FORM 2
THE PATENTS ACT, 1970 (39 OF 1970) & THE PATENT RULES, 2003
COMPLETE SPECIFICATION
(See section 10 and rule 13)
“METHOD AND SYSTEM FOR MAINTAINING SESSION FOR AUTHENTICATION AUTHORIZATION REQUESTS
(AAR)”
We, Jio Platforms Limited, an Indian National, of Office - 101, Saffron, Nr. Centre Point, Panchwati 5 Rasta, Ambawadi, Ahmedabad - 380006, Gujarat, India.
The following specification particularly describes the invention and the manner in which it is to be performed.

METHOD AND SYSTEM FOR MAINTAINING SESSION FOR AUTHENTICATION AUTHORIZATION REQUESTS (AAR)
TECHNICAL FIELD
[0001] Embodiments of the present disclosure generally relate to the field of wireless communication system. More particularly, embodiments of the present disclosure relate to a method and system for maintaining a session for authentication authorization requests (AAR).
BACKGROUND
[0002] The following description of the related art is intended to provide background information pertaining to the field of the disclosure. This section may include certain aspects of the art that may be related to various features of the present disclosure. However, it should be appreciated that this section is used only to enhance the understanding of the reader with respect to the present disclosure, and not as admissions of the prior art.
[0003] Wireless communication technology has rapidly evolved over the past few decades, with each generation bringing significant improvements and advancements. The first generation of wireless communication technology was based on analog technology and offered only voice services. However, with the advent of the second generation (2G) technology, digital communication and data services became possible, and text messaging was introduced. The third generation (3G) technology marked the introduction of high-speed internet access, mobile video calling, and location-based services. The fourth generation (4G) technology revolutionized wireless communication with faster data speeds, better network coverage, and improved security. Currently, the fifth generation (5G) technology is being deployed, promising even faster data speeds, low latency, and the ability to connect multiple devices simultaneously. With each generation, wireless

communication technology has become more advanced, sophisticated, and capable of delivering more services to its users.
[0004] In the 5G communication system, there is provided a plurality of network functions (NFs). For example, an Access and Mobility Management Function (AMF), session management function (SMF), Policy control function (PCF), Application Function (AF), and the like. One or more of the NFs communicate with each other, to implement multiple activities on the 5G communication system. For example, PCF is one of the key network functions, which supports network behaviour by managing and imposing policies related to quality of service (QoS), traffic management, and resource allocation.
[0005] In communication network, for a calling service, AF, PCF, and SMF nodes communicate among each other. The PCF node sends Unknown_Session_Id in Session Termination Request (STR) response and the PCF removes dynamic Policy and Charging Control (PCC) rules, which get installed during first Authentication Authorization Request (AAR) message. When Update Notify request gets timed out for the intermediate AAR, the PCF node releases the session and because of that, PCF sends Unknown_Session_Id in STR response. By ignoring this, it can cause the improper termination of session without sending notification to AF node. Further, when a user is engaged in activities that involve multiple transactions, interruptions caused by session clearing can lead to significant disruptions. The clearing of session at the intermediate AAR stage could result in loss of context, progress, and important data. Also, when the user is engaged in an audio call session and switches to video call session, then the PCF node is configured to receive an intermediate AAR. In addition, PCF node is configured to send Update Notify request towards the SMF node. If that Update Notify request gets timed out, then the PCF clears the session, causing the user’s ongoing call session to be interrupted.

[0006] Thus, there exists an imperative need in the art to provide an efficient method and system for maintaining a session for authentication authorization requests (AAR).
SUMMARY
[0007] This section is provided to introduce certain aspects of the present disclosure in a simplified form that are further described below in the detailed description. This summary is not intended to identify the key features or the scope of the claimed subject matter.
[0008] An aspect of the present disclosure may relate to a method for maintaining a session for authentication authorization requests (AAR). The method includes receiving, by a transceiver unit at a policy control function (PCF) module, an AAR from at least a network function (NF). The method includes transmitting, by the transceiver unit at the PCF module, to a session management function (SMF) module, a request for installation data, based on the received AAR, wherein the request is adapted to expire after a predefined duration of time. The method includes determining, by a processing unit at the PCF module, in response to expiration of the request, a type of the AAR, wherein the type of AAR is one of an initial type, and an intermediate type. The method includes performing, by the processing unit at the PCF module, at least an action for the session, based on the determined type of the AAR.
[0009] In an exemplary aspect of the present disclosure, the NFs is at least one of a proxy-call session control functions (P-CSCFs), and an application functions (AFs).
[0010] In an exemplary aspect of the present disclosure, the installation data comprises at least one of a set of policy rules, dynamic policies, and charging control (PCC) rules.

[0011] In an exemplary aspect of the present disclosure, the method further comprises determining, by the processing unit at the PCF module, in response to an absence of receipt of installation from the SMF module, and after the predefined duration of time, that the request is expired.
[0012] In an exemplary aspect of the present disclosure, if the type of AAR corresponds to the initial type, the method comprises disabling, by the processing unit at the PCF module, the session; and removing, by the processing unit at the PCF module, resources allocated for the session.
[0013] In an exemplary aspect of the present disclosure, if the type of AAR corresponds to the intermediate type, the method comprises maintaining, by the processing unit at the PCF module, the session; and retaining, by the processing unit at the PCF module, resources allocated for the session.
[0014] Another aspect of the present disclosure may relate to a system for maintaining a session for authentication authorization requests (AAR). The system comprises a transceiver unit configured to receive, at a policy control function (PCF) module, an AAR from at least a network function (NF). The transceiver unit is further configured to transmit, at the PCF module, to a session management function (SMF) module, a request for installation data, based on the received AAR, wherein the request is adapted to expire after a predefined duration of time. The system further comprises a processing unit configured to determine, at the PCF module, in response to expiration of the request, a type of the AAR, wherein the type of AAR is one of an initial type, and an intermediate type. The processing unit is further configured to perform, at the PCF module, at least an action for the session, based on the determined type of the AAR.
[0015] Yet another aspect of the present disclosure may relate to a non-transitory computer readable storage medium storing one or more instructions for maintaining

a session for authentication authorization requests (AAR), the instructions include executable code which, when executed by one or more units of a system, causes: a transceiver unit of the system to receive, at a policy control function (PCF) module, an AAR from at least a network function (NF). The executable code, when executed further causes the transceiver unit to transmit, at the PCF module, to a session management function (SMF) module, a request for installation data, based on the received AAR, wherein the request is adapted to expire after a predefined duration of time. The executable code, when executed further causes a processing unit of the system to determine, at the PCF module, in response to expiration of the request, a type of the AAR, wherein the type of AAR is one of initial type, and intermediate type. The executable code, when executed further causes processing unit to perform, at the PCF module, at least an action for the session, based on the determined type of the AAR.
OBJECTS OF THE INVENTION
[0016] Some of the objects of the present disclosure, which at least one embodiment disclosed herein satisfies are listed herein below.
[0017] It is an object of the present disclosure to provide a system and a method for maintaining session for intermediate Authentication Authorization Request (AAR) update notification timeout.
[0018] It is another object of the present disclosure to provide a system and a method for providing reliable, consistent user experience and ensuring a smoother interaction by handling improper terminating of sessions.
[0019] It is yet another object of the present disclosure to provide a system and a method for efficient resource management by clearing sessions only for initial AARs by the PCF to manage resources more effectively and maintaining the sessions for intermediate AARs.

