ETSI TS 122 259 V15.0.0 (2019-07)

TECHNICAL SPECIFICATION
Digital cellular telecommunications system (Phase 2+) (GSM);
Universal Mobile Telecommunications System (UMTS);
LTE;
Service requirements
for Personal Network Management (PNM);
Stage 1
(3GPP TS 22.259 version 15.0.0 Release 15)

3GPP TS 22.259 version 15.0.0 Release 15 1 ETSI TS 122 259 V15.0.0 (2019-07)

Reference
RTS/TSGS-0122259vf00
Keywords
GSM,LTE,UMTS
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2019.
All rights reserved.
DECT™, PLUGTESTS™, UMTS™ and the ETSI logo are trademarks of ETSI registered for the benefit of its Members.

3GPP™ and LTE™ are trademarks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
oneM2M™ logo is a trademark of ETSI registered for the benefit of its Members and
of the oneM2M Partners. ®
GSM and the GSM logo are trademarks registered and owned by the GSM Association.
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 2 ETSI TS 122 259 V15.0.0 (2019-07)
Intellectual Property Rights
Essential patents
IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Trademarks
The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners.
ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no
right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does
not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks.
Legal Notice
This Technical Specification (TS) has been produced by ETSI 3rd Generation Partnership Project (3GPP).
The present document may refer to technical specifications or reports using their 3GPP identities. These shall be
interpreted as being references to the corresponding ETSI deliverables.
The cross reference between 3GPP and ETSI identities can be found under http://webapp.etsi.org/key/queryform.asp.
Modal verbs terminology
In the present document "shall", "shall not", "should", "should not", "may", "need not", "will", "will not", "can" and
"cannot" are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of
provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 3 ETSI TS 122 259 V15.0.0 (2019-07)
Contents
Intellectual Property Rights . 2
Legal Notice . 2
Modal verbs terminology . 2
Foreword . 5
Introduction . 5
1 Scope . 6
2 References . 6
3 Definitions, symbols and abbreviations . 6
3.1 Definitions . 6
3.2 Abbreviations . 7
4 Personal UE networks . 7
4.1 General description. 7
4.2 PN UE Redirecting application . 8
4.2.1 Requirements for PN UE redirecting application . 8
4.2.2 Usability requirements forPN UE redirection application . 10
4.2.3 Security for PN UE redirection application . 10
4.2.4 Charging for PN UE redirection application . 10
4.2.5 Interaction with supplementary services . 10
4.3 PN access control . 11
4.3.1 Requirements for PN access control . 11
4.3.2 Usability requirements for PN access control . 11
4.3.3 Security for PN access control . 11
4.3.4 Charging for PN access control . 11
5 PNE networks . 12
5.1 General description. 12
5.2 Personal area network management . 12
5.2.1 Personal area network requirements . 13
5.2.2 Usability requirements of personal area network management . 14
5.2.3 Security . 14
5.2.3.1 General . 14
5.2.3.2 PNE management requirements . 15
5.2.4 Charging . 15
5.3 PNE redirecting application . 15
5.3.1 Requirements for PNE redirecting application . 15
5.3.2 Usability requirements . 16
5.3.3 Security . 16
5.3.4 Charging . 16
5.4 PN access control for PNE networks . 16
5.4.1 Requirements for PN access control for PNE networks . 16
5.4.2 Usability requirements for PN access control in PNE networks . 16
Annex A (informative): Use cases . 17
A.1 Use case: Connection between PNEs of a PN . 17
A.2 Use case of UE-PN connection . 18
A.2a PN Access control: Parental control . 19
A.3 Use case of PN-User access a PLMN from their PNEs . 19
A.4 Use case for connection between guest UE and PN . 20
A.5 Use case on UE redirection of terminating services . 21
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 4 ETSI TS 122 259 V15.0.0 (2019-07)
A.6 Use case on PNE redirection of terminating services . 22
A.7 Use case: Selective update based on capability lists . 23
A.8 Use case: Combination of two PANs . 23
A.9 Use case: Separation of PAN . 25
Annex B (Informative): Change history . 26
History . 28

ETSI
3GPP TS 22.259 version 15.0.0 Release 15 5 ETSI TS 122 259 V15.0.0 (2019-07)
Foreword
rd
This Technical Specification has been produced by the 3 Generation Partnership Project (3GPP).
