6.2.5 Monitor request procedure for restricted 5G ProSe direct discovery model A

24.5543GPPProximity-services (ProSe) in 5G System (5GS) protocol aspectsRelease 17Stage 3TS

6.2.5.1 General

The purpose of the monitor request procedure for restricted 5G ProSe direct discovery model A is:

a) to allow a UE participating in restricted 5G ProSe direct discovery model A to receive and process PROSE PC5 DISCOVERY messages upon a request for monitoring from upper layers as defined in 3GPP TS 23.304 [2]; or

b) to inform the 5G DDNMF that the UE wants to stop using restricted discovery filter(s) for direct discovery monitoring as defined in 3GPP TS 23.304 [2].

The UE shall only initiate the restricted 5G ProSe direct discovery model A monitor request procedure if it has been authorized for restricted 5G ProSe direct discovery model A monitoring in at least in one PLMN based on the service authorization procedure.

As a result of the monitor request procedure completing successfully, the UE obtains one or more restricted discovery filters, along with a TTL (Time-To-Live) timer T5066 for each restricted discovery filter indicating the time during which the filter is valid.

6.2.5.2 Monitor request procedure Initiation

Before initiating the monitor request procedure, the user sets the permissions for the restricted discovery using application layer mechanisms. The application client in the UE retrieves the PDUID provisioned to the UE as part of the service authorization procedure as specified in clause 5 and obtains an RPAUID associated with the UE’s PDUID and the target RPAUID(s) to be monitored from the ProSe application server. This step is performed using mechanisms that are out of scope of the present specification.

If the UE is authorized to perform ProSe direct discovery model A monitoring in at least one PLMN, it shall initiate a monitor request procedure:

a) when the UE is triggered by an upper layer application to perform restricted 5G ProSe direct discovery model A monitoring corresponding to at least one RPAUID and the UE has no valid restricted discovery filters corresponding to the requested RPAUID for that upper layer application;

b) when the TTL timer T5066 assigned by the 5G DDNMF to a Restricted discovery filter has expired and the request from upper layers to monitor that RPAUID is still in place; or

NOTE 1: To ensure service continuity if the UE needs to keep monitoring the same restricted discovery filter, the UE can initiate the monitor request procedure before the TTL timer T5066 assigned by the 5G DDNMF for a Restricted discovery filter expires.

c) when the UE needs to update a previously sent restricted 5G ProSe direct discovery model A monitoring request.

The UE shall initiate the monitor request procedure by sending a DISCOVERY_REQUEST message with:

a) a new transaction ID;

b) the RPAUID set to the RPAUID received from upper layers;

c) the command set to "monitor";

d) the discovery type set to "Restricted discovery";

e) the application identity set to the ProSe identifier of the upper layer application that requested the monitoring as specified in clause 5.2.3;

f) the ACE enabled indicator set to "application-controlled extension enabled" if application-controlled extension is required by the upper layers, or "normal" if application-controlled extension is not used;

g) the application level container set to the target RPAUIDs to monitor;

h) the discovery entry ID set to 0 if the monitoring request is a new request and set to the discovery entry ID received from the 5G DDNMF if the monitoring request is to update a previously sent monitoring request;

i) optionally, the requested timer set to 0 only when the UE wants to stop using restricted discovery filter(s) for direct discovery monitoring; and

j) the PC5 UE ciphering algorithm capability set to the UE supported ciphering algorithm(s) for ciphering the PROSE PC5 DISCOVERY message.

If restricted direct discovery model A with application-controlled extension is requested by upper layers, the application level container included in the DISCOVERY_REQUEST also contains information corresponding to the ProSe restricted code suffix, e.g., group or user-specific information.

NOTE 2: A UE can include one or multiple transactions in one DISCOVERY_REQUEST message for one or more different monitoring targets and receive corresponding <response-monitor> element or <response-reject> element in the DISCOVERY_RESPONSE message for each respective transaction. In the following description of the monitor request procedure, only one transaction is included.

Figure 6.2.5.2.1 illustrates the interaction between the UE and the 5G DDNMF in the monitor request procedure.

Figure 6.2.5.2.1: Monitor request procedure for restricted 5G ProSe direct discovery model A

6.2.5.3 Monitor request procedure accepted by the 5G DDNMF

Upon receiving a DISCOVERY_REQUEST message with the command set to "monitor" and the discovery type set to "Restricted discovery", if the requested timer is included in the DISCOVERY_REQUEST message and the requested timer is set to 0, the 5G DDNMF shall check whether there is an existing UE context containing the discovery entry identified by the discovery entry ID included in the DISCOVERY_REQUEST message. If the discovery entry exists in the UE context, the 5G DDNMF shall remove the discovery entry identified by the discovery entry ID from the UE’s context. For each of the PDUIDs corresponding to the target RPAUIDs contained the restricted discovery filters in the discovery entry, if the PDUID is PLMN-specific and that PLMN ID indicated by the PDUID is not the same as that of the PLMN to which the 5G DDNMF belongs, the 5G DDNMF shall inform the 5G DDNMF in the PLMN indicated by the PDUID to remove the corresponding discovery entry as specified in 3GPP TS 29.555 [9].

