SlideShare a Scribd company logo

GSM and Extensions Overview

Chyon Ju
Chyon Ju

This document provides an overview of GSM (Global System for Mobile Communications) including its key properties, structure, protocols, databases, security aspects, and extensions like HSCSD and GPRS. GSM is a digital cellular network that allows for roaming between networks and integration with fixed telephone networks. It uses TDMA and FDMA to allow multiple users to access the network simultaneously. Security features include subscriber identity modules (SIM cards), authentication of users, and encryption of communications. Extensions like HSCSD provide higher data rates and GPRS introduces packet switching to GSM networks.

Technology
1 of 33
Download to read offline
GSM (Global System for Mobile Communications) and Extensions Mobile Communication and Mobile Computing Prof. Dr. Alexander Schill http://www.rn.inf.tu-dresden.de Department of Computer Science Institute for System Architecture, Chair for Computer Networks
GSM: Properties • cellular radio network (2nd Generation) • digital transmission, integrated data communication • roaming (mobility between different network operators) • good transmission quality (error detection and - correction) • scalable (large number of participants possible) • security mechanisms (authentication, authorization, encryption) • good resource use (frequency and time division multiplex) • integration with fixed telephone network • standard (ETSI, European Telecommunications Standards Institute) 2
GSM: Structure 3 AuC Authentication Center BSS Base Station Subsystem BSC Base Station Controller BTS Base Transceiver Station EIR Equipment Identity Register HLR Home Location Register Fixed network Switching Subsystems VLR Radio Subsystems HLR AuC EIR (G)MSC OMC BTS BTSBSC BSS MS MS Network Management Call Management Data networks PSTN MS MS Mobile Station (G)SMC (Gateway) Mobile Switching Center OMC Operation and Maintenance Center PSTN Public Switched Telephone Network VLR Visitor Location Register
GSM: Structure • Operation and Maintenance Center (OMC) • logical, central structure with HLR, AuC und EIR • Authentication Center (AuC) • authentication, storage of symmetrical keys, generation of encryption keys • Equipment Identity Register (EIR) • storage of device attributes of allowed, faulty and blocked devices (white, gray, black list) • Mobile Switching Center (MSC) • networking center, partially with gateways to other networks, assigned to one VLR each • Base Station Subsystem (BSS): technical radio center • Base Station Controller (BSC): control center • Base Transceiver Station (BTS): radio tower / antenna 4
GSM: Protocols, incoming call 5 VLR BSS BSS MSC GMSC HLRBSS BSS (4) (2)(4) (5) (3) (10) (6) (11) (7)(8) (8) (9) (12) (8) (1) (12) (9) (8) PSTN/ ISDN (1) Call from fixed network was switched via GMSC (2) GMSC finds out HLR from phone number (3) HLR checks whether participant is authorized for corresponding service and asks for MSRN at the responsible VLR (4) MSRN will be returned to GMSC, can now contact responsible MSC
GSM: Protocols, incoming call 6 VLR BSS BSS MSC GMSC HLRBSS BSS (4) (2)(4) (5) (3) (10) (6) (11) (7)(8) (12) (1) (12) (9) (8) PSTN/ ISDN (5) GMSC transmits call to current MSC (6) Ask for the state of the mobile station (7) Information whether end terminal is active (8) Call to all cells of the Location Area (LA) (9) Answer from end terminal (10 - 12) Security check and connection setup (8) (9) (8)
GSM: Protocols, outgoing call 7 VLR BSS BSS MSC GMSC HLRBSS (5) (3)(4) (2)(1) (1) Connection request (via random access channel, possible collision handling) (2) Transfer by BSS (3-4) Authorization control (5) Switching of the call request to fixed network
