Content for TS 24.234 Word version: 12.2.0

3.1 Definitions 3.2 Symbols 3.3 Abbreviations 4.1 3GPP WLAN interworking system 4.2 WLAN UE identities 4.3 Scanning procedures 4.4 Network discovery
...

1 Scope p. 7

The present document specifies the network selection, including authentication and access authorization using authentication, authorization and accounting (AAA) procedures used for the interworking of the 3GPP system and WLANs. In addition to these, the present document also specifies the tunnel management procedures used for establishing an end-to-end tunnel from the WLAN UE to the 3GPP network via the Wu reference point.

The present document is applicable to the WLAN user equipment (UE) and the network. In this technical specification the network includes the WLAN and 3GPP network.

Tunnel management signalling is carried between WLAN-UE and WLAN by WLAN access technology specific protocols, however this signalling is transparent to the WLAN.

Tunnel management procedures are defined to be independent of the underlying WLAN access technology and as such can be reused independently of the underlying technology.

The present document specifies procedures within I-WLAN necessary in order for IMS emergency calls to be supported when I-WLAN is used as the underlying access network. These involve both network selection as well as tunnel management procedures.

WLAN Network Selection supersedes I-WLAN for UE WLAN selection as specified in TS 24.302 from Rel-12 onwards.

No further changes to this specification are intended. If any future evolution of the procedures in this specification is necessary, it should be documented in other specifications.

2 References p. 7

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.

References are either specific (identified by date of publication, edition number, version number, etc.) or non specific.
For a specific reference, subsequent revisions do not apply.
For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.

[1]

TS 23.122: "Non-Access-Stratum functions related to Mobile Station (MS) in idle mode".

[1A]

TS 23.003: "Numbering, addressing and identification".

[1B]

TS 23.002: "Network architecture".

[1C]

TR 21.905: "Vocabulary for 3GPP Specifications".

[2]

TS 23.234: "3GPP system to Wireless Local Area Network (WLAN) interworking; System description".

[3]

TS 29.234: Release 11: "3GPP system to Wireless Local Area Network (WLAN) interworking; Stage 3".

[3A]

TS 29.161: Release 11: "Interworking between the Public Land Mobile Network (PLMN) supporting packet based services with Wireless Local Area Network (WLAN) Access and Packet Data Networks (PDN)".

[4] Void

[5]

TS 33.234: "3G security; Wireless Local Area Network (WLAN) interworking security".

[6]

RFC 3748 (June 2004): "Extensible Authentication Protocol (EAP)".

[7]

RFC 1035 (November 1987): "Domain names - implementation and specification".

[8]

Void

[9]

RFC 4187 (January 2006): "Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP AKA)".

[10]

RFC 4186 (January 2006): "Extensible Authentication Protocol Method for GSM Subscriber Identity Modules (EAP-SIM)".

[11]

IEEE Std 802.11 (2007: "Standard for Information Technology - Telecommunications and information exchange between systems - Local and Metropolitan Area networks - Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications".

[12]

RFC 4284 (January 2006): "Identity selection hints for Extensible Authentication Protocol (EAP)".

[13]

TS 31.102: "Characteristics of the USIM application".

[14]

RFC 5996 (September 2010): "Internet Key Exchange Protocol Version 2 (IKEv2)".

[15]

RFC 4303 (December 2005): "IP Encapsulating Security Payload (ESP)".

[16]

RFC 4739 (November 2006): "Multiple Authentication Exchanges in the Internet Key Exchange (IKEv2) Protocol".

[16A]

RFC 5216 (March 2008): "The EAP-TLS Authentication Protocol".

[17]

RFC 3629 (November 2003): "UTF-8, a transformation format of ISO 10646".

[18]

RFC 2474 (December 1998): "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers".

[19]

RFC 2475 (December 1998): "An Architecture for Differentiated Services".

[20]

TS 23.107: "Quality of Service (QoS) concept and architecture".

[21]

GSMA PRD IR 34: "Inter-PLMN Backbone Guidelines".

[22]

TS 31.111: "Universal Subscriber Identity Module (USIM), Application Toolkit (USAT)".

[23]

IEEE Std 802.11u™-2011: "Standard for Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements Part II: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications Amendment 9: Interworking with External Networks".

[24]

OMA-DDS-DM_ConnMO_WLAN-V1_0-20081024-A: "Standardized Connectivity Management Objects WLAN Parameters", Approved Version 1.0 - 24 Oct 2008.

[25] Void

[26]

TS 24.235: "3GPP System to Wireless Local Area Network (WLAN) interworking Management object".

[27] Void

[28]

TS 24.302: "Access to the 3GPP Evolved Packet Core (EPC) via non-3GPP acces networks; Stage3".

3 Definitions, symbols and abbreviations p. 9

3.1 Definitions p. 9

For the purposes of the present document, the terms and definitions given in TR 21.905 and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905.

active scanning:

Capability of a WLAN UE to actively solicit support for a WLAN specific identifier (WSID) by for probing it.

Associated WSID:

WSID that the WLAN UE uses for association with a WLAN AP.

