56
IT6601 MOBILE COMPUTING UNIT – III Dr.A.Kathirvel, Professor and Head, Dept of IT Mrs. D. Anbarasi, Asst. Professor/IT Anand Institute of Higher Technology, Chennai
| Date post: | 09-Jan-2017 |
| Category: |
Engineering |
| Upload: | anand-institute-of-higher-technology-chennai |
| View: | 1,916 times |
| Download: | 1 times |
IT6601 MOBILE COMPUTING
UNIT – III
Dr.A.Kathirvel, Professor and Head, Dept of IT
Mrs. D. Anbarasi, Asst. Professor/IT
Anand Institute of Higher Technology, Chennai
Unit - III
MOBILE TELECOMMUNICATION SYSTEM
Global System for Mobile Communication (GSM) –
General Packet Radio Service (GPRS) – Universal Mobile
Telecommunication System (UMTS).
*Prasant Kumar Pattnaik, Rajib Mall, “Fundamentals of Mobile Computing”, PHI Learning Pvt. Ltd, New Delhi
2
Synopsis
Global System for Mobile Communication (GSM)
GSM Services
System Architecture of GSM
GSM Security
General Packet Radio Service (GPRS)
GPRS Services
GPRS Architecture
Universal Mobile Telecommunication System (UMTS)
UMTS Network Architecture
3
What is GSM?
GSM (Global System for Mobile communication)
is a digital mobile telephony system that is widely
used in Europe and other parts of the world.
GSM is a second generation cellular standard
developed to cater voice services and data delivery
using digital modulation.
GSM uses a variation of time division multiple
access (TDMA) and is the most widely used of the
three digital wireless telephony technologies
(TDMA, GSM, and CDMA).
4
What is GSM?
GSM digitizes and compresses data,
then sends it down a channel with two
other streams of user data, each in its
own time slot.
It operates at either the 900 MHz or
1800 MHz frequency band
5
GSM Services
TELE SERVICES : Includes mobile
phones, emergency calling etc.
DATA SERVICES : Includes SMS
(Short message service), fax, voicemail,
electronic mail.
SUPPLYMENTARY SERVICES : I/C
& O/G calls, call forwarding, call hold,
call waiting, conference, etc.
6
GSM Subscriber Services
Dual-Tone MultiFrequency (DTMF)—DTMF is a tone
signaling scheme often used for various control purposes via
the telephone network, such as remote control of an answering
machine. GSM supports full-originating DTMF.
facsimile group III—GSM supports CCITT Group 3
facsimile. As standard fax machines are designed to be
connected to a telephone using analog signals, a special fax
converter connected to the exchange is used in the GSM
system.
short message services—A convenient facility of the GSM
network is the short message service. A message consisting of
a maximum of 160 alphanumeric characters can be sent to or
from a mobile station.
7
GSM Subscriber Services cell broadcast—A variation of the short message service is the
cell broadcast facility. A message of a maximum of 93
characters can be broadcast to all mobile subscribers in a certain
geographic area. Typical applications include traffic congestion
warnings and reports on accidents.
voice mail—This service is actually an answering machine
within the network, which is controlled by the subscriber. Calls
can be forwarded to the subscriber's voice-mail box and the
subscriber checks for messages via a personal security code.
fax mail—With this service, the subscriber can receive fax
messages at any fax machine. The messages are stored in a
service center from which they can be retrieved by the
subscriber via a personal security code to the desired fax
number.
8
GSM Supplementary Services
call forwarding—This service gives the subscriber the ability
to forward incoming calls to another number if the called
mobile unit is not reachable, if it is busy, if there is no reply, or
if call forwarding is allowed unconditionally.
barring of incoming calls—This function allows the subscriber
to prevent incoming calls. The following two conditions for
incoming call barring exist: baring of all incoming calls and
barring of incoming calls when roaming outside the home
PLMN.
advice of charge (AoC)—The AoC service provides the mobile
subscriber with an estimate of the call charges. There are two
types of AoC information: one that provides the subscriber with
an estimate of the bill and one that can be used for immediate
charging purposes.
9
GSM Supplementary Services
call hold—This service enables the subscriber to interrupt an
ongoing call and then subsequently reestablish the call. The
call hold service is only applicable to normal telephony.
call waiting—This service enables the mobile subscriber to
be notified of an incoming call during a conversation. The
subscriber can answer, reject, or ignore the incoming call.
Call waiting is applicable to all GSM telecommunications
services using a circuit-switched connection.
multiparty service—The multiparty service enables a
mobile subscriber to establish a multiparty conversation—
that is, a simultaneous conversation between three and six
subscribers. This service is only applicable to normal
telephony.
10
GSM Supplementary Services
Calling line identification presentation/restriction—
These services supply the called party with the integrated
services digital network (ISDN) number of the calling
party. The restriction service enables the calling party to
restrict the presentation. The restriction overrides the
presentation.
