6 Wx Description

29.2343GPP3GPP system to Wireless Local Area Network (WLAN) interworkingStage 3TS

6.1 Functionality

The Wx reference point is defined between the 3GPP AAA Server and the HSS. The description of the reference point and its functionality is given in 3GPP TS 23.234 [4].

6.2 Protocols

The Wx reference point shall be Diameter based and shall have an application ID defined for it. It is defined as an IETF vendor specific Diameter application, where the vendor is 3GPP. The application identifier is to 16777219. It is assigned by IANA (http://www.iana.org/assignments/enterprise-numbers).

6.3 Procedures Description

6.3.1 Authentication Procedures

According to the requirements described in clause 6.1, Wx reference point shall enable:

  • Retrieval of authentication vectors (triplets and quintuplets) from HSS.
  • Checking of user subscription information at the HSS

This procedure is used between the 3GPP AAA Server and the HSS. The procedure is invoked by the 3GPP AAA Server when a new set of authentication information for a given subscriber is to be retrieved from an HSS. This can happen for example, when a new 3GPP subscriber has accessed the 3GPP AAA Server for authentication or when a new set of authentication information is required for one of the 3GPP subscribers already registered in the 3GPP AAA server. The procedure shall be invoked by 3GPP AAA Server when it detects that the VPLMN selected by a user has changed. This can happen, for example, when a user is performing a VPLMN re-selection procedure and is initiating a new authentication procedure via a new VPLMN.

The Wx reference point performs the authentication data download based on the reuse of the existing Cx authentication command code set (MAR/MAA), see 3GPP TS 29.228 [5] and 3GPP TS 29.229 [6]. It corresponds to the combination of the operations Auth-Info-Request and Auth-Info-Response (see 3GPP TS 23.234 [4]) and is used:

– To retrieve authentication vectors from the HSS.

– To resolve synchronization failures between the sequence numbers in the WLAN-UE and the HSS.

Table 6.3.1.1: Authentication request

Information element name

Mapping to Diameter AVP

Cat.

Description

Permanent User Identity

User-Name

M

This information element contains the permanent identity of the user, i.e. the IMSI.

Visited Network Identifier

Visited-Network-Identifier

C

Identifier that allows the home network to identify the Visited Network. The 3GPP AAA Server shall include this information element in the roaming case i.e. when 3GPP AAA Server receives this information element from signalling across the Wd.

Editor’s note: See 3GPP TS 29.229 [6] for a description of this parameter

Number Authentication Items

SIP-Number-Auth-Items

M

This information element indicates the number of authentication vectors requested

Authentication Data

SIP-Auth-Data-Item

C

See tables 6.3.1.2 and 6.3.1.3 for the contents of this information element. The content shown in table 6.3.1.2 shall be used for a normal authentication request; the content shown in table 6.3.1.3 shall be used for an authentication request after synchronization failure.

Routing Information

Destination-Host

C

If the 3GPP AAA Server knows the HSS name, this AVP shall be present.

This information is available if the 3GPP AAA Server already has the HSS name stored. The HSS name is obtained from the Origin-Host AVP, which is received from a previous command from the HSS or from the SLF.

Otherwise only the Destination-Realm is included so that it is resolved to an HSS address in an SLF-like function. Once resolved the Destination-Host AVP is included with the suitable HSS address and it is stored in the 3GPP AAA Server for further usage.

Access Type

NAS-Port-Type

M

This AVP shall contain the value 19 (Wireless – IEEE 802.11) if the user accessed the I-WLAN network by WLAN Direct IP Access and shall contain the value 5 (Virtual) if the user accessed the I-WLAN network by WLAN 3GPP IP Access, according to IETF RFC 2865 [17].

Table 6.3.1.2: Authentication Data content – request

Information element name

Mapping to Diameter AVP

Cat.

Description

Authentication Method

Authentication Method

M

This information element indicates the authentication method compatible with the smart card (SIM or USIM).

It shall contain EAP/SIM or EAP/AKA values.

Table 6.3.1.3: Authentication Data content – request, synchronization failure

Information element name

Mapping to Diameter AVP

Cat.

Description

Authentication Method

Authentication Method

M

This information element indicates the authentication method compatible with the smart card (SIM or USIM).

It shall contain EAP/SIM or EAP/AKA values.

