Documente Academic
Documente Profesional
Documente Cultură
Security
Mobility Management
Routing Calls to
Mobile Stations
Detailed Location
Registration Scenario
Objectives
At the end of this unit, you should be able to:
Explain why the mobile registration process is necessary
Describe how a call is automatically routed from PSTN to a mobile station
Explain why mobile authentication is necessary and how it works
Describe the various phases of mobile registration and the location
updating process
Unit 3 Section 1
Mobility Management
PSTN
Benelux
GSA
GPA 2
Belgium
GPA 1
UK
GPA 3
Netherlands
Location Area 3
Location Area 2
Cell
Area
MNC
LAC
CI
MSC
BSC 1
BSC 1
Location
Area 2
BTS
BTS
BTS
BTS
Location
Area 1
BTS
To PSTN
MSC 2
MSC
Area 2
MSC
Area 1
Location
Area 3
Location
Area 1
Cell
Area
Location
Area 4
Cell
Area
Cell
Area
Cell
Area
Location
Area 2
BTS
BSC
MS
HLR
MSC
VLR
BSC
Radio Criterion
Registration Sequence
GEOGRAPHIC Based
TIME Based
ON/OFF Based
Time-Based Registration
TIMER MANAGEMENT:
Timer is reset when mobile station activity has taken place.
Mobile Station initiates location updating when timer expires.
Mobile station timer value is kept in memory when turned off.
On/Off-Based Registration
IMSI Attach
- mobile power-up = attach
- mobile power-up causes a registration
IMSI Detach
- mobile power-down = detach
- mobile power-down causes a deregistration
Location Area
BSS
BSS
PSTN
DN
- Location Area
- Mobile ID
Mobile Station
BSS
BSS
BSS
Location Area
International
Mobile Equipment
Identity (IMEI)
Smart Card
(SIM)
Jane Doe
Temporary Mobile
Subscriber Identity (TMSI)
Smart Card
(SIM)
Mike = Jane Doe
FAC
SP
SNR
MNC
MSIN
NMSI
United Kingdom
44
234, 235
Spain
34
214
France
33
208
Finland
358
244
Sweden
46
240
Italy
39
222
Ireland
354
272
United States
310 316
Australia
61
505
Japan
81
440, 441
Kuwait
965
419
Mobile Station
Mobile Equipment
SIM Card
Plug-In
Type SIM
92316
005
Contains:
International Mobile Subscriber Identity (IMSI)
Authentication key (Ki)
Personal Identification Number (PIN)
Subscriber information
Access control class
Cipher key (Kc)*
Temporary Mobile Station Identification (TMSI)*
Additional GSM services*
Location Area Identity (LAI)*
Forbidden Public Land Mobile Numbers (PLMNs)*
*Updateable by network
92316
005
Trunks
Local
Exchange
MSC
Trunks
PSTN
MSC
MSRN
MSISDN
X
X
IMSI
X
- MSISDN
- IMSI
- MSRN
- Subscriber Data
MSRN
X
IMSI
X
TMSI
X
- MSISDN
- IMSI
- MSRN
- LAC
- TMSI
- Subscriber Data
SS7 Network
VLR
VLR
MSC
Area
MSC
Area
MSC
Area
MSC
Area
LA1 LA2 LA 3
LA 1
LA 2
LA1
System 1
VLR
System 2
System 3
MSRN
Home
MSC
MSISDN
2
MSISDN
1
BSS 1
BSS 2
PSTN
MSRN
MSRN
TMSI
10
Visited
MSC
BSS 1
MSRN
Signalling
Voice Path
TMSI
VLR
BSS 2
HLR
MSISDN
MSRN
MSISDN
TMSI
PSTN
MSISDN
Home
MSC
BSS 1
BSS 2
MSRN
VLR
TMSI
BSS 2
MSISDN
MSISDN
PSTN
HLR
MSRN
TMSI
MSISDN
Visited
MSC
MSRN
VLR
BSS 3
BSS 4
TMSI
BSS 1
Home
MSC
BSS 2
MSISDN
MSISDN
Gateway
MSC
PSTN
HLR
MSRN
TMSI
MSISDN
BSS 1
TMSI
MSRN
Signalling
Visited
MSC
MSRN
Voice Path
VLR
BSS 2
VLR
Landline network
Home
MSC
HLR
PSTN
Mobile Registers
Update Location.
No MSRN, use
LMSI
Subscriber Data
Incoming Call
Need MSRN
For LMSI
MSRN
Need MSRN
For LMSI
MSRN
Get Route
MSRN
Get Route
MSRN
Incoming Call
The temporary mobile station identity that is sent is not the mobile station's true identity.
Instead, an alias is used by the network so no calling pattern can be seen by an observer.
Authentication Concept
Serving Network
Random Number
Generator
Mobile Station
Random Number
Authentication
Response
No
Secret Data
Authentication
Response
=
Yes
Deny
Access
Authentication
Algorithm
Grant
Access
Home System
1
VLR
HLR
RAND, SRES
RAND, SRES
SRES
AUC
Ki
RAND
MSC
SRES
RAND
RAND
BSS
Mobile Station
IMSI/TMSI
Random Number (RAND)
RAND
Ki
RAND
A8
A3
RAND
Ki
Ki
RAND
A3
A8
SRES
Kc
Ki
128 bits
Kc
SRES
Ki
- Individual subscriber authentication key (128 bits)
Kc
- Cipher Key (64 bits)
RAND - Random number (128 bits)
SRES
A3
A8
Home System
A3 & A8
RAND
HLR
Visited System
IMSI
RAND
Kc
RAND
SRES
SRES
VLR
RAND, SRES Kc
RAND, SRES Kc
RAND, SRES Kc
RAND, SRES Kc
RAND, SRES Kc
RAND, Kc
BSS
SRES
MS
EIR
IMEI CHECK
Response
CHECK IMEI
Request IMEI
MSC
2
IMEI
MS
Detailed Location
Registration Scenario
Location Updating
MSC 1
MSC 2
VLR
HLR
VLR
BSC
BSC
BSC
2) Authentication*
3) Update Location Registers
4) Ciphering*
5) TMSI Reallocation
*Phase might not occur
1
2
3
A
BSS
MSC
Request IMSI
6
Request IMSI
7
8
9
IMSI Acknowledge
IMSI Acknowledge
New
VLR
MSC
New
VLR
D
HLR
Get Authentication
Parameters IMSI
10
Get Authentication
Parameters IMSI
11
Authentication
Parameters
12
Authentication
Parameters
RAND, SRES, Kc
13
Authenticate Mobile
Station
14
15
16
17
AUC
Authenticate Mobile
Station RAND
RAND
Authenticate Response
SRES
Authenticate Response
SRES
RAND, SRES, Kc
18
19
20
21
D
HLR
Update Location
MSRN
Location Updated
Customer Profile
De-register
Mobile Station
Mobile Station
De-registered
Old
VLR
Um
MS
A
BSS
MSC
Set Ciphering Kc
22
Encipher Command Kc
23
24
25
26
Encipher Complete
New
VLR
A
BSS
MSC
Location Update Accept
new TMSI
27
Location Update Accept
new TMSI
28
29
Clear Signalling
Connection
30
31
32
Release Radio
Signalling Channel
Clear Complete
New
VLR