Method, device, and system for authentication and authorization with edge data network

What is claimed is: 1 . A method for establishing a secured communication link between a terminal device and a computing network providing application services, performed by the terminal device in a communication network, the method comprising: generating a device computing key of the terminal device based on a unique identifier of the terminal device; generating a registration request signature based on raw data of a registration request with a configuration server of the computing network, an encryption key of an access server managing the terminal device, and a message counter recording a count of messages sent to the configuration server; and sending a first message comprising the device computing key and the registration request signature to the configuration server for requesting service grant with the computing network. 2 . The method of claim 1 , wherein the unique identifier of the terminal device comprises at least one of: a 5G Global Unique Temporary Identifier (5G-GUTI); or a subscription Permanent Identifier (SUPI); and wherein the unique identifier of the access server comprises a Globally Unique AMF ID (GUAMI). 3 . The method of claim 1 , wherein: the access server comprises at least one of: an Access and Mobility Management Function (AMF); or a Security Anchor Function (SEAF); and the computing network comprises at least one of: a configuration server; an enabling server; an application server; or an exposure server. 4 . The method of claim 1 , wherein the message counter comprises a Non Access Stratum (NAS) uplink counter. 5 . The method of claim 1 , wherein before generating the device computing key, the method further comprises generating a temporary identifier of the terminal device using a hash based secure algorithm, based on the encryption key of the access server, and the unique identifier of the terminal device. 6 . The method of claim 5 , wherein generating the device computing key comprises: generating the device computing key based on the temporary identifier of the terminal device and the unique identifier of the access server within the communication network. 7 . The method of claim 6 , wherein the device computing key is in a Network Access Identifier (NAI) format, and a username part of the device computing key comprises the unique identifier of the access server and the temporary identifier of the terminal device. 8 . The method of claim 1 , further comprising: receiving a first response message comprising a first registration response and a first registration response signature from the configuration server, wherein: the first registration response signature is encrypted based on raw data of the first registration response and a configuration server key of the configuration server computed by the access server, the access server is identified by the computing network via the device computing key, the configuration server key is encrypted based on the unique identifier of the terminal device, the encryption key of the access server managing the terminal device, and an identifier of the configuration server; computing a local copy of the configuration server key based on the unique identifier of the terminal device, the encryption key of the access server managing the terminal device, and the identifier of the configuration server; generating a local copy of the first registration response signature based on the raw data of the first registration response and the local copy of the configuration server key; comparing the local copy of the first registration response signature with the first registration response signature in the first response message; and in response to the two signatures matching, establishing the secured communication link between the terminal device and the configuration server. 9 . The method of claim 8 , wherein the first response message further comprises at least one of an identifier of an enabling server in the computing network associated with the configuration server or an identifier of an application server in the computing network associated with the configuration server. 10 . A computer program product comprising a non-transitory computer-readable program medium with computer code stored thereupon, the computer code, when executed by one or more processors, causing the one or more processors to implement a method of claim 1 . 11 . A method for authenticating a registration request from a terminal device performed by an access server, wherein the terminal device is managed by the access server and the method comprises: generating a temporary identifier of the terminal device using a hash based secure algorithm, based on an encryption key of the access server, and a unique identifier of the terminal device; and generating a device computing key of the terminal device based on the temporary identifier of the terminal device and the unique identifier of the access server; receiving a verification request from an exposure server in a computing network, wherein the verification request comprises at least one of: a registration request initiated from the terminal device, the registration request being forwarded to the exposure server by a configuration server in the computing network used for requesting terminal device access to the computing network; a registration request signature encrypted based on raw data of the registration request, and an encryption key of the access server; the device computing key of the terminal device; or an identifier of the configuration server; generating a local copy of the registration request signature based on raw data of the registration request and the encryption key of the access server; comparing the local copy of the registration request signature with the registration request signature in the verification request; and in response to the two signatures matching, sending a verification response to the exposure server. 12 . The method of claim 11 , wherein: before sending the verification response, the method further comprises generating a configuration server key of the configuration server based on the unique identifier of the terminal device, the encryption key of the access server, and an identifier of the configuration server; and in response to the two signatures matching, sending the verification response to the exposure server comprises in response to the two signatures matching, sending the verification response comprising the configuration server key to the exposure server. 13 . The method of claim 11 , wherein the unique identifier of the terminal device comprises at least one of: a 5G Global Unique Temporary Identifier (5G-GUTI); or a subscription Permanent Identifier (SUPI). 14 . The method of claim 11 , wherein the exposure server routes the verification request to the access server based on the device computing key. 15 . An access server comprising a memory for storing computer instructions and a processor in communication with the memory, wherein the processor, when executing the computer instructions, is configured to implement a method of claim 11 . 16 . A computer program product comprising a non-transitory computer-readable program medium with computer code stored thereupon, the computer code, when executed by one or more processors, causing the one or more processors to implement a method of claim 11 . 17 . A terminal device comprising a memory for storing computer instructions and a processor in communication with the memory, wherein, when the processor executes the computer inst