Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TS 24.501  Word version:  18.5.0

Top   Top   Up   Prev   Next
1…   3…   4…   4.4…   4.4.3…   4.5…   4.5.3…   4.6…   4.7…   4.9…   4.15…   5…   5.2…   5.3…   5.3.2…   5.3.7…   5.3.19…   5.4…   5.4.1.3…   5.4.2…   5.4.4…   5.4.5…   5.4.6…   5.5…   5.5.1.2.4   5.5.1.2.5…   5.5.1.3…   5.5.1.3.4   5.5.1.3.5…   5.5.2…   5.6…   5.6.2…   6…   6.1.4…   6.2…   6.3…   6.3.2…   6.3.3…   6.4…   6.4.1.4…   6.4.2…   6.5…   7…   8…   8.2.9…   8.3…   9…   9.11.2…   9.11.2.10…   9.11.3…   9.11.3.4…   9.11.3.8…   9.11.3.14…   9.11.3.18C…   9.11.3.29…   9.11.3.33…   9.11.3.39…   9.11.3.45…   9.11.3.50…   9.11.3.53A…   9.11.3.68…   9.11.3.75…   9.11.4…   9.11.4.10…   9.11.4.13…   9.11.4.16…   9.11.4.30…   9.12   10…   A…   B…   C…   D…   D.6…   D.6.3…   D.6.8   D.7…

 

4.5  Unified access controlp. 70

4.5.1  Generalp. 70

When the UE needs to access the 5GS, the UE not operating as an IAB-node (see TS 23.501), not acting as a 5G ProSe layer-2 UE-to-network relay UE (see TS 23.304) whose access attempt is triggered by a 5G ProSe layer-2 remote UE, and not acting as an NCR-MT node (see TS 38.300), first performs access control checks to determine if the access is allowed. Access control checks shall be performed for the access attempts defined by the following list of events:
  1. the UE is in 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication over 3GPP access and an event that requires a transition to 5GMM-CONNECTED mode occurs; and
  2. the UE is in 5GMM-CONNECTED mode over 3GPP access or 5GMM-CONNECTED mode with RRC inactive indication and one of the following events occurs:
    1. 5GMM receives an MO-IMS-registration-related-signalling-started indication, an MO-MMTEL-voice-call-started indication, an MO-MMTEL-video-call-started indication or an MO-SMSoIP-attempt-started indication from upper layers;
    2. 5GMM receives a request from upper layers to send a mobile originated SMS over NAS unless the request triggered a service request procedure to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode;
    3. 5GMM receives a request from upper layers to send an UL NAS TRANSPORT message for the purpose of PDU session establishment unless the request triggered a service request procedure to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode;
    4. 5GMM receives a request from upper layers to send an UL NAS TRANSPORT message for the purpose of PDU session modification unless the request triggered a service request procedure to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode;
    5. 5GMM receives a request to re-establish the user-plane resources for an existing PDU session;
    6. 5GMM is notified that an uplink user data packet is to be sent for a PDU session with suspended user-plane resources;
    7. 5GMM receives a request from upper layers to send a mobile originated location request unless the request triggered a service request procedure to transition the UE from 5GMM-IDLE mode or 5GMM-IDLE mode with suspend indication to 5GMM-CONNECTED mode;
    8. 5GMM receives a request from upper layers to send a mobile originated signalling transaction towards the PCF by sending an UL NAS TRANSPORT message including a UE policy container (see TS 24.587 and TS 24.554) unless the request triggered a service request procedure to transition the UE from 5GMM-IDLE mode to 5GMM-CONNECTED mode; and
    9. 5GMM receives an indication from lower layers of the RAN timing synchronization status change, and decides to transition the UE from 5GMM-CONNECTED mode with RRC inactive indication to 5GMM-CONNECTED mode as specified in subclause 5.3.1.4.
When the NAS detects one of the above events, the NAS needs to perform the mapping of the kind of request to one or more access identities and one access category and lower layers will perform access barring checks for that request based on the determined access identities and access category.