Authorization Information

SIP-Authorization

M

It shall contain the concatenation of nonce, as sent to the terminal, and auts, as received from the terminal. Nonce and auts shall both be binary encoded.

Table 6.3.1.4: Authentication answer

Information element name

Mapping to Diameter AVP

Cat.

Description

Permanent User Identity

User-Name

M

This information element contains the permanent identity of the user, i.e. the IMSI.

Number Authentication Items

SIP-Number-Auth-Items

C

This AVP indicates the number of authentication vectors delivered in the Authentication Data information element.

It shall be present when the result is DIAMETER_SUCCESS.

Authentication Data

SIP-Auth-Data-Item

C

If the SIP-Number-Auth-Items AVP is equal to zero or it is not present, then this AVP shall not be present.

See table 6.3.1.5 for the contents of this information element.

3GPP AAA Server Name

3GPP-AAA-Server-Name

C

This AVP contains the Diameter address of the 3GPP AAA Server.

This AVP shall be sent when the user has been previously authenticated by another 3GPP AAA Server and therefore there is another 3GPP AAA Server serving the user.

Result

Result-Code / Experimental-Result

M

Result of the operation.

Result-Code AVP shall be used for errors defined in the Diameter Base Protocol.

Experimental-Result AVP shall be used for Wx errors. This is a grouped AVP which contains the 3GPP Vendor ID in the Vendor-Id AVP, and the error code in the Experimental-Result-Code AVP.

Table 6.3.1.5: Authentication Data content – response

Information element name

Mapping to Diameter AVP

Cat.

Description

Item Number

SIP-Item-Number

C

This information element shall be present in a SIP-Auth-Data-Item grouped AVP in circumstances where there are multiple occurrences of SIP-Auth-Data-Item AVPs, and the order in which they should be processed is significant.

In this scenario, SIP-Auth-Data-Item AVPs with a low SIP-Item-Number value should be processed before SIP-Auth-Data-Items AVPs with a high SIP-Item-Number value.

Authentication Method

Authentication Method

M

This information element indicates the authentication method compatible with the smart card (SIM or USIM).

It shall contain EAP/SIM or EAP/AKA values.

Authentication Information

AKA

SIP-Authenticate

C

It shall contain, binary encoded, the concatenation of the authentication challenge RAND and the token AUTN. See 3GPP TS 33.203 [3] for further details about RAND and AUTN.

It shall be present when SIP_Authentication_Scheme AVP is set to EAP/AKA.

Authorization Information

AKA

SIP-Authorization

C

It shall contain binary encoded, the expected response XRES. See 3GPP TS 33.203 [3] for further details about XRES.

It shall be present when SIP_Authentication_Scheme AVP is set to EAP/AKA.

Confidentiality Key

AKA

Confidentiality-Key

C

This information element, if present, shall contain the confidentiality key. It shall be binary encoded.

It shall be present when SIP_Authentication_Scheme AVP is set to EAP/AKA.

Integrity Key

AKA

Integrity-Key

C

This information element shall contain the integrity key. It shall be binary encoded.

It shall be present when SIP_Authentication_Scheme AVP is set to EAP/AKA.

Authentication Information SIM

Authentication_Information_SIM

C

This information element shall contain the concatenation of authentication challenge RAND and the ciphering key Kc. It shall be binary encoded.

It shall be present when SIP_Authentication_Scheme AVP is set to EAP/SIM.

Authorization Information

Authorization_Information_ SIM

C

This information element shall contain the response SRES. It shall be binary encoded.

It shall be present when SIP_Authentication_Scheme AVP is set to EAP/SIM.

6.3.1.1 Detailed behaviour

The HSS shall, in the following order (if there is an error in any of the steps, the HSS shall stop processing and return the corresponding error code):

1. Check that the user exists in the HSS. If not Experimental-Result-Code shall be set to DIAMETER_ERROR_USER_UNKNOWN.

2. Check that the user has 3GPP-WLAN subscription. If not Experimental-Result-Code shall be set to DIAMETER_ERROR_USER_NO_WLAN_SUBSCRIPTON.

3. If a Visited-Network-Identifier is present, check that the user is allowed to roam in the visited network. If the user is not allowed to roam in the visited network, Experimental-Result-Code shall be set to DIAMETER_ERROR _ROAMING_NOT_ALLOWED.

