Content for TS 33.256 Word version: 18.2.0
5.3 Location Information Veracity and Location Tracking Authorization
5.3.1 General
5.3.2 Location information veracity and location tracking authorization in 5GS
5.4 Pairing Authorization for UAV and UAVC
5.4.1 General
5.4.2 UAV pairing Authorization with UAVC in 5GS
5.4.3 UAV pairing Authorization with UAVC in EPS
5.5 Security for UAS NF to USS interface
5.3 Location Information Veracity and Location Tracking Authorization p. 20
5.3.1 General p. 20
There are three UAV tracking modes as follows (see TS 23.256 for more details):
- UAV location reporting mode;
- UAV presence monitoring mode; and
- Unknown UAV tracking mode.
5.3.2 Location information veracity and location tracking authorization in 5GS p. 21
USS may receive the location information which is reported by UAV via the application layer. The USS may decide to check and verify the location information in order to prevent spoofed and forged location information. The location result from 5GS helps to verify the location information reported from UAV side. 5GS provides network-based location information by utilizing the Location Services (LCS) supported by AMF or GMLC as specified in TS 23.273 and TS 23.502, and the detailed procedures of location information veracity and location tracking authorization are described below.
Figure 5.3.2-1: Location information veracity and location tracking authorization in 5GS
(⇒ copy of original 3GPP image)
(⇒ copy of original 3GPP image)
Step 1-3 shows the procedure for the USS to obtain a network-based location for UAV(s).
Step 1.
The USS sends the location request to UAS NF/NEF to request the UAV location or presence from network. The location request includes the GPSI of the UAV to request the location information or presence about an individual UE, or a geographic area when trying to find the information of all UAVs in an area. The LCS request also indicates the 5GS to obtain reliable UE location information, i.e. the location calculated and provided by the network.
If the USS/TPAE does not specify target 3GPP UAV ID and request UAS NF for a list of the UAVs in the geographic area and served by the PLMN, clauses 5.3.1.3 and 5.3.4 in TS 23.256 apply.
Step 2.
The UAS NF/NEF first verifies the request in step 1 is authorized. When the USS sends a GPSI, this is done by checking whether the identifier of the USS sending the request matches the previously associated mapping between the GPSI and the USS identifier. When the USS request UAS NF for a list of the UAVs in the geographic area, this is done by checking the USS is authorized to receive the CAA level ID of all UAVs in a geographic area indicated by the USS. The UAS NF/NEF gets the relevant UAV(s) location information or presence from AMF or GMLC by the current location services supported by AMF or GMLC if passes the above authorization check. On the condition of the location services provided by AMF, the UE presence status is provided by reusing the Area of Interest mechanism. On the condition of the location services provided by GMLC, the GMLC indicates LMF via AMF to select Network Assisted Positioning method which relies on the location measurement from NG-RAN nodes, if receiving reliable location information request in step 1.
Step 3.
The UAS NF/NEF provides the UAV(s) location information or presence to the USS. When the USS request UAS NF for a list of the UAVs in the geographic area, if the USS performed the UUAA of the UAV, or the UAS NF is authorized to receive such information, then the 3GPP UAV ID of such UAVs is also included. USS may make decisions to control the UAV based on the result output received from UAS NF/NEF.
5.4 Pairing Authorization for UAV and UAVC p. 22
5.4.1 General p. 22
Pairing authorization in 5GS is performed during either a PDU Session Establishment procedure or a PDU Session Modification procedure.
5.4.2 UAV pairing Authorization with UAVC in 5GS p. 22
Pairing authorization may be performed during a PDU Session Establishment/PDU Session Modification after a successful UAA between the UAV and the USS/UTM. If no successful UUAA has been performed, then the pairing authorization can occur during the UUAA-SM procedure (see clause 5.2.5.2.1 of TS 23.256 for full details). This procedure follows the clause 5.2.1.3 with the following additions:
- the UE provides pairing information (if available) in a C2 authorization payload in the PDU Session Establishment message and this is forwarded to the USS in steps 2 and 3; and
- after a successful authentication and before sending the message in step 5, the USS performs C2 authorization considering the included pairing information, the CAA-Level UAV ID and 3GPP UAV ID/GPSI. The USS includes a C2 authorization payload that contains C2 session security information and possibly other non-security specific information (e.g. C2 authorization result) if the USS has such information to send. This is passed to the UE in steps 5-7. The content of C2 session security information (e.g., key material to help establish security between the UAV and UAV-C) is not in 3GPP scope.
Figure 5.4.2-1: UAV pairing authorization during PDU Session Establishment
(⇒ copy of original 3GPP image)
(⇒ copy of original 3GPP image)
Step 1.
When the UAV needs a new dedicated PDU session for connectivity to the UAV-C, the UE initiates a PDU Session Establishment procedure. When the UE wants to use an existing PDU session for connectivity to the UAV-C, the UE initiates a PDU Session Modification procedure. The UE shall include the following IEs in the PDU session establishment/modification request: a CAA-Level UAV ID, a DNN/S-NSSAI implying dedicated connectivity to UAV-C, and UAV pairing information, which includes any needed authorization information, if available.
