5 Assumptions and architectural requirements

23.2803GPPCommon functional architecture to support mission critical servicesRelease 18Stage 2TS

5.1 Assumptions

5.1.1 Service continuity

Service continuity shall be supported between on-network MC services and UE-to-network relay MC services. The following 3GPP TS 23.237 [9] procedures are needed:

– Originating sessions that use only PS media flow(s) as defined in subclause 6.2.1.3.

– Terminations sessions that use only PS media flow(s) as defined in subclause 6.2.2.3.

– Remote Leg Update as defined in subclause 6.3.1.5.

– PS-PS Access Transfer with full media transfer as defined in subclause 6.2.2.1.

The MC service UE, prior to going out of E-UTRAN coverage, should attempt to make use of a ProSe UE-to-network relay to support service continuity.

5.1.2 Trust domain

For an MC system, the trust domain consists of one or more MC service functions that are administered by the same or different service providers (e.g. MC service provider, PLMN operator) that have an agreement to share sensitive information.

For the MC system architecture, the following rules are implied for functions in different trust domains:

– A public user identity shall not identify an MC service user in a different trust domain (see subclause 8.3.1);

– A public service identity shall not identify an MC service group ID in a different trust domain (see subclause 8.3.2);

– A SIP database shall not pass responses to a registrar or registrar finder in a different trust domain (see subclause 7.4.3.2.1); and

– An HTTP proxy shall not pass requests or responses to another HTTP proxy, an HTTP server or an HTTP client in a different trust domain (see subclause 7.4.3.3.2).

5.2 Architectural requirements

5.2.1 General architectural requirements

General MC service architectural requirements include:

a) To develop economies of scale, it will be useful if PLMN operators can reuse the MC service architecture for non-public safety customers that require similar functionality. These PLMN operators may want to integrate many components of the MC service solution with their existing network architecture.

Hence a functional decomposition of MC service architecture into distinct logical functions is required.

b) The MC service architecture should enable an application plane and signalling control plane split for the provisioning of the MC service.

c) To enable parts of the MC service architecture to be shared for other applications, the architecture should enable the group management functions (e.g. admission control; linking of groups;) to be implemented on a separate node from the main application functions of the MC service (e.g. "call" setup/termination; allocation of TMGI to UE; floor control;).

d) There is a need to promptly form (and release) groups of users that span multiple public safety network administrations. To enable this, the MC service architecture should provide the relevant interfaces between public safety networks.

5.2.2 PLMN change requirements

The MC applications can provide MC services to users in various PLMNs. An MC service UE may connect to PLMNs using EPC-level roaming, IMS-level roaming or local subscription.

For EPC-level roaming, in order to prioritize for network selection PLMNs that allow migration to partner MC systems, the MC service UE’s User Preferred PLMN Selector list (see 3GPP TS 22.011 [28]) may be configured with a list of PLMNs that can be used to migrate to one or more partner MC systems (see subclause 5.2.9.2).

5.2.3 UE-to-network relay MC service requirements

To support the requirement that a public safety ProSe UE-to-network relay shall be able to restrict the relayed group communication on a per group basis, the MC service should be able to provide a means for an MC service administrator to configure a ProSe UE-to-network relay with a list of allowed MC service groups. For each allowed MC service group, a unique associated relay service code should be allocated and it may be provided to the relay UE from MC service server or DPF.

NOTE: According to the PLMN operator’s configuration, one relay service code can map to one or multiple MC service group(s).

5.2.4 MC service user profile requirements

The MC service user profile shall:

– be provisioned subject to the user authentication by the identity management server;

– be available at configuration management server;

– be available at MC service servers with the corresponding user profile information;

– be associated with an MC service user; and

– contain an index to uniquely distinguish the MC service user profile from other MC service user profiles associated to the same MC service user.

For the set of MC service user profiles associated to a single MC service user, one of the MC service user profiles shall be indicated as the pre-selected MC service user profile to the MC service client and the MC service server.