4. Check NAS-Port-Type AVP. If the access type indicates WLAN Direct IP Access, the process continues as stated in step 5. If the access type indicates WLAN 3GPP IP access, the HSS shall check the dependence permissions that the user has with regard to the access type.

– If the Access_Dependence flag of the user is set and the user has been already authenticated by WLAN Direct IP Access, the process continues as stated in step 5.

– If the Access_Dependence flag of the user is set and the user has not been already authenticated by WLAN Direct IP Access, the authentication shall be denied by sending to the 3GPP AAA Server an answer message with Experimental-Result-Code set to DIAMETER_ERROR_NO_ACCESS_INDEPENDENT_SUBSCRIPTION.

– If the Access_Dependence flag of the user is cleared, the user is allowed to request WLAN 3GPP IP access authentication with no regard to any other previous authentication, so the process continues as stated in step 5.

5. The HSS shall check if there is an existing 3GPP AAA Server already assisting the user

– If there is a 3GPP AAA Server already serving the user, the HSS shall check the request type.

  • If the request indicates there is a synchronization failure, the HSS shall compare the 3GPP AAA Server name received in the request to the 3GPP AAA Server name stored in the HSS. If they are identical, the HSS shall process AUTS as described in 3GPP TS 33.203 [3] and return the requested authentication information. The Result-Code shall be set to DIAMETER_SUCCESS.
  • If the request indicates authentication, the HSS shall return the old 3GPP AAA Server to the requester 3GPP AAA Server. The Result-Code shall be set to DIAMETER_SUCCESS.

The requester 3GPP AAA Server, upon detection of a 3GPP AAA Server name in the response assumes that the user already has a 3GPP AAA Server assigned, so makes use of Diameter redirect function to indicate the 3GPP AAA Server name where to address the authentication request. For cases where RADIUS is used over the Wa and Wd interfaces, the 3GPP AAA Server shall use procedures defined on Wa/Wd interface to refuse the connection request. For recommendations as to how to avoid the frequent occurrence of such situations and to mitigate them when they do, please refer to Annex X of this specification

– If there is no a 3GPP AAA Server already serving the user, the HSS shall store the 3GPP AAA Server name. The HSS shall download Authentication-Data-Item stored up to a maximum specified in SIP-Number-Auth-Items received in the command Multimedia-Auth-Request. The Result-Code shall be set to DIAMETER_SUCCESS.Exceptions to the cases specified here shall be treated by HSS as error situations, the Result-Code shall be set to DIAMETER_UNABLE_TO_COMPLY. No authentication information shall be returned.

NOTE: Origin-Host AVP shall contain the 3GPP AAA Server identity.

6.3.2 Location Management Procedures

6.3.2.1 WLAN Registration/DeRegistration Notification

According to the requirements described in clause 6.1, Wx reference point shall enable:

– Registration of the 3GPP AAA Server of an authorized WLAN user in the HSS.

– Retrieval of online charging / offline charging function addresses from HSS.

– Purge procedure between the 3GPP AAA Server and the HSS.

– Retrieval of WLAN subscriber profile from HSS.

This procedure is used between the 3GPP AAA Server and the HSS.

– To register the current 3GPP AAA Server address in the HSS for a given 3GPP user. This procedure is invoked by the 3GPP AAA Server after a new subscriber has been authenticated by the 3GPP AAA Server.

– To de-register the current 3GPP AAA Server address in the HSS for a given 3GPP user. When WLAN UE has disappeared from WLAN coverage or when the OCS has initiated a disconnection, the 3GPP AAA Server informs the HSS about an ongoing disconnection process and the HSS de-registers the WLAN user.

– To download the subscriber profile under 3GPP AAA Server demand. This procedure is invoked when for some reason the subscription profile of a subscriber is lost.

The Wx interface performs these functions based on the reuse of the existing Cx server assignment command code set (SAR/SAA), see 3GPP TS 29.228 [5] and 3GPP TS 29.229 [6]. It corresponds to the combination of the operations WLAN-Registration and WLAN-Registration-Confirm for the registration procedure, Purge_WLAN_INFO and Purge_WLAN_INFO_Ack for the de-registration procedure initiated by the 3GPP AAA server and Subscriber‑Profile‑Request (see 3GPP TS 23.234 [4]) for the profile download procedure initiated by the 3GPP AAA server.

