Abstract: According to some embodiments, a method for early data transmission performed by a wireless device comprises: obtaining, from a non-access stratum (NAS) communication layer, an initial NAS protocol data unit (PDU) for early data transmission; determining, by a radio resource control (RRC) communication layer, to initiate early data transmission based at least in part on a size of the initial NAS PDU; and transmitting an early data transmission including the initial NAS PDU.

Abstract: The present disclosure provides a method in a terminal device. The method includes: receiving a downlink, DL, packet, the DL packet being Internet Protocol “IP” Security, IPSec, protected; and deriving a reflective Quality of Service, QoS, rule for uplink, UL, direction per IPSec Security Association, SA, based on the DL packet.

Abstract: A UE having a security context with an Initial AMF is able to accept an unprotected AUTHRQ, under certain circumstances, for a limited time. In one embodiment, a UE considers the security context to be temporary, which invokes rules or exceptions different than a permanent security context, such as the acceptance of an unprotected AUTHRQ from a Target AMF. The network may indicate to the UE the temporary status, or the UE may assume it. Alternatively, the UE may enable exceptions to the defined rules associated with the security context. In one embodiment, the UE receives a plurality of partial registration acceptance messages, each indicating a specific task or aspect of the overall registration has been completed. The UE may mark its security context temporary, or enable exceptions to the rules 10 associated with it, until a partial registration acceptance messages indicates AMF re-allocation is complete or is not required.

Abstract: A method of operating a user equipment (“UE”) to handle an internet protocol multimedia subsystem (“IMS”) emergency call can include sending a session initiation protocol (“SIP”) REGISTER request relating to an emergency registration to a proxy call session control function (“P-CSCF”) of an IMS network. The method can further include, responsive to sending the SIP REGISTER request, receiving a response from the P-CSCF. The method can further include, responsive to receiving the response, performing an action based on the response.

Abstract: Systems and methods for enabling User Equipments (UEs) to use a Public Land Mobile Network (PLMN) failing service under disaster conditions and to receive services from alternative PLMNs. In some embodiments, a method performed by a first network node comprises receiving, from a second network node, a first disaster roaming PLMN list. The method also comprises determining that a UE is to be authenticated. The method further comprises providing, to a third network node, a request including the disaster roaming PLMN list, responsive to determining that the UE is to be authenticated. In this way, an interruption of the service at the UE is minimized in case of the disaster conditions.

Abstract: A wireless device and an Access and Mobility Management Function (AMF) and methods performed by a wireless device and an AMF, respectively.

Abstract: Systems and methods for enabling notification of disaster conditions and alternative Public Land Mobile Networks (PLMNs) to network nodes are disclosed. In one embodiment, a method performed by a User Equipment (UE) for responding to a disaster condition in a first PLMN, comprises determining that a first PLMN is not available; determining that a second PLMN is available for disaster roaming; and attempting to register with the second PLMN, responsive to determining that the first PLMN is not available due to the disaster condition and determining that a second PLMN is available for disaster roaming. In this way, a UE is informed of the failure of its currently used PLMN due to a disaster condition and a service may be provided in another PLMN, where the UE under normal conditions may not be allowed to receive a service from the second PLMN.

Abstract: According to certain embodiments, a method by a user equipment (UE) for securing network steering information includes transmitting a registration request to a Visited Public Land Mobile Network (VPLMN). Upon successful authentication b an authentication server function (AUSF), a home network root key is generated. A protected message comprising Network Steering information is received from a first network node. The protected message is protected using a configuration key (Kconf) and a first Message Authentication Code (MAC-1). The configuration key (Kconf) is determined from the home network root key, and the UE verifies the MAC-1. Based on the Kconf and the MAC-1, it is verified that the VPLMN did not alter Network Steering Information. An acknowledgement message, which is protected with a second Message Authentication Code (MAC-2), is transmitted to a Home Public Land Mobile Network (HPLMN).

Abstract: Example embodiments presented herein are directed towards a wireless device and core network node, as well as corresponding methods therein, for managing a data flow between a network access type 1 and a network access type 2. According to some examples, access type 1 may be a 3GPP access and access type 2 may be a non-3GPP access. The wireless device is connectable to both the networks of access types 1 and 2.

Abstract: Disclosed herein is a method performed by a network node and a network node for handling User Equipment, UE, Parameters Update, UPU, data set types which may not be supported by a UE, the method comprising one or more of: receiving an indication of UPU data set types supported by a UE; determining if a given UPU data set type is supported by the UE based on the indication; if the given UPU data set type is supported by the UE, sending a UPU message to the UE with the given UPU data set type; and if the given UPU data set type is not supported by the UE, not sending the UPU message to the UE with the given UPU data set type.

