4.5 Unified access control

24.5013GPPNon-Access-Stratum (NAS) protocol for 5G System (5GS)Release 18Stage 3TS

4.5.1 General

When the UE needs to access the 5GS, the UE not operating as an IAB-node (see 3GPP TS 23.501 [8]) and not acting as a 5G ProSe layer-2 UE-to-network relay UE (see 3GPP TS 23.304 [6E]) whose access attempt is triggered by a 5G ProSe layer-2 remote UE, first performs access control checks to determine if the access is allowed. Access control checks shall be performed for the access attempts defined by the following list of events:

NOTE 1: Although the UE operating as an IAB-node skips the access control checks, the UE operating as an IAB-node determines an access category and one or more access identities for each access attempt in order to derive an RRC establishment cause. In this case the NAS provides the RRC establishment cause but does not provide the access category and the one or more access identities to the lower layers.

a) the UE is in 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication over 3GPP access and an event that requires a transition to 5GMM-CONNECTED mode occurs; and

b) the UE is in 5GMM-CONNECTED mode over 3GPP access or 5GMM-CONNECTED mode with RRC inactive indication and one of the following events occurs:

1) 5GMM receives an MO-IMS-registration-related-signalling-started indication, an MO-MMTEL-voice-call-started indication, an MO-MMTEL-video-call-started indication or an MO-SMSoIP-attempt-started indication from upper layers;

2) 5GMM receives a request from upper layers to send a mobile originated SMS over NAS unless the request triggered a service request procedure to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode;

3) 5GMM receives a request from upper layers to send an UL NAS TRANSPORT message for the purpose of PDU session establishment unless the request triggered a service request procedure to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode;

4) 5GMM receives a request from upper layers to send an UL NAS TRANSPORT message for the purpose of PDU session modification unless the request triggered a service request procedure to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode;

5) 5GMM receives a request to re-establish the user-plane resources for an existing PDU session;

6) 5GMM is notified that an uplink user data packet is to be sent for a PDU session with suspended user-plane resources;

7) 5GMM receives a request from upper layers to send a mobile originated location request unless the request triggered a service request procedure to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode; and

8) 5GMM receives a request from upper layers to send a mobile originated signalling transaction towards the PCF by sending an UL NAS TRANSPORT message including a UE policy container (see 3GPP TS 24.587 [19B] and 3GPP TS 24.554 [19E]) unless the request triggered a service request procedure to transition the UE from 5GMM-IDLE mode to 5GMM-CONNECTED mode.

NOTE 2: 5GMM specific procedures initiated by NAS in 5GMM-CONNECTED mode or 5GMM-CONNECTED mode with RRC inactive indication are not subject to access control, e.g. a registration procedure after PS handover will not be prevented by access control (see subclause 5.5).

NOTE 3: LPP messages or location event report messages transported in the UL NAS TRANSPORT message sent in response to a mobile terminating or network induced location request, and the corresponding access attempts are handled as MT access.

NOTE 4: Initiating a mobile originated signalling transaction towards the UDM by sending an UL NAS TRANSPORT message including an SOR transparent container is not supported. Therefore, access control for these cases has not been specified.

When the NAS detects one of the above events, the NAS needs to perform the mapping of the kind of request to one or more access identities and one access category and lower layers will perform access barring checks for that request based on the determined access identities and access category.

NOTE 5: The NAS is aware of the above events through indications provided by upper layers or through determining the need to start 5GMM procedures through normal NAS behaviour, or both.

To determine the access identities and the access category for a request, the NAS checks the reason for access, types of service requested and profile of the UE including UE configurations, against a set of access identities and access categories defined in 3GPP TS 22.261 [3], namely:

a) a set of standardized access identities;

b) a set of standardized access categories; and

c) a set of operator-defined access categories, if available.

For the purpose of determining the applicable access identities from the set of standardized access identities defined in 3GPP TS 22.261 [3], the NAS shall follow the requirements set out in:

a) subclause 4.5.2 and the rules and actions defined in table 4.5.2.1, if the UE is not operating in SNPN access mode; or

b) subclause 4.5.2A and the rules and actions defined in table 4.5.2A.1, if the UE is operating in SNPN access mode.

In order to enable access barring checks for access attempts identified by lower layers in 5GMM-CONNECTED mode with RRC inactive indication, the UE provides the applicable access identities to lower layers.

NOTE 6: When and how the NAS provides the applicable access identities to lower layers is UE implementation specific.

NOTE 7: Although the UE operating as an IAB-node skips the access control checks, the UE provides the applicable access identities to lower layers for access attempts identified by lower layers in 5GMM-CONNECTED mode with RRC inactive indication.

For the purpose of determining the applicable access category from the set of standardized access categories and operator-defined access categories defined in 3GPP TS 22.261 [3], the NAS shall follow the requirements set out in:

a) subclause 4.5.2 and the rules and actions defined in table 4.5.2.2, if the UE is not operating in SNPN access mode; or

b) subclause 4.5.2A and the rules and actions defined in table 4.5.2A.2, if the UE is operating in SNPN access mode.

4.5.2 Determination of the access identities and access category associated with a request for access for UEs not operating in SNPN access mode

When the UE needs to initiate an access attempt in one of the events listed in subclause 4.5.1, the UE shall determine one or more access identities from the set of standardized access identities, and one access category from the set of standardized access categories and operator-defined access categories, to be associated with that access attempt.

The set of the access identities applicable for the request is determined by the UE in the following way:

a) for each of the access identities 1, 2, 3, 11, 12, 13, 14 and 15 in table 4.5.2.1, the UE shall check whether the access identity is applicable in the selected PLMN, if a new PLMN is selected, or otherwise if it is applicable in the RPLMN or equivalent PLMN; and

b) if none of the above access identities is applicable, then access identity 0 is applicable.

Table 4.5.2.1: Access identities

Access Identity number

UE configuration

0

UE is not configured with any parameters from this table

1 (NOTE 1)

UE is configured for multimedia priority service (MPS).

2 (NOTE 2)

UE is configured for mission critical service (MCS).

3 (NOTE 4)

UE for which a disaster condition applies

4-10

Reserved for future use

11 (NOTE 3)

Access Class 11 is configured in the UE.

12 (NOTE 3)

Access Class 12 is configured in the UE.

13 (NOTE 3)

Access Class 13 is configured in the UE.

14 (NOTE 3)

Access Class 14 is configured in the UE.

15 (NOTE 3)

Access Class 15 is configured in the UE.

NOTE 1: Access identity 1 is valid when:
– the USIM file EFUAC_AIC indicates the UE is configured for access identity 1 and the selected PLMN, if a new PLMN is selected, or RPLMN is the HPLMN (if the EHPLMN list is not present or is empty) or EHPLMN (if the EHPLMN list is present), or a visited PLMN of the home country (see the definition of home country in 3GPP TS 24.301 [15]);
– the UE receives the 5GS network feature support IE with the MPS indicator bit set to "Access identity 1 valid" from the RPLMN as described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4; or
– the UE receives the Priority indicator IE with the MPS indicator bit set to "Access identity 1 valid" from the RPLMN as described in subclause 5.4.4.3.

NOTE 2: Access identity 2 is used by UEs configured for MCS and is valid when:
– the USIM file EFUAC_AIC indicates the UE is configured for access identity 2 and the selected PLMN, if a new PLMN is selected, or RPLMN is the HPLMN (if the EHPLMN list is not present or is empty) or EHPLMN (if the EHPLMN list is present), or a visited PLMN of the home country (see 3GPP TS 23.122 [5]); or
– the UE receives the 5GS network feature support IE with the MCS indicator bit set to "Access identity 2 valid" from the RPLMN as described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4.

NOTE 3: Access identities 11 and 15 are valid in HPLMN (if the EHPLMN list is not present or is empty) or EHPLMN (if the EHPLMN list is present). Access Identities 12, 13 and 14 are valid in HPLMN and visited PLMNs of home country only (see the definition of home country in 3GPP TS 24.301 [15]).

NOTE 4: Access Identity 3 is valid when the UE is registering or registered for disaster roaming services (see 3GPP TS 23.122 [5]).

