The 5G Globally Unique Temporary Identifier (5G-GUTI) is allocated by the AMF. It is a temporary identity so it docs not have a fixed association with a specific subscriber nor device. The use of a temporary identity helps to improve privacy. The AMF can change the allocated 5G-GUTI at any time.

The structure of the 5G-GUTI is illustrated in Figure below. It is a concatenation of the Globally Unique AMF Identifier (GUAMI) and 5G-TMSI. 

The GUAMI is a concatenation of the PLMN Identity and the AMF Identifier. Inclusion of the GUAMI allows identification of thc AMF which allocated the 5G-GUTI. The 5G-TMSI identifies the UE within that AMF.

3GPP has specified a mapping between the 5G-GUTI and the 4G-GUTI. This mapping is used when a UE moves between technologies. For example, when a UE moves from 5G to 4G and is required to send a GUTI to the MME, then the UE maps the 5G-GUTI onto the 4G-GUTI and forwards it to the MME. The MME can then complete the reverse mapping to identify the AMF that it needs to contact in order to retrieve the UE context. Similarly, when a UE moves from 4G to 5G then the 4G-GUTI can be mapped onto the 5G-GUTI and sent to the AMF. The AMF can then extract the MME Identity and subsequently request the UE context.


A 5G Subscription Permanent Identifier (SUPI) can be either:
  •   An International Mobile Subscriber Identity (IMSI)
  •   A Network Access Identifier (NAI)

A Subscription Concealed Identifier (SUCI) allows the SUPI to be signalled without exposing the identity of the user. 

Signalling procedures use the SUCI rather than the SUPI to provide privacy. For example, the '5GS Mobile Identity' within NAS signalling procedures can be based upon a SUCI (alternatively, the '5GS Mobile Identity' can be an IMEI, IMEISY, 5G-GUTI or 5G-S-TMSI)

* The SUCI uses a 'Protection Scheme' which can be set to 'null' in which case the SUPI is visible within the message. These protection schemes are used to encrypt the SUPI prior to including within the message.

No comments:

Post a Comment