Device Registration – 1

The registration process in 5G, also known as the 5G Attach procedure, is the initial step that a user device (UE – User Equipment) goes through to connect and become part of the 5G network. It involves several steps to establish a secure and authenticated connection between the UE and the 5G Core Network (5GC).

Registration – Part 1

The following figure outlines the first part of the 5G registration:

Note: there is no old AMF in our use case

(1) AMF Selection

The first aspect of the registration process that is related to the 5G Core network is the selection of an appropriate AMF by the gNB.

When the Registration Request arrives at the gNB, it will be carried within RRC signaling. If this RRC signaling contains a 5G-S-TMSI, the gNB will not need to choose an AMF. Instead, the gNB can extrapolate from the 5G-S-TMSI the GUAMI (Globally Unique AMF ID) of the AMF that has already been assigned to the device. Thereafter, the Registration Request can be forwarded to the appropriate AMF, assuming the gNB has connectivity to that AMF.

If there is no connectivity to the AMF, or if a 5G-S-TMSI has not been provided, the gNB will select an AMF based on a number of potential criteria and factors outlined in the following figure :

(2) NGAP Establish 

This procedure is to establish the signaling connection between gNB and AMF (i.e, the first connection process). This is not UE specific and this will apply to every UE that is connected to the specified AMF.

(3) Initial UE Message 

The NGAP Initial UE message is the first message sent to the AMF whenever the gNB receives a NAS message from the device (typically following RRC connection setup).

(4) NAS Registration Request 

The NAS Registration Request contains a set of mandatory information elements, coupled with a large selection of optional information elements.

Note: for this section we will use the same pcap file from the previous section named device_registration.pcap.

• Open the file in wireshark and apply the following filter: “ngap || http2.data.data || http2.header || pfcp”

IP addresses of different component in the capture:

gNB: 172.17.0.2   ||  AMF: 127.0.0.1 or eth0

Registration – Part 2

The following figure outlines the second part of the 5G registration:

Note: there is no old AMF in our use case.

(1) Security phase 

If there is no existing UE security context available in the network, the device must carry out the authentication process with the AMF, which in turn will communicate with the UDM via the AUSF (Authentication Server Function) to access 5G authentication vectors.

The authentication process must be carried out before any further NAS signaling is exchanged between the UE and the AMF.

IP addresses of different component in the capture:

gNB: 172.17.0.2    ||    AMF: 127.0.0.1   ||  NRF: 127.0.0.10   ||   AUSF: 127.0.0.9 || UDM: 127.0.0.3       

UDR: 127.0.0.4

• Authentication Vector Acquisition

• NAS Security setup

(2) Registering the Subscriber

During a network registration for a given subscriber, the first AMF to UDM interaction takes place to allow the AMF to register the fact that it is responsible for the subscriber at this time. Note that the Request URI contains the subscriber’s identity in the guise of a SUPI (the ueId attribute).

As a consequence of the request, the UDM will record the AMF’s identity. In response, assuming the request is successful, the UDM will return a representation of the created Amf3GppAccessRegistration resource within the 201 Created message. A typical failure response would be a 403 Forbidden message.