To determine the access identities and the access category for a request, the NAS checks the reason for access, types of service requested and profile of the UE including UE configurations, against a set of access identities and access categories defined in TS 22.261, namely:
  1. a set of standardized access identities;
  2. a set of standardized access categories; and
  3. a set of operator-defined access categories, if available.
For the purpose of determining the applicable access identities from the set of standardized access identities defined in TS 22.261, the NAS shall follow the requirements set out in:
  1. subclause 4.5.2 and the rules and actions defined in Table 4.5.2.1, if the UE is not operating in SNPN access operation mode over 3GPP access; or
  2. subclause 4.5.2A and the rules and actions defined in Table 4.5.2A.1, if the UE is operating in SNPN access operation mode over 3GPP access.
In order to enable access barring checks for access attempts identified by lower layers in 5GMM-CONNECTED mode with RRC inactive indication, the UE provides the applicable access identities to lower layers.
For the purpose of determining the applicable access category from the set of standardized access categories and operator-defined access categories defined in TS 22.261, the NAS shall follow the requirements set out in:
  1. subclause 4.5.2 and the rules and actions defined in Table 4.5.2.2, if the UE is not operating in SNPN access operation mode over 3GPP access; or
  2. subclause 4.5.2A and the rules and actions defined in Table 4.5.2A.2, if the UE is operating in SNPN access operation mode over 3GPP access.
Up

4.5.2  Determination of the access identities and access category associated with a request for access for UEs not operating in SNPN access operation mode over 3GPP accessp. 72

When the UE needs to initiate an access attempt in one of the events listed in subclause 4.5.1, the UE shall determine one or more access identities from the set of standardized access identities, and one access category from the set of standardized access categories and operator-defined access categories, to be associated with that access attempt.
The set of the access identities applicable for the request is determined by the UE in the following way:
  1. for each of the access identities 1, 2, 3, 11, 12, 13, 14 and 15 in Table 4.5.2.1, the UE shall check whether the access identity is applicable in the selected PLMN, if a new PLMN is selected, or otherwise if it is applicable in the RPLMN or equivalent PLMN; and
  2. if none of the above access identities is applicable, then access identity 0 is applicable.
Access Identity number UE configuration
0UE is not configured with any parameters from this Table
1 (NOTE 1)UE is configured for multimedia priority service (MPS).
2 (NOTE 2)UE is configured for mission critical service (MCS).
3 (NOTE 3)UE for which a disaster condition applies
4-10Reserved for future use
11 (NOTE 3)Access Class 11 is configured in the UE.
12 (NOTE 3)Access Class 12 is configured in the UE.
13 (NOTE 3)Access Class 13 is configured in the UE.
14 (NOTE 3)Access Class 14 is configured in the UE.
15 (NOTE 3)Access Class 15 is configured in the UE.
NOTE 1:
Access identity 1 is valid when:
  • the USIM file EFUAC_AIC indicates the UE is configured for access identity 1 and the selected PLMN, if a new PLMN is selected, or RPLMN is the HPLMN (if the EHPLMN list is not present or is empty) or EHPLMN (if the EHPLMN list is present), or a visited PLMN of the home country (see the definition of home country in TS 24.301);
  • the UE receives the 5GS network feature support IE with the MPS indicator bit set to "Access identity 1 valid" from the RPLMN as described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4; or
  • the UE receives the Priority indicator IE with the MPS indicator bit set to "Access identity 1 valid" from the RPLMN as described in subclause 5.4.4.3.
NOTE 2:
Access identity 2 is used by UEs configured for MCS and is valid when:
  • the USIM file EFUAC_AIC indicates the UE is configured for access identity 2 and the selected PLMN, if a new PLMN is selected, or RPLMN is the HPLMN (if the EHPLMN list is not present or is empty) or EHPLMN (if the EHPLMN list is present), or a visited PLMN of the home country (see TS 23.122); or
  • the UE receives the 5GS network feature support IE with the MCS indicator bit set to "Access identity 2 valid" from the RPLMN as described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4.