Closed user groups (CUGs)—CUGs are generally
comparable to a PBX. They are a group of subscribers
who are capable of only calling themselves and certain
numbers.
Barring of outgoing calls—This service makes it
possible for a mobile subscriber to prevent all outgoing
calls.
11
GSM Architecture
Network sub-system
Radio sub-system
Operation and maintenance sub-system
12
GSM Architecture
13
Mobile Station(MS)
The Mobile Station is made up of two entities:
Mobile Equipment (ME)
Subscriber Identity Module (SIM)
Mobile Equipment (ME)
Portable, vehicle mounted, hand held device
Uniquely identified by an IMEI (International Mobile Equipment Identity)
Voice and data transmission
Monitoring power and signal quality of surrounding cells for optimum handover
Power level : 0.8W – 20 W
160 character long SMS.
14
Mobile Station(MS)
Subscriber Identity Module(SIM)
Smart card contains the International Mobile Subscriber Identity (IMSI)
Allows user to send and receive calls and receive other subscribed services
Protected by a password or PIN
Can be moved from phone to phone – contains key information to activate the phone
15
Network sub-system/Switching System
Home location register (HLR) —The HLR is a
database used for storage and management of
subscriptions. The HLR is considered the most
important database, as it stores permanent data about
subscribers, including a subscriber's service profile,
location information, and activity status.
Mobile services switching center (MSC) —The
MSC performs the telephony switching functions of
the system. It controls calls to and from other
telephone and data systems. It also performs such
functions as toll ticketing, network interfacing,
common channel signaling, and others.
16
Network sub-system/Switching System
Visitor location register (VLR) —The VLR is a
database that contains temporary information about
subscribers that is needed by the MSC in order to
service visiting subscribers. The VLR is always
integrated with the MSC.
Authentication center (AUC) —A unit called the
AUC provides authentication and encryption
parameters that verify the user's identity and ensure
the confidentiality of each call. The AUC protects
network operators from different types of fraud found
in today's cellular world.
17
Network sub-system/Switching System
Equipment identity register (EIR) —The
EIR is a database that contains information
about the identity of mobile equipment that
prevents calls from stolen, unauthorized, or
defective mobile stations. The AUC and
EIR are implemented as stand-alone nodes
or as a combined AUC/EIR node.
18
Base Station System/Radio Sub-System
BSC —The BSC provides all the control functions
and physical links between the MSC and BTS. It is a
high-capacity switch that provides functions such as
handover, cell configuration data, and control of
radio frequency (RF) power levels in base
transceiver stations. A number of BSCs are served by
an MSC.
BTS —The BTS handles the radio interface to the
mobile station. The BTS is the radio equipment
(transceivers and antennas) needed to service each
cell in the network. A group of BTSs are controlled
by a BSC.
19
Base Station System/Radio Sub-System
20
OPERATION AND
MAINTENANCE SUBSYSTEM
Dynamic monitoring and controlling of
network.
Operation and maintenance data function.
Configuration management.
Fault report and alarm handling.
Performance supervision.
Storage of software and data.
Stores data for minimum one year.
21
Security in GSM
On air interface, GSM uses encryption and
TMSI instead of IMSI.
SIM is provided 4-8 digit PIN to validate the
ownership of SIM
3 algorithms are specified
A3 algorithm for authentication
A5 algorithm for encryption
A8 algorithm for key generation
22
GSM Security Design Requirements
Add significant overhead on call set up
Increase bandwidth of the channel
Increase error rate
Add expensive complexity to the system
Cost effective scheme
Define security procedures
Generation and distribution of keys
Exchange information between operators
Confidentiality of algorithms
23
GSM Security Features
Key management is independent of equipment Subscribers can change handsets without compromising security
Subscriber identity protection not easy to identify the user of the system intercepting a user data
Detection of compromised equipment - Detection mechanism whether a mobile device was compromised or not
Subscriber authentication - The operator knows for billing purposes who is using the system
Signaling and user data protection- Signaling and data channels are protected over the radio path
24
25
Authentication and Encryption Scheme
A3
Mobile Station Radio Link GSM Operator
A8
A5
A3
A8
A5
Ki Ki
Challenge RAND
Kc Kc
mi Encrypted Data mi
SIM
Signed response (SRES) SRES SRES
Authentication: are SRES
values equal?
26
A3 – MS Authentication Algorithm
Goal
Generation of SRES response to MSC’s random
challenge RAND
A3
RAND (128 bit)
Ki (128 bit)
SRES (32 bit)
27
A8 – Voice Privacy Key Generation
Algorithm
Goal
Generation of session key Kc
A8 specification was never made public
A8
RAND (128 bit)
Ki (128 bit)
KC (64 bit)
28
Logical Implementation of A3 and A8
Both A3 and A8 algorithms are implemented
on the SIM
Operator can decide, which algorithm to use.
