Communication method and communication apparatus

By employing asymmetric privacy protection methods in terminal devices and access network equipment for data processing, the privacy protection problem of access network equipment acquiring user data is solved, thus achieving the security and privacy protection of user data.

WO2026145153A1PCT designated stage Publication Date: 2026-07-09HUAWEI TECH CO LTD

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Current Assignee / Owner
HUAWEI TECH CO LTD
Filing Date
2025-12-23
Publication Date
2026-07-09

AI Technical Summary

Technical Problem

In data processing solutions for access network equipment, how can we protect user data privacy and prevent data leakage?

Method used

An asymmetric privacy protection method is adopted, which obtains the privacy protection configuration through the terminal device and the access network equipment, and performs noise addition processing, bit random response processing, data transformation processing or differential privacy blurring processing to ensure that the access network equipment cannot recover the original data.

Benefits of technology

It improves the security of user data, achieves privacy protection for user data, and reduces the risk of data leakage.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN2025144727_09072026_PF_FP_ABST
    Figure CN2025144727_09072026_PF_FP_ABST
Patent Text Reader

Abstract

The present application provides a communication method and a communication apparatus, which are applicable to a communication system, and can mitigate the problem of user data leakage, thereby improving the security of user data and implementing privacy protection of user data. The communication method comprises: a terminal apparatus acquires a first privacy protection configuration, wherein the first privacy protection configuration is used to determine a first privacy protection method and parameters for performing privacy protection processing on data by using the first privacy protection method, and the first privacy protection method is an asymmetric privacy protection method; and the terminal apparatus sends first information, the first information comprising first data obtained after the privacy protection processing has been performed on user data on the basis of the first privacy protection configuration.
Need to check novelty before this filing date? Find Prior Art

Description

Communication methods and communication devices

[0001] This application claims priority to Chinese Patent Application No. 202411999189.X, filed with the State Intellectual Property Office of China on December 31, 2024, entitled "Communication Method and Communication Device", the entire contents of which are incorporated herein by reference. Technical Field

[0002] This application relates to the field of communication technology, and in particular to a communication method and communication device. Background Technology

[0003] Some functions of terminal devices can be achieved with the assistance of a cloud platform. In this process, the terminal device needs to transmit the user's raw data to the access network device after privacy protection, and then the access network device transmits it to the cloud platform. The cloud platform can obtain the user's raw data from the received data and process it.

[0004] In some scenarios, access network devices can also be used for data processing. If cloud service mechanisms are applied to access network devices, they can acquire user data. Therefore, in solutions where access network devices are used for data processing, how to protect the privacy of user data is a pressing technical issue that needs to be addressed. Summary of the Invention

[0005] This application provides a communication method and a communication device that can improve the problem of user data leakage, thereby enhancing the security of user data and achieving user data privacy protection.

[0006] To achieve the above objectives, this application adopts the following technical solution:

[0007] In a first aspect, a communication method is provided. The communication method includes: a terminal device acquiring a first privacy protection configuration, wherein the first privacy protection configuration is used to determine a first privacy protection method and parameters for performing privacy protection processing on data using the first privacy protection method, the first privacy protection method being an asymmetric privacy protection method; the terminal device sending first information, the first information including first data after performing privacy protection processing on user data according to the first privacy protection configuration.

[0008] Based on the communication method provided in the first aspect, in this communication method, the terminal device can obtain a first privacy protection configuration and send first data processed according to the first privacy protection configuration. Since the privacy protection method determined by the first privacy protection configuration is an asymmetric privacy protection method, the device that receives the first data after privacy protection processing, such as the access network device, cannot obtain the data before privacy protection based on the first data, thereby improving the security of user data and realizing the privacy protection of user data.

[0009] As an example, a terminal device can be a terminal equipment, a communication module, a circuit or chip responsible for communication functions, a chip system, or other components or parts. This communication module, circuit or chip responsible for communication functions, chip system, or other components or parts can be used in a terminal equipment.

[0010] In one possible implementation, the first privacy protection method includes at least one of the following: noise addition processing, bit random response processing, data transformation processing, or differential privacy blurring processing. This allows for privacy protection of application data on the terminal device side, while the access network device cannot directly recover the original data during processing.

[0011] In one possible implementation, the terminal device obtains the first privacy protection configuration by receiving second information, which is used to indicate the first privacy protection configuration. In this way, network-side devices, such as access network devices or core network elements, can select a privacy protection configuration that matches the capabilities of the service nodes in the communication system based on the capabilities of the access network devices, thereby balancing privacy protection and quality of service.

[0012] In one possible implementation, the second information includes parameters for privacy-preserving data processing using the first privacy-preserving method; or, the second information includes an identifier of the first privacy-preserving configuration. When the second information includes parameters for privacy-preserving data processing using the first privacy-preserving method, these parameters can be indicated by other terminal devices, making the privacy-preserving scheme more flexible. When the second information includes an identifier of the first privacy-preserving configuration, the amount of data in the second information can be reduced, thereby lowering overhead.

[0013] In one possible implementation, the terminal device obtains a first privacy protection configuration by: receiving at least one candidate privacy protection configuration from an access network device; and determining the first privacy protection configuration from the at least one candidate privacy protection configuration. This allows the terminal device to select from multiple privacy protection configurations, providing greater flexibility in the privacy protection configuration scheme.

[0014] In one possible implementation, the first privacy protection configuration is determined based on at least one of the following: third information, fourth information, or fifth information, wherein the third information is used to indicate the service processing method of the terminal device, or the third information is used to indicate the service processing method and privacy protection requirements of the terminal device. The fourth information includes the privacy protection configuration preferred by the terminal device and / or the privacy protection method supported by the terminal device; the privacy protection configuration preferred by the terminal device includes the first privacy protection configuration, and the privacy protection method supported by the terminal device includes the first privacy protection method; the fifth information is used to indicate the processing capabilities of the access network device. In this way, the scope of the privacy protection configuration can be reduced, thereby reducing computational complexity.

[0015] For example, privacy protection requirements include at least one of the following: expected differential privacy budget, K-anonymity, I-diversity, privacy information metric, image structural similarity metric, kernel-aware distance, perturbation percentage, distance or similarity metric of embedding vectors.

[0016] In one possible implementation, if the information used to determine the first privacy protection configuration includes third information, the method provided by the first aspect further includes: the terminal device sending the third information. Alternatively, if the information used to determine the first privacy protection configuration includes fourth information, the method provided by the first aspect further includes: the terminal device sending the fourth information. That is, the terminal device can indicate the third or fourth information, which makes the obtained privacy protection configuration more compatible with the terminal device and reduces the processing complexity of the terminal device.

[0017] In one possible implementation, the terminal device obtains a first privacy protection configuration by: the terminal device determining the first privacy protection configuration based on the processing capabilities of the access network device and third information. The third information is used to indicate the terminal device's service processing method, or it is used to indicate the terminal device's service processing method and privacy protection requirements, with the first privacy protection configuration satisfying the privacy protection requirements. In this way, the terminal device can determine the privacy protection configuration itself, reducing interaction between the terminal device and other devices, thereby reducing resource overhead.

[0018] In one possible implementation, the method provided in the first aspect further includes: the terminal device sending sixth information to the access network device, the sixth information being used to request the processing capability of the access network device; the terminal device receiving fifth information from the access network device; wherein the fifth information is used to indicate the processing capability of the access network device. In this way, the terminal device can trigger the acquisition of the access network device's processing capability, which can reduce resource overhead and, more importantly, obtain a more accurate understanding of the access network device's processing capability.

[0019] In one possible implementation, the method provided in the first aspect further includes: the terminal device sending seventh information to the access network device, the seventh information being used to determine the data processing method or the privacy-preserving data enhancement method. This allows the access network device to obtain the data processing method or privacy-preserving data enhancement method corresponding to the privacy-preserving method on the terminal device, thereby improving the accuracy of the data processing results.

[0020] Secondly, a communication method is provided. This communication method includes: an access network device acquiring a first privacy protection configuration, wherein the first privacy protection configuration is used to determine a first privacy protection method and parameters for privacy protection processing of data using the first privacy protection method, the first privacy protection method being an asymmetric privacy protection method; the access network device sending second information to a terminal device, the second information being used to instruct the first privacy protection configuration; and the access network device receiving first information from the terminal device, the first information including first data after privacy protection processing of user data according to the first privacy protection configuration.

[0021] Based on the method provided in the second aspect, the access network device obtains a first privacy protection configuration and sends the first privacy protection configuration to the terminal device, so that the terminal device can process data according to the first privacy protection configuration. Since the privacy protection method determined by the first privacy protection configuration is an asymmetric privacy protection method, the device that receives the first data after privacy protection processing, such as the access network device, cannot obtain the data before privacy protection based on the data after privacy protection processing, thereby improving the security of user data and realizing the privacy protection of user data.

[0022] As an example, an access network device can be a communication module, a circuit or chip responsible for communication functions, a chip system, or other components or parts. This communication module, circuit or chip responsible for communication functions, chip system, or other components or parts can be used in the access network device.

[0023] In one possible implementation, the first privacy protection method includes at least one of the following: noise addition processing, bit random response processing, data transformation processing, or differential privacy blurring processing.

[0024] In one possible implementation, the access network device obtains a first privacy protection configuration by: the access network device sending third information to a core network element, the third information indicating the service processing method of the terminal device, or the third information indicating the service processing method and privacy protection requirements of the terminal device. The first privacy protection configuration satisfies the privacy protection requirements; the access network device receives second information from the core network element, the second information indicating the first privacy protection configuration.

