| CPC H04L 63/205 (2013.01) [H04W 12/02 (2013.01); H04W 76/15 (2018.02); H04W 76/27 (2018.02); H04L 63/0428 (2013.01)] | 18 Claims |
|
1. A security protection method, comprising:
obtaining, by a master station, a user plane security policy of a session of a terminal, wherein the user plane security policy indicates whether two types of user plane security protection are enabled, wherein the two types of user plane security protection comprise user plane encryption protection and user plane integrity protection, and wherein the master station communicates with a secondary station under a dual connectivity scenario;
sending, by the master station to the secondary station, a first message comprising the user plane security policy, security capability of the terminal, and granularity information corresponding to the user plane security policy, wherein the granularity information comprises a session identifier indicating the session, and wherein the security capability includes at least a security algorithm supported by the terminal;
receiving, by the secondary station, the first message from the master station;
determining, by the secondary station, a user plane security algorithm based on the user plane security policy and the security capability;
sending, by the secondary station to the master station, a second message comprising an indication indicating a type of user plane security protection enabled by the secondary station; and
receiving, by the master station, the second message from the secondary station.
|