The MC service user shall be able to:

– change the pre-selected MC service user profile; and

– change the selected MC service user profile.

The MC service user profile may be modified at the configuration management server.

5.2.5 MC service group affiliation and MC service group de-affiliation

The MC system shall support affiliation and de-affiliation to an MC service group for one or more MC services. For affiliation and de-affiliation, the MC service client shall indicate interest in one or more MC services for the MC service group. For a single MC service group configured for multiple MC services, the affiliation and de-affiliation shall be performed as per the MC service selected by the MC service user. For individual MC service group affiliation and MCservice group de-affiliation, the requirements are specified in the corresponding MC service TS.

Editor’s note: The requirement for a combined affiliation to multiple MC services for a single MC service group is FFS.

MC service group affiliation can be achieved through the following two methods:

a) Explicit affiliation: An MC service client indicates interest in one or many MC service groups to the MC service server. This interest may be initiated either by an MC service user using the MC service UE, or by an automatic procedure within the MC service client that indicates that the MC service user is interested in the MC service group at that MC service client. An authorized MC service user may remotely modify another MC service user’s affiliation to an MC service group.

b) Implicit affiliation: An MC service user’s affiliations to MC service groups are determined through configurations and policies within the MC service and performed by the associated MC service server.

NOTE 1: MC service group affiliation is not the same as MC service group membership; however, an MC service user is a member of an MC service group prior to becoming an affiliated member of that MC service group.

The MC service server may refuse a request for affiliation from an MC service user to an MC service group, in which case the MC service user will be unable to take part in the requested MC service associated with that MC service group, and the MC service client should make the MC service user aware that the MC service user is not affiliated to the MC service group for the requested MC service. The MC service server may also de-affiliate an MC service client from an MC service group following a relevant trigger condition.

MC service group de-affiliation indicates that the MC service user is no longer interested in that MC service group, either at the MC service client, or across all MC service clients depending on MC service group configuration, and therefore is unable to perform any actions that are associated with an affiliated member (e.g. receive media, notifications). MC service group de‑affiliation can occur due to either an MC service client’s explicit request, or implicitly i.e. changed by the MC service server as the result of another action e.g. the MC service user logging off. When the MC service user is logged off from the MC service, all affiliations shall be revoked in the MC service server even if no explicit de-affiliation signalling is sent.

Editor’s note: The interaction of logoff and de-affiliation when moving to off network case is FFS.

Editor’s note: The consideration for revoking affiliations of a user logged on to multiple devices on the MC service server is FFS.

Editor’s note: The MC service server may track logoff state independent of affiliation and is FFS.

NOTE 2: When the MC service user next performs successful service authorization, re-affiliation occurs in the MC service server without explicit affiliation signalling for all MC service groups that are configured for implicit affiliation after service authorization.

NOTE 3: The MC service client may also store MC service groups to which the MC service user was affiliated prior to that user logging off, and may re-affiliate through an explicit affiliation to these groups following the next service authorization. Such a function is outside the scope of the present document.

5.2.6 GCS AS requirements for the MC services

Point to multipoint broadcast offered by the LTE MBMS technology is well suited to group communications, which form a major part of the public safety related communications. The MC service on-network architecture, is based in part on 3GPP TS 23.468 [18] with the MC service server assuming the function of the GCS AS and can be represented (in a simplified diagram) as shown in figure 5.2.6-1:

Figure 5.2.6-1: MC service on-network architecture showing MBMS

The MC service server is shown being bundled with the GCS AS within the same network entity. It is illustrated this way for simplicity of the diagram.

MC service media content is transmitted via LTE bearers, which are communication pipes with one end in the MC service server and the other end in the MC service UE. The uplink bearers are always allocated as unicast, but the downlink bearers can be allocated as unicast or as MBMS bearers, or both.