Upon receiving a DISCOVERY_REQUEST message with the command set to "monitor" and the discovery type set to "Restricted discovery", if the requested timer is not included in the DISCOVERY_REQUEST message, the 5G DDNMF shall perform the following procedure.

The 5G DDNMF shall check that the application corresponding to the ProSe identifier contained in the DISCOVERY_REQUEST message is authorized for ProSe direct discovery model A monitoring. If the application is authorized for restricted 5G ProSe direct discovery model A monitoring, the 5G DDNMF shall check whether there is an existing UE context.

If there is no associated UE context, the 5G DDNMF checks with the UDM whether the UE is authorized for restricted 5G ProSe direct discovery model A monitoring as described in 3GPP TS 29.503 [10]. The UDM provides to the 5G DDNMF the PLMN ID of the PLMN in which the UE is currently registered. If the subscription check indicates that the UE is authorized, the 5G DDNMF creates a new UE context containing the UE’s subscription parameters obtained from the UDM.

If the discovery entry ID included in the DISCOVERY_REQUEST is set to 0 then:

a) the 5G DDNMF shall use the procedure described in 3GPP TS 29.557 [19] to pass the application level container included in the DISCOVERY_REQUEST message to the ProSe application server and obtain a list of PDUID(s) , an application level container and optionally Metadata Indicator(s) corresponding to the authorized target RPAUID(s) from the ProSe application server;

b) if the ACE enabled indicator in the DISCOVERY_REQUEST message is set to "application-controlled extension enabled" and the requested application uses application-controlled extension, the 5G DDNMF shall check whether the UE is authorized to use ACE. If the UE is authorized for ACE, the 5G DDNMF shall also use the procedure described in 3GPP TS 29.557 [19] to obtain the mask(s) for monitoring a ProSe restricted suffix pool corresponding to each of the Target RPAUIDs.

NOTE 1: The ProSe application server can reject the request for some of the target RPAUIDs included in the application level container in the DISCOVERY_REQUEST message because they are ineligible to be monitored by the requesting UE. Depending on the operator policy and application layer permissions, it is possible that only a subset of valid RPAUIDs is authorized by the ProSe application server.

c) for each of the PDUIDs corresponding to an authorized target RPAUID, if the PLMN ID of the PDUID is not the same as that of the PLMN to which the 5G DDNMF belongs, then the 5G DDNMF executes the procedures defined in 3GPP TS 29.555 [9] to obtain the ProSe restricted code or ProSe restricted code prefix for the target RPAUID and creates restricted discovery filter(s). Otherwise, for each target RPAUID, the 5G DDNMF shall allocate one or more restricted discovery filter(s). If the ACE enabled indicator in the DISCOVERY_REQUEST message does not match the ACE configuration in the 5G DDNMF or ProSe application server for this application, the ACE configuration in the 5G DDNMF or ProSe application server shall be used to create Restricted discovery filter(s). Each Restricted discovery filter consists of a ProSe restricted code, one or more masks, a TTL timer T5066, optionally the target RPAUID, optionally a metadata indicator and optionally metadata associated with this RPAUID;

d) the 5G DDNMF associates the restricted discovery filters with a new discovery entry in the UE’s context; and

e) the 5G DDNMF starts timer T5067 assigned for each Restricted discovery filter. For a given restricted discovery filter, timer T5067 shall be longer than timer T5066. By default, the value of timer T5067 is 4 minutes greater than the value of timer T5066.

NOTE 2: For each target RPAUID, the 5G DDNMF either allocates one restricted discovery filter for full-matching the ProSe restricted code assigned to this RPAUID, or allocates one or more restricted discovery filter(s) for matching the ProSe restricted code prefix and suffix pool assigned to this RPAUID.

If the discovery entry ID included in the DISCOVERY_REQUEST message is not set to 0 and if there is an existing discovery entry for this discovery entry ID in the UE’s context, the 5G DDNMF shall check whether the UE is authorized for restricted 5G ProSe direct discovery model A monitoring. If the UE is authorized, the 5G DDNMF shall process the request as above-mentioned and update this discovery entry with the contents of the restricted discovery filter(s) associated with this discovery entry and restart timer T5067(s) for each filter. The update of a restricted discovery filter content includes setting new TTL timer(s) and if necessary, obtaining new ProSe restricted code and ProSe restricted mask(s) via the procedure defined in 3GPP TS 29.555 [9].