NOTE 3:
Access identities 11 and 15 are valid in HPLMN (if the EHPLMN list is not present or is empty) or EHPLMN (if the EHPLMN list is present). Access Identities 12, 13 and 14 are valid in HPLMN and visited PLMNs of home country only (see the definition of home country in TS 24.301).
NOTE 4:
Access Identity 3 is valid when the UE is registering or registered for disaster roaming services (see TS 23.122).
The UE uses the MPS indicator bit of the 5GS network feature support IE or the Priority indicator IE to determine if access identity 1 is valid. Processing of the MPS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message is described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4. Processing of the MPS indicator bit of the Priority indicator IE in the CONFIGURATION UPDATE COMMAND message is described in subclause 5.4.4.3. The UE shall not consider access identity 1 to be valid when the UE is neither in the country of its HPLMN nor in an EHPLMN (if the EHPLMN list is present), until the UE receives the MPS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message or of the Priority indicator IE in the CONFIGURATION UPDATE COMMAND message being set to "Access identity 1 valid" from the RPLMN or from an equivalent PLMN.
When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), the contents of the USIM file EFUAC_AIC as specified in TS 31.102 and the rules specified in Table 4.5.2.1 are used to determine the applicability of access identity 1. When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), and the USIM file EFUAC_AIC does not indicate the UE is configured for access identity 1, the UE uses the MPS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message or of the Priority indicator IE in the CONFIGURATION UPDATE COMMAND message to determine if access identity 1 is valid. When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), and the USIM file EFUAC_AIC indicates the UE is configured for access identity 1, the MPS indicator bit of the 5GS network feature support IE and the Priority indicator IE are not applicable. When the UE is not in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), the contents of the USIM file EFUAC_AIC are not applicable.
The UE uses the MCS indicator bit of the 5GS network feature support IE to determine if access identity 2 is valid. Processing of the MCS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message is described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4. The UE shall not consider access identity 2 to be valid when the UE is not in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present) prior to receiving the MCS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message being set to "Access identity 2 valid".
When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), the contents of the USIM file EFUAC_AIC as specified in TS 31.102 and the rules specified in Table 4.5.2.1 are used to determine the applicability of access identity 2. When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), and the USIM file EFUAC_AIC does not indicate the UE is configured for access identity 2, the UE uses the MCS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message to determine if access identity 2 is valid. When the UE is in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), and the USIM file EFUAC_AIC indicates the UE is configured for access identity 2, the MCS indicator bit of the 5GS network feature support IE is not applicable. When the UE is not in the country of its HPLMN or in an EHPLMN (if the EHPLMN list is present), the contents of the USIM file EFUAC_AIC are not applicable.
The UE checks the conditions specified in subclause 4.4.3.1.1 of TS 23.122 to determine if access identity 3 is valid, and the applicability of access identity 3.
When the UE is in its HPLMN (if the EHPLMN list is not present or is empty) or in an EHPLMN (if the EHPLMN list is present), the contents of the USIM file EFACC as specified in TS 31.102 and the rules specified in Table 4.5.2.1 are used to determine the applicability of access classes 11 and 15. When the UE is not in its HPLMN (if the EHPLMN list is not present or is empty) or in an EHPLMN (if the EHPLMN list is present), access classes 11 and 15 are not applicable.
When the UE is in the country of its HPLMN, the contents of the USIM file EFACC as specified in TS 31.102 and the rules specified in Table 4.5.2.1 are used to determine the applicability of access classes 12 - 14. When the UE is not in the country of its HPLMN, access classes 12-14 are not applicable.
In order to determine the access category applicable for the access attempt, the NAS shall check the rules in Table 4.5.2.2, and use the access category for which there is a match for barring check. If the access attempt matches more than one rule, the access category of the lowest rule number shall be selected. If the access attempt matches more than one operator-defined access category definition, the UE shall select the access category from the operator-defined access category definition with the lowest precedence value (see subclause 4.5.3).