DESCRIPTION OF THE DRAWINGS
[0020] The accompanying drawings, which are incorporated herein, and constitute
5 a part of this disclosure, illustrate exemplary embodiments of the disclosed methods
and systems in which like reference numerals refer to the same parts throughout the different drawings. Components in the drawings are not necessarily to scale, emphasis instead being placed upon clearly illustrating the principles of the present disclosure. Also, the embodiments shown in the figures are not to be construed as
10 limiting the disclosure, but the possible variants of the method and system
according to the disclosure are illustrated herein to highlight the advantages of the disclosure. It will be appreciated by those skilled in the art that disclosure of such drawings includes disclosure of electrical components or circuitry commonly used to implement such components.
15
[0021] FIG. 1 illustrates an exemplary block diagram representation of 5th generation core (5GC) network architecture, in accordance with exemplary implementations of the present disclosure.
20 [0022] FIG. 2 illustrates an exemplary block diagram of a computing device upon
which the features of the present disclosure may be implemented, in accordance with exemplary implementation of the present disclosure.
[0023] FIG. 3 illustrates an exemplary block diagram of a system for maintaining
25 a session for authentication authorization requests (AAR), in accordance with
exemplary implementations of the present disclosure.
[0024] FIG. 4 illustrates a method flow diagram for maintaining the session for
authentication authorization requests (AAR), in accordance with exemplary
30 implementations of the present disclosure.
7

[0025] FIG. 5 illustrates a system architecture for maintaining the session for authentication authorization requests (AAR), in accordance with exemplary implementations of the present disclosure.
5 [0026] FIG. 6 illustrates a process flow diagram for maintaining the session for
authentication authorization requests (AAR), in accordance with exemplary implementations of the present disclosure.
[0027] The foregoing shall be more apparent from the following more detailed
10 description of the disclosure.
DETAILED DESCRIPTION
[0028] In the following description, for the purposes of explanation, various
15 specific details are set forth in order to provide a thorough understanding of
embodiments of the present disclosure. It will be apparent, however, that
embodiments of the present disclosure may be practiced without these specific
details. Several features described hereafter may each be used independently of one
another or with any combination of other features. An individual feature may not
20 address any of the problems discussed above or might address only some of the
problems discussed above.
[0029] The ensuing description provides exemplary embodiments only, and is not intended to limit the scope, applicability, or configuration of the disclosure. Rather,
25 the ensuing description of the exemplary embodiments will provide those skilled in
the art with an enabling description for implementing an exemplary embodiment. It should be understood that various changes may be made in the function and arrangement of elements without departing from the spirit and scope of the disclosure as set forth.
30
8

[0030] Specific details are given in the following description to provide a thorough
understanding of the embodiments. However, it will be understood by one of
ordinary skill in the art that the embodiments may be practiced without these
specific details. For example, circuits, systems, processes, and other components
5 may be shown as components in block diagram form in order not to obscure the
embodiments in unnecessary detail.
[0031] Also, it is noted that individual embodiments may be described as a process which is depicted as a flowchart, a flow diagram, a data flow diagram, a structure
10 diagram, or a block diagram. Although a flowchart may describe the operations as
a sequential process, many of the operations may be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged. A process is terminated when its operations are completed but could have additional steps not included in a figure.
15
[0032] The word “exemplary” and/or “demonstrative” is used herein to mean serving as an example, instance, or illustration. For the avoidance of doubt, the subject matter disclosed herein is not limited by such examples. In addition, any aspect or design described herein as “exemplary” and/or “demonstrative” is not
20 necessarily to be construed as preferred or advantageous over other aspects or
designs, nor is it meant to preclude equivalent exemplary structures and techniques known to those of ordinary skill in the art. Furthermore, to the extent that the terms “includes,” “has,” “contains,” and other similar words are used in either the detailed description or the claims, such terms are intended to be inclusive—in a manner
25 similar to the term “comprising” as an open transition word—without precluding
any additional or other elements.
[0033] As used herein, a “processing unit” or “processor” or “operating processor”
includes one or more processors, wherein processor refers to any logic circuitry for
30 processing instructions. A processor may be a general-purpose processor, a special
purpose processor, a conventional processor, a digital signal processor, a plurality
9

of microprocessors, one or more microprocessors in association with a (Digital
Signal Processing) DSP core, a controller, a microcontroller, Application Specific
Integrated Circuits, Field Programmable Gate Array circuits, any other type of
integrated circuits, etc. The processor may perform signal coding data processing,
5 input/output processing, and/or any other functionality that enables the working of
the system according to the present disclosure. More specifically, the processor or processing unit is a hardware processor.
[0034] As used herein, “a user equipment”, “a user device”, “a smart-user-device”,
10 “a smart device”, “an electronic device”, “a mobile device”, “a handheld device”,
“a wireless communication device”, “a mobile communication device”, “a
communication device” may be any electrical, electronic and/or computing device
or equipment, capable of implementing the features of the present disclosure. The
user equipment/device may include, but is not limited to, a mobile phone, smart
15 phone, laptop, a general-purpose computer, desktop, personal digital assistant,
tablet computer, wearable device or any other computing device which is capable
of implementing the features of the present disclosure. Also, the user device may
contain at least one input means configured to receive an input from at least one of
a transceiver unit, a processing unit, a storage unit, a detection unit and any other
20 such unit(s) which are required to implement the features of the present disclosure.
[0035] As used herein, “storage unit” or “memory unit” refers to a machine or computer-readable medium including any mechanism for storing information in a form readable by a computer or similar machine. For example, a computer-readable
25 medium includes read-only memory (“ROM”), random access memory (“RAM”),
magnetic disk storage media, optical storage media, flash memory devices or other types of machine-accessible storage media. The storage unit stores at least the data that may be required by one or more units of the system to perform their respective functions.
30
10

