TIA-1137 102-1-2009 Multiple Authentication and 2G RUIM Support《多重认证及2G RUIM支持》.pdf

1、 TIA-1137.102-1 June 2009 Multiple Authentication and 2G RUIM Support NOTICE TIA Engineering Standards and Publications are designed to serve the public interest through eliminating misunderstandings between manufacturers and purchasers, facilitating interchangeability and improvement of products, a

2、nd assisting the purchaser in selecting and obtaining with minimum delay the proper product for their particular need. The existence of such Standards and Publications shall not in any respect preclude any member or non-member of TIA from manufacturing or selling products not conforming to such Stan

3、dards and Publications. Neither shall the existence of such Standards and Publications preclude their voluntary use by Non-TIA members, either domestically or internationally. Standards and Publications are adopted by TIA in accordance with the American National Standards Institute (ANSI) patent pol

4、icy. By such action, TIA does not assume any liability to any patent owner, nor does it assume any obligation whatever to parties adopting the Standard or Publication. This Standard does not purport to address all safety problems associated with its use or all applicable regulatory requirements. It

5、is the responsibility of the user of this Standard to establish appropriate safety and health practices and to determine the applicability of regulatory limitations before its use. (From Project No. 3-0291.102-AD1, formulated under the cognizance of the TIA TR-45 Mobile (b) there is no assurance tha

6、t the Document will be approved by any Committee of TIA or any other body in its present or any other form; (c) the Document may be amended, modified or changed in the standards development or any editing process. The use or practice of contents of this Document may involve the use of intellectual p

7、roperty rights (“IPR”), including pending or issued patents, or copyrights, owned by one or more parties. TIA makes no search or investigation for IPR. When IPR consisting of patents and published pending patent applications are claimed and called to TIAs attention, a statement from the holder there

8、of is requested, all in accordance with the Manual. TIA takes no position with reference to, and disclaims any obligation to investigate or inquire into, the scope or validity of any claims of IPR. TIA will neither be a party to discussions of any licensing terms or conditions, which are instead lef

9、t to the parties involved, nor will TIA opine or judge whether proposed licensing terms or conditions are reasonable or non-discriminatory. TIA does not warrant or represent that procedures or practices suggested or provided in the Manual have been complied with as respects the Document or its conte

10、nts. If the Document contains one or more Normative References to a document published by another organization (“other SSO”) engaged in the formulation, development or publication of standards (whether designated as a standard, specification, recommendation or otherwise), whether such reference cons

11、ists of mandatory, alternate or optional elements (as defined in the TIA Engineering Manual, 4thedition) then (i) TIA disclaims any duty or obligation to search or investigate the records of any other SSO for IPR or letters of assurance relating to any such Normative Reference; (ii) TIAs policy of e

12、ncouragement of voluntary disclosure (see Engineering Manual Section 6.5.1) of Essential Patent(s) and published pending patent applications shall apply; and (iii) Information as to claims of IPR in the records or publications of the other SSO shall not constitute identification to TIA of a claim of

13、 Essential Patent(s) or published pending patent applications. TIA does not enforce or monitor compliance with the contents of the Document. TIA does not certify, inspect, test or otherwise investigate products, designs or services or any claims of compliance with the contents of the Document. ALL W

14、ARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED, INCLUDING WITHOUT LIMITATION, ANY AND ALL WARRANTIES CONCERNING THE ACCURACY OF THE CONTENTS, ITS FITNESS OR APPROPRIATENESS FOR A PARTICULAR PURPOSE OR USE, ITS MERCHANTABILITY AND ITS NONINFRINGEMENT OF ANY THIRD PARTYS INTELLECTUAL PROPERTY RIGHTS. T

15、IA EXPRESSLY DISCLAIMS ANY AND ALL RESPONSIBILITIES FOR THE ACCURACY OF THE CONTENTS AND MAKES NO REPRESENTATIONS OR WARRANTIES REGARDING THE CONTENTS COMPLIANCE WITH ANY APPLICABLE STATUTE, RULE OR REGULATION, OR THE SAFETY OR HEALTH EFFECTS OF THE CONTENTS OR ANY PRODUCT OR SERVICE REFERRED TO IN

16、THE DOCUMENT OR PRODUCED OR RENDERED TO COMPLY WITH THE CONTENTS. TIA SHALL NOT BE LIABLE FOR ANY AND ALL DAMAGES, DIRECT OR INDIRECT, ARISING FROM OR RELATING TO ANY USE OF THE CONTENTS CONTAINED HEREIN, INCLUDING WITHOUT LIMITATION ANY AND ALL INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES

17、 (INCLUDING DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, LITIGATION, OR THE LIKE), WHETHER BASED UPON BREACH OF CONTRACT, BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING NEGATION OF DAMAGES IS A FUND

