16.2.1a Initial Attach in WLAN for Emergency Service on GTP S2a

23.4023GPPArchitecture enhancements for non-3GPP accessesRelease 18TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

Figure 16.2.1a-1: Initial attachment for Emergency Service in WLAN on GTP S2a for roaming, LBO and non-roaming scenarios

This procedure applies when the UE needs to establish an IMS emergency session over Trusted WLAN access:

– in SCM mode, the UE shall start initial attach procedure for emergency service. If the UE has already active PDN connection, the UE shall detach and start initial attach procedure for emergency service;

– in MCM mode, the UE shall perform initial attach for emergency services and triggers the UE Initiated PDN connectivity request procedure in WLAN on S2a procedure. If the UE has already active PDN connection and the TWAN does not supports emergency service, the UE shall detach and start selection of a WLAN supporting Emergengy service and perform initial attach procedure for emergency service;

– The emergency service is not supported in TSCM.

The scenario (A) is only applicable for single-connection mode.

The Initial Attach for emergency session follows the same steps that the Initial Attach for a non emergency session, so only the differences with regard to the procedures described in clauses 16.2.1 are documented.

2. As in step 2 of figure 16.2.1-1 with the following modifications:

– The behaviour defined in clause 4.5.7.2.1 shall apply;

– In the EAP authentication procedure, the UE shall add in EAP-AKA’ an indication that the authentication is performed for emergency service;

– The TWAN shall add in signalling over STa an indication whether it supports emergency service;

– The 3GPP AAA server uses this indication to give precedence to this session in case of signalling congestion (over SWx), and for authenticated UE without roaming permission to not carry out roaming and location checks for this UE;

– The 3GPP AAA server forwards the indication for emergency service to the TWAN via STa interface.

During the EAP-AKA’ Authentication, the identity provided by the UE is defined in clause 4.6.3.

– When local policies (related with local regulations) allow unauthenticated emergency sessions, the TWAN forwards the EAP payload received from the UE to the 3GPP AAA Server in the VPLMN serving the specific domain for unauthenticated emergency access;

– If the UE includes an identity based on IMEI and the 3GPP AAA server is not configured to support Unauthenticated Emergency Attach (i.e for supporting cases c and d as defined in TS 23.401 [4] clause 4.3.12), the 3GPP AAA server shall reject the Emergency Attach Request;

– If the UE did not include the IMEI in the identity and the 3GPP AAA server is configured for supporting Unauthenticated Emergency Attach (per cases c and d as defined in TS 23.401 [4] clause 4.3.12), the 3GPP AAA Server shall request the UE to provide its IMEI(SV). In that case the UE shall signal its IMEI(SV) to the 3GPP AAA Server. The 3GPP AAA Server forwards IMEI(SV) received from the UE to the TWAN (over STa);

If the 3GPP AAA server is configured for IMSI required and authentication optional (case c in TS 23.401 [4] clause 4.3.12) and IMSI is not provided, the 3GPP AAA shall reject the authentication request;

For an Emergency Attach, the IMEI check to the EIR may be performed (step 2a or step 2b). Dependent upon the result, the 3GPP AAA server or 3GPP AAA proxy in roaming case decides whether to continue or to stop the authentication and authorization procedure is based on operator policies.

In attach for emergency service NSWO is not allowed.

The TWAN may provide to the 3GPP AAA server the location information defined in clause 16.1.7 via STa.

During the negotiation between the UE and the AAA server, if the network supports emergency session with unauthenticated UEs and if the UE has not been successfully authenticated by the network, the network shall use the single-connection mode.

If the Transparent Single-Connection Mode is selected by the network (because e.g. it does not support single-connection mode), and the UE supports emergency service, the UE shall abort the authentication.

NOTE 1: If the UE support ES on SCM or MCM, but the network support only transparent single-connection mode, the ES procedure shall be aborted by UE, since the 3GPP AAA server may have ignored the emergency service indication send by UE and continuated the authentication procedure.

– Upon a successful authorization by the 3GPP AAA server, the TWAN stores subscription information if they are received from the 3GPP AAA, but does not use this information for the emergency PDN connection. It instead uses Emergency Configuration Data to get information on the APN and possibly PDN GW and / or QoS (APN-AMBR, default QoS) to use for the emergency PDN connection.

The following steps 3-7 are only performed in scenario (A):

3. The TWAN sends a Create Session Request message to the PGW as described in step 3 of clause 16.2.1 but with following specificities:

– No parameter in the Create Session Request message is related with the user subscription. Parameters in the Emergency Configuration Data are used instead;

– No Additional Parameters are provided for additional authentication and authorisation with an external AAA Server;

– The PDN GW derives the emergency related policies to apply from the APN received in the Create Session Request message;

– For emergency attached UEs, if the IMSI cannot be authenticated or the UE has not provided it (according to cases c) and d) as defined in TS 23.401 [4], clause 4.3.12), then the IMEI shall be used as UE identifier. It also indicates that the identity has been not authenticated;

– The indication for emergency service is used by the TWAN to give precedence to this session in case of signalling congestion reported via GTP-c;

– Any APN received by the TWAN from the UE in MCM in WLCP signalling and in SCM from 3GPP AAA server is ignored as the TWAN uses its Emergency Configuration Data to determine the APN to be associated with the emergency PDN connection and possibly to determine the PDN GW to use. The TWAN shall not check whether this APN is part of UE subscription;

– If PDN connection request is for emergency service and the TWAN is not configured to support PDN connections for emergency services the TWANshall reject the PDN Connectivity Request with an appropriate reject cause;

– If PDN connection request is for emergency service, the TWAN derives a PDN GW as defined in clause 4.5.7.2.3.

4. As Step 4 of clause 16.2.1, with the following specificities:

– The PCRF deduces the emergency related policies to apply from the APN received in the IP‑CAN Session Establishment message.

5. As in step 5 of clause 16.2.1, with the following specificities:

– The PDN GW sends an Emergency indication over S6b in order for the 3GPP AAA server to be able to apply specific policies for emergency services. For authenticated UE, the 3GPP AAA server updatesthe HSS with the identity of the PDN GW.

6. As in step 6 of clause 16.2.1.

7. As in step 7 of clause 16.2.18.

8 As in step 8 of clause 16.2.1 with following modification:

– In single-connection mode, if the UE requested EPC access without indicating a requested APN, then the network indicates the selected APN for emergency service. If the requested connectivity feature is not possible, the 3GPP AAA server rejects the request with a relevant authorization failure cause code.

9. As in step 9 of clause 16.2.1.

10-14. These steps are not applicable for Initial Attach for emergency service.

NOTE 2: The steps 10-14 are only performed for transparent single-connection mode when the PDN type is IPv4 and a DHCPv4 request was sent in step 9.

15. As in step 15 of clause 16.2.1.

16. In multi-connection mode, the procedure "UE initiated Emergency Service PDN connectivity request procedure in WLAN on S2a" in clause 16.8.3 is performed to establish aEmergency PDN connection.