5 Naf_ProSe Service offered by the AF
29.5573GPP5G SystemApplication Function ProSe ServiceRelease 18Stage 3TS
5.1 Introduction
Table 5.1-1 shows the Application Function ProSe Service and the corresponding Service Operations.
Table 5.1-1: Application Function ProSe Service
|
Service Name |
Service Operations |
Operation Semantics |
Example Consumer(s) |
|
Naf_ProSe |
DiscoveryAuthorization |
Request/Response |
5G DDNMF |
|
DiscoveryAuthorizationUpdateNotify |
Subscribe/Notify |
5G DDNMF |
|
|
DiscoveryAuthorizationResultUpdate |
Request/Response |
5G DDNMF |
Table 5.1-2 summarizes the corresponding APIs defined for this specification.
Table 5.1-2: API Descriptions
|
Service Name |
Clause |
Description |
OpenAPI Specification File |
apiName |
Annex |
|
Naf_ProSe |
6.1 |
Application Function ProSe Service |
TS29557_Naf_ProSe |
naf-prose |
A.2 |
5.2 Naf_ProSe Service
5.2.1 Service Description
The Naf_ProSe Service enables NF service consumers (e.g. 5G DDNMF) to request authorization for a UE of a 5G ProSe Discovery request.
This service hence supports the following functionalities:
– mapping of RPAUID and PDUID and authentication of the RPAUID(s) for restricted 5G ProSe Direct Discovery;
– allocation of a ProSe Application Code Suffix pool, if open 5G ProSe Direct Discovery with application-controlled extension is used;
– allocation of mask(s) for the ProSe Application Code Suffix(es), if open 5G ProSe Direct Discovery with application-controlled extension is used;
– allocation of a ProSe Restricted Code Suffix pool, if restricted 5G ProSe Direct Discovery with application-controlled extension is used; and
– allocation of mask(s) for ProSe Restricted Code Suffix, if restricted 5G ProSe Direct Discovery with application-controlled extension is used; and
– update of authorization information to revoke Restricted ProSe Direct Discovery permission(s).
5.2.2 Service Operations
5.2.2.1 Introduction
The service operations defined for the Naf_ProSe Service are as follows:
– DiscoveryAuthorization: It allows a NF service consumer (e.g. 5G DDNMF) to request the authorization for a UE of a 5G ProSe Direct Discovery request;
– DiscoveryAuthorizationUpdateNotify: It allows an AF to update the authorization information to revoke discovery permissions related to some other users at the NF service consumer for Restricted ProSe Direct Discovery;
– DiscoveryAuthorizationResultUpdate: It allows a NF service consumer (e.g. 5G DDNMF) to inform the AF of the revocation result associated to the update of authorization information for Restricted ProSe Direct Discovery.
5.2.2.2 DiscoveryAuthorization
5.2.2.2.1 General
The DiscoveryAuthorization service operation is used by a NF service consumer (e.g. 5G DDNMF) to obtain the authorization for a UE of a 5G ProSe Direct Discovery request, i.e. detect and identify other UEs in proximity using NR radio signals.
The following procedures are supported using the DiscoveryAuthorization Service Operation:
– Auth Request procedures (see 3GPP TS 23.304 [14], clause 6.3, and 3GPP TS 23.303 [15], clause 5.3).
5.2.2.2.2 Auth Request procedures using DiscoveryAuthorization service operation
These procedures are invoked by a NF service consumer (e.g. HPLMN 5G DDNMF) towards an AF to request the authorization for a UE to perform 5G ProSe Direct Discovery.
Figure 5.2.2.2.2-1: Authorization of Discovery Request for a UE
1. In order to request the authorization for a UE of a 5G ProSe Direct Discovery request, the NF service consumer shall send an HTTP POST request with the request URI set to "{apiRoot}/naf-prose/<apiVersion>/authorize-discovery" and the request body containing the AuthDisReqData data structure, as described in figure 5.2.2.2.2-1.