If the discovery entry ID contained in the DISCOVERY_REQUEST message is not found in the UE context or there is no UE context in the 5G DDNMF, the 5G DDNMF shall behave as if the discovery entry ID included in the DISCOVERY_REQUEST message was set to 0 and the 5G DDNMF shall allocate a new non-zero discovery entry ID for this entry.

Then the 5G DDNMF shall send a DISCOVERY_RESPONSE message containing a <restricted-monitor-response> element with:

a) the transaction ID set to the value of the transaction ID received in the DISCOVERY_REQUEST message from the UE;

b) one or more restricted discovery filter(s) allocated by the 5G DDNMF(s) for the authorized target RPAUID(s);

c) the ACE enabled indicator set to "application-controlled extension enabled" if application-controlled extension is used, or "normal" if application-controlled extension is not used;

d) the discovery entry ID set to the ID of the discovery entry associated with this monitor request;

e) the application level container set to the application-level data received from the ProSe application server;

f) the coding-receiving security parameter containing the security-related information needed by the UE to undo the protection applied by the announcing UE;

g) the current time set to the current UTC-based time at the 5G DDNMF and the max offset;

h) optionally, the PC5 security policies that are associated with the ProSe restricted code and used for 5G ProSe direct link establishment procedure instead of any PC5 security policies configured in the UE as specified in clause 5; and

i) the selected PC5 ciphering algorithm set to the PC5 ciphering algorithm selected by the 5G DDNMF if the received PC5 UE ciphering algorithm capability includes the selected PC5 ciphering algorithm associated with the ProSe restricted code corresponding to the restricted discovery filter(s).

If T5067 expires, the 5G DDNMF shall remove the corresponding restricted discovery filter from the discovery entry in the UE’s context. Furthermore, if there are no valid restricted discovery filters associated with the discovery entry (e.g., all restricted discovery filters have expired), the 5G DDNMF shall delete the discovery entry from the UE’s context.

The 5G DDNMF uses the information (e.g. application identity) received from the UE in the DISCOVERY_REQUEST message, UE identity in GBA or AKMA information related to TLS tunnel transporting the DISCOVERY_REQUEST message, and other information for charging purposes as specified in 3GPP TS 32.277 [45].

6.2.5.4 Monitor request procedure completion by the UE

Upon receipt of the DISCOVERY_RESPONSE message, if only the transaction ID and the discovery entry ID are contained in <restricted-monitor-response> element and the transaction ID and the discovery entry ID match the corresponding values sent by the UE in a DISCOVERY_REQUEST message with the command set to "monitor", the UE shall:

a) stop TTL timer T5066 for each Restricted discovery filter in the discovery entry identified by the discovery entry ID;

b) remove the discovery entry identified by the discovery entry ID; and

c) instruct the lower layers to stop monitoring.

Upon receipt of the DISCOVERY_RESPONSE message, if the transaction ID contained in the <restricted-monitor-response> element matches the value sent by the UE in a DISCOVERY_REQUEST message with the command set to "monitor" and, the UE shall process as follow:

a) if the DISCOVERY_RESPONSE creates a new discovery entry, start the TTL timer T5066 with the received value for each restricted discovery filter information element received in the DISCOVERY_RESPONSE message; or

b) if the DISCOVERY_RESPONSE updates an existing discovery entry, the UE shall

1) stop the T5066 timer(s) of any restricted discovery filter in this discovery entry which are no longer authorized by the 5G DDNMF, ask lower layers to stop using those filters in monitoring operation and remove the corresponding restricted discovery filter from the discovery entry;

2) restart the T5066 timer(s) for those remain eligible; and

3) start the T5066 timer(s) for any new restricted discovery filter(s) included in the DISCOVERY_RESPONSE message.

Otherwise, the UE shall discard the DISCOVERY_RESPONSE message and shall not perform the procedures below. The UE shall set a ProSe clock (see 3GPP TS 33.503 [34]) to the value of the received current time parameter and store the received max offset parameter.

The UE shall store the selected PC5 ciphering algorithm received in the DISCOVERY_RESPONSE message for the received ProSe restricted code and use it for decryption of the restricted 5G ProSe direct discovery messages over the PC5 interface as specified in clause 6.1.3.2.3 of 3GPP TS 33.503 [34].

The UE may perform monitoring for discovery messages received over the PC5 interface as described in clause 6.2.14.2.1.4.