[0025] In some examples, privacy protection requirements include at least one of the following: desired differential privacy budget, K-anonymity, I-diversity, privacy information metric, image structure similarity metric, kernel-aware distance, perturbation percentage, embedding vector distance, or similarity metric, with the first privacy protection configuration satisfying the privacy protection requirements.

[0026] In one possible implementation, the method provided by the second aspect further includes: the access network device sending fifth information to the core network element, the fifth information being used to indicate the processing capability of the access network device; the access network device receiving eighth information from the core network element, the eighth information being used to determine one or more of the following: the data processing method or the method for enhancing privacy-preserving data; wherein the eighth information is determined based on the processing capability of the access network device.

[0027] In one possible implementation, the access network device obtains a first privacy protection configuration, including: the access network device receiving third information from a terminal device, the third information being used to indicate the service processing method of the terminal device, or the third information being used to indicate the service processing method and privacy protection requirements of the terminal device, the first privacy protection configuration satisfying the privacy protection requirements; and the access network device determining the first privacy protection configuration based on the third information and the processing capability of the access network device.

[0028] Furthermore, the technical effects of the communication method described in the second aspect can be referred to the technical effects of the communication method described in the first aspect, and will not be repeated here.

[0029] Thirdly, a communication method is provided, comprising: an access network device acquiring multiple candidate privacy protection configurations; the access network device sending the multiple candidate privacy protection configurations to a terminal device, wherein each candidate privacy protection configuration is used to determine a privacy protection method corresponding to each candidate privacy protection configuration and parameters for performing privacy protection processing on data using the privacy protection method, wherein the privacy protection method is an asymmetric privacy protection method; and the access network device receiving first information from the terminal device, the first information including first data after performing privacy protection processing on user data according to a first privacy protection configuration, wherein the first privacy protection configuration is one of the multiple candidate privacy protection configurations.

[0030] Based on the method provided in the third aspect, the access network device can indicate multiple candidate privacy protection configurations to the terminal device. The terminal device can send data according to the first privacy protection configuration among the multiple candidate privacy protection configurations. Since the privacy protection method determined by the first privacy protection configuration is an asymmetric privacy protection method, the device that receives the first data after privacy protection processing, such as the access network device, cannot obtain the data before privacy protection based on the data after privacy protection processing. This can improve the security of user data and realize the privacy protection of user data.

[0031] Fourthly, a communication method is provided. The communication method includes: an access network device sending fifth information to a terminal device; wherein the fifth information is used to indicate the processing capability of the access network device; and the access network device receiving seventh information from the terminal device, the seventh information being used to determine a data processing method or a method for enhancing privacy-preserving data, wherein the seventh information is determined based on the processing capability of the access network device.

[0032] Based on the method provided in the fourth aspect, the access network device can send its processing capabilities and receive a method for determining the data processing method or the enhancement method for privacy-protecting data. In this way, the access network device can improve the accuracy of the data processing results by processing the data according to the privacy protection configuration on the terminal device.

[0033] As an example, an access network device can be a communication module, a circuit or chip responsible for communication functions, a chip system, or other components or parts. This communication module, circuit or chip responsible for communication functions, chip system, or other components or parts can be used in the access network device.

[0034] In one possible implementation, before the access network device sends the fifth information, the communication method provided by the fourth aspect further includes: the access network device receiving a sixth information from the terminal device, the sixth information being used to request the processing capability of the access network device.

[0035] Fifthly, a communication method is provided. This communication method includes: a core network element receiving third information, the third information being used to indicate a service processing mode of a terminal device, or the third information being used to indicate a service processing mode and privacy protection requirements of the terminal device. The core network element sends second information; the second information is used to indicate a first privacy protection configuration, the first privacy protection configuration being used to determine a first privacy protection method and parameters for performing privacy protection processing on data using the first privacy protection method, the first privacy protection method being an asymmetric privacy protection method; the second information is determined based on the third information.

[0036] Based on the method provided in the fifth aspect, core network elements can determine a first privacy protection configuration according to the data processing method indicated by the terminal device, or the data processing method and privacy protection requirements. Since the privacy protection method determined by the first privacy protection configuration is an asymmetric privacy protection method, devices that receive data after privacy protection processing, such as access network devices, cannot obtain the data before privacy protection based on the data after privacy protection processing. This can improve the security of user data and realize the privacy protection of user data.

[0037] In some examples, privacy protection requirements include at least one of the following: expected differential privacy budget, K-anonymity, I-diversity, privacy information metric, image structural similarity metric, kernel-aware distance, percentage of perturbation, distance between embedding vectors, or similarity metric.

[0038] As an example, a core network element can be a network device, a communication module, a circuit or chip responsible for communication functions, a chip system, or other components or parts. This communication module, circuit or chip responsible for communication functions, chip system, or other components or parts can be used in network devices.

[0039] In one possible implementation, the second information includes: parameters for privacy-preserving data processing using the first privacy-preserving method; or, the second information includes an identifier of the first privacy-preserving configuration.

[0040] In one possible implementation, the first privacy protection configuration is determined based on third information and the processing capabilities of the access network device.

[0041] In one possible implementation, the method provided in the fifth aspect further includes: the core network element sending eighth information, the eighth information being used to determine one or more of the following: the data processing method or the method for enhancing privacy-preserving data, wherein the eighth information is determined based on the processing capability of the access network device.

[0042] In one possible implementation, the method provided in the fifth aspect further includes: the core network element receiving fifth information from the access network device, the fifth information being used to indicate the processing capability of the access network device.

[0043] Furthermore, the technical effects of the communication method described in the fifth aspect can be referred to the technical effects of the communication method described in the first aspect, and will not be repeated here.

[0044] Sixthly, a communication device is provided. This communication device is used to execute the communication method described in any one of the implementations of the first to fifth aspects.

[0045] In this application, the communication device described in the sixth aspect can be a terminal device, a communication module, a circuit with communication function, a chip, a chip system, or other components or assemblies. The communication module, the circuit with communication function, the chip, the chip system, or other components or assemblies can be applied in the terminal device. Alternatively, the communication device can be a network device (such as a radio access network (RAN) node), a communication module, a circuit with communication function, a chip, a chip system, or other components or assemblies. The communication module, the circuit with communication function, the chip, the chip system, or other components or assemblies can be applied in the network device.

[0046] It should be understood that the communication apparatus described in the sixth aspect includes modules, units, or means that implement the communication methods described in any of the first to fifth aspects. These modules, units, or means can be implemented in hardware, software, or by hardware executing corresponding software. The hardware or software includes one or more modules or units for performing the functions involved in the aforementioned communication methods.

[0047] A seventh aspect provides a communication device. The communication device includes a processor configured to execute the communication method described in any of the possible implementations of the first to fifth aspects.

[0048] In one possible implementation, the communication device described in the seventh aspect may further include a transceiver. The transceiver may be a transceiver circuit or an interface circuit. The transceiver can be used for communication between the communication device described in the seventh aspect and other communication devices.

[0049] In one possible implementation, the communication device described in the seventh aspect may further include a memory. This memory may be integrated with the processor or disposed separately. The memory may be used to store computer programs (or code instructions or program instructions) and / or data related to the communication method described in any of the first to fifth aspects.

[0050] In this application, the communication device described in the seventh aspect can be a terminal device, a communication module, a circuit with communication function, a chip, a chip system, or other components or assemblies. The communication module, the circuit with communication function, the chip, the chip system, or other components or assemblies can be applied in a terminal device. Alternatively, the communication device can be a network device, a communication module, a circuit with communication function, a chip, a chip system, or other components or assemblies. The communication module, the circuit with communication function, the chip, the chip system, or other components or assemblies can be applied in a network device.

[0051] Eighthly, a communication device is provided. The communication device includes a processor coupled to a memory, the processor executing a computer program stored in the memory, such that the communication device performs the communication method described in any possible implementation of the first to fifth aspects.

[0052] In one possible implementation, the communication device described in the eighth aspect may further include a transceiver. The transceiver may be a transceiver circuit or an interface circuit. The transceiver can be used for communication between the communication device described in the eighth aspect and other communication devices.

[0053] In this application, the communication device described in the eighth aspect can be a terminal device, a communication module, a circuit with communication function, a chip, a chip system, or other components or assemblies. The communication module, the circuit with communication function, the chip, the chip system, or other components or assemblies can be applied in a terminal device. Alternatively, the communication device can be a network device, a communication module, a circuit with communication function, a chip, a chip system, or other components or assemblies. The communication module, the circuit with communication function, the chip, the chip system, or other components or assemblies can be applied in a network device.

[0054] A ninth aspect provides a communication device, comprising: a processor and a memory; the memory being used to store a computer program, which, when executed by the processor, causes the communication device to perform the communication method described in any one of the first to fifth aspects.

[0055] In one possible implementation, the communication device described in the ninth aspect may further include a transceiver. The transceiver may be a transceiver circuit or an interface circuit. The transceiver can be used for communication between the communication device described in the ninth aspect and other communication devices.

[0056] In this application, the communication device described in the ninth aspect can be a terminal device, a communication module, a circuit with communication function, a chip, a chip system, or other components or assemblies. The communication module, the circuit with communication function, the chip, the chip system, or other components or assemblies can be applied in a terminal device. Alternatively, the communication device can be a network device, a communication module, a circuit with communication function, a chip, a chip system, or other components or assemblies. The communication module, the circuit with communication function, the chip, the chip system, or other components or assemblies can be applied in a network device.