The contents of the present document are subject to continuing work within the TSG and may change following formal
TSG approval. Should the TSG modify the contents of the present document, it will be re-released by the TSG with an
identifying change of release date and an increase in version number as follows:
Version x.y.z
where:
x the first digit:
1 presented to TSG for information;
2 presented to TSG for approval;
3 or greater indicates TSG approved document under change control.
y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections,
updates, etc.
z the third digit is incremented when editorial only changes have been incorporated in the document.
Introduction
Traditionally a single integrated device with integrated radio access means formed the User Equipment (UE) for access
to mobile communication services. Now, however, many subscribers possess more than one device for running mobile
communication services, which may be connected to form a Personal Network (PN). The devices differ in their
capabilities and these capabilities qualify the devices more or less for specific end-to-end applications or particular
media like audio, video and pictures. A part of the devices offers own network access means for accessing the PLMN
via UTRA, WLAN, or other access technologies. The other devices are Terminal Equipments without radio access
capabilities.
Personal Network Management (PNM) allows the users to manage their devices and PN's. This TS specifies
requirements for allowing the users to manage their devices. The considered management functions of Personal
Network Management comprise the setup and configuration of Personal Networks, the personalization for the
termination of services within the Personal Network as well as the enabling of secure connections between the Personal
Network Elements. This includes the management of Personal Area Networks with their local device connections and
their available radio access means.
Two different scenarios are distinguished for Personal Network Management:
1 Personal UE Networks: This addresses the management of multiple UEs belonging to a single PN-User. It
contains the UE Redirecting application that provides for redirect terminating services to selected UEs and PN
Access Control that provide for privacy and enable restricted access to a PN.
2 PNE Networks: This extends the scope of considered managed objects from UEs to physically separated UE
components and to attached MEs. It does not only extend the PN UE Redirecting application and PN Access
Control by PAN-specific aspects but addresses the PAN Management with interactions of TEs and MEs.
These two scenarios are handled separately within the TS as the requirements of Personal UE Networks and PNE
Networks are focussed on different types of services. Personal UE Networks aim at an easy-to-use UE management
whereas PNE Networks enable complex scenarios of local networks with alternative network access means.
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 6 ETSI TS 122 259 V15.0.0 (2019-07)
1 Scope
The present document describes the service requirements for the Personal Network Management (PNM). Aspects of
data synchronisation and management of user data are out of scope.
2 References
The following documents contain provisions, which through reference in this text, constitute provisions of the present
document.
• References are either specific (identified by date of publication, edition number, version number, etc.) or
non-specific.
• For a specific reference, subsequent revisions do not apply.
• For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including
a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same
Release as the present document.
[1] 3GPP TS 22.004: "General on supplementary services".
[2] 3GPP TS 22.101: "Service aspects; Service principles".
[3] 3GPP TS 22.105: "Service aspects; Services and service capabilities".
[4] 3GPP TR 22.944: "Report on service requirements for UE functionality split".
[6] Void
[7] 3GPP TS 23.101: "General Universal Mobile Telecommunications System (UMTS) architecture".
[8] 3GPP TS 22.082: "Call Forwarding (CF) supplementary services".
[9] 3GPP TS 22.228: "Service requirements for the Internet Protocol (IP) multimedia core network
subsystem".
[10] 3GPP TS 23.228: "IP Multimedia Subsystem (IMS)".
[11] 3GPP TS 23.279: "Combining Circuit Switched (CS) and IP Multimedia Subsystem (IMS)
services".
[12] 3GPP TR 21.905: "Vocabulary for 3GPP Specifications".
3 Definitions, symbols and abbreviations
3.1 Definitions
For the purposes of the present document, the terms and definitions given in TR 21.905 [12] and the following apply. A
term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905 [12].