An MBMS bearer (both network and radio part) is uniquely identified via a TMGI or via a combination of a TMGI and a flow identifier (see 3GPP TS 23.246 [11]). The MC service server is capable, via the MB2 interface, to request the creation of MBMS bearers and associate a unique TMGI or a combination of a TMGI and a flow identifier (see 3GPP TS 23.468 [18]). The MC service server may determine the MBMS broadcast area based on the cell identities of the affiliated group members received over GC1. The MC service server may determine for a user the switching from MBMS bearer to unicast bearer based on the information reported over GC1.

5.2.7 Bearer management

5.2.7.0 General

The MC service UE shall use the following APNs:

– an MC services APN for the SIP-1 reference point;

– an MC common core services APN for the HTTP-1 reference point; and

– an MC identity management service APN for the CSC-1 reference point.

The value of each of these APNs:

– may be the same or may differ;

– may be the same as other non-MC services that have compatible QoS and PDN (see NOTE); and

– shall be made available to the UE either via UE (pre)configuration or via initial UE configuration (see subclause 10.1.1) on a per HPLMN and optionally also a per VPLMN basis.

NOTE: The APN value of "IMS" is a well-known APN, whose PDN connection characteristics are defined in GSMA PRD IR.92 [23] and GSMA PRD IR.88 [24], and which is used in some deployments for operator IMS‑based services e.g. Voice over LTE. This well-known APN can be used for the MC service APN if the SIP core belongs to the PLMN operator and both the PLMN operator and MC service provider have agreed which QoS aspects to utilise i.e. either the QoS aspects defined in subclause 5.2.7.2 or the QoS aspects defined in GSMA PRD IR.92 [23] and GSMA PRD IR.88 [24].

The MC service UE may utilise PDN access credentials as specified in 3GPP TS 23.401 [17] (e.g. PAP, CHAP) to access the PDNs identified by the MC service APN, the MC common core services APN and the MC identity management service APN. If PDN access credentials are required, then they shall be made available to the MC service UE via initial MC service UE configuration (see subclause 10.1.1) on a per APN basis.

The PDN connection to the APNs defined within the present subclause can be of type "IPv4", "IPv6" or "IPv4v6" (see 3GPP TS 23.401 [17]). If a PDN connection to an APN defined within the present subclause is of type "IPv4v6" then the MC service client shall use configuration data to determine whether to use IPv4 or IPv6.

5.2.7.1 MBMS bearer management

When operating in systems that support MBMS functionality, the MC service can provide downlink MBMS delivery of MC service media.

When operating in systems that support MBMS functionality, the MC service can provide downlink MBMS delivery of application level control messages targeted towards multiple MC clients at the same time (e.g. floor idle and floor taken for MCPTT services).

MC service UEs can receive the traffic delivered via MBMS, regardless of whether or not they have any unicast radio bearers available.

When switching between different downlink bearers, the MC service UE shall preserve the reception context in order to eliminate or reduce to a minimum any interruption of service.

The MC service shall enable an MC service UE in an ongoing MC service group session that has just entered an area of media delivery via MBMS bearers to immediately start receiving the media for that MC service group session via MBMS.

The MC service server shall not map MC service group sessions to MBMS bearers that cannot provide the QoS required by the group.

An MC service UE that uses MBSFN transmission should be able to support eight MBSFN areas simultaneously on the same RF carrier.

5.2.7.2 EPS bearer considerations

5.2.7.2.1 Considerations for the EPS bearer to the MC services PDN

If the PDN connection established during the initial attach by the MC service UE is to an APN other than the MC services APN, then prior to user authentication, the MC service UE shall establish another PDN connection to the MC services APN. PDN connection establishment can also be caused by a SIP registration request for one or more MC services.

The QCI value of 69 (as specified in 3GPP TS 23.203 [8]) shall be used for the EPS bearer that transports SIP-1 reference point messaging.