[0036] As used herein “interface” or “user interface refers to a shared boundary
across which two or more separate components of a system exchange information
or data. The interface may also be referred to a set of rules or protocols that define
communication or interaction of one or more modules or one or more units with
5 each other, which also includes the methods, functions, or procedures that may be
called.
[0037] All modules, units, components used herein, unless explicitly excluded herein, may be software modules or hardware processors, the processors being a
10 general-purpose processor, a special purpose processor, a conventional processor,
a digital signal processor (DSP), a plurality of microprocessors, one or more microprocessors in association with a DSP core, a controller, a microcontroller, Application Specific Integrated Circuits (ASIC), Field Programmable Gate Array circuits (FPGA), any other type of integrated circuits, etc.
15
[0038] As used herein the transceiver unit include at least one receiver and at least one transmitter configured respectively for receiving and transmitting data, signals, information or a combination thereof between units/components within the system and/or connected with the system.
20
[0039] As used herein, authentication authorization requests (AAR) refer to commands, indicated by the Command-Code field set to 265 and the ‘R’ bit set in the Command Flags fields, which are sent by an AF to the PCRF/PCF to provide it with the Session Information.
25
[0040] As used herein, initial type request is a type of AAR that is used to initiate an Rx session and includes information that is relevant to the initiation.
[0041] As used herein, intermediate type request (also referred to herein as update
30 type request) is a type of AAR that is used to update an existing Rx session.
11

[0042] As used herein, update notify request refer to the Update_Notify service
operation that provides updated Session Management related policies to the NF
service consumer (SMF) or triggers the deletion of the context of SM related
policies. The POST method is used for both, update and delete operations. The
5 update notify request uses the Npcf_SMPolicyControl_UpdateNotify service
operation and supports procedures such as but not limited to PCF initiated update of the policies associated with the PDU session, PCF initiated deletion of SM policy association of a PDU session, provisioning of PCC rules, provisioning of policy control request triggers etc.
10
[0043] As discussed in the background section, the current known solutions have several shortcomings. The present disclosure aims to overcome the shortcomings mentioned in the background and other existing problems in this field of technology by providing a method and system for maintaining a session for authentication
15 authorization requests (AAR).
[0044] FIG. 1 illustrates an exemplary block diagram representation of 5th generation core (5GC) network architecture [100], in accordance with exemplary implementations of the present disclosure. As shown in FIG. 1, the 5GC network
20 architecture [100] includes a user equipment (UE) [102], a radio access network
(RAN) [104], an access and mobility management function (AMF) [106], a Session Management Function (SMF) [108], a Service Communication Proxy (SCP) [110], an Authentication Server Function (AUSF) [112], a Network Slice Specific Authentication and Authorization Function (NSSAAF) [114], a Network Slice
25 Selection Function (NSSF) [116], a Network Exposure Function (NEF) [118], a
Network Repository Function (NRF) [120], a Policy Control Function (PCF) [122], a Unified Data Management (UDM) [124], an application function (AF) [126], a User Plane Function (UPF) [128], a data network (DN) [130], wherein all the components are assumed to be connected to each other in a manner as obvious to
30 the person skilled in the art for implementing features of the present disclosure.
12

[0045] Radio Access Network (RAN) [104] is the part of a mobile
telecommunications system that connects user equipment (UE) [102] to the core
network (CN) and provides access to different types of networks (e.g., 5G network).
It consists of radio base stations and the radio access technologies that enable
5 wireless communication.
[0046] Access and Mobility Management Function (AMF) [106] is a 5G core
network function responsible for managing access and mobility aspects, such as UE
registration, connection, and reachability. It also handles mobility management
10 procedures like handovers and paging.
[0047] Session Management Function (SMF) [108] is a 5G core network function
responsible for managing session-related aspects, such as establishing, modifying,
and releasing sessions. It coordinates with the User Plane Function (UPF) for data
15 forwarding and handles IP address allocation and QoS enforcement. Alternatively,
the SMF [108] is also referred to herein as SMF module [108].
[0048] Service Communication Proxy (SCP) [110] is a network function in the 5G
core network that facilitates communication between other network functions by
20 providing a secure and efficient messaging service. It acts as a mediator for service-
based interfaces.
[0049] Authentication Server Function (AUSF) [112] is a network function in the
5G core responsible for authenticating UEs during registration and providing
25 security services. It generates and verifies authentication vectors and tokens.
[0050] Network Slice Specific Authentication and Authorization Function
(NSSAAF) [114] is a network function that provides authentication and
authorization services specific to network slices. It ensures that UEs can access only
30 the slices for which they are authorized.
13

[0051] Network Slice Selection Function (NSSF) [116] is a network function responsible for selecting the appropriate network slice for a UE based on factors such as subscription, requested services, and network policies.
5 [0052] Network Exposure Function (NEF) [118] is a network function that exposes
capabilities and services of the 5G network to external applications, enabling integration with third-party services and applications.
[0053] Network Repository Function (NRF) [120] is a network function that acts
10 as a central repository for information about available network functions and
services. It facilitates the discovery and dynamic registration of network functions.
[0054] Policy Control Function (PCF) [122] is a network function responsible for
policy control decisions, such as QoS, charging, and access control, based on
15 subscriber information and network policies. Alternatively, the PCF [122] is also
referred to herein as PCF module [112].
[0055] Unified Data Management (UDM) [124] is a network function that
centralizes the management of subscriber data, including authentication,
20 authorization, and subscription information.
[0056] Application Function (AF) [126] is a network function that represents external applications interfacing with the 5G core network to access network capabilities and services. 25
[0057] User Plane Function (UPF) [128] is a network function responsible for handling user data traffic, including packet routing, forwarding, and QoS enforcement.
14