Abstract: Enabling the exchange of connection parameters where a user equipment (UE) lacks a secret shared with the network (e.g. a server), such as key materials, and lacks a valid certificate. In some embodiments, the connection parameters may be exchanged via EAP messages. In certain aspects, and particularly with respect to emergency attach, a simplified protocol is used with limited overhead because the UE does not attempt to authenticate the network, and the network does not attempt to authenticate the UE.

Abstract: A method of operating a policy and charging rules function (“PCRF”) node to handle an internet protocol multimedia subsystem (“IMS”) emergency call can include receiving an identity request from a proxy call session control function (“P-CSCF”) of an IMS network. The identity request can include an internet protocol (“IP”) address for a user equipment (“UE”). The method can further include, responsive to receiving the identity request, determining one or more identifiers of the UE based on the IP address. The one or more identifiers are separate from the IP address. The method can further include, responsive to determining the one or more identifiers, transmitting an indication of the one or more identifiers of the UE to the P-CSCF.

Abstract: Methods of operating a user equipment UE are discussed. An access category may be determined from a plurality of access categories and at least one access identity may be determined from a plurality of access identities to be applied for an access attempt. An establishment cause may be determined for the access attempt based on the access category determined from the plurality of access categories and based on the at least one access identity from the plurality of access identities. A connection request message for the access attempt may be transmitted to a wireless communication network, with the connection request message including the establishment cause determined based on the access category and based on the at least one access identity. Related devices are also discussed.

Abstract: Example embodiments presented herein are directed towards a wireless device and core network node, as well as corresponding methods therein, for managing a data flow between a network access type 1 and a network access type 2. According to some examples, access type 1 may be a 3GPP access and access type 2 may be a non-3GPP access. The wireless device is connectable to both the networks of access types 1 and 2.

Abstract: Methods of operating a user equipment UE are discussed. An access category may be determined from a plurality of access categories and at least one access identity may be determined from a plurality of access identities to be applied for an access attempt. An establishment cause may be determined for the access attempt based on the access category determined from the plurality of access categories and based on the at least one access identity from the plurality of access identities. A connection request message for the access attempt may be transmitted to a wireless communication network, with the connection request message including the establishment cause determined based on the access category and based on the at least one access identity. Related devices are also discussed.

Abstract: A serving network establishes a connection with a UE via an N3AN using a trusted registration procedure to establish a secure access link between the UE and the serving network via the N3AN. The serving network sends a trust indication message via the N3AN to the UE using the secure access link to identify the N3AN as trusted or untrusted. When the received trust indication message indicates the N3AN is untrusted, the serving network executes an untrusted registration procedure with the UE using the secure access link to establish the connection between the UE and the serving network. When the received trust indication message indicates the N3AN is trusted, the serving network continues execution of the initial registration with the UE using the trusted registration procedure to establish the connection between the UE and the serving network. The UE and serving network exchange messages via the established connection.

Abstract: Enabling the exchange of connection parameters where a user equipment (UE) lacks a secret shared with the network (e.g. a server), such as key materials, and lacks a valid certificate. In some embodiments, the connection parameters may be exchanged via EAP messages. In certain aspects, and particularly with respect to emergency attach, a simplified protocol is used with limited overhead because the UE does not attempt to authenticate the network, and the network does not attempt to authenticate the UE.

Abstract: A user equipment is configured for concealment of a mission-critical push-to-talk (MCPTT) group identity in multimedia broadcast multicast services (MBMS). The UE is configured in particular to receive an indication of an MCPTT group pseudonym (7) which is a pseudonym for an MCPTT group identity (11) that identifies an MCPTT group of which the UE is a member. The UE may for example receive this indication from a group management server (GMS) or an MCPTT server. The UE in some embodiments may determine whether received control signalling (e.g., an MBMS subchannel control message) is for the MCPTT group of which the UE is a member, by determining whether the control signaling includes the MCPTT group pseudonym (7).

Abstract: A wireless device and an Access and Mobility Management Function (AMF) and methods performed by a wireless device and an AMF, respectively.

Abstract: The AMF re-allocation procedure for an Initiating AMF that has reroute capability via an Access Network (AN) is optimized in scenarios where a wireless device, such as a User Equipment (UE), already shares a 5G security context with-in a Last Serving AMF that is different from the Initiating AMF, and where the Initiating AMF and the Last Serving AMF can communicate with each other via an interface.