5.2.7.2.2 Considerations for the EPS bearer to the MC common core services PDN and MC identity management service PDN

The QCI value 8 (as specified in 3GPP TS 23.203 [8]) or better shall be used for the EPS bearer that transports HTTP-1 reference point messaging. If QCI value 8 is not used for HTTP-1 transport, then caution should be used that a higher priority bearer (that is used for signalling or media) is not compromised by combining HTTP-1 traffic on this bearer.

5.2.8 External applications access to services in a MC system

The MC system shall allow external applications to gain secure access to MC services by supporting authentication and authorization of external applications.

Editor’s note: External applications reside outside a MC system and can access a MC system using IP connectivity.

Editor’s note: How to enable the external application access to services in an MC system is FFS.

Editor’s note: The definition for services and capabilities discovery is FFS.

5.2.9 Migration

5.2.9.1 General

Migration provides means for the MC service user to obtain MC services from a partner MC system. As the MC service client receives one or multiple user profiles for the MC service user from its primary MC system (as described in clause 10.1.4.3). Each user profile contains a list of partner MC systems that the user is permitted to migrate to, along with necessary access information to facilitate service authentication, hence, facilitate migration to the partner MC system.

MC service interconnection needs to be provided between MC systems that wish to provide migration of their MC service users.

Migration of MC service users between any two MC systems can be on a bilateral or unilateral basis.

NOTE: Whether migration is bilateral or unilateral between any two MC systems is left to business agreements between the two MC service providers, and is outside the scope of the present document.

Migration may be triggered by the primary MC system or may be requested by the MC service client due to its geographical changes.

Upon a successful service authorization for migration, i.e., once the MC service user is authorized to migrate to a partner MC system, its primary MC system marks the user as migrated, is informed of the target partner MC system, and records the corresponding MC service ID of the migrated user provided by the partner MC system. Further details are described in clause 10.6.3.

The functional alias of a migrated MC service user at a partner MC system, which is defined in the partner MC system, can be utilized as a target address in private communication as described in clause 10.16.3.

During migration of an MC service user to a partner MC system, media of the MC service user’s calls may need to be routed to the MC service user’s primary MC system e.g. for logging purposes.

5.2.9.2 PLMN utilisation

Migrated MC service users should utilize the PLMN used by the partner MC system to access MC services in the partner MC system, however, utilizing the PLMN used by the primary MC system is not precluded.

NOTE 1: The above recommendation ensures the security policy of the partner MC system is not compromised, the expected QCIs are used on the RAN, and ensures service‑level delay requirements are consistently met (which are especially at risk when the HPLMN of the primary MC system and HPLMN of the partner MC system are far apart from a geographical point of view).

NOTE 2: Whether the PLMN used by the partner MC systems or the PLMN used by the primary MC system is used to access MC services in partner MC systems is left to business agreements between MC service providers and is outside the scope of the present document.

MC service users enabled for migration shall be provisioned with configuration that specifies which PLMNs may be used to migrate to other MC systems.

If the PLMN used by a partner MC system is different from the PLMN used by the primary MC system (i.e. migrating MC service user starts using the PLMN used bye the partner MC system), then:

– EPC‑level roaming (see subclause 5.2.2) is needed between the PLMN used by the primary MC system and PLMN used by the partner MC system; and

– the PLMN used by the partner MC system needs to enable local break-out for the APNs specified in subclause 5.2.7 that identify the PDNs of the partner MC system; and

– the EPS subscriptions of the PLMN used by the primary MC system utilized by the MC service users who are allowed to migrate to the partner MC system need to be provisioned with, and local break-out enabled for, the APNs specified in subclause 5.2.7 that identify the PDNs of the partner MC system.

If the PLMN used by the partner MC system and the PLMN used by the primary MC system are the same (i.e. migrating MC service user continues to use the PLMN used by the primary MC system), then:

– the EPS subscriptions of the PLMN used by the primary MC system utilized by the MC service users who are allowed to migrate to the partner MC system need to be provisioned with the APNs specified in subclause 5.2.7 that identify the PDNs of the partner MC system.

