摘要 |
Embodiments of the present invention provide a method and a device for processing a data security channel of a tunnel, where the method includes: receiving an authentication and authorization request of an access side, and determining a trust relationship of access of a user equipment; and when an S6b interface session of the user equipment exists, sending a message including information about the trust relationship of the access of the user equipment to a packet data gateway, so that the packet data gateway establishes or updates a data security channel of an S2c tunnel according to the information about the trust relationship. In the embodiments of the present invention, when a user equipment accesses an EPS network via an S2c interface, and when an authentication and authorization request of an access side is received, if an S6b interface session of the accessed user equipment already exists, a message that includes information about a trust relationship of access of the user equipment is sent to a packet data gateway, so that the packet data gateway can obtain the trust relationship of the user equipment when the user equipment accesses the EPS network via the S2c interface, ensuring correct establishment or update of a data security channel of an S2c tunnel. |