Radio structure 8 1 TDMA-Slot, 144 Bit in 4,615 ms 8 TDMA-channels, together 271 kBit/s including error protection information 124 radio frequency channels (carrier), each 200 kHz 2 frequency bands, each 25 MHz, divided into radio cells 890 935 915 MHz 960 MHz downlink uplink • One or several carrier frequencies per BSC • Physical channels defined by number and position of time slots
GSM: channel structure Traffic Channel • Full-rate codec (13 kbit/s; differential encoding) • Half-rate codec: more efficient speech encoding at 7 kbit/s (two phone calls per time slot can be encoded) Paging Channel • Signalize incoming calls (BSC to MS) (Broadcast) Control Channel • Allocation of identity, frequency order etc. (BSC to MS) • Monitoring of BSCs for recognition of handover Random Access Channel • Control of channel entry with Aloha-procedure for collision handling between competing participants (MS to BSC) 9
Databases Home Location Register (HLR), stores data of participants which are registered in an HLR-area • Semi-permanent data:  Call number (Mobile Subscriber International ISDN Number) - MSISDN, e.g. +49/171/333 4444 (country, network, number)  Identity (International Mobile Subscriber Identity) - IMSI: MCC = Mobile Country Code (262 for .de) + MNC = Mobile Network Code (01-T-Mobile, 02-Vodafone, 03-eplus, 07-O2) + MSIN = Mobile Subscriber Identification Number  Personal data (name, address, mode of payment)  Service profile (call transfer, roaming-limits etc.) • Temporary data:  MSRN (Mobile Subscriber Roaming Number) (country, network, MSC)  VLR-address, MSC-address  Authentication Sets of AuC (RAND (128 Bit), SRES (128 Bit), KC (64Bit))  Billing data 10
Databases Visitor Location Register (VLR) local database of each MSC with following data: • IMSI, MSISDN • Service profile • Billing and accounting information • TMSI (Temporary Mobile Subscriber Identity) - pseudonym for data security • MSRN • LAI (Location Area Identity) • MSC-address, HLR-address 11
Location Area: Concept 12 MSC-area HLR VLR Location areaadvantage of the architecture: Location Update in case of limited mobility only at VLR, rarely at (perhaps very remote) HLR
Localization with GSM 13 participant call number in HLR country code Network provider Internal area +49 (0)177-26 32311 LA 5 LA 3 LA 2 LA 3 0x62F220 01E5e.g. VLR 10 VLR 9 IMSI LA 2 HLR 1 32311 VLR 9 IMSI
Data transmission • Each GSM-channel configurable as data channel • Kinds of channels:  non-transparent (repeat of faulty data frames; very low error rate, but also very low throughput below 10 kbit/s)  transparent (only very simple forward error correction; slightly higher data rate; error rate 10-3 up to 10-4)  in practice, only faster extensions like GPRS, UMTS and LTE are used (explained later)  Speech channels have higher priority than data channels • Short-Message-Service (SMS)  connectionless transmission (up to 160 Byte) on signaling channel • Cell Broadcast (CB)  connectionless transmission (up to 80 Byte) on signaling channel to all participants in one cell or location area, e.g. for location based services; further refinement: triangulation- based location check like in global positioning system (GPS) 14
Data transmission - structure 15 MSCBSC BTS IWF Modem PSTN Internet Modem TA ISDN IWF - Inter Working Function TA - Terminal Adapter
