Database Requirements

1. Database Requirements IMEI/MEID CEIR March 30/31 JEM Geneva

2. Issues (1 of N) • How is the manufacturer code reflected in the database(s) (note: there is TAC in IMEI)? • Does a manufacturer with assigned block(s) have a privilege to access allocations for that manufacturer? • Read only (YES, e.g. for warranty, time to deployment, …) • Read/write (maybe?) • Security issues: • URL of manufacturer datasheet

3. Issues (2 of N) • Assignment affirmation: • Assignment revocation: • Conditions for affirmation/allocation • Time before it must be consumed • Coordination of assignments for multi-mode devices between GHA/GDA data bases, if separate

4. Issues (3 of N) • What are operators’ access privileges to MEID/IMEI (assignment) data base(s)? • Read? (Yes) • Read/Write? (No, administrators only)

5. Issues (4 of N) • Secure access: • A Manufacturer’s access should be confined only to codes assigned to it; • Access privileges are to designated entities only (e.g. a member operator’s agent, likewise for other designated entities) • Level of authentication (is mutual authentication required?) • Protocol specifications • Backups

6. Use scenarios

7. CEIR Issues (1 of X) • Is an IMEI/MEID implicitly white-listed (if not on the black/gray list)? • Normal = white list • Block = black • Track = gray • Coordination on multi-mode devices, if separate CEIR deployed • What are the criteria for black or gray listing? • Hierarchy (EIR owned by operator feeding to CEIR)

8. CEIR Issues (2 of X) • Only operators populate EIR, and implicitly CEIR. Are there any exceptions? • White lists migrate from TAD-like database

9. Requirements • The GHA/GDA or a designated regional administrator shall record MEID/IMEI allocations of numbering space to the appropriate Allocation Database (e.g. TAD in case of IMEI), within 3 business days of the grant of such allocation, or within the timeframe requested by the manufacturer. • The recording shall contain, as a minimum, the following information: Equipment manufacturer identity, segment of allocated numbering space. The recording should also contain: Reference to a manufacturer product data, or explicit information regarding equipment characteristics (e.g. power class, frequency band(s), technology modes supported).

10. Requirements (2 of N) • The GDA/GHA entry should indicate allocation status as “granted”. • A Manufacturer may have access to a section of allocation database reserved for that manufacturer’s use, only after allocation is “granted”. • If manufacturer has access to the allocation database, the manufacturer shall be able to read any data in its section of Allocation database. • A manufacturer shall not have access to a section of database outside its domain.

11. Requirements (3 of N) • As devices are manufactured, the manufacturer should be able to convert status of segments of it allocation from “granted” to “released”.

12. Requirements (4 of N) CEIR • Allocation database (TAD) shall be reflected in the CEIR automatically upon assignment of codes (creation of “granted” status). • CEIR whitelist (normal) range should reflect the serial number ranges of mobile equipment with status “released”.

13. Requirements (5 of N) EIR • An Operator’s (explicit) EIR whitelist should be updated from the CEIR whitelist at a frequency deemed suitable to that operator (recommended on a daily basis).

14. Blacklist (Block)Requirements (1 of N) • An Operator should create entries to the EIR blacklist per the internal policy of that operator (e.g. police report may be required before blacklisting). • All EIR new blacklist entries should be uploaded to CEIR on a daily basis. • An EIR should request blacklist updates from the CEIR on a daily basis. • If implemented separately, the decimal CEIR and hexadecimal CEIR should exchange blacklists for multimode devices on a daily basis