Tech-invite3GPPspaceIETF RFCsSIP
Quick21222324252627282931323334353637384‑5x

Content for  TS 24.010  Word version:  17.0.0

Top   Top   Up   Prev   Next
1…   2…   3…   4…   5…

 

4  Password managementp. 20

The password management procedures consist of two independent procedures:
password check;
password registration.

4.1  Password checkp. 20

4.1.1  Successful procedurep. 20

When the password check procedure is invoked by a parent procedure (e.g. for service activation, service deactivation, password registration), the network sends to the MS an invoke component of the operation "get password" with "password" as the value of the mandatory GuidanceInfo information element. This invoke component is embedded in a FACILITY message, since the password check procedure is always invoked during an existing transaction. The MS will return to the network the required password in the return result component of the operation. This return result component is embedded in a FACILITY message, see Figure 4.1. If the provided password is right the password check procedure returns to the parent procedure an indication of successful password check.
Copy of original 3GPP image for 3GPP TS 24.010, Fig. 4.1: Password check: successful procedure
Figure 4.1: Password check: successful procedure
(⇒ copy of original 3GPP image)
Up

4.1.2  Error casesp. 20

If no result is returned by the MS for the "Get password" operation invoked by the network, the password check procedure is terminated.
If the password value which is returned by the MS does not match the password value registered in the network, the network increments a counter and sends to the MS a Return Error component indicating "Negative Password Check". The counter is reset as soon as the right password is returned.
If the served mobile subscriber enters a wrong call barring "password" three consecutive times, the subscription option "control of services" is set to "by the service provider" in the network: thus the network makes the use of password impossible for any subscriber operation. The password check procedure returns to the parent procedure an indication of Password Attempts Violation. The password can be made valid by the service provider only.
Up

4.2  Password registrationp. 21

If the served mobile subscriber is given the possibility to control the service by the use of a password, the service provider has to register a password at provision time. Furthermore, the served mobile subscriber can change the call barring password at any time.
The password registration procedure is as follows:
When the mobile subscriber wants to register a new password the old password, the new password and the repeat of the new password shall be entered into the MS. Then the MS sends to the network an invoke component of the operation "register password".
The common SS-code for call restriction services shall be used, but if the service code is not entered by the user the MS shall include the SS-code referring to all supplementary services.
Up

4.2.1  Successful procedurep. 21

The successful procedure consists of three steps:
  • the password registration procedure invokes first the password check procedure as it is described above;
  • if the password check procedure has returned an indication of successful password check, the network sends secondly to the MS, in an invoke component of the operation "get password" with "new password?" as the value of the mandatory GuidanceInfo information element. This invoke component is embedded in a FACILITY message. The MS will return to the network the required new password in the return result component of the operation. This return result component is embedded in a FACILITY message;
  • the network sends thirdly to the MS an invoke component of the operation "get password" with "new password again?" as the value of the mandatory GuidanceInfo information element. This invoke component is embedded in a FACILITY message. The MS will return again to the network the required new password in the return result component of the operation. This return result component is embedded in a FACILITY message.
If the two values of the provided passwords are identical, the network confirms the registration of the new password by sending to the MS the return result component of the operation "register password", with the new password as a mandatory information element, see Figure 4.2.
Up

4.2.2  Error casesp. 21

If the subscription option "control of services" is set to "by the service provider" or if the WPA is greater than 3 an attempt to register a password will be denied by the network (see TS 23.011). If the counter for wrong password attempts is smaller than four, the network will return to the MS an error component with the error value "SS_SubscriptionViolation". If the counter is larger than three, the error value "Password Attempts Violation" is returned.
If the password check procedure returns an indication of negative password check, the network will send to the MS a return error component of the operation "register password" with the error value "negativePasswordCheck".
If the new password is not repeated twice identically by the mobile subscriber, the network returns to the MS an error component of the "register password" operation with the error value "passwordRegistrationFailure". The diagnostic "newPasswordsMismatch" may be passed as an error parameter. The old password remains registered.
If no result is returned by the MS for the "Get password" operation invoked by the network the "register password" procedure is terminated, and the old password remains registered.
If the format of a new password which is returned by the MS is invalid (e.g. the value does not belong to the [0000-9999] range), the network sends to the MS an error component of the "register password" operation with the error value "passwordRegistrationFailure". The diagnostic "invalidFormat" may be passed as an error parameter. The old password remains registered.
Copy of original 3GPP image for 3GPP TS 24.010, Fig. 4.2: Password registration procedure
Figure 4.2: Password registration procedure
(⇒ copy of original 3GPP image)
Up

4.3  Cross phase compatibilityp. 22

When password procedures are initiated by an MS which does not provide an SS version indicator and where errors occur in password procedures, the network shall not send the protocol error values "DataMissing", "CallBarred" or "NumberOfPWAttemptsViolation".
When an MS that supports version 2 of the SS-protocol receives the guidance values "badPW-TryAgain" or "badPW-FormatTryAgain" it shall release the transaction and notify the mobile user in the same way as if the error value "negativePasswordCheck" has been returned by the network in reply to the parent operation.
Up

Up   Top   ToC