Security aspects: Subscriber Identity Module (SIM) • Chip-card (Smart Cart) to personalize a mobile subscriber (MS): • IMSI (International Mobile Subscriber Identity) • symmetric key Ki of participant, stored also at AuC • algorithm “A3” for Challenge-Response-Authentication • algorithm “A8” for key generation of Kc for content data • algorithm “A5” for encryption • PIN (Personal Identification Number) for access control • Temporary data: • TMSI (Temporary Mobile Subscriber Identity) - pseudonym • LAI (Location Area Identification) • Encryption key Kc 16
Security aspects: Authentication 17 MSC, VLR, AuCMS Authentication Request RAND (128 Bit) Random number generator A3 SRES SRES (Signed Response; 32 Bit) A3 Authentication Response = • Location Registration • Location Update with VLR-change • Call setup (in both directions) • SMS (Short Message Service) 128 Bit iK iK
Security aspects: Session Key 18 Network MS Authentication Request RAND (128 Bit) A8 A8 64 Bit or 128 Bit cK • Key generation: Algorithm A8 – Stored on SIM and in AuC – one way function parameterized with Ki – no global standard, can differ between countries – can be determined by network operator – Interfaces are standardized iK Random number generator cK iK
Security aspects: Encryption 19 NetMS Ciphering Mode Command A5A5 • Data encryption with algorithm A5: – stored in the Mobile Station – standardized in Europe and world wide – enhancement: A5/3 with improved security and 128 Bit key length cKTDMA-frame- number TDMA-frame- number Key block + Plain text block + Plain text block Ciphering Mode Complete Encrypted Text 114 Bit cK
GSM-Security: assessment • low key length Ki with max. 128 Bit (could be hacked by using Brute Force Attack in less than an hour using a regular computers as documented recently again) • key generation and -administration not controlled by the participants (symmetric: network operator knows all keys) • cryptographic methods secret, so they were not „well examined“ (but A5/3 and other enhancements open now) • no mutual authentication; attacker can pretend a GSM- Net • no end-to-end encryption or end-to-end authentication 20
HSCSD: High Speed Circuit Switched Data • GSM extension for higher data rates • parallel usage of several time slots (TS) of one frequency on Um (air interface) • channel bundling with asymmetric transmission (1 TS Uplink / 3 TS or 4 TS Downlink) • Data rates up to 4 * 14,4 kbit/s = 57,6 kbit/s (theoretically 8 time slots, but limited bundling in practice) 21
HSCSD: structure 22 BTS IWF - Inter Working Function TA - Terminal Adapter n time slots of each TDMA frame (theoretically max. 8) MSCBSC IWF Modem PSTN Internet Modem TA ISDN
HSCSD: changes 23 Um Abis A MSCBSCBTS n time slots of each TDMA frame (theoretically max. 8) certain changes are necessary at the component several changes of the software/firmware minimal changes of the software/firmware multiplex of the time slots on each 64 kBit/s channel
HSCSD radio interface • parallel usage of several time slots limited to one frequency, in half-duplex mode due to technical limitations of the end devices • Cost factor limits number of used TS to (2+2) or (1+3, uplink, downlink); (1+4) with improved timing 24 Required time for setting to receiving mode 7654321076543210 4321076543210765 Required time for setting to transmission mode Required time for signal strength measure and setting to receiving mode MS RECEIVE MS TRANSMIT MS MONITOR
Assessment of HSCSD + existing network structure and accounting model maintained; only small changes were necessary + HSCSD is still circuit switched + has defined QoS-settings (data rate, delay)  one logical channel will be established on all interfaces for the time of the connection (inefficient)  badly suited for burst-like traffic (Internet) or Flat Rate billing (Logistics)  Only limited international acceptance (Roaming!) • also uses more resources on the radio interface  problems with handover into a new cell 25
