Content for TS 23.259 Word version: 17.0.0
1 Scope
2 References
3 Definitions and Abbreviations.
3.1 Definitions
3.2 Abbreviations
4 PNM overview
4.1 General
4.2 PN access control concepts
...
...
1 Scope p. 5
The present document provides the procedure details and the information flows for support of Personal Network Management and Personal Area Network, including the PN redirection and PN access control applications enabled by Personal Network Management (PNM).
2 References p. 5
The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
- References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
- For a specific reference, subsequent revisions do not apply.
- For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1]
TS 22.259: "Service requirements for Personal Network Management (PNM)".
[2]
TS 23.002: "Network architecture".
[3]
TS 23.218: "IP Multimedia (IM) Session Handling; IM call model".
[4]
TS 23.228: "IP multimedia subsystem; Stage 2".
[5]
TR 21.905: "Vocabulary for 3GPP Specifications".
[6]
TS 22.002: "Bearer Services Supported by a Public Land Mobile Network (PLMN)".
[7]
TS 22.003: "Circuit Teleservices Supported by a Public Land Mobile Network (PLMN)".
[8]
TS 23.078: "Customized Applications for Mobile network Enhanced Logic (CAMEL) Phase 4; Stage 2".
[9]
TS 33.222: "Generic Authentication Architecture (GAA); Access to network application functions using Hypertext Transfer Protocol over Transport Layer Security (HTTPS)".
[10]
TS 23.018: "Basic Call Handling; Technical realization".
[11]
TS 33.220: "Generic Authentication Architecture (GAA); Generic bootstrapping architecture".
[12]
TS 23.090: "Unstructured Supplementary Service Data (USSD); Stage 2".
[13]
TS 22.085: "Closed User Group (CUG) Supplementary Services; Stage 1".
[14]
TS 23.085: "Closed User Group (CUG) supplementary service; Stage 2".
3 Definitions and Abbreviations. p. 6
3.1 Definitions p. 6
For the purposes of the present document, the following terms and definitions given in subclauses 3.1 and 4.2.1 of TS 22.259 apply:
Personal Area Network (PAN)
Personal Network (PN)
Personal Network Element (PNE)
PN UE redirection
PN access control
PN-user
PNE redirection
default UE
For the purposes of the present document, the following terms and definitions given in TS 23.002 apply:
Application Server (AS)
For the purposes of the present document, the following terms and definitions given in subclause 3.1 of TS 23.218 apply:
Initial filter criteria
Initial Request
For the purposes of the present document, the following terms and definitions given in subclause 3.1 of TS 23.228 apply:
Public user identity
Private user identity
Proxy-CSCF (P-CSCF)
Serving-CSCF (S-CSCF)
For the purposes of the present document, the following terms and definitions given in TR 21.905 apply:
User Equipment (UE)
For the purposes of the present document, the following terms and definitions given in TS 22.085 apply:
Incoming Access (IA)
Outgoing Access (OA)
For the purposes of the present document, the following terms and definitions apply:
PN UE name:
A name selected by a PN-user for a PN UE of the PN-user's PN and recorded together with other subscription data like the public/private user identity/identities by the operator in the HSS and the PNM AS by means of provisioning. A PN UE name (e.g., "MeinSchatz") for a PN UE is unique within the PN-user's PN.
3.2 Abbreviations p. 7
For the purposes of the present document, the following abbreviations apply.
CUG
Closed User Group
PAN
Personal Area Network
PN
Personal Network
PNE
Personal Network Element
PNM
Personal Network Management
4 PNM overview p. 7
4.1 General p. 7
Personal Network Management (PNM) is a home network-based application and provides the home network-based management of Personal Network (PN) consisting of multiple devices belonging to a single PN-user, as described in TS 22.259. These home network-based management functions cover the configuration of the PN-user's PN such as PN-registration, PN-deregistration, PN-configuration, PN-deconfiguration and PN-query procedures, and the operation of the PN-user's PN. Functionality enabled by the PNM comprises the PN UE redirection and the PN access control applications as described in TS 22.259. In order to provide the PN UE redirection and the PN access control applications, the PNM is realized as an AS in the IM CN subsystem as described in TS 23.002 and as a CAMEL service in the CS domain as described in TS 23.078.
4.2 PN access control concepts p. 7
The PN access control is one of the PNM applications specified in TS 22.259 that enables PN-users to exercise access control to restrict accesses to certain UE(s) of their PNs. The PN may consist of UEs which are only privately accessed, that is each UE may be accessed only by other UEs of the PN. The PN-User may additionally modify the access levels of each UE of the PN to be public or private. In this regard the PN behaves similar to a CUG as specified in TS 22.085 and TS 23.085, with Outgoing Access and whether Incoming Access is allowed for the PN UE is dependent on the PN access control list for that PN UE.
In order to perform such PN access control the PN-users need to configure a PN access control list for each UE of the PN. The configuration can be done either in a static or a dynamic way. Besides other additional information, the PN access control list of a UE within a PN contains all identities (e.g., a SIP URI) which are permitted to be used to initiate sessions to that UE. In this document, the UE of a PN that is used by the PN-user to exercise access control is referred to controller UE, whereas the UE of the PN, over which an access control is enabled, is referred to controllee UE. The controller UE of a PN-user's PN is assigned by provisioning and the controller UE can configure any UE of the PN as controllee UE. The PN access control list of the controllee UE is only configurable by the controller UE.
Figure 4.2-1: Relationship of various service profiles in PN access control
(⇒ copy of original 3GPP image)
(⇒ copy of original 3GPP image)
An example of the service profiles configuration for PN access control is shown in the above Figure 4.2-1. The arrows indicate the direction of control. Some of the aspects involved are:
- A PN-user's PN consists of two UEs, i.e., UE 1a and UE 1b, where UE 1b is the controllee UE and UE 1a is the controller UE.
- The service profile of UE 1b is referred to as the controllee UE Service Profile.
- The service profile of UE 1a is referred to as the controller UE Service Profile.
- The assignment of controller UE service profile is done during provisioning.
- Access control of UE 1b by UE 1a is performed with the help of a SIP Application Server (AS), referred to as PNM AS.
- From UE 1a, the PN-user configures a PN access control list that contains details of PN access control regarding UE 1b's service profile. This configuration is done over the Ut interface. For example: this PN access control list can contain a list of UE identities that are allowed to initiate sessions with UE 1b.
- The PNM AS executes the actual PN access control procedures.
- The PNM AS performs PN access control by utilizing the PN access control list.
- If inadequate information present in the access control list to enable PN access control, the PNM AS can query the controller UE about the information with how to precede the received initial request.
