modes mobile station ( ms ) ms switched off can not receive incoming paging messages. can not make...
TRANSCRIPT
Modes Mobile Station ( MS )
MS Switched Off • can not receive incoming paging messages.
• can not make outgoing call.
• No dedicated channel is associated with it.
MS Switched On And in Idle Mode • can receive incoming paging messages.
• can make outgoing call.
• No dedicated channel is associated with it.
MS in Dedicated Mode • MS is in conversation
• A dedicated traffic channel TCH is associated with it.
Technical Terms Used w.r.t. MM(Mobility Management)
• IMSI -International Mobile Subscriber Identity
• MSISDN -Mobile Subscriber ISDN Number
• TMSI -Temporary Mobile Subscriber Identity
• MSRN -Mobile Subscriber Roaming Number
• IMEI - International Mobile Equipment Identity
• LAI -Local Area Identity
• A3 -Authentication Algorithm
• A5 -Ciphering Algorithm
• A8 -Kc(Ciphering Key) Generation Algorithm
MSISDN (Mobile subscriber ISDN Number)• A number assigned to the mobile subscriber• Registered in Telephone Directory• Used by the calling party for dialing• MSISDN is used
– by the caller to set up a connection to this GSM mobile subscriber.– by the MSC/GMSC to address the HLR when interrogating the
visitor location of the GSM mobile subscriber.– By the system to access the database of the GSM mobile subscriber
in the HLR.
• Stored as semi permanent data in HLR
MSISDN
Technical Terms Used in GSM
MSISDN format
CC NDC SN
3 DIGITS 2 DIGITS 10 DIGITS
CC – Country Code NDC – National Destination Code
- uniquely identifies the PLMN in a country-Max No of digits 15 as per ITU recommendation.
IMSI (International Mobile Subscriber Identity)
• A unique identity allocated to each MSISDN.• Known only to the operator• To ensure confidentiality to the subscriber.• IMSI is used
– By VLR to address the HLR while updating the location of the GSM subscriber.
– To access the database of the GSM subscriber in the HLR, VLR and AuC
• Stored as – permanent data in SIM, – Semi permanent data HLR,– Transient data in VLR.
Technical Terms Used in GSM
IMSI
15 DIGITS OR LESS
MCC MNC MSIN
3 DIGITS 2 DIGITS <= 10 DIGITS
MCC – Mobile Country CodeTo Identify the home country of the PLMN
MNC – Mobile Network CodeTo identify a GSM PLMN in a
countryMSIN – Mobile Station Identification Number
Uniquely identifies a subscriber within a home PLMN.
HLRID SN
2 DIGITS 8 DIGITS
Technical Terms Used in GSM
TMSI (Temporary Mobile Subscriber Identity)– Identity which guarantees the integrity of mobile
subscriber on the radio interface.– Uses only over the radio path– Assigned by VLR to each mobile subscriber entering
the VLR area– Stored in SIM of MS and in VLR– TMSI is used
• To address the GSM subscriber in the BSS• To address the GSM subscriber data in the VLR
– Consists of Four Octets, coded using a full hexadecimal representation
LMSI (Local Mobile Subscriber Identification)
• Allocated by VLR and sent to HLR• LMSI is the address at which GSM subscriber are
stored in VLR database• HLR includes it together with IMSI to speed up
the search for subscriber data to in VLR.• Comprises of 4 Octets.
MSRN (Mobile Subscriber Roaming Number)
• Required by GMSC to route an incoming call to a MS that is not currently under the gateway’s control
• It is a temporary number used– To set up the voice connection from the originating MSC/GMSC
to the VMSC– To address the GSM subscriber data in VLR.
• HLR knows the current MSC/VLR service area for a mobile subscriber
• HLR requests the current MSC/VLR to allocate a MSRN to the called subscriber and return to it.
• After receiving MSRN, HLR returns the same to GMSC, which can route the call to current MSC/VLR exchange.
Format:--- MSRN=CC+NDC+SN CC=Country code. NDC=Network Destination Code. SN=Subscriber Number.
IMEI (International Mobile Equipment Identity Number)
• Identifies the mobile equipment
TAC FAC SNR6 CHAR 2 CHAR 6 CHAR
TAC – Type Approval CodeAllows approved types to be distinguished from Non approval types.
FAC – Final Assembly CodeIdentifies the place of manufacture
SNR – Serial Number issued by manufacturer.
Location area consist of one or more than one cell which may be served by one or more BSC s.
All the cells in a Location area are served by single VLR.
Location Area
HLRSS 7
BSC
MSC2
VLR 1
VLR 2
BSC
BSC
BSC
LA 1
LA 2
LA 3
BTS
BTS
BTS
BTS
BTS
BTS
BTS
Location Area
MSC1
Each location area in a GSM PLMN is identified by a Location Area Identity ( LAI ).