[0057] A tenth aspect provides a communication device comprising: a processor; the processor being configured to be coupled to a memory, and after reading a computer program from the memory, to execute a communication method as described in any one of the first to fifth aspects according to the computer program.

[0058] In one possible implementation, the communication device described in the tenth aspect may further include a transceiver. The transceiver may be a transceiver circuit or an interface circuit. The transceiver can be used for communication between the communication device described in the tenth aspect and other communication devices.

[0059] In this application, the communication device described in the tenth aspect can be a terminal device, a communication module, a circuit with communication function, a chip, a chip system, or other components or assemblies. The communication module, or the circuit, chip, chip system, or other components or assemblies with communication function can be applied in the terminal device. Alternatively, the communication device can be a network device (such as a radio access network (RAN) node), a communication module, a circuit, chip, chip system, or other components or assemblies with communication function. The communication module, the circuit, chip, chip system, or other components or assemblies with communication function can be applied in the network device.

[0060] Eleventhly, a communication system is provided. The communication system includes one or more terminal devices and one or more network devices.

[0061] In a twelfth aspect, a computer-readable storage medium is provided, comprising: a computer program or instructions; when the computer program or instructions are executed on a computer, the computer causes the computer to perform the communication method described in any possible implementation of the first to fifth aspects.

[0062] In a thirteenth aspect, a computer program product is provided, comprising a computer program or instructions that, when executed on a computer, cause the computer to perform the communication method described in any one of the possible implementations of the first to fifth aspects.

[0063] Furthermore, the technical effects of the sixth to thirteenth aspects mentioned above can be referred to with reference to the technical effects of the communication methods described in the first to fifth aspects, and will not be repeated here. Attached Figure Description

[0064] Figure 1 is a schematic diagram of the architecture of the communication system provided in an embodiment of this application;

[0065] Figure 2 is a schematic diagram of the existing privacy protection process;

[0066] Figure 3 is a flowchart illustrating a privacy protection method provided in an embodiment of this application;

[0067] Figure 4 is a flowchart illustrating another privacy protection method provided in an embodiment of this application;

[0068] Figure 5 is a flowchart illustrating a privacy protection method provided in an embodiment of this application;

[0069] Figure 6 is a flowchart illustrating another privacy protection method provided in an embodiment of this application;

[0070] Figure 7 is a schematic diagram of the communication device provided in an embodiment of this application;

[0071] Figure 8 is a schematic diagram of the structure of the communication device provided in the embodiment of this application. Detailed Implementation

[0072] The technical solutions of this application embodiment can be applied to various communication systems, such as wireless fidelity (WiFi) systems, vehicle-to-everything (V2X) communication systems, device-to-device (D2D) communication systems, vehicle-to-everything (V2X) communication systems, 4th generation (4G) mobile communication systems, such as long term evolution (LTE) systems, 5th generation (5G) mobile communication systems, such as new radio (NR) systems, and future communication systems, etc.

[0073] This application will present various aspects, embodiments, or features relating to systems that may include multiple devices, components, modules, etc. It should be understood and appreciated that individual systems may include additional devices, components, modules, etc., and / or may not include all the devices, components, modules, etc. discussed in conjunction with the accompanying drawings. Furthermore, combinations of these approaches are also possible.

[0074] Furthermore, in the embodiments of this application, words such as "exemplarily" and "for example" are used to indicate that something is an example, illustration, or description. Any embodiment or design that is described as an "example" in this application should not be construed as being better or more advantageous than other embodiments or designs. Rather, the use of the word "example" is intended to present the concept in a specific manner.

[0075] First, in this application, "for indicating" can include both direct and indirect indication. When describing "information" for indicating A, it can include whether the information directly indicates A or indirectly indicates A, but does not necessarily mean that the information carries A.

[0076] The information indicated by a given piece of information is called the information to be indicated. In the specific implementation process, there are many ways to indicate the information to be indicated, such as, but not limited to, directly indicating the information to be indicated, such as the information to be indicated itself or its index. It can also be indirectly indicated by indicating other information, where there is a relationship between the other information and the information to be indicated. It can also indicate only a part of the information to be indicated, while the other parts are known or pre-agreed upon. For example, the indication of specific information can be achieved by using a pre-agreed (e.g., protocol-defined) arrangement of various pieces of information, thereby reducing the indication overhead to some extent. At the same time, common parts of various pieces of information can be identified and indicated uniformly to reduce the indication overhead caused by individually indicating the same information.

[0077] Furthermore, the specific indication method can also be any existing indication method, such as, but not limited to, the above-mentioned indication methods and their various combinations. Specific details of various indication methods can be found in existing technologies, and will not be repeated here. As described above, for example, when multiple pieces of information of the same type need to be indicated, the indication methods for different pieces of information may differ. In the specific implementation process, the required indication method can be selected according to specific needs. This application embodiment does not limit the selected indication method; therefore, the indication methods involved in this application embodiment should be understood to cover various methods that enable the party to be indicated to obtain the information to be indicated.

[0078] The information to be instructed can be sent as a whole or divided into multiple sub-information messages, and the sending period and / or timing of these sub-information messages can be the same or different. This application does not limit the specific sending method. The sending period and / or timing of these sub-information messages can be predefined, for example, according to a protocol, or configured by the transmitting device by sending configuration information to the receiving device. This configuration information can include, for example, but not limited to, one or a combination of at least two of radio resource control (RRC) signaling, medium access control (MAC) layer signaling, and physical layer signaling. MAC layer signaling includes, for example, a MAC control element (CE); physical (PHY) layer signaling includes, for example, downlink control information (DCI).

[0079] Second, in the embodiments shown below, the first, second, and various numerical designations are merely distinctions for descriptive convenience and are not intended to limit the scope of the embodiments of this application. For example, to distinguish different indication information.

[0080] Third, "pre-set," "predefined," or "pre-configured" can be achieved by pre-storing corresponding codes, tables, or other means of indicating relevant information in the communication device (e.g., including terminal devices and network devices), or by pre-defining them in a protocol. This application does not limit the specific implementation method. "Storing" can refer to storing in one or more memories. These memories can be separate installations or integrated into the encoder, decoder, processor, or communication device. Alternatively, some memories can be separate installations, while others are integrated into the decoder, processor, or communication device. The type of memory can be any form of storage medium, and this application does not limit this.

[0081] Fourth, the “protocol” involved in the embodiments of this application may refer to standard protocols in the field of communications, such as the LTE protocol and NR protocol of the third generation partnership project (3GPP) and related protocols applied in future communication systems. This application does not limit this.

[0082] The network architecture and business scenarios described in the embodiments of this application are for the purpose of more clearly illustrating the technical solutions of the embodiments of this application, and do not constitute a limitation on the technical solutions provided in the embodiments of this application. As those skilled in the art will know, with the evolution of network architecture and the emergence of new business scenarios, the technical solutions provided in the embodiments of this application are also applicable to similar technical problems.

[0083] The network architecture and business scenarios described in the embodiments of this application are for the purpose of more clearly illustrating the technical solutions of the embodiments of this application, and do not constitute a limitation on the technical solutions provided in the embodiments of this application. As those skilled in the art will know, with the evolution of network architecture and the emergence of new business scenarios, the technical solutions provided in the embodiments of this application are also applicable to similar technical problems.

[0084] The following describes the relevant technologies involved in the embodiments of this application.

[0085] Figure 1 is a schematic diagram of the communication system architecture. As shown in Figure 1, the communication system includes: terminal equipment (such as terminal equipment 120a to terminal equipment 120j), access network (AN) equipment (such as access network equipment 110a and access network equipment 110b), and core network (CN) 130. The terminal equipment can also be referred to as user equipment (UE). The core network may include mobility management network elements and data management network elements. It is understood that the core network of the communication system architecture shown in Figure 1 may also include other network elements, which will not be elaborated upon here.

[0086] The CN may include one or more core network elements (not shown in Figure 1). The core network elements may include: core access and mobility management function (AMF) network elements (referred to as access management network elements) or session management function (SMF) network elements (referred to as session management network elements).

[0087] Optionally, the communication system provided in Figure 1 may further include: a user plane function (UPF) network element (hereinafter referred to as user plane network element), a unified data management (UDM) network element (hereinafter referred to as data management network element), and a policy control function (PCF) network element (hereinafter referred to as policy control network element).

[0088] Figure 1 is merely an example of some network elements or entities in a 5G network. This 5G network may also include network data analytics function (NWDAF) network elements (hereinafter referred to as network data analytics network elements), charging function (CHF) network elements, authentication server function (AUSF) network elements, network slice selection function (NSSF) network elements, network slice-specific and stand-alone NPN authentication and authorization function (NSSAAF) network elements, network slice admission control function (NSACF) network elements, and other network elements or entities not shown in Figure 1. The embodiments of this application do not specifically limit these.

[0089] As shown in Figure 1, the UE accesses the 5G network through the AN device, and communicates with the AMF network element through the N1 interface (N1 for short); the RAN device communicates with the AMF network element through the N2 interface (N2 for short); the RAN device communicates with the UPF network element through the N3 interface (N3 for short); the SMF network element communicates with the UPF network element through the N4 interface (N4 for short); the UPF network element accesses the data network (DN) through the N6 interface (N6 for short); and different UPF network elements communicate with each other through the N9 interface (N9 for short).

