kwangwoon univ. wireless and mobile network architectures intersystem handoff and authentication...
Post on 18-Jan-2016
219 Views
Preview:
TRANSCRIPT
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
Intersystem Handoff and Intersystem Handoff and Authentication IS-41Authentication IS-41
오재준오재준NclabNclab
mega5@kw.ac.krmega5@kw.ac.kr
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.1 IS-41 Intersystem Handoff6.1 IS-41 Intersystem Handoff
Two BSs are connected to different MSCsTwo BSs are connected to different MSCs Four types of intersystem handoffFour types of intersystem handoff
Handoff-forward Handoff-backward Handoff-to-third Path minimization
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.1.1 Handoff Measurement6.1.1 Handoff Measurement
•Step1
- HandoffMeasurementRequest
- set 7 second LMMRT
•Step2
- Performs signal measurement
- HandoffMeasurementRequest
LMMR (location measurement maximum response timer)
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.1.2 Handoff-Forward(1)6.1.2 Handoff-Forward(1)•InterSwitchCount parameter , MAXHANDOFF
•Step 1
- MSC A initiates the h/o-forward procedure
- allocate the trunk
- sends a query msg FacilitiesDirective (INVOKE)
- set 12 second HOT (handoff order timer)
- expired : release trunk
FacilitiesReleases with “HandoffAbort not received”
4-15 CTT set -> FacilitiesReleases
•Step 2
- check if the voice channel is avaible
•Step 2.1 (no radio channel is available)
- FacilitiesDirective (RETURN ERROR) with “Resource Shortage”
- stop HOT
- exchange FacilitiesReleases msg.
- MSCs exit the task
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.1.2 Handoff-Forward (2)6.1.2 Handoff-Forward (2)•Step2
•Step2.2 (radio channel is available)
- FacilitiesDirective (RETURN RESULT) with selected channel number.
- excute step3, step4 in parallel
•Step3 (MSC A)
- MSC A stops HOT
- set 7 second MHOT (mobile handoff timer)
- Handoff execution msg. to the MS
•Step4 (MSC B)
- set 7 second MAT (mobile arrival timer)
•Step4.1
- MAT expires, MSC B releases the radio channel
-MHOT of MSC A expire, trunk is released
•Step4.2
- MS responds, MSC B stops timer MAT
- MobileOnChannel msg. to MSC A
- MHOT is stopped
MSC B MSC A 1 2 3
4 5 6
7 8 9
* 8 #
Step 2.2
Step 1
FacilitiesDirective (RETURN REQUEST)
Signaling Link
Trunk
FacilitiesDirective (INVOKE)
HOT
(Before Handoff)
MSC B MSC A 1 2 3
4 5 6
7 8 9
* 8 #
Signaling Link
Trunk
(After Handoff)
Step 3
Step 4.2
MobileOnChannel (INVOKE)
MHOTMAT
Figure 6.2 Handoff- Forward
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.1.3 Handoff-Backward(1)6.1.3 Handoff-Backward(1)• MS moves from MSC B back to MSC A
•Step1
- MSC B set HOT
- HandoffBack msg. to MSC A
•Step2
- if receive msg. check the radio channel
•Step2.1 no channel is available
- HandoffBack (RETURN ERROR) with ”ResoureShortage”
- HOT timer stop and exit the task
•Step2.2 channel is available
- HandoffBack (RETURN RESULT) msg. with the selected channel number
- step3, step4 are executed in parallel
•Step3
- MSC B receives the HandoffBack response msg
- stop HOT, set 7 second MHOT
- ask MS to transfer to new radio channel
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.1.3 Handoff-Backward (2)6.1.3 Handoff-Backward (2)•Step4
- MSC A set 7 second MAT
- expects to hear from the MS
• Step 4.1
- MAT expires, MSC A releases the radio channel
- MHOT timer will expire
• Step 4.2
- MS responds
- MS has handed over to the new voice path
- MSC A stops MAT
- sends a query msg. FacilitiesRelease to MSC B
- MSC B stop MHOT
- MSC B sends a response msg.FacilitiesRelease to MSC A
- trunk between MSCs is released
MSC B MSC A 1 2 3
4 5 6
7 8 9
* 8 #
Step 3
Step 1
Signaling Link
Trunk
HandoffBack (INVOKE)
MSC B MSC A 1 2 3
4 5 6
7 8 9
* 8 #
Signaling Link
Trunk
(After Handoff)
Step 2.2
Step 4.2
HandoffBack (RETURN RESULT)
FacilitiesRelease (INVOKE)
FacilitiesRelease (RETURN RESULT)
Step 4
(Before Handoff)
MHOT
HOT
MAT
