Upload
katrina-flynn
View
215
Download
0
Tags:
Embed Size (px)
Citation preview
Cellular Access Control and Charging for Mobile Operator Wireless Local Area Networks
H. Haverinen, J. Mikkonen and T. Takamaki, Nokia
Wei-Jen, LinAdvanced Network Technology Lab.
Institute of Communications Engineering
National Chung Cheng [email protected]
Outline
• Introduction• Other Solutions• Architecture• Authentication Protocol• User Identity Format• Authentication in GSM• Authentication and Roaming• Subscriber Identity Privacy• Accounting and Billing• System Implementation• Conclusions
Introduction
• Reusing GSM and GPRS mechanisms for user authentication, access control, subscriber management, operator roaming, and billing.
• Compatible with RADIUS、 EAP, IEEE 802.1x and IEEE 802.11i.
• WLAN service provider is a cellular operator.• SIM-based/RADIUS-based Authentication.• The first public WLAN solutions only provide for
internet or intranet connectivity.
Other Solutions
Reusing GPRS mobility management message. The user’s active GPRS sessions could be transferred to WLAN.
Architecture
RADIUS Proxy
Authentication Server(AAA Server)
Charging Gateway
SS7 NetworkIP Network
802.1x with EAP/SIM
802.11i Ki / IMSI
Authentication Protocol
AAA Network
MAP : Mobile Application PartMTP : Message Transfer Part SCCP : Signaling Connection Control PartTCAP : Transaction Capabilities Application Part
User Identity Format
Network Access Identifier (NAI) : [email protected] : [Mobile Country Code][Mobile Network Code][Mobile Subscriber Identification Number]
Subscriber Identity Privacy
• GSM networks protect the privacy of the subscriber identity with temporary identities (TMSI).
• WLAN system introduces a new type of temporary identities called pseudonyms.
• In the very first connection with an AS, the client always transmits the clear text IMSI and uses pseudonym as the username portion of the NAI in subsequent connections.
Accounting and Billing
GTP’
CDR : Charging Data RecordsCGF : Charging Gateway FunctionalityCG : Charging GatewayBS : Billing SystemGTP’ : GPRS Tunneling Protocol
proprietary
proprietary / FTP
Access Network
Auth. Server
System Implementation
• Nokia Operator Wireless LAN solution release 2.0• Nokia A036 AP
– Linux OS, ARM940, Kernel 2.4.17, PoE
• AS is based on PC-Server (Compaq)– Windows NT 4.0, RADIUS, SIM auth. Software
• 10-20 terminal auth. exchanges/sec. – An average connection time of 30 min, 18,000-36,000 simultane
ous connections.
• For redundancy and load-balancing reasons it’s recommended to have always at least two ASs in a WLAN system.