The UE uses the MPS indicator bit of the 5GS network feature support IE or the Priority indicator IE to determine if access identity 1 is valid. Processing of the MPS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message is described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4. Processing of the MPS indicator bit of the Priority indicator IE in the CONFIGURATION UPDATE COMMAND message is described in subclause 5.4.4.3. The UE shall not consider access identity 1 to be valid when the UE is not in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present) prior to receiving the MPS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message or of the Priority indicator IE in the CONFIGURATION UPDATE COMMAND message being set to "Access identity 1 valid".

When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), the contents of the USIM file EFUAC_AIC as specified in 3GPP TS 31.102 [22] and the rules specified in table 4.5.2.1 are used to determine the applicability of access identity 1. When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), and the USIM file EFUAC_AIC does not indicate the UE is configured for access identity 1, the UE uses the MPS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message or of the Priority indicator IE in the CONFIGURATION UPDATE COMMAND message to determine if access identity 1 is valid. When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), and the USIM file EFUAC_AIC indicates the UE is configured for access identity 1, the MPS indicator bit of the 5GS network feature support IE and the Priority indicator IE are not applicable. When the UE is not in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), the contents of the USIM file EFUAC_AIC are not applicable.

The UE uses the MCS indicator bit of the 5GS network feature support IE to determine if access identity 2 is valid. Processing of the MCS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message is described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4. The UE shall not consider access identity 2 to be valid when the UE is not in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present) prior to receiving the MCS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message being set to "Access identity 2 valid".

When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), the contents of the USIM file EFUAC_AIC as specified in 3GPP TS 31.102 [22] and the rules specified in table 4.5.2.1 are used to determine the applicability of access identity 2. When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), and the USIM file EFUAC_AIC does not indicate the UE is configured for access identity 2, the UE uses the MCS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message to determine if access identity 2 is valid. When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), and the USIM file EFUAC_AIC indicates the UE is configured for access identity 2, the MCS indicator bit of the 5GS network feature support IE is not applicable. When the UE is not in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), the contents of the USIM file EFUAC_AIC are not applicable.

The UE checks the conditions specified in subclause 4.4.3.1.1 of 3GPP TS 23.122 [5] to determine if access identity 3 is valid, and the applicability of access identity 3.

When the UE is in its HPLMN (if the EHPLMN list is not present or is empty) or in an EHPLMN (if the EHPLMN list is present), the contents of the USIM file EFACC as specified in 3GPP TS 31.102 [22] and the rules specified in table 4.5.2.1 are used to determine the applicability of access classes 11 and 15. When the UE is not in its HPLMN (if the EHPLMN list is not present or is empty) or in an EHPLMN (if the EHPLMN list is present), access classes 11 and 15 are not applicable.

When the UE is in the country of its HPLMN, the contents of the USIM file EFACC as specified in 3GPP TS 31.102 [22] and the rules specified in table 4.5.2.1 are used to determine the applicability of access classes 12 – 14. When the UE is not in the country of its HPLMN, access classes 12-14 are not applicable.

In order to determine the access category applicable for the access attempt, the NAS shall check the rules in table 4.5.2.2, and use the access category for which there is a match for barring check. If the access attempt matches more than one rule, the access category of the lowest rule number shall be selected. If the access attempt matches more than one operator-defined access category definition, the UE shall select the access category from the operator-defined access category definition with the lowest precedence value (see subclause 4.5.3).

NOTE: The case when an access attempt matches more than one rule includes the case when multiple events trigger an access attempt at the same time.

Table 4.5.2.2: Mapping table for access categories

Rule #

Type of access attempt

Requirements to be met

Access Category

1

Response to paging or NOTIFICATION over non-3GPP access;

5GMM connection management procedure initiated for the purpose of transporting an LPP message without an ongoing 5GC-MO-LR procedure;

Access attempt to handover of ongoing MMTEL voice call, MMTEL video call or SMSoIP from non-3GPP access; or

Access attempt upon receipt of "call-pull-initiated" indication from the upper layers (see 3GPP TS 24.174 [13D])

Access attempt is for MT access, or handover of ongoing MMTEL voice call, MMTEL video call or SMSoIP from non-3GPP access; or
Access attempt is made upon receipt of "call-pull-initiated" (3GPP TS 24.174 [13D])

0 (= MT_acc)

2

Emergency

UE is attempting access for an emergency session (NOTE 1, NOTE 2)

2 (= emergency)

3

Access attempt for operator-defined access category

UE stores operator-defined access category definitions valid in the current PLMN as specified in subclause 4.5.3, and access attempt is matching criteria of an operator-defined access category definition

32-63
(= based on operator classification)

3.1

Access attempt for MO exception data

UE is in NB-N1 mode and allowed to use exception data reporting (see the ExceptionDataReportingAllowed leaf of the NAS configuration MO in 3GPP TS 24.368 [17] or the USIM file EFNASCONFIG in 3GPP TS 31.102 [22]), and access attempt is for MO data or for MO signalling initiated upon receiving a request from upper layers to transmit user data related to an exceptional event.

10 (= MO exception data)

4

Access attempt for delay tolerant service

(a) UE is configured for NAS signalling low priority or UE supporting S1 mode is configured for EAB (see the "ExtendedAccessBarring" leaf of NAS configuration MO in 3GPP TS 24.368 [17] or 3GPP TS 31.102 [22]) where "EAB override" does not apply, and

(b): the UE received one of the categories a, b or c as part of the parameters for unified access control in the broadcast system information, and the UE is a member of the broadcasted category in the selected PLMN or RPLMN/equivalent PLMN

(NOTE 3, NOTE 5, NOTE 6, NOTE 7, NOTE 8)

1 (= delay tolerant)

5

MO MMTel voice call; or

MT MMTel voice call

Access attempt is for MO MMTel voice call or MT MMTel voice call

or for NAS signalling connection recovery during ongoing MO MMTel voice call or ongoing MT MMTel voice call (NOTE 2)

4 (= MO MMTel voice)

6

MO MMTel video call; or

MT MMTel video call

Access attempt is for MO MMTel video call or MT MMTel video call

or for NAS signalling connection recovery during ongoing MO MMTel video call or ongoing MT MMTel video call (NOTE 2)

5 (= MO MMTel video)

7

MO SMS over NAS or MO SMSoIP; or

MT SMSoIP

Access attempt is for MO SMS over NAS (NOTE 4) or MO SMS over SMSoIP transfer or MT SMS over SMSoIP

or for NAS signalling connection recovery during ongoing MO SMS or SMSoIP transfer or ongoing MT MMTel video call (NOTE 2)

6 (= MO SMS and SMSoIP)

7.1

MO IMS registration related signalling

Access attempt is for MO IMS registration related signalling (e.g. IMS initial registration, re-registration, subscription refresh)

or for NAS signalling connection recovery during ongoing procedure for MO IMS registration related signalling (NOTE 2a)

9 (= MO IMS registration related signalling)

8

UE NAS initiated 5GMM specific procedures

Access attempt is for MO signalling

3 (= MO_sig)

8.1

Mobile originated location request

Access attempt is for mobile originated location request (NOTE 9)

3 (= MO_sig)

8.2

Mobile originated signalling transaction towards the PCF

Access attempt is for mobile originated signalling transaction towards the PCF (NOTE 10)

3 (= MO_sig)

9

UE NAS initiated 5GMM connection management procedure or 5GMM NAS transport procedure

Access attempt is for MO data

7 (= MO_data)

10

An uplink user data packet is to be sent for a PDU session with suspended user-plane resources

No further requirement is to be met

7 (= MO_data)

NOTE 1: This includes 5GMM specific procedures while the service is ongoing and 5GMM connection management procedures required to establish a PDU session with request type = "initial emergency request" or "existing emergency PDU session", or to re-establish user-plane resources for such a PDU session. This further includes the service request procedure initiated with a SERVICE REQUEST message with the Service type IE set to "emergency services fallback".

NOTE 2: Access for the purpose of NAS signalling connection recovery during an ongoing service as defined in subclause 4.5.5, or for the purpose of NAS signalling connection establishment following fallback indication from lower layers during an ongoing service as defined in subclause 4.5.5, is mapped to the access category of the ongoing service in order to derive an RRC establishment cause, but barring checks will be skipped for this access attempt.