• Maximum length of LAC is 16 bits. • Thus there can be maximum of 65,536 Location Areas defined in one GSM PLMN.
•Stored as semi permanent data in VLR
•Stored in SIM of MS
Location Area
LAI = MCC + MNC + LAC
MCC - Mobile Country Code.
MNC - Mobile Network Code.
LAC - Location Area Code .MCC MNC LAC
3 digits 2 digits 2 octets max
LAI
( 16 bits )
Subscriber Data at MSC/HLR
• MS VLR number
• Data related to identification and numbering ( IMSI, MSISDN).
• Data related to MS Subscription type.
• Authentication and Ciphering Data.
Subscriber Data at MSC/VLR
• MS status data, Location Area
• Data related to identification and numbering ( IMSI, MSISDN,MSRN and TMSI ).
• Data related to MS subscription type.
• Hand-over data,
• Authentication and Ciphering Data.
Authentication
• Authentication is used to check the validity of a mobile subscriber.
At MS At N/W
KiRAND( 128 bits )
Ki
A3 A3
SRES SRES
( 32 bits )=?
AUTHENTICATION
• RAND ( 128 bits ):Random Number
• SRES ( 32 bits) :Signed Response
• Kc ( 64 bits ) : Ciphering Key
- Ki is stored in SIM and HLR.
• Ki ( 128 bits) : Identification Key
- Purpose : Ki is used to calculate SRES and Kc.
- Ki is never transmitted over signaling network.
- Purpose : Kc is used to encrypt data over radio interface.
- Purpose : RAND is used to calculate SRES and Kc.
A5 A5
S1 S2 S2 114 bitsS1CIPHERING
DECIPHERING
DECIPHERING
CIPHERING
MS BTS
FRAME NO.22bits
Kc. FRAME NO. Kc 64bits
Ciphering
• Ciphering is used to encrypt data on radio interface.
Frame No. (22 bits )
A5
Information Bits ( 114 bits )
CIPHERING
Kc generation is done at the time of Authentication.
RAND Ki
Kc ( 64 bits)
A8
Ciphering Stream
XORCiphered Bits
LOCATION UPDATE SCENARIO - I
MS BSSOld MSC/ VLR
HLR /AUC
New MSC/ VLR
1
2
Channel Request
RACH
AGCH
SDCCH Assignment
Location Update Request ( TMSI , LAI 0 )
SDCCH3
Request IMSI
Send IMSI4
Request For Service
( TMSI )
MS BSSOld MSC/ VLR
HLR/ AUC
New MSC/ VLR
5
6
Get Authentication Parameters
Authentication Response ( SRES )
SDCCH
7
( IMSI )
( RAND,Kc,SRES )
Authentication Parameters
SDCCH
Authenticate MS ( RAND )
Cipher Radio Channel
( Kc )
Cipher Up Link Channel
SDCCH
Authentication and Ciphering
LOCATION UPDATE SCENARIO - II
8
9
BSS Ciphers Down link Channel .
SDCCH
Ciphering Complete
MS BSSOld MSC/ VLR
HLR/ AUC
New MSC/ VLR
LOCATION UPDATE SCENARIO - III
Authentication and Ciphering
Up Link Ciphered
LOCATION UPDATE SCENARIO - IV
10
Update Location
Update HLR/VLR & TMSI Reallocation
De Register Mobile
Mobile De-registered11
MS BSSOld MSC/ VLR
HLR/ AUC
New MSC/ VLR
Location Updated
Location Updated Accept TMSI
SDCCH
12
13
SDCCH
Location Updated Complete
Clear Signaling Connection
Clear Complete
Release Radio Signaling Channel
SDCCH
14
16
15
MS BSSOld MSC/ VLR
HLR/ AUC
New MSC/ VLR
LOCATION UPDATE SCENARIO - V
Update HLR/VLR & TMSI Reallocation
- REQUEST FOR SERVICE ( CHANNEL ) BY MS
- AUTHENTICATION
- CIPHERING
- EQUIPMENT VALIDATION ( EIR CHECK )
- VALIDATION AT VLR
- HAND OVERs
Mobile To Land Call Set-up Scenario
• SETUP PHASE
- CALL SETUP
- CALL RELEASE
MSMSC/VLR BSS
1
2
3
Channel Request
Request For Service
MOBILE TO LAND CALL - I
RACH
SDCCH Assignment
AGCH
SDCCH
Service Request (TMSI,LAI)
AuthenticationCipheringEquipment validation
Equipment Validation• A process by which a specific ME can be identified to
prevent the use of stolen, unauthorized or malfunctioning equipment in the network.
• Each equipment is uniquely identified by an International Mobile Equipment Identity (IMEI) code.