Table 6.3.2.1: WLAN Registration request

Information element name

Mapping to Diameter AVP

Cat.

Description

Permanent User Identity

User-Name

M

This information element contains the permanent identity of the user, i.e. the IMSI.

Server Assignment Type

Server-Assignment-Type

M

Type of procedure the 3GPP AAA Server requests in the HSS.

When this IE contains REGISTRATION value, the HSS performs a registration of the WLAN user.

When this IE contains USER_DEREGISTRATION / ADMINISTRATIVE_DEREGISTRATION / AUTHENTICATION_FAILURE the HSS performs a de-registration of the WLAN user.

When this IE contains NO_ASSIGNMENT value, the HSS initiates the download of the subscriber user profile towards the 3GPP AAA Server, but no registration is performed.

Any other value is considered as an error case.

Routing Information (See clause 7.13)

Destination-Host

C

If the 3GPP AAA Server knows the HSS name this AVP shall be present.

This information is available if the 3GPP AAA Server already has the HSS name stored. The HSS name is obtained from the Origin-Host AVP, which is received from the HSS, e.g. included in the MAA command.

Otherwise only the Destination-Realm is included so that it is resolved to an HSS address in an SLF-like function. Once resolved the Destination‑Host AVP is included with the suitable HSS address and it is stored in the 3GPP AAA Server for further usage.

Table 6.3.2.2: Subscriber profile retrieval response

Information element name

Mapping to Diameter AVP

Cat.

Description

Permanent User Identity

User-Name

M

This information element contains the permanent identity of the user, i.e. the IMSI.

Registration result

Result-Code / Experimental-Result

M

Result of the operation.

Result-Code AVP shall be used for errors defined in the Diameter Base Protocol.

Experimental-Result AVP shall be used for Wx errors. This is a grouped AVP which contains the 3GPP Vendor ID in the Vendor-Id AVP, and the error code in the Experimental-Result-Code AVP.

User Profile

WLAN-User-Data

C

Relevant user profile.

It shall be present when Server-Assignment-Type in the request is equal to NO_ASSIGNMENT.

Charging Information

Charging-Data

C

Addresses of the charging functions.

It shall be present when Server-Assignment-Type in the request is equal to REGISTRATION or NO_ASSIGNMENT and the Result-Code is equal to DIAMETER_SUCCESS.

When this parameter is included, the Primary-Charging-Collection-Function-Name or the Primary-OCS-Charging-Function-Name shall be included. All other elements shall be included if they are available.

6.3.2.1.1 Detailed behaviour

When a new 3GPP subscriber has been authenticated by the 3GPP AAA Server, the 3GPP AAA Server initiates the registration towards the HSS. The HSS shall, in the event of an error in any of the steps, stop processing and return the corresponding error code, see 3GPP TS 29.229 [6]).

The 3GPP AAA server sends Server-Assignment-Request command to the HSS indicating the registration procedure. The subscriber is identified by the User-Name AVP.

At reception of Server-Assignment-Request command, the HSS shall perform (in the following order):

1. Check that the user is known. If not Experimental-Result-Code shall be set to DIAMETER_ERROR_USER_UNKNOWN.

2. Check the Server Assignment Type value received in the request:

– If it indicates REGISTRATION, the HSS shall check that the 3GPP AAA Server name stored for the subscriber matches the 3GPP AAA Server name received in the request, set the subscribers User Status to REGISTERED for the authenticated and authorized 3GPP subscriber and set the Result-Code AVP to DIAMETER_SUCCESS in the Server-Assignment-Response command.

– If it indicates USER_DEREGISTRATION / ADMINISTRATIVE_DEREGISTRATION / AUTHENTICATION_FAILURE, the HSS shall remove the 3GPP AAA Server name previously assigned for the 3GPP subscriber, set the User Status for the subscriber to NOT_REGISTERED and set the Result-Code AVP to DIAMETER_SUCCESS in the Server-Assignment-Response command.

– If it indicates NO_ASSIGNMENT, the HSS shall check that the 3GPP AAA Server name stored for the subscriber matches the 3GPP AAA Server name received in the request, download the relevant user identity information and set the Result-Code AVP to DIAMETER_SUCCESS in the Server-Assignment-Response command.

– If it indicates any other value, the Result-Code shall be set to DIAMETER_UNABLE_TO COMPLY, and no registration/de-registration or profile download procedure shall be performed.

