In this feature,
UEs that are in limited service mode (LSM) and UEs that cannot be authenticated
by the MME are allowed to establish emergency calls.
MME uses EEA0
(Integrity) and EIA0 (Ciphering) algorithms for emergency attach requests even
if the UE does not advertise the support of these algorithms in the request
message, to successfully process the VoLTE emergency calls. These algorithms
successfully process the VoLTE calls irrespective of the validation level
configured for a UE.
The MME provides
options to authenticate emergency attaches using the following CLI:
ue-validation-level { auth-only | full | imsi | none }
Using the above
command syntax, it is possible to configure the MME to allow or disallow
unauthenticated UEs in LSM to establish bearers for emergency calls. To
establish bearers for an emergency call for unauthenticated UEs in LSM, the MME
allows NAS protocol to use EIA0 and EEA0 as the integrity and ciphering
algorithm respectively.
If the MME allows
an unauthenticated UE in LSM to establish bearers for emergency calls on
receiving an emergency attach request message from the UE, the MME:
 Note |
As a result, the
MME only sends a UE with EPS security capability containing EIA0 and EEA0 to
the eNB when selecting EIA0 for NAS integrity protection because the eNB is
only capable of selecting EIA0 for AS integrity protection and EEA0 for AS
confidentiality protection. In general, if EIA0 is used for NAS integrity
protection, then EIA0 will always be used for AS integrity protection or
vice-versa
|
The rules for when
the MME selects the EIA0 for NAS integrity protection, and when the UE accepts
a NAS security mode command selecting EIA0 for NAS integrity protection depends
on whether the UE and MME can be certain that no EPS NAS security context can
be established. For more information on these rules, refer to
3GPP 33.401
specifications document.