Personal Network:  A Personal Network (PN), in the context of Personal Network Management, consists of more than
one Personal Network Element under the control of one PN-User providing access to the serving PLMNs. There shall be
at least one Personal Network Element with a USIM subscription in a PN. Authentication of the user for each PLMN
access is based on the USIM(s) of the PN. The Personal Network Elements are managed in a way that the user perceives
a continuous secure connection regardless of their relative locations. The Personal Network Elements belonging to the
PN-User’s PN maybe registered to different PLMNs at a time. The PN-User controls the PN using facilities provided by
the Personal Network Management (PNM).
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 7 ETSI TS 122 259 V15.0.0 (2019-07)
Personal Network Element: A Personal Network Element (PNE) is the basic component making up a PN-User’s
Personal Network. A Personal Network Element is handled as a single entity in PNM but physically it may be either a
single device or a group of devices. The Personal Network Element may be a TE, MT, ME or even a complete UE.
Personal Area Network: A Personal Area Network (PAN) is a local network of the PN-User. In the context of Personal
Network Management, the PAN consists of at least one UE and may additionally comprise a number of MEs/MTs, with
own radio access means that allow them to directly access the PLMN of the UE. The UE and locally connected additional
MEs/MTs are the PNEs of the PAN. Alternatively the UE components, i.e TEs and MT, may be handled as separate
PNEs. The UE contains the single active USIM of the PAN.
PNE Identifier: The PNE Identifier uniquely identifies each PNE of a PN within the PN. The PNE Identifier of MTs and
MEs is the IMEI. Other PNEs have PNM-specific identifiers that are allocated for enabling PNM functions.
PN-User: For the purpose of Personal Network Management the PN-User is the person who owns the Personal Network
Elements with respective subscriptions at one service provider.
Registration: In the context of Personal Network Management registration is the procedure by which a particular entity
is either added to the Personal Network or to the Personal Area Network. Entities are physically separated devices or
groups of devices. The entity stays registered till deregistration of the entity is performed. The status of registration to a
Personal Network or Personal Area Network is not affected by the status of registration/attachment to the PLMN.
Configuration: In the context of Personal Network Management Configuration contains the procedure by which a PN-
User can configure the PN settings for the PN UE and the PN Access Control applications.
Interrogation: In the context of Personal Network Management Interrogation is the procedure by which a PN-User can
interrogate the PN settings which are configured by the PN-User before.
For further definitions see [12].
3.2 Abbreviations
For the purposes of the present document, the following abbreviations given in TR 21.905 [12] and the following apply.
An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any,
in TR 21.905 [12].
PNM Personal Network Management
PN Personal Network
PAN Personal Area Network
PNE Personal Network Element
4 Personal UE networks
4.1 General description
Personal UE Network features enable the management of multiple UEs belonging to a single PN-User. In particular,
customer needs who own more than one terminal and subscription are addressed, e.g. ordinary handset for telephony,
car phone, PDA for emails when on the move, data card with laptop for work when in semi-stationary mode. Although
those devices are mainly held for a particular usage, many are able to support more than one sort of services, e.g.
telephony is supported by all but the data card. Personal UE Networks are not aware of the presence of other PNEs
belonging to a user.
Functionality enabled by Personal UE Networks comprises PN UE redirection and PN Access Control.
Registration, configuration and interrogation procedures for PNM are supported via IMS capable PN UEs, via a web
client or by administrative procedures.
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 8 ETSI TS 122 259 V15.0.0 (2019-07)
4.2 PN UE Redirecting application
Customers may not carry always their full set of "gadgets", but still want to be reachable. Currently management of all
the terminals for the PN-User by setting forwarding options, switch on and off terminals, providing partners with
multiple addresses is not very customer friendly.
PNM
Access
Access
System
Access
System
System
UE
UE
UE
Fig 1: UEs managed by PN e.g. UE Redirecting application
4.2.1 Requirements for PN UE redirecting application
- PNM shall be provided to a subscription upon customers request via administrative procedures.
- PNM shall be withdrawn upon customer request or for administrative reasons via administrative procedures.
- The PN-Users shall be able to register and deregister UEs to their PN.
- Successful registration shall add the UE as new Personal Network Element to the Personal Network. The
information on the UE and the public user identities belonging to the UE shall be written to the service profile in
the network. A deregistration procedure shall be performed to remove a registered UE from the Personal
Network.
