WO2021185316A1

WO2021185316A1 - Method and apparatus for service process for user equipment

Info

Publication number: WO2021185316A1
Application number: PCT/CN2021/081553
Authority: WO
Inventors: Hongxia LONG
Original assignee: Telefonaktiebolaget Lm Ericsson (Publ)
Priority date: 2020-03-20
Filing date: 2021-03-18
Publication date: 2021-09-23

Abstract

Embodiments of the present disclosure provide methods and apparatuses for service process for user equipment. A method at a data management entity comprises obtaining information regarding whether a service for a user equipment is suspended. The method further comprises determining whether to suspend the service for the user equipment based on the obtained information.

Description

METHOD AND APPARATUS FOR SERVICE PROCESS FOR USER EQUIPMENT

TECHNICAL FIELD

The non-limiting and exemplary embodiments of the present disclosure generally relate to the technical field of communications, and specifically to methods and apparatuses for service process for user equipment.

BACKGROUND

This section introduces aspects that may facilitate a better understanding of the disclosure. Accordingly, the statements of this section are to be read in this light and are not to be understood as admissions about what is in the prior art or what is not in the prior art.

In a communication network, a network device may decide to perform a service for a user equipment (UE) . For example, the network device may decide to notify of the changes of steering information of UE in a visited network after UE registration. The network device may perform UE parameters update. The service for the UE may involve two or more network devices. The service for the UE may be performed under a security mechanism.

SUMMARY

This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.

There are some problems when the service for the UE involves two or more network devices. For example, supposing a first network entity may send a message of the service for the UE to a second network entity, when the second network entity has suspended the service for the UE due to various reasons and the first network entity has not suspended the service for the UE and/or does not know that the second network device has suspended the service for the UE, i.e., the suspending state of the service for the UE is not synchronized to the first network entity, unnecessary network traffic from the first network entity to the second network entity can’t be avoided. For example, the first network entity may continue to consume the service (e.g., sending the message of the service for the UE to the second network entity) for the UE which may be failed in vain.

To overcome or mitigate at least one of the above mentioned problems or other problems, the embodiments of the present disclosure propose an improved service process for user equipment.

In a first aspect of the disclosure, there is provided a method at a data management entity. The method comprises obtaining information regarding whether a service for a user equipment is suspended. The method further comprises determining whether to suspend the service for the user equipment based on the obtained information.

In an embodiment, the service for the user equipment may be configured with a counter for mitigating a replay attack and when the counter for mitigating a replay attack is about to wrap around, a subsequent request of the service for the user equipment may be suspended.

In an embodiment, obtaining information regarding whether a service for a user equipment is suspended may comprise sending a request for querying the information regarding whether the service for the user equipment is suspended to a data repository entity; and receiving a response including a query result from the data repository entity.

In an embodiment, the information regarding whether the service for the user equipment is suspended may be a Boolean flag, when the Boolean flag is true, it indicates that the service for the user equipment is suspended, and when the Boolean flag is false or absent, it indicates that the service for the user equipment is not suspended.

In an embodiment, the method may further comprise in response to a determination that the service for the user equipment is suspended, suspending the service for the user equipment.

In an embodiment, the method may further comprise in response to a determination that the service for the user equipment is not suspended, sending a request to an authentication entity to get a value for integrity protection and a counter for mitigating a replay attack. The method may further comprise receiving a response including the value for integrity protection and the counter for mitigating the replay attack from the authentication entity. The method may further comprise, when the received counter is about to wrap around, suspending a subsequent request of the service for the user equipment.

In an embodiment, the counter for mitigating a replay attack may be incremented for every new computation of the value for mitigating the replay attack.

In an embodiment, the value for mitigating the replay attack may be SoR-MAC-I _AUSF and/or SoR-XMAC-I _UE or the value for mitigating the replay attack may be UPU-MAC-I _AUSF and/or UPU-XMAC-I _UE.

In an embodiment, when the received counter is about to wrap around, the method may further comprise sending a request for storing information regarding the service for the user equipment is suspended to the data repository entity.

In an embodiment, when the received counter is about to wrap around, the method may further comprises triggering a user equipment re-authentication procedure.

In an embodiment, the method may further comprise receiving an authentication result for the user equipment from an authentication entity; and when the authentication result indicates a successful authentication and the service for the user equipment is suspended, resuming the service for the user equipment.

In an embodiment, when the result of the authentication procedure indicates the successful authentication, the method may further comprise sending a request for storing information regarding the service for the user equipment is not suspended to a data repository entity.

In an embodiment, the authentication entity may be an authentication service function, AUSF, entity, the data repository entity may be unified data repository, UDR, entity and the data management entity may be a unified data management, UDM, entity.

In an embodiment, the service for the user equipment may comprise at least one of a procedure for steering of the user equipment in a visited network; and a procedure for the user equipment parameters update.

In a second aspect of the disclosure, there is provided a method at a data repository entity. The method comprises receiving a request for querying information regarding whether a service for a user equipment is suspended from a data management entity. The method further comprises sending a response including a query result to the data management entity.

In an embodiment, the method may further comprise receiving a request for storing information regarding whether the service for the user equipment is suspended from the data management entity. The method may further comprise storing the information regarding whether the service for the user equipment is suspended.

In a third aspect of the disclosure, there is provided a data management entity. The data management entity comprises a processor and a memory coupled to the processor. Said memory contains instructions executable by said processor. Said data management entity is operative to obtain information regarding whether a service for a user equipment is suspended. Said data management entity is further operative to determine whether to suspend the service for the user equipment based on the obtained information.

In a fourth aspect of the disclosure, there is provided a data repository entity. The data repository entity comprises a processor and a memory coupled to the processor. Said memory contains instructions executable by said processor. Said data repository entity is operative to receive a request for querying information regarding whether a service for a user equipment is suspended from a data management entity. Said data repository entity is operative to send a response including a query result to the data management entity.

In a fifth aspect of the disclosure, there is provided a computer program product, comprising instructions which, when executed on at least one processor, cause the at least one processor to carry out any step of the method according to any of the first and second aspects of the disclosure.

In a six aspect of the disclosure, there is provided a computer-readable storage medium storing instructions which when executed by at least one processor, cause the at least one processor to carry out any step of the method according to any of the first and second aspects of the disclosure.

In a seven aspect of the disclosure, there is provided a data management entity. The data management entity comprises an obtaining module and a determining module. The obtaining module may be configured to obtain information regarding whether a service for a user equipment is suspended. The determining module may be configured to determine whether to suspend the service for the user equipment based on the obtained information.

In an eighth aspect of the disclosure, there is provided a data repository entity. As shown, the data repository entity comprises a receiving module and a sending module. The receiving module may be configured to receive a request for querying information regarding whether a service for a user equipment is suspended from a data management entity. The sending module may be configured to send a response including a query result to the data management entity.

Embodiments herein afford many advantages, of which a non-exhaustive list of examples follows. In some embodiments herein, the data management entity such as UDM and the authentication entity such as AUSF are synchronized on suspending of the service for the user equipment such as the SoR protection service and UPU protection service for example during counter wrap handling. In some embodiments herein, unnessary network traffic can be avoided and network performance can be improved. In some embodiments herein, the data management entity such as UDM and the authentication entity such as AUSF are synchronized on the resuming of the service for the user equipment such as SoR protection service and UPU protection service. In some embodiments herein, network traffic of the service for the user equipment such as SoR protection service and UPU protection service can be scheduled in time and the network performance can be improved. A person skilled in the art will recognize additional features and advantages upon reading the following detailed description.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other aspects, features, and benefits of various embodiments of the present disclosure will become more fully apparent, by way of example, from the following detailed description with reference to the accompanying drawings, in which like reference numerals or letters are used to designate like or equivalent elements. The drawings are illustrated for facilitating better understanding of the embodiments of the disclosure and not necessarily drawn to scale, in which:

FIG. 1a schematically shows a high level architecture in 5G network;

FIG. 1b schematically shows a data storage architecture;

FIG. 2 shows a security procedure for steering of UE in VPLMN after registration;

FIG. 3 shows a security procedure for UE parameters update;

FIG. 4 shows a flowchart of a method according to an embodiment of the present disclosure;

FIG. 5 shows a flowchart of a method according to another embodiment of the present disclosure;

FIG. 6 shows a flowchart of a method according to another embodiment of the present disclosure;

FIG. 7 shows a flowchart of a method according to another embodiment of the present disclosure;

FIG. 8 depicts a flowchart of the synchronization of Counter _SoR wrap around handling for SoR protection service between AUSF and UDM according to an embodiment of the present disclosure;

FIG. 9 depicts a flowchart of the synchronization of Counter _UPU wrap around handling for UPU protection service between AUSF and UDM according to an embodiment of the present disclosure;

FIG. 10 depicts a flowchart of the synchronized resuming of SoR/UPU protection service according to an embodiment of the present disclosure;

FIG. 11 is a block diagram showing an apparatus suitable for practicing some embodiments of the disclosure;

FIG. 12 is a block diagram showing a data management entity according to an embodiment of the disclosure; and

FIG. 13 is a block diagram showing a data repository entity according to an embodiment of the disclosure.

DETAILED DESCRIPTION

The embodiments of the present disclosure are described in detail with reference to the accompanying drawings. It should be understood that these embodiments are discussed only for the purpose of enabling those skilled persons in the art to better understand and thus implement the present disclosure, rather than suggesting any limitations on the scope of the present disclosure. Reference throughout this specification to features, advantages, or similar language does not imply that all of the features and advantages that may be realized with the present disclosure should be or are in any single embodiment of the disclosure. Rather, language referring to the features and advantages is understood to mean that a specific feature, advantage, or characteristic described in connection with an embodiment is included in at least one embodiment of the present disclosure. Furthermore, the described features, advantages, and characteristics of the disclosure may be combined in any suitable manner in one or more embodiments. One skilled in the relevant art will recognize that the disclosure may be practiced without one or more of the specific features or advantages of a particular embodiment. In other instances, additional features and advantages may be recognized in certain embodiments that may not be present in all embodiments of the disclosure.

