The configuration management client functional entity acts as the application user agent for configuration related transactions. The configuration management client interacts with the configuration management server and provides and receives configuration data. The configuration management client functional entity is supported by the signalling user agent and HTTP client functional entities of the signalling control plane. The configuration management client provides the functional alias management client functionality as described in subclause 7.4.2.2.12.

The configuration management server is a functional entity used to configure one or more MC service applications with non-group management MC service related information and configure data on the configuration management client. The configuration management server manages MC service configuration supported within the MC service provider. The configuration management server functional entity is supported by the SIP AS and HTTP server functional entities of the signalling control plane. The configuration management server provides the functional alias management server functionality as described in subclause 7.4.2.2.13.

The group management client functional entity acts as the application user agent for management of groups. A MC system maintains groups corresponding to one or more mission critical organizations. The group management client interacts with the group management server. The group management client functional entity is supported by the signalling user agent and HTTP client functional entities of the signalling control plane.

The group management server functional entity provides for management of groups supported within the MC service provider. The group management server functional entity is supported by the SIP AS and HTTP server functional entities of the signalling control plane. All the group management clients supporting users belonging to a single group are required to use the same group management server for that group. A group management client supporting a user involved in multiple groups can have relationships with multiple group management servers. The group management server manages media policy information for use by the UE for media processing. The group management server manages group call policy information for use by the UE for both on-network and off-network group call control.

This functional entity acts as the application user agent for MC ID transactions. It interacts with the identity management server.

The identity management server is a functional entity that is capable of authenticating the MC ID. It contains the knowledge and means to do authentication by verifying the credentials supplied by the user. The identity management server functional entity may reside in the same domain as the user's MC system.

This functional entity acts as the application user agent for key management functions. It interacts with the key management server. The functionality of the key management client is specified in TS 33.180.

The key management server is a functional entity that stores and provides security related information (e.g. encryption keys) to the key management client, group management server and MC service server(s) to achieve the security goals of confidentiality and integrity of media and signalling. The functionality of the key management server is specified in TS 33.180.

This functional entity acts as the application user agent for location management functions. It interacts with the location management server.

The location management server is a functional entity that receives and stores user location information, and provides user location information to the MC service server. The location management server may also acquire location information provided by PLMN operator (e.g. LCS network).

The functional alias management client functional entity acts as the application user agent for management of functional aliases. The functional alias management client interacts with the functional alias management server. The functional management client functional entity is supported by the signalling user agent and by the HTTP client functional entities of the signalling control plane.

The functional alias management server functional entity provides the configuration management of functional alias(es). The functional alias management server functional entity is supported by the SIP AS and by the HTTP server functional entities of the signalling control plane.

The MC service client functional entity acts as the user agent for all MC service transactions. For a specific MC service, the detailed description of functions of the MC service client is contained in the corresponding MC service TS.

The MC service server functional entity provides centralised support for MC services. The MC service server functional entity represents a specific instantiation of the GCS AS described in TS 23.468 to control multicast and unicast operations for group communications. For a specific MC service, the detailed description of the GCS AS role assumed by the MC service server is contained in the corresponding MC service TS. The MC service server performs the functional alias controlling role for functional alias management including functional alias activation, deactivation, take over and interrogation. For a single functional alias, only one MC service server is specified as the functional alias controlling role. The detailed description of the functional alias controlling role assumed by the different MC service servers are contained in TS 23.379, TS 23.281 and TS 23.282. The MC service server functional entity is supported by the SIP AS, HTTP client and HTTP server functional entities of the signalling control plane.

This functional entity contains information of the MC service user profile associated with an MC service ID that is held by the MC service provider at the application plane. The MC service user profile is determined by the mission critical organization, the MC service provider, and potentially the MC service user. Each MC service shall have a corresponding MC service user database i.e. MCPTT user database as defined in TS 23.379, MCVideo user database as defined in TS 23.281 and MCData user database as defined in TS 23.282. These MC service user databases can be co-located.

The MC gateway server provides support for interconnection between a primary MC system and a partner MC system in a different trust domain whilst providing topology hiding. It acts as a proxy for one or more MC service servers in the partner MC system without needing to expose the MC service servers in the primary MC system outside the trusted domain of the primary MC system. It may be a role of an MC service server described in subclause 7.4.2.3.2 of the present document. The MC gateway server is responsible for relaying signalling control messages and media between MC service servers in the interconnected MC systems.

The MC replay client is a functional entity that can be used by an authorized user to retrieve recorded metadata and media from an MC recording server and replay it. An MC replay client may be used in an MC replay UE. It may also be included in an MC service UE.

The MC recording server is a functional entity that can receive and record communications metadata and media relating to target users and target groups from MC service servers. The MC recording server securely stores the recorded information into mass storage(s) and allows controlled access for replay/retrieve functions. The security aspects of storing metadata and media into mass storage is specified in TS 33.180. The MC recording server functional entity is supported by the SIP AS and HTTP server functional entities of the signalling control plane. The target users and/or groups for recording are set in the MC service user profile configuration data (A.3) and in the group configuration data (A.4). This can be done by an authorized user utilizing the CSC-4 reference point.

