Embodiments described herein provide security for end users of User Equipment (UE) that utilize service chaining for Service Data Flows (SDFs). One embodiment comprises a Policy and Charging Rules Function (PCRF) that determines that a service chain is enabled for a SDF requested by an end user of a UE. The PCRF identifies a service function implemented in the service chain that processes the SDF based on a generic security policy, and identifies a security rule for the end user for filtering the SDF by the service function. The PCRF provides the security rule to the service function for filtering the SDF within the service chain.
