Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TS 33.127  Word version:  18.8.0

Top   Top   Up   Prev   Next
0…   5…   5.4…   5.6…   5.7…   6…   6.2.2…   6.2.3…   6.2.5…   6.3…   6.3.3…   6.3.4…   6.4…   7…   7.3…   7.4…   7.4.7…   7.5…   7.6…   7.7…   7.8…   7.9…   7.10…   7.11…   7.12…   7.13…   7.14…   7.15…   7.16…   8…   A…   A.2…   A.3…   A.4…   B…   D…   E…

 

7  Service layer based interceptionp. 74

7.1  Generalp. 74

Clause 7 provides details for the configuration of the high-level LI architecture for service layer based interception and for network function which are not specific to a single access type or network service (e.g. subscription management functions). It defines aspects of the LI configuration specific to each service under consideration, while aspects concerning network over which the service is delivered (e.g. 5G) are considered in clause 6.
Up

7.2  Central subscriber managementp. 74

7.2.1  Generalp. 74

Clause 7.2 provides LI architecture and requirements for the CSP 3GPP subscriber database LI reporting. Central subscriber databases are common for all CSP network services, including both the network layer and the service layer. This clause 7.2 provides requirements for both user session related interception events and requirements for reporting of changes to the subscriber information held within the 3GPP subscriber databases, which may or may not be directly related to service usage.
Up

7.2.2  LI at UDMp. 75

7.2.2.1  Architecturep. 75

The UDM provides the unified data management for UE. The UDM shall have LI capabilities to generate the target UE's serving system (e.g. VPLMN Id or AMF Id related xIRI). Extending the generic LI architecture presented in clause 5, Figure 7.2-1 below gives a reference point representation the LI architecture with UDM as a CP NF providing the IRI-POI functions.
Copy of original 3GPP image for 3GPP TS 33.127, Fig. 7.2-1: LI architecture for LI at UDM
Figure 7.2-1: LI architecture for LI at UDM
(⇒ copy of original 3GPP image)
Up
The LICF present in the ADMF receives the warrant from an LEA, derives the intercept information from the warrant and provides it to the LIPF.
The LIPF present in the ADMF provisions IRI-POI (over LI_X1) present in the UDM and MDF2. The LIPF may interact with the SIRF (over LI_SI) present in the NRF to discover the UDM in the network.
The IRI-POI present in the UDM detects the target UE's service area registration and subscription related functions, generates and delivers the xIRI to the MDF2 over LI_X2. The MDF2 generates and delivers the IRI messages based on received xIRI to the LEMF over LI_H2.
Up

7.2.2.2  Target identitiesp. 76

The LIPF present in the ADMF provisions the intercept information associated with the following target identities to the IRI-POI present in the UDM:
  • SUPI.
  • PEI.
  • GPSI.
  • IMPU/IMPI.
The interception performed on the above identities are mutually independent, even though, an xIRI may contain the information about the other identities when available.

7.2.2.3  Identity privacyp. 76

TS 33.501 defines the ability to prevent the SUPI being exposed over the 5G RAN through the use of SUCI. Where SUPI privacy is implemented by both the UDM and UE, the SUPI is not sent in the clear over the RAN. Therefore, the UDM shall ensure that the SUPI is provided to the serving AMF in both initial registration and re-registration procedures as defined in TS 33.501.

7.2.2.4  IRI eventsp. 76

The IRI-POI present in the UDM shall generate xIRI, when the UDM detects the following specific events or information:
  • Serving system.
  • Subscriber record change.
  • Cancel location.
  • Location information request.
  • Location information result.
  • UE information response.
  • UE authentication response.
  • Start of interception with target already registered at the UDM.
  • ProSe target identifier deconcealment.
  • ProSe target authentication.
A serving system xIRI is generated when the IRI-POI present in the UDM detects the target UE registration or re-registration related notifications. The AMF Id or the MME Id, or the VPLMN Id (when the other two are not known) is used as the serving system identifier in a serving system xIRI. A serving system xIRI is also generated when the IRI-POI in the UDM detects that the target ProSe remote UE has utilized a ProSe relay with existing connection to a PLMN that is not the UEs HPLMN or an E-HPLMN to successfully perform authentication.
A subscriber record change xIRI is generated when the IRI-POI present in the UDM detects that the GPSI, or SUPI, or PEI associated to the target has changed. In addition, a subscriber record change xIRI is generated when the associated GPSI or, SUPI, or PEI for the target is de-provisioned. A subscriber record change xIRI is also generated when the target's user service identifiers are modified (e.g. subscribed S-NSSAIs, subscribed CAG).
A cancel location xIRI is generated when the IRI-POI present in the UDM detects that a de-registration notification is sent, or received, by the UDM for the target. A cancel location xIRI is also generated when the IRI-POI present in the UDM detects that the UDM has sent a cancel location indicator to the AMF due to target de-registration.
A location information request xIRI is generated when the IRI-POI present in the UDM detects that the UDM received a query for the location information of the target UE from a different PLMN (e.g. inbound SMS routing) with a known PLMN Id.
A location information result xIRI is generated when the IRI-POI in the UDM detects that the UDM received a LocationInfoRequest from an NF service consumer (i.e. HSS) for the target and responds with a LocationInfoResult to the NF service consumer.
A UE information response xIRI is generated when the IRI-POI present in the UDM detects that the UDM received a ProvideUeInfo request for the target UE and returns a UeInfo response.
A UE authentication response xIRI is generated when the IRI-POI present in the UDM detects that the UDM received an authentication info request for the target UE from the HSS or AUSF and an authentication info result is sent.
A start of interception with already registered target xIRI is generated with the IRI-POI in the UDM detects that interception is activated on an identifier that has existing registration context information at the UDM.
A ProSe target identifier deconcealment xIRI is generated when the IRI-POI in the UDM detects that the UDM has responded to a request from the NF consumer (i.e. the 5G PKMF) to perform SUCI to SUPI deconcealment for a ProSe remote UE.
A ProSe target authentication record xIRI is generated when the IRI-POI present in the UDM detects that the UDM has responded to an authentication request from the AUSF for a ProSe remote UE.
Up

