Upload
vunguyet
View
226
Download
2
Embed Size (px)
Citation preview
Authentication Center (AUC)
AUC is always integrated with HLR for the purpose of the authentication. At subscription time, the Subscriber Authentication Key (Ki) is allocated to the subscriber, together with the IMSI. The Ki is stored in the AUC and used to provide the triplets, same Ki is also stored in the SIM.
AUC stores the following information for each subscriber
1. The IMSI number,
2. The individual authentication key Ki,
3. A version of A3 and A8 algorithm.
Continued…..
Section 3 – NSS Topology
Authentication is required at each registration, at each call setup
attempt (mobile originated or terminated), at the time of location updating, before supplementary service activation, de-activation , registration.
HLR uses the IMSI to communicate with AUC, triplets are requested in sets of five.
Continued…..
Section 3 – NSS Topology
In AUC following steps are used to produce one triplet:
1. A non- predictable random number, RAND, is produced
2. RAND & Ki are used to calculate the Signed Response (SRES) and the Ciphering Key (Kc)
3. RAND, SRES and Kc are delivered together to HLR as one triplet.
HLR delivers these triplets to MSC/VLR on request in such a way that VLR always has at least one triplet.
Section 3 – NSS Topology
Authentication Procedure:
The MSC/VLR transmits the RAND (128 bits) to the mobile. The MS computes the SRES (32 bits) using RAND, subscriber authentication key Ki (128 bits) and algorithm A3. MS sends back this SERS to AUC and is tested for validity.
Section 3 – NSS Topology
MS BTS MSC/VLR HLR AUC OMC
A4
A4 IMSI Ki
A3 A8 Triplets
Generation
Ki RAND
RAND SERS
Kc
A2
Triplets
Ciphering Function
A5
Kc
RAND
=? SERS
IMSI
Ki
A3
A8
Ciphering Function
A5
Kc
SIM Card
Section 3 – NSS Topology
Ciphering
The user data and signaling data passes over the radio interface are ciphered to prevent intrusion. The ciphered key (Kc) previously computed by the AUC is sent from the VLR to the BSS after the mobile has been authenticated. The Kc is also computed in the MS and in the way both ends of the radio link (MS and BSS) possess the same key.
Section 3 – NSS Topology
Procedure:
For the authentication procedure, when SRES is being calculated, the Ciphering Key (Kc), is calculating too, using the algorithm A8.
The Kc is used by the MS and the BTS in order to cipher and decipher the bit stream that is sent on the radio path.
Section 3 – NSS Topology
AUC
Ki
A3
A8 A8
Ciphering/Deciphering
Speech, data,sig
A5
Kc
A3
Choice of random no RAND (128 bits)
=?
OK
SIM
Ki
A3
A8
A5 Speech, data,sig
A8
Kc (64 bits)
A3
SERS
RAND
SERS
Ciphering Command
Ciphered Data
Section 3 – NSS Topology
Subscriber Confidentiality
The subscriber identity (IMSI), since is considered sensitive information, is not normally transmitted on the radio channel. A local, temporary identity is used for all interchanges. The identity (TMSI) is assigned after each change of authenticated location. For other cases:
• Call set-up
• Use of supplementary services
• Use of SMS
Continued…..
Section 3 – NSS Topology
A TMSI is allocated when the one supplied by the MS is considered out of
date or when the MS does not provide the TMSI.
Transmission of the TMSI over the traffic channel is ciphered.
Section 3 – NSS Topology
Equipment Identification Register (EIR)
Purpose of this feature is to make sure that no stolen or unauthorized mobile equipment is used in the network.
EIR is a database that stores a unique International Mobile Equipment Identity (IMEI) number for each item of mobile equipment.
Section 3 – NSS Topology
Procedure:
• The MSC/VLR requests the IMEI from the MS and sends it to a EIR.
• On request of IMEI, the EIR makes use of three possible defined lists:
- A white list: containing all number of all equipment identities that have been allocated in the different participating countries.
- A black list: containing all equipment identities that are considered to be barred.