- Each UE shall only be registered in one PN and the network shall reject the registration request of a UE that is
already registered in another PN.
- The PN-Users shall be able to "activate" a certain UE of their PN as the default UE for terminating services
addressed to any of the UEs belonging to the PN. Activation shall be possible
- On a global level for all services supported by the UE capabilities and subscription
- On a per service basis for selected services supported by the UE capabilities and subscription
- On a per service component basis for the different media of a supported service (in line with [9])
- The PN-Users shall be able to configure priorities of a UEs list with priority for terminating a specific service.
- Note: the priority may be based on parameters such as time, device capability and PN-User choice.
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 9 ETSI TS 122 259 V15.0.0 (2019-07)
- The PN-User shall be able to interrogate the PNM network database for the current PN-User settings of their
own PN.
- The registration and configuration procedures shall include a validation and update of identities and capabilities
associated with the UE. For this reason, registration and activation of a UE shall only be done for UEs that are
currently attached/registered to the network. The UE shall either send an registration/activation request to the
network or the network shall "invite" the UE based on a request received from another UE belonging to the PN.
Registration and activation may be also provided via administrative procedures.
- The UE or the network shall deny activation as default UE for terminating a particular service or service
component, in case the UE does not provide the capability or the subscription to terminate the service.
- Deactivation and deregistration should not always require the involvement of the UE affected by the setting.
However the network shall only process deactivation and deregistration requests from UEs belonging to the
same PN.
- A UE performing activations shall have the capability to perform the deactivations for these settings.
- For terminating services without an activated UE, the services shall not be redirected but shall be terminated by
the addressed target UE. Information shall be offered to the PN-User when the only active device for terminating
a service is deactivated.
- In case more than one device is activated for a terminating service, e.g. IMS devices with the same Public User
Identity, the service should be directed to all devices that are currently reachable for the network (PS attached or
IMS registered). It shall be possible to make the PN-User aware on charging implications caused by activation of
more than one UE for directing of the same service.
- If activations are configured for one or more media types of a service then the overall service directing setting
shall be overwritten for directing these service components.
- Directing media of a service to different devices should be up to the choice and responsibility of the PN-User.
For instance, in case of synchronized media the redirection to different devices may result in a loss of
synchronization.
- A new activation overrides the previous activation status when successful.
- Deregistration of active UEs shall comprise the global deactivation of the UEs.
- It shall be possible to allow two sets of activation settings. One set is always present and contains the default
configuration. On a temporary basis, a second set of activation settings is configured. The temporary activations
shall provide a means for saving and restoring current activation settings. While temporary activations are
switched on, these settings shall override the non-temporary configuration.
- The network shall assume that the non-temporary settings are still valid after fallback from temporary to non-
temporary activation settings. For this reason, it shall be possible for the UE to access and change temporary as
well as non-temporary settings.
- If capabilities or subscriptions of an active UE change and activated services are no longer supported by the UE,
e.g. TEs providing these capabilities are removed, then the UE shall deactivate the affected services and offer
appropriate information to the user and the PN service.
- It shall be possible for a UE to offer capability lists to the PNM service, where the capability list contains the
capabilities that the UE is capable of terminating or is interested in receiving updates regarding them.
- It shall be possible for UEs of the PN to update PN configuration after an attachment/registration of the UE to
the network.
- PNM settings may comprise current UE capabilities and redirection settings of a PN. The PNM service shall
update the PNM settings to the UEs, selectively based on their respective capability lists, when other UE
capabilities of the PN change.
- Means shall be provided to enable redirection to a particular UE for dealing with situations where UEs share the
same Public User Identity.
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 10 ETSI TS 122 259 V15.0.0 (2019-07)
- Terminating services shall only be redirected if the redirection does not cause systematic misbehaviour of user
devices or the network (e.g. SMS is one service where redirection shall not be applied if any over-the-air
management of the target UE would be prevented.)
- The PNM service shall interwork with CS-Domain call forwarding [8] and IMS session redirecting [9] in a way
that no collisions of contradicting redirections occur in the network and the redirection of data remains
transparent for the user. The considered interworking scenarios shall include the redirection of IP Multimedia
sessions caused by any of the listed events or conditions [9].
