Method and device for applying user plane security policy for PDU session in wireless communication system

What is claimed is: 1. A method for determining a user plane security policy for a protocol data unit (PDU) session in a wireless communication system, the method comprising: receiving, by a session management function (SMF) managing a session for a user equipment (UE), first configuration information about a first user plane security policy of the UE from a unified data management (UDM) managing subscription information about the UE; receiving, by the SMF, second configuration information about a second user plane security policy to be applied to a specific service data flow from a policy and control function (PCF) managing a policy and charging control (PCC) rule; selecting, by the SMF, one of the first configuration information or the second configuration information according to priority based on service data flow identifier (SDF ID) and priority field; selecting, by the SMF, one of selected configuration information or security policy applied to the UE according to priority based on the priority field; and determining, by the SMF, a user plane security policy to be applied to the UE based on the selected configuration information or security policy applied to the UE according to priority. 2. The method of claim 1 , wherein a different user plane security policy is applied, per UE, to the specific service data flow, and wherein the determining comprises determining the user plane security policy to be applied to the UE based on information about the priority in case that at least one of the first configuration information and the second configuration information includes the information about the priority. 3. The method of claim 1 , wherein a different user plane security policy is applied, per UE, to the specific service data flow, and wherein the first configuration information received from the UDM takes priority over the second configuration information received from the PCF in determining the user plane security policy. 4. The method of claim 1 , wherein a user plane security policy different from another service data flow is applied to the specific service data flow, and wherein a same user plane security policy is commonly applied between UEs to which the specific service data flow is applied, and wherein the determining comprises determining the user plane security policy to be applied to the UE based on information about the priority in case that at least one of the first configuration information and the second configuration information includes the information about the priority. 5. The method of claim 1 , wherein a user plane security policy different from another service data flow is applied to the specific service data flow, and wherein the second configuration information received from the PCF takes priority over the first configuration information received from the UDM in determining the user plane security policy. 6. The method of claim 1 , further comprising creating and transmitting to a user plane function (UPF) in charge of transferring data in a user plane, by the SMF, a quality-of-service (QOS) enforcement rule (QER) including a packet detection rule (PDR) to be used upon classifying traffic in the UPF and information related to QoS enforcement of traffic identified by the PDR, based on the determined user plane security policy. 7. The method of claim 1 , further comprising transferring, by the SMF, a message including security indication information corresponding to the determined user plane security policy and quality-of-service flow identifier (QFI) to a base station linked to the UE through an access and mobility management function (AMF) managing mobility of the UE, wherein the security indication information includes at least one of ciphering information and integrity protection information. 8. The method of claim 7 , wherein the security indication information and the QFI are used for creation of a data radio bearer (DRB) for the specific service data flow. 9. A session management function (SMF) configured to manage a protocol data unit (PDU) session for a user equipment (UE) in a wireless communication system, the SMF comprising: a transceiver; and a processor configured to: receive, through the transceiver, a first user plane security policy of the UE and first configuration information about the first user plane security policy of the UE from a unified data management (UDM) configured to manage subscription information about the UE, receive, through the transceiver, second configuration information about a second user plane security policy to be applied to a specific service data flow from a policy and control function (PCF) configured to manage a policy and charging control (PCC) rule, select, by the SMF, one of the first configuration information or the second configuration information according to priority based on service data flow identifier (SDF ID) and priority field, select, by the SMF, one of selected configuration information or security policy applied to the UE according to priority based on the priority field, and determine a user plane security policy to be applied to the UE based on the selected configuration information or security policy applied to the UE according to priority. 10. The SMF of claim 9 , wherein a different user plane security policy is applied, per UE, to the specific service data flow, and wherein the processor is configured to determine the user plane security policy to be applied to the UE based on information about the priority in case that at least one of the first configuration information and the second configuration information includes the information about the priority. 11. The SMF of claim 9 , wherein a different user plane security policy is applied, per UE, to the specific service data flow, and wherein the first configuration information received from the UDM takes priority over the second configuration information received from the PCF in determining the user plane security policy. 12. The SMF of claim 9 , wherein a user plane security policy different from another service data flow is applied to the specific service data flow, and wherein a same user plane security policy is commonly applied between UEs to which the specific service data flow is applied, and wherein the processor is configured to determine the user plane security policy to be applied to the UE based on information about the priority in case that at least one of the first configuration information and the second configuration information includes the information about the priority. 13. The SMF of claim 9 , wherein a user plane security policy different from another service data flow is applied to the specific service data flow, and wherein the second configuration information received from the PCF takes priority over the first configuration information received from the UDM in determining the user plane security policy. 14. The SMF of claim 9 , wherein the processor is further configured to create and transmit to a user plane function (UPF), in charge of transferring data in a user plane, a quality-of-service (QOS) enforcement rule (QER) including a packet detection rule (PDR) to be used upon classifying traffic in the UPF and information related to QoS enforcement of traffic identified by the PDR, based on the determined user plane security policy. 15. The SMF of claim 9 , wherein the processor is further configured to transfer a message including security indication information corresponding to the determined user plane security policy and quality-of-service flow identifier (QFI) to a base station linked to the UE through an access and mobilit