NOTE: Origin-Host AVP shall contain the 3GPP AAA server identity.

Once the 3GPP AAA server has downloaded the user profile data as a result of successful registration to the HSS, the 3GPP AAA server shall create appropriate routing policies and IP filtering information according to the retrieved operator defined barring information. These routing policies and IP filtering informations are used for the subsequent W-APN authorizations.

6.3.2.2 Network Initiated De-Registration by HSS, Administrative

According to the requirements described in clause 6.1, Wx reference point shall enable:

– Purge procedure between the 3GPP AAA Server and the HSS.

This procedure is used between the 3GPP AAA Server and the HSS. When the purge procedure is initiated by the HSS, indicates that a subscription has to be removed from the 3GPP AAA Server, when the purge procedure is initiated by the 3GPP AAA Server see clause 6.3.2.1.

The Wx interface performs the cancellation of a registration initiated by the HSS based on the reuse of the existing Cx registration termination command code set (RTR/RTA), see 3GPP TS 29.228 [5] and 3GPP TS 29.229[6]. It corresponds to the combination of the operations CANCEL_WLAN_REGISTRATION and CANCEL_WLAN_REGISTRATION_ACK (see 3GPP TS 23.234 [4]).

Table 6.3.2.3: Network Initiated Deregistration by HSS request

Information element name

Mapping to Diameter AVP

Cat.

Description

Permanent User Identity

User-Name

M

This information element contains the permanent identity of the user, i.e. the IMSI.

Reason for de-registration

Deregistration-Reason

M

The HSS shall send to the 3GPP AAA server a reason for the de‑registration.

The de-registration reason is composed of two parts: one textual message (if available) that is intended to be forwarded to the user that is de‑registered, and one reason code (see 3GPP TS 29.229 [6]) that determines the behaviour of the 3GPP AAA Server.

Routing Information

Destination-Host

M

The 3GPP AAA server name is obtained from the Origin-Host AVP, which is received from the 3GPP AAA Server, e.g. included in the MAR command.

Table 6.3.2.4: Network Initiated Deregistration by HSS response

Information element name

Mapping to Diameter AVP

Cat.

Description

Result

Result-Code / Experimental-Result

M

Result of the operation.

Result-Code AVP shall be used for errors defined in the Diameter Base Protocol.

Experimental-Result AVP shall be used for Wx errors. This is a grouped AVP which contains the 3GPP Vendor ID in the Vendor-Id AVP, and the error code in the Experimental-Result-Code AVP.

6.3.2.2.1 Detailed behaviour

The HSS shall de-register the affected identity and invoke this procedure to inform the 3GPP AAA server to remove the subscribed user from the 3GPP AAA Server.

The HSS shall send in the Deregistration-Reason AVP the reason for the de-registration, composed by a textual message (if available) aimed for the user and a reason code that determines the action the 3GPP AAA server has to perform. The possible reason codes are:

– PERMANENT_TERMINATION: The WLAN subscription or service profile(s) has been permanently terminated. The HSS shall clear the user’s 3GPP AAA Server name and set the User Status to NOT_REGISTERED. The 3GPP AAA Server should start the network initiated de-registration towards the user.

6.3.3 User Data Handling

6.3.3.1 Void

6.3.3.2 HSS Initiated Update of User Profile

According to the requirements described in clause 6.1, Wx reference point shall enable:

– Indication to 3GPP AAA Server of change of WLAN subscriber profile within HSS.

This procedure is used between the 3GPP AAA Server and the HSS. The procedure is invoked by the HSS when the subscriber profile has been modified and needs to be sent to the 3GPP AAA Server. This may happen due to a modification in the HSS.

The Wx reference point performs the download of the subscriber profile initiated by the HSS based on the reuse of the existing Cx profile download command code set (PPR/PPA), see 3GPP TS 29.228 [5] and 3GPP TS 29.229[6]. It corresponds to the combination of the operations SUBSCRIBER_PROFILE and PROFILE_ACK (see 3GPP TS 23.234 [4]).

Table 6.3.3.1: User Profile Update request

Information element name

Mapping to Diameter AVP

Cat.

Description

Permanent User Identity

User-Name

M

This information element contains the permanent identity of the user, i.e. the IMSI.

User profile

WLAN-User-Data

C

Updated user profile.

