My 5G lawful interception notes

From Got Opinion Wiki
Revision as of 07:33, 29 October 2020 by Paul (talk | contribs) (initial page creation)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

5G target identifier info

5G identifiers in general

See 3GPP 23.003 document that defines the principal purpose and use of different naming, numbering, addressing and identification resources (i.e. Identifiers (ID)) within the digital cellular telecommunications system and the 3GPP system.

Identifier Acronym Full Identifier Defined in Meaning
SUPI Subscription Permanent Identifier 3GPP 23.501 § 5.9.2 A globally unique 5G Subscription Permanent Identifier (SUPI) shall be allocated to each subscriber in the 5G System and provisioned in the UDM/UDR. The SUPI is used only inside 3GPP system, and its privacy is specified in TS 33.501. The SUPI may contain:
  • an IMSI as defined in TS 23.003, or
  • a network-specific identifier, used for private networks as defined in TS 22.261
  • a GLI and an operator identifier of the 5GC operator, used for supporting FN-BRGs, as further described in TS 23.316
  • a GCI and an operator identifier of the 5GC operator, used for supporting FN-CRGs and 5G-CRG, as further described in TS 23.316

A SUPI containing a network-specific identifier shall take the form of a Network Access Identifier (NAI) using the NAI RFC 7542 based user identification as defined in TS 23.003.

When UE needs to indicate its SUPI to the network (e.g. as part of the Registration procedure), the UE provides the SUPI in concealed form as defined in TS 23.003.

In order to enable roaming scenarios, the SUPI shall contain the address of the home network (e.g. the MCC and MNC in the case of an IMSI based SUPI).

For interworking with the EPC, the SUPI allocated to the 3GPP UE shall always be based on an IMSI to enable the UE to present an IMSI to the EPC.

The usage of SUPI for W-5GAN is further specified in TS 23.316.

SUCI Subscription Concealed Identifier 3GPP 23.501 § 5.9.2a The Subscription Concealed Identifier (SUCI) is a privacy preserving identifier containing the concealed SUPI. It is specified in TS 33.501. The usage of SUCI for W-5GAN access is further specified in TS 23.316.
PEI Permanent Equipment Identifier 3GPP 23.501 § 5.9.3 A Permanent Equipment Identifier (PEI) is defined for the 3GPP UE accessing the 5G System.

The PEI can assume different formats for different UE types and use cases. The UE shall present the PEI to the network together with an indication of the PEI format being used.

If the UE supports at least one 3GPP access technology (i.e. NG-RAN, E-UTRAN, UTRAN or GERAN), the UE must be allocated a PEI in the IMEI or IMEISV format.

In the scope of this release, the PEI may be one of the following:

  • for UEs that support at least one 3GPP access technology, an IMEI or IMEISV, as defined in TS 23.003;
  • PEI used in the case of W-5GAN access as further specified in TS 23.316.
  • for UEs not supporting any 3GPP access technologies, the IEEE Extended Unique Identifier EUI-64 of the access technology the UE uses to connect to the 5GC.
5G-GUTI 5G Globally Unique Temporary Identifier 3GPP 23.501 § 5.9.4 The AMF shall allocate a 5G Globally Unique Temporary Identifier (5G-GUTI) to the UE that is common to both 3GPP and non-3GPP access. It shall be possible to use the same 5G-GUTI for accessing 3GPP access and non-3GPP access security context within the AMF for the given UE. An AMF may re-assign a new 5G-GUTI to the UE at any time. The AMF provides a new 5G-GUTI to the UE under the conditions specified in clause 6.12.3 in TS 33.501. When the UE is in CM-IDLE, the AMF may delay providing the UE with a new 5G-GUTI until the next NAS transaction.

The 5G-GUTI shall be structured as <5G-GUTI> := <GUAMI> <5G-TMSI> where GUAMI identifies one or more AMF(s).

When the GUAMI identifies only one AMF, the 5G-TMSI identifies the UE uniquely within the AMF. However, when AMF assigns a 5G-GUTI to the UE with a GUAMI value used by more than one AMF, the AMF shall ensure that the 5G-TMSI value used within the assigned 5G-GUTI is not already in use by the other AMF(s) sharing that GUAMI value.

The Globally Unique AMF ID (GUAMI) shall be structured as <GUAMI> := <MCC> <MNC> <AMF Region ID> <AMF Set ID> <AMF Pointer> where AMF Region ID identifies the region, AMF Set ID uniquely identifies the AMF Set within the AMF Region and AMF Pointer identifies one or more AMFs within the AMF Set.

NOTE 1: The AMF Region ID addresses the case that there are more AMFs in the network than the number of AMFs that can be supported by AMF Set ID and AMF Pointer by enabling operators to re-use the same AMF Set IDs and AMF Pointers in different regions.