As used herein, the term “network” refers to a network following any suitable (wireless or wired) communication standards. For example, the wireless communication standards may comprise new radio (NR) , long term evolution (LTE) , LTE-Advanced, wideband code division multiple access (WCDMA) , high-speed packet access (HSPA) , Code Division Multiple Access (CDMA) , Time Division Multiple Address (TDMA) , Frequency Division Multiple Access (FDMA) , Orthogonal Frequency-Division Multiple Access (OFDMA) , Single carrier frequency division multiple access (SC-FDMA) and other wireless networks. A CDMA network may implement a radio technology such as Universal Terrestrial Radio Access (UTRA) , etc. UTRA includes WCDMA and other variants of CDMA. A TDMA network may implement a radio technology such as Global System for Mobile Communications (GSM) . An OFDMA network may implement a radio technology such as Evolved UTRA (E-UTRA) , Ultra Mobile Broadband (UMB) , IEEE 802.11 (Wi-Fi) , IEEE 802.16 (WiMAX) , IEEE 802.20, Flash-OFDMA, Ad-hoc network, wireless sensor network, etc. In the following description, the terms “network” and “system” can be used interchangeably. Furthermore, the communications between two devices in the network may be performed according to any suitable communication protocols, including, but not limited to, the wireless communication protocols as defined by a standard organization such as 3rd generation partnership project (3GPP) or the wired communication protocols. For example, the wireless communication protocols may comprise the first generation (1G) , 2G, 3G, 4G, 4.5G, 5G communication protocols, and/or any other protocols either currently known or to be developed in the future.

The term “entity” used herein refers to a network device or network node or network function in a communication network. For example, in a wireless communication network such as a 3GPP-type cellular network, a core network device may offer numerous services to customers who are interconnected by an access network device. Each access network device is connectable to the core network device over a wired or wireless connection.

The term “network function (NF) ” refers to any suitable function which can be implemented in a network entity (physical or virtual) of a communication network. For example, the 5G system (5GS) may comprise a plurality of NFs such as AMF (Access and Mobility Management Function) , SMF (Session Management Function) , AUSF (Authentication Service Function) , UDM (Unified Data Management) , PCF (Policy Control Function) , AF (Application Function) , NEF (Network Exposure Function) , UPF (User plane Function) and NRF (Network Repository Function) , RAN (radio access network) , SCP (service communication proxy) , NWDAF (network data analytics function) , etc. In other embodiments, the network function may comprise different types of NFs for example depending on the specific network.

The term “terminal device” refers to any end device that can access a communication network and receive services therefrom. By way of example and not limitation, the terminal device refers to a mobile terminal, user equipment (UE) , or other suitable devices. The UE may be, for example, a Subscriber Station (SS) , a Portable Subscriber Station, a Mobile Station (MS) , or an Access Terminal (AT) . The terminal device may include, but not limited to, a portable computer, an image capture terminal device such as a digital camera, a gaming terminal device, a music storage and a playback appliance, a mobile phone, a cellular phone, a smart phone, a voice over IP (VoIP) phone, a wireless local loop phone, a tablet, a wearable device, a personal digital assistant (PDA) , a portable computer, a desktop computer, a wearable terminal device, a vehicle-mounted wireless terminal device, a wireless endpoint, a mobile station, a laptop-embedded equipment (LEE) , a laptop-mounted equipment (LME) , a USB dongle, a smart device, a wireless customer-premises equipment (CPE) and the like. In the following description, the terms “terminal device” , “terminal” , “user equipment” and “UE” may be used interchangeably. As one example, a terminal device may represent a UE configured for communication in accordance with one or more communication standards promulgated by the 3GPP, such as 3GPP’ LTE standard or NR standard. As used herein, a “user equipment” or “UE” may not necessarily have a “user” in the sense of a human user who owns and/or operates the relevant device. In some embodiments, a terminal device may be configured to transmit and/or receive information without direct human interaction. For instance, a terminal device may be designed to transmit information to a network on a predetermined schedule, when triggered by an internal or external event, or in response to requests from the communication network. Instead, a UE may represent a device that is intended for sale to, or operation by, a human user but that may not initially be associated with a specific human user.

As yet another example, in an Internet of Things (IoT) scenario, a terminal device may represent a machine or other device that performs monitoring and/or measurements, and transmits the results of such monitoring and/or measurements to another terminal device and/or network equipment. The terminal device may in this case be a machine-to-machine (M2M) device, which may in a 3GPP context be referred to as a machine-type communication (MTC) device. As one particular example, the terminal device may be a UE implementing the 3GPP narrow band internet of things (NB-IoT) standard. Particular examples of such machines or devices are sensors, metering devices such as power meters, industrial machinery, or home or personal appliances, for example refrigerators, televisions, personal wearables such as watches etc. In other scenarios, a terminal device may represent a vehicle or other equipment that is capable of monitoring and/or reporting on its operational status or other functions associated with its operation.

References in the specification to “one embodiment, ” “an embodiment, ” “an example embodiment, ” and the like indicate that the embodiment described may include a particular feature, structure, or characteristic, but it is not necessary that every embodiment includes the particular feature, structure, or characteristic. Moreover, such phrases are not necessarily referring to the same embodiment. Further, when a particular feature, structure, or characteristic is described in connection with an embodiment, it is submitted that it is within the knowledge of one skilled in the art to affect such feature, structure, or characteristic in connection with other embodiments whether or not explicitly described.

It shall be understood that although the terms “first” and “second” etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first element could be termed a second element, and similarly, a second element could be termed a first element, without departing from the scope of example embodiments. As used herein, the term “and/or” includes any and all combinations of one or more of the associated listed terms.

As used herein, the phrase “at least one of A and B” should be understood to mean “only A, only B, or both A and B. ” The phrase “A and/or B” should be understood to mean “only A, only B, or both A and B. ”

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments. As used herein, the singular forms “a” , “an” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms “comprises” , “comprising” , “has” , “having” , “includes” and/or “including” , when used herein, specify the presence of stated features, elements, and/or components etc., but do not preclude the presence or addition of one or more other features, elements, components and/or combinations thereof.

It is noted that these terms as used in this document are used only for ease of description and differentiation among nodes, devices or networks etc. With the development of the technology, other terms with the similar/same meanings may also be used.

In the following description and claims, unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skills in the art to which this disclosure belongs.

It is noted that some embodiments of the present disclosure are mainly described in relation to 5G network being used as non-limiting examples for certain exemplary network configurations and system deployments. As such, the description of exemplary embodiments given herein specifically refers to terminology which is directly related thereto. Such terminology is only used in the context of the presented non-limiting examples and embodiments, and does naturally not limit the present disclosure in any way. Rather, any other system configuration or radio technologies may equally be utilized as long as exemplary embodiments described herein are applicable.

For simplicity, the system architectures of FIGs. 1a-1b only depict some exemplary elements. In practice, a communication system may further include any additional elements suitable to support communication between terminal devices or between a wireless device and another communication device, such as a landline telephone, a service provider, or any other network node or terminal device. The communication system may provide communication and various types of services to one or more terminal devices to facilitate the terminal devices’ access to and/or use of the services provided by, or via, the communication system.

FIG. 1a schematically shows a high level architecture in 5G network. FIG. 1a is same as Figure 4.2.3-1 of 3GPP TS 23.501 V16.3.0, the disclosure of which is incorporated by reference herein in its entirety. The system architecture of FIG. 1a may comprise some exemplary elements such as AMF, SMF, AUSF, UDM, PCF, AF, NEF, UPF and NRF, (R) AN, SCP, etc. The network elements, reference points and interfaces as shown in FIG. 1a may be same as the corresponding network elements, reference points and interfaces as described in 3GPP TS 23.501 V16.3.0.

In accordance with an exemplary embodiment, the UE can establish a signaling connection with the AMF over the reference point N1, as illustrated in FIG. 1a. This signaling connection may enable NAS (Non-access stratum) signaling exchange between the UE and the core network, comprising a signaling connection between the UE and the (R) AN and the N2 connection for this UE between the (R) AN and the AMF. The (R) AN can communicate with the UPF over the reference point N3. The UE can establish a protocol data unit (PDU) session to the DN (data network, e.g. an operator network or Internet) through the UPF over the reference point N6.

As further illustrated in FIG. 1a, the exemplary system architecture also contains the service-based interfaces such as Nnrf, Nnef, Nausf, Nudm, Npcf, Namf and Nsmf exhibited by NFs such as the NRF, the NEF, the AUSF, the UDM, the PCF, the AMF and the SMF. In addition, FIG. 1a also shows some reference points such as N1, N2, N3, N4, N6 and N9, which can support the interactions between NF services in the NFs. For example, these reference points may be realized through corresponding NF service-based interfaces and by specifying some NF service consumers and providers as well as their interactions in order to perform a particular system procedure.

FIG. 1b schematically shows a data storage architecture. FIG. 1b is same as Figure 4.2.5-2 of 3GPP TS 23.501 V16.3.0. As depicted in FIG. 1b, the 5G system architecture allows the UDM, PCF and NEF to store data in the UDR, including subscription data and policy data by UDM and PCF, structured data for exposure and application data (including Packet Flow Descriptions (PFDs) for application detection, AF request information for multiple UEs) by the NEF. UDR can be deployed in each PLMN and it can serve different functions as follows:

- UDR accessed by the NEF belongs to the same PLMN where the NEF is located.

- UDR accessed by the UDM belongs to the same PLMN where the UDM is located if UDM supports a split architecture.