- A grey list: containing (operator’s decision) faulty or non-approved mobile equipment.
• Result is sent to MSC/VLR and influences the decision about access to the system.
Section 3 – NSS Topology
EIR MSC/VLR MS
Storage of all number series mobile equipment that have been allocated in the different GSM -
countries
Storage of all grey/black – listed mobile equipment
Storage of the equipment identity
IMEI
Call Setup
IMEI Request
Sends IMEI
Check IMEI
Access/ barring info
Continues/Stops call setup procedure
Section 3 – NSS Topology
Echo Canceller
In order to eliminate echo effects (noticeable by the mobile subscribers while in conversation with PSTN subscribers) caused by the time delay due to coding and decoding of signal processing, group of echo cancellers are installed even for local calls.
This is rarely a problem when communicating between two MSs. However, when connecting to a PSTN telephone, the signal must pass through a 4-wire to 2-wire hybrid transformer.
Continued…..
Section 3 – NSS Topology
The function of this transformer is - some of the energy at the 4-
wire receive side from the mobile is coupled back to the 4-wire transmit side and thus speech is retransmitted back to the mobile.
As a result, all calls on to the PSTN must pass through an echo canceller to remove what would otherwise be a noticeable and annoying echo.
Continued…..
Section 3 – NSS Topology
The process of canceling echo involves two steps:
• First, as the call is set up, the echo canceller employs a digital adaptive filter to set up a model or characterization of the voice signal and echo passing through the echo canceller. As a voice path passes back through the cancellation system, the echo canceller compares the signal and the model to dynamically cancel existing echo. It removes more than 80 to 90 percent of the echo across the network.
• The second process utilizes a non-linear processor (NLP) to eliminate the remaining residual echo by attenuating the signal below the noise floor.
Section 3 – NSS Topology
Transcoder and Rate Adaptor Unit (TRAU)
The primary function of the TRAU is to convert 16kps (inc signaling) GSM speech channels to 64kbps PCM channels in the uplink direction and the reverse in the downlink direction. The reason this process is necessary is because MSCs only switch at the 64kbps channel level.
Section 3 – NSS Topology
TRAU Locations
TRAU can be physically located in the BTS, BSC or MSC and hence leads to a variety of installation configurations.
Section 3 – NSS Topology
Advantages of Different Configurations
Case 1, TRAU at BTS: If the TRAU is installed at the BTS, each 16kbps GSM channel would need to be mapped to its own 64kbps PCM channel. This results in 75% of the transmission bandwidth being wasted across both the Abis (BTS-BSC) and A (BSC-MSC) interface.
Case 2, TRAU at BSC: If the TRAU is installed at the BSC, 16kbps GSM channel mapped to 64kbps at the A (BSC-MSC) interface, which increases the requirement of the Transmission trunks.
Section 3 – NSS Topology
Case 3, TRAU at MSC: If the TRAU is placed at the MSC, as is generally
the case in current networks, a multiplexer can be placed at the BTS which enables 4 x 16kbps GSM channels to be multiplexed onto one 64kbps PCM channel, using 4 x 16kbps ISDN D-channels. In this configuration, only at arrival at the MSC is the 16-64kbps channel conversion necessary, thereby maximizing the efficient usage of the transmission medium by increasing the GSM channel throughput per PCM 2048 bearer from 30 to 120 channels.
Section 3 – NSS Topology
Operation And Maintenance Center (OMC)
The OMC centralizes all operations and maintenance activities for the MSCs and BSSs using remote software control. It provides remote testing, operations, and maintenance capabilities for the entire system from one central location. Each BSS, MSC, HLR, VLR, EIR, and AUC can be monitored and controlled from the OMC.
Section 3 – NSS Topology
OMC Functional Architecture
Operating System
Communications Handler
Database
MMI
Event/ Alarm Management Security
Management
Fault Management
Performance Management
Configuration Management
Section 3 – NSS Topology
The OMC supports the following network management functions:
• Event Management - General functions of the OMC include operator input and output messages, application input commands, and application output reports.