NOTE 2: In the case of SNPNs, the PLMN IDs may be shared among SNPNs such that the constructed GUAMIs are not globally unique. However, PLMN ID and NID are provided together, separate from the GUAMI, to uniquely identify selected or supported SNPN in RRC and N2. NOTE 3: See TS 23.003 for details on the structure of the fields of GUAMI.

The 5G-S-TMSI is the shortened form of the GUTI to enable more efficient radio signalling procedures (e.g. during Paging and Service Request) and is defined as <5G-S-TMSI> := <AMF Set ID> <AMF Pointer> <5G-TMSI>

As specified in TS 38.304 and TS 36.304 for 3GPP access, the NG-RAN uses the 10 Least Significant Bits of the 5G-TMSI in the determination of the time at which different UEs are paged. Hence, the AMF shall ensure that the 10 Least Significant Bits of the 5G-TMSI are evenly distributed.

As specified in TS 38.331 and TS 36.331 for 3GPP access, the NG-RAN's RRC Connection Establishment's contention resolution process assumes that there is a low probability of the same 5G-TMSI being allocated by different AMFs to different UEs. The AMFs' process for allocating the 5G-TMSI should take this account. NOTE 4: To achieve this, the AMF could, for example, use a random seed number for any process it uses when choosing the UE's 5G-TMSI.

AMF Name 3GPP 23.501 § 5.9.5 An AMF is identified by an AMF Name. AMF Name is a globally unique FQDN, the structure of AMF Name FQDN is defined in TS 23.003]. An AMF can be configured with one or more GUAMIs. At a given time, GUAMI with distinct AMF Pointer value is associated to one AMF name only.
IGI Internal-Group Identifier 3GPP 23.501 § 5.9.7 The subscription data for an UE in UDR may associate the subscriber with groups. A group is identified by an Internal-Group Identifier.

NOTE 1: A UE can belong to a limited number of groups, the exact number is defined in stage 3 specifications.
NOTE 2: In this Release of the specification, the support of groups is only defined in non-roaming case.
The Internal-Group Identifier(s) corresponding to an UE are provided by the UDM to the SMF as part Session Management Subscription data and (when PCC applies to a PDU Session) by the SMF to the PCF. The SMF may use this information to apply local policies and to store this information in CDR. The PCF may use this information to enforce AF requests as described in clause 5.6.7. The Internal-Group Identifier(s) corresponding to an UE are provided by the UDM to the AMF as part of Access and Mobility Subscription data. The AMF may use this information to apply local policies (such as Group specific NAS level congestion control defined in clause 5.19.7.5).

GPSI Generic Public Subscription Identifier 3GPP 23.003 § 28.8 The Generic Public Subscription Identifier (GPSI) is defined in clause 5.9.8 of 3GPP TS 23.501.

The GPSI is defined as:

  • a GPSI type: in this release of the specification, it may indicate an MSISDN or an External Identifier; and
  • dependent on the value of the GPSI type:
  • an MSISDN as defined in clause 3.3; or
  • an External Identifier as defined in clause 19.7.2.

NOTE: Depending on the protocol used to convey the GPSI, the GPSI type can take different formats.

NAI Network Access Identifier Example
Email address
E164Number


Lawful interception (LI) at each network or service function and applicable target identifiers.

Target identifier AMF SMF/UPF UDM SMSF Location MMS Proxy-Relay
SUPIIMSI
SUPINAI
PEIIMEI
PEIIMEISV
GPSIMSISDN
GPSINAI
PEI
GPSI
SUPI
E164Number
EmailAddress
IMPI
IMPU
IMSI
NAI

IRI events

Network layer

The IRI-POI present in the AMF shall generate xIRI, when it detects the following specific events or information:

  • Registration.
  • Deregistration.
  • Location update.
  • Start of interception with already registered UE.
  • Unsuccessful communication related attempt.

The IRI-POI present in the SMF/UPF shall generate xIRI, when it detects the following specific events or information:

  • PDU session establishment.
  • PDU session modification.
  • PDU session release.
  • Start of interception with an established PDU session.

The IRI-POI present in the SMSF shall generate xIRI, when it detects the following specific events or information:

  • SMS message.

Service layer

The IRI-POI present in the UDM shall generate xIRI, when the UDM detects the following specific events or information:

  • Serving system.
  • Subscriber record change.
  • Cancel location.
  • Location information request.

The IRI-POI present in the IMS Signalling Function generates the following xIRI:

  • Encapsulated SIP message.
  • CC unavailable in serving PLMN.
  • Start of interception with an established IMS session.

The IRI-POI present in the MMS Proxy-Relay shall generate xIRI, when it detects the following specific events or information:

  • An MMS message is sent by the target or sent to the target.
My lawful interception notes
Retrieved from "https://wiki.gotopinion.info/wiki/index.php?title=My_5G_lawful_interception_notes&oldid=2304"