[0058] Data Network (DN) [130] refers to a network that provides data services to user equipment (UE) in a telecommunications system. The data services may include but are not limited to Internet services, private data network related services.
5 [0059] The 5GC network architecture also comprises a plurality of interfaces for
connecting the network functions with a network entity for performing the network functions. The NSSF [116] is connected with the network entity via the interface denoted as (Nnssf) interface in the figure. The NEF [118] is connected with the network entity via the interface denoted as (Nnef) interface in the figure. The NRF
10 [120] is connected with the network entity via the interface denoted as (Nnrf)
interface in the figure. The PCF [122] is connected with the network entity via the interface denoted as (Npcf) interface in the figure. The UDM [124] is connected with the network entity via the interface denoted as (Nudm) interface in the figure. The AF [126] is connected with the network entity via the interface denoted as (Naf)
15 interface in the figure. The NSSAAF [114] is connected with the network entity via
the interface denoted as (Nnssaaf) interface in the figure. The AUSF [112] is connected with the network entity via the interface denoted as (Nausf) interface in the figure. The AMF [106] is connected with the network entity via the interface denoted as (Namf) interface in the figure. The SMF [108] is connected with the
20 network entity via the interface denoted as (Nsmf) interface in the figure. The SMF
[108] is connected with the UPF [128] via the interface denoted as (N4) interface in the figure. The UPF [128] is connected with the RAN [104] via the interface denoted as (N3) interface in the figure. The UPF [128] is connected with the DN [130] via the interface denoted as (N6) interface in the figure. The RAN [104] is
25 connected with the AMF [106] via the interface denoted as (N2). The AMF [106]
is connected with the RAN [104] via the interface denoted as (N1). The UPF [128] is connected with other UPF [128] via the interface denoted as (N9). The interfaces such as Nnssf, Nnef, Nnrf, Npcf, Nudm, Naf, Nnssaaf, Nausf, Namf, Nsmf, N9, N6, N4, N3, N2, and N1 can be referred to as a communication channel between
30 one or more functions or modules for enabling exchange of data or information
between such functions or modules, and network entities.
15

[0060] FIG. 2 illustrates an exemplary block diagram of a computing device [200]
upon which the features of the present disclosure may be implemented in
accordance with exemplary implementation of the present disclosure. In an
5 implementation, the computing device [200] may also implement a method for
maintaining a session for authentication authorization requests (AAR), utilising the
system. In another implementation, the computing device [200] itself implements
the method for maintaining a session for authentication authorization requests
(AAR) using one or more units configured within the computing device [200],
10 wherein said one or more units are capable of implementing the features as
disclosed in the present disclosure.
[0061] The computing device [200] may include a bus [202] or other communication mechanism for communicating information, and a hardware
15 processor [204] coupled with bus [202] for processing information. The hardware
processor [204] may be, for example, a general-purpose microprocessor. The computing device [200] may also include a main memory [206], such as a random-access memory (RAM), or other dynamic storage device, coupled to the bus [202] for storing information and instructions to be executed by the processor [204]. The
20 main memory [206] also may be used for storing temporary variables or other
intermediate information during execution of the instructions to be executed by the processor [204]. Such instructions, when stored in non-transitory storage media accessible to the processor [204], render the computing device [200] into a special-purpose machine that is customized to perform the operations specified in the
25 instructions. The computing device [200] further includes a read only memory
(ROM) [208] or other static storage device coupled to the bus [202] for storing static information and instructions for the processor [204].
[0062] A storage device [210], such as a magnetic disk, optical disk, or solid-state
30 drive is provided and coupled to the bus [202] for storing information and
instructions. The computing device [200] may be coupled via the bus [202] to a
16

display [212], such as a cathode ray tube (CRT), Liquid crystal Display (LCD),
Light Emitting Diode (LED) display, Organic LED (OLED) display, etc. for
displaying information to a computer user. An input device [214], including
alphanumeric and other keys, touch screen input means, etc. may be coupled to the
5 bus [202] for communicating information and command selections to the processor
[204]. Another type of user input device may be a cursor controller [216], such as
a mouse, a trackball, or cursor direction keys, for communicating direction
information and command selections to the processor [204], and for controlling
cursor movement on the display [212]. This input device typically has two degrees
10 of freedom in two axes, a first axis (e.g., x) and a second axis (e.g., y), that allow
the device to specify positions in a plane.
[0063] The computing device [200] may implement the techniques described herein using customized hard-wired logic, one or more ASICs or FPGAs, firmware
15 and/or program logic which in combination with the computing device [200] causes
or programs the computing device [200] to be a special-purpose machine. According to one implementation, the techniques herein are performed by the computing device [200] in response to the processor [204] executing one or more sequences of one or more instructions contained in the main memory [206]. Such
20 instructions may be read into the main memory [206] from another storage medium,
such as the storage device [210]. Execution of the sequences of instructions contained in the main memory [206] causes the processor [204] to perform the process steps described herein. In alternative implementations of the present disclosure, hard-wired circuitry may be used in place of or in combination with
25 software instructions.
[0064] The computing device [200] also may include a communication interface
[218] coupled to the bus [202]. The communication interface [218] provides a two-
way data communication coupling to a network link [220] that is connected to a
30 local network [222]. For example, the communication interface [218] may be an
integrated services digital network (ISDN) card, cable modem, satellite modem, or
17

a modem to provide a data communication connection to a corresponding type of
telephone line. As another example, the communication interface [218] may be a
local area network (LAN) card to provide a data communication connection to a
compatible LAN. Wireless links may also be implemented. In any such
5 implementation, the communication interface [218] sends and receives electrical,
electromagnetic or optical signals that carry digital data streams representing various types of information.
[0065] The computing device [200] can send messages and receive data, including
10 program code, through the network(s), the network link [220] and the
communication interface [218]. In the Internet example, a server [230] might
transmit a requested code for an application program through the Internet [228], the
ISP [226], the local network [222], a host [224] and the communication interface
[218]. The received code may be executed by the processor [204] as it is received,
15 and/or stored in the storage device [210], or other non-volatile storage for later
execution.
[0066] The computing device [200] encompasses a wide range of electronic devices capable of processing data and performing computations. Examples of
20 computing device [200] include, but are not limited only to, personal computers,
laptops, tablets, smartphones, servers, and embedded systems. The devices may operate independently or as part of a network and can perform a variety of tasks such as data storage, retrieval, and analysis. Additionally, computing device [200] may include peripheral devices, such as monitors, keyboards, and printers, as well
25 as integrated components within larger electronic systems, showcasing their
versatility in various technological applications.
[0067] Referring to FIG. 3, an exemplary block diagram of a system [300] for
maintaining a session for authentication authorization requests (AAR) is shown, in
30 accordance with exemplary implementations of the present disclosure. The system
[300] comprises at least one transceiver unit [302], at least one processing unit
18