[0090] Furthermore, the control plane functions of the NEF, NRF, TSCTSF, AF, PCF, UDR, UDM, AMF, SMF, or BSF network elements shown in Figure 1 interact using service-oriented interfaces. For example, the service-oriented interface provided by the NEF network element is Nnef, the NRF network element is Nnrf, the TSCTSF network element is Ntsctsf, the AF network element is Naf, the PCF network element is Npcf, the UDR network element is Nudr, the UDM network element is Nudm, the AMF network element is Namf, the SMF network element is Nsmf, and the BSF network element is Nbsf. For relevant functional and interface descriptions, please refer to the 5G system architecture diagram in the technical specification (TS) 23.501 standard, which will not be elaborated here.

[0091] The functions of each part or network element involved in the above communication system architecture will be described separately below by way of example.

[0092] (1) The terminal device can be a terminal with transceiver functions, a chip or chip system that can be installed in the terminal, or a unit or module with terminal functions. The terminal can also be called a terminal device, user equipment (UE), mobile station (MS), mobile terminal (MT), etc., or a device used to provide voice or data connectivity to users, or an Internet of Things (IoT) device. For example, terminals include handheld devices with wireless connectivity, vehicle-mounted devices, etc. Currently, terminals can be: mobile phones, tablets, laptops, PDAs, mobile internet devices (MIDs), wearable devices (such as smartwatches, smart bracelets, pedometers, smart glasses, etc.), in-vehicle equipment (such as cars, bicycles, electric vehicles, airplanes, ships, trains, high-speed trains, etc.), satellite terminals, virtual reality (VR) devices, augmented reality (AR) devices, smart point-of-sale (POS) machines, customer-premises equipment (CPE), wireless terminals in industrial control, smart home devices (such as refrigerators, televisions, air conditioners, electricity meters, etc.), smart robots, robotic arms, workshop equipment, wireless terminals in autonomous driving, wireless terminals in telemedicine, wireless terminals in smart grids, wireless terminals in transportation safety, wireless terminals in smart cities, or wireless terminals in smart homes, and flying equipment (such as smart robots, hot air balloons, drones, airplanes), etc. The terminal can also be a vehicle device, such as a vehicle unit, vehicle module, vehicle chip, on-board unit (OBU), or telematics box (T-BOX). The terminal can also be other devices with terminal functions. For example, the terminal can also be a device that plays the role of a terminal in D2D communication.

[0093] (2) The AN network element is used to implement access-related functions. It can provide network access functionality for authorized terminals in a specific area and can use transmission tunnels of different qualities according to the terminal level and service requirements. The AN forwards control signals and user data between the network element terminal and the CN. The AN network element in this application can be a radio access network (RAN) network element. The RAN network element can manage radio resources, provide access services for the UE, and thus complete the forwarding of control signals and terminal data between the terminal and the core network. The RAN network element can also be understood as a base station in a traditional network. For example, it can be responsible for functions such as radio resource management, quality of service (QoS) management, data compression and encryption on the air interface side.

[0094] RAN network elements can be devices within a wireless network. RAN network elements can also be called wireless RAN network elements, network devices, or wireless network nodes. Currently, some examples of RAN network elements include: the Next Generation Node B (gNB) in 5G systems, the transmission reception point (TRP), the evolved Node B (eNB) in long term evolution (LTE) systems, the radio network controller (RNC), the Node B (NB), the base station controller (BSC), the base transceiver station (BTS), home base stations (e.g., home evolved Node B, or home Node B, HNB), the base band unit (BBU), or the wireless fidelity (Wi-Fi) access point (AP), etc. In a network architecture, network devices can include centralized unit (CU) nodes, distributed unit (DU) nodes, or RAN network elements comprising both CU and DU nodes. RAN network elements can also be wireless backhaul equipment, vehicle-mounted equipment, wearable devices, and network equipment in future 5G networks or future evolved PLMN networks. In fourth-generation (4G) systems, it is called the Evolved Universal Mobile Telecommunications System Terrestrial Radio Access Network (E-UTRAN).

[0095] In one possible scenario, multiple network devices collaborate to assist terminals in achieving wireless access, with each network device performing a portion of the base station's functions. For example, network devices can be central units (CUs), distributed units (DUs), CU-control plane (CPs), CU-user plane (UPs), or radio units (RUs), etc. CUs and DUs can be set up separately or included in the same network element, such as a baseband unit (BBU). RUs can be included in radio equipment or radio units, such as remote radio units (RRUs), active antenna units (AAUs), or remote radio heads (RRHs). It is understood that network devices can be CU nodes, DU nodes, or devices comprising both CU and DU nodes. Furthermore, CUs can be classified as network devices within the radio access network (RAN) or within the network network (CN), without limitation.

[0096] In different systems, CU (or CU-CP and CU-UP), DU, or RU may have different names, but those skilled in the art will understand their meaning. For example, in an open RAN (ORAN) system, CU can also be called O-CU (open CU), DU can also be called O-DU, CU-CP can also be called O-CU-CP, CU-UP can also be called O-CU-UP, and RU can also be called O-RU. For ease of description, this application uses CU, CU-CP, CU-UP, DU, and RU as examples. Any of the units among CU (or CU-CP, CU-UP), DU, and RU in this application can be implemented through software modules, hardware modules, or a combination of software modules and hardware modules.

[0097] (3) A mobility management network element (MME) is a core network element primarily responsible for signaling processing, such as access control, mobility management, attach and detach functions, and gateway selection. When a MME provides services for a terminal's session, it provides control plane storage resources to store the session identifier and the associated SMF (Signal Management Function) network element identifier. In the architecture of a 4G communication system, this MME can be an MME. In the architecture of a 5G communication system, this MME can be an Access and Mobility Management Function (AMF) network element, which can communicate via a Namf. In future communication systems, the MME can still be an MME or an AMF network element, or it can have other names; this application does not limit this.

[0098] (4) Session management network element, used for session management in mobile networks, such as user plane network element selection, user plane network element redirection, Internet Protocol (IP) address allocation, bearer establishment, modification and release, and QoS control. This includes session management, terminal IP address allocation and management, selection of manageable user plane functions, policy control and charging function interface endpoints, and downlink data notification. In 5G communication systems, this session management network element can be an SMF network element. In future communication systems, the session management network element can still be an SMF network element, or it can have other names; this application does not limit this.

[0099] (5) User plane network elements are used for packet routing and forwarding, and quality of service (QoS) processing of user plane data. In 5G communication systems, the network elements or entities corresponding to user plane network elements can be user plane function (UPF) network elements in the 5G network architecture. In future communication systems, user plane network elements can still be UPF network elements, or user plane network elements may have other names. This application embodiment does not limit this.

[0100] (6) Data management network element, used for handling user identification, access authentication, registration, or mobility management, etc. In a 5G communication system, the network element or entity corresponding to the data management network element can be a unified data management (UDM) network element in the 5G network architecture, where Nudm is a service-based interface provided by the UDM network element, and the UDM network element can communicate with other network functions through Nudm. In future communication systems, the data management network element can still be a UDM network element, or the data management network element may have other names; this application embodiment does not limit this.

[0101] (7) Policy control network element, including user subscription data management function, policy control function, billing policy control function, QoS control, etc., is used to guide the unified policy framework of network behavior and provide policy rule information to control plane functional network elements (such as AMF network elements). In 5G communication systems, the policy control network element can be a PCF network element. In future communication systems, the policy control function network element can still be a PCF network element, or it may have other names; this application embodiment does not limit this.

[0102] It should be understood that the communication system shown in Figure 1 may also include a data processing network element, which can be an artificial intelligence (AI) module. This data processing network element can be located within the access network equipment, or it can be connected to the access network equipment. The data processing network element can be an intra-network computing node. An intra-network computing node refers to a node within the network that provides AI and other computing services, such as a service unit (SU).

[0103] Optionally, the communication system provided in Figure 1 may also include a cloud server 140, and core network elements can connect to the cloud server. Access network devices can connect to the data network through core network elements, such as UPF elements, thereby enabling communication with the cloud server.

[0104] The network architecture and business scenarios described in the embodiments of this application are for the purpose of more clearly illustrating the technical solutions of the embodiments of this application, and do not constitute a limitation on the technical solutions provided in the embodiments of this application. As those skilled in the art will know, with the evolution of network architecture and the emergence of new business scenarios, the technical solutions provided in the embodiments of this application are also applicable to similar technical problems.

[0105] The network architecture and business scenarios described in the embodiments of this application are for the purpose of more clearly illustrating the technical solutions of the embodiments of this application, and do not constitute a limitation on the technical solutions provided in the embodiments of this application. As those skilled in the art will know, with the evolution of network architecture and new services.

[0106] In this embodiment, the form of the access network device is not limited. The device used to implement the function of the access network device can be the access network device itself; it can also be any device that supports the access network device in implementing this function, such as a communication module, chip, chip system, other components or parts, or circuits or functional components. This device can be installed in the access network device or used in conjunction with the access network device. The chip system can be composed of chips or can include chips and other discrete devices.

[0107] In this embodiment, the form of the core network element is not limited. The device used to implement the function of the core network element can be the core network element itself; it can also be any device capable of supporting the core network element in implementing this function, such as a communication module, chip, chip system, other components or parts, or circuits or functional components. This device can be installed in the core network element or used in conjunction with the core network element. The chip system can be composed of chips or can include chips and other discrete devices.