6.2.5.5 Monitor request procedure not accepted by the 5G DDNMF

If the DISCOVERY_REQUEST message is not accepted by the 5G DDNMF, the 5G DDNMF shall send a DISCOVERY_RESPONSE message containing a <response-reject> element to the UE including an appropriate PC3a control protocol cause value.

If the application corresponding to the ProSe identifier contained in the DISCOVERY_REQUEST message is not authorized for ProSe direct discovery monitoring, the 5G DDNMF shall send a DISCOVERY_RESPONSE message containing a <response-reject> element with PC3a control protocol cause value #1 "Invalid application".

If the RPAUID contained in the DISCOVERY_REQUEST message is unknown to the ProSe application server, the 5G DDNMF shall send a DISCOVERY_RESPONSE message containing a <response-reject> element with PC3a control protocol cause value #9 "Unknown RPAUID".

If none of the RPAUID(s) contained in the application level container in the DISCOVERY_REQUEST message is eligible to be discovered by the requesting RPAUID, the 5G DDNMF shall send a DISCOVERY_RESPONSE message containing a <response-reject> element with PC3a control protocol cause value #11 "Invalid discovery target".

If the RPAUID contained in the DISCOVERY_REQUEST message does not match the stored RPAUID for the requested discovery entry ID, the 5G DDNMF shall send a DISCOVERY_RESPONSE message containing a <response-reject> element with PC3a control protocol cause value #10 "Unknown or invalid discovery entry ID".

If the UE is not authorized for restricted 5G ProSe direct discovery monitoring, the 5G DDNMF shall send a DISCOVERY_RESPONSE message containing a <response-reject> element with PC3a control protocol cause value #3 "UE authorization failure".

If the RPAUID contained in the DISCOVERY_REQUEST message is not associated with a PDUID belonging to the requesting UE, the 5G DDNMF shall send a DISCOVERY_RESPONSE message containing a <response-reject> element with PC3a control protocol cause value #3 "UE authorization failure".

If the UE is not authorized to use ACE, but the DISCOVERY_REQUEST message contains the ACE enabled indicator set to "application-controlled extension enabled", the 5G DDNMF shall send a DISCOVERY_RESPONSE message containing a <response-reject> element with PC3a control protocol cause value #12 "UE unauthorized for discovery with application-controlled extension".

If the discovery entry ID contained in the DISCOVERY_REQUEST message is unknown to the 5G DDNMF and the requested timer is set to 0, the 5G DDNMF shall send a DISCOVERY_RESPONSE message containing a <response-reject> element with PC3a control protocol cause value #10 "Unknown or invalid discovery entry ID".

If the PC5 UE ciphering algorithm capability contained in the DISCOVERY_REQUEST message is not compatible with the selected PC5 ciphering algorithm for the target ProSe restricted code, the 5G DDNMF shall send a DISCOVERY_RESPONSE message containing a <response-reject> element with PC3a control protocol cause value #19 "Not compatible PC5 UE ciphering algorithm capability".

6.2.5.6 Abnormal cases

6.2.5.6.1 Abnormal cases in the UE

The following abnormal cases can be identified:

a) Indication from the transport layer of transmission failure of DISCOVERY_REQUEST message (e.g., after TCP retransmission timeout)

The UE shall close the existing secure connection to the 5G DDNMF, establish a new secure connection and then restart the monitor request procedure.

NOTE 1: The UE can abort this procedure when detecting loss of NG-RAN coverage in its serving PLMN.

b) No response from the 5G DDNMF after the DISCOVERY_REQUEST message has been successfully delivered (e.g., TCP ACK has been received for the DISCOVERY_REQUEST message)

The UE shall retransmit the DISCOVERY_REQUEST message.

NOTE 2: The UE can abort this procedure when detecting loss of NG-RAN coverage in its serving PLMN.

NOTE 3: The timer to trigger retransmission and the maximum number of allowed retransmissions are UE implementation specific.

c) Indication from upper layers that the request to monitor the targets contained in application level container is no longer in place after sending the DISCOVERY_REQUEST message, but before the monitor request procedure is completed

The UE shall acknowledge the DISCOVERY_RESPONSE message received from the 5G DDNMF but discard its contents and then abort the procedure.

d) Change of PLMN

If a PLMN change occurs before the monitor request procedure is completed, the procedure shall be aborted. If the UE is authorized to monitor in the new PLMN, the procedures shall be restarted once the UE is registered on the new PLMN.

6.2.5.6.2 Abnormal cases in the 5G DDNMF

The following abnormal cases can be identified:

a) Indication from the lower layer of transmission failure of DISCOVERY_RESPONSE message

After receiving an indication from lower layer that the DISCOVERY_RESPONSE message has not been successfully acknowledged, the 5G DDNMF shall abort the procedure and stop any associated timer(s) T5067, if running.