Figure 6.3 Handoff- backward
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.1.4 Handoff-to-Third and Path 6.1.4 Handoff-to-Third and Path MinimizationMinimization (Before Handoff)
Figure 6.4 Path minimization for handoff- to- third
MSC C 1 2 3
4 5 6
7 8 9
* 8 #
Signaling Link
Trunk
MSC B
MSC A
MSC C 1 2 3
4 5 6
7 8 9
* 8 #
Signaling Link
Trunk
MSC B
MSC A
Step 1
Step 2.2
Step 3
Step 4Step 5
Step 6
FacilitiesRelease (RETURN RESULT)
MobileOnChannel(INVOKE)
FacilitiesDirective (RETURN RESULT)
FacilitiesDirective (INVOKE)
HandoffToThird(INVOKE)
HandoffToThird (RETURN RESULT)
(After Handoff)
MAT
HOT
MHOT
HTTT
•MS moves again from MSC B to MSC C
•Step1
- MSC B sets 18 second HTTT (handoff-to-third timer)
- HandoffToThird (INVOKE) to MSC A
- if HTTT expired MSC B process Handoff-forward
•Step2 MSC C is known to MSC A check
•Step 2.1
- no trunk connection
- HandoffToThird (RETURN ERROR)
- HTTT expired MSC B process Handoff-forward
•Step2.2
- interswitch trunk available
- MSC A set HOT
- FacilitiesDirective (INVOKE)
- if HOT expired MSC B process Handoff-forward
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.1.4 Handoff-to-Third and Path 6.1.4 Handoff-to-Third and Path MinimizationMinimization
•Step3
- MSC C check radio channel available
•Step3.1 (no radio channel is available)
- FacilitiesDirective (RETURN ERROR) to MSC A
- MSC A stop HOT and send HandoffToThird (RETURN ERROR) to MSC B
- MSC B stop HTTT
- step 2.1 process repeat
•Step3.2 (radio chnnel is available)
- FacilitiesDirective (RETURN RESULT) to MSC A
•Step4
- MSC B set HTTRT
- send handoff execution to MS
•Step5
•Step6
(Before Handoff)
Figure 6.4 Path minimization for handoff- to- third
MSC C 1 2 3
4 5 6
7 8 9
* 8 #
Signaling Link
Trunk
MSC B
MSC A
MSC C 1 2 3
4 5 6
7 8 9
* 8 #
Signaling Link
Trunk
MSC B
MSC A
Step 1
Step 2.2
Step 3
Step 4Step 5
Step 6
FacilitiesRelease (RETURN RESULT)
MobileOnChannel(INVOKE)
FacilitiesDirective (RETURN RESULT)
FacilitiesDirective (INVOKE)
HandoffToThird(INVOKE)
HandoffToThird (RETURN RESULT)
(After Handoff)
MAT
HOT
MHOT
HTTT
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.2 IS-41 Authentication6.2 IS-41 Authentication
Two authentication schemesTwo authentication schemes without-sharing (WS) scheme
SSD (shared secret data) is shared only between AuC and MS For user high mobility rate
shared (S) scheme SSD is shared with the visited system authenticate the MS at call origination or delivery reducing message flow and call setup time require additional message exchanges during registrations For a user with high call frequency
switch between the two authentication schemes user’s call and move frequencies as the user’s behavior changes
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.2.1 Private and Authentication in TSB-516.2.1 Private and Authentication in TSB-51
MIN (mobile identification number)MIN (mobile identification number) ex) 011-700-5425
ESN (electronic serial number)ESN (electronic serial number) 32bit serial number
highest order 8bits : manufacturer’s code the remaining bit : unique MS number
AuC (authentication center)AuC (authentication center) Database connected to the HLR responsible for maintaining and updating the SSDs
LA (location area) LA (location area) belonging to one or more PSPs
PSP (PCS service provider)PSP (PCS service provider) providing some combination of BSs
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.2.2 Without-Sharing (WS) Scheme (1)6.2.2 Without-Sharing (WS) Scheme (1)
AuC HLR VLR
PSP(MSC, BS)
1. 2. MSInitiates a
registrationrequest
6. AuC verifiesAUTHR COUNT
3. AuthenticationRequest (INVOKE)
4. AuthenticationRequest (INVOKE)
5. AuthenticationRequest (INVOKE)
7. AuthenticationRequest (RETURN RESULT)
8. AuthenticationRequest (RETURN RESULT)
9. AuthenticationRequest (RETURN RESULT)
Figuer 6.5 The WS scheme for MS registration
6.2.2.1 Registration (Location Update)
•Step1
- MS execute CAVE algorithm using SSD; its ESN, MIN, RAND