Rule # Type of access attempt Requirements to be met Access Category
1Response to paging or NOTIFICATION over non-3GPP access;
5GMM connection management procedure initiated for the purpose of transporting an LPP or SLPP message without an ongoing 5GC-MO-LR or SL-MO-LR procedure;
Access attempt to handover of ongoing MMTEL voice call, MMTEL video call or SMSoIP from non-3GPP access; or
Access attempt upon receipt of "call-pull-initiated" indication from the upper layers (see TS 24.174).
Access attempt is for MT access, or handover of ongoing MMTEL voice call, MMTEL video call or SMSoIP from non-3GPP access; or
Access attempt is made upon receipt of "call-pull-initiated" (TS 24.174)
0 (= MT_acc)
2EmergencyUE is attempting access for an emergency session (NOTE 1, NOTE 2)2 (= emergency)
3Access attempt for operator-defined access categoryUE stores operator-defined access category definitions valid in the current PLMN as specified in subclause 4.5.3, and access attempt is matching criteria of an operator-defined access category definition32-63
(= based on operator classification)
3.1Access attempt for MO exception dataUE is in NB-N1 mode and allowed to use exception data reporting (see the ExceptionDataReportingAllowed leaf of the NAS configuration MO in TS 24.368 or the USIM file EFNASCONFIG in TS 31.102), and access attempt is for MO data or for MO signalling initiated upon receiving a request from upper layers to transmit user data related to an exceptional event.10 (= MO exception data)
4Access attempt for delay tolerant service
  1. UE is configured for NAS signalling low priority or UE supporting S1 mode is configured for EAB (see the "ExtendedAccessBarring" leaf of NAS configuration MO in TS 24.368 or TS 31.102) where "EAB override" does not apply, and
  2. the UE received one of the categories a, b or c as part of the parameters for unified access control in the broadcast system information, and the UE is a member of the broadcasted category in the selected PLMN or RPLMN/equivalent PLMN
(NOTE 3, NOTE 5, NOTE 6, NOTE 7, NOTE 8)
1 (= delay tolerant)
5MO MMTel voice call; or MT MMTel voice callAccess attempt is for MO MMTel voice call or MT MMTel voice call

or for NAS signalling connection recovery during ongoing MO MMTel voice call or ongoing MT MMTel voice call (NOTE 2)
4 (= MO MMTel voice)
6MO MMTel video call; or
MT MMTel video call
Access attempt is for MO MMTel video call or MT MMTel video call
or for NAS signalling connection recovery during ongoing MO MMTel video call or ongoing MT MMTel video call (NOTE 2)
5 (= MO MMTel video)
7MO SMS over NAS or MO SMSoIP; or
MT SMSoIP
Access attempt is for MO SMS over NAS (NOTE 4) or MO SMS over SMSoIP transfer or MT SMS over SMSoIP
or for NAS signalling connection recovery during ongoing MO SMS or SMSoIP transfer or ongoing MT MMTel video call (NOTE 2)
6 (= MO SMS and SMSoIP)
7.1MO IMS registration related signallingAccess attempt is for MO IMS registration related signalling (e.g. IMS initial registration, re-registration, subscription refresh)
or for NAS signalling connection recovery during ongoing procedure for MO IMS registration related signalling (NOTE 2a)
9 (= MO IMS registration related signalling)
8UE NAS initiated 5GMM specific proceduresAccess attempt is for MO signalling3 (= MO_sig)
8.1Mobile originated location requestAccess attempt is for mobile originated location request (NOTE 9)3 (= MO_sig)
8.2Mobile originated signalling transaction towards the PCFAccess attempt is for mobile originated signalling transaction towards the PCF (NOTE 10)3 (= MO_sig)
8.3Access attempt for RAN timing synchronizationAccess attempt is for mobile originated signalling for the reconnection to the network due to RAN timing synchronization status change3 (= MO_sig)
9UE NAS initiated 5GMM connection management procedure or 5GMM NAS transport procedureAccess attempt is for MO data7 (= MO_data)
10An uplink user data packet is to be sent for a PDU session with suspended user-plane resourcesNo further requirement is to be met7 (= MO_data)
NOTE 1:
This includes 5GMM specific procedures while the service is ongoing and 5GMM connection management procedures required to establish a PDU session with request type = "initial emergency request" or "existing emergency PDU session", or to re-establish user-plane resources for such a PDU session. This further includes the service request procedure initiated with a SERVICE REQUEST message with the Service type IE set to "emergency services fallback".