• Fault Management - The OMC provides fault management such as diagnostics and alarms for the MSC and BSS. It provides the means to isolate and minimize the effects of faults in the network thereby enabling the network to operate in efficient manner.
Continued…..
Section 3 – NSS Topology
• Security Management – It provides an extensive range of features to ensure that access to the OMC functions is restricted to relevant personnel.
The security features are as follows:
Password Authentication of OMC operator
Logging of OMC access attempt
Configurable user access restrictions
Automatic logoff
Section 3 – NSS Topology
• Configuration Management - Configuration management for the
BSS consists of generic download, non-volatile memory download, database administration, and translations download. For the MSC, software release updates, database administration (route analysis, IMSI analysis table), and subscriber administration (connect/disconnect) are supported.
• Performance Management - Performance management supports data collection (such as traffic data, handovers, statistics, plant measurements, and volume data) and basic reporting.
Section 3 – NSS Topology
Billing Center
Charging analysis is the process of analysing the Charging Case and then ultimately generating the TT (Toll Ticketing) record so that an itemised bill can be produced and then sent on to the customer.
The tariff structure consists of two parts:
• The network access component
• The network utilization component
Section 3 – NSS Topology
The network utilization component is registered on a per call basis.
Charging starts at the moment the subscriber answers, or on connection to an answering machine internally in the network.
The main elements are:
• Use of GSM PLMNs
• Use of national / international PSTNs
• Use of connection between different networks
• Use of the signaling system no.7
Section 3 – NSS Topology
Depending on the type of call, one or more call tickets can be generated:
• Outgoing call to fixed network: a call tickets is generated by the originating MSC.
• Incoming call from the fixed network: two call tickets are created: one in the GMSC and another in the destination MSC. If a call forwarding supplementary service is in operation, other call tickets are generated in the MSC and the GMSC.
Continued…..
Section 3 – NSS Topology
• Outgoing call from a mobile subscriber to another mobile
subscriber belonging to same PLMN: three call tickets are created: one in the originating MSC, one in the GMSC (which is in this case is the originating MSC) and another in the destination MSC.
Call tickets mainly register the following information:
1. IMSI
2. Identity (MSISDN) and type (MSC or GMSC)
3. Mobile subscriber location identity
Section 3 – NSS Topology
4. Other party’s identity
5. Call type (incoming, outgoing, forwarded etc)
6. Call status
7. Teleservices and bearer service
8. Date and time
9. Call duration
Section 3 – NSS Topology
Call Detail Record (CDRs)
• Each call within the PLMN creates one or more call records
• These records is generated by the MSC/GMSC originating the call
• The records are known as a ‘Call Detail Records’ (CDRs) • CDRs contain the following information:
- Subscriber Identity
- Number called
- Call Length
- Route of call
• Often referred to as ‘Toll Tickets’
Section 3 – NSS Topology
Call Charge Procedure
• Network supplies originating MS with CAI details
• MS calculates AOC record using CAI details
• This record acts as a ‘toll ticket’ which tracks the call on its route through various networks
• Each call component can generate a separate CDR
• The record passes along the backbone to the home network
• Billing computer generates bills based on cumulative CDRs
• HPLMN collects the charges
• HPLM reimburses VPLMN using TAPs in accordance with roaming agreement
Section 3 – NSS Topology
Section 3 – NSS Topology
The Transferred Account Procedure (TAP) is the mechanism by which operators exchange roaming billing information. This is how roaming partners are able to bill each other for the use of networks and services through a standard process.
Section 3 – NSS Topology
Gateway MSC (GMSC)
Gateway MSC (GMSC) connects the PLMN with other networks and the entry point for the mobile subscriber calls having the interrogation facility. It has the function to obtain the information from the HLR about the subscriber’s current location and reroute the calls accordingly.
In case of the network having only on MSC, the same MSC work as the GMSC, while in the case having more than one MSC, one dedicated MSC works as GMSC.
Section 3 – NSS Topology