Difference between revisions of "My 3GPP TS 23.003 notes"

From Got Opinion Wiki
Jump to navigation Jump to search
Line 63: Line 63:
:NOTE 2: If the null protection scheme is used, the NFs can derive SUPI from SUCI when needed. The AMF derives SUPI used for AUSF discovery from SUCI when the Routing-Indicator is zero and the protection scheme is null. For an anonymous SUCI, an NF can derive an anonymous SUPI from an anonymous SUCI when needed; this is, the NF can derive a SUPI in NAI format for which the "username" part of the SUPI is "anonymous" or omitted.
:NOTE 2: If the null protection scheme is used, the NFs can derive SUPI from SUCI when needed. The AMF derives SUPI used for AUSF discovery from SUCI when the Routing-Indicator is zero and the protection scheme is null. For an anonymous SUCI, an NF can derive an anonymous SUPI from an anonymous SUCI when needed; this is, the NF can derive a SUPI in NAI format for which the "username" part of the SUPI is "anonymous" or omitted.


== 2.4 Structure of TMSI (also 5G-TMSI) ==
== 2.4 Structure of Temporary Mobile Subscriber Identity (TMSI) and 5G-TMSI ==


Since the TMSI has only local significance (i.e. within a VLR and the area controlled by a VLR, or within an SGSN and the area controlled by an SGSN, or within an MME and the area controlled by an MME), the structure and coding of it can be chosen by agreement between operator and manufacturer in order to meet local needs.
Since the TMSI has only local significance (i.e. within a VLR and the area controlled by a VLR, or within an SGSN and the area controlled by an SGSN, or within an MME and the area controlled by an MME), the structure and coding of it can be chosen by agreement between operator and manufacturer in order to meet local needs.

Revision as of 07:05, 27 October 2022

International Mobile Subscriber Identity (IMSI) § 2.2

IMSI is composed as shown:

IMSI struct

IMSI is composed of three parts:

  1. Mobile Country Code (MCC) consisting of three digits. The MCC identifies uniquely the country of domicile of the mobile subscription;
  2. Mobile Network Code (MNC) consisting of two or three digits for 3GPP network applications. The MNC identifies the home PLMN of the mobile subscription within its country of domicile, or it identifies together with MCC and NID the mobile subscription's SNPN. The length of the MNC (two or three digits) depends on the value of the MCC. A mixture of two and three digit MNC codes within a single MCC area is not recommended and is outside the scope of 3GPP TS 23.003.
  3. Mobile Subscriber Identification Number (MSIN) identifying the mobile subscription within a PLMN or SNPN.

Subscription Permanent Identifier (SUPI) § 2.2A

The SUPI is a globally unique 5G Subscription Permanent Identifier allocated to each subscriber in the 5G System. It is defined in clause 5.9.2 of 3GPP TS 23.501.

The SUPI is defined as:

  • a SUPI type: in this release of the specification, it may indicate an IMSI, a Network Specific Identifier (NSI), a Global Line Identifier (GLI) or a Global Cable Identifier (GCI); and
  • dependent on the value of the SUPI type:
    • an IMSI as defined in clause 2.1;
    • a Network Specific Identifier (NSI), taking the form of a Network Access Identifier (NAI) as defined in clause 28.7.2;
    • a Global Cable Identifier (GCI) taking the form of a NAI as defined in clause 28.15.2;
    • a Global Line Identifier (GLI) taking the form of an NAI as defined in clause 28.16.2.
NOTE: Depending on the protocol used to convey the SUPI, the SUPI type can take different formats.

See clauses 4.7.2, 4.7.3 and 4.7.4 of 3GPP TS 23.316 for details on which types of SUPI are supported by 5G-BRG, FN-BRG, 5G-CRG and FN-CRG.

Subscription Concealed Identifier (SUCI) § 2.2B

The SUCI is a privacy preserving identifier containing the concealed SUPI. It is defined in clause 6.12.2 of 3GPP TS 33.501.