Algorithms implementation is independent of
hardware manufacturers and network operators.
COMP128 is used for both A3 and A8 in most
GSM networks.
COMP128 is a keyed hash function
29
A5 – Encryption Algorithm
A5 is a stream cipher
Implemented very efficiently on hardware
Design was never made public
Leaked to Ross Anderson and Bruce Schneier
Variants
A5/1 – the strong version
A5/2 – the weak version
A5/3
GSM Association Security Group and 3GPP design
Based on Kasumi algorithm used in 3G mobile systems
30
A5 Encryption
Mobile Stations Base Station
Subsystem
Exchange
System
Network
Management
Subscriber and terminal
equipment databases
BSC MSC VLR
HLR
EIR
AUC
OMC BTS
BTS
BTS
A5 Encryption
General packet radio service (GPRS)
General packet radio service (GPRS) is a packet
oriented mobile data service on the 2G and 3G cellular
communication system's global system for mobile
communications(GSM). GPRS was originally
standardized by European Telecommunications
Standards Institute (ETSI) in response to the
earlier CDPD and i-mode packet-switched cellular
technologies.
31
GPRS Networks based on the Internet Protocol (IP) and X.25
Theoretically maximum rate is just 171. 2 Kbits/sec.
A realistic estimation on transfer is between 5 and 40
kbps.
It applies a packet radio principle to transfer user data
packets in an efficient way.
This principle offers a more user-friendly billing than
that offered by circuit switched services.
User can be "online" over a long period of time but
will be billed based on the transmitted data volume.
32
GPRS Architecture
33
GPRS Architecture
A serving GPRS support node (SGSN) is responsible for
Delivery of data packets from and to the mobile stations within its service area.
Packet routing and transfer
Mobility management (attach/detach and location management)
Authentication and charging functions. The location register of the SGSN stores location information and user profiles (IMSI, addresses used in the packet data network) of all GPRS users registered with this SGSN.
34
GPRS Architecture
A gateway GPRS support node (GGSN) acts as an interface between the GPRS backbone network and the external packet data networks.
It converts the GPRS packets coming from the SGSN into the appropriate packet data protocol (PDP) format (IP or X.25) and sends them out on the corresponding packet data network.
In the other direction, PDP addresses of incoming data packets are converted to the GSM address of the destination user. The readdressed packets are sent to the responsible SGSN. For this purpose, the GGSN stores the current SGSN address of the user and his or her profile in its location register.
Also performs authentication and charging functions.
35
GPRS Mobility Management
GPRS Attachment
GPRS Detachment
Location Management
36
GPRS Attachment Procedure
Before a mobile station can use GPRS services, it must register with an
SGSN of the GPRS network. This procedure follows as
mobile is authenticated
with the mobile's Home
Location Register
SGSN does an update
of the GPRS location
SGSN sends an "Attach
Accept" message to the
mobile
mobile responds with
an "Attach Complete"
37
Attach request which includes IMSI which then processed by the network
to P-TMSI.
GPRS Detachment Procedure The disconnection from the GPRS. It can be initiated
by the mobile station or by the network (SGSN).
In MS initiated one; MS informs that it wants to leave the system, this is MS’s wish. If any contexts are active, network will clear them. Afterwards MS’s location is not tracked anymore.
In Network initiated one; Network wants to “get rid of the MS” because of;
Ill behaving mobile
Congested network
Immediate service termination (IST)(E.g. Bills are not paid)
Load new parameters (Configuration has been changed and they should be taken into use)
38
Location Management
Aim is to keep track of the user's current location, so that incoming packets can be routed to his or her MS.
If the MS sends update messages seldom, its location is not known exactly, resulting in a significant delivery delay.
On the other hand, if location updates happen very often, the MS's location is well known to the network, and the data packets can be delivered without any additional delay. But, quite a lot of uplink radio capacity and battery power is consumed for mobility management.
39
Location Management
A MS can be in one of three states depending on its current traffic amount; the location update frequency is dependent on the state of the MS.
40
Location Management
In IDLE state the MS is not reachable. Performing a GPRS attach, the MS gets into READY state. With a GPRS detach it may disconnect from the network and fall back to IDLE state. All PDP contexts will be deleted.
The STANDBY state will be reached when an MS does not send any packets for a longer period of time, and therefore the READY timer, which was started at GPRS attach, expires.
In IDLE state, no location updating is performed, the current location of the MS is unknown to the network.
41
Location Management
An MS in READY state informs its SGSN of every movement to a new cell(in GSM).