NOTE 2a: Access for the purpose of NAS signalling connection recovery during an ongoing procedure for MO IMS registration related signalling as defined in subclause 4.5.5, or for the purpose of NAS signalling connection establishment following fallback indication from lower layers during an ongoing procedure for MO IMS registration related signalling as defined in subclause 4.5.5, is mapped to the access category of the MO IMS registration related signalling in order to derive an RRC establishment cause, but barring checks will be skipped for this access attempt.

NOTE 3: If the UE selects a new PLMN, then the selected PLMN is used to check the membership; otherwise the UE uses the RPLMNor a PLMN equivalent to the RPLMN.

NOTE 4: This includes the 5GMM connection management procedures triggered by the UE-initiated NAS transport procedure for transporting the MO SMS.

NOTE 5: The UE configured for NAS signalling low priority is not supported in this release of specification. If a UE supporting both S1 mode and N1 mode is configured for NAS signalling low priority in S1 mode as specified in 3GPP TS 24.368 [17] or 3GPP TS 31.102 [22], the UE shall ignore the configuration for NAS signalling low priority when in N1 mode.

NOTE 6: If the access category applicable for the access attempt is 1, then the UE shall additionally determine a second access category from the range 3 to 7. If more than one access category matches, the access category of the lowest rule number shall be chosen. The UE shall use the second access category only to derive an RRC establishment cause for the access attempt.

NOTE 7: "EAB override" does not apply, if the UE is not configured to allow overriding EAB (see the "Override_ExtendedAccessBarring" leaf of NAS configuration MO in 3GPP TS 24.368 [17] or 3GPP TS 31.102 [22]), or if NAS has not received an indication from the upper layers to override EAB and the UE does not have a PDU session that was established with EAB override.

NOTE 8: For the definition of categories a, b and c associated with access category 1, see 3GPP TS 22.261 [3]. The categories associated with access category 1 are distinct from the categories a, b and c associated with EAB (see 3GPP TS 22.011 [1A]).

NOTE 9: This includes:
a) the UE-initiated NAS transport procedure for transporting a mobile originated location
request;
b) the 5GMM connection management procedure triggered by a) above; and
c) NAS signalling connection recovery during an ongoing 5GC-MO-LR procedure.

NOTE 10: This includes:
a) the UE-initiated NAS transport procedure for transporting a mobile originated signalling
transaction towards the PCF;
b) the 5GMM connection management procedure triggered by a) above; and
c) NAS signalling connection recovery during an ongoing UE-requested policy provisioning procedure for V2XP, ProSeP or both (see 3GPP TS 24.587 [19B] and see 3GPP TS 24.554 [19E]).

4.5.2A Determination of the access identities and access category associated with a request for access for UEs operating in SNPN access mode

When the UE needs to initiate an access attempt in one of the events listed in subclause 4.5.1, the UE shall determine one or more access identities from the set of standardized access identities, and one access category from the set of standardized access categories and operator-defined access categories, to be associated with that access attempt.

The set of the access identities applicable for the request is determined by the UE in the following way:

a) for each of the access identities 1, 2, 11, 12, 13, 14 and 15 in table 4.5.2A.1, the UE shall check whether the access identity is applicable in the selected SNPN, if a new SNPN is selected, or otherwise if it is applicable in the RSNPN or equivalent SNPN; and

b) if none of the above access identities is applicable, then access identity 0 is applicable.

Table 4.5.2A.1: Access identities

Access Identity number

UE configuration

0

UE is not configured with any parameters from this table

1 (NOTE 1)

UE is configured for multimedia priority service (MPS).

2 (NOTE 2)

UE is configured for mission critical service (MCS).

3-10

Reserved for future use

11 (NOTE 3)

Access Class 11 is configured in the UE.

12 (NOTE 3)

Access Class 12 is configured in the UE.

13 (NOTE 3)

Access Class 13 is configured in the UE.

14 (NOTE 3)

Access Class 14 is configured in the UE.

15 (NOTE 3)

Access Class 15 is configured in the UE.

NOTE 1: Access identity 1 is valid when:
– the unified access control configuration in the "list of subscriber data" stored in the ME (see 3GPP TS 23.122 [5]), if an entry of "list of subscriber data" is selected, or in the USIM (see 3GPP TS 31.102 [22]), if the PLMN subscription is selected, indicates the UE is configured for access identity 1 in the selected SNPN, if a new SNPN is selected, or RSNPN;
– the UE receives the 5GS network feature support IE with the MPS indicator bit set to "Access identity 1 valid" from the RSNPN as described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4; or
– the UE receives the Priority indicator IE with the MPS indicator bit set to "Access identity 1 valid" from the RPLMN as described in subclause 5.4.4.3.

NOTE 2: Access identity 2 is used by UEs configured for MCS and is valid when:
– the unified access control configuration in the "list of subscriber data" stored in the ME (see 3GPP TS 23.122 [5]), if an entry of "list of subscriber data" is selected, or in the USIM (see 3GPP TS 31.102 [22]), if the PLMN subscription is selected, indicates the UE is configured for access identity 2 in the selected SNPN, if a new SNPN is selected, or RSNPN; or
– the UE receives the 5GS network feature support IE with the MCS indicator bit set to "Access identity 2 valid" from the RSNPN as described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4.

NOTE 3: Access identities 11 to 15 are valid if indicated as configured for the UE in the unified access control configuration in the "list of subscriber data" stored in the ME (see 3GPP TS 23.122 [5]), if an entry of "list of subscriber data" is selected, or in the USIM (see 3GPP TS 31.102 [22]), if the PLMN subscription is selected, in the selected SNPN, if a new SNPN is selected, or RSNPN.

The contents of the unified access control configuration in the "list of subscriber data" stored in the ME (see 3GPP TS 23.122 [5]), if an entry of "list of subscriber data" is selected, or in the USIM (see 3GPP TS 31.102 [22]), if the PLMN subscription is selected, and the rules specified in table 4.5.2A.1 are used to determine the applicability of access identity 1 in the SNPN. When the contents of the unified access control configuration in the "list of subscriber data" stored in the ME (see 3GPP TS 23.122 [5]), if an entry of "list of subscriber data" is selected, or in the USIM (see 3GPP TS 31.102 [22]), if the PLMN subscription is selected, do not indicate the UE is configured for access identity 1 for the SNPN, the UE uses the MPS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message and the MPS indicator bit of the Priority indicator IE in the CONFIGURATION UPDATE COMMAND message to determine if access identity 1 is valid.

The contents of the unified access control configuration in the "list of subscriber data" stored in the ME (see 3GPP TS 23.122 [5]), if an entry of "list of subscriber data" is selected, or in the USIM (see 3GPP TS 31.102 [22]), if the PLMN subscription is selected, and the rules specified in table 4.5.2A.1 are used to determine the applicability of access identity 2 in the SNPN. When the contents of the unified access control configuration in the "list of subscriber data" stored in the ME (see 3GPP TS 23.122 [5]), if an entry of "list of subscriber data" is selected, or in the USIM (see 3GPP TS 31.102 [22]), if the PLMN subscription is selected, do not indicate the UE is configured for access identity 2 for the SNPN, the UE uses the MCS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message to determine if access identity 2 is valid.

The contents of the unified access control configuration in the "list of subscriber data" stored in the ME (see 3GPP TS 23.122 [5]), if an entry of "list of subscriber data" is selected, or in the USIM (see 3GPP TS 31.102 [22]), if the PLMN subscription is selected, and the rules specified in table 4.5.2A.1 are used to determine the applicability of access classes 11 to 15 in the SNPN.

In order to determine the access category applicable for the access attempt, the NAS shall check the rules in table 4.5.2A.2, and use the access category for which there is a match for barring check. If the access attempt matches more than one rule, the access category of the lowest rule number shall be selected. If the access attempt matches more than one operator-defined access category definition, the UE shall select the access category from the operator-defined access category definition with the lowest precedence value (see subclause 4.5.3).

NOTE: The case when an access attempt matches more than one rule includes the case when multiple events trigger an access attempt at the same time.