18、AMENTAL ELEMENT OF THE USE OF THE CONTENTS HEREOF, AND THESE CONTENTS WOULD NOT BE PUBLISHED BY TIA WITHOUT SUCH LIMITATIONS. X.S0054-102-0 v2.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55

19、 56 57 58 59 60 i ContentsMultiple-Authentication and Legacy Authentication Support for Converged Access Network CONTENTS 1 Introduction1 1.1 Scope1 2 References2 2.1 Normative References2 2.2 Informative References3 3 Multiple-Authentication.4 3.1 SRNC Requirements4 3.1.1 Subscription Authenticatio

20、n 4 3.1.2 3rd party Authentication5 3.1.3 Re-authentication.5 3.2 AGW Requirements.5 3.2.1 Subscription Authentication 5 3.2.2 3rd party Authentication7 3.2.3 IP Service Authorization .8 3.2.4 Network PMIP Support .8 3.3 AT Requirements.8 3.3.1 Subscription Authentication 9 3.3.2 3rd party Authentic

21、ation9 3.3.3 Re-authentication.9 3.4 HAAA Requirements.9 3.4.1 RADIUS 10 3.4.2 Diameter 11 3.5 Home Network Requirements11 4 2G R-UIM Support 12 4.1 EAP-AKA based Method 12 4.1.1 AT Requirements.13 4.1.2 HAAA Requirements 16 4.1.3 AKA Vector Emulation .18 5 SIM Support.19 5.1 EAP-SIM Method19 5.1.1

22、AT Requirements.19 5.1.2 HAAA Requirements 19 6 Call Flows 20 6.1 Multiple-Authentication.20 6.2 2G R-UIM Support 21 6.2.1 EAP-AKA Method 22 6.2.2 Synchronization Procedure in EAP-AKA Method 24 6.2.3 Get CAVE Credentials from HLR/AC 26 X.S0054-102-0 v2.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

23、19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 Contents ii 6.3 SIM Support.29 6.3.1 Detailed EAP-SIM Call Flow at AT/HAAA .30 A Annex: NAI Routing Decoration .33 X.S0054-102-0 v2.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 1

24、7 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 iii List of FiguresLIST OF FIGURES Figure 1 High Level flow of CAVE based AKA authentication.13 Figure 2 AKA-Challenge Parameters Format .14 Figure 3 Multiple-Authentica

25、tion for CAN.20 Figure 4 Authentication and Authorization method using CAVE and EAP-AKA for 2G R-UIM/CAN.22 Figure 5 Synchronization Procedure using CAVE and EAP-AKA for 2G R-UIM 24 Figure 6 HAAA Interactions with HLR/AC .27 Figure 7 Authentication and Authorization method using EAP-SIM .29 Figure 8

26、 Detailed Procedure for Authentication and Authorization method using EAP-SIM 31 X.S0054-102-0 v2.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 List of Tables iv LIST OF TAB

27、LES Table 1 Additional RADIUS Attributes between AGW and SRNC for Access Authentication and Authorization used for Subscription Authentication .6 Table 2 Additional Diameter AVPs between AGW and SRNC during Access Authentication and Authorization for Subscription Authentication7 Table 3 Additional R

28、ADIUS Attributes between AGW and HAAA for Access Authentication and Authorization used for Subscription Authentication .10 Table 4 Additional Diameter AVPs between AGW and HAAA during Access Authentication and Authorization for Subscription Authentication11 X.S0054-102-0 v2.0 1 2 3 4 5 6 7 8 9 10 11

29、 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 v Revision HistoryREVISION HISTORY Revision Date Remarks 0 v1.0 December 2007 Initial release 0 v2.0 August 2008 Bug fix release for the intial release

30、X.S0054-102-0 v2.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 Foreword vi FOREWORD (This foreword is not part of this Standard.) This document was prepared by 3GPP2 TSG-X.

31、This document is a new specification. This document is part of a multi-part document consisting of multiple parts that togetherdescribes Converged Access Network. This document is subject to change following formal approval. Should this document bemodified, it will be re-released with a change of re

32、lease date and an identifying change inversion number as follows: X.S0054-102-X version n.0 where: X an uppercase numerical or alphabetic character 0, A, B, C, that represents the revision level. n a numeric string 1, 2, 3, that indicates an point release level. This document uses the following conv

33、entions: “Shall” and “shall not” identify requirements to be followed strictly to conform to this document and from which no deviation is permitted. “Should” and “should not” indicate that one of several possibilities is recommended as particularly suitable, without mentioning or excluding others, t

34、hat a certain course of action is preferred but not necessarily required, or that (in the negative form) a certain possibility or course of action is discouraged but not prohibited. “May” and “need not” indicate a course of action permissible within the limits of the document. “Can” and “cannot” are

