TFA

TransFer Allowed

Core Network
Introduced in Rel-5
A parameter or indicator within mobility management procedures that signals whether the transfer of a subscriber's context or session to a new network node is permitted. It is crucial for managing handovers, session continuity, and subscriber data management during network transitions.

Description

TransFer Allowed (TFA) is a control parameter used in 3GPP core network signaling, particularly within mobility management and session management protocols. It functions as a flag or an information element that dictates whether the network is authorized to transfer a subscriber's active context—such as MM (Mobility Management) context, PDP context, or EPS bearer context—from one network entity to another. This transfer typically occurs during inter-system handovers, routing area updates, or serving node changes (e.g., from an SGSN to another SGSN or MME). The parameter is evaluated by network elements like the MSC, SGSN, or MME to determine the permissibility of the requested transfer procedure.

Architecturally, TFA is embedded within key signaling messages. For instance, in the context of GPRS and UMTS, it appears in messages like the SGSN Context Request/Response during an Inter-SGSN Routing Area Update. The old SGSN, which holds the subscriber's active contexts, uses the TFA indicator to inform the new SGSN whether it is allowed to forward the precise context data. The setting of this parameter is governed by network policies, subscriber subscription data, and the current state of the session. Its primary role is to enforce security and operational policies, preventing unauthorized or undesirable transfers that could compromise session integrity or billing accuracy.

The mechanism works in conjunction with other parameters like the 'Transfer Restricted' indicator. When TFA is set to 'allowed', the source network node proceeds to package and send the relevant context data (including IMSI, MM state, PDP context information, and security vectors) to the target node. If it is set to 'not allowed', the transfer is blocked, which may trigger an alternative procedure, such as re-authentication of the subscriber from scratch by the new node, potentially causing a brief service interruption. The decision logic involves checking factors like the network's roaming agreements, the subscriber's location, and whether fraud or security risks are detected.

In the evolved packet core (EPC) and 5G core (5GC), similar concepts exist under different names and within different procedures, but the fundamental principle of a transfer authorization check remains. TFA plays a critical role in ensuring seamless mobility while maintaining strict control over the dissemination of sensitive subscriber context information. It is a cornerstone for secure and efficient handover execution across 3GPP network generations.

Purpose & Motivation

The TFA parameter was created to address critical needs in cellular mobility management: security, operational control, and service continuity. In early mobile networks, the uncontrolled transfer of subscriber context between network nodes posed significant security risks, such as context hijacking or fraudulent session establishment. TFA provides a standardized, policy-driven mechanism for the network to authorize or deny such transfers, acting as a gatekeeper for subscriber data movement.

Historically, without such a controlled parameter, handovers between nodes in different administrative domains (e.g., between different operators' networks) could lead to unauthorized data sharing or billing discrepancies. TFA allows the home network or the currently serving network to enforce its policies. For example, an operator might restrict transfers during suspected fraud activities or when a subscriber's credit is exhausted. It solves the problem of balancing seamless mobility—which requires quick context transfer—with the imperative of maintaining network security and accurate accounting.

Furthermore, TFA enables more complex network architectures and interworking scenarios. It is essential for scenarios like network sharing, where multiple operators use the same RAN infrastructure but have separate core networks. The parameter ensures that a subscriber's context is only transferred to a core network node belonging to their subscribed operator. Its introduction formalized the handshake between old and new serving nodes, making mobility procedures more robust, predictable, and secure, which was a necessary evolution as networks became more complex and interconnected.

Key Features

  • Binary indicator authorizing or denying subscriber context transfer
  • Used in inter-node signaling (e.g., between SGSNs, MMEs)
  • Enforces network security and policy during mobility events
  • Impacts handover success rate and service continuity
  • Evaluated based on subscription, location, and network state
  • Prevents unauthorized propagation of sensitive session data

Evolution Across Releases

Rel-5 Initial

Introduced with the IMS and enhanced packet-switched core network in UMTS. Defined as a key parameter in the GPRS Tunneling Protocol (GTP) and mobility management signaling between SGSNs to control the transfer of MM and PDP contexts during inter-SGSN routing area updates.

TS 21.905

Defining Specifications

SpecificationTitle
TS 21.905 3GPP TS 21.905