It shall be present if the user profile is changed in the HSS. If the WLAN-User-Data AVP is not present, the Charging-Information AVP shall be present.

Charging Information

Charging-Data

C

Addresses of the charging functions.

If the Charging-Information AVP is not present, the WLAN-User-Data AVP shall be present.

Routing Information

Destination-Host

M

The 3GPP AAA Server name is obtained from the Origin-Host AVP, which is received from the 3GPP AAA Server, e.g. included in the MAR command.

Table 6.3.3.2: User Profile Update response

Information element name

Mapping to Diameter AVP

Cat.

Description

Result

Result-Code / Experimental-Result

M

Result of the operation.

Result-Code AVP shall be used for errors defined in the Diameter Base Protocol.

Experimental-Result AVP shall be used for Wx errors. This is a grouped AVP which contains the 3GPP Vendor ID in the Vendor-Id AVP, and the error code in the Experimental-Result-Code AVP.

6.3.3.2.1 Detailed behaviour

The HSS shall make use of this procedure to update relevant user profile or charging information in the 3GPP AAA server.

The 3GPP AAA server shall overwrite, for the subscriber identity indicated in the request, current information with the information received from the HSS, except in the error situations detailed in table 6.3.3.3.

After a successful user profile download the 3GPP AAA server shall initiate re-authentication procedure as described in sub-clause 4.3.4 if the subscriber has previously been authenticated and authorized to 3GPP Direct Access. If the subscriber has previously been authenticated and authorized to WLAN 3GPP IP Access then the 3GPP AAA server shall initiate a re-authorization procedure as described in sub-clause 8.3.5.

Table 6.3.3.3 details the valid result codes that the 3GPP AAA server can return in the response.

Table 6.3.3.3: User profile response valid result codes

Result-Code AVP value

Condition

DIAMETER_SUCCESS

The request succeeded.

DIAMETER_ERROR_USER_UNKNOWN

The request failed because the user is not found in 3GPP AAA Server.

DIAMETER_UNABLE_TO_COMPLY

The request failed.

6.4 Information Elements Contents

6.4.1 Authentication Procedures

The Multimedia-Authentication-Request (MAR) command, indicated by the Command-Code field set to 303 and the ‘R’ bit set in the Command Flags field, is sent by the 3GPP AAA Server to the HSS in order to request security information.

Message Format

< Multimedia-Authentication-Request > ::= < Diameter Header: 303, REQ, 16777219 >

< Session-Id >

{ Vendor-Specific-Application-Id }

{ Auth-Session-State }

{ Origin-Host }

{ Origin-Realm }

{ Destination-Realm }

[ Destination-Host ]

{ NAS-Port-Type }

{ User-Name}

[ Visited-Network-Identifier]

[ SIP-Auth-Data-Item ]

[ SIP-Number-Auth-Items ]

* [ AVP ]

* [ Proxy-Info ]

* [ Route-Record ]

The Multimedia-Authentication-Answer (MAA) command, indicated by the Command-Code field set to 303 and the ‘R’ bit cleared in the Command Flags field, is sent by a server in response to the Multimedia-Authentication-Request command. The Result-Code or Experimental-Result AVP may contain one of the values defined in section 6.2 of 3GPP TS 29.229 [6] in addition to the values defined in RFC 3588 [7].

Message Format

< Multimedia-Authentication-Answer > ::= < Diameter Header: 303, 16777219 >

< Session-Id >

{ Vendor-Specific-Application-Id }

[ Result-Code ]

[ Experimental-Result ]

{ Auth-Session-State }

{ Origin-Host }

{ Origin-Realm }

{ User-Name}

[ SIP-Number-Auth-Items ]

[ SIP-Auth-Data-Item ]

[ 3GPP-AAA-Server-Name ]

* [ AVP ]

* [ Proxy-Info ]

* [ Route-Record ]

6.4.2 HSS Initiated Update of User Profile

The Push-Profile-Request -Request (PPR) command, indicated by the Command-Code field set to 305 and the ‘R’ bit set in the Command Flags field, is sent by the HSS to the 3GPP AAA Server in order to update the subscription data of a WLAN user in the 3GPP AAA Server whenever a modification has occurred in the subscription data.