- UDR accessed by the PCF belongs to the same PLMN where the PCF is located.

The UDR deployed in each PLMN can store application data for roaming subscribers. There can be multiple UDRs deployed in the network, each of which can accommodate different data sets or subsets, (e.g. subscription data, subscription policy data, data for exposure, application data) and/or serve different sets of NFs. Deployments where a UDR serves a single NF and stores its data, and, thus, can be integrated with this NF, can be possible.

The internal structure of the UDR is shown for information only.

The Nudr interface is defined for the network functions (i.e. NF Service Consumers) , such as UDM, PCF and NEF, to access a particular set of the data stored and to read, update (including add, modify) , delete, and subscribe to notification of relevant data changes in the UDR.

Each NF Service Consumer accessing the UDR, via Nudr, shall be able to add, modify, update or delete only the data it is authorised to change. This authorisation shall be performed by the UDR on a per data set and NF service consumer basis and potentially on a per UE, subscription granularity.

The following data in the UDR sets exposed via Nudr to the respective NF service consumer and stored shall be standardized:

- Subscription Data,

- Policy Data,

- Structured Data for exposure,

- Application data: Packet Flow Descriptions (PFDs) for application detection and AF request information for multiple UEs.

The service based Nudr interface defines the content and format/encoding of the 3GPP defined information elements exposed by the data sets.

In addition, it shall be possible to access operator specific data sets by the NF Service Consumers from the UDR as well as operator specific data for each data set.

The content and format/encoding of operator specific data and operator specific data sets are not subject to standardization.

The organization of the different data stored in the UDR is not to be standardized.

FIG. 2 shows a security procedure for steering of UE in VPLMN after registration, which is same as the Figure 6.14.2.2-1 of 3GPP TS33.501 V16.1.0, the disclosure of which is incorporated by reference herein in its entirety. The steps as shown in FIG. 2 are same as the corresponding steps as described in clause 6.14.2.2 of 3GPP TS33.501 V16.1.0.

At step 1, the UDM decides to notify the UE of the changes to the Steering Information List by the means of invoking Nudm_SDM_Notification service operation.

At steps 2-3, the UDM shall invoke Nausf_SoRProtection service operation message by including the SoR (Steering of Roaming) header and Steering Information List to the AUSF to get SoR-MAC-I _AUSF and Counter _SoR as specified in sub-clause 14.1.3 of 3GPP TS33.501 V16.1.0. If the HPLMN (home public land mobile network) decided that the UE is to acknowledge (ACK) the successful security check of the received Steering Information List, then the UDM shall set the corresponding indication in the SoR header and include the ACK Indication in the Nausf_SoRProtection service operation message to signal that it also needs the expected SoR-XMAC-I _UE, as specified in sub-clause 14.1.3 of 3GPP TS33.501 V16.1.0.

The details of the Counter _SoR is specified in sub-clause 6.14.2.3 of 3GPP TS33.501 V16.1.0. The inclusion of Steering Information List and the acknowledge indication in the calculation of SoR-MAC-IAUSF allows the UE to verify that the Steering Information List received is not tampered with or removed by the visited public land mobile network (VPLMN) and if the UDM requested an acknowledgement. The inclusion of these information in the calculation of the expected SoR-XMAC-I _UE allows the UDM to verify that the UE received the Steering Information.

At step 4, the UDM shall invoke Nudm_SDM_Notification service operation, which contains the list of preferred PLMN/access technology combinations, SoR-MAC-I _AUSF, Counter _SoR within the Access and Mobility Subscription data and the SoR header. If the UDM requests an acknowledgement, it shall temporarily store the expected SoR-XMAC-I _UE.

At step 5, upon receiving the Nudm_SDM_Notification message, the AMF shall send a DL (downlink) NAS Transport message to the served UE. The AMF shall include in the DL NAS Transport message the transparent container received from the UDM.

At step 6, on receiving the DL NAS Transport message, the UE shall calculate the SoR-MAC-I _AUSF in the same way as the AUSF (as specified in Annex A. 17 of 3GPP TS33.501 V16.1.0) on the received Steering information, the Counter _SoR and the SoR header and verifies whether it matches the SoR-MAC-I _AUSF value received in the DL NAS Transport message.

At step 7, if the UDM has requested an acknowledgement from the UE and the UE verified that the Steering Information List has been provided by the HPLMN, then the UE shall send the UL (uplink) NAS Transport message to the serving AMF. The UE shall generate the SoR-MAC-I _UE as specified in Annex A. 18 and includes the generated SoR-MAC-I _UE in a transparent container in the UL NAS Transport message.

At step 8, the AMF shall send a Nudm_SDM_Info request message to the UDM. If a transparent container with the SoR-MAC-I _UE was received in the UL NAS Transport message, the AMF shall include the transparent container in the Nudm_SDM_Info request message.

At step 9, if the HPLMN indicated that the UE is to acknowledge the successful security check of the received Steering Information List, then the UDM shall compare the received SoR-MAC-I _UE with the expected SoR-XMAC-I _UE that the UDM stored temporarily in step 4 of FIG. 2.

The AUSF and the UE shall associate a 16-bit counter, Counter _SoR, with the key K _AUSF. The UE shall initialize the Counter _SoR to 0x00 0x00 when the K _AUSF is derived. To generate the SoR-MAC-I _AUSF, the AUSF shall use a counter, called a Counter _SoR. The Counter _SoR shall be incremented by the AUSF for every new computation of the SoR-MAC-I _AUSF. The Counter _SoR is used as freshness input into SoR-MAC-I _AUSF and SoR-MAC-I _UE derivations as described in the Annex A. 17 and Annex A. 18 of 3GPP TS33.501 V16.1.0 respectively, to mitigate the replay attack. The AUSF shall send the value of the Counter _SoR (used to generate the SoR-MAC-I _AUSF) along with the SoR-MAC-I _AUSF to the UE. The UE shall only accept Counter _SoR value that is greater than stored Counter _SoR value. The UE shall store the received Counter _SoR, only if the verification of the received SoR-MAC-I _AUSF is successful. The UE shall use the stored Counter _SoR received from the HPLMN, when deriving the SoR-MAC-I _UE for the SoR acknowledgement.

The AUSF and the UE shall maintain the Counter _SoR for lifetime of the K _AUSF.

The AUSF that supports the control plane solution for steering of roaming (SoR) shall initialize the Counter _SoR to 0x00 0x01 when the K _AUSF is derived. The AUSF shall set the Counter _SoR to 0x00 0x02 after the first calculated SoR-MAC-I _AUSF, and monotonically increment it for each additional calculated SoR-MAC-I _AUSF. The SoR Counter value of 0x00 0x00 shall not be used to calculate the SoR-MAC-I _AUSF and SoR-MAC-I _UE.

The AUSF shall suspend the SoR protection service for the UE, if the Counter _SoR associated with the K _AUSF of the UE, is about to wrap around. When a fresh K _AUSF is generated for the UE, the Counter _SoR at the AUSF is reset to 0x00 0x01 as defined above and the AUSF shall resume the SoR protection service for the UE.

FIG. 3 shows a security procedure for UE parameters update, which is same as the Figure 6.15.2.1-1 of 3GPP TS33.501 V16.1.0. The steps as shown in FIG. 3 are same as the corresponding steps as described in clause 6.15.2 of 3GPP TS33.501 V16.1.0.

At step 1, the UDM decides to perform the UE Parameters Update (UPU) using the control plane procedure while the UE is registered to the 5G system. If the final consumer of any of the UE parameters to be updated (e.g., the updated Routing ID (identifer) Data) is the USIM (Universal Subscriber Identity Module) , the UDM shall protect these parameters using a secured packet mechanism to update the parameters stored on the USIM. The UDM shall then prepare the UE Parameters Update Data (UPU Data) by including the parameters protected by the secured packet, if any, as well as any UE parameters for which final consumer is the ME (Mobile Equipment) .

At steps 2-3, the UDM shall invoke Nausf_UPUProtection service operation message by including the UPU Data to the AUSF to get UPU-MAC-I _AUSF and Counter _UPU as specified in sub-clause 14.1.4 of 3GPP TS33.501 V16.1.0. If the UDM decided that the UE is to acknowledge the successful security check of the received UE Parameters Update Data, then the UDM shall set the corresponding indication in the UE Parameters Update Data (see TS 24.501 [35] ) and include the ACK Indication in the Nausf_UPUProtection service operation message to signal that it also needs the expected UPU-XMAC-I _UE, as specified in sub-clause 14.1.4 of 3GPP TS33.501 V16.1.0.

The details of the Counter _UPU is specified in sub-clause 6.15.2.2 of 3GPP TS33.501 V16.1.0. The inclusion of UE Parameters Update Data in the calculation of UPU-MAC-I _AUSF allows the UE to verify that it has not been tampered by any intermediary. The expected UPU-XMAC-I _UE allows the UDM to verify that the UE received the UE Parameters Update Data correctly.

At step 4, the UDM shall invoke Nudm_SDM_Notification service operation, which contains UE Parameters Update Data, UPU-MAC-I _AUSF, Counter _UPU within the Access and Mobility Subscription data. If the UDM requests an acknowledgement, it shall temporarily store the expected UPU-XMAC-I _UE.

At step 5, upon receiving the Nudm_SDM_Notification message, the AMF shall send a DL NAS Transport message to the served UE. The AMF shall include in the DL NAS Transport message the transparent container received from the UDM.

At step 6, on receiving the DL NAS Transport message, the UE shall calculate the UPU-MAC-I _AUSF in the same way as the AUSF (as specified in Annex A. 19 of 3GPP TS33.501 V16.1.0 on the received UE Parameters Update Data and the Counter _UPU and verify whether it matches the UPU-MAC-I _AUSF value received in the DL NAS Transport message. If the verification of UPU-MAC-I _AUSF is successful and the UPU Data contains any parameters that are protected by secured packet, the ME shall forward the secured packet to the USIM using procedures in 3GPP TS 31.111 V15.8.0. If the verification of UPU-MAC-I _AUSF is successful and the UPU Data contains any parameters that are not protected by secure packet, the ME shall update its stored parameters with the received parameters in UDM Updata Data.