7.2.2.5  Common IRI parametersp. 77

The list of xIRI parameters is specified in TS 33.128. All xIRIs shall include the following information:
  • Target identity.
  • Time stamp.

7.2.2.6  Specific IRI parametersp. 77

The parameters in each xIRI are defined in TS 33.128.

7.2.2.7  Network topologiesp. 77

The UDM shall provide the IRI-POI functions in the following network topology cases:
  • Non-roaming case.
  • Roaming case, in HPLMN.

7.2.3  LI at HSSp. 77

7.2.3.1  Architecturep. 77

The HSS contains the subscription-related information for all users served by the CSP. The HSS provides the support functions in the mobility management, session setup, user authentication and access authorization.
The HSS shall have LI capabilities to generate the xIRIs as described in clause 7.2.3.3. The present document specifies two options for HSS LI capabilities:
  1. Use TS 33.107 and TS 33.108 natively as defined in those documents.
  2. Use the capabilities specified below in the present document for stage 2 and in TS 33.128 for stage 3.
Extending the generic LI architecture presented in clause 5, Figure 7.2-2 below gives a reference point representation the LI architecture with HSS as a CP NF providing the IRI-POI functions.
Copy of original 3GPP image for 3GPP TS 33.127, Fig. 7.2-2: LI architecture for LI at HSS
Figure 7.2-2: LI architecture for LI at HSS
(⇒ copy of original 3GPP image)
Up
The LICF present in the ADMF receives the warrant from an LEA, derives the intercept information from the warrant and provides it to the LIPF.
The LIPF present in the ADMF provisions IRI-POI (over LI_X1) present in the HSS and MDF2.
The IRI-POI present in the HSS detects the target UE's service area registration and subscription related functions, generates and delivers the xIRI to the MDF2 over LI_X2. The MDF2 generates and delivers the IRI messages based on received xIRI to the LEMF over LI_H2.
The HSS shall provide the IRI-POI functions independent of the services on which the interception is active.
When multiple intercepts are active, IRI-POI functions in the HSS may send one xIRI which can then be distributed to the LEMFs associated with those multiple intercepts from the MDF2.
Up

7.2.3.2  Target identitiesp. 78

The LIPF present in the ADMF provisions the intercept information associated with the following target identities to the IRI-POI present in the HSS:
  • IMSI.
  • IMEI.
  • MSISDN.
  • IMPU/IMPI.
The interception performed on the above identities are mutually independent, even though, an xIRI may contain the information about the other identities when available.

7.2.3.3  IRI eventsp. 79

The IRI-POI present in the HSS shall generate xIRI, when it detects the applicable events specified in TS 33.107.
The IRI-POI present in the HSS shall also generate a start of intercept with already registered target xIRI when the IRI-POI present in the HSS detects that intercept has been activated for a UE that has existing context in the HSS. Format of this xIRI is described in clause 7.2.3.3.3 of TS 33.128.
If HSS-UDM interworking is supported, the IRI-POI present in the HSS shall generate a serving system xIRI as defined in clause 7.2.3.3.2 of TS 33.128.
A serving system xIRI is generated when the IRI-POI present in the HSS detects that the HSS has received a roaming status update from the UDM as part of a UE context update.
Up

7.2.3.4  Common IRI parametersp. 79

The list of xIRI parameters is specified in TS 33.128. All xIRIs shall include the following information:
  • Target identity.
  • Time stamp.

7.2.3.5  Specific IRI parametersp. 79

The parameters in each xIRI are defined in TS 33.128.

7.2.3.6  Network topologiesp. 79

The HSS shall provide the IRI-POI functions in the following network topology cases:
  • Non-roaming case.
  • Roaming case, in HPLMN.

Up   Top   ToC