GPRS: General Packet Radio Service • GSM extension based on packet switching service (end-to-end) and channel bundling based on multiple time slots • Data rates up to 171,2 kbit/s (theoretical) – in practice however similar to HSCSD • Effective and flexible administration of the radio interface; adaptive channel encoding • Internetworking with IP networks standardized • Dynamic sharing of resources with „classical“ GSM speech services • Advantage: Billing and Accounting according to data volume 26
GPRS: Structure 27 MSCBSC BTS Internet HLR GSM GPRS Backbone Frame Relay / ATM GGSN GGSN SGSN Border Gateway GPRS Nets other operators other packet switching networks SGSN - Serving GPRS Support Node GGSN - Gateway GPRS Support Node signalization data user data
GPRS: Changes 28 GMSC Circuit switched traffic HLR/AuC GPRS register MAP MAP A GGSN Abis Gb Gn Gi other packet switched networks public fixed networks Packet switched traffic Gs Um n time slots (TS) per TDMA frame (theoretically max. 8) per packet! modified network components new components or extensively modified components Existing components PCU - Packet Control Unit SGSN MSC BSCBTS PCU
MAP Signalization (SGSN) MAP Signalization (GGSN) Tasks: SGSN, GGSN 29 SGSN: - packet delivery - mobility management - session management - QoS - Security - Billing External Data Domain Intranet SGSN HLR Internet BSS PCU BSS PCU BSS PCU Client GGSN Client Server SGSN, GGSN: - Routing and Signalization - Mapping to PDP (Packet Data Protocol) - Address conversion (IP to GSM) - Resource management SGSN
Quality of Service • QoS profile agrees service parameters inside the whole network for the duration of PDP (Packet Data Protocol) context (session):  temporary address (IP) for mobile station  tunneling information, among others GGSN, which is used for access to corresponding packet switched network  type of the connection  QoS profile • QoS profile commits:  precedence class, priority against other services (high, normal, low)  packet delay class, times valid for traffic inside the GPRS network  reliability class  peak throughput class  mean throughput class 30
Quality of Service: Examples 31 Packet delay classes Error classes GPRS data rates (only CS-1 and CS-2 comprise reasonable error correction and are relevant in practice) Coding # of timeslots Scheme 1 2 3 4 5 6 7 8 CS-1 9,05 18,1 27,15 36,2 45,25 54,3 63,35 72,4 CS-2 13,4 26,8 40,2 53,6 67 80,4 93,8 107,2 CS-3 15,6 31,2 46,8 62,4 78 93,6 109,2 124,8 CS-4 21,4 42,8 64,2 85,6 107 128,4 149,8 171,2 Probability for Class Lost packet Duplicated p. Out of Sequence p. Corrupted p. 1 10-9 10-9 10-9 10-9 2 10-4 10-5 10-5 10-6 3 10-2 10-5 10-5 10-2 Size: 128 octets Size: 1024 octets Class Mean Delay 95% Delay Mean Delay 95% Delay 1 (predicitive) < 0,5 s < 1,5 s < 2 s < 7 s 2 (predicitive) < 5 s < 25 s < 15 s < 75 s 3 (predicitive) < 50 s < 250 s < 75 s < 375 s 4 (best effort) Best effort
Assessment of GPRS + An up to four times higher data rate in comparison to ordinary GSM data services + better resource management through packet switched service + „always on” data service (email, etc.) + GPRS is a more suitable carrier for the mobile Internet - IP-derivate, no true service guarantees (QoS) - GPRS does not provide the data rates that advertising has sometimes promised, therefore most operators migrated to UMTS and LTE where possible, e.g. in urban areas 32
Some further readings • ETSI standards (GSM etc.) in general: www.etsi.org • GSM, HSCSD, GPRS: good overviews on www.wikipedia.org • GPRS tutorial: www.telecomspace.com/datatech-gprs.html • SMS tutorial: www.developershome.com/sms/ 33

