LMF selection functionality is supported by the AMF to determine an LMF for location estimation of the target UE or Ranging/Sidelink Positioning between Target UE and SL Reference UE. The LMF selection functionality is also supported by the LMF if it determines that it is unsuitable or unable to support location for the current UE access network or serving cell for the deferred 5GC-MT-LR procedure for periodic, triggered location events, or Modification of User Plane Connection. The LMF selection functionality may also be supported by the GMLC and the GMLC provides the selected LMF ID to AMF.
LMF reselection is a functionality supported by AMF when necessary, e.g. due to UE mobility.
The LMF selection/reselection may be performed at the AMF or LMF or GMLC based on the locally available information i.e. LMF profiles are configured locally at AMF or LMF or GMLC, or by querying NRF.
The following factors may be considered during the LMF selection:
LCS client type.
Requested Quality of Service information, e.g.:
LCS accuracy,
Response time (latency),
Access Type (3GPP /N3GPP).
RAT type (e.g. 5G NR, eLTE, or any of the RAT Types specified for NR satellite access) and/or the serving AN node (i.e. gNB or NG-eNB) of the target UE.
RAN configuration information.
LMF capabilities, including:
the support of Uu based positioning as defined in clause 4.3.8;
LMF user plane positioning capabilities (the capability to support LCS-UPP).
LMF load.
LMF location.
Indication of either a single event report or multiple event reports.
Duration of event reporting.
Network slicing information, e.g. S-NSSAI and/or NSI ID.
LMF Service Area consisting of one or more TA(s).
Supported GAD shapes.
Support LCS when MBSR is involved.
Requested UE has maintained user plane connection with certain LMFs.
When receiving a NAS message from UE, including an LMF ID together with a LPP message (refer to step 25 in clause 6.3.1 for event reporting for a deferred 5GC-MT-LR), AMF sends the LPP message to the LMF, as indicated by the LMF ID.
UDM may store the LMF ID in UE subscription data. During the location procedure, GMLC received the LMF ID from the UDM and provides it to AMF.
GMLC may be configured with the following parameters:
LMF ID and/or
per group ID and its correlating LMF ID.
The AMF may use locally provisioned configuration to determine LMF based on UE identify or its group information.
When the GMLC receives a MT location request from LCS client/AF, GMLC determines the LMF ID based on the configured parameters for an LCS Client/AF. In case a group ID is provided or derived from the location request, GMLC determines the correlating LMF ID based on the provisioned group ID.
GMLC may have configuration with one or several dedicated LMF ID(s), irrelevant to any LCS client/AF. When the GMLC receives a MT location request from LCS client/AF, GMLC only determines the LMF ID within the configuration for all LCS client/AF.
More than one GMLC in the HPLMN can serve the location requests for a single UE. GMLC discovery and selection functionality is supported by AMF, LMF, NEF, LCS client and GMLC.
A LCS client may be configured with GMLC address(es). It may also determine the GMLC address by performing a DNS query.
A NEF, LMF, AMF or GMLC may be configured with GMLC address(es). Those NF may also query the NRF to get GMLC address(es).
In the following scenarios, information about the GMLC instance may be provided by UE, in such case, this GMLC instance is used:
In the deferred MT-LR procedure, when UE reports the detected event to the AMF, it may also include the (H)GMLC address.
In the MO-LR procedure, when UE initiates the LCS service request, it may also include the (H)GMLC address if the location estimation is reported to the (H)GMLC.
AMF may be configured locally a mapping table of UE identity e.g. MSISDN and GMLC address. When receiving a MO-LR, AMF determines GMLC based on local configuration.
When 3GPP access type is selected, the positioning methods for 3GPP access defined in TS 38.305 apply.
Access Type Selection for LCS Service is defined in clause 5.3.2.
N5CW device Side for Trusted WLAN Access
5G-RG side for Wireline Access
UE local IP address,
In the case of WLAN access, BSSID of the attached AP or BSSID of detected AP,
Civic address and/or geospatial location information (NOTE 1, NOTE 5, NOTE 6).
UE/N5CW device local IP address (NOTE 2).
In the case of WLAN access, BSSID of the attached AP or BSSID of detected AP,
Civic address and/or geospatial location information (NOTE 1, NOTE 5, NOTE 6).