In GPRS, for the location management of an MS in STANDBY state, a GSM location area (LA) is divided into several routing areas (RA). In general, an RA consists of several cells. The SGSN will only be informed when an MS moves to a new RA; cell changes will not be disclosed. Whenever an MS moves to a new RA, it sends a "routing area update request" to its assigned SGSN. The message contains the routing area identity (RAI) of its old RA.
In same SGSN routing area update
In different SGSN routing area update
42
Session Management
To exchange data packets with external PDNs
after a successful GPRS attach, a mobile
station must apply for one or more addresses
used in the PDN, e.g., for an IP address in case
the PDN is an IP network.
This address is called PDP address (Packet
Data Protocol address).
43
Session Management The allocation of the PDP address can be static or
dynamic.
Static : The network operator of the user's home-PLMN permanently assigns a PDP address to the user.
Dynamic : PDP address is assigned to the user upon activation of a PDP context.
The PDP address can be assigned by the operator of the user's home-PLMN (dynamic home-PLMN PDP address)
By the operator of the visited network (dynamic visited-PLMN PDP address).
In case of dynamic PDP address assignment, the GGSN is responsible for the allocation and the activation/ deactivation of the PDP addresses
44
Session Management For each session, a PDP context is created, which
describes the characteristics of the session. It contains;
the PDP type (e.g., IPv4),
the PDP address assigned to the mobile station (e.g., 129.187.222.10),
the requested QoS,
the address of a GGSN that serves as the access point to the PDN
This context is stored in the MS, the SGSN, and the GGSN. With an active PDP context, the mobile station is "visible" for the external PDN and is able to send and receive data packets. The mapping between the two addresses, PDP and IMSI, enables the GGSN to transfer data packets between PDN and MS.
45
Session Management
PDP context activation procedure
46
Quality of Service
GPRS allows defining QoS profiles using the parameters service precedence, reliability, delay, and throughput.
The service precedence is the priority : high, normal, and low.
The reliability indicates the transmission characteristics required by an application. Three reliability classes are defined, which guarantee certain maximum values for the probability of loss, duplication, missequencing, and corruption (an undetected error) of packets.
The delay parameters define maximum values for the mean delay. The delay is defined as the end-to-end transfer time between two communicating mobile stations or between a mobile station and the Gi interface to an external packet data network.
The throughput specifies the maximum bit rate and the mean bit rate.
47
GPRS Services
Offers end-to-end packet switched data transfer
Bearer Services
PTP - Point-To-Point service (CLNS mode)
PTM - Point-To-Multipoint service(CONS Mode)
PTM-M Multicast service
PTM-G Group call service
Supplementary Services
SMS-Short Message Service
CFU-Call Forwarding Unconditional
48
GPRS Services
CFNRc Call Forwarding on mobile subscriber
not reachable
CUG Closed User Group
Tele action, access to data bases
Quality of Service
GPRS allows defining QoS profiles
Service precedence, reliability, delay,
throughput
49
Advantages of GPRS
Improves the utilization of the radio resources
Multiple users can share one physical
channel
Volume-based billing
Higher transfer rates
Max 171.2Kbits/sec
Shorter access times
Simplifies the access to packet data networks
50
Applications of GPRS
Textual and Visual Information
Still Images
Web Browsing
Document Sharing
Corporate Email
Internet Email
Vehicle Positioning
File Transfer
51
Universal Mobile Telecommunications
System(UMTS)
UMTS is a 3G networking standard used throughout much of
the world as an upgrade to existing GSM mobile networks.
UMTS makes use of WCDMA, a technology that shares
much with CDMA networks used throughout the world,
though it is not compatible with them.
Base level UMTS networks are generally capable of downlink
speeds as fast as 384kbps. Newer HSDPA variants are capable
of rates as high as 3.6Mbps or more.
Originally used only on the 2100MHz frequency band in
Europe, UMTS is now supported on the 850MHz and
1900MHz bands in North America.
52
UMTS Architecture
53
54
UMTS Bearer Services
TE
MT
UTRAN
CN Iu
EDGE
NODE
CN
Gateway
TE
End-to-End Service
External Bearer
Service
Radio Access Bearer
Service
Backbone
Network Service
UTRA
FDD/TDD
Service
TE/MT Local
Bearer Sevice UMTS Bearer Service
CN Bearer
Service
Radio Bearer
Service
Iu Bearer
Service
Physical Bearer
Service
UMTS
55
UMTS QoS Classes Traffic class Conversational
class
Streaming
class
Interactive
class
Background
Fundamental
characteristics
Preserve time
relation
between
information
entities of the
stream
Conversational
pattern
(stringent and
low delay)
Preserve time
relation
between
information
entities of the
stream
Request
response
pattern
Preserve data
integrity
Destination is
not expecting
the data
within a
certain time
Preserve data
integrity
Example of the
application
Voice,
videotelephony,
video games
Streaming
multimedia
Web browsing,
network games
Background
download of
emails
Questions ?
56