The AuthDisReqData data structure shall contain the authorization request type related to the received 5G ProSe Direct Discovery request within the "authRequestType" attribute. The remaining content of the AuthDisReqData data structure differs according to the following cases, as defined in clauses 5.2.2.2.3, 5.2.2.2.4, 5.2.2.2.5, 5.2.2.2.6 and 5.2.2.2.7.
– Open 5G ProSe Direct Discovery request with application-controlled extension initiated by an announcing UE (see clause 5.3.3 of 3GPP TS 23.303 [15]). This is defined in clause 5.2.2.2.3.
– Open 5G ProSe Direct Discovery request with application-controlled extension initiated by a monitoring UE (see clause 5.3.3 of 3GPP TS 23.303 [15]). This is defined in clause 5.2.2.2.3.
– Restricted 5G ProSe Direct Discovery request initiated by an announcing UE (see clause 5.3.3 of 3GPP TS 23.303 [15]). This is defined in clause 5.2.2.2.4.
– Restricted 5G ProSe Direct Discovery request with application-controlled extension initiated by an announcing UE (see clause 5.3.3 of 3GPP TS 23.303 [15]). This is defined in clause 5.2.2.2.5.
– Restricted 5G ProSe Direct Discovery request initiated by a monitoring UE (see clause 5.3.3 of 3GPP TS 23.303 [15]). This is defined in clause 5.2.2.2.4.
– Restricted 5G ProSe Direct Discovery request with application-controlled extension initiated by a monitoring UE (see clause 5.3.3 of 3GPP TS 23.303 [15]). This is defined in clause 5.2.2.2.5.
– Restricted 5G ProSe Direct Discovery request initiated by a discoveree UE (see clause 5.3.3A of 3GPP TS 23.303 [15]). This is defined in clause 5.2.2.2.6.
– Restricted 5G ProSe Direct Discovery request initiated by a discoverer UE (see clause 5.3.3A of 3GPP TS 23.303 [15]). This is defined in clause 5.2.2.2.7.
– Restricted 5G ProSe Direct Discovery match report (see clauses 5.3.4 and 5.3.4A of 3GPP TS 23.303 [15]). This is defined in clause 5.2.2.2.3.
2a On success, a response with HTTP "200 OK" status code shall be returned. The response body shall contain the parameters related to the 5G ProSe Direct Discovery authorization response data within the AuthDisResData data structure, which shall contain the authorization response type related to the received 5G ProSe Direct Discovery request within the "authResponseType" attribute. The remaining content of the AuthDisResData data structure also differs according to the above listed cases in step 1, as defined in clauses 5.2.2.2.3, 5.2.2.2.4, 5.2.2.2.5, 5.2.2.2.6 and 5.2.2.2.7.
2b On failure, one of the HTTP status codes listed in table 6.1.4.2.2-2 may be returned. For a 4xx/5xx response, the message body may contain a ProblemDetails structure with the "cause" attribute set to one of the application errors listed in table 6.1.7.3-1.
5.2.2.2.3 Open 5G ProSe Direct Discovery (Model A) with application-controlled extension
When Open 5G ProSe Direct Discovery (Model A) with application-controlled extension is used, the NF service consumer (e.g. 5G DDNMF) shall provide the following attributes within the AuthDisReqData data structure, as specified in clause 6.3 of 3GPP TS 23.304 [14] and clauses 5.3.3.2, 5.3.3.3, 5.3.3.4 and 5.3.3.5 of 3GPP TS 23.303 [15].
– When the 5G ProSe Direct Discovery request is initiated by an announcing UE:
– the ProSe Application ID within the "proseAppId" attribute, indicating what the UE is interested to announce;
– the allowed number of suffixes within the "allowedSuffixNum" attribute, indicating how many ProSe Application Code Suffixes the ProSe Application Server can assign for the UE;
– the application level container within the "appLevelContainer" attribute, containing the request and any relevant information for the 5G ProSe AF to assign a (set of) ProSe Application Code Suffix(es); and
– the authorization request type set to "OPEN_DISCOVERY_EXTENSION_ANNOUNCE" within the "authRequestType" attribute.