- produce AUTHR
•Step2
- request registration with AUTHR, ESN, MIN, RANDC and COUNT
•Step3
- PSP forward authentication request to VLR serving the PSP LA
•Step4
- VLR forward the request to HLR
•Step5
- HLR forward the request to AuC
*CAVE (Cellular Authentication and Voice Encryption)
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.2.2 Without-Sharing (WS) Scheme (2)6.2.2 Without-Sharing (WS) Scheme (2)6.2.2.1 Registration (Location Update)
•Step6
- AuC retrieve the SSD associated with the MIN from its database
- execute CAVE algorithm with retrieved SSD and additional parameters
•Step7-9
- verifying that result matches the AUTHR value received from MS
- check the COUNT value
- AuthenticationRequest
*RETURN RESULT (success)
*RETURN ERROR (fail)
•Once the MS has been authenticated, the serving PSP system will start the location update procedure
AuC HLR VLR
PSP(MSC, BS)
1. 2. MSInitiates a
registrationrequest
6. AuC verifiesAUTHR COUNT
3. AuthenticationRequest (INVOKE)
4. AuthenticationRequest (INVOKE)
5. AuthenticationRequest (INVOKE)
7. AuthenticationRequest (RETURN RESULT)
8. AuthenticationRequest (RETURN RESULT)
9. AuthenticationRequest (RETURN RESULT)
Figuer 6.5 The WS scheme for MS registration
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.2.2 Without-Sharing (WS) Scheme (3)6.2.2 Without-Sharing (WS) Scheme (3)6.2.2.2 Call Origination
AuC HLR VLR
PSP(MSC, BS)
1. MSoriginates
a call
5. AuC verifiesAUTHR COUNTand generates
VPMASK,SMEKEY
2. AuthenticationRequest (INVOKE)
3. AuthenticationRequest (INVOKE)
4. AuthenticationRequest (INVOKE)
6. AuthenticationRequest (RETURN RESULT)
7. AuthenticationRequest (RETURN RESULT)
8. AuthenticationRequest (RETURN RESULT)
Figure 6.6 The WS scheme for call origination
•Step1
- MS execute CAVE algorithm with SSD ESN, MIN, RANDC
- to produce AUTHR, VPMASK, SMEKEY
•Step2-4
- PSP forwards the message to AuC
•Step5
- AuC performs authetication
•Step6
- AuC generates VPMASK and SMEKEY and forward them to the serving PSP system
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.2.3 Sharing (S) Scheme (1)6.2.3 Sharing (S) Scheme (1)AuC HLR VLR
PSP(MSC, BS)
1. 2. MS Initiates aregistration request
6. AuC verifiesAUTHR
3. AuthenticationRequest (INVOKE)
4. AuthenticationRequest (INVOKE)
5. AuthenticationRequest (INVOKE)
12. AuthenticationRequest (RETURN RESULT)
13. AuthenticationRequest (RETURN RESULT)
AuthenticationRequest (RETURN RESULT)
11. AuC verifiesAUTHR
OldVLR
7. CountRequest (INVOKE)
8. CountRequest (INVOKE)
9. CountRequest (RETURN RESULT)
10. CountRequest (RETURN RESULT)
Figure 6.7 The S scheme for MS registration
•SSD shared with the visited PSP system
•Old VLR has the current value of COUNT
•Once the MS is registered , the new VLR instead of the AuC -> reduced message flow
•Step1-2
- execute CAVE algorithm using SSD,ESN, MIN and RAND
- produces AUTHR
Step3-6
- verifying the result
- AuC should obtain the current COUNT value from
the old VLR
•Step 7,8
- CountRequest
•Step9
- countRequest (RETURN RESULT)
6.2.3.1 Registration (Location Update)
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
6.2.3 Sharing (S) Scheme (2)6.2.3 Sharing (S) Scheme (2)6.2.3.2 Call Origination
VLRPSP
(MSC, BS)
1. MS initiate aregistration request
3. AuC generates AUTHR,VPMASK, SMEKEY;AuC verifies AUTHR,
COUNT
2. AuthenticationRequest (INVOKE)
4. AuthenticationRequest (RETURN RESULT)
Figure 6.8 The S scheme for call origination
•Step1
- MS execute CAVE algorithm with SSD ESN, MIN, RANDC
- produce AUTHR, VPMASK, SMEKEY
- send RANDC, AUTHR, COUNT,ESN and MIN
•Step2
- AuthenticationRequest (INVOKE)
•Step3
- VLR execute CAVE algorithm
- generate AUTHR, VPMASK, and SMEKEY
•Step4
- verifying AUTHR and COUNT
- AuthenticationRequest (RETURN RESULT)
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
Adaptive Algorithm: AA1Adaptive Algorithm: AA1
The WS scheme The WS scheme the number of registration operations.
