The user identification shall be either the root NAI, or the decorated NAI, when the UE accesses the EPC via non-3GPP access networks, and gets authentication, authorization and accounting services from the EPC.
For emergency services over WLAN:
if IMSI is not available (i.e. a UE without USIM), the IMEI shall be used for the identification, as user part of the emergency NAI and the UE shall use a specific domain in the realm part of the NAI as specified in TS 23.003; or
if the UE has an IMSI, it shall use the IMSI for the identification, as user part of the emergency NAI.
For handover of an emergency session from E-UTRAN to a S2a based cdma2000® HRPD access network, if IMSI is not available (i.e. a UE without USIM) or IMSI is unauthenticated, the IMEI shall be used for the identification, as part of the emergency NAI as defined.
The UE's Mobile Identity IMEI or IMEISV is conveyed to the network (see subclause 6.4
and subclause 7
) and used to enable consistent services for the UE accessing the network via non-3GPP access or to support the emergency services over WLAN for the unauthenticated UEs.
User identification in non-3GPP accesses may require additional identities that are out of the scope of 3GPP.
and TS 23.003
provide definitions for UE and user identities although they use slightly different terms. Similar terms are also used in TS 33.402
. The following list provides term equivalencies and describes the relation between various user identities.
The Root NAI is to be used as the permanent identity as specified in TS 33.402.
The Fast-Reauthentication NAI is to be used as the Fast-Reauthentication Identity or the re-authentication ID as specified in TS 33.402.
The Pseudonym Identity is to be used as the Pseudonym as specified in TS 33.402.
4.4.2 Identification of IP Services/PDN connections Word‑p. 21
For access to EPC the Access Point Name (APN) is used for identifying IP services/PDN connections. The detailed definition of APN as used for access to EPC is specified in TS 23.003
. APN is conveyed in the IKEv2 signaling during tunnel establishment when S2b interface is used for UE to access EPC. When UE accesses EPC via S2a using trusted WLAN access network, APN is conveyed in EAP-AKA' signaling for single-connection mode (SCM) or in WLAN Control Protocol (WLCP) signaling (see TS 24.244
) for multi-connection mode (MCM)
An ePDG Fully Qualified Domain Name (ePDG FQDN) is either provisioned by the home operator or constructed by UE in either the Operator Identifier FQDN format or the Tracking/Location Area Identity FQDN format as described in subclause 220.127.116.11 of TS 23.402
, and used as input to the DNS mechanism for ePDG selection.
The detailed format of this ePDG FQDN is specified in TS 23.003
For access to EPC via S2a using a trusted non-3GPP access network, the UE uses the Access Network Identity (ANID) in the key derivation (see TS 33.402
). The handling of the Access Network Identity is described in subclause 18.104.22.168
and the generic format and specific values for the Access Network Identity are defined in subclause 8.1.1
The ANDSF Server Name (ANDSF-SN) is used for ANDSF discovery. The detailed rules are defined in subclause 22.214.171.124.1
and the format of the ANDSF-SN is specified in TS 23.003
If DSMIPv6 is used, the Home Agent IPv6 address (and optionally an IPv4 address) are needed. Within this specification, Home Agent address(es) signalling via IKEv2 between the UE and the ePDG is defined in subclause 7.4.1
4.4.7 Security Parameters Index |R10| Word‑p. 22
The Security Parameters Index (SPI, see RFC 4301
) identifies uniquely a security association between the UE and the ePDG. For the case of NBM using S2b a one to one mapping between SPI and PDN connection applies.