Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Mobile Communications

advertisement 
Chapter 4:
Wireless Telecommunication
Systems, GSM
(Book: Mobile Communications, Schiller)
GSM: Overview
GSM

formerly: Groupe Spéciale Mobile (founded 1982)
 now: Global System for Mobile Communication
 Pan-European standard (ETSI, European Telecommunications
Standardisation Institute)
 today many providers all over the world use GSM (more than 200
countries in Asia, Africa, Europe, Australia, America)
GSM status (end 2006)
2.18 billion connections
in 212 countries
82 % market share
globally
An incredible industry
success!
GSM – The idea of a common European mobile communications
system
1982: A Nordic group is considering the next
generation of mobile telephone. – NMT (Nordisk
Mobil Telefon), the analogue first generation
system has only just been started
These ideas are presented to CEPT (European
Conference of Postal and Telecommunications
Administrations) in June 1982
September 1982: The first meeting in CEPT GSM –
Groupe Spécial Mobile
In 1988 ETSI (European Telecommunications
Standards Institute) is established and the work is
continued under a new name: SMG – Special
Mobile Group
GSM - Specifications
Original specifications for the GSM system:
 Good
subjective voice quality
 Low terminal and service cost
 Support for international roaming
 Support for handheld terminals
 Support for new services
 Spectrum efficient
 Compatible with ISDN
GSM - Growth
1991: First operational GSM network in Finland: Radiolinja
1993: Tele-mobil (later: Telenor Mobil) and NetCom GSM open their networks in
Norway
1998: GSM 1800 is deployed to increase capacity in cities and other densely
populated areas
Performance characteristics of GSM (wrt. analog sys.)
Communication

mobile, wireless communication; support for voice and data
services
Total mobility

international access, chip-card enables use of access points of
different providers
Worldwide connectivity

one number, the network handles localization
High capacity

better frequency efficiency, smaller cells, more customers per cell
High transmission quality

high audio quality and reliability for wireless, uninterrupted phone
calls at higher speeds (e.g., from cars, trains)
Security functions

access control, authentication via chip-card and PIN
Disadvantages of GSM
There is no perfect system!!
 no end-to-end encryption of user data
 no full ISDN bandwidth of 64 kbit/s to the user






reduced concentration while driving
electromagnetic radiation
abuse of private data possible
roaming profiles accessible
high complexity of the system
several incompatibilities within the GSM standards
Architecture of the GSM system
GSM is a PLMN (Public Land Mobile Network)

several providers setup mobile networks following the GSM standard within
each country

subsystems

RSS (radio subsystem): covers all radio aspects
 NSS (network and switching subsystem): call forwarding, handover, switching
 OSS (operation subsystem): management of the network
Ingredients 1: Mobile Phones, PDAs & Co.
The visible but smallest
part of the network!
Some GSM terminals
Development..
Sony Ericsson W950i
”the Walkman phone”
HTC P4350
Pocket computer
running Windows
Some more GSM terminals
Nokia N95
Samsung Blackjack iPhone – Apple’s
Mobile phone initiative with ”everything”, e.g.
GPS built in
Ingredients 2: Antennas
Still visible – cause many discussions…
Ingredients 3: Infrastructure 1
Base Stations
Cabling
Microwave links
Ingredients 3: Infrastructure 2
Not „visible“, but
comprise the major part
of the network (also
from an investment
point of view…)
Management
Data bases
Switching units
Monitoring
GSM System Architecture
Mobile Station (MS)
Mobile Equipment (ME)
Subscriber Identity Module (SIM)
Base Station Subsystem (BSS)
Base Transceiver Station (BTS)
Base Station Controller (BSC)
Network Switching Subsystem(NSS)
Mobile Switching Center (MSC)
Home Location Register (HLR)
Visitor Location Register (VLR)
Authentication Center (AUC)
Equipment Identity Register (EIR)
GSM: overview
OMC, EIR,
AUC
HLR
NSS
with OSS
VLR
MSC
GMSC
VLR
fixed network
MSC
BSC
BSC
RSS
A RADIO CELL
Voice
Channels
Lines to
BSC
Or
control
channels
MS
Location Areas and
Base Station SubSystems
PSTN
MSC
BSC 1
BSC 1
Location
Area 2
BTS
BTS
BTS
BTS
Location
Area 1
BTS
MSC Areas and Location Areas
To PSTN
MSC 1
MSC 2
MSC
Area 2
MSC
Area 1
Location
Area 3
Location
Area 1
Cell
Area
Location
Area 4
Cell
Area
Cell
Area
Cell
Area
Location
Area 2
HLR
MSC
VLR
BSC
Mobile Station
The mobile station (MS) is the starting point of a mobile wireless network.
The MS can contain the following components:
• Mobile terminal (MT)—GSM cellular handset
• Terminal equipment (TE)—PC or personal digital assistant (PDA)
The MS can be two interconnected physical devices (MT and TE) with a
point-to-point interface or a single device with both functions
integrated.
GSM cellular handset
GSM cellular handset :
Mobile equipment (ME) + SIM card

