Security implementation method, related apparatus, and system

What is claimed is: 1. A key derivation method in a handover of a user equipment (UE) from a fifth generation communications system to a Long Term Evolution (LTE) system, the method comprising: receiving, by the UE, a handover command comprising a security context from a first base station in the fifth generation communications system; wherein the security context comprises an LTE-related security protection algorithm identifier; deriving, by the UE, an intermediate security key (Kasme) of the LTE system based on an intermediate key (Kamf) of the fifth generation communications system; and obtaining, by the UE, an access stratum key based on a network parameter, the Kasme, and the security context, wherein the network parameter comprises an uplink non-access stratum (NAS) count value, wherein obtaining, by the UE, the access stratum key based on the network parameter, the Kasme, and the security context comprises: obtaining, by the UE, a key (KeNB) of a second base station in the LTE system based on the Kasme and the uplink NAS count value; and obtaining, by the UE, the access stratum key based on the KeNB and the LTE-related security protection algorithm identifier, wherein the access stratum key is used for protecting a communication between the UE and the second base station in the LTE system. 2. The key derivation method according to claim 1 , further comprising sending, by the UE, a handover complete message to at least one of the first base station or the second base station, wherein the first base station comprises a Next Generation NodeB (gNB), and wherein the second base station comprises an Evolved NodeB (eNB). 3. The key derivation method according to claim 1 , wherein deriving, by the UE, the intermediate security key (Kasme) of the LTE system based on the intermediate key (Kamf) of the fifth generation communications system comprises deriving, by the UE, the Kasme based on the Kamf and a downlink NAS count value. 4. The key derivation method according to claim 1 , wherein deriving, by the UE, the intermediate security key (Kasme) of the LTE system based on the intermediate key (Kamf) of the fifth generation communications system comprises deriving, by the UE, the Kasme based on the Kamf and the uplink NAS count value. 5. The key derivation method according to claim 1 , further comprising obtaining, by the UE, an NAS key based on the Kasme and the security context, wherein the NAS key is for protecting a second communication between the UE and an apparatus of a core network in the LTE system. 6. A user equipment (UE), comprising: a processor; and a memory storing computer program instructions which, when executed by the processor, cause the processor to: receive a handover command comprising a security context from a first base station in a fifth generation communications system; wherein the security context comprises a Long Term Evolution (LTE)-related security protection algorithm identifier; derive an intermediate security key (Kasme) of an LTE system based on an intermediate key (Kamf) of the fifth generation communications system; and obtain an access stratum key based on a network parameter, the Kasme, and the security context, wherein the network parameter comprises an uplink non-access stratum (NAS) count value, wherein obtaining the access stratum key based on the network parameter, the Kasme, and the security context comprises: obtaining a key (KeNB) of a second base station in the LTE system based on the Kasme and the uplink NAS count value; and obtaining the access stratum key based on the KeNB and the LTE-related security protection algorithm identifier, wherein the access stratum key is used for protecting a communication between the UE and the second base station in the LTE system. 7. The UE according to claim 6 , wherein the computer program instructions, when executed by the processor, further cause the processor to send a handover complete message to at least one of the first base station or the second base station, wherein the first base station comprises a Next Generation NodeB (gNB), and wherein the second base station comprises an Evolved NodeB (eNB). 8. The UE according to claim 6 , wherein the computer program instructions, when executed by the processor, further cause the processor to derive the Kasme based on the Kamf and a downlink NAS count value. 9. The UE according to claim 6 , wherein the computer program instructions, when executed by the processor, further cause the processor to derive the Kasme based on the Kamf and the uplink NAS count value. 10. The UE according to claim 6 , wherein the computer program instructions, when executed by the processor, further cause the processor to obtain an NAS key based on the Kasme and the security context, wherein the NAS key is for protecting a second communication between the UE and an apparatus of a core network in the LTE system. 11. The UE according to claim 10 , wherein the computer program instructions, when executed by the processor, further cause the processor to obtain the NAS key based on the Kasme and the LTE-related security protection algorithm identifier. 12. A non-transitory computer readable storage medium, wherein the computer readable storage medium stores instructions which, when executed by a processor, cause the processor to implement a method comprising: receiving a handover command comprising a security context from a first base station in a fifth generation communications system, wherein the security context comprises a Long Term Evolution (LTE)-related security protection algorithm identifier; deriving an intermediate security key (Kasme) of an LTE system based on an intermediate key (Kamf) of the fifth generation communications system; and obtaining an access stratum key based on a network parameter, the Kasme, and the security context, wherein the network parameter comprises an uplink non-access stratum (NAS) count value, wherein obtaining access stratum key based on the network parameter, the Kasme, and the security context comprises: obtaining a key (KeNB) of a second base station in the LTE system based on the Kasme and the uplink NAS count value; and obtaining the access stratum key based on the KeNB and the LTE-related security protection algorithm identifier, wherein the access stratum key is for protecting a communication between a user equipment (UE) and the second base station in the LTE system. 13. The non-transitory computer readable storage medium according to claim 12 , wherein the method further comprises sending a handover complete message to at least one of the first base station or the second base station, wherein the first base station comprises a Next Generation NodeB (gNB), and wherein the second base station comprises an Evolved NodeB (eNB). 14. The non-transitory computer readable storage medium according to claim 12 , wherein the method further comprises deriving the Kasme based on the Kamf and a downlink NAS count value. 15. The non-transitory computer readable storage medium according to claim 12 , wherein the method further comprises deriving the Kasme based on the Kamf and the uplink NAS count value. 16. The non-transitory computer readable storage medium according to claim 12 , wherein the method further comprises obtaining an NAS key based on the Kasme and the security context, and wherein the NAS key is for protecting a second communication between the UE and an apparatus of a core network in the LTE system. 17. The non-transitory computer readable storage medium according to claim 16 , wherein the method further comprises obtai