Recommended

Gprs
GprsGprs
Gprsneeraj bari
 
Modul 7 gprs operation
Modul 7 gprs operationModul 7 gprs operation
Modul 7 gprs operationWijaya Kusuma
 
Gsm architecture
Gsm architecture Gsm architecture
Gsm architecture Ramraj Vaishnav
 
Kumar gunjan 20160213 mobile communication security
Kumar gunjan 20160213 mobile communication securityKumar gunjan 20160213 mobile communication security
Kumar gunjan 20160213 mobile communication securitynullowaspmumbai
 
Call flow oma000003 gsm communication flow
Call flow oma000003 gsm communication flowCall flow oma000003 gsm communication flow
Call flow oma000003 gsm communication flowEricsson Saudi
 
Mobile Networks Architecture and Security (2G to 5G)
Mobile Networks Architecture and Security (2G to 5G)Mobile Networks Architecture and Security (2G to 5G)
Mobile Networks Architecture and Security (2G to 5G)Hamidreza Bolhasani
 
High-Tech Telecommunication (4G/LTE) overview with focus on new services
High-Tech Telecommunication (4G/LTE) overview with focus on new servicesHigh-Tech Telecommunication (4G/LTE) overview with focus on new services
High-Tech Telecommunication (4G/LTE) overview with focus on new servicesHamidreza Bolhasani
 
Gsm architecture, gsm network identities, network cases, cell planning, and c...
Gsm architecture, gsm network identities, network cases, cell planning, and c...Gsm architecture, gsm network identities, network cases, cell planning, and c...
Gsm architecture, gsm network identities, network cases, cell planning, and c...Zorays Solar Pakistan
 

Recommended

Gprs
GprsGprs
Gprsneeraj bari
 
Modul 7 gprs operation
Modul 7 gprs operationModul 7 gprs operation
Modul 7 gprs operationWijaya Kusuma
 
Gsm architecture
Gsm architecture Gsm architecture
Gsm architecture Ramraj Vaishnav
 
Kumar gunjan 20160213 mobile communication security
Kumar gunjan 20160213 mobile communication securityKumar gunjan 20160213 mobile communication security
Kumar gunjan 20160213 mobile communication securitynullowaspmumbai
 
Call flow oma000003 gsm communication flow
Call flow oma000003 gsm communication flowCall flow oma000003 gsm communication flow
Call flow oma000003 gsm communication flowEricsson Saudi
 
Mobile Networks Architecture and Security (2G to 5G)
Mobile Networks Architecture and Security (2G to 5G)Mobile Networks Architecture and Security (2G to 5G)
Mobile Networks Architecture and Security (2G to 5G)Hamidreza Bolhasani
 
High-Tech Telecommunication (4G/LTE) overview with focus on new services
High-Tech Telecommunication (4G/LTE) overview with focus on new servicesHigh-Tech Telecommunication (4G/LTE) overview with focus on new services
High-Tech Telecommunication (4G/LTE) overview with focus on new servicesHamidreza Bolhasani
 
Gsm architecture, gsm network identities, network cases, cell planning, and c...
Gsm architecture, gsm network identities, network cases, cell planning, and c...Gsm architecture, gsm network identities, network cases, cell planning, and c...
Gsm architecture, gsm network identities, network cases, cell planning, and c...Zorays Solar Pakistan
 
Switching System
Switching SystemSwitching System
Switching SystemSokunth Che
 
GSM Architecture
GSM ArchitectureGSM Architecture
GSM ArchitecturePratik Gupta
 
3g
3g3g
3gneha165
 
Seminar gprs
Seminar gprsSeminar gprs
Seminar gprsAnkit Anand
 
Gsm call routing
Gsm call routingGsm call routing
Gsm call routingRamakrishna Pulikonda
 
10 Slides to SMS
10 Slides to SMS10 Slides to SMS
10 Slides to SMSseanraz
 
EC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORK
EC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORKEC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORK
EC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORKHemalathaR31
 
Modul 3 gsm procedures
Modul 3 gsm proceduresModul 3 gsm procedures
Modul 3 gsm proceduresWijaya Kusuma
 
How to Intercept a Conversation Held on the Other Side of the Planet
How to Intercept a Conversation Held on the Other Side of the PlanetHow to Intercept a Conversation Held on the Other Side of the Planet
How to Intercept a Conversation Held on the Other Side of the PlanetPositive Hack Days
 
Asynchronous Transfer Mode Project
Asynchronous Transfer Mode ProjectAsynchronous Transfer Mode Project
Asynchronous Transfer Mode ProjectUbraj Khadka
 
Introduction to gsm
Introduction to gsmIntroduction to gsm
Introduction to gsmsivakumar D
 
Presentation on GSM(2G & GPRS)
Presentation on GSM(2G & GPRS)Presentation on GSM(2G & GPRS)
Presentation on GSM(2G & GPRS)Brijesh Kaushik
 