[0108] It should be understood that Figure 1 is a simplified schematic diagram for ease of understanding only, and the communication system may also include other network devices and / or other terminal devices, which are not shown in Figure 1.

[0109] The technical terms and related technical solutions in this application will be described below with reference to the accompanying drawings.

[0110] In recent years, thanks to continuous breakthroughs in algorithms and software, AI applications have achieved rapid and tremendous development, finding applications in numerous industries and fields, such as image / speech recognition, translation, big data analysis, and chatbots and personal assistants driven by large language models (LLM). The level of intelligence in AI applications and their penetration into industries and daily life are both increasing daily.

[0111] Some functions of the terminal device can be achieved with the assistance of a cloud server. In this process, the terminal device needs to transmit the user's raw data to the access network device after privacy protection, and then the access network device transmits it to the cloud server. The cloud server can then obtain and process the user's raw data from the received data. The relevant privacy protection process is shown in Figure 2 below.

[0112] As shown in Figure 2, the privacy protection process includes:

[0113] S201, the terminal device establishes a packet data unit (PDU) session connection.

[0114] During the process of establishing a PDU session on a terminal device, the core network can determine the privacy protection method used by the terminal device, and this privacy protection method can be stored on the UPF network element.

[0115] S202, the terminal device initiates a PDU session.

[0116] This includes data carried by terminal devices that requires privacy protection.

[0117] S203. After the UPF network element obtains the data that the terminal device needs to protect its privacy, it can protect the privacy according to the privacy protection method that is already stored and corresponds to the terminal device.

[0118] In this way, we can obtain data that has been protected from privacy.

[0119] S204, UPF network element sends data after privacy protection.

[0120] In the field of wireless networks, AI-related technologies have also attracted much attention. On the one hand, AI technology can replace traditional communication modules to achieve more intelligent and adaptive communication service optimization. On the other hand, the computing modules deployed in wireless networks can also provide users with AI execution platforms and environments, providing AI services that are closer to users, such as personal assistants, intelligent robots, autonomous driving, or industrial smart IoT application scenarios.

[0121] However, compared to the centralized service model of cloud computing, wireless networks face greater privacy challenges in providing related computing services. Firstly, unlike mature cloud service platforms, AI services on wireless networks are provided by operators, while the execution of specific tasks is handled by the equipment vendor's platform. This presents higher privacy concerns for the equipment vendor regarding application data. Therefore, data privacy is a critical challenge that needs to be addressed when providing new services such as AI via wireless networks in future communication systems.

[0122] To address the aforementioned technical problems, embodiments of this application provide a communication method. In this method, a terminal device can obtain a first privacy protection configuration and perform privacy protection processing on data according to the first privacy protection configuration. The privacy protection method determined by the first privacy protection configuration is a non-parallel privacy protection method; that is, this privacy protection method cannot be used to recover the original data from the data processed by the privacy protection method. This avoids user data leakage and improves user data security.

[0123] The technical solutions in this application will now be described with reference to the accompanying drawings.

[0124] It should be noted that the communication method provided in this application embodiment can be applied to the devices shown in Figure 1. For specific implementation, please refer to the following method embodiment, which will not be repeated here.

[0125] It should be noted that the solutions in the embodiments of this application can also be applied to other communication systems, and the corresponding names can be replaced by the names of the corresponding functions in other communication systems.

[0126] The communication method provided in the embodiments of this application will be described in detail below with reference to Figure 3.

[0127] For example, Figure 3 is a schematic flowchart of a communication method provided in an embodiment of this application. This communication method can be applied to communication between the terminal device shown in Figure 1 and the terminal device and access network device shown in Figure 1, or to communication between the terminal device, access network device and core network element shown in Figure 1.

[0128] As shown in Figure 3, the communication method includes:

[0129] S301, the terminal device obtains the first privacy protection configuration.

[0130] The first privacy protection configuration is used to determine the first privacy protection method and the parameters for using the first privacy protection method to perform privacy protection processing on the data. The first privacy protection method is an asymmetric privacy protection method.

[0131] The first privacy protection method is a approach to protect data privacy by processing data in a way that reduces the risk of data leakage before processing. The first privacy protection method may include one or more of these approaches.

[0132] In one possible implementation, the first privacy protection method includes at least one of the following: noise addition processing, bit random response processing, data transformation processing, or differential privacy blurring processing.

[0133] The noise addition process may include at least one of the following: Gaussian noise processing or Laplace noise processing. It is understood that the noise addition process described here is for illustrative purposes; in actual implementation, other possible noise addition processes may exist, which will not be elaborated upon.

[0134] In this way, privacy protection of application data can be achieved on the terminal device side, while the access network device cannot directly recover the original data during processing.

[0135] Data transformation processing can be achieved through AI models, which can transform raw data into privacy-preserving data without affecting business performance. It can be understood that data transformation processing can be implemented through a standalone model, such as an AI model, or it can be implemented through a portion of a model's structure.

[0136] Data processed by the first privacy protection method can be recovered using corresponding data processing or enhancement methods, and the recovered data can realize the business services that the original data (i.e., the data before the privacy protection method processing) could provide. These business services could include online image editing, video calls, or voice processing. For example, if the first privacy protection method is noise addition processing, then the data processing or enhancement method can be noise addition processing; similarly, if the first privacy protection method is bit random response processing, then the data processing or enhancement method can be bit random response processing; if the first privacy protection method is data transformation processing, then the data processing or enhancement method can be data transformation processing; if the first privacy protection method is differential privacy blurring processing, then the data processing or enhancement method can be differential privacy blurring processing.

[0137] In one possible implementation, the first privacy protection configuration is determined based on at least one of the following: third information, fourth information, or fifth information, wherein the third information is used to indicate the service processing method of the terminal device, or the third information is used to indicate the service processing method and privacy protection requirements of the terminal device. The fourth information includes the privacy protection configuration preferred by the terminal device and / or the privacy protection method supported by the terminal device; the privacy protection configuration preferred by the terminal device includes the first privacy protection configuration, and the privacy protection method supported by the terminal device includes the first privacy protection method; the fifth information is used to indicate the processing capabilities of the access network device.

[0138] The processing capabilities of access network devices include at least one of the following: whether the model deployed by the access network device supports data processing after privacy protection, whether the access network device has corresponding enhancement methods and / or modules for privacy protection configuration, and the computing processing capabilities of the access network device.

[0139] The processing method of a terminal device is used to process user data to obtain the results of user service transactions, such as the results of online image editing, video processing, or voice processing. The data processing method is related to at least one of the following: the application used to process data on the terminal device, the first model used to process data on the terminal device, or the function that the terminal device needs to implement. In other words, any combination of multiple of the following can correspond to a data processing method: the application used to process data on the terminal device, the first model used to process data on the terminal device, and the function that the terminal device needs to implement. The model can be an artificial intelligence (AI) model or other deep learning model, which will not be elaborated further.

[0140] For example, privacy protection requirements include at least one of the following: desired differential privacy budget, K-anonymity, I-diversity, privacy information metric, image structural similarity metric, kernel-aware distance, perturbation percentage, distance between embedding vectors, or similarity metric. It is understood that the privacy protection requirements described here are for illustrative purposes; in actual implementation, other implementation methods for privacy protection requirements may exist, which will not be elaborated upon here.

[0141] Optionally, the first privacy protection configuration is determined based on the third information, or the first privacy protection configuration is determined based on the third information and the fifth information. Alternatively, the first privacy protection configuration is determined based on the third information and the fourth information. Or, the first privacy protection configuration is determined based on the third information, the fourth information, and the fifth information.

[0142] For example, assuming the privacy protection requirement indicates that an ε-differential privacy budget ε = 0.1 needs to be met, the privacy protection method is determined according to the first model. For instance, if the first model deploys a processing model or corresponding enhancement method for privacy-protected data corresponding to bit random response processing, then the first privacy protection method is bit random response processing, and the bit flipping probability of bit random response processing is... (According to the formula) (The solution is obtained). For example, if the first model deploys a data processing model or corresponding enhancement method for privacy-preserving data corresponding to Laplace noise processing, then the first privacy-preserving method is Laplace noise processing, and the noise distribution parameters corresponding to Laplace noise processing are...

[0143] In this way, a privacy protection configuration that matches the capabilities of the service nodes in the communication system can be selected, thus balancing privacy protection and service quality.

[0144] It is understood that in S301, the first privacy protection configuration can be determined through core network elements, such as AMF or SMF elements, and the terminal device receives the first privacy protection configuration from the core network equipment. Alternatively, the first privacy protection configuration can be determined through access network equipment, and the terminal device receives the first privacy protection configuration from the access network equipment. Alternatively, the terminal device can determine the first privacy protection configuration itself. These will be described in detail below with reference to different embodiments, and will not be repeated here.

[0145] S302, the terminal device sends the first information. Correspondingly, the access network device receives the first information.

[0146] The first information includes the first data after the user data has undergone privacy protection processing according to the first privacy protection configuration. The user data mentioned in this application embodiment can be user-related data that requires privacy protection. For example, user data may include at least one of the following: the original image in online image editing, the original information in a video call, the original voice information, or user discovery information in a shopping app, etc.

[0147] Based on the communication method provided in Figure 3, in this communication method, the terminal device can obtain a first privacy protection configuration and send first data processed according to the first privacy protection configuration. Since the privacy protection method determined by the first privacy protection configuration is an asymmetric privacy protection method, the device that receives the first data after privacy protection processing, such as the access network device, cannot obtain the data before privacy protection based on the first data, thereby improving the security of user data and realizing the privacy protection of user data.