NOTE 2:
Access for the purpose of NAS signalling connection recovery during an ongoing service as defined in subclause 4.5.5, or for the purpose of NAS signalling connection establishment following fallback indication from lower layers during an ongoing service as defined in subclause 4.5.5, is mapped to the access category of the ongoing service in order to derive an RRC establishment cause, but barring checks will be skipped for this access attempt.
NOTE 2a:
Access for the purpose of NAS signalling connection recovery during an ongoing procedure for MO IMS registration related signalling as defined in subclause 4.5.5, or for the purpose of NAS signalling connection establishment following fallback indication from lower layers during an ongoing procedure for MO IMS registration related signalling as defined in subclause 4.5.5, is mapped to the access category of the MO IMS registration related signalling in order to derive an RRC establishment cause, but barring checks will be skipped for this access attempt.
NOTE 3:
If the UE selects a new PLMN, then the selected PLMN is used to check the membership; otherwise the UE uses the RPLMNor a PLMN equivalent to the RPLMN.
NOTE 4:
This includes the 5GMM connection management procedures triggered by the UE-initiated NAS transport procedure for transporting the MO SMS.
NOTE 5:
The UE configured for NAS signalling low priority is not supported in this release of specification. If a UE supporting both S1 mode and N1 mode is configured for NAS signalling low priority in S1 mode as specified in TS 24.368 or TS 31.102, the UE shall ignore the configuration for NAS signalling low priority when in N1 mode.
NOTE 6:
If the access category applicable for the access attempt is 1, then the UE shall additionally determine a second access category from the range 3 to 7. If more than one access category matches, the access category of the lowest rule number shall be chosen. The UE shall use the second access category only to derive an RRC establishment cause for the access attempt.
NOTE 7:
"EAB override" does not apply, if the UE is not configured to allow overriding EAB (see the "Override_ExtendedAccessBarring" leaf of NAS configuration MO in TS 24.368 or TS 31.102), or if NAS has not received an indication from the upper layers to override EAB and the UE does not have a PDU session that was established with EAB override.
NOTE 8:
For the definition of categories a, b and c associated with access category 1, see TS 22.261. The categories associated with access category 1 are distinct from the categories a, b and c associated with EAB (see TS 22.011).
NOTE 9:
This includes:
  1. the UE-initiated NAS transport procedure for transporting a mobile originated location request;
  2. the 5GMM connection management procedure triggered by a) above; and
  3. NAS signalling connection recovery during an ongoing 5GC-MO-LR procedure.
NOTE 10:
This includes:
  1. the UE-initiated NAS transport procedure for transporting a mobile originated signalling transaction towards the PCF;
  2. the 5GMM connection management procedure triggered by a) above; and
  3. NAS signalling connection recovery during an ongoing UE-requested policy provisioning procedure for V2XP, ProSeP or both (see TS 24.587 and see TS 24.554).
Up

4.5.2A  Determination of the access identities and access category associated with a request for access for UEs operating in SNPN access operation mode over 3GPP access |R16|p. 77

When the UE needs to initiate an access attempt in one of the events listed in subclause 4.5.1, the UE shall determine one or more access identities from the set of standardized access identities, and one access category from the set of standardized access categories and operator-defined access categories, to be associated with that access attempt.
The set of the access identities applicable for the request is determined by the UE in the following way:
  1. for each of the access identities 1, 2, 11, 12, 13, 14 and 15 in Table 4.5.2A.1, the UE shall check whether the access identity is applicable in the selected SNPN, if a new SNPN is selected, or otherwise if it is applicable in the RSNPN or equivalent SNPN; and
  2. if none of the above access identities is applicable, then access identity 0 is applicable.