Null
N3IWF Side for Untrusted non-3GPP Access;
TNGF Side for trusted non-3GPP Access;
TWIF Side for trusted WLAN Access;
W-AGF Side for wireline Access
UE local IP address and optionally UDP or TCP source port (NOTE 2)
UE/N5CW device local IP address and optionally UDP or TCP source port (NOTE 2),
TNAP/TWAP Id (NOTE 2)
UE local IP address and optionally UDP or TCP source port (NOTE 3).
Last known 3GPP access User Location Info (NOTE 4).
UE/N5CW device local IP address and optionally UDP or TCP source port (NOTE 2, NOTE 3).
Last known 3GPP access User Location Info (NOTE 4).
TNAP/TWAP Id (NOTE 2)
In the case of WLAN access, the UE may retrieve its location from a WLAN AP, prior or after association with the AP, requesting the Civic Location ANQP element, the Geospatial Location ANQP element or both as specified in IEEE Std 802.11-2012, using ANQP procedures described in HS2.0 Rel-12 specification.
This location information can be provided by location change event, more details can refer to clause 5.2.2.3.1 of TS 23.502.
NOTE 4:
This location information is also named as Last known Cell-Id, more details can refer to clause 5.6.2 of TS 23.501.
NOTE 5:
Geospatial location information can be obtained if UE (e.g. laptop) has installed GNSS receiver, i.e. GPS.
NOTE 6:
Some Applications (e.g. Google Map) may map the WiFi AP's BSSID with the geospatial locations obtain through GPS when the UE switch on the GPS and WiFi simultaneously. When another UE detect the same AP, the Application will send the geospatial locations to the UE. Thus the UE obtain the geospatial locations even without switch on the GPS. If the Application map the geospatial locations to civic address, the UE can also obtain the civic address.
If the UE registered to 3GPP access and non-3GPP access simultaneously, following information can be regarded as UE location information:
All location information when the UE only registered to non-3GPP access,
All location information when the UE only registered to 3GPP access, more details can refer to TS 36.305.
The positioning of a UE can be performed via either 3GPP access network or non-3GPP access network.
For a MT-LR Location Service request, in order to select the positioning access type, the GMLC uses information retrieved from the UDM and optionally serving AMFs, e.g. access type, its serving AMF identity(ies), and UE connectivity state of this access, if available, and locally configured operator policy as follows:
If only one AMF identity is provided by the UDM, the GMLC selects this AMF for UE positioning.
When the UE is concurrently served by multiple PLMNs respectively for 3GPP access and non-3GPP access, multiple AMF identities with corresponding access types may be provided by the UDM, and the GMLC selects one access type and its associated AMF, which may be based on access type and its AMF, UE connectivity state per access type information, if this is retrieved from UDM or AMFs, PLMN identity, and/or locally configured operator policy. If the location estimation result provided by this AMF cannot fulfil the QoS requirements, the GMLC may reselect another access type and its associated AMF from the candidate list provided by the UDM to perform positioning.
When AMF receives a MT-LR Location Service request, the AMF shall provide to the LMF UE connectivity state per access type as well as the QoS requirement that are received from the GMLC.
When AMF receives the event report from the UE for a periodic or triggered MT-LR Location Service, the AMF may select a LMF or use the LMF indicated by the UE as described in clause 6.4 and clause 6.3.1 and may provide the UE connectivity state per access type to the LMF.
The LMF determines the positioning access type and positioning method based on the QoS requirement, UE/network positioning capability, and UE connectivity state per access type received from the AMF and the locally configured operator policy.
An LCS client or AF may or may not be authorised to retrieve the UE location, e.g. for commercial use. UE LCS privacy is a feature which allows a UE and/or AF to control which LCS clients and AFs are and are not allowed access to UE location information. UE LCS privacy can be supported via subscription and via UE LCS privacy profile handling.
With subscription, privacy preferences for a UE are stored in a UE LCS privacy profile as part of UE subscription data in the UDM and queried from the UDM by another NF such as GMLC or NEF. The UDM may also store the UE privacy profile in the UDR. In this release of the specification, subscription of privacy preferences is restricted to the Call/Session unrelated Class as defined in clause 5.4.2.2.3 and the PLMN Operator Class as defined in clause 5.4.2.2.4.