[0148] In one possible embodiment, when the first privacy protection configuration is determined by the core network element and the terminal device receives the first privacy protection configuration from the core network equipment, the method provided in FIG3 can be implemented by the method provided in FIG4 below.

[0149] As shown in Figure 4, the communication method includes:

[0150] S401, the core network element sends the second information. Correspondingly, the access network device receives the second information from the core network element.

[0151] The second piece of information is used to indicate the first privacy protection configuration.

[0152] The first privacy protection configuration is used to determine the first privacy protection method and the parameters for using the first privacy protection method to perform privacy protection processing on the data. The first privacy protection method is an asymmetric privacy protection method.

[0153] The implementation of the first privacy protection method and the first privacy protection configuration can be found in the corresponding description in S301, and will not be elaborated here.

[0154] In one possible implementation, the first privacy protection configuration is determined based on at least one of the following: third information, fourth information, or fifth information. Specific implementation details can be found in the relevant description in S301 and will not be elaborated further.

[0155] Optionally, the second information includes: parameters for processing the data with privacy protection using the first privacy protection method; or, the second information includes an identifier of the first privacy protection configuration.

[0156] When the second information includes parameters for privacy-protecting data processing using the first privacy protection method, these parameters can be indicated via other terminal devices, making the privacy protection scheme more flexible. When the second information includes an identifier for the first privacy protection configuration, the amount of data in the second information can be reduced, thereby lowering overhead.

[0157] In some examples, parameters for privacy-preserving data may include, for instance, the noise distribution type and power in random noise methods; the bit flip probability in random response methods; and the model selection in AI-based data transformation methods.

[0158] In this embodiment of the application, the core network element can be the AMF network element or the SMF network element in the communication system shown in Figure 1.

[0159] S402, the access network device sends the second information. Correspondingly, the terminal device receives the second information.

[0160] It is understandable that the above S301 can be implemented by S402.

[0161] S403, the terminal device sends the first information. Correspondingly, the access network device receives the first information.

[0162] For details on the implementation of the first information, please refer to the relevant introduction of the first information in S302. For details on the implementation of S403, please refer to the relevant introduction in S302. We will not elaborate further.

[0163] When the information used to determine the first privacy protection configuration includes the determination of third information, the method provided in Figure 4 may also include S404 and S405.

[0164] S404, the terminal device sends third information. Correspondingly, the access network element receives the third information.

[0165] For the implementation principle of the third information, please refer to the relevant introduction of the third information in S301, which will not be elaborated here.

[0166] It is understandable that the third information can also be understood as a privacy protection configuration request.

[0167] S405, the access network device sends third information to the core network element. Correspondingly, the core network element receives the third information from the access network device.

[0168] The method provided in Figure 4 may also include S406 and S407.

[0169] S406, the terminal device sends the fourth information to the access network element. Correspondingly, the access network element receives the fourth information from the terminal device.

[0170] For the implementation principle of the fourth information, please refer to the relevant introduction of the fourth information in S301, which will not be elaborated here.

[0171] S407, the access network device sends the fourth information to the core network element. Correspondingly, the core network element receives the fourth information from the access network device.

[0172] In other words, the terminal device can instruct third or fourth information, which makes the obtained privacy protection configuration more compatible with the terminal device. In addition, it can reduce the processing complexity of the terminal device.

[0173] It is understood that in the embodiments of this application, the third information and the fourth information may be the same information or different information. The order in which S404 and S406 appear does not represent the execution order of the steps, and the order in which S405 and S407 appear does not represent the execution order of the steps. In the embodiments of this application, the execution order between S404 and S406 is not limited, and the order between S405 and S407 is not limited.

[0174] The method provided in Figure 4 may also include S408.

[0175] S408, the core network element sends the eighth information to the access network element. Correspondingly, the access network element receives the eighth information from the core network element.

[0176] The eighth piece of information is used to determine one or more of the following: how the data is processed or methods for enhancing data privacy protection.

[0177] The eighth piece of information is determined based on the processing capabilities of the access network equipment.

[0178] For the technical effects of the communication method shown in Figure 4, please refer to the technical effects of the communication method shown in Figure 3.

[0179] Furthermore, based on the communication method provided in Figure 4, network-side devices, such as access network devices or core network elements, can select a privacy protection configuration that matches the capabilities of service nodes in the communication system, based on the capabilities of the access network devices in the communication system, thereby balancing privacy protection and service quality.

[0180] In one possible embodiment, when the first privacy protection configuration is determined by the access network device and the terminal device receives the first privacy protection configuration from the access network device, the method provided in FIG3 can be implemented by the method provided in FIG5 below.

[0181] As shown in Figure 5, the communication method includes:

[0182] S501, the access network device sends the second information. Correspondingly, the terminal device receives the second information.

[0183] The second information is used to indicate the first privacy protection configuration, which includes parameters for processing data with privacy protection using a first privacy protection method, wherein the first privacy protection method is an asymmetric privacy protection method.

[0184] The implementation of the first privacy protection method and the first privacy protection configuration can be found in the corresponding description in S301, and will not be elaborated here.

[0185] It is understandable that the above S301 can be implemented by S501.

[0186] S502, the terminal device sends the first information. Correspondingly, the access network device receives the first information.

[0187] For details on the implementation of S502, please refer to the relevant introduction in S302.

[0188] Optionally, the method provided in the embodiments of this application may further include S503.

[0189] S503, the access network device determines the first privacy protection configuration.

[0190] Optionally, the access network device determines the privacy protection method based on one or more of the following: third information, fourth information, or fifth information.

[0191] For information on the third, fourth, and fifth information, please refer to the relevant descriptions of the third, fourth, and fifth information in S301, which will not be repeated here.

[0192] It is understandable that when the access network device includes a data processing network element, S503 can be implemented by the data processing network element within the access network device. When the access network device and the data processing network element are not the same network element, in S503, the access network device can send one or more of the following information to the data processing network element, which then determines the privacy protection method: third information, fourth information, or fifth information. The access network device receives information from the data processing network element indicating the first privacy protection configuration.

[0193] In one possible implementation, if the information used to determine the first privacy protection configuration includes third information, the method provided in Figure 5 further includes S504.

[0194] S504, the terminal device sends third information to the access network device. Correspondingly, the access network device receives the third information from the terminal device.

[0195] When the access network device determines the privacy protection method based on the third information and the fourth information, that is, when the information used to determine the first privacy protection configuration includes the fourth information, the method provided in Figure 5 also includes S505.

[0196] S505, the terminal device sends fourth information to the access network device. Correspondingly, the access network device receives the fourth information from the terminal device.

[0197] The access network device determines the first privacy protection configuration based on the third information and the processing capabilities of the access network device.

[0198] It is understood that in the embodiments of this application, the third information and the fourth information may be the same information or different information. The order in which S504 and S505 appear does not represent the execution order of the steps. In the embodiments of this application, the execution order between S504 and S505 is not limited.

[0199] The access network device receives the second information from the core network element or determines the first privacy protection configuration, which can also be understood as: the access network device obtains the first privacy protection configuration.

[0200] In one possible embodiment, when the terminal device determines the first privacy protection configuration on its own, the method provided in FIG3 can be implemented by the method provided in FIG6 below.

[0201] As shown in Figure 6, the communication method includes:

[0202] S601, the terminal device obtains the first privacy protection configuration.

[0203] The first privacy protection configuration can be determined based on third-party information.

[0204] Alternatively, the first privacy protection configuration may be determined based on third and fourth information.

[0205] Alternatively, the first privacy protection configuration can be determined based on third-party information and the processing capabilities of the access network device.

[0206] Alternatively, the first privacy protection configuration can be determined based on third information, fourth information, and the processing capabilities of the access network device.

[0207] In one possible implementation, the first terminal device can determine the first privacy protection configuration from multiple candidate privacy protection configurations. In other words, the first privacy protection configuration can be one of multiple candidate privacy protection configurations.

[0208] For details on the implementation of the first privacy protection configuration, please refer to the relevant introduction in S301, which will not be elaborated here.

[0209] S602, the terminal device sends the first information. Correspondingly, the access network device receives the first information.

[0210] For details on the implementation of the first information, please refer to the relevant introduction of the first information in S302. For details on the implementation of S602, please refer to the relevant introduction in S302. We will not elaborate further.

[0211] In one possible implementation, where the processing capability of the access network device is indicated by the access network device, the method provided in Figure 6 may further include S603.

[0212] S603, the access network device sends the fifth information to the terminal device. Correspondingly, the terminal device receives the fifth information from the access network device.

[0213] The fifth piece of information is used to indicate the processing capabilities of the access network equipment.

[0214] Optionally, S603 can be triggered by a terminal device, in which case the method provided in FIG6 may also include S604.

[0215] S604, the terminal device sends the sixth information to the access network device. Correspondingly, the access network device receives the sixth information from the terminal device.

[0216] The sixth piece of information is used to request the processing capabilities of the access network device. It can also be understood that the sixth piece of information can be called a privacy protection configuration request.

[0217] In this way, the terminal device can trigger the acquisition of the processing capabilities of the access network equipment, which can reduce resource consumption. In addition, it can obtain more accurate information about the processing capabilities of the access network equipment.

[0218] In one possible implementation, the terminal device may also instruct the access network equipment on how to process the data. In this case, the method shown in Figure 6 further includes S605.