At step 7, if the UDM has requested an acknowledgement from the UE and the UE has successfully verified and updated the UE Parameters Update Data provided by the UDM, then the UE shall send the UL NAS Transport message to the serving AMF. The UE shall generate the UPU-MAC-I _UE as specified in Annex A. 20 of 3GPP TS33.501 V16.1.0 and include the generated UPU-MAC-I _UE in a transparent container in the UL NAS Transport message.

At step 8, if a transparent container with the UPU-MAC-I _UE was received in the UL NAS Transport message, the AMF shall send a Nudm_SDM_Info request message with the transparent container to the UDM.

At step 9, if the UDM indicated that the UE is to acknowledge the successful security check of the received UE Parameters Update Data, then the UDM shall compare the received UPU-MAC-I _UE with the expected UPU-XMAC-I _UE that the UDM stored temporarily in step 4 of FIG. 3.

The AUSF and the UE shall associate a 16-bit counter, Counter _UPU, with the key K _AUSF. The UE shall initialize the Counter _UPU to 0x00 0x00 when the K _AUSF is derived. To generate the UPU-MAC-I _AUSF, the AUSF shall use a counter, called a Counter _UPU. The Counter _UPU shall be incremented by the AUSF for every new computation of the UPU-MAC-I _AUSF. The Counter _UPU is used as freshness input into UPU-MAC-I _AUSF and UPU-MAC-I _UE derivations as described in the Annex A. 19 and Annex A. 20 of 3GPP TS33.501 V16.1.0 respectively, to mitigate the replay attack. The AUSF shall send the value of the Counter _UPU (used to generate the UPU-MAC-I _AUSF) along with the UPU-MAC-I _AUSF to the UE. The UE shall only accept Counter _UPU value that is greater than stored Counter _UPU value. The UE shall update the stored Counter _UPU with the received Counter _UPU, only if the verification of the received UPU-MAC-I _AUSF is successful. The UE shall use the Counter _UPU received from the UDM, when deriving the UPU-MAC-I _UE for the UE Parameters Upadate Data acknowledgement.

The AUSF and the UE shall maintain the Counter _UPU for lifetime of the K _AUSF. The AUSF that supports the UE parameters update using control plane procedure shall initialize the Counter _UPU to 0x00 0x01 when the K _AUSF is derived. The AUSF shall set the Counter _UPU to 0x00 0x02 after the first calculated UPU-MAC-I _AUSF, and monotonically increment it for each additional calculated UPU-MAC-I _AUSF. The UPU Counter value of 0x00 0x00 shall not be used to calculate the UPU-MAC-I _AUSF and UPU-MAC-I _UE.

The AUSF shall suspend the UE Parameters Update protection service for the UE, if the Counter _UPU associated with the K _AUSF of the UE, is about to wrap around. When a fresh K _AUSF is generated for the UE, the Counter _UPU at the AUSF is reset to 0x00 0x01 as defined above and the AUSF shall resume the UE Parameters Update protection service for the UE.

There are some problems for the procedures as shown in FIGs. 2-3. For example, for the procedure for steering of UE in VPLMN after registration, it is specified in clause 6.14.2.3 of 3GPP TS33.501 V16.1.0 that the AUSF shall suspend SoR protection service if the Counter _SoR associated with the K _AUSF of the UE is about to wrap around and can only be resumed when a fresh K _AUSF is generated for the UE. But how this suspending state of AUSF for the SoR protection service for the UE is synchronized to UDM and when UDM could resume the SoR information list update procedure is unknown.

For the procedure for UE parameters update, it is also specified in clause 6.15.2.2 3GPP TS33.501 V16.1.0 that AUSF shall suspend UE parameters update protection service if the Counter _UPU associated with the K _AUSF of the UE is about to wrap around and can only be resumed when a fresh K _AUSF is generated for the UE. But how this suspending state of AUSF for the UE parameters update protection service for the UE is synchronized to UDM and when UDM could reuse the UE parameters update procedure is unknown.

If UDM and AUSF is not synchronized on the counter wrap around handling for the SoR protection service and UPU protection service, unnecessary network traffic can’t be avoided. For example, during AUSF’s suspending period of the SoR protection service for the UE, UDM may continue to consume AUSF’s SoR protection service before K _AUSF is refreshed which would be failed in vain. During AUSF’s suspending period of the UPU protection service for the UE, UDM may continue to consume AUSF’s UPU protection service before K _AUSF is refreshed which would be failed in vain.

FIG. 4 shows a flowchart of a method 400 according to an embodiment of the present disclosure, which may be performed by an apparatus implemented in or at or as a data management entity or communicatively coupled to the a data management entity. As such, the apparatus may provide means or modules for accomplishing various parts of the method 400 as well as means or modules for accomplishing other processes in conjunction with other components. The data management entity may support any suitable data management functionality. In an embodiment, the data management entity may be UDM.

At block 402, the data management entity obtains information regarding whether a service for a user equipment is suspended. The service for the user equipment may be any suitable service which can be triggered or initiated by the data management entity. In an embodiment, the service for the user equipment may comprise at least one of a procedure for steering of the user equipment in a visited network and a procedure for the user equipment parameters update. For example, the procedure for steering of the user equipment in the visited network may be the procedure for steering of UE in VPLMN after registration as described in clause 6.14.2.2 of 3GPP TS33.501 V16.1.0. The procedure for the user equipment parameters update may be the procedure for the user equipment parameters update as described in clause 6.15.2.1 of 3GPP TS33.501 V16.1.0.

The data management entity may obtain information regarding whether the service for the user equipment is suspended in various ways. For example, when the information regarding whether the service for the user equipment is suspended is stored in the data management entity, the data management entity may obtain information regarding whether the service for the user equipment is suspended by itself. When the information regarding whether the service for the user equipment is suspended is stored in another network entity, the data management entity may obtain this information from said another network entity. Said another network entity may be any suitable network entity such as a data repository entity or another network entity. For example, when a network entity determines that the service for the user equipment is suspended, the network entity may send information that the service for the user equipment is suspended to the data management entity. The sent information may be an explicit or implicit notification. For example, in case of implicit notification, at least one parameter (such as the value of the counter) may implicitly indicate the information regarding whether the service for the user equipment is suspended.

The data management entity may obtain information regarding whether the service for the user equipment is suspended due to various reasons. For example, when another network entity determines to suspend or resume the service for the user equipment, said another network entity may send this information to the data management entity. When the data management entity may decide to send a request for the service for a user equipment, the data management entity may be triggered to obtain this information.

In an embodiment, the service for the user equipment may be configured with a counter for mitigating a replay attack and when the counter for mitigating a replay attack is about to wrap around, a subsequent request of the service for the user equipment is suspended. For example, when the data management entity obtains the counter from another network entity and determines that the counter for mitigating a replay attack is about to wrap around, the data management entity may suspend a subsequent request of the service for the user equipment.

At block 404, the data management entity may determine whether to suspend the service for the user equipment based on the obtained information.

In an embodiment, in response to a determination that the service for the user equipment is suspended, the data management entity may suspend the service for the user equipment.

In an embodiment, in response to a determination that the service for the user equipment is not suspended, the data management entity may continue to consume the service for the user equipment.

At block 406, optionally, the data management entity, in response to a determination that the service for the user equipment is not suspended, may send a request to an authentication entity to get a value for integrity protection and a counter for mitigating a replay attack. The counter may be used as freshness input into a derivation of the value for integrity protection. In an embodiment, the authentication entity may be AUSF.

At block 408, optionally, the data management entity may receive a response including the value for integrity protection and the counter for mitigating the replay attack from the authentication entity.

Blocks

406 and 408 may provide a security mechanism for the service for the user equipment.

At block 410, optionally, when the received counter is about to wrap around, the data management entity may suspend a subsequent request of the service for the user equipment. It is noted that a current request of the service for the user equipment may be performed.

In an embodiment, the value for mitigating the replay attack may be SoR-MAC-I _AUSF and/or SoR-XMAC-I _UE as described in 3GPP TS33.501 V16.1.0. In an embodiment, the value for mitigating the replay attack may be UPU-MAC-I _AUSF and/or UPU-XMAC-I _UE as described in 3GPP TS33.501 V16.1.0.

At block 412, optionally, when the received counter is about to wrap around, the data management entity may suspend a subsequent request of the service for the user equipment.

At block 414, optionally, when the received counter is about to wrap around, the data management entity may send a request for storing information regarding the service for the user equipment is suspended to the data repository entity. In other embodiment, the information regarding the service for the user equipment is suspended may be stored in the data management entity.

At block 416, optionally, when the received counter is about to wrap around, the data management entity may trigger a user equipment re-authentication procedure for example as described in 3GPP TS 23.501 V16.3.0. For example, the user equipment re-authentication procedure may be triggered when a procedure of the service for the user equipment is finished.

FIG. 5 shows a flowchart of a method 500 according to another embodiment of the present disclosure. In this embodiment, the information regarding whether the service for the user equipment is suspended is stored in a data repository entity, the data management entity may obtain this information from the data repository entity and then determine whether the service for the user equipment is suspended.

At block 502, the data management entity may send a request for querying information regarding whether the service for the user equipment is suspended to a data repository entity. For example, the data management entity such as UDM may query from a data repository entity such as UDR of the UE authentication status through a query service such as Nudr_DM_Query service operation about whether the service for the UE has been suspended or not. As used herein, the term “Nudr_DM” is renamed as “Nudr_DR” in 3GPP stage 3 phase, when Nudr_DM is present, it could be exchanged with Nudr_DR.