< Push-Profile-Request > ::= < Diameter Header: 305, REQ, 16777219 >

< Session-Id >

{ Vendor-Specific-Application-Id }

{ Auth-Session-State }

{ Origin-Host }

{ Origin-Realm }

{ Destination-Host }

{ Destination-Realm }

{ User-Name }

[ WLAN-User-Data ]

[ Charging-Data ]

*[ AVP ]

*[ Proxy-Info ]

*[ Route-Record ]

The Push-Profile-Answer (PAA) command, indicated by the Command-Code field set to 305 and the ‘R’ bit cleared in the Command Flags field, is sent by the HSS in response to the Push-Profile-Request command. The Result-Code or Experimental-Result AVP may contain one of the values defined in section 6.2 of 3GPP TS 29.229 [6] in addition to the values defined in RFC 3588 [7].

< Push-Profile-Answer > ::=< Diameter Header: 305, 16777219 >

< Session-Id >

{ Vendor-Specific-Application-Id }

[Result-Code ]

[ Experimental-Result ]

{ Auth-Session-State }

{ Origin-Host }

{ Origin-Realm }

*[ AVP ]

*[ Proxy-Info ]

*[ Route-Record ]

6.4.3 Registration procedure and Profile download in Wx

The Server-Assignment-Request (SAR) command, indicated by the Command-Code field set to 301 and the ‘R’ bit set in the Command Flags field, is sent by the 3GPP AAA Server to the HSS in order to register or deregister a WLAN user or to download the WLAN User Profile.

Message Format

< Server-Assignment-Request > ::= < Diameter Header: 301, REQ, PXY, 16777219 >

< Session-Id >

{ Vendor-Specific-Application-Id }

{ Auth-Session-State }

{ Origin-Host }

{ Origin-Realm }

[ Destination-Host ]

{ Destination-Realm }

{ User-Name}

{ Server-Assignment-Type }

*[ AVP ]

*[ Proxy-Info ]

*[ Route-Record ]

The Server-Assignment-Answer (SAA) command, indicated by the Command-Code field set to 301 and the ‘R’ bit cleared in the Command Flags field, is sent by the HSS to the 3GPP AAA Server to confirm the registration, de‑registration or user profile download procedure. The Result-Code or Experimental-Result AVP may contain one of the values defined in section 6.2 of 3GPP TS 29.229 [6] in addition to the values defined in RFC 3588 [7].

Message Format

< Server-Assignment-Answer > ::= < Diameter Header: 301, 16777219 >

< Session-Id >

{ Vendor-Specific-Application-Id }

[ Result-Code ]

[ Experimental-Result ]

{ Auth-Session-State }

{ Origin-Host }

{ Origin-Realm }

{ User-Name}

[ WLAN-User-Data ]

[ Charging- Data]

*[ AVP ]

*[ Proxy-Info ]

*[ Route-Record ]

*[ Route-Record ]

6.4.4 Registration Termination in Wx

This procedure is an exact copy of the existing Registration-Termination-Request (RTR) / Registration-Termination-Answer (RTA) commands from Cx reference point. See 3GPP TS 29.229 [6].

WLAN Wx reference point shall not make use of the optional Public-Identity AVP defined in RTR command.

6.5 Void

6.6 User identity to HSS resolution

The User identity to HSS resolution mechanism enables the 3GPP AAA Server to find the address of the HSS, that holds the subscriber data for a given user identity when multiple and separately addressable HSSs have been deployed by the network operator. The resolution mechanism is not required in networks that utilize a single HSS.

The resolution mechanism described in 3GPP TS 23.234 [4] is based on the Subscription Locator Function (SLF), already used in the IMS architecture 3GPP TS 29.228 [5]. The subscription locator is accessed via the Dw interface. The Dw interface is only used in conjunction with the Wx interface. The Dw interface is based on Diameter. Its functionality is implemented by means of the routing mechanism provided by an enhanced Diameter redirect agent, which is able to extract the identity of the user from the received requests.

To get the HSS address the 3GPP AAA Server sends to the SLF the Wx requests aimed for the HSS. On receipt of the HSS address from the SLF, the 3GPP AAA Server shall send the Wx requests to the HSS. Further requests associated to the same user shall make use the stored HSS address.

In networks where the use of the user identity to HSS resolution mechanism is required, each 3GPP AAA Server shall be configured with the address/name of the SLF implementing this resolution mechanism.

Note: The user identity to perform the HSS resolution is the IMSI.