- The UE Redirecting application shall be applicable to terminating services in the CS-domain, PS-domain, and
IMS subsystem.
- Originating services shall not be affected by the default settings.
- The services that are made available for redirection shall be consistent with existing service identifiers, e.g. IMS
communication service identifier [10], or service grouping, e.g. basic service groups [1].
- Redirection of terminating services and service media shall be done for only public user identities and addresses
belonging to a UE of the PN.
- The PN-User shall be able to exclude specific public user identities and addresses of the PN from data
redirection.
Note: In the above requirements, registration means the registration of UE and of its public identities to the PN.
The registration procedures of the UE to the PLMN remain unaffected.
4.2.2 Usability requirements forPN UE redirection application
The following PNM procedures shall be at least available via one of the UEs belonging to the actual PN of the PN-User
and shall be realized in a user friendly and secure manner:
- Registration of a UE
- Deregistration of a UE
- Activation of a UE for a specific service or service component
- Global activation of a UE for all services, as far as supported
- Setting up of capability lists as requested by a user
- Interrogation of PNM database
4.2.3 Security for PN UE redirection application
- Registration of UEs to a PN shall require the consent of the subscriber by appropriate means, e.g. an ''invite"
function, preventing intended/unintended access by unauthorized UEs.
4.2.4 Charging for PN UE redirection application
- All charges for terminating services shall be levied to the "active" UEs, even when originally addressed to
another UE belonging to the PN.
- It shall be possible to raise registration/deregistration and activation/deactivation fees.
4.2.5 Interaction with supplementary services
- For terminating services invocation of Supplementary Services applicable to the active UE shall take precedence
over invocation of Supplementary Service applicable to the called UE.
- There is no impact on the registration, erasure, activation, deactivation of Supplementary Services.
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 11 ETSI TS 122 259 V15.0.0 (2019-07)
4.3 PN access control
- Private networks may consist of UEs which are only privately accessed, that is each UE may be accessed only by
other UEs of the PN. The PN-User may additionally modify the access levels of each UE of the PN to be public
or private.
- In order to allow external UEs or Guest UEs to access these UEs, the PNM provides access control procedures.
The PNM shall provide registration and authentication mechanisms for guest device access.
Note 1: Authentication refers to verifying the registration status of a certain guest UE by the PNM.
Note 2: It is assumed that guest UE access to a UE in a PN is routed via the PLMN Network. In particular control
of access to a UE via local interfaces is outside the scope of this specification.
4.3.1 Requirements for PN access control
- The PN-User may register up to UEs to be private to the PN, whereby public access to these devices may be
restricted.
- The PN-User is able to register up to UE public identities not owned by him as registered callers that are
allowed to initiate sessions with the private UEs of the PN, and these UEs containing these registered public
identities are referred to as Guest UEs.
- The PN-User may nominate a UE as the default UE for access control. This UE shall have the access rights to
register/deregister private UEs and guest UEs.
- The registration of Guest UE may be performed by the default UE for access control and enabled dynamically
(querying during session initiation procedures using public identity of caller) or statically (using PN specific
database) by PNM procedures.
- In case the user has another UE in the PN as the default UE for redirection, then the querying shall be directed to
the default UE for redirection.
4.3.2 Usability requirements for PN access control
- Registration of a Guest UE
- Deregistration of a Guest UE
- PN access level settings for a particular UE of the PN to be public / private
- PN Access control settings are stored at PNM database, for a particular Guest UE e.g unlimited access of PN by
close friends, limited access by acquaintances.
Note: In the above requirements, public identity may be substituted in place of UE. Example, either a public
identity or a UE may be registered into a PN.
4.3.3 Security for PN access control
- PN access control settings refer to the PN-User providing different access control settings of his PN for different
Guest UEs / Public Identity.
4.3.4 Charging for PN access control
Note: Currently no additional charging issues have been identified, but this topic may be studied further.