At block 504, the data management entity may receive a response including a query result from the data repository entity. For example, the UDR may send back the queried UE authentication status which may include information of suspended flag. If the flag is true, which means the service for the UE is suspended. If the flag is false or absent, which means the service for the UE is not suspended.

In an embodiment, the information regarding whether the service for the user equipment is suspended is a Boolean flag. When the Boolean flag is true, it indicates that the service for the user equipment is suspended. When the Boolean flag is false or absent, it indicates that the service for the user equipment is not suspended.

FIG. 6 shows a flowchart of a method 600 according to another embodiment of the present disclosure.

At block 602, the data management entity may receive an authentication result for the user equipment from an authentication entity such as AUSF. The authentication may be suitable authentication for example depending on the specific network. In an embodiment, the authentication may be a UE primary authentication procedure using an EAP-AKA’ (Extensible Authentication Protocol-Authentication and Key Agreement) method or 5G-AKA (5G-Authentication and Key Agreement) method as defined in clause 6.1.3 of 3GPP TS 33.501 V16.1.0.

At block 604, when the authentication result indicates a successful authentication and the service for the user equipment is suspended, the data management entity may resume the service for the user equipment.

At block 606, when the result of the authentication procedure indicates the successful authentication, the data management entity may send a request for storing information regarding the service for the user equipment is not suspended to a data repository entity such as UDR. In other embodiment, the information regarding the service for the user equipment is not suspended may be stored in the data management entity.

FIG. 7 shows a flowchart of a method 700 according to another embodiment of the present disclosure, which may be performed by an apparatus implemented in or at or as a data repository entity such as UDR or communicatively coupled to the a data repository entity. As such, the apparatus may provide means or modules for accomplishing various parts of the method 700 as well as means or modules for accomplishing other processes in conjunction with other components. For some parts which have been described in the above embodiments, detailed description thereof is omitted here for brevity. In this embodiment, the data repository entity may store information regarding whether a service for a user equipment is suspended.

At block 702, the data repository entity receives a request for querying information regarding whether a service for a user equipment is suspended from a data management entity.

At block 704, the data repository entity sends a response including a query result to the data management entity

At block 706, optionally, the data repository entity receives a request for storing information regarding whether the service for the user equipment is suspended from the data management entity.

At block 708, optionally, the data repository entity stores the information regarding whether the service for the user equipment is suspended.

FIG. 8 depicts a flowchart of the synchronization of Counter _SoR wrap around handling for SoR protection service between AUSF and UDM according to an embodiment of the present disclosure.

When the Counter _SoR is about to wrap around, the AUSF suspend the SoR protection service for later SoR protection requests, and at the same time, UDM suspends the consumption of the AUSF SoR protection service for later SoR information list update to the UE.

The current round of SoR information list update to the UE could still succeed. Some steps are added for the synchronization of Counter _SoR wrap around handling for SoR protection service. Please be noted that not all steps are restricted to the orders depicted in FIG. 8.

Step 801: The UDM decides to notify the UE of the changes to the Steering Information List.

Inventive steps (Step 802-804) are added for UDM to check whether SoR protection service is suspended for the UE before invoking Nausf_SoRProtection service operation. As an embodiment described in step 807-809, when UDM is aware of that Counter _SoR associated with the K _AUSF of the UE is about to wrap around, UDM set a SoR protection service suspended flag into UDR by updating the authentication status.

Step 802: UDM may query from UDR of the UE authentication status through a Nudr_DM _Query service operation especially about whether the SoR protection service for the UE is suspended or not.

Step 803: UDR may send back the queried UE authentication status which includes information of SoR protection suspended flag.

Alternative 1 (Alt1) : If the flag is true, which means the SoR protection service for the UE is suspended.

Alternative 2 (Alt2) : If the flag is false or absent, which means the SoR protection service for the UE is not suspended.

Step 804: as Alt1, the SoR protection suspended flag is true, so UDM may suspend the SoR information list update to the UE, steps 805-818 shall be skipped.

In the prior art, UDM and AUSF are not synchronized on the counter wrap around handling for the SoR protection service, during AUSF’s suspending period of the SoR protection service for the UE, UDM may continue to consume AUSF’s SoR protection service before K _AUSF is refreshed which would be failed in vain.

Step 805: As Alt2, the UDM may invoke Nausf_SoRProtection service operation message by including the SoR header and Steering Information List to the AUSF to get SoR-MAC-I _AUSF and Counter _SoR. If the HPLMN decided that the UE is to acknowledge the successful security check of the received Steering Information List, then the UDM shall set the corresponding indication in the SoR header and include the ACK indication in the Nausf_SoRProtection service operation message to signal that it also needs the expected SoR-XMAC-I _UE.

Depends on whether the Counter _SoR is about to wrap around, two alternative flow follows:

Alt2.1: Counter _SoR is about to wrap around, which means allocated Counter _SoR would be the allowed maximum one

Alt2.2: Counter _SoR is not about to wrap around, which means allocated Counter _SoR would not be the allowed maximum one

Step 806: AUSF may send the Nasuf_SoRProtection Response to UDM, includes the SoR-MAC-I _AUSF, SoR-XMAC-I _UE if ACK Indication indicates that UE acknowledge is needed, and the Counter _SoR. As Alt2.1, Counter _SoR is about to wrap around, so allocated Counter _SoR is the allowed maximum one in this step.

Step 807: Synchronized counter wrap around handling between AUSF and UDM for SoR protection service. AUSF suspends SoR protection service for the UE for later SoR protection requests, which means if UDM continue to send SoR protection service request to AUSF for the UE, it will be rejected by AUSF as no available Counter _SoR could be allocated any more. UDM suspends the consumption of the AUSF SoR protection service for later SoR information list update to the UE, which means UDM should avoid sending SoR protection service request to AUSF for the UE, so an obvious advantage is to avoid unnecessary network traffic and improve network performance.

Step 808: when UE authentication status can be stored in a UDR, UDM updates the UE authentication status to set the SoR protection service suspended flag for the UE to true through a Nudr_DM_Update service operation.

Step 809: UDR confirms the UE authentication status update operation

Step 810: The UDM invokes Nudm_SDM_Notification service operation, which contains the list of preferred PLMN/access technology combinations, SoR-MAC-I _AUSF, Counter _SoR and the SoR header. If the UDM requests an acknowledgement, it shall temporarily store the expected SoR-XMAC-I _UE.

Step 811: Upon receiving the Nudm_SDM_Notification message, the AMF shall send a DL NAS Transport message to the served UE. The AMF shall include in the DL NAS Transport message the transparent container received from the UDM.

Step 812: On receiving the DL NAS Transport message, the UE shall calculate the SoR-MAC-I _AUSF in the same way as the AUSF on the received Steering information, the Counter _SoR and the SoR header and verifies whether it matches the SoR-MAC-I _AUSF value received in the DL NAS Transport message.

Step 813: If the UDM has requested an acknowledgement from the UE and the UE verified that the Steering Information List has been provided by the HPLMN, then the UE shall send the UL NAS Transport message to the serving AMF. The UE shall generate the SoR-MAC-I _UE and includes the generated SoR-MAC-I _UE in a transparent container in the UL NAS Transport message.

Step 814: The AMF shall send a Nudm_SDM_Info request message to the UDM. If a transparent container with the SoR-MAC-I _UE was received in the UL NAS Transport message, the AMF shall include the transparent container in the Nudm_SDM_Info request message.

Step 815: If the HPLMN indicated that the UE is to acknowledge the successful security check of the received Steering Information List, then the UDM shall compare the received SoR-MAC-I _UE with the expected SoR-XMAC-I _UE that the UDM stored temporarily in step 810.

Step 816: UDM may trigger a UE re-authentication procedure for K _AUSF refreshing to resume the SoR protection service at AUSF, as an embodiment it is for UDM to notify AMF to initiate a UE primary authentication procedure, or UDM may wait for a next round of primary authentication procedure triggered by other ways for K _AUSF refreshing.

Step 817: AMF initiates the UE primary authentication procedure.

Step 818: As Alt2.2, Counter _SoR is not about to wrap around, steps 3-9 of Figure 6.14.2.2-1 as defined in 3GPP TS 33.501 V16.1.0 shall be executed.

FIG. 9 depicts a flowchart of the synchronization of Counter _UPU wrap around handling for UPU protection service between AUSF and UDM according to an embodiment of the present disclosure.

When the Counter _UPU is about to wrap around, the AUSF suspends the UPU protection service for later UPU protection requests, and at the same time, UDM suspends the consumption of the AUSF UPU protection service for later UE Parameters Update to the UE.

The current round of UE Parameters Update to the UE could still succeed. Some steps are added for the synchronization of Counter _UPU wrap around handling for UPU protection service. Please be noted that not all steps are restricted to the orders depicted in FIG. 9.

Step 901: The UDM decides to perform the UE Parameters Update (UPU) using the control plane procedure while the UE is registered to the 5G system.

Steps 902-904 are added for UDM to check whether UPU protection service is suspended for the UE before invoking Nausf_UPUProtection service operation. As an embodiment described in step 907-909, when UDM is aware of that Counter _UPU associated with the K _AUSF of the UE is about to wrap around, UDM set a UPU protection service suspended flag into UDR by updating the authentication status.

Step 902: UDM queries from UDR of the UE authentication status through a Nudr_DM_Query service operation especially about whether the UPU protection service for the UE has been suspended or not.