[304], and at least a storage unit [306]. Also, all of the components/ units of the
system [300] are assumed to be connected to each other unless otherwise indicated
below. As shown in FIG. 3, all units shown within the system [300] should also be
assumed to be connected to each other. Also, in FIG. 3, only a few units are shown,
5 however, the system [300] may comprise multiple such units or the system [300]
may comprise any such numbers of said units, as required to implement the features
of the present disclosure. Further, in an implementation, the system [300] may be
present in a user device to implement the features of the present disclosure. The
system [300] may be a part of the user device/or may be independent of but in
10 communication with the user device (may also referred herein as a UE). In another
implementation, the system [300] may reside in a server or a network entity. In yet another implementation, the system [300] may reside partly in the server/ network entity and partly in the user device.
15 [0068] The system [300] is configured to maintain a session for authentication
authorization requests (AAR) with the help of the interconnection between the components/units of the system [300].
[0069] The system [300] comprises the transceiver unit [302] configured to receive,
20 at the policy control function (PCF) module [122], an authentication authorization
request (AAR) from at least a network function (NF). The transceiver unit [302]
receives the authentication authorization request (AAR) from at least a network
function using the PCF module [122] from at least a network function to further
verify or ascertain whether a user or device is allowed to access specific services or
25 resources.
[0070] In an exemplary implementation, the session may include any application session, but not limited to, audio call, video call, data service, XR, VR, V2V, etc.
30 [0071] The AAR may include a user identifier. In some examples, the user
identifier may include International Mobile Subscriber Identity (IMSI),
19

Subscription Permanent Identifier (SUPI), a session identifier for which the request is related, requested service (such as voice call, audio - video call, data service, etc), and the like.
5 [0072] The NF is at least one of a proxy-call session control functions (P-CSCFs),
and an application functions (AFs). In an exemplary aspect, the transceiver unit
[302], using the PCF module [122], may interact with the P-CSCFs and AFs to
obtain or provide necessary information for policy enforcement and session
management. For instance, the PCF module [122] may receive the AAR from the
10 NFs to gather session-related details or service-specific information needed to make
authentication and authorization decisions.
[0073] In an exemplary aspect, AAR are diameter Rx interface messages in the
form of commands responsible for managing user authentication and authorization
15 in telecommunications networks. In an exemplary aspect, AAR body includes
command such as [Rx-Request-Type]. In particular, [Rx-Request-Type] is a parameter that specifies the type of request being made or received. The exact nature of this parameter can vary depending on the protocol in use.
20 [0074] The transceiver unit [302] is further configured to transmit, at the PCF
module [122], to the session management function (SMF) module [108], a request for installation data, based on the received AAR. The request is adapted to expire after a predefined duration of time. The transceiver unit [302] transmits, using the PCF module [122], the request. The request is an update notification request for
25 installation data to the SMF [108] based on the AAR received earlier by the
transceiver unit [302]. The request sent by the transceiver unit [302] using the PCF module [122] to the SMF [108] is adapted to expire after the predefined duration of time. This means that the request is time-sensitive, and if the SMF module [108] does not respond back to the PCF module [122] within this specified time frame,
30 the request will be considered invalid or timed out or expired. This mechanism
20

ensures that resources are not indefinitely used by unfulfilled or failed requests, and it further helps in maintaining efficient network operations.
[0075] The installation data comprises at least one of a set of policy rules, dynamic
5 policies, and charging control (PCC) rules. The PCC rules refer to a set of
information elements enabling the detection of a service data flow and providing parameters for policy control and/or charging control. In an exemplary aspect, there are two different types of PCC rules: dynamic PCC rules and predefined PCC rules. In an exemplary aspect, the dynamic PCC rules are dynamically provisioned by the
10 PCF module [122] to the SMF module [108]. The dynamic PCC rules can be
installed, modified, and removed at any time. In another exemplary aspect, the predefined PCC rules are preconfigured in the SMF module [108]. The predefined PCC rules can be activated or deactivated by the PCF module [122] at any time. In another exemplary aspect, the predefined PCC rules within the PCF module [122]
15 may be grouped together, allowing the PCF module [122] to dynamically activate
a set of PCC rules.
[0076] The system [300] further comprises the processing unit [304] connected to
at least the transceiver unit [304]. The processing unit [304] is configured to
20 determine, at the PCF module [122], in response to expiration of the request, a type
of the AAR. The type of AAR is one of initial type, and intermediate type. In an exemplary aspect, the processing unit [304] may be connected to the transceiver unit [302].
25 [0077] The processing unit [304], using the PCF module [122] determines the type
of AAR based on the response to the expiration that was transmitted by the transceiver unit [302]. This determination by the processing unit [304] helps in managing the request appropriately based on its type and stage in the process. In an exemplary aspect, an initial type request may refer to a request that is made at the
30 beginning of a process or a service. It is the first type of AAR in the sequence. In
an exemplary aspect, an intermediate type request may be associated with
21

subsequent stages in the process or service. It occurs after the initial request and may represent a status update or a continuation of the request. In an exemplary aspect, the intermediate type request may also be referred to as update type request.
5 [0078] In an exemplary aspect, both the initial type request and the intermediate
type request are type of AAR commands/messages in form of the [Rx-Request-Type AVP], that is enumerated and contains the reason for sending the AAR command/message.
10 [0079] In an exemplary aspect, the following values are defined in both the initial
type and the intermediate type requests:
1. Initial type request - INITIAL_REQUEST has been assigned a value of 0.
The initial request is used to initiate an Rx session and contains information
that is relevant to initiation.
15 2. Intermediate type requests (also referred to herein as update type request-
UPDATE_REQUEST) has been assigned a value of 1. The intermediate type request is used to update an existing Rx session.
[0080] The processing unit [304] is further configured to perform, at the PCF
20 module [304], at least an action for the session, based on the determined type of the
AAR. The processing unit [304] performs the action for a particular session depending on whether the type of the AAR is the initial type or the intermediate type.
25 [0081] In an exemplary aspect, if the type of AAR corresponds to the initial type,
the processing unit [304] is configured to disable, at the PCF module [122], the session; and remove, at the PCF module [122], resources allocated for the session. Further, the session is disabled/terminated, if the processing unit [304] receives a successful response in the form of an authentication authorization answer (AAA)
30 for the initial type AAR. The processing unit [304], using the PCF module [122]
may send the request in the form of command such as but not limited to Session-
22