Access Identity number UE configuration
0UE is not configured with any parameters from this Table
1 (NOTE 1)UE is configured for multimedia priority service (MPS).
2 (NOTE 2)UE is configured for mission critical service (MCS).
3-10Reserved for future use
11 (NOTE 3)Access Class 11 is configured in the UE.
12 (NOTE 3)Access Class 12 is configured in the UE.
13 (NOTE 3)Access Class 13 is configured in the UE.
14 (NOTE 3)Access Class 14 is configured in the UE.
15 (NOTE 3)Access Class 15 is configured in the UE.
NOTE 1:
Access identity 1 is valid when:
  • the unified access control configuration in the "list of subscriber data" stored in the ME (see TS 23.122), if an entry of "list of subscriber data" is selected, or in the USIM (see TS 31.102), if the PLMN subscription is selected, indicates the UE is configured for access identity 1 in the selected SNPN, if a new SNPN is selected, or RSNPN, and the selected SNPN or the RSNPN is the subscribed SNPN, an SNPN equivalent to the subscribed SNPN, or an non-subscribed SNPN of the same country as the subscribed SNPN if the MCC of the SNPN identity of the subscribed SNPN is not the MCC of value 999;
  • the UE receives the 5GS network feature support IE with the MPS indicator bit set to "Access identity 1 valid" from the RSNPN as described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4; or
  • the UE receives the Priority indicator IE with the MPS indicator bit set to "Access identity 1 valid" from the RPLMN as described in subclause 5.4.4.3.
NOTE 2:
Access identity 2 is used by UEs configured for MCS and is valid when:
  • the unified access control configuration in the "list of subscriber data" stored in the ME (see TS 23.122), if an entry of "list of subscriber data" is selected, or in the USIM (see TS 31.102), if the PLMN subscription is selected, indicates the UE is configured for access identity 2 in the selected SNPN, if a new SNPN is selected, or RSNPN, and the selected SNPN or the RSNPN is the subscribed SNPN, or an SNPN equivalent to the subscribed SNPN, or an non-subscribed SNPN of the same country as the subscribed SNPN if the MCC of the SNPN identity of the subscribed SNPN is not the MCC of value 999; or
  • the UE receives the 5GS network feature support IE with the MCS indicator bit set to "Access identity 2 valid" from the RSNPN as described in subclause 5.5.1.2.4 and subclause 5.5.1.3.4.
NOTE 3:
Access identities 11 and 15 are valid if indicated as configured for the UE in the unified access control configuration in the "list of subscriber data" stored in the ME (see TS 23.122), if an entry of "list of subscriber data" is selected, or in the USIM (see TS 31.102), if the PLMN subscription is selected, in the selected SNPN, if a new SNPN is selected, or RSNPN, and the selected SNPN or the RSNPN is the subscribed SNPN. Access identities 12, 13 and 14 are valid if indicated as configured for the UE in the unified access control configuration in the "list of subscriber data" stored in the ME (see TS 23.122), if an entry of "list of subscriber data" is selected, or in the USIM (see TS 31.102), if the PLMN subscription is selected, in the selected SNPN, if a new SNPN is selected, or RSNPN, and the selected SNPN or the RSNPN in the subscribed SNPN or an non-subscribed SNPN of the same country as the subscribed SNPN if the MCC of the SNPN identity of the subscribed SNPN is not the MCC of value 999.
The contents of the unified access control configuration in the "list of subscriber data" stored in the ME (see TS 23.122), if an entry of "list of subscriber data" is selected, or in the USIM (see TS 31.102), if the PLMN subscription is selected, and the rules specified in Table 4.5.2A.1 are used to determine the applicability of access identity 1 in the SNPN. When the contents of the unified access control configuration in the "list of subscriber data" stored in the ME (see TS 23.122), if an entry of "list of subscriber data" is selected, or in the USIM (see TS 31.102), if the PLMN subscription is selected, do not indicate the UE is configured for access identity 1 for the SNPN, the UE uses the MPS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message and the MPS indicator bit of the Priority indicator IE in the CONFIGURATION UPDATE COMMAND message to determine if access identity 1 is valid.