35、 used for statements of possibility and capability, whether material, physical or causal. X.S0054-102-0 v2.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 1.1 Scope 1 1 Introd

36、uction1 Introduction This document describes Stage 2 and Stage 3 specification details for Multiple-Authentication and 2G R-UIM support for UMBTM1. 1.1 Scope This document is part of a multi-part document consisting of multiple parts that together describes Ultra Mobile Broadband Wireless IP Network

37、 operation. The scope of this document covers support for Multiple-Authentication and 2G-R-UIM. 1Ultra Mobile BroadbandTM and (UMBTM) are trade and service marks owned by the CDMA Development Group (CDG). X.S0054-102-0 v2.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 2

38、9 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 2 References 2 2.1 Normative References2 References 2.1 Normative References This section provides references to other specifications and standards that are necessary to implement this document. 1 3GPP2: X

39、.S0054-100-0 v2.0, lBasic IP Service for Converged Access Network Specification”, August 2008. 2 IETF: RFC3748, Aboba, et.al., “Extensible Authentication Protocol (EAP)”, June 2004. 3 3GPP2: X.S0054-910-0 v1.0, “CAN Data Dictionary”, December 2007. 4 IETF: RFC4284, Adrangi, et.al., “Identity Selecti

40、on Hints for the Extensible Authentication Protocol (EAP)”, January 2006. 5 IETF: RFC 2865, Rigney, C., Willens, S., Rubens, A. and W. Simpson, “Remote Authentication Dial in User Service (RADIUS)”, June 2000. 6 IETF: RFC 4072, Eronen, et.al, “Diameter Extensible Authentication Protocol (EAP) Applic

41、ation”, August 2005. 7 Void. 8 3GPP2: C.S0084-004-0 v2.0, “Application Layer for Ultra Mobile Broadband (UMB) Air Interface Specification”, September 2007. 9 3GPP2: C.S0023-0 v4.0, “Removable User Identity Module for Spread Spectrum Systems”, June 2001. 10 3GPP2: A.S0006, “Interoperability Specifica

42、tion (IOS) for Hybrid Mobile Station / Access Terminal (HAT) Authentication, Using the CAVE Algorithm”, January 2005. 11 3GPP2: X.S0004-E v1.0, “Mobile Application Part”, March 2004. 12 3GPP2: C.S0005-0 v3.0, “Upper Layer (Layer 3) Signaling Standard for cdma2000 Spread Spectrum Systems, Release 0”,

43、 July 2001. 13 IETF: RFC2716, Aboba, et.al., “PPP EAP TLS Authentication Protocol”, October 1999. 14 3GPP2: X.S0028-100, “cdma2000 Packet Data Services: Wireless Local Area Network (WLAN) Interworking - Access to Internet”, April 2007. 15 IETF: RFC4186, H. Haverinen, et al, “Extensible Authenticatio

44、n Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM)”, January 2006. 16 3GPP: TS 29.234: “3GPP system to Wireless Local Area Network (WLAN) interworking; Stage 3” 17 ETSI: GSM 11.11; “Digital cellular telecommunications system (Phase 2+); “Specifi

45、cation of the Subscriber Identity Module - Mobile Equipment (SIM - ME) Interface”. 18 3GPP2: X.S0054-220-0 v2.0, “Network PMIP Support”, August 2008. X.S0054-102-0 v2.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47

46、 48 49 50 51 52 53 54 55 56 57 58 59 60 2.2 Informative References 3 2 References19 3GPP2: X.S0054-400-0 v1.0, lConverged Access Network Accounting Specification”, December 2007. 20 IETF: RFC4282, Aboba, et.al., “The Network Access Identifier”, December 2005. 21 3GPP2: X.S0054-000-0 v2.0, lCAN Wirel

47、ess IP Network Overview and List of Parts”, August 2008. 22 IETF: RFC 4187, J. Arkko, “Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA)”, January 2006. 23 3GPP2: S.S0078-A v4.0, “Common Security Algorithms”, January 2008. 24 3GPP2: S.S0055-A v4.

48、0, “Enhanced Cryptographic Algorithms”, January 200. 25 3GPP2: N.S0005-0 “Cellular Radiotelecommunications Intersystem Operations”, July, 1997. 26 3GPP2: C.S0005-D v2.0, “Upper Layer (Layer 3) Signaling Standard for cdma2000 Spread Spectrum Systems, Release D”, October 2005. 2.2 Informative Referenc

49、es This section provides references to other documents that may be useful for the reader of this document. 3GPP2: X.S0054-110-0 v2.0, “MIPv4 Specification in Converged Access Network Specification”, August 2008. 3GPP2: X.S0054-210-0 v1.0, “CMIP based Inter-AGW Handoff”, December 2007. 3GPP2: X.S0054-300-0 v1.0, “QoS Support for Converged Access Network Specification”, December 2007. X.S0054-102-0 v2.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36