10.12 LMR security transport

23.2833GPPMission Critical Communication Interworking with Land Mobile Radio SystemsRelease 18TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

10.12.1 Information flows for LMR security transport

10.12.1.1 Non-3GPP security message request

Table 10.12.1.1-1 describes the information flow non-3GPP security message request from the MC service server to the IWF, from the IWF to the MC service server, from the MC service server to the MC service client and from the MC service client to the MC service server.

Table 10.12.1.1-1: Non-3GPP security message request

Information Element	Status	Description
MC service ID	M	The identity of the MC service user
URI of LMR security functional entity	M	URI of LMR key management functional entity user profile parameter defined in 3GPP TS 23.379 [7]
LMR type	O	The LMR technology, e.g. TETRA, P25. Required when sent toward the MC service client.
Payload	M	Opaque payload. Contents and format are out of 3GPP scope.

10.12.1.2 Non-3GPP security message response

Table 10.12.1.2-1 describes the information flow non-3GPP security message response from the MC service server to the IWF, from the IWF to the MC service server, from the MC service server to the MC service client and from the MC service client to the MC service server.

Table 10.12.1.2-1: Non-3GPP security message response

Information Element	Status	Description
MC service ID	M	The identity of the MC service user
URI of LMR security functional entity	M	URI of LMR key management functional entity user profile parameter defined in 3GPP TS 23.379 [7]

10.12.2 LMR key management messages

10.12.2.1 General

This subclause defines end to end messaging to convey the non-3GPP, LMR security information opaquely (message contents are out of 3GPP’s scope) across the MC system, between the IWF and the LMR aware MC service client. The end to end messasges are service independent, any MC service may support them.

10.12.2.2 MC service client initiated

Figure 10.12.2.2-1 describes the case where an MC service client sends LMR security information to the IWF.

Pre-conditions:

1. The MC service client is registered and the user is authenticated and authorized to use the MC service server.

Figure 10.12.2.2-1: Non-3GPP security messaging, MC service client to the IWF

1. The MC service client sends s a non-3GPP security message request to the MC service server. The contents of the message are opaque to the MC service and are out of scope of 3GPP.

2. The MC service server forwards the contents of the non-3GPP security message request to the IWF.

3. The IWF acknowledges with a non-3GPP security message response to the MC service server.

4. The MC service server acknowledges with a non-3GPP security message response to the MC service client.

10.12.2.3 IWF initiated

Figure 10.12.2.3-1 describes the case where the IWF sends LMR security information to an MC service client.

Pre-conditions:

1. The MC service client is registered and the user is authenticated and authorized to use the MC service server.

Figure 10.12.2.3-1: Non-3GPP security, from the IWF to MC service client

1. The IWF sends a non-3GPP security message request to the MC service server. The contents of the message are opaque to the MC service and are out of scope of 3GPP.

2. The MC service server forwards the contents of non-3GPP security message request to the MC service client.

3. The MC service client acknowledges with a non-3GPP security message response to the MC service server.

4. The MC service server forwards the non-3GPP security message response to the IWF.