NOTE 3: Provisioning of APNs in all of the above includes provisioning of any needed access credentials e.g. PAP, CHAP.

5.2.9.3 SIP core / IMS utilisation

Migrated MC service users should utilise the SIP core / IMS of the partner MC system.

NOTE 1: The above recommendation ensures the security policy of the partner MC system is not compromised and ensures service‑level delay requirements are consistently met (which are especially at risk when the SIP core / IMS of the primary MC system and the SIP core / IMS of the partner MC system are far apart from a geographical point of view).

Where connectivity and security policies allow, the same SIP core / IMS can be utilised to connect to the primary MC system and one or more partner MC systems.

NOTE 2: Whether the same SIP core / IMS can be utilised to connect to the primary MC system and a partner MC system is left to business agreements between MC service providers, and is outside the scope of the present document.

For each partner MC system, MC service UEs of MC service users enabled for migration shall be provisioned with:

– configuration that controls whether the MC service UE shall connect to the SIP core / IMS of the primary MC system or a different SIP core / IMS (i.e. SIP core / IMS of the partner MC system); and

– where a different SIP core / IMS to the primary MC system’s SIP core / IMS is to be connected to then the MC service UE shall also be configured with:

– configuration required for the MC service UE to access the SIP core / IMS; and

– credentials required for the MC service UE to register with the SIP core / IMS.

Editor’s note: It is FFS how the MC service UE connects to the SIP core / IMS of the partner MC system to access MC services in the partner MC system.

5.2.10 Interconnection

5.2.10.1 General

MC service interconnection allows a first set of MC service users who are receiving MC service from a first MC system to take part in communications with a second set of MC service users, where this second set of MC service users are receiving MC service from a second MC system, and where the second MC system is in a different trust domain to the first MC system.

NOTE: Assumptions for trust domains are described in subclause 5.1.2 of the present document.

5.2.10.2 Connectivity

The MC service clients of the MC service users receiving MC service(s) from a first MC system and using MC service interconnection to take part in communication with MC service users in a second MC system require connectivity to only the identity management server in the second MC system.

IP connectivity is required between MC systems wishing to interconnect. The IP connectivity is used to carry the signalling and application plane protocols needed to provide MC service.

NOTE 1: The IP connectivity between interconnecting MC systems needs to provide appropriate performance (e.g. low packet latency) in order to meet MC service user performance requirements for the MC service.

NOTE 2: If IP connectivity between interconnecting MC systems is carried outside the trust domain of both MC systems, then there will need to be appropriate security measures applied. Such security measures are outside the scope of the present document.

5.2.10.3 Migration

Interconnection may be used by a migrated MC service user who is receiving service from a partner MC system to take part in communication with MC service users in the primary MC system of that migrated MC service user.

5.2.10.4 Private calls

Where private calls take place using interconnection between MC service users who are receiving MC service in different MC systems, the MC system providing MC service to the calling MC service user will provide the controlling function for the private call.

5.2.10.5 Group calls

Where MC service users in a partner MC system of the group home MC system of an MC service group take part in group calls in that group, the group home MC system of the MC service group will provide the controlling function for the group call.

5.2.10.6 Group configuration

A partner MC system may apply local configuration to an MC service group configuration received from the primary MC system (i.e. the group home MC system).

5.2.10.7 MC system topology hiding

If an MC system requires internal network topology hiding, then this shall be achieved in the MC system by use of the following:

– proxies for signalling plane functions; and

– gateway MC service servers for application plane functions.

5.2.11 Use of priorities

5.2.11.1 Requested priority

The MC system may allow the MC service client to request the priority of a communication by selecting the corresponding priority level. The MC service server can enforce the selected priority level in determining the application priority for resource allocation during communication establishment.

The use of the requested priority may vary depending on MC service provider’s policy.