[0219] S605, the terminal device sends the seventh information to the access network device. Correspondingly, the access network device receives the seventh information from the terminal device.

[0220] The seventh piece of information is used to determine how the data is processed or to enhance the privacy protection of the data.

[0221] Optionally, the seventh information may include information for indicating the first privacy protection configuration. The access network device may store a first correspondence between different privacy protection configurations and data processing methods or privacy-enhancing methods. In this case, the access network device can determine the data processing method or privacy-enhancing method corresponding to the first privacy protection configuration based on the first correspondence and the first privacy protection configuration.

[0222] This allows access network devices to obtain data processing methods or privacy-enhancing methods corresponding to the privacy protection methods on the terminal device, thereby improving the accuracy of data processing results.

[0223] In one possible implementation, the method shown in Figure 6 may also include S606.

[0224] S606, the terminal device receives at least one candidate privacy protection configuration from the access network device.

[0225] Among them, at least one of the candidate privacy protection configurations includes the first privacy protection configuration.

[0226] In this way, the terminal device can choose from multiple privacy protection configurations, making the privacy protection configuration scheme more flexible.

[0227] At least one candidate privacy protection configuration may be determined based on at least one of the following: third information, fourth information, or fifth information.

[0228] The principle for determining at least one candidate privacy protection configuration can be found in the relevant introduction to determining the first privacy protection configuration, and will not be repeated here. It is understood that in this embodiment, when information is transmitted between the terminal device and the access network device, it can be carried in non-access stratum (NAS) signaling.

[0229] For the technical effects of the communication method shown in Figure 6, please refer to the technical effects of the communication method shown in Figure 3.

[0230] Furthermore, in the communication method provided in Figure 6, the terminal device can determine the privacy protection configuration itself, reducing the interaction between the terminal device and other devices, thereby reducing resource consumption.

[0231] The communication method provided by the embodiments of this application has been described in detail above with reference to Figures 3-6. The communication apparatus used to perform the communication method provided by the embodiments of this application is described in detail below with reference to Figures 7-8.

[0232] For example, FIG7 is a schematic diagram of the structure of a communication device provided in an embodiment of this application. As shown in FIG7, the communication device 700 includes a processing module 701 and a transceiver module 702. For ease of explanation, FIG7 only shows the main components of the communication device.

[0233] In some embodiments, the communication device 700 may be adapted to the communication system shown in FIG1 to perform the functions of the terminal device, access network equipment, or core network element in the communication method shown in FIG3, FIG4, FIG5, or FIG6.

[0234] The transceiver module 702 is used to perform the transceiver function in the method provided in Figures 3, 4, 5 or 6 above, and the processing module 701 is used to perform other functions in the method provided in Figures 3, 4, 5 or 6 above, excluding the transceiver function.

[0235] Optionally, the transceiver module 702 may include a receiving module and a transmitting module (not shown in FIG7). The transceiver module is used to implement the transmitting and receiving functions of the communication device 700.

[0236] Optionally, the communication device 700 may further include a storage module (not shown in FIG. 7) that stores programs or instructions. When the processing module 701 executes the program or instructions, the communication device 700 can perform the functions of the first communication device or the second communication device in the communication methods shown in FIG. 3, 4, 5 or 6.

[0237] It should be understood that the processing module 701 involved in the communication device 700 can be implemented by a processor or processor-related circuit components, and can be a processor or processing unit; the transceiver module 702 can be implemented by a transceiver or transceiver-related circuit components, and can be a transceiver or transceiver unit.

[0238] It should be noted that the communication device 700 can be a terminal device, a communication module, a circuit or chip responsible for communication functions, a chip system, or other components or assemblies. This communication module, circuit or chip responsible for communication functions, chip system, or other components or assemblies can be applied in a terminal device. This application does not limit this.

[0239] Furthermore, the technical effects of the communication device 700 can be seen by referring to the technical effects of the communication methods shown in Figures 3, 4, 5 or 6, which will not be elaborated here.

[0240] For example, Figure 8 is a second schematic diagram of the structure of a communication device provided in an embodiment of this application. This communication device can be a terminal device or a network device, or it can be a chip (system) or other component or assembly that can be disposed in a terminal device or network device. As shown in Figure 8, the communication device 800 may include a processor 801. Optionally, the communication device 800 may also include a memory 802 and / or a transceiver 803. The processor 801 is coupled to the memory 802 and the transceiver 803, for example, they can be connected via a communication bus.

[0241] The following section, with reference to Figure 8, provides a detailed description of each component of the communication device 800:

[0242] The processor 801 is the control center of the communication device 800. It can be a single processor or a collective term for multiple processing elements. For example, the processor 801 can be one or more central processing units (CPUs), application-specific integrated circuits (ASICs), or one or more integrated circuits configured to implement the embodiments of this application, such as one or more digital signal processors (DSPs), or one or more field-programmable gate arrays (FPGAs).

[0243] Optionally, the processor 801 can perform various functions of the communication device 800 by running or executing software programs stored in the memory 802 and by calling data stored in the memory 802.

[0244] In a specific implementation, as one example, processor 801 may include one or more CPUs, such as CPU0 and CPU1 shown in FIG8.

[0245] In a specific implementation, as one embodiment, the communication device 800 may also include multiple processors, such as processors 801 and 804 shown in FIG. 8. Each of these processors may be a single-core processor (single-CPU) or a multi-core processor (multi-CPU). Here, a processor may refer to one or more devices, circuits, and / or processing cores for processing data (e.g., computer program instructions).

[0246] The memory 802 is used to store the software program that executes the solution of this application, and is controlled by the processor 801 to execute it. The specific implementation method can be referred to the above method embodiment, and will not be repeated here.

[0247] Optionally, the memory 802 may be a read-only memory (ROM) or other type of static storage device capable of storing static information and instructions, random access memory (RAM) or other type of dynamic storage device capable of storing information and instructions, or electrically erasable programmable read-only memory (EEPROM), compact disc read-only memory (CD-ROM) or other optical disc storage, optical disc storage (including compressed optical discs, laser discs, optical discs, digital universal optical discs, Blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium capable of carrying or storing desired program code in the form of instructions or data structures and accessible by a computer, but not limited thereto. The memory 802 may be integrated with the processor 801 or may exist independently and be coupled to the processor 801 through the interface circuit of the communication device 800 (not shown in FIG. 8). This application embodiment does not specifically limit this.

[0248] Transceiver 803 is used for communication with other communication devices. For example, if communication device 800 is a terminal device, transceiver 803 can be used to communicate with a network device or with another terminal device. As another example, if communication device 800 is a network device, transceiver 803 can be used to communicate with a terminal device or with another network device.

[0249] Optionally, transceiver 803 may include a receiver and a transmitter (not shown separately in Figure 8). The receiver is used to implement the receiving function, and the transmitter is used to implement the transmitting function.

[0250] Optionally, the transceiver 803 can be integrated with the processor 801 or exist independently and be coupled to the processor 801 through the interface circuit of the communication device 800 (not shown in FIG8). This application embodiment does not specifically limit this.

[0251] It should be noted that the structure of the communication device 800 shown in Figure 8 does not constitute a limitation on the communication device. The actual communication device may include more or fewer components than shown, or combine certain components, or have different component arrangements.

[0252] Furthermore, the technical effects of the communication device 800 can be referred to the technical effects of the communication method described in the above method embodiments, and will not be repeated here.

[0253] It should be understood that the processor in the embodiments of this application can be a CPU, but it can also be other general-purpose processors, DSPs, ASICs, FPGAs, or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The general-purpose processor can be a microprocessor or any conventional processor, etc.

[0254] It should also be understood that the memory in the embodiments of this application can be volatile memory or non-volatile memory, or may include both volatile and non-volatile memory. Non-volatile memory can be ROM, programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), EEPROM, or flash memory. Volatile memory can be RAM, which is used as an external cache. By way of example, but not limitation, many forms of RAM are available, such as static random access memory (SRAM), dynamic random access memory (DRAM), synchronous dynamic random access memory (SDRAM), double data rate synchronous dynamic random access memory (DDR SDRAM), enhanced synchronous dynamic random access memory (ESDRAM), synchronous linked dynamic random access memory (SLDRAM), and direct rambus RAM (DR RAM).

[0255] The above embodiments can be implemented, in whole or in part, by software, hardware (such as circuits), firmware, or any other combination thereof. When implemented using software, the above embodiments can be implemented, in whole or in part, in the form of a computer program product. The computer program product includes one or more computer instructions or computer programs. When the computer instructions or computer programs are loaded or executed on a computer, all or part of the processes or functions described in the embodiments of this application are generated. The computer can be a general-purpose computer, a special-purpose computer, a computer network, or other programmable device. The computer instructions can be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another. For example, the computer instructions can be transmitted from one website, computer, server, or data center to another website, computer, server, or data center via wired (e.g., infrared, wireless, microwave, etc.) means. The computer-readable storage medium can be any available medium that a computer can access or a data storage device such as a server or data center that includes one or more sets of available media. The available medium can be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium. A semiconductor medium can be a solid-state drive.

[0256] It should be understood that the term "and / or" in this article is merely a description of the relationship between related objects, indicating that three relationships can exist. For example, A and / or B can represent: A existing alone, A and B existing simultaneously, or B existing alone. A and B can be singular or plural. Additionally, the character " / " in this article generally indicates an "or" relationship between the preceding and following related objects, but it can also represent an "and / or" relationship. Please refer to the context for a more accurate understanding.

