1、 TIA-1137.102-2009 APPROVED: JUNE 1, 2009 REAFFIRMED: DECEMBER 6, 2013 TIA-1137.102 June 2009Multiple Authentication and 2G RUIM Support NOTICE TIA Engineering Standards and Publications are designed to serve the public interest through eliminating misunderstandings between manufacturers and purchas
2、ers, facilitating interchangeability and improvement of products, and assisting the purchaser in selecting and obtaining with minimum delay the proper product for their particular need. The existence of such Standards and Publications shall not in any respect preclude any member or non-member of TIA
3、 from manufacturing or selling products not conforming to such Standards and Publications. Neither shall the existence of such Standards and Publications preclude their voluntary use by Non-TIA members, either domestically or internationally. Standards and Publications are adopted by TIA in accordan
4、ce with the American National Standards Institute (ANSI) patent policy. By such action, TIA does not assume any liability to any patent owner, nor does it assume any obligation whatever to parties adopting the Standard or Publication. This Standard does not purport to address all safety problems ass
5、ociated with its use or all applicable regulatory requirements. It is the responsibility of the user of this Standard to establish appropriate safety and health practices and to determine the applicability of regulatory limitations before its use. (From Project No. 3-0291.102-RF1, formulated under t
6、he cognizance of the TIA TR-45 Mobile (b) there is no assurance that the Document will be approved by any Committee of TIA or any other body in its present or any other form; (c) the Document may be amended, modified or changed in the standards development or any editing process. The use or practice
7、 of contents of this Document may involve the use of intellectual property rights (“IPR”), including pending or issued patents, or copyrights, owned by one or more parties. TIA makes no search or investigation for IPR. When IPR consisting of patents and published pending patent applications are clai
8、med and called to TIAs attention, a statement from the holder thereof is requested, all in accordance with the Manual. TIA takes no position with reference to, and disclaims any obligation to investigate or inquire into, the scope or validity of any claims of IPR. TIA will neither be a party to disc
9、ussions of any licensing terms or conditions, which are instead left to the parties involved, nor will TIA opine or judge whether proposed licensing terms or conditions are reasonable or non-discriminatory. TIA does not warrant or represent that procedures or practices suggested or provided in the M
10、anual have been complied with as respects the Document or its contents. If the Document contains one or more Normative References to a document published by another organization (“other SSO”) engaged in the formulation, development or publication of standards (whether designated as a standard, speci
11、fication, recommendation or otherwise), whether such reference consists of mandatory, alternate or optional elements (as defined in the TIA Engineering Manual, 4thedition) then (i) TIA disclaims any duty or obligation to search or investigate the records of any other SSO for IPR or letters of assura
12、nce relating to any such Normative Reference; (ii) TIAs policy of encouragement of voluntary disclosure (see Engineering Manual Section 6.5.1) of Essential Patent(s) and published pending patent applications shall apply; and (iii) Information as to claims of IPR in the records or publications of the
13、 other SSO shall not constitute identification to TIA of a claim of Essential Patent(s) or published pending patent applications. TIA does not enforce or monitor compliance with the contents of the Document. TIA does not certify, inspect, test or otherwise investigate products, designs or services o
14、r any claims of compliance with the contents of the Document. ALL WARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED, INCLUDING WITHOUT LIMITATION, ANY AND ALL WARRANTIES CONCERNING THE ACCURACY OF THE CONTENTS, ITS FITNESS OR APPROPRIATENESS FOR A PARTICULAR PURPOSE OR USE, ITS MERCHANTABILITY AND ITS
15、NONINFRINGEMENT OF ANY THIRD PARTYS INTELLECTUAL PROPERTY RIGHTS. TIA EXPRESSLY DISCLAIMS ANY AND ALL RESPONSIBILITIES FOR THE ACCURACY OF THE CONTENTS AND MAKES NO REPRESENTATIONS OR WARRANTIES REGARDING THE CONTENTS COMPLIANCE WITH ANY APPLICABLE STATUTE, RULE OR REGULATION, OR THE SAFETY OR HEALT