Table 4.5.2A.2: Mapping table for access categories

Rule #

Type of access attempt

Requirements to be met

Access Category

1

Response to paging or NOTIFICATION over non-3GPP access (NOTE 11);

5GMM connection management procedure initiated for the purpose of transporting an LPP message without an ongoing 5GC-MO-LR procedure;

Access attempt to handover of MMTEL voice call, MMTEL video call or SMSoIP from non-3GPP access;

Access attempt upon receipt of "call-pull-initiated" indication from the upper layers (see 3GPP TS 24.174 [13D])

Access attempt is for MT access, handover of ongoing MMTEL voice call, MMTEL video call or SMSoIP from non-3GPP access; or

Access attempt is made upon receipt of "call-pull-initiated" indication (3GPP TS 24.174 [13D])

0 (= MT_acc)

2

Emergency

UE is attempting access for an emergency session (NOTE 1, NOTE 2)

2 (= emergency)

3

Access attempt for operator-defined access category

UE stores operator-defined access category definitions valid in the SNPN as specified in subclause 4.5.3, and access attempt is matching criteria of an operator-defined access category definition

32-63
(= based on operator classification)

4

Access attempt for delay tolerant service

(a) UE is configured for NAS signalling low priority, and

(b) the UE received one of the categories a, b or c as part of the parameters for unified access control in the broadcast system information, and the UE is a member of the broadcasted category in the selected SNPN, RSNPN or equivalent SNPN

(NOTE 3, NOTE 5, NOTE 6, NOTE 7, NOTE 8)

1 (= delay tolerant)

5

MO MMTel voice call; or

MT MMTel voice call

Access attempt is for MO MMTel voice call or MT MMTel voice call

or for NAS signalling connection recovery during ongoing MO MMTel voice call or ongoing MT MMTel voice call (NOTE 2)

4 (= MO MMTel voice)

6

MO MMTel video call; or

MT MMTel video call

Access attempt is for MO MMTel video call or MT MMTel video call

or for NAS signalling connection recovery during ongoing MO MMTel video call or ongoing MT MMTel video call (NOTE 2)

5 (= MO MMTel video)

7

MO SMS over NAS or MO SMSoIP; or

MT SMSoIP

Access attempt is for MO SMS over NAS (NOTE 4) or MO SMS over SMSoIP transfer or MT SMS over SMSoIP

or for NAS signalling connection recovery during ongoing MO SMS or SMSoIP transfer or MT SMS over SMSoIP (NOTE 2)

6 (= MO SMS and SMSoIP)

5

MO MMTel voice call

Access attempt is for MO MMTel voice call

or for NAS signalling connection recovery during ongoing MO MMTel voice call (NOTE 2)

4 (= MO MMTel voice)

6

MO MMTel video call

Access attempt is for MO MMTel video call

or for NAS signalling connection recovery during ongoing MO MMTel video call (NOTE 2)

5 (= MO MMTel video)

7

MO SMS over NAS or MO SMSoIP

Access attempt is for MO SMS over NAS (NOTE 4) or MO SMS over SMSoIP transfer

or for NAS signalling connection recovery during ongoing MO SMS or SMSoIP transfer (NOTE 2)

6 (= MO SMS and SMSoIP)

7.1

MO IMS registration related signalling

Access attempt is for MO IMS registration related signalling (e.g. IMS initial registration, re-registration, subscription refresh)

or for NAS signalling connection recovery during ongoing procedure for MO IMS registration related signalling (NOTE 2a)

9 (= MO IMS registration related signalling)

8

UE NAS initiated 5GMM specific procedures

Access attempt is for MO signalling

3 (= MO_sig)

8.1

Mobile originated location request

Access attempt is for mobile originated location request (NOTE 9)

3 (= MO_sig)

8.2

Mobile originated signalling transaction towards the PCF

Access attempt is for mobile originated signalling transaction towards the PCF (NOTE 10)

3 (= MO_sig)

9

UE NAS initiated 5GMM connection management procedure or 5GMM NAS transport procedure

Access attempt is for MO data

7 (= MO_data)

10

An uplink user data packet is to be sent for a PDU session with suspended user-plane resources

No further requirement is to be met

7 (= MO_data)

NOTE 1: Void

NOTE 2: Access for the purpose of NAS signalling connection recovery during an ongoing service as defined in subclause 4.5.5, or for the purpose of NAS signalling connection establishment following fallback indication from lower layers during an ongoing service as defined in subclause 4.5.5, is mapped to the access category of the ongoing service in order to derive an RRC establishment cause, but barring checks will be skipped for this access attempt.

NOTE 2a: Access for the purpose of NAS signalling connection recovery during an ongoing MO IMS registration related signalling as defined in subclause 4.5.5, or for the purpose of NAS signalling connection establishment following fallback indication from lower layers during an ongoing MO IMS registration related signalling as defined in subclause 4.5.5, is mapped to the access category of the MO IMS registration related signalling in order to derive an RRC establishment cause, but barring checks will be skipped for this access attempt.

NOTE 3: If the UE selects a new SNPN, then the selected SNPN is used to check the membership; otherwise the UE uses the RSNPN or an SNPN equivalent to the RSNPN.

NOTE 4: This includes the 5GMM connection management procedures triggered by the UE-initiated NAS transport procedure for transporting the MO SMS.

NOTE 5: The UE configured for NAS signalling low priority is not supported in this release of specification.

NOTE 6: If the access category applicable for the access attempt is 1, then the UE shall additionally determine a second access category from the range 3 to 7. If more than one access category matches, the access category of the lowest rule number shall be chosen. The UE shall use the second access category only to derive an RRC establishment cause for the access attempt.

NOTE 7: Void.

NOTE 8: For the definition of categories a, b and c associated with access category 1, see 3GPP TS 22.261 [3]. The categories associated with access category 1 are distinct from the categories a, b and c associated with EAB (see 3GPP TS 22.011 [1A]).

NOTE 9: This includes:
a) the UE-initiated NAS transport procedure for transporting a mobile originated location
request;
b) the 5GMM connection management procedure triggered by a) above; and
c) NAS signalling connection recovery during an ongoing 5GC-MO-LR procedure.

NOTE 10: This includes:
a) the UE-initiated NAS transport procedure for transporting a mobile originated signalling
transaction towards the PCF;
b) the 5GMM connection management procedure triggered by a) above; and
c) NAS signalling connection recovery during an ongoing UE-requested policy provisioning procedure for V2XP (see 3GPP TS 24.587 [19B]).

NOTE 11: The term "non-3GPP access" refers to the case when the UE is accessing SNPN services via a PLMN.

4.5.3 Operator-defined access categories

Operator-defined access category definitions can be signalled to the UE using NAS signalling. Each operator-defined access category definition consists of the following parameters:

a) a precedence value which indicates in which order the UE shall evaluate the operator-defined category definition for a match;

b) an operator-defined access category number, i.e. access category number in the 32-63 range that uniquely identifies the access category in the PLMN or SNPN in which the access categories are being sent to the UE;

c) criteria consisting of one or more access category criteria type and associated access category criteria type values. The access category criteria type can be set to one of the following:

1) DNN;

2) Void;

3) OS Id + OS App Id of application triggering the access attempt; or

4) S-NSSAI; and

NOTE 1: An access category criteria type can be associated with more than one access category criteria values.

d) optionally, a standardized access category. This standardized access category is used in combination with the access identities of the UE to determine the RRC establishment cause as specified in subclause 4.5.6.

If the access attempt is to establish a new PDU session i.e. it is triggered by:

– a request from upper layers to send an UL NAS TRANSPORT message for the purpose of PDU session establishment unless the request triggered a service request procedure (or a registration procedure if the UE is in state 5GMM-REGISTERED.ATTEMPTING-REGISTRATION-UPDATE) to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode; or

– a service request procedure (or a registration procedure if the UE is in state 5GMM-REGISTERED.ATTEMPTING-REGISTRATION-UPDATE) to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode triggered by a request from upper layers to send an UL NAS TRANSPORT message for the purpose of PDU session establishment,

then:

– the access attempt matches access category criteria type DNN if the DNN requested by the UE during the PDU session establishment procedure matches any of the access criteria type values associated with the access criteria type DNN; and

– the access attempt matches access category criteria type S-NSSAI if the S-NSSAI requested by the UE during the PDU session establishment procedure matches any of the access criteria type values associated with the access criteria type S-NSSAI.