Termination-Request (STR) command for disabling/terminating the specified
session. Otherwise, the processing unit [304] shall wait for the initial AAA to be
received for the initial type AAR, prior to sending the Session-Termination-Request
command to the PCF module [304]. Afterwards, the processing unit [304], using
5 the PCF module [122], frees the resources allocated for the corresponding session.
[0082] The processing unit [304] determines whether the type of request is the initial type or the intermediate type. If the processing unit [304] determines that the type of request is the initial type, then the processing unit [304], using the PCF
10 module [122] disables the session and removes the resources allocated for that
particular session. By disabling the session, the processing unit [304] ensures, using the PCF module [122], that the resources are not unnecessarily allocated to the particular session, making the overall performance of the network efficient. Furthermore, the processing unit [304] ensures that resources are efficiently
15 managed and released when they are no longer needed, and that the session is
properly concluded according to the policies and configurations of the system [300].
[0083] In an exemplary aspect, if the type of AAR corresponds to the intermediate
20 type, the processing unit [304] is configured to maintain, at the PCF module [122],
the session; and retain, at the PCF module [122], resources allocated for the session.
If the processing unit [304] determines that the type of request is intermediate type,
then the processing unit [304] maintains the session and retains the resources
allocated for that particular session, using the PCF module [122]. The processing
25 unit [304] further ensures that the session remains active as per the policy rules and
requirements. This ensures continuity and proper handling of the session according to the policies and resource requirements set by the network.
[0084] In an example, if the user is engaged in an audio call only session and
30 switches to the video call session midway, then the PCF module [122] is configured
to receive the intermediate type AAR. In addition, the processing unit [304] at the
23

PCF [122] is configured to determine that the type of request is the intermediate type and allocates adequate resources for that particular audio video call session ensuring that the current audio video call session remains active without any interruptions. 5
[0085] The processing unit [304] is configured to determine, at the PCF module [122], in response to an absence of receipt of installation from the SMF module [108], and after the predefined duration of time, that the request is expired. The processing unit [304], in the absence of receipt or feedback response from the SMF
10 module [108], determines, using the PCF module [122] that the request is expired.
In an exemplary aspect, if the SMF module [108] does not respond back to the PCF module [122] within this specified time frame, the request is considered invalid or timed out or expired. This mechanism ensures that resources are not indefinitely used by unfulfilled or failed requests, and it further helps in maintaining efficient
15 network operations.
[0086] The system further comprises the storage unit [306]. In particular, the
storage unit [306] is configured to store data related to initial type requests,
intermediate type request, set of policy rules, dynamic policies, charging control
20 (PCC) rules, and the like.
[0087] Referring to FIG. 4, an exemplary method flow diagram [400] for
maintaining the session for authentication authorization requests (AAR) in
accordance with exemplary implementations of the present disclosure is shown. In
25 an implementation, the method [400] is performed by the system [300]. Further, in
an implementation, the system [300] may be present in a server device to implement the features of the present disclosure. Also, as shown in FIG. 4, the method [400] starts at step [402].
24

[0088] At step [404], the method [400] comprises receiving, by the transceiver unit [302] at the policy control function (PCF) module [122], the AAR from at least the network function (NF).
5 [0089] The transceiver unit [302] receives the authentication authorization request
(AAR) using at least the network function using the PCF module [122] from at least the network function to further verify or ascertain whether the user or device is allowed to access specific services or resources.
10 [0090] In exemplary aspect, the NF is at least one of the proxy-call session control
functions (P-CSCFs), and the application functions (AFs). In an exemplary aspect, the transceiver unit [302], using the PCF module [122], may interact with the P-CSCFs and AFs to obtain or provide necessary information for policy enforcement and session management. For instance, the PCF module [122] may receive the AAR
15 from these NFs to gather session-related details or service-specific information
needed to make authentication and authorization decisions.
[0091] In an exemplary aspect, AAR are diameter Rx interface messages in the
form of commands which are responsible for managing user authentication, and
20 authorization in telecommunications networks. In an exemplary aspect, AAR body
includes command i.e., [Rx-Request-Type]. [Rx-Request-Type] is a parameter that specifies the type of request being made or received. The exact nature of this parameter can vary depending on the protocol in use.
25 [0092] At step [406], the method [400] comprises transmitting, by the transceiver
unit [302] at the PCF module [122], to the session management function (SMF) module [108], the request for installation data, based on the received AAR. The request is adapted to expire after the predefined duration of time.
30 [0093] The transceiver unit [302] transmits, using the PCF module [122], the
request. The request is an update notification request for installation data to the
25

SMF [108] based on the AAR received earlier by the transceiver unit [302]. The
request sent by the transceiver unit [302] using PCF module [122] to the SMF [108]
is adapted to expire after the predefined duration of time. This means that the
request is time-sensitive, and if the SMF module [108] does not respond back to the
5 PCF module [122] within this specified time frame, the request is considered invalid
or timed out or expired. This mechanism ensures that resources are not indefinitely used by unfulfilled or failed requests, and it further helps in maintaining efficient network operations.
10 [0094] In an exemplary aspect, the installation data comprises at least one of the set
of policy rules, one or more dynamic policies, and one or more charging control (PCC) rules.
[0095] At step [408], the method [400] comprises determining, by the processing
15 unit [304] at the PCF module [122], in response to expiration of the request, the
type of the AAR. The type of AAR is one of an initial type, and an intermediate type.
[0096] In an exemplary aspect, the processing unit [304] is connected to the
20 transceiver unit [302]. The processing unit [304], using the PCF module [122],
determines the type of AAR which may be the initial type or the intermediate type,
based on the response to the expiration that was transmitted by the transceiver unit
[302]. This determination, by the processing unit [304], helps in managing the
request appropriately based on its type and stage in the process. In an exemplary
25 aspect, the initial type request may refer to a request that is made at the beginning
of a process or a service. It is the first type of AAR in the sequence. In an exemplary
aspect, the intermediate type request may be associated with subsequent stages in a
process or a service. It occurs after the initial request and may represent a status
update or a continuation of the request. In an exemplary aspect, the intermediate
30 type request may also be referred to as update type request.
26