– When the 5G ProSe Direct Discovery request is initiated by a monitoring UE:
– the ProSe Application ID(s) within the "proseAppId" attribute, indicating what the UE is interested to monitor;
– the application level container within the "appLevelContainer" attribute, containing the request and information corresponding to the ProSe Application Code Suffix; and
– the authorization request type set to "OPEN_DISCOVERY_EXTENSION_MONITOR" within the "authRequestType" attribute.
If the processing of the request is successful, the 5G ProSe AF shall provide the following attributes within the AuthDisResData data structure, also as specified in clause 6.3 of 3GPP TS 23.304 [14] and clauses 5.3.3.2, 5.3.3.3, 5.3.3.4 and 5.3.3.5 of 3GPP TS 23.303 [15]:
– When the 5G ProSe Direct Discovery request is initiated by an announcing UE:
– the ProSe Application Code Suffix Pool within the "proseAppCodeSuffixPool" attribute, containing the Suffix(es) allocated by the 5G ProSe AF based on the inputs provided by the NF service consumer (e.g. 5G DDNMF) in the associated request;
– the authorization response type set to "OPEN_DISCOVERY_EXTENSION_ANNOUNCE_ACK" within the "authResponseType" attribute.
– When the 5G ProSe Direct Discovery request is initiated by a monitoring UE:
– the mask(s) for the ProSe Application Code Suffix(es) within the "proseAppMasks" attribute, corresponding to ProSe Application ID provided by the NF service consumer (e.g. 5G DDNMF) in the related request;
– the authorization response type set to "OPEN_DISCOVERY_EXTENSION_MONITOR_ACK" within the "authResponseType" attribute.
5.2.2.2.4 Restricted 5G ProSe Direct Discovery (Model A)
When Restricted 5G ProSe Direct Discovery (Model A) is used, the NF service consumer (e.g. 5G DDNMF) shall provide the following attributes within the AuthDisReqData data structure, as specified in clause 6.3 of 3GPP TS 23.304 [14] and clauses 5.3.3.2A, 5.3.3.3A, 5.3.3.4A and 5.3.3.5A of 3GPP TS 23.303 [15].
– When the 5G ProSe Direct Discovery request is initiated by an announcing UE:
– the RPAUID within the "rpauid" attribute, indicating what the UE is interested to announce; and
– the authorization request type set to "RESTRICTED_DISCOVERY_ANNOUNCE" within the "authRequestType" attribute.
– When the 5G ProSe Direct Discovery request is initiated by a monitoring UE:
– the authorization request type set to either "RESTRICTED_DISCOVERY_MONITOR" or "RESTRICTED_DISCOVERY_PERMISSION" within the "authRequestType" attribute; and
– if the authorization request type is set to "RESTRICTED_DISCOVERY_MONITOR":
– the RPAUID within the "rpauid" attribute, indicating the identity that the UE uses to obtain the permission to monitor; and
– the application level container within the "appLevelContainer" attribute, containing the Target RPAUID(s) indicating what the UE is interested to monitor;
otherwise,
– if the authorization request type is set to "RESTRICTED_DISCOVERY_PERMISSION":
– the RPAUID within the "rpauid" attribute, indicating the identity that the UE uses to obtain the permission to monitor;
– the target RPAUID within the "targetRpauid" attribute, containing the Target RPAUID;
If the processing of the request is successful, the 5G ProSe AF shall provide the following attributes within the AuthDisResData data structure, also as specified in clause 6.3 of 3GPP TS 23.304 [14] and clauses 5.3.3.2A, 5.3.3.3A, 5.3.3.4A and 5.3.3.5A of 3GPP TS 23.303 [15]:
– When the 5G ProSe Direct Discovery request is initiated by an announcing UE:
– the PDUID(s) within the "pduids" attribute, containing the PDUID(s) corresponding to the provided RPAUID; and
– the authorization response type set to "RESTRICTED_DISCOVERY_ANNOUNCE_ACK" within the "authResponseType" attribute.