With UE LCS privacy profile handling, the UE and/or AF can provide and update part of the UE privacy profile and provide it to the network as an update to the UDR. In this release of the specification, UE LCS privacy profile handling is restricted to the Location Privacy Indication as defined in clause 5.4.2.3.
The UE LCS privacy profile is used to indicate whether LCS requests from LCS clients and AFs are allowed or disallowed, together with the POI as defined in clause 5.4.4.
The UE LCS privacy profile shall include information related to classes of LCS client, referred to as "privacy classes", which are permitted, or conditionally permitted, to obtain location information for the UE. Privacy classes are defined in clause 9.5.3 of TS 23.271, but not all classes defined in TS 23.271 are supported in this specification. Privacy classes are supported as described below. The differences between the Privacy classes for 5GS and those for EPS are described in Annex A.
The UE LCS privacy profile also includes the Location Privacy Indication, as defined in clause 5.4.2.3, which can be provided and updated by the UE and/or AFs.
The call/session unrelated class defined in clause 9.5.3.3 of TS 23.271 is supported for a 5GC-MT-LR. The subscription options for the Call/Session unrelated Class may be assigned to an identified value added LCS Client, AF, value added LCS Client group or service type as described in clause 7.1 and comprise one of the following alternatives:
positioning allowed without notifying the UE user (default case);
positioning allowed with notification to the UE user;
positioning requires notification and verification by the UE user; positioning is allowed only if granted by the UE user or if there is no response to the notification;
positioning requires notification and verification by the UE user; positioning is allowed only if granted by the UE user.
A default subscription as described in clause 9.5.3.3 of TS 23.271 is included in the UE LCS privacy profile for any value added LCS client or AF not otherwise identified for the Call/Session unrelated Class and defines one of the following alternatives:
positioning not allowed (default case);
positioning allowed with notification to the UE user;
positioning requires notification and verification by the UE user; positioning is allowed only if granted by the UE user or if there is no response to the notification;
positioning requires notification and verification by the UE user; positioning is allowed only if granted by the UE user.
The subscription options for the Call/Session unrelated Class may further indicate additional information for each identified value added LCS client, for each identified service type and for the unidentified value added LCS clients as follows:
A valid time period for positioning;
A valid geographic area for positioning.
The UE LCS privacy profile may also indicate that any unidentified value added LCS client or an LCS Client associated with an identified service type shall provide a codeword in order to locate the UE, where the codeword is verified by either a GMLC or the UE. When verification by a GMLC is indicated, a list of one or more codewords is included as part of the UE LCS privacy profile.
The PLMN operator class defined in clause 9.5.3.4 of TS 23.271 is supported.
Besides the types of client specified in clause 9.5.3.4 of TS 23.271, the PLMN Operator Class also supports positioning by the following types of client:
NWDAF in the HPLMN (when the UE is currently being served by the HPLMN);
The Location Privacy Indication is not defined in TS 23.271. The Location Privacy Indication defines whether LCS requests for UE from any LCS clients are allowed or disallowed.
The LPI at least includes one of the following global settings (for all LCS clients and AFs):
Location for UE is disallowed (location for UE not allowed to any LCS client except where POI applies).
Location for UE is allowed (default setting, and LCS requests for UE from LCS clients are authorized based on their associated privacy classes as defined in clause 5.4.2.2).
The LPI also allows the following optional settings:
Valid time period for LPI, including start time and end time.
The LPI takes precedence on the subscribed privacy classes as defined in clause 5.4.2.2. The LPI allows a UE to override the location preference of the subscribed privacy classes. The usage of LPI is described in clause 6.1.2.
A generation or change to the LPI in UE LCS privacy profile is determined by the UE and provided to the network using N1 NAS message. It may be updated by UE any time.
An authorized AF is allowed to provision the LPI in UE LCS privacy profile for specific UE(s) via NEF.
The LPI in UE LCS privacy profile may be provided or updated by the target UE during the 5GC-MT-LR and Deferred 5GC-MT-LR Procedure for Periodic, Triggered and UE Available Location Events. The updated profile is stored into the UDR by the UDM after the interaction with the AMF. The LPI in UE LCS privacy profile shall include an indication if location is allowed or disallowed and may include a valid time period for LPI as described in clause 5.4.2.3.