SUCI struct

The SUCI is composed of the following parts:

1) SUPI Type, consisting in a value in the range 0 to 7. It identifies the type of the SUPI concealed in the SUCI. The following values are defined:
- 0: IMSI
- 1: Network Specific Identifier (NSI)
- 2: Global Line Identifier (GLI)
- 3: Global Cable Identifier (GCI)
- 4 to 7: spare values for future use.
2) Home Network Identifier, identifying the home network of the subscriber.
When the SUPI Type is an IMSI, the Home Network Identifier is composed of two parts:
- Mobile Country Code (MCC), consisting of three decimal digits. The MCC identifies uniquely the country of domicile of the mobile subscription;
- Mobile Network Code (MNC), consisting of two or three decimal digits. The MNC identifies the home PLMN or SNPN of the mobile subscription.
When the SUPI type is a Network Specific Identifier (NSI), a GLI or a GCI, the Home Network Identifier consists of a string of characters with a variable length representing a domain name as specified in clause 2.2 of IETF RFC 7542. For a GLI or a GCI, the domain name shall correspond to the realm part specified in the NAI format for SUPI in clauses 28.15.2 and 28.16.2.
3) Routing Indicator, consisting of 1 to 4 decimal digits assigned by the home network operator and provisioned in the USIM, that allow together with the Home Network Identifier to route network signalling with SUCI to AUSF and UDM instances capable to serve the subscriber.
Each decimal digit present in the Routing Indicator shall be regarded as meaningful (e.g. value "012" is not the same as value "12"). If no Routing Indicator is configured on the USIM or the ME, this data field shall be set to the value 0 (i.e. only consist of one decimal digit of "0").
4) Protection Scheme Identifier, consisting in a value in the range of 0 to 15 (see Annex C.1 of 3GPP TS 33.501). It represents the null scheme or a non-null scheme specified in Annex C of 3GPP TS 33.501 or a protection scheme specified by the HPLMN; the null scheme shall be used if the SUPI type is a GLI or GCI.
5) Home Network Public Key Identifier, consisting in a value in the range 0 to 255. It represents a public key provisioned by the HPLMN or SNPN and it is used to identify the key used for SUPI protection. This data field shall be set to the value 0 if and only if null protection scheme is used;
6) Scheme Output, consisting of a string of characters with a variable length or hexadecimal digits, dependent on the used protection scheme, as defined below. It represents the output of a public key protection scheme specified in Annex C of 3GPP TS 33.501 or the output of a protection scheme specified by the HPLMN.

Figure 2.2B-2 defines the scheme output for the null protection scheme. Figure recreated here:

Scheme output for null protection scheme struct

The Mobile Subscriber Identification Number ("MSIN") is defined in clause 2.2; the "username" corresponds to the username part of a NAI, and it is applicable to SUPI types Network-Specific Identifier (clause 28.7.2), Global Line Identifier (GLI) (clause 28.16.2) or Global Cable Identifier (GCI) (clause 28.15.2).

NOTE 1: For a SUCI with SUPI Type 2 or 3 (i.e. GLI or GCI), the SUCI can, based on subscription information, act as a pseudonym of the actual SUPI containing an IMSI (see 3GPP TS 23.316 [131], clauses 4.7.3 and 4.7.4). If so, the UDM derives the actual SUPI (IMSI) from the de-concealed SUCI (GLI/GCI).

An anonymous SUCI is composed by setting the SUPI Type field to 1 (Network-Specific Identifier), using the null protection scheme, and where the scheme output corresponds to a username set to either the "anonymous" string or to an empty string (see IETF RFC 7542, clause 2.4).

The scheme output is formatted as a variable length of characters as specified for the username in clause 2.2 of IETF RFC 7542.

NOTE 2: If the null protection scheme is used, the NFs can derive SUPI from SUCI when needed. The AMF derives SUPI used for AUSF discovery from SUCI when the Routing-Indicator is zero and the protection scheme is null. For an anonymous SUCI, an NF can derive an anonymous SUPI from an anonymous SUCI when needed; this is, the NF can derive a SUPI in NAI format for which the "username" part of the SUPI is "anonymous" or omitted.

2.4 Structure of Temporary Mobile Subscriber Identity (TMSI) and 5G-TMSI

Since the TMSI has only local significance (i.e. within a VLR and the area controlled by a VLR, or within an SGSN and the area controlled by an SGSN, or within an MME and the area controlled by an MME), the structure and coding of it can be chosen by agreement between operator and manufacturer in order to meet local needs.

The TMSI consists of 4 octets.

The 5G-TMSI is also 4 octets (32 bits), local to one AMF, and uniquely identifies a UE within that AMF. The 5G-TMSI structure and coding format is operator and manufacturer dependent.

5G Globally Unique Temporary UE Identity (5G-GUTI) § 2.10

Introduction § 2.10.1

The purpose of the 5G-GUTI is to provide an unambiguous identification of the UE that does not reveal the UE or the user's permanent identity in the 5G System (5GS). It also allows the identification of the Access and Mobility Management Function (AMF) and network. It can be used by the network and the UE to establish the UE's identity during signalling between them in the 5GS. See 3GPP TS 23.501.

