A future mobile communications network includes various services, where the services have different security requirements. A future mobile communications network has a key center, which can control and manage generation and distribution of keys, to satisfy security requirements of services.
However, the following problem occurs if a 2G/3G/4G security protection mode continues to be used: Because all root keys are stored on a core node, that is, a home subscriber server (HSS), an authentication flexibility requirement of a service cannot be satisfied. If authentication of mass devices all requires participation of the HSS, system complexity is increased.
Therefore, in view of a security requirement of a future service, a more flexible authentication manner needs to be designed to satisfy an authentication flexibility requirement of a service.