The contents of the unified access control configuration in the "list of subscriber data" stored in the ME (see TS 23.122), if an entry of "list of subscriber data" is selected, or in the USIM (see TS 31.102), if the PLMN subscription is selected, and the rules specified in Table 4.5.2A.1 are used to determine the applicability of access identity 2 in the SNPN. When the contents of the unified access control configuration in the "list of subscriber data" stored in the ME (see TS 23.122), if an entry of "list of subscriber data" is selected, or in the USIM (see TS 31.102), if the PLMN subscription is selected, do not indicate the UE is configured for access identity 2 for the SNPN, the UE uses the MCS indicator bit of the 5GS network feature support IE in the REGISTRATION ACCEPT message to determine if access identity 2 is valid.
The contents of the unified access control configuration in the "list of subscriber data" stored in the ME (see TS 23.122), if an entry of "list of subscriber data" is selected, or in the USIM (see TS 31.102), if the PLMN subscription is selected, and the rules specified in Table 4.5.2A.1 are used to determine the applicability of access classes 11 to 15 in the SNPN.
In order to determine the access category applicable for the access attempt, the NAS shall check the rules in Table 4.5.2A.2, and use the access category for which there is a match for barring check. If the access attempt matches more than one rule, the access category of the lowest rule number shall be selected. If the access attempt matches more than one operator-defined access category definition, the UE shall select the access category from the operator-defined access category definition with the lowest precedence value (see subclause 4.5.3).
Rule # Type of access attempt Requirements to be met Access Category
1Response to paging or NOTIFICATION over non-3GPP access;
5GMM connection management procedure initiated for the purpose of transporting an LPP or SLPP message without an ongoing 5GC-MO-LR or SL-MO-LR procedure;
Access attempt to handover of MMTEL voice call, MMTEL video call or SMSoIP from non-3GPP access;
Access attempt upon receipt of "call-pull-initiated" indication from the upper layers (see TS 24.174)
Access attempt is for MT access, handover of ongoing MMTEL voice call, MMTEL video call or SMSoIP from non-3GPP access; or
Access attempt is made upon receipt of "call-pull-initiated" indication (TS 24.174)
0 (= MT_acc)
2EmergencyUE is attempting access for an emergency session (NOTE 1, NOTE 2)2 (= emergency)
3Access attempt for operator-defined access categoryUE stores operator-defined access category definitions valid in the SNPN as specified in subclause 4.5.3, and access attempt is matching criteria of an operator-defined access category definition32-63
(= based on operator classification)
4Access attempt for delay tolerant service
  1. UE is configured for NAS signalling low priority, and
  2. the UE received one of the categories a, b or c as part of the parameters for unified access control in the broadcast system information, and the UE is a member of the broadcasted category in the selected SNPN, RSNPN or equivalent SNPN
(NOTE 3, NOTE 5, NOTE 6, NOTE 7, NOTE 8)
1 (= delay tolerant)
5MO MMTel voice call; or
MT MMTel voice call
Access attempt is for MO MMTel voice call or MT MMTel voice call
or for NAS signalling connection recovery during ongoing MO MMTel voice call or ongoing MT MMTel voice call (NOTE 2)
4 (= MO MMTel voice)
6MO MMTel video call; or
MT MMTel video call
Access attempt is for MO MMTel video call or MT MMTel video call
or for NAS signalling connection recovery during ongoing MO MMTel video call or ongoing MT MMTel video call (NOTE 2)
5 (= MO MMTel video)
7MO SMS over NAS or MO SMSoIP; or
MT SMSoIP
Access attempt is for MO SMS over NAS (NOTE 4) or MO SMS over SMSoIP transfer or MT SMS over SMSoIP
or for NAS signalling connection recovery during ongoing MO SMS or SMSoIP transfer or MT SMS over SMSoIP (NOTE 2)
6 (= MO SMS and SMSoIP)
5MO MMTel voice callAccess attempt is for MO MMTel voice call
or for NAS signalling connection recovery during ongoing MO MMTel voice call (NOTE 2)
4 (= MO MMTel voice)
