Method for managing pdu session in wireless communication system and device for same
US-2021211960-A1 · Jul 8, 2021 · US
Method for implementing user plane security policy, apparatus, and system
US12531872B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12531872-B2 |
| Application number | US-202418774168-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 16, 2024 |
| Priority date | Aug 13, 2018 |
| Publication date | Jan 20, 2026 |
| Grant date | Jan 20, 2026 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method includes receiving, by a policy control function entity, user plane security attribute requirement information that is of an application and that is from an application function. The user plane security attribute requirement information indicates a user plane security attribute requirement of the application. The method also include sending, by the policy control function entity, user plane security parameter information of a service data flow (SDF) to a session management function entity. The user plane security parameter information of the SDF is determined based on the user plane security attribute requirement of the application.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method, comprising: receiving, by a policy control function entity, user plane security attribute requirement information that is of an application and that is from an application function, wherein the user plane security attribute requirement information indicates a user plane security attribute requirement of the application; and sending, by the policy control function entity, user plane security parameter information of a service data flow (SDF) to a session management function entity, wherein the user plane security parameter information of the SDF is determined based on the user plane security attribute requirement of the application. 2 . The method according to the claim 1 , wherein the user plane security attribute requirement information is carried in application information. 3 . The method according to the claim 1 , wherein the user plane security attribute requirement information is carried in application information service information of the application. 4 . The method according to the claim 1 , wherein the user plane security attribute requirement information of the application indicates at least one of integrity protection or encryption needs to be performed on a data packet of the application. 5 . The method according to the claim 1 , wherein the user plane security parameter information of the SDF is carried in a policy and charging control rule. 6 . A method, comprising: receiving, by a session management function entity, user plane security parameter information that is of a service data flow (SDF) and that is from a policy control function entity, wherein the user plane security parameter information of the SDF is included in a policy and charging control rule, the user plane security parameter information of the SDF is determined based on a user plane security attribute requirement of an application, and the user plane security parameter information is used to indicate a user plane security parameter; and binding, by the session management function entity, the policy and charging control rule to a quality of service (QOS) flow based on the user plane security parameter of the SDF. 7 . The method according to claim 6 , wherein the binding the policy and charging control rule to the QoS flow based on the user plane security parameter comprises one or more of: in response to determining a first QoS flow that conforms to the user plane security parameter exists in established QoS flows, binding, by the session management function entity, the SDF of the application to the first QoS flow; or in response to determining no first QoS flow that conforms to the user plane security parameter exists in the established QoS flows, requesting, by the session management function entity, to establish a second QoS flow, wherein the second QoS flow conforms to the user plane security parameter. 8 . The method according to claim 6 , wherein user plane security parameters of service data flows being bound to one QoS flow are the same. 9 . The method according to the claim 6 , wherein the user plane security attribute requirement of the application indicates at least one of integrity protection or encryption needs to be performed on a data packet of the application. 10 . A communication apparatus, comprising: at least one processor; and at least one memory storing instructions that, when executed by the at least one processor, cause the communication apparatus to: receive user plane security attribute requirement information that is of an application and that is from an application function, wherein the user plane security attribute requirement information indicates a user plane security attribute requirement of the application; and send user plane security parameter information of a service data flow (SDF) to a session management function entity, wherein the user plane security parameter information of the SDF is determined based on the user plane security attribute requirement of the application. 11 . The communication apparatus according to claim 10 , wherein the user plane security attribute requirement information is carried in application information. 12 . The communication apparatus according to claim 10 , wherein the user plane security attribute requirement information is carried in service information of the application. 13 . The communication apparatus according to claim 10 , wherein the user plane security attribute requirement information of the application indicates at least one of integrity protection or encryption needs to be performed on a data packet of the application. 14 . The communication apparatus according to claim 10 , wherein the user plane security parameter information of the SDF is carried in a policy and charging control rule. 15 . The communication apparatus according to claim 10 , wherein the communication apparatus is a policy control function entity. 16 . A communication apparatus, comprising: at least one processor; and at least one memory storing instructions that, when executed by the at least one processor, cause the communication apparatus to: receive user plane security parameter information that is of a service data flow (SDF) and that is from a policy control function entity, wherein the user plane security parameter information of the SDF is included in a policy and charging control rule, the user plane security parameter information of the SDF is determined based on a user plane security attribute requirement of an application, and the user plane security parameter information is used to indicate a user plane security parameter; and bind the policy and charging control rule to a quality of service (QOS) flow based on at least the user plane security parameter of the SDF. 17 . The communication apparatus according to claim 16 , wherein the binding of the policy and charging control rule to the QoS flow based on the user plane security parameter comprises one or more of: in response to determining a first QoS flow that conforms to the user plane security parameter exists in established QoS flows, binding the SDF of the application to the first QoS flow; or in response to determining no first QoS flow that conforms to the user plane security parameter exists in established QoS flows, requesting to establish a second QoS flow, wherein the second QoS flow conforms to the user plane security parameter. 18 . The communication apparatus according to claim 16 , wherein user plane security parameters of service data flows being bound to one QoS flow are the same. 19 . The communication apparatus according to claim 16 , wherein the user plane security attribute requirement of the application indicates at least one of integrity protection or encryption needs to be performed on a data packet of the application. 20 . The communication apparatus according to claim 16 , wherein the communication apparatus is a session management function entity.
Assignees
Inventors
Classifications
taking into account QoS or priority requirements · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
at the network layer · CPC title
of the user plane, e.g. user's traffic · CPC title
Managing security policies for mobile devices or for controlling mobile applications · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12531872B2 cover?
- A method includes receiving, by a policy control function entity, user plane security attribute requirement information that is of an application and that is from an application function. The user plane security attribute requirement information indicates a user plane security attribute requirement of the application. The method also include sending, by the policy control function entity, user …
- Who is the assignee on this patent?
- Huawei Tech Co Ltd
- What technology area does this patent fall under?
- Primary CPC classification H04L63/102. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jan 20 2026 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).