Subscriber Identity Module (SIM) contains
encryption key and personal data
 The user is uniquely identified through
”International Mobile Subscriber Identity”
(IMSI)
 The mobile equipment is uniquely
identified through ”International Mobile
Equipment Identity” (IMEI)
 Both equipment and user uniquely
identified
GSM cellular handset
SIM
ME
International Mobile Subscriber Identification number
(IMSI)
It identifies a unique international universal number of a
mobile subscriber, which consists of MCC+MNC+MSIN.
1) MCC: country code, 460
2)MNC: network code, 00 or 01
3)MSIN: subscriber identification, H1H2H3H4 9XXXXXX,
H1H2H3H4: subscriber registering place
H1H2: assigned by the P&T Administrative Bureau
(operator )to different provinces, to each province
H3H4: assigned by each province/city
the IMSI of user will be written into the SIM card by
specific device and software and be stored into the HLR
with other user information.
EXAMPLE:
IMSI: 310150123456789
MCC 310 USA
MNC 150 AT&T Mobility
MSIN 123456789
IMSI: 381 01 1234567890
MCC: 381 - Serbia
MNC: 01 - Telecom Serbia
MSIN: 1234567890
IMSI: 310 150 123456789
MCC: 310 - USA
MNC: 150 - America Telecom
MSIN: 123456789
When registering for service with a mobile network operator, each
subscriber receives a unique identifier, the International Mobile
Subscriber Identity (IMSI). This IMSI is stored in the SIM. A mobile
station can only be operated if a SIM with a valid IMSI is inserted into
equipment with a valid IMEI, since this is the only way to correctly bill
the associated subscriber. The IMSI uses a maximum of 15 decimal
digits and consists of three parts:
• Mobile Country Code (MCC), three digits, internationally standardized;
• Mobile Network Code (MNC), two digits, for unique identification of
mobile networks within a country;
• Mobile Subscriber Identification Number (MSIN), maximum of 10 digits,
identification number of the subscriber in their mobile home network.
The IMSI is a GSM-specific addressing concept and is
different from the ISDN numbering plan. A three-digit MCC
has been assigned to each of the GSM countries, and twodigit MNCs have been assigned within countries
(e.g., 262 as MCC for Germany; and MNC 01, 02 and 07
for the networks of T-Mobile, Vodafone, and O2,
respectively).Whereas the MCC is defined internationally,
the National Mobile Subscriber Identity (NMSI = MNC +
MSIN) is assigned by the operator of the home network.
Mobile subscriber ISDN number
The ‘real telephone number’ of a mobile user is called the Mobile
Subscriber ISDN Number (MSISDN). It is assigned to the subscriber
(their SIM), such that a mobile station can have several MSISDNs
depending on the SIM. With this concept, GSM was the first mobile
system to distinguish between subscriber identity and the number to
call.
The separation of call number (MSISDN) and subscriber identity (IMSI)
primarily serves to protect the confidentiality of the IMSI. In contrast to
the MSISDN, the IMSI need not be made public.
With this separation, one cannot derive the subscriber identity from the
MSISDN, unless the association of IMSI and MSISDN as stored in the
HLR has been made public. It is the rule that the IMSI used for
subscriber identification is not known, and thus the faking of a false
identity is significantly more difficult.
International Mobile Equipment Identification code
(IMEI)
It will uniquely identify a mobile station. It is a
decimal number of 15 digits. Its structure is:
TAC+SN+A
TAC=type allocation code, 8 digits
SN=serial no, 6 digits
A=Check Digit, 1 digit
Other Addresses
Mobile station roaming number
The Mobile Station Roaming Number (MSRN) is a temporary locationdependent ISDN number. It is assigned by the locally responsible VLR
to each MS in its area. Calls are routed to theMS by using the MSRN.
Temporary mobile subscriber identity
The VLR responsible for the current location of a subscriber can assign a
TemporaryMobile Subscriber Identity (TMSI), which has only local
significance in the area handled by the VLR. It is used in place of the
IMSI for the definite identification and addressing of the MS.
In this way nobody can determine the identity of the subscriber by
listening to the radio channel, since this TMSI is only assigned during
the presence of the MS in the area of one VLR,
Base Transceiver Station
When a subscriber uses the MS to make a call in the network, the MS
transmits the call request to the base transceiver station (BTS). The
BTS includes all the radio equipment (i.e., antennas, signal processing
devices, and amplifiers) necessary for radio transmission within a
geographical area called a cell. The BTS is responsible for establishing