The S scheme The S scheme in the opposite situation
adaptive algorithm (AA1)adaptive algorithm (AA1) automatically selects an appropriate authentication
scheme for any given user in real time. Cycle : Cycle : the period between two consecutive registrations the period between two consecutive registrations
for a userfor a user λ: λ: the call arrival ratethe call arrival rate ŋ : ŋ : the mobility or the rate that a user changes LAs.the mobility or the rate that a user changes LAs. Then the expected number of call arrivals in a cycle p is: Then the expected number of call arrivals in a cycle p is:
ρρ = λ/ŋ= λ/ŋ
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
Adaptive Algorithm: AA1Adaptive Algorithm: AA1
In the WS scheme (In the WS scheme (Cws = 5 + 5ρ) registration - five database accesses a call origination or termination - five database accesses
In the S schemeIn the S scheme (Cs = 9 + ρ) registration - nine database accesses (see Figure 6.7) a call origination or termination - one database access (see Fig
ure 6.8)
Cws=Cs if and on if ρ =1
the S scheme outperforms the WS scheme (i.e., Cthe S scheme outperforms the WS scheme (i.e., CS S < C< Cwsws) if ) if
and only if and only if ρ >1 >1
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
Adaptive Algorithm: AA1Adaptive Algorithm: AA1 The WS scheme : 0 <i < n - 1. The WS scheme : 0 <i < n - 1. The S scheme : n < j < 2n - 1. The S scheme : n < j < 2n - 1. Let L Let L
the number of call arrivals during the previous cycle. If the steady state of the algorithm exists, then the transition probabilitie
s for the finite automaton are: ρ1 = Pr[L = 1], ρ2 = Pr[L = 0], and p3 = Pr[L > 1]
The AuC needs to maintain The AuC needs to maintain authentication schemeauthentication scheme ( (ASAS) bits per user. ) bits per user. The VLR needs to maintain an AS bit per userThe VLR needs to maintain an AS bit per user
03
1
3
n-2
3
n-1
3
n
3
n+1
3
2n-2
3
2n-1
3
3
3
Figure 6.9 The state diagram for AA1.
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
Adaptive Algorithm: AA1Adaptive Algorithm: AA1
When the AuC is accessed for a registration When the AuC is accessed for a registration operation, the AuC checks the following: operation, the AuC checks the following: Suppose that the algorithm is in state i.Suppose that the algorithm is in state i. If no call arrived during the previous cycle, the algorithm moves to
state i - 1 for i > 0, and remains in the same state i for i = 0. If exactly one call arrived during the previous cycle, the algorithm r
emains in the same state i. If more than one call arrived during the previous cycle, the algorith
m moves to state i + 1 for i < 2n - 1, and remains in the same state i for i=2n-1.
from state n -1 to state n from state n -1 to state n from from WSWS to to S S from state n to state n – 1 from state n to state n – 1 from from SS to to WS WS
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
Adaptive Algorithm : AA2Adaptive Algorithm : AA2 requires only an requires only an AS bit in the AuCAS bit in the AuC and and VLRVLRs to indicate whether the s to indicate whether the
S schemeS scheme or the or the WS schemeWS scheme is exercised. is exercised. At the beginning of a cycle, At the beginning of a cycle, AA2AA2 always exercises the always exercises the WS schemeWS scheme
AS bit is "WS" After an After an originatingoriginating or or terminatingterminating call arrives, call arrives, the the ASAS bit is switched bit is switched
to "to "SS," and the ," and the SS schemescheme is exercised. is exercised. Step 1Step 1
When the first call arrives, the authentication message flow follows Figure 6.6
when the AuC receives AuthenticationRequest (INVOKE) AS bit "S" SSD is sent to the VLR in the AuthenticationRequest (RETURN RESULT) me
ssage. When the VLR receives the SSD
AS bit is set to "S” At this moment, the S scheme is exercised.
Kwangwoon Univ.http://netcom.kw.ac.kr
Wireless and Mobile Network Architectures
Adaptive Algorithm : AA2Adaptive Algorithm : AA2 Step 2Step 2
For subsequent call arrivals in this cycle the message flow in Figure 6.8 is followed.
Step 3Step 3 At the end of the cycle-when the MS moves to a new LA the authentication/registration occurs, the AuthenticationRequest mes
sages are sent to the AuC. Step 3a.Step 3a.
If the AS bit at the AuC is "WS," it implies that no call origination/ termination occurs during the cycle
Step 3b.Step 3b. If the AS bit at the AuC is "S" The AS bit at the AuC is set to "WS." Wh
en the VLR receives the AuthenticationRequest (RETURN RESULT) message,
AS bit is set to "WS." At the end of step 3, the WS scheme is exercised.At the end of step 3, the WS scheme is exercised.
top related