16、H EFFECTS OF THE CONTENTS OR ANY PRODUCT OR SERVICE REFERRED TO IN THE DOCUMENT OR PRODUCED OR RENDERED TO COMPLY WITH THE CONTENTS. TIA SHALL NOT BE LIABLE FOR ANY AND ALL DAMAGES, DIRECT OR INDIRECT, ARISING FROM OR RELATING TO ANY USE OF THE CONTENTS CONTAINED HEREIN, INCLUDING WITHOUT LIMITATION
17、 ANY AND ALL INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, LITIGATION, OR THE LIKE), WHETHER BASED UPON BREACH OF CONTRACT, BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN IF ADVISED OF THE POSSI
18、BILITY OF SUCH DAMAGES. THE FOREGOING NEGATION OF DAMAGES IS A FUNDAMENTAL ELEMENT OF THE USE OF THE CONTENTS HEREOF, AND THESE CONTENTS WOULD NOT BE PUBLISHED BY TIA WITHOUT SUCH LIMITATIONS. X.S0054-102-0 v1.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 3
19、3 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 i ContentsMultiple-Authentication and Legacy Authentication Support for Converged Access Network CONTENTS 1 Introduction1 1.1 Scope1 2 References2 2.1 Normative References2 2.2 Informative References3 3 Multiple-Authe
20、ntication.4 3.1 SRNC Requirements4 3.1.1 Subscription Authentication 5 3.1.2 3rd party Authentication5 3.1.3 Re-authentication.5 3.2 AGW Requirements.6 3.2.1 Subscription Authentication 6 3.2.2 3rd party Authentication7 3.2.3 IP Service Authorization .8 3.2.4 Network PMIP Support .9 3.3 AT Requireme
21、nts.9 3.3.1 Subscription Authentication 9 3.3.2 3rd party Authentication9 3.3.3 Re-authentication.10 3.4 HAAA Requirements.10 3.4.1 RADIUS 10 3.4.2 Diameter 11 3.5 Home Network Requirements12 4 2G R-UIM Support 13 4.1 EAP-TTLS/MD5 Challenge based Method.13 4.1.1 AT Requirements.13 4.1.2 HAAA Require
22、ments 14 4.2 EAP-AKA based Method 14 4.2.1 AT Requirements.15 4.2.2 HAAA Requirements 18 4.2.3 AKA Vector Emulation .20 5 SIM Support.21 5.1 EAP-SIM Method21 5.1.1 AT Requirements.21 5.1.2 HAAA Requirements 21 6 Call Flows 22 6.1 Multiple-Authentication.22 X.S0054-102-0 v1.0 1 2 3 4 5 6 7 8 9 10 11
23、12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 Contents ii 6.2 2G R-UIM Support 23 6.2.1 EAP-TTLS/MD5 Challenge based Method.23 6.2.2 EAP-AKA Method 27 6.2.3 Synchronization Procedure in EAP-AKA Metho
24、d 29 6.2.4 Get CAVE Credentials from HLR/AC 31 6.3 SIM Support.34 6.3.1 Detaild EAP-SIM Call Flow at AT/HAAA .35 A Annex: NAI Routing Decoration .38 X.S0054-102-0 v1.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47
25、48 49 50 51 52 53 54 55 56 57 58 59 60 iii List of FiguresLIST OF FIGURES Figure 1 High Level flow of CAVE based AKA authentication.15 Figure 2 AKA-Challenge Parameters Format .16 Figure 3 Multiple-Authentication for CAN.22 Figure 4 EAP-TTLS/MD5 Challenge based Authentication and Authorization metho
26、d using CAVE in 2G R-UIM for CAN24 Figure 5 Authentication and Authorization method using CAVE and EAP-AKA for 2G R-UIM/CAN.27 Figure 6 Synchronization Procedure using CAVE and EAP-AKA for 2G R-UIM 29 Figure 7 HAAA Interactions with HLR/AC .32 Figure 8 Authentication and Authorization method using E
27、AP-SIM .34 Figure 9 Detailed Procedure for Authentication and Authorization method using EAP-SIM 36 X.S0054-102-0 v1.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 List of Ta
28、bles iv LIST OF TABLES Table 1 Additional RADIUS Attributes between AGW and SRNC for Access Authentication and Authorization used for Subscription Authentication .6 Table 2 Additional Diameter AVPs between AGW and SRNC during Access Authentication and Authorization for Subscription Authentication7 T
29、able 3 Additional RADIUS Attributes between AGW and HAAA for Access Authentication and Authorization used for Subscription Authentication .11 Table 4 Additional Diameter AVPs between AGW and HAAA during Access Authentication and Authorization for Subscription Authentication12 X.S0054-102-0 v1.0 1 2
30、3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 v Revision HistoryREVISION HISTORY Revision Date Remarks 0 December 2007 Initial release X.S0054-102-0 v1.0 1 2 3 4 5 6 7 8 9 10 11 1
31、2 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 Foreword vi FOREWORD (This foreword is not part of this Standard.) This document was prepared by 3GPP2 TSG-X. This document is a new specification. This d
32、ocument is part of a multi-part document consisting of multiple parts that together describes Converged Access Network. This document is subject to change following formal approval. Should this document be modified, it will be re-released with a change of release date and an identifying change in ve
33、rsion number as follows: X.S0054-102-X version n.0 where: X an uppercase numerical or alphabetic character 0, A, B, C, that represents the revision level. n a numeric string 1, 2, 3, that indicates an point release level. This document uses the following conventions: “Shall” and “shall not” identify