In addition, a notification is sent by the UDM in order to notify the subscribed consumer i.e. GMLC and NEF about the change of UE LCS privacy profile:
Target UE identity (one or both of GPSI and SUPI);
The POI is used to determine whether the UE LCS privacy profile of the subscriber to be positioned shall be overridden by the request for location services. The POI is applicable only to regulatory services. The assignment of a POI value with an "override" or "not override" value in the LCS client profile (see clause 7.2.1) is done during the LCS client provisioning (out of scope of this specification). The type of LCS client requesting location information (i.e. emergency, law-enforcement etc.) shall determine the value of the POI assigned to the LCS client profile.
UDM provides the UE LCS privacy profile to NEF and GMLC, if the information is available.
For a 5GC_MT_LR request for immediate location, the GMLC in the HPLMN, or the HGMLC when the UE is roaming, determines whether the LCS client or NF is authorized to retrieve UE location, based on the UE privacy profile.
Authorization is determined by first verifying whether the location request is allowed according to the Location Privacy Indication (LPI) defined in clause 5.4.2.3. If the location request is not allowed, an error response is returned to the LCS client, AF, or NF. If the location request is allowed according to the LPI, authorization is next verified according to the Call/Session unrelated Class for an LCS Client or AF or according to the PLMN Operator Class for an NF.
For the Call/Session unrelated Class client types where POI does not apply, the HGMLC determines one of the following indications to be included in the location request forwarded to the serving AMF, or VGMLC in the case of roaming:
Location allowed without notification;
Location allowed with notification;
Location with notification and privacy verification; location allowed if no response;
Location with notification and privacy verification; location restricted if no response.
For PLMN Operator Class client types that are permitted to receive UE location information or where POI applies, a "location allowed without notification" is included.
For a Call/Session unrelated Class client type, which a geographic area restriction was included in the UE LCS privacy profile, the (H)GMLC performs an initial location by including a "location allowed without notification" indication in the location request sent to the VGMLC or AMF. The (H)GMLC then determines, based on the obtained location, whether location of the UE is allowed. If location of the UE is allowed subject to notification or verification, the (H)GMLC initiates a second location request to the VGMLC or serving AMF for the purpose of notification and/or verification only and includes one of the following indications in the second location request forwarded to the serving AMF, or VGMLC in the case of roaming:
Notification only
Notification and privacy verification only
When "Notification and privacy verification only" is included, the serving AMF shall report the result of privacy verification back to the (H)GMLC (i.e. location allowed, location not allowed or timeout on a response) and the (H)GMLC shall determine whether or not to return the location received for the first request back to the LCS client based or AF on this result.
For a direct NEF query to a serving AMF, or for an NEF query via the UDM, if GMLC is not involved, the NEF determines whether the AF is authorized to retrieve UE location, based on the UE LCS privacy profile.
Support of UE LCS privacy for a deferred UE location is the same as that described in clause 5.4.5 for an immediate UE location with the differences and qualifications described in this clause.
An (H)GMLC or NEF shall subscribe to notification of a change in the UE LCS privacy profile from the UDM at the start of a deferred 5GC-MT-LR procedure and shall verify UE privacy both at the start of the deferred 5GC-MT-LR procedure and for each location result returned to an LCS client or AF based on the most recent UE LCS privacy profile received from the UDM.
If the UE LCS privacy profile indicates notification or verification of a location request is required for a particular value added LCS client, the (H)GMLC indicates this in the initial location request sent to the serving AMF and the serving AMF notifies the UE or verifies the location request with the UE, as for an immediate location request, when the UE first becomes reachable. The serving AMF also indicates the type of deferred location request in the NAS Location Notification Invoke Request sent to the UE. However, the location notification or verification is not repeated for each UE location in the case of a periodic or triggered 5GC-MT-LR.
For a value added LCS client, AF, value added LCS client group or LCS service type, for which a geographic area restriction was included, the (H)GMLC includes any request for notification or verification of the location request in the initial location request sent to the serving AMF. The (H)GMLC then determines whether a location result can be returned to the LCS client or AF based on whether the location result is or is not restricted by the geographic area restriction. If the location result is allowed by the geographic area restriction, the (H)GMLC does not perform a second location request to the serving AMF for the purpose of notification and/or verification only. If the location result is not allowed by the geographic area restriction, the (H)GMLC discards the location result without notifying the LCS client or AF.