– When the 5G ProSe Direct Discovery request is initiated by a monitoring UE:
– the authorization response type set to either "RESTRICTED_DISCOVERY_MONITOR_ACK" or "RESTRICTED_DISCOVERY_PERMISSION_ACK" within the "authResponseType" attribute; and
– if the authorization response type is set to "RESTRICTED_DISCOVERY_MONITOR_ACK":
– the PDUID within the "pduids" attribute, containing the PDUID corresponding to the provided RPAUID;
– a response application level container within the "appLevelContainer" attribute, containing the successfully authenticated Target RPAUID(s); and
– N sets of Target PDUID – Target RPAUID – Metadata Indicator within the "targetDataSet" attribute, containing N sets of Target PDUID – Target RPAUID – Metadata Indicator (Each Target PDUID is returned with the corresponding Target RPAUID(s) that the RPAUID is allowed to discover);
NOTE: The Metadata Indicator is optional. It indicates whether there is metadata associated with the RPAUID, and if so, whether updating this metadata is allowed.
otherwise,
– if the authorization response type is set to "RESTRICTED_DISCOVERY_PERMISSION_ACK":
– the target PDUID within the "targetPduid" attribute, containing the Target PDUID;
5.2.2.2.5 Restricted 5G ProSe Direct Discovery (Model A) with application-controlled extension
When Restricted 5G ProSe Direct Discovery (Model A) is used, the NF service consumer (e.g. 5G DDNMF) shall provide the following attributes within the AuthDisReqData data structure, as specified in clause 6.3 of 3GPP TS 23.304 [14] and clauses 5.3.3.2A, 5.3.3.3A, 5.3.3.4A and 5.3.3.5A of 3GPP TS 23.303 [15].
– When the 5G ProSe Direct Discovery request is initiated by an announcing UE:
– the RPAUID within the "rpauid" attribute, indicating what the UE is interested to announce;
– the allowed number of suffixes within the "allowedSuffixNum" attribute, indicating how many ProSe Restricted Code Suffixes the ProSe Application Server can assign for the UE;
– the authorization request type set to "RESTRICTED_DISCOVERY_EXTENSION_ANNOUNCE" within the "authRequestType" attribute.
– When the 5G ProSe Direct Discovery request is initiated by a monitoring UE:
– the RPAUID within the "rpauid" attribute, indicating the identity that the UE uses to obtain the permission to monitor; and
– the application level container within the "appLevelContainer" attribute, containing the Target RPAUID(s) indicating what the UE is interested to monitor; and
– the authorization request type set to "RESTRICTED_DISCOVERY_EXTENSION_MONITOR" within the "authRequestType" attribute.
If the processing of the request is successful, the 5G ProSe AF shall provide the following attributes within the AuthDisResData data structure, also as specified in clause 6.3 of 3GPP TS 23.304 [14] and clauses 5.3.3.2A, 5.3.3.3A, 5.3.3.4A and 5.3.3.5A of 3GPP TS 23.303 [15]:
– When the 5G ProSe Direct Discovery request is initiated by an announcing UE:
– the PDUID(s) within the "pduids" attribute, containing the PDUID(s) corresponding to the provided RPAUID; and
– the ProSe Restricted Code Suffix Pool within the "restrictedCodeSuffixPool" attribute, containing the Suffix(es) allocated by the 5G ProSe AF based on the inputs provided by the NF service consumer (e.g. 5G DDNMF) in the associated request;
– the authorization response type set to "RESTRICTED_DISCOVERY_EXTENSION_ANNOUNCE_ACK" within the "authResponseType" attribute.