34、 requirements to be followed strictly to conform to this document and from which no deviation is permitted. “Should” and “should not” indicate that one of several possibilities is recommended as particularly suitable, without mentioning or excluding others, that a certain course of action is preferr
35、ed but not necessarily required, or that (in the negative form) a certain possibility or course of action is discouraged but not prohibited. “May” and “need not” indicate a course of action permissible within the limits of the document. “Can” and “cannot” are used for statements of possibility and c
36、apability, whether material, physical or causal. X.S0054-102-0 v1.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 1.1 Scope 1 1 Introduction1 Introduction This document descri
37、bes Stage 2 and Stage 3 specification details for Multiple-Authentication and 2G R-UIM support for UMB. 1.1 Scope This document is part of a multi-part document consisting of multiple parts that together describes Ultra Mobile Broadband Wireless IP Network operation. The scope of this document cover
38、s support for Multiple-Authentication and 2G-R-UIM. X.S0054-102-0 v1.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 2 References 2 2.1 Normative References2 References 2.1 No
39、rmative References This section provides references to other specifications and standards that are necessary to implement this document. 1 3GPP2: X.S0054-100-0 v1.0, “ Basic IP Service for Converged Access Network Specification”, December 2007. 2 IETF: RFC3748, Aboba, et.al., “Extensible Authenticat
40、ion Protocol (EAP)”, June 2004. 3 3GPP2: X.S0054-910-0 v1.0, “CAN Data Dictionary”, December 2007. 4 IETF: RFC4284, Adrangi, et.al., “Identity Selection Hints for the Extensible Authentication Protocol (EAP)”, January 2006. 5 IETF: RFC 2865, Rigney, C., Willens, S., Rubens, A. and W. Simpson, “Remot
41、e Authentication Dial in User Service (RADIUS)”, June 2000. 6 IETF: RFC 4072, Eronen, et.al, “Diameter Extensible Authentication Protocol (EAP) Application”, August 2005. 7 IETF: draft-funk-eap-ttls-v0 Editor Note: The above document is a work in progress and should not be referenced unless and unti
42、l it is approved and published. Until such time as this Editors Note is removed, the inclusion of the above document is for informational purposes only. 8 3GPP2: C.S0084-004-0 v2.0, “Application Layer for Ultra Mobile Broadband (UMB)TM1Air Interface Specification”, September 2007. 9 3GPP2: C.S0023-0
43、 v4.0, “Removable User Identity Module for Spread Spectrum Systems”, June 2001. 10 3GPP2: A.S0006, “Interoperability Specification (IOS) for Hybrid Mobile Station / Access Terminal (HAT) Authentication, Using the CAVE Algorithm”, January 2005. 11 3GPP2: X.S0004-E v1.0, “Wireless Radiotelecommunicati
44、ons Intersystem Operations”, March 2004. 12 3GPP2: C.S0005-0 v3.0, “Upper Layer (Layer 3) Signaling Standard for cdma2000 Spread Spectrum Systems, Release 0”, July 2001. 13 IETF: RFC2716, Aboba, et.al., “PPP EAP TLS Authentication Protocol”, October 1999. 14 3GPP2: X.S0028-100, “cdma2000 Packet Data
45、 Services: Wireless Local Area Network (WLAN) Interworking - Access to Internet”, April 2007. 1Ultra Mobile BraoadbandTMand (UMBTM) are trade and service marks owned by the CDMA Development Group (CDG). X.S0054-102-0 v1.0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
46、30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 2.2 Informative References 3 2 References15 IETF: RFC4186, H. Haverinen, et al, “Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-S
47、IM)”, January 2006. 16 3GPP: TS 29.234: “3GPP system to Wireless Local Area Network (WLAN) interworking; Stage 3” 17 ETSI: GSM 11.11; “Digital cellular telecommunications system (Phase 2+); “Specification of the Subscriber Identity Module - Mobile Equipment (SIM - ME) Interface”. 18 3GPP2: X.S0054-2
48、20-0 v1.0, “Network PMIP Support”, December 2007. 19 3GPP2: X.S0054-400-0 v1.0, “ Converged Access Network Accounting Specification”, December 2007. 20 IETF: RFC4282, Aboba, et.al., “The Network Access Identifier”, December 2005. 21 3GPP2: X.S0054-000-0 v1.0, “ CAN Wireless IP Network Overview and L
49、ist of Parts”, December 2007. 22 IETF: RFC 4187, J. Arkko, “Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA)”, January 2006. 23 3GPP2: S.S0078-A v4.0, “Common Security Algorithms”, October 2006. 24 3GPP2: S.S0055-A v4.0, “Enhanced Cryptographic Algorithms”, October 2005. 25 3GPP2: N.S0005-0-B “Cellular Radiotelecommunications Intersystem Operations”, July, 1997. 26 3GPP2: C.S0005-D v2.0, “Upper Layer (Layer 3) Signaling Standard for cdma2000 Spread Spe