The recorded media and metadata are stored on mass storage(s). The storage solution is outside the scope of the present document.

The ACM client is a functional entity that acts as the application user agent for an authorized user that is responsible for requesting, approving, and applying configurations between a primary MC system and partner MC system. These configurations include MC service user profile, group management, and associated system parameters. The administrative configuration management client interacts with the administrative configuration management server. The ACM client functional entity is supported by the signalling user agent and by the HTTP client functional entities of the signalling control plane.

The ACM server is a functional entity that provides the necessary capabilities to control and perform required transactions to exchange administrative configurations and/or information between partner MC system(s). ACM server has the following functions:

• Provides the temporary storage of configuration changes when requests are received from a partner MC system. The configuration changes include MC service user profile, group management configuration, and associated system parameters.
• Supports requests from the ACM client that result in exchanges with the partner MC system to share administrative configurations and information.
• Controls, processes, validates, accepts, forwards or rejects administrative configuration exchange based on a set of pre-defined rules and policies.

The administrative configuration management server functional entity is supported by the SIP AS and by the HTTP server functional entities of the signalling control plane.

This functional entity acts as the SIP user agent (both client and server) for all SIP transactions.

The SIP AS functional entity supports the following functions on behalf of the MC service:

• influencing and impacting the SIP session; and
• supporting event subscription and event notification.

This functional entity acts as a proxy agent for Diameter messaging as specified in RFC 6733. The Diameter proxy, when used on the AAA-2 interface may also be present in the SIP core / IMS.

The SIP database contains information concerning the SIP subscriptions and corresponding identity and authentication information required by the SIP core, and such information as application service selection. In deployment scenarios where the PLMN operator provides the SIP core, this database is provided by the HSS. In deployment scenarios where the MC service provider provides the SIP core, the SIP database may be provided by the MC service provider. Access to the data residing in the SIP database is restricted to the SIP core entities that are specifically serving the subscriber/user whose data are stored, i.e. registrars and registrar finders can access SIP databases only when they are part of the same trust domain for the data being provided. The SIP database is responsible for storing the following user related information:

• signalling plane user identities: Numbering and addressing information;
• signalling plane security information: SIP core access control information for authentication and authorization;
• MC service UE Location information at inter-system level: the SIP database supports the user registration, and stores inter-system location information, etc.; and
• signalling plane subscription profile (including initial filter criteria).

The SIP database also generates signalling plane security information for mutual authentication, communication integrity check and ciphering. Based on this information, the SIP database is also responsible to support the call control and session management entities of the SIP core. The SIP database consists of the following functionalities:

• support for control functions of the SIP core such as the Registrar and Registrar finder. This is needed to enable subscriber usage of the SIP core services. This functionality is independent of the access network used to access the SIP core; and
• authentication functionality required by the SIP core to authenticate the MC service UE.

The SIP database provides the following logical functions:

1. mobility management;
   • provides the UE mobility through the SIP core.
2. registrar assignment support;
   • provides to the registrar finder the required capabilities for MC services based on MC service provider requirements on a per-user basis, (e.g. whether a particular registrar within the PLMN operator's network (e.g. a registrar reserved for MC service use or a registrar in a secure location) or a registrar within the MC service provider network is assigned.
3. call and/or session establishment support;
   • provides the call and/or session establishment procedures in the SIP core. For terminating traffic, it provides information on which registrar currently hosts the user.
4. user security information generation;
   • provides generation of user authentication, integrity and ciphering data for the SIP core.
5. signalling plane security support;
   • provides authentication procedures to access MC services by storing the generated data for authentication, integrity and ciphering at the signalling plane and by providing these data to the appropriate registrar.
6. user identification handling;
   • provides the appropriate relations among all the identifiers uniquely determining the signalling plane identities in the SIP core e.g. IMS public identities.
7. access authorisation; and
   • provides authorisation of the user for mobile access when requested by the registrar e.g. by checking that the user is allowed to roam to that visited network.
8. service authorisation support.
   • provides basic authorisation for terminating call/session establishment and service invocation. The SIP database may update the registrar with filter criteria to trigger the MC service server(s).

This functional entity acts as the client for all hypertext transactions.

This functional entity acts as a proxy for hypertext transactions between the HTTP client and one or more HTTP servers. The HTTP proxy terminates a TLS session on HTTP-1 with the HTTP client of the MC service UE allowing the HTTP client to establish a single TLS session for hypertext transactions with multiple HTTP servers that are reachable by the HTTP proxy. The HTTP proxy terminates the HTTP-3 reference point that lies between different HTTP proxies. It may provide a topology hiding function from HTTP entities outside the trust domain of the MC system. The HTTP proxy is not used as part of CSC-1 interface. CSC-1 is a direct HTTP interface between the IdM client in the UE and the IdM server as specified in TS 33.180. According to TS 33.180, either an HTTP proxy or a direct HTTP interface is used between the key management server and the key management client in the UE for CSC-8. The HTTP proxy shall be in the same trust domain as the HTTP clients and HTTP servers that are located within a MC service provider's network. There can be multiple instances of an HTTP proxy e.g. one per trust domain.

This functional entity acts as the HTTP server for all hypertext transactions.