[0097] In an exemplary aspect, both the initial type request and the intermediate type request are types of AAR commands/messages in form of the [Rx-Request-Type AVP], that is enumerated and contains the reason for sending the AAR command/messages. 5
[0098] In an exemplary aspect, the following values are defined in both the initial type and the intermediate type requests:
1. Initial type request - INITIAL_REQUEST has been assigned a value of 0.
The initial request is used to initiate an Rx session and contains information
10 that is relevant to initiation.
2. Intermediate type requests also referred to herein as update type request-
UPDATE_REQUEST has been assigned a value of 1. The intermediate type
update type request is used to update an existing Rx session.
15 [0099] At step [410], the method [400] comprises performing, by the processing
unit [304] at the PCF module [122], at least the action for the session, based on the determined type of the AAR.
[0100] The processing unit [304] performs the action for the particular session
20 depending on whether the type of the AAR is the initial type or the intermediate
type. In an exemplary aspect, if the type of AAR corresponds to the initial type, the method comprises disabling, by the processing unit [304] at the PCF module [122], the session and removing, by the processing unit [304] at the PCF module [122], resources allocated for the session. 25
[0101] In an exemplary aspect, the session is disabled/terminated, if the processing
unit [304] receives a successful response in the form of an authentication
authorization answer (AAA) for the initial type AAR, the processing unit [304],
using the PCF module [122] may send the request in the form of command i.e., a
30 Session-Termination-Request (STR) command for disabling/terminating the
specified session. Otherwise, the processing unit [304] waits for the initial AAA to
27

be received for the initial type AAR, prior to sending the Session-Termination-Request command to the PCF module [122]. Afterwards, the processing unit [304], using the PCF module [122] frees the resources allocated for the corresponding call session. 5
[0102] The processing unit [304] determines whether the type of request is the initial type or intermediate type. If the processing unit [304] determines that the type of request is the initial type, then the processing unit [304] using the PCF module [122] disables the session and remove the resources allocated for that
10 particular session. By disabling the session, the processing unit [304] ensures, using
the PCF module [122], that resources are not unnecessarily allocated to the particular session making the overall performance of the network efficient. Furthermore, the processing unit [304] ensures that resources are efficiently managed and released when they are no longer needed, and that the session is
15 properly concluded according to the policies and configurations of the system
[300].
[0103] In an exemplary aspect, if the type of AAR corresponds to the intermediate
type, the method comprises maintaining, by the processing unit [304] at the PCF
20 module [122], the session; and retaining, by the processing unit [304] at the PCF
module [122], resources allocated for the session.
[0104] In an exemplary aspect, if the processing unit [304] determines that the type of request is the intermediate type, then the processing unit [304], using the PCF
25 module [122] maintains the session and retains the resources allocated for that
particular session. The processing unit [304], using the PCF module [122] ensures that the session remains active as per the policy rules and requirements. This ensures continuity and proper handling of the session according to the policies and resource requirements set by the network.
30
28

[0105] The method further comprises determining, by the processing unit [304] at the PCF module [122], in response to an absence of receipt of installation from the SMF module [108], and after the predefined duration of time, that the request is expired.
[0106] The processing unt [304] in the absence of receipt or feedback response from the SMF module [108], determines, using the PCF module [122] that the request is expired. In an exemplary aspect, if the SMF module [108] does not respond back to the PCF module [122] within this specified time frame, the request is considered invalid or timed out or expired. This mechanism ensures that resources are not indefinitely used by unfulfilled or failed requests, and it further helps in maintaining efficient network operations.
[0107] The method further comprises storing, by the storage unit [306], data related to initial type requests, intermediate type request, set of policy rules, dynamic policies, charging control (PCC) rules, and the like.
[0108] At step [412], the method [400] terminates.
[0109] Referring to FIG. 5, an exemplary block diagram of a system architecture [500] for maintaining the session for authentication authorization requests (AAR) is shown, in accordance with the exemplary implementations of the present disclosure. The system architecture [500] comprises at least one Proxy-Call Session Control Function/Application Function (P-CSCF/AF) node [502], at least one policy control function PCF [122], and at least one session management function SMF [108].
[0110] The Policy Control Function (PCF) node [122] sends the update notify request to the SMF node [108] for received AAR. If said request goes timeout, then the PCF node [122] checks whether the received AAR is an initial AAR or an intermediate AAR. If AAR is the intermediate AAR, then the PCF node [122] does

not clear the session and also does not remove the dynamic PCC rules which got installed during first AAR message.
[0111] Referring to FIG. 6, an exemplary process flow diagram [600] for maintaining the session for authentication authorization requests (AAR) in accordance with exemplary implementations of the present disclosure is shown.
[0112] At step [602], the application function (AF) sends an AAR to the PCF [122] (also referred to herein as the PCF module [122]).
[0113] At step [604], the PCF module [122] receives the AAR that was sent by the application function (AF). In an exemplary aspect, the transceiver unit [302] receives the authentication authorization request (AAR) using at least a network function using the PCF module [304] from at least network function. For instance, the PCF module [122] may receive the AAR from the NFs to gather session-related details or service-specific information needed to make authentication and authorization decisions.
[0114] At step [606], after receiving the AAR, the PCF module [122] may send the update notify request to the SMF node [108] for installing rules based on the parameters received in AAR. In an exemplary aspect, the transceiver unit [302] transmits, using the PCF module [122], the request which is an update notification request for installation data to the SMF [108] based on the AAR received earlier by the transceiver unit [302]. The request sent by the transceiver unit [302], using PCF module [122] to the SMF [108] is adapted to expire after a predefined duration of time. This means that the request is time-sensitive, and if the SMF module [108] does not respond back to the PCF module [122] within this specified time frame, the request is considered invalid or timed out or expired. This mechanism ensures that resources are not indefinitely used by unfulfilled or failed requests, and it further helps in maintaining efficient network operations.

[0115] At step [608], the PCF [122] checks whether AAR is an initial or an intermediate. In an exemplary aspect, the processing unit [304], using the PCF [122], may determine the type of AAR which may be the initial type and the intermediate once the request has been expired. This determination by the processing unit [304] helps in managing the request appropriately based on its type and stage in the process. In an exemplary aspect, the initial type request may refer to a request that is made at the beginning of a process. It is the first type of AAR in the sequence. In an exemplary aspect, the intermediate type request may be associated with subsequent stages in a process. It occurs after the initial request and may represent a status update or a continuation of the request. In an exemplary aspect, the intermediate type request may also be referred to as an update type request.
[0116] At step [610], if the PCF module [122] determines that the AAR is the initial type request, then, the PCF module [122] may proceed to the next step.
[0117] At step [612], after the PCF module [122] determines that the AAR is the initial type request, it may clear the session e.g., call session associated with the request. In an exemplary aspect, if the processing unit [304] determines that the type of request is the initial type, then the processing unit [304], using the PCF module [122] disables the session and removes the resources allocated for that particular session. By disabling the session, the processing unit [304] ensures, using the PCF module [122], that resources are not unnecessarily allocated to the particular session making the overall performance of the network efficient. Furthermore, the processing unit [304] ensures that resources are efficiently managed and released when they are no longer needed, and that the session is properly concluded according to the policies and configurations of the system [300].
[0118] At step [614], if the PCF module [122] determines that the AAR is the intermediate type request, then, the PCF [122] may proceed to the next step.