Step 903: UDR sends back the queried UE authentication status which includes information of UPU protection suspended flag

Alt1: if the flag is true, which means the UPU protection service for the UE is suspended

Alt2: if the flag is false or absent, which means the UPU protection service for the UE is not suspended

Step 904: As Alt1, the UPU protection suspended flag is true, so UDM suspends the UE Parameters Update to the UE, step 905-918 shall be skipped

In the prior art, UDM and AUSF is not synchronized on the counter wrap around handling for the UPU protection service, during AUSF’s suspending period of the UPU protection service for the UE, UDM still continue to consume AUSF’s UPU protection service before K _AUSF is refreshed which would be failed in vain.

Step 905: As Alt2, the UDM invokes Nausf_UPUProtection service operation message by including the UPU Data to the AUSF to get UPU-MAC-I _AUSF and Counter _UPU. If the UDM decided that the UE is to acknowledge the successful security check of the received UE Parameters Update Data, then the UDM shall set the corresponding indication in the UE Parameters Update Data and include the ACK Indication in the Nausf_UPUProtection service operation message to signal that it also needs the expected UPU-XMAC-I _UE.

Depends on whether the Counter _UPU is about to wrap around, two alternative flow follows:

Alt2.1: Counter _UPU is about to wrap around, which means allocated Counter _UPU would be the allowed maximum one.

Alt2.2: Counter _UPU is not about to wrap around, which means allocated Counter _UPU would not be the allowed maximum one.

Step 906: AUSF sends the Nasuf_SoRProtection Response to UDM, which includes the UPU-MAC-I _AUSF, UPU-XMAC-I _UE if ACK Indication indicates that UE acknowledge is needed, and the Counter _UPU. As Alt2.1, Counter _UPU is about to wrap around, so allocated Counter _UPU is the allowed maximum one in this step.

Step 907: Synchronized counter wrap around handling between AUSF and UDM for UPU protection service. AUSF suspends UPU protection service for the UE for later UPU protection requests, which means if UDM continue to send UPU protection service request to AUSF, it will be rejected by AUSF as no available Counter _UPU could be allocated any more. UDM suspends the consumption of the AUSF UPU protection service for later UE Parameters Update to the UE, which means UDM should avoid sending UPU protection service request to AUSF for the UE, so one obvious advantage is to avoid unnecessary network traffic and improve network performance.

Step 908: when UE authentication status could be stored in a Unified Data Repository (UDR) , UDM updates the UE authentication status to set the UPU protection service suspended flag for the UE to true through a Nudr_DM_Update service operation.

Step 909: UDR confirmed the UE authentication status update operation.

Step 910: The UDM shall invoke Nudm_SDM_Notification service operation, which contains UE Parameters Update Data, UPU-MAC-I _AUSF, Counter _UPU. If the UDM requests an acknowledgement, it shall temporarily store the expected UPU-XMAC-I _UE.

Step 911: Upon receiving the Nudm_SDM_Notification message, the AMF shall send a DL NAS Transport message to the served UE. The AMF shall include in the DL NAS Transport message the transparent container received from the UDM.

Step 912: On receiving the DL NAS Transport message, the UE shall calculate the UPU-MAC-I _AUSF in the same way as the AUSF on the received UE Parameters Update Data and the Counter _UPU and verify whether it matches the UPU-MAC-I _AUSF value received in the DL NAS Transport message. If the verification of UPU-MAC-I _AUSF is successful and the UPU Data contains any parameters that is protected by secured packet, the ME shall forward the secured packet to the USIM. If the verification of UPU-MAC-IAUSF is successful and the UPU Data contains any parameters that is not protected by secure packet, the ME shall update its stored parameters with in UDM Updata Data.

Step 913: If the UDM has requested an acknowledgement from the UE and the UE has successfully verified and updated the UE Parameters Update Data provided by the UDM, then the UE shall send the UL NAS Transport message to the serving AMF. The UE shall generate the UPU-MAC-I _UE and include the generated UPU-MAC-I _UE in a transparent container in the UL NAS Transport message.

Step 914: If a transparent container with the UPU-MAC-IUE was received in the UL NAS Transport message, the AMF shall send a Nudm_SDM_Info request message with the transparent container to the UDM.

Step 915: If the UDM indicated that the UE is to acknowledge the successful security check of the received UE Parameters Update Data, then the UDM shall compare the received UPU-MAC-I _UE with the expected UPU-XMAC-I _UE that the UDM stored temporarily in step 910.

Step 916: UDM may trigger a UE re-authentication procedure for K _AUSF refreshing to resume the UPU protection service at AUSF, as an embodiment it is for UDM to notify AMF to initiate a UE primary authentication procedure, or UDM may wait for a next round of primary authentication procedure triggered by other ways for K _AUSF refreshing.

Step 917: AMF initiates the UE primary authentication procedure.

Step 918: As Alt2.2, Counter _UPU is not about to wrap around, steps 3-9 of Figure 6.15.2-1 as defined in 3GPP TS 33.501 V16.1.0 shall be executed.

FIG. 10 depicts a flowchart of the synchronized resuming of SoR/UPU protection service according to an embodiment of the present disclosure.

Once getting the new success authentication result confirmation, UDM may clear the SoR protection suspended flag and resume SoR information list update to the UE, and/or UDM may clear the UPU protection suspended flag and resume UE parameters update to the UE.

Some steps are added for synchronized resuming of SoR/UPU protection service.

Step 1001: UE primary authentication procedure is initiated, using an EAP-AKA’ method or 5G-AKA method as defined in 6.1.3 of 3GPP TS 33.501 V16.1.0. Please be noted that this step may be triggered by UDM for a UE re-authentication as depicted in steps 806 and 906 of FIGs. 8-9 when UDM is knowing that the Counter _SoR or Counter _UPU is about to wrap around.

Step 1002: The AUSF informs UDM about the result and time of an authentication procedure with a UE using a Nudm_UEAuthentication_ResultConfirmation Request. This shall include the SUPI, a timestamp of the authentication, the authentication type (e.g. EAP-AKA’ method or 5G-AKA) , and the serving network name. In the example, the result is true to indicate a success authentication.

Step 1003: Synchronized resuming of SoR and/or UPU protection service. AUSF: Resume SoR and/or UPU protection service for the UE. UDM resumes SoR Information List and/or UE parameters update to the UE.

Step 1004: The UDM shall store or update the authentication status of the UE (SUPI, authentication result, timestamp, and the serving network name) . If it is stored in Unified Data Repository (UDR) , UDM queries UDM for the existing UE authentication status through Nudr_DM_Query service operation.

Step 1005: UDR sends back the query result of the UE authentication status to UDM.

Based on result, there are different alternative flows:

Alt1: UE authentication status exists and SoR and/or UPU protection flag is set (true) .

Alt2: UE authentication status exists and SoR and/or UPU protection flag is not set (false) or absent.

Alt3: UE authentication status does not exist.

Step 1006: As Alt1, a new success authentication result has been confirmed, so UDM updates UE authentication status through Nudr_DR_Update service operation, especially to clear the SoR and/or UPU protection suspended flag to resume SoR information list update to the UE and/or UE Parameters Update to the UE.

Step 1007: UDR sends back the confirmation of the update service operation.

Step 1008: As Alt2, a new success authentication result has been confirmed, so UDM updates UE authentication status through Nudr_DR_Update service operation without any change of the SoR/UPU protection suspended flag.

Step 1009: UDR sends back the confirmation of the update service operation.

Step 1010: As Alt3, a new success authentication result has been confirmed but there is no existing UE authentication status stored before, so UDM creates the UE authentication status through Nudr_DR_Create service operation, SoR and/or UPU protection suspended flag are not set.

Step 1011: UDR sends back the confirmation of the create service operation.

Step 1012: UDM authorizes subsequent procedures based on querying UE authentication status from UDM (steps 802-803 of FIG. 8, steps 902-903 of Fig. 9) . SoR information list update to the UE may be allowed. UE parameters update to the UE may be allowed.

Some messages as shown in FIGs. 8-10 are same as the corresponding messages as described in 3GPP TS 23.502 V16.3.0 and 3GPP TS33.501 V16.1.0.

The various blocks or step shown in FIGs. 4-10 may be viewed as method steps, and/or as operations that result from operation of computer program code, and/or as a plurality of coupled logic circuit elements constructed to carry out the associated function (s) . The schematic flow chart diagrams described above are generally set forth as logical flow chart diagrams. As such, the depicted order and labeled steps are indicative of specific embodiments of the presented methods. Other steps and methods may be conceived that are equivalent in function, logic, or effect to one or more steps, or portions thereof, of the illustrated methods. Additionally, the order in which a particular method occurs may or may not strictly adhere to the order of the corresponding steps shown.

In an embodiment, if the Counter _SoR associated with the K _AUSF of the UE is about to wrap around, UDM should be synchronized to suspend the consumption of AUSF SoR protection service for later SoR information list update to the UE and may trigger a re-authentication procedure or wait for a next round of primary authentication triggered by other ways for K _AUSF refreshing. Once getting the new success authentication result confirmation UDM may resume SoR information list update to the UE as defined in clause 6.14.2.2 of 3GPP TS33.501 V16.1.0.

In an embodiment, UDM can set a SoR protection service suspended flag when knowing that the Counter _SoR associated with the K _AUSF of the UE is about to wrap around. Once getting the new success authentication result confirmation, UDM may clear the flag and resume SoR information list update to the UE.

In an embodiment, if the Counter _UPU associated with the K _AUSF of the UE is about to wrap around, UDM should be synchronized to suspend the consumption of AUSF UPU protection service for later UE Parameter Update to the UE and may trigger a re-authentication procedure or wait for the next round of primary authentication triggered by other ways for K _AUSF refreshing. Once getting the new success authentication result confirmation, UDM may resume the UE Parameter Update to the UE as defined in 6.15.2.1 of 3GPP TS33.501 V16.1.0.

In an embodiment, UDM can set a UPU protection suspended flag when knowing that Counter _UPU associated with the K _AUSF of the UE is about to wrap around. Once getting the new success authentication result confirmation, UDM may clear the flag and resume UE Parameters Update to the UE.

