The present document aims to study the security procedures necessary to support NSWO in 5GS maintaining security and privacy of users and 5GS network nodes. In LTE, 3GPP allows Non-seamless WLAN Offload (NSWO), i.e. allow a UE to connect to a WLAN access network using SIM based access authentication via the mobile network core (as specified in TS 23.402 and in TS 33.402) and to offload selected traffic to the WLAN. This is a deployed feature in LTE networks and enables LTE UEs to connect e.g. to a Wi-Fi venue like a hotel or stadium using SIM based access authentication. This allows the use of mobile network subscription and roaming agreements for WLAN access and for offloading selected traffic to the WLAN where the selection of the traffic to offload is based on policies and where the offloaded traffic is not using 3GPP defined entities. The same feature support is missing so far in 5GS. This document tries to address this gap.

The scope of the present document is to support Non-seamless WLAN Offload (NSWO) in 5GS. The following will be studied in this document:

1. Solutions to support NSWO in 5GS.
2. Procedures to support authentication methods for the respective solutions in objective.
3. Maintain privacy of subscription identifier similar to 3GPP/non-3GPP access to 5GC, even for NSWO authentication from WLAN.

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.

• References are either specific (identified by date of publication, edition number, version number, etc.) or non specific.
• For a specific reference, subsequent revisions do not apply.
• For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.