[0119] At step [616], if the processing unit [304] determines that the type of request is the intermediate type, then, the processing unit [304], using the PCF module [122], maintains the session and retains the resources allocated for that particular session. The processing unit [304], using the PCF module [122], ensures that the session remains active as per the policy rules and requirements. This ensures continuity and proper handling of the session according to the policies and resource requirements set by the network.
[0120] The present disclosure further discloses a non-transitory computer readable storage medium storing one or more instructions for maintaining a session for authentication authorization requests (AAR), the instructions include executable code which, when executed by one or more units of a system [300], causes: a transceiver unit [302] of the system [300] to receive, at a policy control function (PCF) module [122], an AAR from at least a network function (NF). The instructions when executed further causes the transceiver unit [302] to transmit, at the PCF module [122], to a session management function (SMF) module [108], a request for installation data, based on the received AAR, wherein the request is adapted to expire after a predefined duration of time. The instructions when executed causes a processing unit [304] of the system [300] to determine, at the PCF module [122], in response to expiration of the request, a type of the AAR, wherein the type of AAR is one of an initial type, and an intermediate type. The instructions when executed further causes the processing unit [304] to perform, at the PCF module [122], at least an action for the session, based on the determined type of the AAR.
[0121] As is evident from the above, the present disclosure provides a technically advanced solution for for maintaining a session for authentication authorization requests (AAR). The present solution which does not clear the session in case of Update Notify request timeout for intermediate AAR for preserving the user experience and ongoing interactions in real time services, avoiding the need for

users to re-establish their connections. The present method and system remove problem of improper session termination and deliver an uninterrupted and efficient service, a more reliable and consistent user experience ensuring a smoother interaction. The present method and system preserve context of the ongoing session, which is especially crucial for real time applications, where interrupting the session could lead to loss of data. The present method and system clear sessions only for initial AARs, which allows the PCF to manage resources more effectively. The session that has progressed beyond the initial stage are likely to be more beneficial by keeping them active.
[0122] Further, in accordance with the present disclosure, it is to be acknowledged that the functionality described for the various the components/units can be implemented interchangeably. While specific embodiments may disclose a particular functionality of these units for clarity, it is recognized that various configurations and combinations thereof are within the scope of the disclosure. The functionality of specific units as disclosed in the disclosure should not be construed as limiting the scope of the present disclosure. Consequently, alternative arrangements and substitutions of units, provided they achieve the intended functionality described herein, are considered to be encompassed within the scope of the present disclosure.
[0123] While considerable emphasis has been placed herein on the disclosed implementations, it will be appreciated that many implementations can be made and that many changes can be made to the implementations without departing from the principles of the present disclosure. These and other changes in the implementations of the present disclosure will be apparent to those skilled in the art, whereby it is to be understood that the foregoing descriptive matter to be implemented is illustrative and non-limiting.

We Claim:
1. A method for maintaining a session for authentication authorization requests (AAR), the method comprising:
- receiving, by a transceiver unit [302] at a policy control function (PCF) module [122], an AAR from at least a network function (NF);
- transmitting, by the transceiver unit [302] at the PCF module [122], to a session management function (SMF) module [108], a request for installation data, based on the received AAR, wherein the request is adapted to expire after a predefined duration of time;
- determining, by a processing unit [304] at the PCF module [122], in response to expiration of the request, a type of the AAR, wherein the type of AAR is one of an initial type, and an intermediate type; and
- performing, by the processing unit [304] at the PCF module [122], at least an action for the session, based on the determined type of the AAR.

2. The method as claimed in claim 1, wherein the NFs is at least one of a proxy-call session control functions (P-CSCFs), and an application functions (AFs).
3. The method as claimed in claim 1, wherein the installation data comprises at least one of a set of policy rules, dynamic policies, and charging control (PCC) rules.

4. The method as claimed in claim 3, wherein the method comprises determining, by the processing unit [304] at the PCF module [122], in response to an absence of receipt of installation from the SMF module [108], and after the predefined duration of time, that the request is expired.
5. The method as claimed in claim 1, wherein, if the type of AAR corresponds to the initial type, the method comprises:

- disabling, by the processing unit [304] at the PCF module [122], the session; and
- removing, by the processing unit [304] at the PCF module [122], resources allocated for the session.
6. The method as claimed in claim 1, wherein, if the type of AAR corresponds
to the intermediate type, the method comprises:
- maintaining, by the processing unit [304] at the PCF module [122], the session; and
- retaining, by the processing unit [304] at the PCF module [122], resources allocated for the session.
7. A system for maintaining a session for authentication authorization requests
(AAR), the system comprising:
- a transceiver unit [302] configured to:
o receive, at a policy control function (PCF) module [122], an AAR
from at least a network function (NF); o transmit, at the PCF module [122], to a session management
function (SMF) module [108], a request for installation data,
based on the received AAR, wherein the request is adapted to
expire after a predefined duration of time;
- a processing unit [304] connected to at least the transceiver unit [302],
the processing unit [304] is configured to:
o determine, at the PCF module [122], in response to expiration of the request, a type of the AAR, wherein the type of AAR is one of an initial type, and an intermediate type; and
o perform, at the PCF module [122], at least an action for the session, based on the determined type of the AAR.

8. The system as claimed in claim 7, wherein the NFs is at least one of a proxy-call session control functions (P-CSCFs), and an application functions (AFs).
9. The system as claimed in claim 7, wherein the installation data comprises at least one of a set of policy rules, dynamic policies, and charging control (PCC) rules.

10. The system as claimed in claim 9, wherein the processing unit [304] is configured to determine, at the PCF module [112], in response to an absence of receipt of installation from the SMF module [108], and after the predefined duration of time, that the request is expired.
11. The system as claimed in claim 7, wherein, if the type of AAR corresponds to the initial type, the processing unit [304] is configured to:

- disable, at the PCF module [122], the session; and
- remove, at the PCF module [122], resources allocated for the session.
12. The system as claimed in claim 7, wherein, if the type of AAR corresponds
to the intermediate type, the processing unit [304] is configured to:
- maintain, at the PCF module [122], the session; and
- retain, at the PCF module [122], resources allocated for the session.