If the access attempt is for an existing PDU session i.e. it is triggered by:

– a request from upper layers to send an UL NAS TRANSPORT message for the purpose of PDU session modification unless the request triggered a service request procedure (or a registration procedure if the UE is in state 5GMM-REGISTERED.ATTEMPTING-REGISTRATION-UPDATE) to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode;

– a service request procedure (or a registration procedure if the UE is in state 5GMM-REGISTERED.ATTEMPTING-REGISTRATION-UPDATE) to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode triggered by a request from upper layers to send an UL NAS TRANSPORT message for the purpose of PDU session modification;

– a service request procedure (or a registration procedure if the UE is in state 5GMM-REGISTERED.ATTEMPTING-REGISTRATION-UPDATE) to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode triggered by a request from upper layers to send an UL NAS TRANSPORT message for the purpose of PDU session release;

– a service request procedure (or a registration procedure if the UE is in state 5GMM-REGISTERED.ATTEMPTING-REGISTRATION-UPDATE) requesting user-plane resources for a PDU session; or

– an uplink user data packet is to be sent for a PDU session with suspended user-plane resources,

then:

– the access attempt matches access category criteria type DNN if the DNN provided by the network in the PDU SESSION ESTABLISHMENT ACCEPT message matches any of the access criteria type values associated with the access criteria type DNN; and

– the access attempt matches access category criteria type S-NSSAI if the S-NSSAI associated with the PDU session matches any of the access criteria type values associated with the access criteria type S-NSSAI.

NOTE 2: In order to avoid having access attempts for non-always-on PDU sessions blocked due to access barring of always-on PDU sessions, it is recommended that the network assigns the highest precedence values to operator-defined access category definition which can be matched by always-on PDU sessions.

An access attempt matches the criteria of an operator-defined access category definition, if the access attempt matches all access category criteria types included in the criteria with any of the associated access criteria type values.

Each operator-defined access category definition has a different precedence value.

Several operator-defined access category definitions can have the same operator-defined access category number.

If:

– an access category in bullet d) is not provided;

– an access category in bullet d) is provided and is not a standardized access category; or

– an access category in bullet d) is provided, is a standardized access category and is not recognized by the UE;

the UE shall use instead access category 7 (MO_data) in combination with the access identities of the UE to determine the RRC establishment cause as specified in subclause 4.5.6.

The operator-defined access category definitions are valid in the PLMN which provided them and in a PLMN equivalent to the PLMN which provided them, or in the SNPN which provided them and in an SNPN equivalent to the SNPN which provided them, as specified in annex C.

If the UE stores operator-defined access category definitions valid in the selected PLMN or the RPLMN, or valid in the selected SNPN or RSNPN, then access control in 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication will only be performed for the event a) defined in subclause 4.5.1. If the transition from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication over 3GPP access to 5GMM-CONNECTED mode is due to a UE NAS initiated 5GMM specific procedure, then this access attempt shall be mapped to one of the standardized access categories in the range < 32, see subclause 4.5.2. I.e. for this case the UE shall skip the checking of operator-defined access category definitions.

If the UE stores operator-defined access category definitions valid in the selected PLMN or the RPLMN, or valid in the selected SNPN or RSNPN, then access control in 5GMM-CONNECTED mode and in 5GMM-CONNECTED mode with RRC inactive indication will only be performed for the events 1) to 8) defined in subclause 4.5.1.

The UE shall handle the operator-defined access category definitions stored for the RPLMN or RSNPN as specified in subclause 5.4.4.3, subclause 5.5.1.2.4, and subclause 5.5.1.3.4.

When the UE is switched off, the UE shall keep the operator-defined access category definitions so that the operator-defined access category definitions can be used after switch on.

When the UE selects a new PLMN which is not equivalent to the previously selected PLMN, or selects a new SNPN which is not equivalent to the previously selected SNPN, the UE shall stop using the operator-defined access category definitions stored for the previously selected PLMN or SNPN and should keep the operator-defined access category definitions stored for the previously selected PLMN or SNPN.

NOTE 3: When the UE selects a new PLMN which is not equivalent to the previously selected PLMN, or selects a new SNPN which is not equivalent to the previously selected SNPN, the UE can delete the operator-defined access category definitions stored for the previously selected PLMN or SNPN e.g. if there is no storage space in the UE.

4.5.4 Access control and checking

4.5.4.1 Access control and checking in 5GMM-IDLE mode and in 5GMM-IDLE mode with suspend indication

When the UE is in 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication, upon receiving a request from the upper layers for an access attempt, the NAS shall categorize the access attempt into access identities and an access category following:

a) subclause 4.5.2, table 4.5.2.1 and table 4.5.2.2, and subclause 4.5.3, if the UE is not operating in SNPN access mode; or

b) subclause 4.5.2A, table 4.5.2A.1 and table 4.5.2A.2, and subclause 4.5.3, if the UE is operating in SNPN access mode,

and provide the applicable access identities and the access category to the lower layers for the purpose of access control checking. In this request to the lower layer the NAS can also provide to the lower layer the RRC establishment cause determined as specified in subclause 4.5.6 of this specification.

NOTE 1: The access barring check is performed by the lower layers.

NOTE 2: As an implementation option, the NAS can provide the RRC establishment cause to the lower layers after being informed by the lower layers that the access attempt is allowed.

If the UE has uplink user data pending for one or more PDU sessions when it builds a REGISTRATION REQUEST or SERVICE REQUEST message as initial NAS message, the UE shall indicate the respective PDU sessions in the Uplink data status IE as specified in subclause 5.5.1.3.2 and 5.6.1.2.1, regardless of the access category for which the access barring check is performed.

If the UE is registered for 5GS services with control plane CIoT 5GS optimization has uplink user data pending for one or more PDU sessions when it builds a CONTROL PLANE SERVICE REQUEST message as initial NAS message, the UE shall indicate the respective PDU sessions as specified in subclause 5.6.1.2.2, regardless of the access category for which the access barring check is performed.

NOTE 3: The UE indicates pending user data for all the respective PDU sessions, even if barring timers are running for some of the corresponding access categories.

If the lower layers indicate that the access attempt is allowed, the NAS shall initiate the procedure to send the initial NAS message for the access attempt.

If the lower layers indicate that the access attempt is barred, the NAS shall not initiate the procedure to send the initial NAS message for the access attempt. Additionally:

a) if the event which triggered the access attempt was an MO-MMTEL-voice-call-started indication or an MO-MMTEL-video-call-started indication:

1) if the UE is operating in the single-registration mode, the UE’s usage setting is "voice centric" and the UE has not disabled its E-UTRA capability as specified in 3GPP TS 24.301 [15], the UE may attempt to select an E-UTRA cell connected to EPC. If the UE finds a suitable E-UTRA cell connected to EPC, it then proceeds with the appropriate EMM specific procedures and, if necessary, ESM procedures to make a PDN connection providing access to IMS available; see subclause 4.8.2 and 3GPP TS 24.301 [15];

2) if the UE is operating in the dual-registration mode, the UE may proceed in S1 mode with the appropriate EMM specific procedures and ESM procedures to make a PDN connection providing access to IMS available; see subclause 4.8.3 and 3GPP TS 24.301 [15]; or

3) otherwise, the NAS shall notify the upper layers that the access attempt is barred. In this case, upon receiving an indication from the lower layers that the barring is alleviated for the access category with which the access attempt was associated, the NAS shall notify the upper layers that the barring is alleviated for the access category and may initiate the procedure to send the initial NAS message, if still needed;

b) if the event which triggered the access attempt was an MO-SMSoIP-attempt-started indication or an MO-IMS-registration-related-signalling-started indication:

1) if the UE is operating in the single-registration mode, the UE may attempt to select an E-UTRA cell connected to EPC. If the UE finds a suitable E-UTRA cell connected to EPC, it then proceeds with the appropriate EMM specific procedures and, if necessary, ESM procedures to make a PDN connection providing access to IMS available; see subclause 4.8.2 and 3GPP TS 24.301 [15];

2) if the UE is operating in the dual-registration mode, the UE may proceed in S1 mode with the appropriate EMM specific procedures and ESM procedures to make a PDN connection providing access to IMS available; see subclause 4.8.3 and 3GPP TS 24.301 [15]; or

3) otherwise, the NAS shall notify the upper layers that the access attempt is barred. In this case, upon receiving an indication from the lower layers that the barring is alleviated for the access category with which the access attempt was associated, the NAS shall notify the upper layers that the barring is alleviated for the access category and may initiate the procedure to send the initial NAS message, if still needed; and

c) if the access attempt is for emergency:

1) the NAS shall notify the upper layers that the access attempt is barred. In this case, upon receiving an indication from the lower layers that the barring is alleviated for the access category with which the access attempt was associated, the NAS shall notify the upper layers of that the barring is alleviated for the access category and may initiate the procedure to send the initial NAS message, if still needed.

