6.2.17 5G PKMF address request procedure

24.5543GPPProximity-services (ProSe) in 5G System (5GS) protocol aspectsRelease 17Stage 3TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

6.2.17.1 General

The purpose of the 5G PKMF address request procedure is to allow a UE to obtain a 5G PKMF address from the 5G DDNMF in HPLMN over PC3a interface as specified in 3GPP TS 33.503 [34] for the security procedure over user plane. A UE may initiate a 5G PKMF address request procedure:

a) when the UE needs to obtain a 5G PKMF address from the 5G DDNMF in HPLMN on demand; or

b) when the UE can not access the 5G PKMF using the 5G PKMF address provisioned by the network as specified in clause 5.2.5.

To initiate a 5G PKMF address request procedure, the UE shall be configured with the authorized parameters for 5G ProSe UE-to-network relay as specified in clause 5.2.5. Both the 5G ProSe remote UE and the 5G ProSe UE-to-network relay UE are allowed to initiate the 5G PKMF address request procedure.

NOTE: The UE is allowed to access the 5G PKMF directly without initiating a 5G PKMF address request procedure if it is pre-configured with the 5G PKMF address as specified in clause 5.2.5.

6.2.17.2 5G PKMF address request procedure initiation by the UE

The UE shall initiate the 5G PKMF address request procedure by sending a PROSE_5GPKMF_ADDRESS_REQUEST message with the <PKMF-address-request> element. In the <PKMF-address-request> element, the UE:

a) shall include a new transaction ID not used in any other direct discovery procedures in PC3a interface.

Figure 6.2.17.2.1 illustrates the interaction of the UE and the 5G DDNMF in the 5G PKMF address request procedure.

Figure 6.2.17.2.1: 5G PKMF address request procedure

6.2.17.3 5G PKMF address request procedure accepted by the 5G DDNMF

Upon receiving a PROSE_5GPKMF_ADDRESS_REQUEST message, the 5G DDNMF shall check whether the UE is authorized to act as a 5G ProSe remote UE or act as a 5G ProSe UE-to-network relay UE. If authorized, the 5G DDNMF shall then send a PROSE_5GPKMF_ADDRESS_RESPONSE message with the <PKMF-address-response> element. In the <PKMF-address-response> element, the 5G DDNMF shall include:

a) the transaction ID set to the value of the transaction ID received in the PROSE_5GPKMF_ADDRESS_REQUEST message from the UE; and

b) the PKMF address set to the value of the 5G PMKF address in the HPLMN of the UE.

6.2.17.4 5G PKMF address request procedure completed by the UE

Upon receiving the PROSE_5GPKMF_ADDRESS_RESPONSE message, if the transaction ID matches the value sent by the UE in a PROSE_5GPKMF_ADDRESS_REQUEST message, the UE shall store the received 5G PKMF address.

6.2.17.5 5G PKMF address request procedure not accepted by the 5G DDNMF

If the PROSE_5GPKMF_ADDRESS_REQUEST message cannot be accepted by the 5G DDNMF, the 5G DDNMF sends a PROSE_5GPKMF_ADDRESS_RESPONSE message containing a <PKMF-address-reject> element to the UE including an appropriate PC3a control protocol cause value and including the transaction ID set to the value of the transaction ID received in the PROSE_5GPKMF_ADDRESS_REQUEST message.

Upon receipt of the PROSE_5GPKMF_ADDRESS_RESPONSE message, if the transaction ID matches the value sent by the UE in a PROSE_5GPKMF_ADDRESS_REQUEST message, the UE shall consider the 5G PKMF address request procedure as rejected.

If the UE is not authorized for acting as a 5G ProSe remote UE or a 5G ProSe UE-to-network relay UE, the 5G DDNMF shall send the PROSE_5GPKMF_ADDRESS_RESPONSE message containing a <PKMF-address-reject> element with PC3a control protocol cause value #3 "UE authorization failure".

6.2.17.6 Abnormal cases

6.2.17.6.1 Abnormal cases in the UE

The following abnormal cases can be identified:

a) Indication from the transport layer of transmission failure of PROSE_5GPKMF_ADDRESS_REQUEST message (e.g., after TCP retransmission timeout).

The UE shall close the existing secure connection to the 5G DDNMF, establish a new secure connection and then restart the 5G PKMF address request procedure.

b) No response from the 5G DDNMF after the PROSE_5GPKMF_ADDRESS_REQUEST message has been successfully delivered (e.g., TCP ACK has been received for the PROSE_5GPKMF_ADDRESS_REQUEST message).

The UE shall retransmit the PROSE_5GPKMF_ADDRESS_REQUEST message.

NOTE: The timer to trigger retransmission and the maximum number of allowed retransmissions are UE implementation specific.

c) Change of PLMN.

If a PLMN change occurs before the 5G PKMF address request procedure is completed, the procedure shall be aborted. If the UE is authorized to initiate the 5G PKMF address request procedure in the new PLMN, the procedure shall be restarted once the UE is registered on the new PLMN.

6.2.17.6.2 Abnormal cases in the 5G DDNMF

The following abnormal cases can be identified:

a) Indication from the lower layer of transmission failure of PROSE_5GPKMF_ADDRESS_REQUEST message.

After receiving an indication from lower layer that the PROSE_5GPKMF_ADDRESS_REQUEST message has not been successfully acknowledged (e.g., TCP ACK is not received), the 5G DDNMF shall abort the procedure.