– When the 5G ProSe Direct Discovery request is initiated by a monitoring UE:
– the PDUID within the "pduids" attribute, containing the PDUID corresponding to the provided RPAUID;
– a response application level container within the "appLevelContainer" attribute, containing the successfully authenticated Target RPAUID(s);
– N sets of Target PDUID – Target RPAUID – Metadata Indicator within the "targetDataSet" attribute, containing N sets of Target PDUID – Target RPAUID – Metadata Indicator (Each Target PDUID is returned with the corresponding Target RPAUID(s) that the RPAUID is allowed to discover); and
NOTE: The Metadata Indicator is optional. It indicates whether there is metadata associated with the RPAUID, and if so, whether updating this metadata is allowed.
– the authorization response type set to "RESTRICTED_DISCOVERY_EXTENSION_MONITOR_ACK" within the "authResponseType" attribute.
The AuthDisResData data structure may also include in this case:
– the mask(s) for the ProSe Restricted Code Suffix(es) within the "proSeRestrictedMasks" attribute, corresponding to each of the provided Target RPAUID(s);
5.2.2.2.6 Restricted 5G ProSe Direct Discovery (Model B)
When Restricted 5G ProSe Direct Discovery (Model B) is used, the NF service consumer (e.g. 5G DDNMF) shall provide the following attributes within the AuthDisReqData data structure, as specified in clause 6.3 of 3GPP TS 23.304 [14] and clauses 5.3.3A.2, 5.3.3A.3, 5.3.3A.4 and 5.3.3A.5 of 3GPP TS 23.303 [15].
– When the 5G ProSe Direct Discovery request is initiated by a discoveree UE:
– the RPAUID within the "rpauid" attribute, indicating what the UE is interested to announce; and
– the authorization request type set to "RESTRICTED_DISCOVERY_RESPONSE" within the "authRequestType" attribute.
– When the 5G ProSe Direct Discovery request is initiated by a discoverer UE:
– the RPAUID within the "rpauid" attribute, indicating the identity that the UE uses to obtain the permission to discover; and
– either:
– the application level container within the "appLevelContainer" attribute (e.g. if the NF service consumer is the HPLMN 5G DDNMF), containing the Target RPAUID(s) indicating what the UE is interested to discover; or
– the target RPAUID within the "targetRpauid" attribute (if the NF service consumer is a 5G DDNMF located in another PLMN), containing the Target RPAUID; and
– the authorization request type set to "RESTRICTED_DISCOVERY_QUERY" within the "authRequestType" attribute.
If the processing of the request is successful, the 5G ProSe AF shall provide the following attributes within the AuthDisResData data structure, also as specified in clause 6.3 of 3GPP TS 23.304 [14] and clauses 5.3.3A.2, 5.3.3A.3, 5.3.3A.4 and 5.3.3A.5 of 3GPP TS 23.303 [15]:
– When the 5G ProSe Direct Discovery request is initiated by a discoveree UE:
– the PDUID(s) within the "pduids" attribute, containing the PDUID(s) corresponding to the provided RPAUID; and
– the authorization response type set to "RESTRICTED_DISCOVERY_RESPONSE_ACK" within the "authResponseType" attribute.
– When the 5G ProSe Direct Discovery request is initiated by a discoverer UE:
– the PDUID within the "pduids" attribute, containing the PDUID corresponding to the provided RPAUID;
– either:
– N sets of Target PDUID – Target RPAUID within the "targetDataSet" attribute (e.g. if the NF service consumer is the HPLMN 5G DDNMF and an application level container was received in the associated request), containing N sets of Target PDUID – Target RPAUID (Each Target PDUID is returned with the corresponding Target RPAUID(s) that the RPAUID is allowed to discover); or
– the target PDUID within the "targetPduid" attribute (if the NF service consumer is a 5G DDNMF located in another PLMN and only one target RPAUID was received in the associated request), containing the Target PDUID; and
– the authorization response type set to "RESTRICTED_DISCOVERY_QUERY_ACK" within the "authResponseType" attribute.