the link to the MS and for modulating and demodulating radio signals
between the MS and the BTS.
Base Station Controller
Base Station Controller
A Base Station Controller (BSC) is a high-capacity switch with radio
communication and mobility control capabilities. The functions of a
BSC include radio channel allocation, location update, handover, timing
advance, power control and paging.
Base Station Subsystem
A GSM network is comprised of many base station subsystems (BSSs),
each controlled by a BSC. The BSS performs the necessary functions
for monitoring radio connections to the MS, coding and decoding voice,
and rate adaptation to and from the wireless network. A BSS can
contain several BTSs.
Mobile Switching Center
The mobile switching center (MSC) is a digital ISDN switch that sets up
connections to other MSCs and to the BSCs. The MSCs form the wired
(fixed) backbone of a GSM network and can switch calls to the public
switched telecommunications network (PSTN). An MSC can connect to
a large number of BSCs.
The mobile switching center (MSC) performs the telephony switching
function. A mobile station must be attached to a single MSC at a time
(either homed or visitor), if it is currently active (not switched off). The
visitor location register (VLR) is a database attached to an MSC to
contain information about its currently associated mobile stations.
• Information of currently attached mobile stations
IMSI/TMSI numbers
MSISDN/MSRN numbers
Security triple (authentication and encryption information)
Location Area Identity (where the mobile station is currently located)
• List of base stations that belong to this MSC/VLR (by their BSIC or Base
Station Identity Code)
• List of location areas that belong to this MSC/VLR (by their LAI or
Location Area Identity code)
Equipment Identity Register
The equipment identity register (EIR) is a database that stores the
international mobile equipment identities (IMEIs) of all the mobile
stations in the network. The IMEI is an equipment identifier assigned
by the manufacturer of the mobile station. The EIR provides security
features such as blocking calls from handsets that have been stolen.
Home Location Register
The home location register (HLR) is the central database for all users to
register to the GSM network. It stores static information about the
subscribers such as the international mobile subscriber identity
(IMSI), subscribed services, and a key for authenticating the subscriber.
The HLR also stores dynamic subscriber information (i.e., the current
location of the mobile subscriber).
The home location register (HLR) is a database used for storing and
managing subscriptions. When an individual buys a subscription from
one of the GSM operators, he or she is registered in the HLR of that
operator.
HLR Data Elements
• Mobile Station’s Identities:
IMSI (International Mobile Subscriber Identity) (the primary Key),
Current TMSI (Temporary IMSI)
IMEI (International Mobile Equipment Identity)
• Mobile Station’s Telephone number
MSISDN (Mobile Stations ISDN number)
Current MSRN (Mobile Station Roaming Number), if assigned
• Name and address of the subscriber
• Current service subscription profile
• Current location (MSC/VRL address)
• Authentication and encryption keys
Individual Subscriber Authentication Key (KI)
• Mobile Country Code (MCC) and MNC (Mobile Network Code)
• List of MSC/VLR that belongs to this HLR
Authentication Center
Associated with the HLR is the authentication center (AuC); this database
contains the algorithms for authenticating subscribers and the
necessary keys for encryption to safeguard the user input for
authentication.
Visitor Location Register
The visitor location register (VLR) is a distributed database that
temporarily stores information about the mobile stations that are active
in the geographic area for which the VLR is responsible. A VLR is
associated with each MSC in the network. When a new subscriber
roams into a location area, the VLR is responsible for copying
subscriber information from the HLR to its local database. This
relationship between the VLR and HLR avoids frequent HLR database
updates and long distance signaling of the user information, allowing
faster access to subscriber information.
GSM: elements and interfaces
radio cell
MS
BSS
MS
Um
radio cell
MS
BTS
RSS
BTS
Abis
BSC
BSC
A
MSC
NSS
MSC
VLR
signaling
VLR
GMSC
HLR
IWF
O
OSS
EIR
AUC
OMC
ISDN, PSTN
PDN
GSM: system architecture
radio
subsystem
MS
network and
switching subsystem
fixed
partner networks
MS
ISDN
PSTN
MSC
Um
BTS
Abis
BSC
EIR
SS7
BTS
VLR
BTS
BTS
BSS
HLR
BSC
A
MSC
IWF
ISDN
PSTN
PSPDN
CSPDN
System architecture: radio subsystem
radio
subsystem
MS
network and switching
subsystem
MS
Components