NOTE 4: This can result in the upper layers requesting another emergency call attempt using domain selection as specified in 3GPP TS 23.167 [6] and 3GPP TS 24.229 [14].

NOTE 5: Barring timers, on a per access category basis, are run by the lower layers. At expiry of barring timers, the indication of alleviation of access barring is indicated to the NAS on a per access category basis.

4.5.4.2 Access control and checking in 5GMM-CONNECTED mode and in 5GMM-CONNECTED mode with RRC inactive indication

When the UE is in 5GMM-CONNECTED mode or 5GMM-CONNECTED mode with RRC inactive indication, upon detecting one of events 1) through 8) listed in subclause 4.5.1, the NAS shall categorize the corresponding access attempt into access identities and an access category following:

a) subclause 4.5.2, table 4.5.2.1 and table 4.5.2.2, and subclause 4.5.3, if the UE is not operating in SNPN access mode; or

b) subclause 4.5.2A, table 4.5.2A.1 and table 4.5.2A.2, and subclause 4.5.3, if the UE is operating in SNPN access mode,

and provide the access identities and the access category to the lower layers for the purpose of access control checking. In this request to the lower layer the NAS can also provide to the lower layer the RRC establishment cause determined as specified in subclause 4.5.6 of this specification.

NOTE 1: As an implementation option, the NAS can provide the RRC establishment cause to the lower layers after being informed by the lower layers that the access attempt is allowed.

If the UE has uplink user data pending for one or more PDU sessions when it builds a REGISTRATION REQUEST or SERVICE REQUEST message for the access attempt, the UE shall indicate the respective PDU sessions in the Uplink data status IE as specified in subclause 5.5.1.3.2 and 5.6.1.2, regardless of the access category for which the access barring check is performed.

NOTE 2: The UE indicates pending user data for all the respective PDU sessions, even if barring timers are running for some of the corresponding access categories.

If the lower layers indicate that the access attempt is allowed, the NAS shall take the following action depending on the event which triggered the access attempt:

a) if the event which triggered the access attempt was an MO-MMTEL-voice-call-started indication, an MO-MMTEL-video-call-started indication, an MO-SMSoIP-attempt-started indication, or an MO-IMS-registration-related-signalling-started indication, the NAS shall notify the upper layers that the access attempt is allowed;

b) if the event which triggered the access attempt was a request from upper layers to send a mobile originated SMS over NAS, 5GMM shall initiate the NAS transport procedure as specified in subclause 5.4.5 to send the SMS in an UL NAS TRANSPORT message;

c) if the event which triggered the access attempt was a request from upper layers to establish a new PDU session, 5GMM shall initiate the NAS transport procedure as specified in subclause 5.4.5 to send the PDU SESSION ESTABLISHMENT REQUEST message;

d) if the event which triggered the access attempt was a request from upper layers to modify an existing PDU session, 5GMM shall initiate the NAS transport procedure as specified in subclause 5.4.5 to send the PDU SESSION MODIFICATION REQUEST message;

e) if the event which triggered the access attempt was a request to re-establish the user-plane resources for an existing PDU session, 5GMM shall initiate the service request procedure as specified in subclause 5.6.1;

f) if the event which triggered the access attempt was an uplink user data packet to be sent for a PDU session with suspended user-plane resources, 5GMM shall consider that the uplink user data packet is allowed to be sent;

g) if the event which triggered the access attempt was a request from upper layers to send a mobile originated location request, 5GMM shall initiate the NAS transport procedure as specified in clause 5.4.5 to send an LCS message in an UL NAS TRANSPORT message; and

h) if the event which triggered the access attempt was a request from upper layers to send a mobile originated signalling transaction towards the PCF by sending an UL NAS TRANSPORT message including a UE policy container (see 3GPP TS 24.587 [19B] and 3GPP TS 24.554 [19E]), 5GMM shall initiate the NAS transport procedure as specified in subclause 5.4.5 to send the signalling transaction via an UL NAS TRANSPORT message.

If the lower layers indicate that the access attempt is barred, the NAS shall take the following action depending on the event which triggered the access attempt:

a) if the event which triggered the access attempt was an MO-MMTEL-voice-call-started indication, an MO-MMTEL-video-call-started indication or an MO-SMSoIP-attempt-started indication, or an MO-IMS-registration-related-signalling-started indication:

1) if the UE is operating in the dual-registration mode, the UE may proceed in S1 mode with the appropriate EMM specific procedures and ESM procedures to make a PDN connection providing access to IMS available; see subclause 4.8.3 and 3GPP TS 24.301 [15];

2) otherwise, the NAS shall notify the upper layers that the access attempt is barred. In this case, upon receiving an indication from the lower layers that the barring is alleviated for the access category with which the access attempt was associated, the NAS shall notify the upper layers that the barring is alleviated for the access category;

NOTE 3: In this case prohibiting the initiation of the MMTEL voice session, MMTEL video session or prohibiting sending of the SMS over IP or the IMS registration related signalling is performed by the upper layers.

b) if the event which triggered the access attempt was a request from upper layers to send a mobile originated SMS over NAS, 5GMM shall not initiate the NAS transport procedure as specified in subclause 5.4.5 to send the SMS in an UL NAS TRANSPORT message. Upon receiving an indication from the lower layers that the barring is alleviated for the access category with which the access attempt was associated, 5GMM may initiate the NAS transport procedure as specified in subclause 5.4.5 to send the SMS in an UL NAS TRANSPORT message, if still needed;

c) if the event which triggered the access attempt was a request from upper layers to establish a new PDU session, 5GMM shall not initiate the NAS transport procedure to send the PDU SESSION ESTABLISHMENT REQUEST message. Upon receiving an indication from the lower layers that the barring is alleviated for the access category with which the access attempt was associated, the NAS may initiate the NAS transport procedure as specified in subclause 5.4.5, if still needed;

d) if the event which triggered the access attempt was a request from upper layers to modify an existing PDU session modification, 5GMM shall not initiate the NAS transport procedure to send the PDU SESSION MODIFICATION REQUEST message. Upon receiving an indication from the lower layers that the barring is alleviated for the access category with which the access attempt was associated, the NAS may initiate the NAS transport procedure as specified in subclause 5.4.5, if still needed;

e) if the event which triggered the access attempt was a request to re-establish the user-plane resources for an existing PDU session, the NAS shall not initiate the service request procedure as specified in subclause 5.6.1. Upon receiving an indication from the lower layers that the barring is alleviated for the access category with which the access attempt was associated, the NAS may initiate the service request procedure as specified in subclause 5.6.1, if still needed;

f) if the event which triggered the access attempt was an uplink user data packet to be sent for a PDU session with suspended user-plane resources, 5GMM shall consider that the uplink user data packet is not allowed to be sent. Upon receiving an indication from the lower layers that the barring is alleviated for the access category with which the access attempt was associated, the NAS shall consider that the barring is alleviated for the access category;

g) if the event which triggered the access attempt was a request from upper layers to send a mobile originated location request, 5GMM shall not initiate the NAS transport procedure as specified in clause 5.4.5 to send an LCS message in an UL NAS TRANSPORT message. Upon receiving an indication from the lower layers that the barring is alleviated for the access category with which the access attempt was associated, 5GMM may initiate the NAS transport procedure as specified in clause 5.4.5 to send the LCS message in an UL NAS TRANSPORT message, if still needed; and

h) if the event which triggered the access attempt was a request from upper layers to send a mobile originated signalling transaction towards the PCF by sending an UL NAS TRANSPORT message including a UE policy container (see 3GPP TS 24.587 [19B] and 3GPP TS 24.554 [19E]), 5GMM shall not initiate the NAS transport procedure as specified in subclause 5.4.5 to send the mobile originated signalling transaction via an UL NAS TRANSPORT message. Upon receiving an indication from the lower layers that the barring is alleviated for the access category with which the access attempt was associated, 5GMM may initiate the NAS transport procedure as specified in subclause 5.4.5 to send the mobile originated signalling transaction via an UL NAS TRANSPORT message, if still needed.

