Clause 7 provides details for the configuration of the high-level LI architecture for service layer based interception. It defines aspects of the LI configuration specific to each service under consideration, while aspects concerning network over which the service is delivered (e.g. 5G) are considered in clause 6.
Clause 7.2 provides LI architecture and requirements for the CSP 3GPP subscriber database LI reporting. Central subscriber databases are common for all CSP network services, including both the network layer and the service layer. This Clause 7.2 provides requirements for both user session related interception events and requirements for reporting of changes to the subscriber information held within the 3GPP subscriber databases, which may or may not be directly related to service usage.
The UDM provides the unified data management for UE. The UDM shall have LI capabilities to generate the target UE's serving system (e.g. VPLMN Id or AMF Id related xIRI). Extending the generic LI architecture presented in clause 5, figure 7.2-1 below gives a reference point representation the LI architecture with UDM as a CP NF providing the IRI-POI functions.
[not reproduced yet]
Figure 7.2-1: LI architecture for LI at UDM
The LICF present in the ADMF receives the warrant from an LEA, derives the intercept information from the warrant and provides it to the LIPF.
The LIPF present in the ADMF provisions IRI-POI (over LI_X1) present in the UDM and MDF2. The LIPF may interact with the SIRF (over LI_SI) present in the NRF to discover the UDM in the network.
The IRI-POI present in the UDM detects the target UE's service area registration and subscription related functions, generates and delivers the xIRI to the MDF2 over LI_X2. The MDF2 generates and delivers the IRI messages based on received xIRI to the LEMF over LI_H2.
TS 33.501 defines the ability to prevent the SUPI being exposed over the 5G RAN through the use of SUCI. Where SUPI privacy is implemented by both the UDM and UE, the SUPI is not sent in the clear over the RAN. Therefore, the UDM shall ensure that the SUPI is provided to the serving AMF in both initial registration and re-registration procedures as defined in TS 33.501.
The UDM IRI-POI shall provide both the SUPI and the current SUCI in all applicable events defined in clause 184.108.40.206.
The IRI-POI present in the UDM shall generate xIRI, when the UDM detects the following specific events or information:
Subscriber record change.
Location information request.
A serving system xIRI is generated when the IRI-POI present in the UDM detects the target UE registration or re-registration related notifications. The AMF Id or the MME Id, or the VPLMN Id (when the other two are not known) is used as the serving system identifier in a serving system xIRI.
A subscriber record change xIRI is generated when the IRI-POI present in the UDM detects that the associated GPSI, or SUPI, or PEI is changed. In addition, a subscriber record change xIRI is generated when the associated GPSI or, SUPI, or PEI is de-provisioned.
A cancel location xIRI is generated when the IRI-POI present in the UDM detects that a de-registration notification is sent, or received, by the UDM.
A location information request xIRI is generated when the IRI-POI present in the UDM detects that the UDM receiving a query for the location information of the target UE from a different PLMN (e.g. inbound SMS routing) with a known PLMN Id.