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 12 ETSI TS 122 259 V15.0.0 (2019-07)
5 PNE networks
5.1 General description
PNE Networks enable functions for the management and direct accessibility of the physically separated components of a
UE, i.e. TEs and MEs.
PNE Network functions comprise the management and communication of these PNEs within a PN as well as the extension
of the PN UE Redirecting application and the PN access control function to include the redirection to UE and PAN
components.
UE PN
PNM
PAN
Access
Access
System
Access
System
System
ME
ME
TE
TE
TE TE
ME
UE
Fig 2: Devices addressed by PAN Management
5.2 Personal area network management
Service requirements cover the management of UE(s), as well as UE components and TE(s), ME(s) or MT(s) and
belonging to the same PAN(s) (see Figure 2).
A UE including a USIM, can comprise physically separated TEs and can also have connections with other MTs or MEs
(e.g., a PDA, music player, laptop, camera, headset, etc.). The devices are connected through short-range wired or
wireless connections (when they are in close proximity) and form a small network, called a PAN (Personal Area
Network). The owner of the PNE that holds the USIM controls the PAN.
PNEs of a PAN without / not requiring a USIM, may have the need to access services provided by the PLMN or to
communicate with another entity through the PLMN. In this case PNEs must be authenticated and authorized by using
the USIM associated with the PLMN (i.e., a single USIM authority shall be shared by all the PNEs of the PAN that
access services provided by the PLMN).
For managing a PAN means are required to identify a particular PNE within a PAN. The PNE identifiers enable
connections between selected PNEs and directing of terminating services to a particular PNE.
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 13 ETSI TS 122 259 V15.0.0 (2019-07)
Thus PNM identifiers are divided into subscriber identities and PNE identities. 3GPP private subscriber identifiers are
the unique IMSI and the unique IMS Private User Identies stored in USIM and ISIM. The subscriber identities are used,
for example, for registration, authorization, administration, and accounting purposes in the network. The PNE
Identifiers are used to identify devices within a PN and may be used, for example, for blacklist and Device Management
purposes. When the PNE is a ME, the IMEI should be reused as PNE identifier unless for security reasons or other
reasons this is not feasible. In contrast to MEs the PNE identifiers of TEs are PNM-specific and have little network
security relevance as TE have no own radio access means.
Annex A.3 shows two use cases where users access a PLMN from their PANs.
The PN shall support the combination and separation of PANs.
5.2.1 Personal area network requirements
- The PN-User shall be able to control which PNEs (i.e. TEs, MTs and MEs) are part of a PAN via MMI
procedures.
- A user may set-up more than one PAN within a PN.
- The PN-User shall be able to register and deregister PNEs that can be used in a PAN.
- The PN-User shall be able to activate and deactivate the PNEs registered to a PAN.
- A PAN uses exactly one active USIM for authentication. Hence a PAN contains exactly one 3GPP UE.
- In case of only one ME within the PAN the PAN reduces to a 3GPP UE and shall behave as such.
- The PNE Identifier of MEs shall be the IMEI. For TEs it shall be possible to allocate PNM-specific PNE
identifiers.
Note: Cases occur in practice where IMEIs are duplicated for misuse. Resulting potential security threats should
be considered when adding functionality that requires a secure PNE identifier.
- PNM-specific PNE Identifiers should only be required for PNM-internal purposes but should be harmonized
with other optional device identifiers (i.e. Personal ME Identifier in CSI [11]).
- PNM-specific PNE Identifiers shall not be used for routing purposes in the network except PN-internal
forwarding to a particular PNE within a PAN.
- PNE Identifiers shall be unique within a PN. Procedures are needed to avoid that PNEs of one PN have the same
PNE Identifier.
- It shall not be necessary to store PNE Identifiers in TEs. Instead PNE identities should be managed by a PAN
device responsible for processing PAN Management functions.
- It shall be possible to simultaneously access a PLMN via multiple access systems. For example, the user might
use PNE1 for data services (internet access) together with PNE2 on a PLMN for a speech call.
- The PN shall support the combination of two or more PANs into one PAN when they are in close proximity. In
this case a UE shall be designated for the new PAN. Other UEs who participate in the combination shall be
deactivated and hence act as MEs in the new PAN.