4.5.5 Exception handling and avoiding double barring

Access attempts are allowed to proceed without further access control checking in order to avoid double barring for any service request or registration procedure initiated for the purpose of NAS signalling connection recovery or following a fallback indication from the lower layers (see subclauses 5.3.1.2 and 5.3.1.4).

NOTE 1: The case of NAS signalling connection recovery also includes the cases where the UE was in S1 mode when the RRC connection failure occurred.

For any service request or registration procedure of this kind the UE determines an access category as specified in subclause 4.5.1 and 4.5.2 or 4.5.2A, unless a different access category is specified in the rest of the present subclause.

NOTE 2: Although the access control checking is skipped, the access category is determined for the specific access attempt in order to derive an RRC establishment cause.

There are several services or an MO IMS registration related signalling for which the NAS needs to be informed when the service starts and stops,

– because, while the service is ongoing or the MO IMS registration related signalling is ongoing, the mapping of other access attempts to a specific access category can be affected; and

– in order to avoid double barring at the start of these services or at the start of the MO IMS registration related signalling.

These services are:

a) emergency service;

b) MMTEL voice;

c) MMTEL video;

d) SMSoIP;

e) SMS over NAS;

f) 5GC-MO-LR procedure;

g) UE-requested policy provisioning procedure for V2XP, ProSeP or both; and

h) CIoT user data transfer over the control plane.

The UE considers an emergency service a) as started when 5GMM receives a request from upper layers to register for emergency services or to establish a PDU session with request type = "initial emergency request" or "existing emergency PDU session". It considers the emergency service as stopped when this PDU session is released.

In addition, the UE considers an emergency service a) as started when the 5GMM receives a request from the upper layers to perform emergency services fallback and performs emergency services fallback as specified in subclause 4.13.4.2 of 3GPP TS 23.502 [9]. In this case, the UE considers the emergency service as stopped when:

– the emergency PDU session established during the emergency services fallback is released if the UE has moved to an E-UTRA cell connected to 5GCN; or

– the service request procedure involved in the emergency services fallback is completed otherwise.

While an emergency service a) is ongoing, any access attempt triggered by the initiation of a registration, de-registration or service request procedure or by an uplink user data packet to be sent for an emergency PDU session with suspended user-plane resources is mapped to access category 2 = emergency.

Once the emergency service has successfully passed access control, then as long as the service is ongoing, the following access attempts are allowed to proceed without further access control checking in order to avoid double barring:

– any service request procedure related to the PDU session associated with request type = "initial emergency request" or "existing emergency PDU session"; and

– any uplink user data packet to be sent for a PDU session with suspended user-plane resources associated with request type = "initial emergency request" or "existing emergency PDU session".

NOTE 3: Although the access control checking is skipped, the mapping is performed in order to derive an RRC establishment cause.

For services b) to h) the 5GMM receives explicit start and stop indications from the upper layers.

For the case of handover of ongoing services b) to d) from non-3GPP access, the 5GMM receives an additional explicit handover of ongoing service from non-3GPP access indication from the upper layers.

The 5GMM may receive an additional explicit "call-pull-initiated" indication from the upper layers (see 3GPP TS 24.174 [13D]).

Once the service has successfully passed access control, then as long as the service is ongoing, the following access attempts are allowed to proceed without further access control checking in order to avoid double barring:

– for services b), c) and d):

1) any service request procedure related to the PDU session established for DNN = "IMS" except between receiving from the lower layers an indication that access barring is applicable for all access categories except categories 0 and 2, or access barring is applicable for all access categories except category 0, and receiving from the lower layers an indication that the barring is alleviated for the access category determined for the access attempt; and

2) any uplink user data packet to be sent for a PDU session with suspended user-plane resources established for DNN = "IMS" except between receiving from the lower layers an indication that access barring is applicable for all access categories except categories 0 and 2, or access barring is applicable for all access categories except category 0, and receiving from the lower layers an indication that the barring is alleviated for the access category determined for the access attempt;

– for service d), if the upper layers have indicated a DNN used for SMSoIP and the indicated DNN used for SMSoIP is different from "IMS":

1) any service request procedure related to the PDU session established for the DNN used for SMSoIP except between receiving from the lower layers an indication that access barring is applicable for all access categories except categories 0 and 2, or access barring is applicable for all access categories except category 0, and receiving from the lower layers an indication that the barring is alleviated for access category 6; and

2) any uplink user data packet to be sent for a PDU session with suspended user-plane resources established for the DNN used for SMSoIP except between receiving from the lower layers an indication that access barring is applicable for all access categories except categories 0 and 2, or access barring is applicable for all access category except category 0, and receiving from the lower layers an indication that the barring is alleviated for access category 6.

For the MO IMS registration related signalling, the 5GMM receives explicit start and stop indications from the upper layers.

Once the MO IMS registration related signalling has successfully passed access control, then as long as the MO IMS registration related signalling is ongoing, the following access attempts are allowed to proceed without further access control checking in order to avoid double barring:

1) any service request procedure related to the PDU session established for DNN = "IMS" and for the DNN used for SMSoIP, if the upper layers have indicated a DNN used for SMSoIP and the indicated DNN used for SMSoIP is different from "IMS", except between receiving from the lower layers an indication that access barring is applicable for all access categories except categories 0 and 2, or access barring is applicable for all access categories except category 0 and receiving from the lower layers an indication that the barring is alleviated for the access category determined for the access attempt; and

2) any uplink user data packet to be sent for a PDU session with suspended user-plane resources established for DNN = "IMS" and for the DNN used for SMSoIP except between receiving from the lower layers an indication that access barring is applicable for all access categories except categories 0 and 2, or access barring is applicable for all access categories except category 0 and receiving from the lower layers an indication that the barring is alleviated for the access category determined for the access attempt;

While an MMTEL voice call is ongoing:

– any service request procedure related to the PDU session established for DNN = "IMS" is mapped to access category 4;

– any uplink user data packet to be sent for a PDU session with suspended user-plane resources established for DNN = "IMS" is mapped to access category 4; and

– any:

1) service request procedure; or

2) registration procedure;

initiated in 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication for the purpose of NAS signalling connection recovery or following a fallback indication from the lower layers (see subclause 5.3.1.2 and 5.3.1.4) is mapped to access category 4.

While an MMTEL video call is ongoing and no MMTEL voice call is ongoing:

– any service request procedure related to the PDU session established for DNN = "IMS" is mapped to access category 5;

– any uplink user data packet to be sent for a PDU session with suspended user-plane resources established for DNN = "IMS" is mapped to access category 5; and

– any:

1) service request procedure; or

2) registration procedure;

initiated in 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication for the purpose of NAS signalling connection recovery or following a fallback indication from the lower layers (see subclause 5.3.1.2 and 5.3.1.4) is mapped to access category 5.

While an SMSoIP is ongoing, no MMTEL video call is ongoing and no MMTEL voice call is ongoing:

– any service request procedure related to the PDU session established:

1) for DNN = "IMS"; or

2) for the DNN used for SMSoIP, if the upper layers have indicated a DNN used for SMSoIP and the indicated DNN used for SMSoIP is different from "IMS";

is mapped to access category 6; and

– any uplink user data packet to be sent for a PDU session with suspended user-plane resources established:

1) for DNN = "IMS"; or

2) for the DNN used for SMSoIP, if the upper layers have indicated a DNN used for SMSoIP and the indicated DNN used for SMSoIP is different from "IMS";

is mapped to access category 6; and

– any:

1) service request procedure; or

2) registration procedure;

initiated in 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication for the purpose of NAS signalling connection recovery or following a fallback indication from the lower layers (see subclause 5.3.1.2 and 5.3.1.4) is mapped to access category 6.

While an SMS over NAS is ongoing, no SMSoIP is ongoing, no MMTEL video call is ongoing and no MMTEL voice call is ongoing:

– any:

1) service request procedure; or

2) registration procedure;

initiated in 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication for the purpose of NAS signalling connection recovery or following a fallback indication from the lower layers (see subclause 5.3.1.2 and 5.3.1.4) is mapped to access category 6.