The 5G-GUTI has two main components:

  • one that identifies the AMF(s) which allocated the 5G-GUTI; and
  • one that uniquely identifies the UE within the AMF(s) that allocated the 5G-GUTI.

Within the AMF(s), the mobile shall be identified by the 5G-TMSI.

The Globally Unique AMF Identifier (GUAMI) shall be constructed from the MCC, MNC and AMF Identifier (AMFI).

The AMFI shall be constructed from an AMF Region ID, an AMF Set ID and an AMF Pointer. The AMF Region ID identifies the region, the AMF Set ID uniquely identifies the AMF Set within the AMF Region, and the AMF Pointer identifies one or more AMFs within the AMF Set.

NOTE: When the UE is assigned a 5G-GUTI with an AMF Pointer value used by more than one AMF, the AMFs need to ensure that the 5G-TMSI value used within the assigned 5G-GUTI is not already in use within the AMF's sharing that pointer value.

The 5G-GUTI shall be constructed from the GUAMI and the 5G-TMSI.

For paging purposes, the mobile is paged with the 5G-S-TMSI. The 5G-S-TMSI shall be constructed from the AMF Set ID, the AMF Pointer and the 5G-TMSI.

The operator shall need to ensure that the combination of the AMF Set ID and AMF Pointer is unique within the AMF Region and, if overlapping AMF Regions are in use, unique within the area of overlapping AMF Regions.

The 5G-GUTI shall be used to support subscriber identity confidentiality, and, in the shortened 5G-S-TMSI form, to enable more efficient radio signalling procedures (e.g. paging and Service Request).

The format and size of the 5G-GUTI is therefore the following:

<5G-GUTI> = <GUAMI><5G-TMSI>, where <GUAMI> = <MCC><MNC><AMF Identifier> and <AMF Identifier> = <AMF Region ID><AMF Set ID><AMF Pointer>

MCC and MNC shall have the same field size as in earlier 3GPP systems. See 3GPP TS 24.008 § 10.5.1.3 for details of MCC (12bits) and MNC (12 bits) size and formatting.

5G-TMSI shall be of 32 bits length.

AMF Region ID shall be of 8 bits length.

AMF Set ID shall be of 10 bits length.

AMF Pointer shall be of 6 bits length.

Diagram:

5G-GUTI struct

Structure of the 5G-S-Temporary Mobile Subscriber Identity (5G-S-TMSI) § 2.11

The 5G-S-TMSI is the shortened form of the 5G-GUTI to enable more efficient radio signalling procedures (e.g. paging and Service Request). For paging purposes, the mobile is paged with the 5G-S-TMSI. The 5G-S-TMSI shall be constructed from the AMF Set ID, the AMF Pointer and the 5G-TMSI:

<5G-S-TMSI> = <AMF Set ID><AMF Pointer><5G-TMSI>

Definition of Access Point Name § 9

In the GPRS backbone, an Access Point Name (APN) is a reference to a GGSN. To support inter-PLMN roaming, the internal GPRS DNS functionality is used to translate the APN into the IP address of the GGSN.

Definition of Data Network Name § 9A

In 5GS, the Data Network Name (DNN) is equivalent to an APN in EPS. The DNN is a reference to a data network, it may be used e.g. to select SMF or UPF.

The requirements for APN in clause 9 shall apply for DNN in a 5GS as well.

NR Cell Identity (NCI) and NR Cell Global Identity (NCGI) § 19.6A

The NR Cell Global Identity (NCGI) shall be composed of the concatenation of the PLMN Identifier (PLMN-Id) and the NR Cell Identity (NCI) as shown in figure 19.6A-1 and shall be globally unique:

MCC + MNC + NCI

The NCI shall be of fixed length of 36 bits and shall be coded using full hexadecimal representation. The exact coding of the NCI is the responsibility of each PLMN operator. For more details on NCI and NCGI, see 3GPP TS 38.413.

NOTE: In the 5G Core Network protocols, when the NCGI needs to be identified in the context of Standalone Non-Public Networks (SNPN), the Network Identifier (NID) of the SNPN is included as part of the NCGI Information Element (see 3GPP TS 29.571); this is a protocol aspect that does not imply any change on the system-wide definition of the NCGI.

Numbering, addressing and identification for 5G System (5GS) § 28

Introduction § 28.1

This clause describes the format of the parameters, identifiers and information used for the 5G system. For further information on these, see 3GPP TS 23.501, 3GPP TS 23.502 and 3GPP TS 23.503.

NAI format for SUPI see § 28.7.2

NAI format for SUCI see § 28.7.3

NAI format for 5G-GUTI see § 28.7.8

To Telecommunications info