Securing a wireless communication system involves protecting the integrity and/or confidentiality of exchanged communication. A Long Term Evolution (LTE) system for instance mandates that user plane communications on the access stratum (AS) between the user equipment (UE) and the radio access network (RAN) be protected in terms of confidentiality, and that control plane communications on the AS be protected in terms of both integrity and confidentiality. Inflexibly requiring this sort of security without exception may not be desirable in all circumstances, though, as it may prove unnecessarily taxing on network resources, power, system throughput, etc. Allowing user plane AS security to be optional nonetheless introduces challenges in ensuring that the security is selectively activated when desired and left deactivated when undesired.