5.2.2.2.7 Restricted 5G ProSe Direct Discovery match report
For a Restricted 5G ProSe Direct Discovery match report, the NF service consumer (e.g. 5G DDNMF) shall provide the following attributes within the AuthDisReqData data structure, as specified in clause 6.3 of 3GPP TS 23.304 [14] and clauses 5.3.4.1A, 5.3.4.2A, 5.3.4A.1 and 5.3.4A.2 of 3GPP TS 23.303 [15].
– the RPAUID within the "rpauid" attribute, indicating what the UE is interested to announce; and
– the target RPAUID within the "targetRpauid" attribute (if the NF service consumer is a 5G DDNMF located in another PLMN), containing the Target RPAUID; and
– the authorization request type set to "RESTRICTED_DISCOVERY_MATCH" within the "authRequestType" attribute.
If the processing of the request is successful, the 5G ProSe AF shall provide the following attributes within the AuthDisResData data structure, also as specified in clause 6.3 of 3GPP TS 23.304 [14] and clauses 5.3.4.1A, 5.3.4.2A, 5.3.4A.1 and 5.3.4A.2 of 3GPP TS 23.303 [15]:
– the PDUID within the "pduids" attribute, containing the PDUID corresponding to the provided RPAUID;
– the target PDUID within the "targetPduid" attribute, containing the Target PDUID;
– the metadata within the "metaData" attribute, corresponding to the Target PDUID; and
– the authorization response type set to "RESTRICTED_DISCOVERY_MATCH_ACK" within the "authResponseType" attribute.
5.2.2.3 DiscoveryAuthorizationUpdateNotify
5.2.2.3.1 General
The DiscoveryAuthorizationUpdateNotify service operation is used by an AF to update the authorization information to revoke discovery permissions relating to some other users at the NF service consumer (e.g. 5G DDNMF) for Restricted ProSe Direct Discovery. See Figure 5.2.2.3.1-1.
The following procedures are supported using the DiscoveryAuthorizationUpdateNotify Service Operation:
– Auth Update procedures (see 3GPP TS 23.303 [15], clause 5.3.6A.2).
Figure 5.2.2.3.1-1: DiscoveryAuthorizationUpdate Notification
1. The AF shall send an HTTP POST request to the callback URI of the NF consumer (e.g. 5G DDNMF). The request body shall contain the AuthUpdateData data structure.
The callback URI is provided to the AF during the Auth Request procedures defined in clause 5.2.2.2.
2a. On success, a response with an HTTP "204 No content" status code shall be returned by the NF service consumer.
2b. On failure, one of the HTTP status codes listed in Table 6.1.5.2.3.1-2 may be returned. For a 4xx/5xx response, the message body may contain a ProblemDetails data structure with the "cause" attribute set to one of the application errors listed in Table 6.1.5.2.3.1-2.
5.2.2.4 DiscoveryAuthorizationResultUpdate
5.2.2.4.1 General
The DiscoveryAuthorizationResultUpdate service operation is used by a NF service consumer (e.g. 5G DDNMF) to inform the AF of the result of the revocation request to update the authorization information for Restricted ProSe Direct Discovery. See Figure 5.2.2.4.1-1.
The following procedures are supported using the DiscoveryAuthorizationResultUpdate Service Operation:
– Auth Update Result procedures (see 3GPP TS 23.303 [15], clause 5.3.6A.2).
Figure 5.2.2.4.1-1: DiscoveryAuthorizationResultUpdate Request/Response
1. In order to inform the AF of the result of the revocation related to discovery authorization update, the NF service consumer shall send an HTTP POST request with the request URI set to "{apiRoot}/naf-prose/<apiVersion>/authorize-update-result" and the request body containing the AuthUpdateData data structure, as described in figure 5.2.2.4.1-1.
2a On success, a response with an HTTP "204 No Content" status code shall be returned by the AF.
2b On failure, one of the HTTP status codes listed in Table 6.1.4.3.2-2 may be returned. For a 4xx/5xx response, the message body may contain a ProblemDetails structure with the "cause" attribute set to one of the application errors listed in Table 6.1.4.3.2-2.