Available WSID:

WSID that the WLAN UE has found after scanning.

EAP AKA:

EAP mechanism for authentication and session key distribution using the UMTS AKA authentication mechanism using the universal subscriber identity module (USIM) (see RFC 4187).

EAP SIM:

EAP mechanism for authentication and session key distribution using the GSM subscriber identity module (SIM) (see RFC 4186).

External AAA server:

The AAA server is located in an external packet data network. The PDG interworks with the external AAA server via the Wi reference point that is described in TS 29.161.

Home PLMN (HPLMN):

The home PLMN of the user.

Passive scanning:

Capability of a WLAN UE to look for the support for a specific WSID by listening to the WSIDs broadcast in the beacon signal.

Public land mobile network (PLMN) selection:

Procedure for the selection of a PLMN, via a WLAN, either manually or automatically.

Selected WSID:

This is the WSID that has been selected according to subclause 5.1, either manually or automatically.

Selected PLMN:

This is the PLMN that has been selected according to subclause 5.2, either manually or automatically.

Supported PLMN:

A PLMN of a roaming partner (i.e. to which the WLAN operator has a direct roaming relationship).

Switch on:

Action of activating a WLAN UE client.

Switch off:

Action of deactivating a WLAN UE client.

WLAN specific identifier (WSID):

Identifier for the WLAN. For WLANs compliant with IEEE 802.11 [11] this is the SSID.

For the purposes of the present document, the following terms and definitions given in TS 23.002 apply:

WLAN UE

3GPP AAA proxy

3GPP AAA server

Packet Data Gateway (PDG)

For the purposes of the present document, the following terms and definitions given in TS 23.234 apply:

3GPP - WLAN Interworking (WLAN-3GPP IW)

Interworking WLAN

W-APN

WLAN 3GPP IP Access

WLAN Direct IP Access

For the purposes of the present document, the following terms and definitions given inTS 23.003 apply:

Alternative NAI

Decorated NAI

Emergency NAI

Emergency realm

Root NAI

3.2 Symbols p. 10

For the purposes of the present document, the following symbols apply:

Reference point between a WLAN and a 3GPP AAA Server/Proxy (control signalling)

Reference point between a 3GPP AAA Server and 3GPP AAA Proxy (control signalling)

Reference point between a WLAN UE and a PDG

3.3 Abbreviations p. 10

For the purposes of the present document, the following abbreviations apply:

AAA

Authentication, Authorization and Accounting

AKA

Authentication and Key Agreement

ANQP

Access Network Query Protocol

APN

Access Point Name

DNS

Domain Name System

EAP

Extensible Authentication Protocol

ESP

Encapsulating Security Payload

FQDN

Fully Qualified Domain Name

H-ANDSF

Home ANDSF

HLR

Home Location Register

HPLMN

Home PLMN

HSS

Home Subscriber Server

I-WLAN

Interworking - WLAN

IKE

Internet Key Exchange

IPsec

IP security

NAI

Network Access Identifier

Network Identifier

Operator Identifier

PDG

Packet Data Gateway

PLMN

Public Land Mobile Network

SIM

Subscriber Identity Module

SSID

Service Set ID

User Equipment

UICC

Universal Integrated Circuit Card

USIM

Universal Subscriber Identity Module

W-APN

WLAN - APN

WLAN

Wireless Local Area Network

WSID

WLAN Specific Identifier

4 General p. 11

4.1 3GPP WLAN interworking system p. 11

Within this specification, no distinction is made between roaming and non-roaming scenarios. Therefore, within the scope of this specification, the Wa and Wd reference points defined in TS 23.234 are considered identical.

The WLAN UE is equipped with a universal integrated circuit card (UICC) in order to access the WLAN interworking service. For emergency cases, and dependent on local regulations, access shall be possible even if the WLAN UE is not equipped with a valid SIM or valid USIM.

The 3GPP AAA server procedures covered in the present document are:

Authentication of the 3GPP subscriber based on the SIM/USIM credentials; and
Access authorization of the 3GPP subscriber based on the WLAN access authorization information retrieved from HLR/HSS.

Other functionalities of the 3GPP AAA server are covered in TS 29.234.

WLAN technologies other than those compliant with IEEE 802.11 1999 [11], such as HiperLAN or Bluetooth, are not described specifically in this version of the present document. However, they are not excluded.

4.2 WLAN UE identities p. 11

4.2.1 General p. 11

WLAN UEs use network access identifier (NAI) as identification towards the 3GPP WLAN AAA server in the EAP Response/Identity message. The NAI is structured according to TS 23.003.

4.2.2 Root NAI p. 11

This is the NAI format used by the WLAN UE when it attempts to authenticate directly to HPLMN (see RFC 4284 and TS 23.234). The root NAI format is specified in TS 23.003, subclause 14.3. The usage of the root NAI is specified in clause 5.

4.2.3 Decorated NAI p. 11

This is the NAI format used by the WLAN UE when it attempts to authenticate to HPLMN via VPLMN (see RFC 4284 and TS 23.234). The decorated NAI format is specified in TS 23.003, subclause 14.4. The usage of the decorated NAI is specified in clause 5.