In an embodiment, at least one of the underline contents may be added in clause of 6.14.2.2 of 3GPP TS33.501 V16.1.0:

1) The UDM decides to notify the UE of the changes to the Steering Information List by the means of invoking Nudm_SDM_Notification service operation. If UDM is aware that SoR protection service is suspended for the UE, step 2-9 shall be skipped.

2-3) The UDM shall invoke Nausf_SoRProtection service operation message by including the SoR header and Steering Information List to the AUSF to get SoR-MAC-I _AUSF and Counter _SoR as specified in sub-clause 14.1.3 of this document. If the HPLMN decided that the UE is to acknowledge the successful security check of the received Steering Information List, then the UDM shall set the corresponding indication in the SoR header (see TS 24.501 [35] ) and include the ACK Indication in the Nausf_SoRProtection service operation message to signal that it also needs the expected SoR-XMAC-I _UE, as specified in sub-clause 14.1.3 of this document.

The details of the Counter _SoR is specified in sub-clause 6.14.2.3 of this document. The inclusion of Steering Information List and the acknowledge indication in the calculation of SoR-MAC-I _AUSF allows the UE to verify that the Steering Information List received is not tampered with or removed by the VPLMN and if the UDM requested an acknowledgement. The inclusion of these information in the calculation of the expected SoR-XMAC-I _UE allows the UDM to verify that the UE received the Steering Information.

If the Counter _SoR associated with the K _AUSF of the UE is about to wrap around, UDM shall suspend the consumption of AUSF SoR protection service for later SoR infromation list update to the UE and may trigger a UE re-authentication procedure or wait for next round of primary authentication (cf. clause 6.1.3) triggered by other ways for K _AUSF refreshing. Once getting the new success authentication result confirmation (cf. step 1 of clause 6.1.4.1a-1) UDM shall resume the SoR information list update to the UE as defined in this clause.

4) The UDM shall invoke Nudm_SDM_Notification service operation, which contains the list of preferred PLMN/access technology combinations, SoR-MAC-I _AUSF, Counter _SoR within the Access and Mobility Subscription data and the SoR header. If the UDM requests an acknowledgement, it shall temporarily store the expected SoR-XMAC-I _UE.

5) Upon receiving the Nudm_SDM_Notification message, the AMF shall send a DL NAS Transport message to the served UE. The AMF shall include in the DL NAS Transport message the transparent container received from the UDM.

6) On receiving the DL NAS Transport message, the UE shall calculate the SoR-MAC-I _AUSF in the same way as the AUSF (as specified in Annex A. 17) on the received Steering information, the Counter _SoR and the SoR header and verifies whether it matches the SoR-MAC-I _AUSF value received in the DL NAS Transport message.

7) If the UDM has requested an acknowledgement from the UE and the UE verified that the Steering Information List has been provided by the HPLMN, then the UE shall send the UL NAS Transport message to the serving AMF. The UE shall generate the SoR-MAC-I _UE as specified in Annex A. 18 and includes the generated SoR-MAC-I _UE in a transparent container in the UL NAS Transport message.

8) The AMF shall send a Nudm_SDM_Info request message to the UDM. If a transparent container with the SoR-MAC-I _UE was received in the UL NAS Transport message, the AMF shall include the transparent container in the Nudm_SDM_Info request message.

9) If the HPLMN indicated that the UE is to acknowledge the successful security check of the received Steering Information List, then the UDM shall compare the received SoR-MAC-I _UE with the expected SoR-XMAC-I _UE that the UDM stored temporarily in step 4.

In an embodiment, at least one of the underline contents may be added in clause of 6.15.2.1 of 3GPP TS33.501 V16.1.0:

1) The UDM decides to perform the UE Parameters Update (UPU) using the control plane procedure while the UE is registered to the 5G system. If the final consumer of any of the UE parameters to be updated (e.g., the updated Routing ID Data) is the USIM, the UDM shall protect these parameters using a secured packet mechanism (see 3GPP TS 31.115 [65] ) to update the parameters stored on the USIM. The UDM shall then prepare the UE Parameters Update Data (UPU Data) by including the parameters protected by the secured packet, if any, as well as any UE parameters for which final consumer is the ME (see TS 24.501 [35] ) . If UDM is aware that UE Parameters Update protection service is suspended for the UE, step 2-9 shall be skipped.

2-3) The UDM shall invoke Nausf_UPUProtection service operation message by including the UPU Data to the AUSF to get UPU-MAC-I _AUSF and Counter _UPU as specified in sub-clause 14.1.4 of this document. If the UDM decided that the UE is to acknowledge the successful security check of the received UE Parameters Update Data, then the UDM shall set the corresponding indication in the UE Parameters Update Data (see TS 24.501 [35] ) and include the ACK Indication in the Nausf_UPUProtection service operation message to signal that it also needs the expected UPU-XMAC-I _UE, as specified in sub-clause 14.1.4 of this document.

The details of the Counter _UPU is specified in sub-clause 6.15.2.2 of this document. The inclusion of UE Parameters Update Data in the calculation of UPU-MAC-I _AUSF allows the UE to verify that it has not been tampered by any intermediary. The expected UPU-XMAC-I _UE allows the UDM to verify that the UE received the UE Parameters Update Data correctly.

If the Counter _UPU associated with the K _AUSF of the UE is about to wrap around, UDM shall suspend the consumprion of AUSF UPU protection service for later UE Parameters Update to the UE and may trigger a re-authentication procedure or wait for next round of primary authentication (cf. clause 6.1.3) triggered by other ways for K _AUSF refreshing. Once getting the new success authentication result confirmation (cf. step 1 of clause 6.1.4.1a-1) UDM shall resume the UE Parameters Update to the UE as defined in this clause.

4) The UDM shall invoke Nudm_SDM_Notification service operation, which contains UE Parameters Update Data, UPU-MAC-I _AUSF, Counter _UPU within the Access and Mobility Subscription data. If the UDM requests an acknowledgement, it shall temporarily store the expected UPU-XMAC-I _UE.

6) On receiving the DL NAS Transport message, the UE shall calculate the UPU-MAC-I _AUSF in the same way as the AUSF (as specified in Annex A. 19) on the received UE Parameters Update Data and the Counter _UPU and verify whether it matches the UPU-MAC-I _AUSF value received in the DL NAS Transport message. If the verification of UPU-MAC-I _AUSF is successful and the UPU Data contains any parameters that is protected by secured packet (see 3GPP TS 31.115 [65] ) , the ME shall forward the secured packet to the USIM using procedures in 3GPP TS 31.111 [66] . If the verification of UPU-MAC-I _AUSF is successful and the UPU Data contains any parameters that is not protected by secure packet, the ME shall update its stored parameters with the received parameters in UDM Updata Data.

7) If the UDM has requested an acknowledgement from the UE and the UE has successfully verified and updated the UE Parameters Update Data provided by the UDM, then the UE shall send the UL NAS Transport message to the serving AMF. The UE shall generate the UPU-MAC-I _UE as specified in Annex A. 20 and include the generated UPU-MAC-I _UE in a transparent container in the UL NAS Transport message.

8) If a transparent container with the UPU-MAC-I _UE was received in the UL NAS Transport message, the AMF shall send a Nudm_SDM_Info request message with the transparent container to the UDM.

9) If the UDM indicated that the UE is to acknowledge the successful security check of the received UE Parameters Update Data, then the UDM shall compare the received UPU-MAC-I _UE with the expected UPU-XMAC-I _UE that the UDM stored temporarily in step 4.

In an embodiment, at least one of the underline contents may be added in clause 6.3.6.2.7 of 3GPP TS29.503 V16.2.0:

6.3.6.2.7 Type: AuthEvent

Table 6.3.6.2.7-1: Definition of type Auth Event

In an embodiment, at least one of the underline contents may be added in A. 4 of 3GPP TS29.503 V16.2.0:

A.4 Nudm_UEAU API

FIG. 11 is a block diagram showing an apparatus suitable for practicing some embodiments of the disclosure. For example, any one of the data management entity and the data repository entity described above may be implemented as or through the apparatus 1100.

The apparatus 1100 comprises at least one processor 1121, such as a DP, and at least one MEM 1122 coupled to the processor 1121. The apparatus 1120 may further comprise a transmitter TX and receiver RX 1123 coupled to the processor 1121. The MEM 1122 stores a PROG 1124. The PROG 1124 may include instructions that, when executed on the associated processor 1121, enable the apparatus 1120 to operate in accordance with the embodiments of the present disclosure. A combination of the at least one processor 1121 and the at least one MEM 1122 may form processing means 1125 adapted to implement various embodiments of the present disclosure.

Various embodiments of the present disclosure may be implemented by computer program executable by one or more of the processor 1121, software, firmware, hardware or in a combination thereof.

The MEM 1122 may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memories and removable memories, as non-limiting examples.

The processor 1121 may be of any type suitable to the local technical environment, and may include one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs) and processors based on multicore processor architecture, as non-limiting examples.

In an embodiment where the apparatus is implemented as or at the data management entity, the memory 1122 contains instructions executable by the processor 1121, whereby the data management entity operates according to any of the

methods

400, 500, 600 as described in reference to FIGs. 4-6.

In an embodiment where the apparatus is implemented as or at the data repository entity, the memory 1122 contains instructions executable by the processor 1121, whereby the data repository entity operates according to the method 700 as described in reference to FIG. 7.

FIG. 12 is a block diagram showing a data management entity according to an embodiment of the disclosure. As shown, the data management entity 1200 comprises an obtaining module 1202 and a determining module 1204. The obtaining module 1202 may be configured to obtain information regarding whether a service for a user equipment is suspended. The determining module 1204 may be configured to determine whether to suspend the service for the user equipment based on the obtained information.