While an MO IMS registration related signalling is ongoing, no SMSoIP is ongoing, no MMTEL video call is ongoing and no MMTEL voice call is ongoing:

– any service request procedure related to the PDU session established:

1) for DNN = "IMS"; and

2) for the DNN used for SMSoIP, if the upper layers have indicated a DNN used for SMSoIP and the indicated DNN used for SMSoIP is different from "IMS";

is mapped to access category 9; and

– any uplink user data packet to be sent for a PDU session with suspended user-plane resources established:

1) for DNN = "IMS"; and

2) for the DNN used for SMSoIP, if the upper layers have indicated a DNN used for SMSoIP and the indicated DNN used for SMSoIP is different from "IMS";

is mapped to access category 9; and

– if no SMS over NAS is ongoing, any:

1) service request procedure; or

2) registration procedure;

initiated in 5GMM-IDLE mode for the purpose of NAS signalling connection recovery or following a fallback indication from the lower layers (see subclause 5.3.1.2 and 5.3.1.4) is mapped to access category 9.

While a 5GC-MO-LR procedure is ongoing, no SMS over NAS is ongoing, no SMSoIP is ongoing, no MO IMS registration related signalling is ongoing, no MMTEL video call is ongoing, and no MMTEL voice call is ongoing:

– any:

1) service request procedure; or

2) registration procedure;

initiated in 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication for the purpose of NAS signalling connection recovery or following a fallback indication from the lower layers (see subclauses 5.3.1.2 and 5.3.1.4) is mapped to access category 3.

While a UE-requested policy provisioning procedure for V2XP, ProSeP or both (see 3GPP TS 24.587 [19B] and 3GPP TS 24.554 [19E]), no 5GC-MO-LR procedure is ongoing, no SMS over NAS is ongoing, no SMSoIP is ongoing, no MMTEL video call is ongoing, and no MMTEL voice call is ongoing:

– any:

1) service request procedure; or

2) registration procedure;

initiated in 5GMM-IDLE mode for the purpose of NAS signalling connection recovery or following a fallback indication from the lower layers (see subclauses 5.3.1.2 and 5.3.1.4) is mapped to access category 3.

While CIoT user data transfer over the control plane is ongoing, no 5GC-MO-LR procedure is ongoing, no SMS over NAS is ongoing, no SMSoIP is ongoing, no MMTEL video call is ongoing, and no MMTEL voice call is ongoing, any service request procedure initiated in 5GMM-IDLE mode following a fallback indication from the lower layers (see subclause 5.3.1.4) is mapped to access category 7.

NOTE 3: Although the access control checking is skipped, the mapping is performed in order to derive an RRC establishment cause.

If an access category is determined and the access control checking is skipped, the NAS shall determine the RRC establishment cause from one or more determined access identities and the access category as specified in subclause 4.5.6, the NAS shall initiate the procedure to send the initial NAS message for the access attempt and shall provide the RRC establishment cause to lower layers.

If the UE receives from the lower layers an indication that access barring is applicable for all access categories except categories 0 and 2, or access barring is applicable for all access categories except category 0:

a) if an MMTEL voice call or MMTEL video call is ongoing:

1) if the UE is operating in the single-registration mode and the UE’s usage setting is "voice centric", the UE may attempt to select an E-UTRA cell connected to EPC. If the UE finds a suitable E-UTRA cell connected to EPC, it then proceeds with the appropriate EMM specific procedures and, if necessary, ESM procedures to make a PDN connection providing access to IMS available; see subclause 4.8.2 and 3GPP TS 24.301 [15]; and

2) if the UE is operating in the dual-registration mode, the UE may proceed in S1 mode with the appropriate EMM specific procedures and ESM procedures to make a PDN connection providing access to IMS available; see subclause 4.8.3 and 3GPP TS 24.301 [15]; and

b) if SMSoIP is ongoing or an MO IMS registration related signalling is ongoing:

1) if the UE is operating in the single-registration mode, the UE may attempt to select an E-UTRA cell connected to EPC. If the UE finds a suitable E-UTRA cell connected to EPC, it then proceeds with the appropriate EMM specific procedures and, if necessary, ESM procedures to make a PDN connection providing access to IMS available; see subclause 4.8.2 and 3GPP TS 24.301 [15]; and

2) if the UE is operating in the dual-registration mode, the UE may proceed in S1 mode with the appropriate EMM specific procedures and ESM procedures to make a PDN connection providing access to IMS available; see subclause 4.8.3 and 3GPP TS 24.301 [15].

4.5.6 Mapping between access categories/access identities and RRC establishment cause

When 5GMM requests the establishment of a NAS-signalling connection, the RRC establishment cause used by the UE shall be selected according to one or more access identities (see subclauses 4.5.2 and 4.5.2A) and the determined access category by checking the rules specified in table 4.5.6.1 and table 4.5.6.2. If the access attempt matches more than one rule, the RRC establishment cause of the lowest rule number shall be used. If the determined access category is an operator-defined access category, then the RRC establishment cause used by the UE shall be selected according to table 4.5.6.1 and table 4.5.6.2 based on one or more access identities (see subclauses 4.5.2 and 4.5.2A) and the standardized access category determined for the operator-defined access category as described in subclause 4.5.3.

NOTE 1: Following an RRC release with redirection, the lower layers can set the RRC establishment cause to "mps‑PriorityAccess" in the case of redirection to an NR cell connected to 5GCN (see 3GPP TS 38.331 [30]) or to "highPriorityAccess" in the case of redirection to an E‑UTRA cell connected to 5GCN (see 3GPP TS 36.331 [25A]), if the network indicates to the UE during RRC connection release with redirection that the UE has an active MPS session.

NOTE 2: In case of the UE is acting as a 5G ProSe layer-2 UE-to-network relay UE, it is possible for the lower layer to decide an applicable RRC establishment cause according to the request from the 5G ProSe layer-2 remote UE as specified in 3GPP TS 38.331 [30].

Table 4.5.6.1: Mapping table for access identities/access categories and RRC establishment cause when establishing N1 NAS signalling connection via NR connected to 5GCN

Rule #

Access identities

Access categories

RRC establishment cause is set to

1

1

Any category

mps-PriorityAccess

2

2

Any category

mcs-PriorityAccess

3

11, 15

Any category

highPriorityAccess

4

12,13,14,

Any category

highPriorityAccess

5

0

0 (= MT_acc)

mt-Access

1 (= delay tolerant)

Not applicable (NOTE 1)

2 (= emergency)

emergency

3 (= MO_sig)

mo-Signalling

4 (= MO MMTel voice)

mo-VoiceCall

5 (= MO MMTel video)

mo-VideoCall

6 (= MO SMS and SMSoIP)

mo-SMS

7 (= MO_data)

mo-Data

9 (= MO IMS registration related signalling)

mo-Data

NOTE 1: A UE using access category 1 for the access barring check will determine a second access category in the range 3 to 7 that is to be used for determination of the RRC establishment cause. See subclause 4.5.2, table 4.5.2.2, NOTE 6.

NOTE 2: See subclause 4.5.2, table 4.5.2.1 for use of the access identities of 0, 1, 2, and 11-15.

Table 4.5.6.2: Mapping table for access identities/access categories and RRC establishment cause when establishing N1 NAS signalling connection via E-UTRA connected to 5GCN

Rule #

Access identities

Access categories

RRC establishment cause is set to

1

1

Any category

highPriorityAccess

2

2

Any category

highPriorityAccess

3

11, 15

Any category

highPriorityAccess

4

12,13,14,

Any category

highPriorityAccess

5

0

0 (= MT_acc)

mt-Access

1 (= delay tolerant)

Not applicable (NOTE 1)

2 (= emergency)

emergency

3 (= MO_sig)

mo-Signalling

4 (= MO MMTel voice)

mo-VoiceCall

5 (= MO MMTel video)

mo-VoiceCall

6 (= MO SMS and SMSoIP)

mo-Data

7 (= MO_data)

mo-Data

9 (= MO IMS registration related signalling)

mo-Data

10 (= MO exception data)

mo-ExceptionData (NOTE 3)

NOTE 1: A UE using access category 1 for the access barring check will determine a second access category in the range 3 to 7 that is to be used for determination of the RRC establishment cause. See subclause 4.5.2, table 4.5.2.2, NOTE 6.

NOTE 2: See subclause 4.5.2, table 4.5.2.1 for use of the access identities of 0, 1, 2, and 11-15.

NOTE 3: This applies to the UE in NB-N1 mode.