The pairing information includes the CAA-level UAV IDs of the requesting UAV and identification information of UAV-C to pair. The USS may also use its locally configured pairing information for UAV and UAV-C pairing authorization which takes precedence over UAV provided pairing information.
Step 2.
The SMF determines whether the UAV pairing authorization is required based on UAV's aerial subscription, presence of CAA-Level UAV ID, and DNN/S-NSSAI indicating the UAV service, as step 7 in clause 5.2.1.1:
The SMF invokes the authorization procedure with the USS via UAS-NF. The USS will perform C2 authorization taking account of the included pairing information, which includes any needed authorization information, if available, the CAA-Level UAV ID, and GPSI, etc.
The USS informs the SMF via the UAS NF of the authorization results. The authorization information includes the IP address of the UAV-C and a C2 authorization payload that contains C2 session security information and possibly other non-security specific information (e.g. C2 authorization result) if the USS has such information to send. The content of C2 session security information (e.g., key material to help establish security between the UAV and UAV-C) is not in 3GPP scope. The other information contained in this message is given in TS 23.256.
Step 3.
The SMF informs the UE the paring authorization result in the PDU Session Establishment Accept message/PDU session Modification Command, which may include a new CAA-level UAV ID. The UE shall store the Pairing authorization result and authorization information.
The PDU Session Establishment/Modification continues and completes as described in TS 23.256.
The UAV pairing authorization can be revoked by the USS at any time.
Besides, the paired UAV-C can be replaced by a new UAV-C by the USS at any time.
5.4.3 UAV pairing Authorization with UAVC in EPS p. 23
Pairing authorization may be performed during a PDN Connection Establishment/PDN Connection Modification procedure after a successful UUAA between the UAV and the USS/UTM. If no successful UUAA has been performed, then the pairing authorization can occur during the during the UUAA procedure (see clause 5.2.5.3.0 of TS 23.256 for full details). This procedure follows the clause 5.2.2.2 with the following additions:
- the UE provides pairing information (if available) in a C2 authorization payload and this is forwarded to the USS in steps 2 and 3; and
- after a successful authentication and before sending the message in step 5, the USS performs C2 authorization considering the included pairing information, the CAA-Level UAV ID and 3GPP UAV ID/GPSI. The USS includes a C2 authorization payload that contains C2 session security information and possibly other non-security specific information (e.g. C2 authorization result, i.e., whether the UAV is allowed to be paired with the UAV-C) if the USS has such information to send. This is passed to the UE in steps 5-7. The content of C2 session security information (e.g., key material to help establish security between the UAV and UAV-C) is not in 3GPP scope.
Figure 5.4.3-1: UAV pairing authorization during PDN Connection Establishment/Modification
(⇒ copy of original 3GPP image)
(⇒ copy of original 3GPP image)
Step 1.
The pairing information includes the CAA-level UAV IDs of the requesting UAV and identification information of UAV-C to pair. The USS may also use its locally configured pairing information for UAV and UAV-C pairing authorization which takes precedence over UAV provided pairing information.
When the UAV needs a new dedicated PDU session for connectivity to the UAV-C, the UE initiates a PDN Connection Session Establishment procedure. When the UAV needs to use an existing PDN connection for connectivity to the UAV-C, the UE initiates a PDN Connection Modification procedure. The UE shall include the following IEs in the PDN connection establishment/modification request: a CAA-Level UAV ID, a DNN/S-NSSAI implying dedicated connectivity to UAV-C, and UAV pairing information, which includes any needed authorization information, if available.
Step 2.
The SMF+PGW-C determines whether the UAV pairing authorization is required based on UAV's aerial subscription, presence of CAA-Level UAV ID, and DNN/S-NSSAI indicating the UAV service:
- The SMF+PGW-C invokes the authorization procedure with the USS via UAS-NF. The USS will perform C2 authorization taking account of the included pairing information, which includes any needed authorization information, if available, the CAA-Level UAV ID, and GPSI etc.
- The USS informs the SMF+PGW-C via the UAS NF of the authorization results. The authorization information includes the IP address of the UAV-C and a C2 authorization payload that contains C2 session security information and possibly other non-security specific information (e.g. C2 authorization result, i.e., whether the UAV is allowed to be paired with the UAV-C) if the USS has such information to send. The content of C2 session security information (e.g., key material to help establish security between the UAV and UAV-C) is not in 3GPP scope. The other information contained in this message is given in TS 23.256.3. The SMF+PGW-C sends the UE the C2 authorization payload with the paring authorization result and may also send a new CAA-level UAV ID. The UE shall store the Pairing authorization result and authorization information.
5.5 Security for UAS NF to USS interface p. 24
The security requirements for the UAS-NF shall follow clause 5.9.2.3 in TS 33.501.
The UAS NF to USS interface shall be protected as described in clause 12 of TS 33.501.