Call Forwarding
Call ForwardingCall Forwarding
Call ForwardingAkash Agrawal
 
Gsm protl
Gsm protlGsm protl
Gsm protlSai Sankar Gochhayat
 
Core cs overview (1)
Core cs overview (1)Core cs overview (1)
Core cs overview (1)Rashid Khan
 
Summary 2G y 3G
Summary 2G y 3GSummary 2G y 3G
Summary 2G y 3GAxel Abraham Valdes
 
Module 5 -_gprs_architecture
Module 5 -_gprs_architectureModule 5 -_gprs_architecture
Module 5 -_gprs_architectureTajudheen Taj
 
2 gsm network structure
2 gsm network structure2 gsm network structure
2 gsm network structurekeyvan storer
 
GSM Protocol Stack and Frame Formating
GSM Protocol Stack and Frame FormatingGSM Protocol Stack and Frame Formating
GSM Protocol Stack and Frame FormatingDr. Ramchandra Mangrulkar
 
Xcap post processing tool
Xcap post processing toolXcap post processing tool
Xcap post processing toolOutsource Benchmarking Projectss
 
Gsm
GsmGsm
GsmBala V
 
Lecture 8 9
Lecture 8 9Lecture 8 9
Lecture 8 9Joe Christensen
 

More Related Content

What's hot

Switching System
Switching SystemSwitching System
Switching SystemSokunth Che
 
10 Slides to SMS
10 Slides to SMS10 Slides to SMS
10 Slides to SMSseanraz
 
EC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORK
EC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORKEC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORK
EC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORKHemalathaR31
 
Modul 3 gsm procedures
Modul 3 gsm proceduresModul 3 gsm procedures
Modul 3 gsm proceduresWijaya Kusuma
 
How to Intercept a Conversation Held on the Other Side of the Planet
How to Intercept a Conversation Held on the Other Side of the PlanetHow to Intercept a Conversation Held on the Other Side of the Planet
How to Intercept a Conversation Held on the Other Side of the PlanetPositive Hack Days
 
Asynchronous Transfer Mode Project
Asynchronous Transfer Mode ProjectAsynchronous Transfer Mode Project
Asynchronous Transfer Mode ProjectUbraj Khadka
 
Introduction to gsm
Introduction to gsmIntroduction to gsm
Introduction to gsmsivakumar D
 
Presentation on GSM(2G & GPRS)
Presentation on GSM(2G & GPRS)Presentation on GSM(2G & GPRS)
Presentation on GSM(2G & GPRS)Brijesh Kaushik
 
Core cs overview (1)
Core cs overview (1)Core cs overview (1)
Core cs overview (1)Rashid Khan
 
Module 5 -_gprs_architecture
Module 5 -_gprs_architectureModule 5 -_gprs_architecture
Module 5 -_gprs_architectureTajudheen Taj
 
2 gsm network structure
2 gsm network structure2 gsm network structure
2 gsm network structurekeyvan storer
 

What's hot (20)

Switching System
Switching SystemSwitching System
Switching System
 
GSM Architecture
GSM ArchitectureGSM Architecture
GSM Architecture
 
3g
3g3g
3g
 
Seminar gprs
Seminar gprsSeminar gprs
Seminar gprs
 
Gsm call routing
Gsm call routingGsm call routing
Gsm call routing
 
10 Slides to SMS
10 Slides to SMS10 Slides to SMS
10 Slides to SMS
 
EC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORK
EC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORKEC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORK
EC8004 WIRELESS NETWORKS UNIT 3 CORE NETWORK
 
Modul 3 gsm procedures
Modul 3 gsm proceduresModul 3 gsm procedures
Modul 3 gsm procedures
 
How to Intercept a Conversation Held on the Other Side of the Planet
How to Intercept a Conversation Held on the Other Side of the PlanetHow to Intercept a Conversation Held on the Other Side of the Planet
How to Intercept a Conversation Held on the Other Side of the Planet
 
