部分信令包含安全上下文
The EPS security context which is indicated by an eKSI can be taken into use to establish the secure exchange of NAS messages when a new NAS signalling connection is established without executing a new EPS authentication procedure (see clause 4.4.2.3) or when the MME initiates a security mode control procedure. For this purpose the initial NAS messages (i.e. ATTACH REQUEST, TRACKING AREA UPDATE REQUEST, DETACH REQUEST, SERVICE REQUEST, EXTENDED SERVICE REQUEST, and CONTROL PLANE SERVICE REQUEST) and the SECURITY MODE COMMAND message contain an eKSI in the NAS key set identifier IE or the value part of eKSI in the KSI and sequence number IE indicating the current EPS security context used to integrity protect the NAS message. 1
部分信令在安全上下文建立之前可以被处理
Except the messages listed below, no NAS signalling messages shall be processed by the receiving EMM entity in the MME or forwarded to the ESM entity, unless the secure exchange of NAS messages has been established for the NAS signalling connection:2
- ATTACH REQUEST;
- IDENTITY RESPONSE (if requested identification parameter is IMSI);
- AUTHENTICATION RESPONSE;
- AUTHENTICATION FAILURE;
- SECURITY MODE REJECT;
- DETACH REQUEST;
- DETACH ACCEPT;
- TRACKING AREA UPDATE REQUEST.
Once a current EPS security context exists, until the secure exchange of NAS messages has been established for the NAS signalling connection, the receiving EMM entity in the MME shall process the following NAS signalling messages, even if the MAC included in the message fails the integrity check or cannot be verified, as the EPS security context is not available in the network:
- ATTACH REQUEST;
- IDENTITY RESPONSE (if requested identification parameter is IMSI);
- AUTHENTICATION RESPONSE;
- AUTHENTICATION FAILURE;
- SECURITY MODE REJECT;
- DETACH REQUEST;
- DETACH ACCEPT;
- TRACKING AREA UPDATE REQUEST;
- SERVICE REQUEST;
- EXTENDED SERVICE REQUEST;
- CONTROL PLANE SERVICE REQUEST.
UE收到detach request (Re-attach not required)
The network shall stop timer T3422 upon receipt of the DETACH ACCEPT message. If the Detach type IE indicates “IMSI detach”, or “re-attach not required” and the EMM cause value is #2 “IMSI unknown in HSS”, the network shall not change the current EMM state; otherwise the network shall enter state EMM-DEREGISTERED.
5.5.2.3.4 Abnormal cases in the UE
The following abnormal cases can be identified:
a) Transmission failure of DETACH ACCEPT message indication from lower layers
The detach procedure shall be progressed and the UE shall send the DETACH ACCEPT message.
b) DETACH REQUEST, other EMM cause values than those treated in clause 5.5.2.3.2 or no EMM cause IE is included, and the Detach type IE indicates “re-attach not required”
The UE shall delete any GUTI, TAI list, last visited registered TAI, list of equivalent PLMNs, KSI, shall set the update status to EU2 NOT UPDATED and shall start timer T3402.
A UE operating in CS/PS mode 1 or CS/PS mode 2 of operation which is IMSI attached for non-EPS services is still IMSI attached for non-EPS services and shall set the update status to U2 NOT UPDATED.
A UE not supporting any of A/Gb mode, Iu mode or N1 mode may enter the state EMM-DEREGISTERED.PLMN-SEARCH in order to perform a PLMN selection according to 3GPP TS 23.122 [6]; otherwise the UE shall enter the state EMM-DEREGISTERED.ATTEMPTING-TO-ATTACH.
A UE supporting A/Gb mode, Iu mode or N1 mode shall
- enter the state EMM-DEREGISTERED and attempt to select GERAN, UTRAN, or NR radio access technology and proceed with the appropriate MM, GMM or 5GMM specific procedures. In this case, the UE may disable the E-UTRA capability (see clause 4.5);
- enter the state EMM-DEREGISTERED.PLMN-SEARCH in order to perform a PLMN selection according to 3GPP TS 23.122 [6]; or
- enter the state EMM-DEREGISTERED.ATTEMPTING-TO-ATTACH.
If A/Gb mode or Iu mode is supported by the UE, the UE shall set the GPRS update status to GU2 NOT UPDATED and shall delete the GMM parameters P-TMSI, P-TMSI signature, RAI, GPRS ciphering key sequence number and shall enter the state GMM-DEREGISTERED.
If the UE is operating in single-registration mode, the UE shall in addition set the 5GMM state to 5GMM-DEREGISTERED, 5GS update status to 5U2 NOT UPDATED, and shall delete any 5G-GUTI, last visited registered TAI, TAI list and ngKSI.
扫一扫
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