6MO MMTel video callAccess attempt is for MO MMTel video call
or for NAS signalling connection recovery during ongoing MO MMTel video call (NOTE 2)
5 (= MO MMTel video)
7MO SMS over NAS or MO SMSoIPAccess attempt is for MO SMS over NAS (NOTE 4) or MO SMS over SMSoIP transfer
or for NAS signalling connection recovery during ongoing MO SMS or SMSoIP transfer (NOTE 2)
6 (= MO SMS and SMSoIP)
7.1MO IMS registration related signallingAccess attempt is for MO IMS registration related signalling (e.g. IMS initial registration, re-registration, subscription refresh)
or for NAS signalling connection recovery during ongoing procedure for MO IMS registration related signalling (NOTE 2a)
9 (= MO IMS registration related signalling)
8UE NAS initiated 5GMM specific proceduresAccess attempt is for MO signalling3 (= MO_sig)
8.1Mobile originated location requestAccess attempt is for mobile originated location request (NOTE 9)3 (= MO_sig)
8.2Mobile originated signalling transaction towards the PCFAccess attempt is for mobile originated signalling transaction towards the PCF (NOTE 10)3 (= MO_sig)
8.3Access attempt for RAN timing synchronizationAccess attempt is for mobile originated signalling for the reconnection to the network due to RAN timing synchronization status change3 (= MO_sig)
9UE NAS initiated 5GMM connection management procedure or 5GMM NAS transport procedureAccess attempt is for MO data7 (= MO_data)
10An uplink user data packet is to be sent for a PDU session with suspended user-plane resourcesNo further requirement is to be met7 (= MO_data)
NOTE 1:
Void
NOTE 2:
Access for the purpose of NAS signalling connection recovery during an ongoing service as defined in subclause 4.5.5, or for the purpose of NAS signalling connection establishment following fallback indication from lower layers during an ongoing service as defined in subclause 4.5.5, is mapped to the access category of the ongoing service in order to derive an RRC establishment cause, but barring checks will be skipped for this access attempt.
NOTE 2a:
Access for the purpose of NAS signalling connection recovery during an ongoing MO IMS registration related signalling as defined in subclause 4.5.5, or for the purpose of NAS signalling connection establishment following fallback indication from lower layers during an ongoing MO IMS registration related signalling as defined in subclause 4.5.5, is mapped to the access category of the MO IMS registration related signalling in order to derive an RRC establishment cause, but barring checks will be skipped for this access attempt.
NOTE 3:
If the UE selects a new SNPN, then the selected SNPN is used to check the membership; otherwise the UE uses the RSNPN or an SNPN equivalent to the RSNPN.
NOTE 4:
This includes the 5GMM connection management procedures triggered by the UE-initiated NAS transport procedure for transporting the MO SMS.
NOTE 5:
The UE configured for NAS signalling low priority is not supported in this release of specification.
NOTE 6:
If the access category applicable for the access attempt is 1, then the UE shall additionally determine a second access category from the range 3 to 7. If more than one access category matches, the access category of the lowest rule number shall be chosen. The UE shall use the second access category only to derive an RRC establishment cause for the access attempt.
NOTE 7:
Void.
NOTE 8:
For the definition of categories a, b and c associated with access category 1, see TS 22.261. The categories associated with access category 1 are distinct from the categories a, b and c associated with EAB (see TS 22.011).
NOTE 9:
This includes:
  1. the UE-initiated NAS transport procedure for transporting a mobile originated location request;
  2. the 5GMM connection management procedure triggered by a) above; and
  3. NAS signalling connection recovery during an ongoing 5GC-MO-LR procedure.
NOTE 10:
This includes:
  1. the UE-initiated NAS transport procedure for transporting a mobile originated signalling transaction towards the PCF;
  2. the 5GMM connection management procedure triggered by a) above; and
  3. NAS signalling connection recovery during an ongoing UE-requested policy provisioning procedure for V2XP (see TS 24.587).
Up

Up   Top   ToC