Asynchronous Transfer Mode Project
Asynchronous Transfer Mode ProjectAsynchronous Transfer Mode Project
Asynchronous Transfer Mode Project
 
Introduction to gsm
Introduction to gsmIntroduction to gsm
Introduction to gsm
 
Presentation on GSM(2G & GPRS)
Presentation on GSM(2G & GPRS)Presentation on GSM(2G & GPRS)
Presentation on GSM(2G & GPRS)
 
Call Forwarding
Call ForwardingCall Forwarding
Call Forwarding
 
Gsm protl
Gsm protlGsm protl
Gsm protl
 
Core cs overview (1)
Core cs overview (1)Core cs overview (1)
Core cs overview (1)
 
Summary 2G y 3G
Summary 2G y 3GSummary 2G y 3G
Summary 2G y 3G
 
Module 5 -_gprs_architecture
Module 5 -_gprs_architectureModule 5 -_gprs_architecture
Module 5 -_gprs_architecture
 
2 gsm network structure
2 gsm network structure2 gsm network structure
2 gsm network structure
 
GSM Protocol Stack and Frame Formating
GSM Protocol Stack and Frame FormatingGSM Protocol Stack and Frame Formating
GSM Protocol Stack and Frame Formating
 
Xcap post processing tool
Xcap post processing toolXcap post processing tool
Xcap post processing tool
 

Similar to GSM and Extensions Overview

Mobile Networks Overview (2G / 3G / 4G-LTE)
Mobile Networks Overview (2G / 3G / 4G-LTE)Mobile Networks Overview (2G / 3G / 4G-LTE)
Mobile Networks Overview (2G / 3G / 4G-LTE)Hamidreza Bolhasani
 
GSM-Products-Presentation.pdf
GSM-Products-Presentation.pdfGSM-Products-Presentation.pdf
GSM-Products-Presentation.pdfMadhuriDesai15
 
fdocuments.net_gsm-call-flows-5584455b2833e.ppt
fdocuments.net_gsm-call-flows-5584455b2833e.pptfdocuments.net_gsm-call-flows-5584455b2833e.ppt
fdocuments.net_gsm-call-flows-5584455b2833e.pptHazemElabed2
 
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
2G / 3G / 4G / IMS / 5G Overview with Focus on Core NetworkHamidreza Bolhasani
 
Rk 3 gsm network
Rk 3 gsm networkRk 3 gsm network
Rk 3 gsm networkAzri Randy
 
Gsm presntation
Gsm presntationGsm presntation
Gsm presntationTECOS
 
Gsm presntation
Gsm presntationGsm presntation
Gsm presntationTECOS
 
bsnl presentation on gsm
bsnl presentation on gsm bsnl presentation on gsm
bsnl presentation on gsm Kapil Masatker
 

Similar to GSM and Extensions Overview (20)

Gsm
GsmGsm
Gsm
 
Lecture 8 9
Lecture 8 9Lecture 8 9
Lecture 8 9
 
Cellular NWs.pptx
Cellular NWs.pptxCellular NWs.pptx
Cellular NWs.pptx
 
GSM Architecture.ppt
GSM Architecture.ppt GSM Architecture.ppt
GSM Architecture.ppt
 
Mobile Networks Overview (2G / 3G / 4G-LTE)
Mobile Networks Overview (2G / 3G / 4G-LTE)Mobile Networks Overview (2G / 3G / 4G-LTE)
Mobile Networks Overview (2G / 3G / 4G-LTE)
 
Gsm Network
Gsm NetworkGsm Network
Gsm Network
 
GSM-Products-Presentation.pdf
GSM-Products-Presentation.pdfGSM-Products-Presentation.pdf
GSM-Products-Presentation.pdf
 
fdocuments.net_gsm-call-flows-5584455b2833e.ppt
fdocuments.net_gsm-call-flows-5584455b2833e.pptfdocuments.net_gsm-call-flows-5584455b2833e.ppt
fdocuments.net_gsm-call-flows-5584455b2833e.ppt
 
