on first multi-access edge computing (MEC), and the TWIN-GUTI is generated by the first MEC.

Abstract: This disclosure provides methods and apparatuses for association between communication devices. One method includes: sending, by a terminal device to a network device, a first message for establishment of an association relationship between the terminal device and a digital reflection (DR), wherein the first message comprises a first twin-globally unique temporary identity (TWIN-GUTI) of the terminal device, and wherein the first TWIN-GUTI comprises a first temporary identity (DRTI) of the DR and a globally unique identity (GUMEI) of first multi-access edge computing (MEC), and receiving, by the terminal device from the DR, a response message.

Abstract: The present disclosure relates to mutual authentication methods and apparatuses. In one example method, a digital reflection (DR) sends a first message to a terminal device, where the first message includes a first DR public key that is a public key of the DR signed by using a private key of a home network. The DR encrypts a first random number by using a second terminal device public key. The DR sends a second message to the terminal device, where the second message includes the first random number encrypted by using the second terminal device public key. The DR receives a second response message sent by the terminal device, where the second response message includes an encrypted first random number encrypted by using a second DR public key. The DR decrypts the encrypted first random number by using a private key of the DR to obtain the first random number.