[0257] In this application, "at least one" means one or more, and "more than one" means two or more. "At least one of the following" or similar expressions refer to any combination of these items, including any combination of single or multiple items. For example, at least one of a, b, or c can mean: a, b, c, ab, ac, bc, or abc, where a, b, and c can be single or multiple.

[0258] It should be understood that in the various embodiments of this application, the order of the above-mentioned processes does not imply the order of execution. The execution order of each process should be determined by its function and internal logic, and should not constitute any limitation on the implementation process of the embodiments of this application.

[0259] Those skilled in the art will recognize that the units and algorithm steps of the various examples described in conjunction with the embodiments disclosed herein can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are implemented in hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art can use different methods to implement the described functions for each specific application, but such implementation should not be considered beyond the scope of this application.

[0260] Those skilled in the art will understand that, for the sake of convenience and brevity, the specific working processes of the systems, devices, and units described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here.

[0261] In the several embodiments provided in this application, it should be understood that the disclosed systems, apparatuses, and methods can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative; for instance, the division of units is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the coupling or direct coupling or communication connection shown or discussed may be through some interfaces; the indirect coupling or communication connection between apparatuses or units may be electrical, mechanical, or other forms.

[0262] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.

[0263] In addition, the functional units in the various embodiments of this application can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit.

[0264] If the aforementioned functions are implemented as software functional units and sold or used as independent products, they can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, or a portion of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of this application. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, ROM, RAM, magnetic disks, or optical disks.

[0265] The above description is merely a specific embodiment of this application, but the scope of protection of this application is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the scope of the technology disclosed in this application should be included within the scope of protection of this application. Therefore, the scope of protection of this application should be determined by the scope of the claims.

Claims

1. A communication method, characterized in that, Applied to a terminal device, the method includes: Obtain a first privacy protection configuration, wherein the first privacy protection configuration is used to determine a first privacy protection method and parameters for performing privacy protection processing on data using the first privacy protection method, and the first privacy protection method is an asymmetric privacy protection method; Send a first message, which includes first data after the user data has been processed for privacy protection according to the first privacy protection configuration.

2. The method according to claim 1, characterized in that, The first privacy protection method includes at least one of the following: noise addition processing, bit random response processing, data transformation processing, or differential privacy blurring processing.

3. The method according to claim 1 or 2, characterized in that, The process of obtaining the first privacy protection configuration includes: Receive second information, which is used to indicate the first privacy protection configuration.

4. The method according to claim 3, characterized in that, The second information includes: parameters for privacy protection processing of data using the first privacy protection method; or, the second information includes the identifier of the first privacy protection configuration.

5. The method according to claim 1 or 2, characterized in that, The process of obtaining the first privacy protection configuration includes: Receive at least one candidate privacy protection configuration from the access network device; A first privacy protection configuration is determined from the at least one candidate privacy protection configuration.

6. The method according to any one of claims 3-5, characterized in that, The first privacy protection configuration is determined based on at least one of the following: third information, fourth information, or fifth information, wherein the third information is used to indicate the service processing mode of the terminal device, or the third information is used to indicate the service processing mode and privacy protection requirements of the terminal device; the fourth information includes the privacy protection configuration preferred by the terminal device and / or the privacy protection method supported by the terminal device; the privacy protection configuration preferred by the terminal device includes the first privacy protection configuration, and the privacy protection method supported by the terminal device includes the first privacy protection method; the fifth information is used to indicate the processing capability of the access network device.

7. The method according to claim 6, characterized in that, If the information used to determine the first privacy protection configuration includes third information, the method further includes: Send the third message; or, If the information used to determine the first privacy protection configuration includes fourth information, the method further includes: Send the fourth message.

8. The method according to claim 1, characterized in that, The process of obtaining the first privacy protection configuration includes: The first privacy protection configuration is determined based on the processing capability of the access network device and the third information; the third information is used to indicate the service processing mode of the terminal device, or the third information is used to indicate the service processing mode and privacy protection requirements of the terminal device, and the first privacy protection configuration satisfies the privacy protection requirements.

9. The method according to claim 8, characterized in that, The method further includes: Send a sixth message to the access network device, the sixth message being used to request the processing capability of the access network device; The fifth information is received from the access network device; wherein the fifth information is used to indicate the processing capability of the access network device.

10. The method according to claim 8 or 9, characterized in that, The method further includes: A seventh message is sent to the access network device, the seventh message being used to determine the data processing method or the method for enhancing privacy protection of the data.

11. A communication method, characterized in that, Applied to access network equipment, the method includes: Obtain a first privacy protection configuration, wherein the first privacy protection configuration is used to determine a first privacy protection method and parameters for performing privacy protection processing on data using the first privacy protection method, and the first privacy protection method is an asymmetric privacy protection method; Send a second message to the terminal device, the second message being used to instruct the first privacy protection configuration; Receive first information from the terminal device, the first information including first data after the user data has been processed for privacy protection according to the first privacy protection configuration.

12. The method according to claim 11, characterized in that, The first privacy protection method includes at least one of the following: noise addition processing, bit random response processing, data transformation processing, or differential privacy blurring processing.

13. The method according to claim 11 or 12, characterized in that, The process of obtaining the first privacy protection configuration includes: Send third information to the core network element, the third information being used to indicate the service processing mode of the terminal device, or the third information being used to indicate the service processing mode and privacy protection requirements of the terminal device, wherein the first privacy protection configuration satisfies the privacy protection requirements; Receive second information from a core network element, the second information being used to indicate the first privacy protection configuration.

14. The method according to claim 13, characterized in that, The method further includes: Send a fifth piece of information to the core network element, the fifth piece of information being used to indicate the processing capability of the access network device; The system receives an eighth piece of information from a core network element. This eighth piece of information is used to determine one or more of the following: the data processing method or the method for enhancing privacy protection of data; wherein the eighth piece of information is determined based on the processing capability of the access network device.

15. The method according to claim 11 or 12, characterized in that, To obtain the first privacy protection configuration, including: Receive third information from the terminal device, the third information being used to indicate the service processing mode of the terminal device, or the third information being used to indicate the service processing mode and privacy protection requirements of the terminal device, wherein the first privacy protection configuration satisfies the privacy protection requirements; The first privacy protection configuration is determined based on the third information and the processing capability of the access network device.

16. A communication method, characterized in that, This communication method, applied to access network equipment, includes: Get multiple candidate privacy protection configurations; Multiple candidate privacy protection configurations are sent to the terminal device. Each candidate privacy protection configuration is used to determine the privacy protection method corresponding to each candidate privacy protection configuration and the parameters for performing privacy protection processing on the data using the privacy protection method. The privacy protection method is an asymmetric privacy protection method. Receive first information from a terminal device, the first information including first data after user data has been processed for privacy protection according to a first privacy protection configuration, the first privacy protection configuration being one of the plurality of candidate privacy protection configurations.

17. A communication method, characterized in that, Applied to access network equipment, the method includes: Send a fifth message to the terminal device; wherein the fifth message is used to indicate the processing capability of the access network device; The device receives seventh information from a terminal device, the seventh information being used to determine a data processing method or a method for enhancing privacy-preserving data, wherein the seventh information is determined based on the processing capabilities of the access network device.

18. A communication method, characterized in that, Applied to core network elements, the method includes: Receive third information, the third information being used to indicate the service processing method of the terminal device, or the third information being used to indicate the service processing method and privacy protection requirements of the terminal device; Send a second message; the second message is used to instruct a first privacy protection configuration, the first privacy protection configuration is used to determine a first privacy protection method and parameters for performing privacy protection processing on data using the first privacy protection method, the first privacy protection method is an asymmetric privacy protection method; the second message is determined based on the third message.

19. The method according to claim 18, characterized in that, The second information includes: parameters for privacy protection processing of data using the first privacy protection method; or, the second information includes the identifier of the first privacy protection configuration.

20. The method according to claim 19, characterized in that, The first privacy protection configuration is determined based on third-party information and the processing capabilities of the access network device.

21. The method according to any one of claims 18-20, characterized in that, The method further includes: Receive fifth information, which is used to indicate the processing capability of the access network device; Send an eighth message, which is used to determine one or more of the following: the data processing method or the method for enhancing privacy protection of data, wherein the eighth message is determined based on the processing capability of the access network device.

22. The method according to claim 20 or 21, characterized in that, The method further includes: Receive fifth information from the access network device, the fifth information being used to indicate the processing capability of the access network device.

23. A communication device, characterized in that, The communication device includes a module for performing the method as described in any one of claims 1-22.

24. A communication device, characterized in that, The communication device includes a processor and a transceiver, the transceiver being used for information exchange between the communication device and other communication devices, and the processor executing code instructions to perform the method as described in any one of claims 1-22.

25. A communication device, characterized in that, include: A processor for performing the method as described in any one of claims 1-22.

26. The communication device according to any one of claims 23-25, characterized in that, The communication device further includes a memory for storing code instructions relating to the method as described in any one of claims 1-22.

27. The communication device according to any one of claims 23-26, characterized in that, The communication device is a chip.

28. A computer-readable storage medium, characterized in that, The computer-readable storage medium includes a computer program or instructions that, when executed on a computer, cause the computer to perform the method as described in any one of claims 1-22.

29. A computer program product, characterized in that, The computer program product includes: a computer program or instructions that, when run on a computer, cause the computer to perform the method as described in any one of claims 1-22.