4.2.4 Alternative NAI p. 11

This is the NAI format used by the WLAN UE when it attempts to obtain a list of available PLMNs during a manual selection procedure. The alternative NAI format is specified in TS 23.003, subclause 14.6. The usage of alternative NAI is specified in clause 5.

4.2.4A Emergency NAI p. 11

This is the NAI format used by the WLAN UE when it attempts to authenticate for making an IMS emergency call. The emergency NAI format is specified in TS 23.003, subclause 14.8. The usage of the emergency NAI is specified in clause 4, clause 6 and clause 8.

4.2.5 Username p. 12

The generation of, and the rules for the use of the username part of an NAI in the WLAN UE are defined in subclause 6.1. The format of the username part of an NAI is defined in TS 23.003.

4.3 Scanning procedures p. 12

4.3.1 IEEE 802.11 WLANs p. 12

For IEEE 802.11 [11] WLANs, the WLAN name is provided in the SSID information element.

The WLAN UE becomes aware of the supported WSIDs of the WLAN by performing scanning procedures as specified in IEEE 802.11-2007 [11].

There are two types of scanning procedures specified in IEEE 802.11-2007 [11]:

Passive scanning.
Active scanning.

The WLAN UE shall support passive scanning according to IEEE 802.11-2007 [11]. If active scanning is supported then, the WLAN UE should use active scanning according to IEEE 802.11-2007 [11].

In order to assist PLMN selection procedure, the WLAN UE shall create a list of available WSIDs. The list of available WSIDs consists of all WSIDs found in passive scanning and all WSIDs received as a result of active scanning.

The WLAN UE may support additional active scanning procedures as defined in IEEE Std 802.11u™-2011 [23]. If the WLAN UE and WLAN support the IEEE Std 802.11u™-2011 [23] procedures, the list of available PLMNs may be constructed through the use of the Access Network Query Protocol (ANQP).

4.3.2 Other WLAN technologies p. 12

Other WLAN technologies, such as HiperLAN or Bluetooth, are not described in this TS but are not excluded.

4.4 Network discovery p. 12

4.4.1 General p. 12

Network discovery can be performed in three ways:

if the "HPLMN Direct Access Indicator" as specified in subclause 7.11 allows direct access, then direct connection from the I-WLAN to HPLMN using internet where authentication has been performed using a none IEEE 802.1x authentication mechanism;
via a PLMN using IEEE 802.1x authentication access; or
via IEEE Std 802.11u™-2011 [23] ANQP.

In case 1) the WLAN UE once it has obtained I-WLAN access shall perform tunnel management procedures per the clause 8 to access the HPLMN.

In case 2) when IEEE 802.1x authentication mechanisms are used, the network discovery procedure shall be executed between the WLAN UE and the local AAA for the purpose of sending to the WLAN UE the supported PLMNs list for WLAN access for the manual selection procedure. The WLAN UE shall support the identity selection hints for EAP procedure as specified in RFC 4284. The WLAN UE shall send the alternative NAI to the local AAA to trigger the network discovery procedure. If the I-WLAN is unable to route the WLAN UE's EAP authentication signalling to the 3GPP AAA server based on the NAI sent in the initial EAP-Response/Identity message and if the local AAA:

supports identity selection hints for EAP procedure as described in RFC 4284, then the I-WLAN sends a subsequent EAP-Request/Identity message to the WLAN UE including the supported PLMNs list for WLAN access; or
does not support identity selection hints for EAP procedure as described in RFC 4284, then the I-WLAN sends an EAP-Failure message to the WLAN UE.

In case 3) for WLANs and WLAN UEs that support IEEE Std 802.11u™-2011 [23], the WLAN UE shall use ANQP to trigger the sending of the generic container. If the WLAN supports advertisement of PLMNs via IEEE Std 802.11u™-2011 [23] the WLAN shall send back an ANQP response to the WLAN UE including the supported PLMNs list, using the format defined in Annex A. If the WLAN UE receives alternative ANQP responses, where the "Info ID" is not "3GPP Cellular Network information", the behaviour of the WLAN UE is outside the scope of this specification.

For PLMNs that support emergency optimizations, this is indicated via the inclusion of the emergency specific service realm as defined in TS 23.003.

4.4.2 WLAN UE procedures p. 13

Upon reception of an IEEE Std 802.11u™-2011 [23] ANQP response or EAP-Request/Identity message including the supported PLMNs list for WLAN access, the WLAN UE shall:

perform PLMN selection according to subclause 5.2;
if not authenticating for the purposes of performing IMS emergency call:
1. if the selected PLMN is the HPLMN, then use root NAI as specified in subclause 4.2.2; and
2. if the selected PLMN is a PLMN other than the HPLMN, then use the decorated NAI as specified in subclause 4.2 and using the PLMN ID of the selected PLMN;
if authenticating for the purposes of performing IMS emergency call:
1. use emergency NAI as specified in subclause 4.2.4A; and
attempt to authenticate as specified in subclause 6.1.1 and using the NAI determined in the prior step.

As an implementation option, the WLAN UE may store the supported PLMNs list for WLAN access.