FIG. 13 is a block diagram showing a data repository entity according to an embodiment of the disclosure. As shown, the data repository entity 1300 comprises a receiving module 1302 and a sending module 1304. The receiving module 1302 may be configured to receive a request for querying information regarding whether a service for a user equipment is suspended from a data management entity. The sending module 1304 may be configured to send a response including a query result to the data management entity.

The term unit or module may have conventional meaning in the field of electronics, electrical devices and/or electronic devices and may include, for example, electrical and/or electronic circuitry, devices, modules, processors, memories, logic solid state and/or discrete devices, computer programs or instructions for carrying out respective tasks, procedures, computations, outputs, and/or displaying functions, and so on, as such as those that are described herein.

With function units, the data management entity and the data repository entity may not need a fixed processor or memory, any computing resource and storage resource may be arranged from the data management entity and the data repository entity in the communication system. The introduction of virtualization technology and network computing technology may improve the usage efficiency of the network resources and the flexibility of the network.

According to an aspect of the disclosure it is provided a computer program product being tangibly stored on a computer readable storage medium and including instructions which, when executed on at least one processor, cause the at least one processor to carry out any of the methods as described above.

According to an aspect of the disclosure it is provided a computer-readable storage medium storing instructions which when executed by at least one processor, cause the at least one processor to carry out any of the methods as described above.

In addition, the present disclosure may also provide a carrier containing the computer program as mentioned above, wherein the carrier is one of an electronic signal, optical signal, radio signal, or computer readable storage medium. The computer readable storage medium can be, for example, an optical compact disk or an electronic memory device like a RAM (random access memory) , a ROM (read only memory) , Flash memory, magnetic tape, CD-ROM, DVD, Blue-ray disc and the like.

The techniques described herein may be implemented by various means so that an apparatus implementing one or more functions of a corresponding apparatus described with an embodiment comprises not only prior art means, but also means for implementing the one or more functions of the corresponding apparatus described with the embodiment and it may comprise separate means for each separate function or means that may be configured to perform one or more functions. For example, these techniques may be implemented in hardware (one or more apparatuses) , firmware (one or more apparatuses) , software (one or more modules) , or combinations thereof. For a firmware or software, implementation may be made through modules (e.g., procedures, functions, and so on) that perform the functions described herein.

Exemplary embodiments herein have been described above with reference to block diagrams and flowchart illustrations of methods and apparatuses. It will be understood that each block of the block diagrams and flowchart illustrations, and combinations of blocks in the block diagrams and flowchart illustrations, respectively, can be implemented by various means including computer program instructions. These computer program instructions may be loaded onto a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions which execute on the computer or other programmable data processing apparatus create means for implementing the functions specified in the flowchart block or blocks.

Further, while operations are depicted in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order, or that all illustrated operations be performed, to achieve desirable results. In certain circumstances, multitasking and parallel processing may be advantageous. Likewise, while several specific implementation details are contained in the above discussions, these should not be construed as limitations on the scope of the subject matter described herein, but rather as descriptions of features that may be specific to particular embodiments. Certain features that are described in the context of separate embodiments may also be implemented in combination in a single embodiment. Conversely, various features that are described in the context of a single embodiment may also be implemented in multiple embodiments separately or in any suitable sub-combination.

While this specification contains many specific implementation details, these should not be construed as limitations on the scope of any implementation or of what may be claimed, but rather as descriptions of features that may be specific to particular embodiments of particular implementations. Certain features that are described in this specification in the context of separate embodiments can also be implemented in combination in a single embodiment. Conversely, various features that are described in the context of a single embodiment can also be implemented in multiple embodiments separately or in any suitable sub-combination. Moreover, although features may be described above as acting in certain combinations and even initially claimed as such, one or more features from a claimed combination can in some cases be excised from the combination, and the claimed combination may be directed to a sub-combination or variation of a sub-combination.

It will be obvious to a person skilled in the art that, as the technology advances, the inventive concept can be implemented in various ways. The above described embodiments are given for describing rather than limiting the disclosure, and it is to be understood that modifications and variations may be resorted to without departing from the spirit and scope of the disclosure as those skilled in the art readily understand. Such modifications and variations are considered to be within the scope of the disclosure and the appended claims. The protection scope of the disclosure is defined by the accompanying claims.

Claims

A method (400) at a data management entity, comprising:

obtaining (402) information regarding whether a service for a user equipment is suspended; and

determining (404) whether to suspend the service for the user equipment based on the obtained information.
The method according to claim 1, wherein the service for the user equipment is configured with a counter for mitigating a replay attack and when the counter for mitigating a replay attack is about to wrap around, a subsequent request of the service for the user equipment is suspended.
The method according to claim 1 or 2, wherein obtaining information regarding whether a service for a user equipment is suspended comprises:

sending (502) a request for querying the information regarding whether the service for the user equipment is suspended to a data repository entity; and

receiving (504) a response including a query result from the data repository entity.
The method according to claim 3, wherein the information regarding whether the service for the user equipment is suspended is a Boolean flag,

when the Boolean flag is true, it indicates that the service for the user equipment is suspended, and

when the Boolean flag is false or absent, it indicates that the service for the user equipment is not suspended.
The method according to any of claims 1-4, further comprising:

in response to a determination that the service for the user equipment is suspended, suspending (406) the service for the user equipment.
The method according to any of claims 1-4, further comprising:

in response to a determination that the service for the user equipment is not suspended, sending (408) a request to an authentication entity to get a value for integrity protection and a counter for mitigating a replay attack;

receiving (410) a response including the value for integrity protection and the counter for mitigating the replay attack from the authentication entity; and

when the received counter is about to wrap around, suspending (412) a subsequent request of the service for the user equipment.
The method according to claim 6, wherein the counter for mitigating a replay attack is incremented for every new computation of the value for mitigating the replay attack.
The method according to claim 7, wherein the value for mitigating the replay attack is SoR-MAC-I _AUSF and/or SoR-XMAC-I _UE or wherein the value for mitigating the replay attack is UPU-MAC-I _AUSF and/or UPU-XMAC-I _UE.
The method according to any of claims 6-8, wherein when the received counter is about to wrap around, the method further comprises:

sending (414) a request for storing information regarding the service for the user equipment is suspended to the data repository entity.
The method according to any of claims 6-9, wherein when the received counter is about to wrap around, the method further comprises:

triggering (416) a user equipment re-authentication procedure.
The method according to any of claims 1-10, further comprising:

receiving (602) an authentication result for the user equipment from an authentication entity; and

when the authentication result indicates a successful authentication and the service for the user equipment is suspended, resuming (604) the service for the user equipment.
The method according to claim 11, wherein when the result of the authentication procedure indicates the successful authentication, the method further comprises:

sending (606) a request for storing information regarding the service for the user equipment is not suspended to a data repository entity.
The method according to any of claims 6-12, wherein the authentication entity is an authentication service function, AUSF, entity, the data repository entity is unified data repository, UDR, entity and the data management entity is a unified data management, UDM, entity.
The method according to any of claims 1-13, wherein the service for the user equipment comprises at least one of

a procedure for steering of the user equipment in a visited network; and

a procedure for the user equipment parameters update.
A method (700) at a data repository entity, comprising:

receiving (702) a request for querying information regarding whether a service for a user equipment is suspended from a data management entity; and

sending (704) a response including a query result to the data management entity.
The method according to claim 15, wherein the information regarding whether the service for the user equipment is suspended is a Boolean flag,

when the Boolean flag is true, it indicates that the service for the user equipment is suspended, and

when the Boolean flag is false or absent, it indicates that the service for the user equipment is not suspended.
The method according to claim 15 or 16, wherein the service for the user equipment is configured with a counter for mitigating a replay attack and when the counter for mitigating a replay attack is about to wrap around, a subsequent request of the service for the user equipment is suspended.
The method according to claim 17, wherein the counter for mitigating a replay attack is incremented for every new computation of a value for mitigating a replay attack.
The method according to claim 18, wherein the value for mitigating the replay attack is SoR-MAC-I _AUSF and/or SoR-XMAC-I _UE or wherein the value for mitigating the replay attack is UPU-MAC-I _AUSF and/or UPU-XMAC-I _UE.
The method according to any of claims 15-19, further comprising:

receiving (706) a request for storing information regarding whether the service for the user equipment is suspended from the data management entity; and

storing (708) the information regarding whether the service for the user equipment is suspended.
The method according to any of claims 15-20, wherein the data repository entity is unified data repository, UDR, entity and the data management entity is a unified data management, UDM, entity.
The method according to any of claims 15-21, wherein the service for the user equipment comprises at least one of

a procedure for steering of the user equipment in a visited network; and

a procedure for the user equipment parameters update.
A data management entity (1100) , comprising:

a processor (1121) ; and

a memory (1122) coupled to the processor (1121) , said memory (1122) containing instructions executable by said processor (1121) , whereby said data management entity (1100) is operative to:

obtain information regarding whether a service for a user equipment is suspended; and

determine whether to suspend the service for the user equipment based on the obtained information.
The data management entity according to claim 23, wherein the data management entity is further operative to perform the method of any one of claims 2 to 14.
A data repository entity (1100) , comprising:

a processor (1121) ; and

a memory (1122) coupled to the processor (1121) , said memory (1122) containing instructions executable by said processor (1121) , whereby said data repository entity (1100) is operative to:

receive a request for querying information regarding whether a service for a user equipment is suspended from a data management entity; and

send a response including a query result to the data management entity.
The data repository entity according to claim 25, wherein the data repository entity is further operative to perform the method of any one of claims 16 to 22.
A computer-readable storage medium storing instructions which when executed by at least one processor, cause the at least one processor to perform the method according to any one of claims 1 to 22.
A computer program product comprising instructions which when executed by at least one processor, cause the at least one processor to perform the method according to any of claims 1 to 22.