- The PN shall support the separation of PAN under specific conditions. In case that there is no active UE among
the separated devices, a ME with a USIM shall be designated and activated as UE for the new PAN.
- The PN shall be able to update registration information of PNEs that participate in the combination or separation
of PANs.
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 14 ETSI TS 122 259 V15.0.0 (2019-07)
TE I
ME
PLMN
TE II
USIM
1. authentication by
using a USIM of a UE
ME
2. direct access to a PLMN
Figure 34: Connections between MEs and TEs
5.2.2 Usability requirements of personal area network management
The following PAN Management procedures shall be supported by PAN in a user friendly and secure manner:
- Authentication and authorization of PNEs in a PAN
- Registration of PNEs in a PAN
- Deregistration of PNEs in a PAN
- Activation of PNEs in a PAN
- Deactivation of PNEs in a PAN
- Management of PNE identities within a PAN
- Registration update of PNEs in a PAN
- Combination management of PAN
- Separation management of PAN
- Capability announcement of PNEs in a PAN
5.2.3 Security
In order to maintain security between a PAN and a PLMN, MTs or MEs providing direct connectivity must be
authenticated and authorized when they get attached to the network and start using/accessing 3GPP services. For
authentication and authorization, existing security mechanisms, which are based on USIMs , shall be used.
For improved security, the MT or ME may use suitable trusted computing technologies.
5.2.3.1 General
- A secured interface between the UE holding the (U)SIM and other PNE’s in the PAN is required. This "local
interface" must be able to protect against eavesdropping, and undetected modification attacks on security-related
signalling data (e.g. authentication challenges and responses). Cryptographic or physical means may be used for
this purpose.
- Both endpoints of the local interface shall be mutually authenticated and authorized.
- The ME/MT without (U)SIM shall be capable of communicating with the U(SIM) only if the UE containing
(U)SIM is switched on and a (U)SIM is powered on. Furthermore the ME/MT without (U)SIM shall not be
allowed to change the status of the UE with active (U)SIM, or the remote (U)SIM, e.g. to reset it, or to switch its
power on or off.
ETSI
3GPP TS 22.259 version 15.0.0 Release 15 15 ETSI TS 122 259 V15.0.0 (2019-07)
- The ME/MT without the (U)SIM shall be capable of detecting the presence and availability of the active (U)SIM
on the UE containing it. It also has the ability to terminate an authenticated network sessions when, the (U)SIM
is no longer accessible within a short monitoring time period.
- The user shall have the capability to shut off sharing of (U)SIM feature. The owner of the UE holding the active
(U)SIM should authorize its use.
- Integrity and privacy of signalling between ME/MTs and the PLMN shall be supported. No leakage of (U)SIM
information to the user, or any third party over the wireless interface (e.g. Bluetooth/WLAN).
- Whenever someone (a specific device) tries to remotely access a (U)SIM for the first time some sort of alert shall
be sent, e.g. a message will be displayed informing the user of the access. The user can then decide whether the
access is authorized and can allow or disallow it.
- The UE holding the (U)SIM should be responsible for mediating access to the (U)SIM Application/Data such as
controlling the logical channels.
- UICC presence detection shall be supported via the local interface.
- When the (U)SIM is re-used over local interfaces, additional access control on the Applications/Data information
shall be implemented by the UE holding the active (U)SIM compared to the case when it is accessed by the UE
holding the (U)SIM directly. For example, some AT commands might have to be restricted.
5.2.3.2 PNE management requirements
- Default Settings
The default settings of any PNE coming from the manufacturer should always be set to "Do Not Auto Connect"
or "Do Not Make Discoverable".
The user must be aware that they are allowing their PNE to "be seen" by other devices.
- Connection Confirmation
A PNE shall only accept a connection from another PNE after receiving a confirmation from the user indicating
willingness to accept such a connection (i.e. there should be no "auto-accept" feature on the PNE).
The requesting PNE should represent itself via its Unique Identifier.
5.2.4 Charging
If any charges are made for the provision of PNM these should be levied to the active subscription of the PAN.
5.3 PNE redirecting application
The Personal Network may comprise more than one UE or PAN. Each en
...