• IMEI is incorporated into ME by the manufacturer• IMEI Consists of three components
– Type approval code (TAC)– Final Assembly Code (FAC)– Serial Number (SNR)
• IMEI is stored in EIR
MSMSC/VLR BSS
1
2
IMEI Request
3
SDCCH
Equipment Validation
Check IMEI
IMEI Check results
IMEI Response (IMEI)
SDCCH
EIR
4
MSMSC/VLR BSS
5
6
Call Setup Request
7
SDCCH
SDCCH
Call SetupMOBILE TO LAND CALL - II
Assign Trunk and radio
Assign TCH
Radio Assignment Complete
Call Proceeding
SDCCH
SDCCH
Trunk and Radio Assignment Complete
MSMSC/VLR BSS
8
9
10
11
Call Setup MOBILE TO LAND CALL - III
GMSC PSTN HLR
Network Setup ( Dialed Digits )
FACCH
Network Alerting
Connect
Connect Acknowledge
FACCH
Alerting
Connect
FACCH
Start Billing
MSMSC/VLR BSS
12
13
14
15
Call Release
MOBILE TO LAND CALL - IV
GMSC PSTN HLR
Disconnect
FACCH
Network Release
Release Complete
Release Complete
FACCH
Release
FACCH
Clear Command
Channel Release
Land To Mobile Call Set-up Scenario
Phases of Land To Mobile Call
• Routing Analysis
• Paging
• Authentication
• Call-Setup
• Ciphering
• Call Release
( Mobile Terminating - MT Call )
Fixed to Mobile Call Routing
MSISDN
IMSI/TMSI
MSRN IMSI/TMSI
MSISDN MSRN
VLR
PSTPSTNN MS
CMSC
HLR
BSS
BSS
MSISDN IMSI/TMSI
Fixed to Mobile Call Routing
MSISDN
MSRN
MSISDN MSRN
MSISDN MSRN
MSRN IMSI/TMSI
IMSI/TMSI IMSI/TMSI
VLR
PSTPSTNN
MSCMSC
HLR
MSCMSC
BSS
BSS
BSS
BSS
(VISITED)
(HOME)
LAND TO MOBILE CALL - I
MSC/VLR GMSC PSTN HLR
1
2
Incoming Call
3
4
( MSISDN )Get Route
( MSISDN )Get Route
( IMSI )
Routing Information
( MSRN ) Routing Information
( MSRN )
( MSRN )
Incoming Call5
Routing Analysis
MS MSC BSS
6
7
8
Perform Page
(TMSI)Page
PCH
Channel Request
( RACH )
SDCCH
Paging Response
( TMSI, LAI )9
Access Granted
( AGCH )
Page Response
Paging
LAND TO MOBILE CALL - II
MS MSC BSS
10
11
12
Call Set Up
Call Set Up Confirm
SDCCH
Radio Channel Assigned
Assign Trunk & Radio Channel
Trunk and Radio Channel Assignment Complete
SDCCH
SDCCH
Assign Radio Channel
SDCCH
Call Set-up
LAND TO MOBILE CALL - III
MSMSC/VLR BSS
13
14
15
Connect ( off-hook )
FACCH
Call SetupLAND TO MOBILE CALL - IV
GMSC PSTN HLR
FACCH
Network Alerting
Mobile Alerting
Connect
Connect Acknowledge
MSMSC/VLR BSS
16
17
18
Disconnect
Release
19
FACCH
FACCH
Call ReleaseLAND TO MOBILE CALL - V
GMSC PSTN HLR
Network Release
FACCH Release Complete
Release Complete
Clear Command
Clear Channel
Clear CompleteFACCH
Mobile To Mobile Call Set-up Scenario
Phases of Mobile To Mobile Call • Request for service.
• Authentication
• Call-Setup
• Ciphering
• Call Release
• Routing Analysis
• Paging
• Authentication
• Ciphering• Call-Setup
Mobile Originating
Mobile Terminating
• Call-Release
CHANNELS USED IN GSM
• PHYSICAL CHANNELS
• LOGICAL CHANNELS
Traffic channels
Control channels
CONTROL CHANNELS
• BROADCAST CONTROL CHANNEL
• COMMON CONTROL CHANNEL
• DEDICATED CONTROL CHANNEL
BROADCAST CONTROL CHL
• BCCH---BroadCast CHannel
• FCCH---Frequency Correction CHannel
• SCH------Synchronisation CHannel
COMMON CONTROL CHL
• PCH-----Paging CHannel
• RACH---Random Access CHannel
• AGCH---Access Grant CHannel
DEDICATED CONTROL CHL
• SDCCH---Standalone Dedicated Control CH
• SACCH---Slow Associated Control CH
• FACCH---Fast Associated Control CH