MS (Mobile Station)
 BSS (Base Station Subsystem):
consisting of
Um
BTS
Abis
BTS
BSC

MSC

BTS (Base Transceiver Station):
sender and receiver
BSC (Base Station Controller):
controlling several transceivers
Interfaces

A
BTS
BTS
BSS
BSC
MSC
Um : radio interface
 Abis : standardized, open interface with
16 kbit/s user channels
 A: standardized, open interface with
64 kbit/s user channels
System architecture: network and switching subsystem
network
subsystem
fixed partner
networks
ISDN
PSTN
MSC
 MSC (Mobile Services Switching Center):
 IWF (Interworking Functions)




EIR
SS7
Components
ISDN (Integrated Services Digital Network)
PSTN (Public Switched Telephone Network)
PSPDN (Packet Switched Public Data Net.)
CSPDN (Circuit Switched Public Data Net.)
HLR
Databases
VLR
MSC
IWF
ISDN
PSTN
PSPDN
CSPDN
 HLR (Home Location Register)
 VLR (Visitor Location Register)
 EIR (Equipment Identity Register)
Radio subsystem
The Radio Subsystem (RSS) comprises the cellular mobile network up to
the switching centers
 Components

Base Station Subsystem (BSS):

Base Transceiver Station (BTS): radio components including sender, receiver,
antenna - if directed antennas are used one BTS can cover several cells
 Base Station Controller (BSC): switching between BTSs, controlling BTSs,
managing of network resources, mapping of radio channels (Um) onto terrestrial
channels (A interface)


BSS = BSC + sum(BTS) + interconnection
Mobile Stations (MS)
Example coverage of GSM networks (www.gsmworld.com)
T-Mobile (GSM-900/1800) Germany
AT&T (GSM-850/1900) USA
O2 (GSM-1800) Germany
Vodacom (GSM-900) South Africa
Base Transceiver Station and Base Station Controller
Tasks of a BSS are distributed over BSC and BTS
 BTS comprises radio specific functions
 BSC is the switching center for radio channels
Functions
Management of radio channels
Frequency hopping (FH)
Management of terrestrial channels
Mapping of terrestrial onto radio channels
Channel coding and decoding
Rate adaptation
Encryption and decryption
Paging
Uplink signal measurements
Traffic measurement
Authentication
Location registry, location update
Handover management
BTS
X
X
X
X
X
X
BSC
X
X
X
X
X
X
X
X
X
X
Network and switching subsystem
NSS is the main component of the public mobile network GSM


switching, mobility management, interconnection to other networks, system
control
Components

Mobile Services Switching Center (MSC)
controls all connections via a separated network to/from a mobile terminal
within the domain of the MSC - several BSC can belong to a MSC
 Databases (important: scalability, high capacity, low delay)

Home Location Register (HLR)
central master database containing user data, permanent and semi-permanent
data of all subscribers assigned to the HLR (one provider can have several
HLRs)
 Visitor Location Register (VLR)
local database for a subset of user data, including data about all user currently
in the domain of the VLR
Mobile Services Switching Center
The MSC (mobile switching center) plays a central role in GSM






switching functions
additional functions for mobility support
management of network resources
interworking functions via Gateway MSC (GMSC)
integration of several databases
Functions of a MSC







specific functions for paging and call forwarding
termination of SS7 (signaling system no. 7)
mobility specific signaling
location registration and forwarding of location information
provision of new services (fax, data calls)
support of short message service (SMS)
generation and forwarding of accounting and billing information
Operation subsystem
The OSS (Operation Subsystem) enables centralized operation,
management, and maintenance of all GSM subsystems
 Components

Authentication Center (AUC)

generates user specific authentication parameters on request of a VLR
 authentication parameters used for authentication of mobile terminals and
encryption of user data on the air interface within the GSM system

Equipment Identity Register (EIR)

registers GSM mobile stations and user rights
 stolen or malfunctioning mobile stations can be locked and sometimes even
localized

Operation and Maintenance Center (OMC)

different control capabilities for the radio subsystem and the network subsystem
Related documents
2 Base Station Sub-system (BSS)
2 Base Station Sub-system (BSS)
Service Concept in GSM/DCS Supplementary services
Service Concept in GSM/DCS Supplementary services
CELLULAR COMMUNICATION
CELLULAR COMMUNICATION
GSM
GSM
GSM
GSM
Cellular Communication
Cellular Communication
Lal Joshi, Head of Outreach and Partner Liaison, GSM London
Lal Joshi, Head of Outreach and Partner Liaison, GSM London
GSM background
GSM background
VSecure - University of Missouri
VSecure - University of Missouri
IMSI/IMEI Catching - Cellular Intercept
IMSI/IMEI Catching - Cellular Intercept
Chit Fund software PPT
Chit Fund software PPT
Download
advertisement