GSM Network
GSM NetworkGSM Network
GSM Network
 
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
2G / 3G / 4G / IMS / 5G Overview with Focus on Core Network
 
Rk 3 gsm network
Rk 3 gsm networkRk 3 gsm network
Rk 3 gsm network
 
Rk 3 gsm network @guddu
Rk 3 gsm network @gudduRk 3 gsm network @guddu
Rk 3 gsm network @guddu
 
Gsm presntation
Gsm presntationGsm presntation
Gsm presntation
 
Gsm presntation
Gsm presntationGsm presntation
Gsm presntation
 
GSM.ppt
GSM.pptGSM.ppt
GSM.ppt
 
bsnl presentation on gsm
bsnl presentation on gsm bsnl presentation on gsm
bsnl presentation on gsm
 
Switching systems lecture7
Switching systems lecture7Switching systems lecture7
Switching systems lecture7
 
7_gsm.ppt
7_gsm.ppt7_gsm.ppt
7_gsm.ppt
 
Gsm architecture
Gsm architectureGsm architecture
Gsm architecture
 
Basic of teleom gsm
Basic of teleom gsmBasic of teleom gsm
Basic of teleom gsm
 

More from Chyon Ju

Section break
Section breakSection break
Section breakChyon Ju
 
Lecture 02
Lecture 02Lecture 02
Lecture 02Chyon Ju
 
Lecture 07
Lecture 07Lecture 07
Lecture 07Chyon Ju
 
Ds it203-11-l01
Ds it203-11-l01Ds it203-11-l01
Ds it203-11-l01Chyon Ju
 
Cellular communication
Cellular communicationCellular communication
Cellular communicationChyon Ju
 
Pmit lecture 03_wlan_wireless_network_2016
Pmit lecture 03_wlan_wireless_network_2016Pmit lecture 03_wlan_wireless_network_2016
Pmit lecture 03_wlan_wireless_network_2016Chyon Ju
 

More from Chyon Ju (6)

Section break
Section breakSection break
Section break
 
Lecture 02
Lecture 02Lecture 02
Lecture 02
 
Lecture 07
Lecture 07Lecture 07
Lecture 07
 
Ds it203-11-l01
Ds it203-11-l01Ds it203-11-l01
Ds it203-11-l01
 
Cellular communication
Cellular communicationCellular communication
Cellular communication
 
Pmit lecture 03_wlan_wireless_network_2016
Pmit lecture 03_wlan_wireless_network_2016Pmit lecture 03_wlan_wireless_network_2016
Pmit lecture 03_wlan_wireless_network_2016
 

Recently uploaded

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 

Recently uploaded (20)

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 

GSM and Extensions Overview

  • 1. GSM (Global System for Mobile Communications) and Extensions Mobile Communication and Mobile Computing Prof. Dr. Alexander Schill http://www.rn.inf.tu-dresden.de Department of Computer Science Institute for System Architecture, Chair for Computer Networks
  • 2. GSM: Properties • cellular radio network (2nd Generation) • digital transmission, integrated data communication • roaming (mobility between different network operators) • good transmission quality (error detection and - correction) • scalable (large number of participants possible) • security mechanisms (authentication, authorization, encryption) • good resource use (frequency and time division multiplex) • integration with fixed telephone network • standard (ETSI, European Telecommunications Standards Institute) 2
  • 3. GSM: Structure 3 AuC Authentication Center BSS Base Station Subsystem BSC Base Station Controller BTS Base Transceiver Station EIR Equipment Identity Register HLR Home Location Register Fixed network Switching Subsystems VLR Radio Subsystems HLR AuC EIR (G)MSC OMC BTS BTSBSC BSS MS MS Network Management Call Management Data networks PSTN MS MS Mobile Station (G)SMC (Gateway) Mobile Switching Center OMC Operation and Maintenance Center PSTN Public Switched Telephone Network VLR Visitor Location Register
  • 4. GSM: Structure • Operation and Maintenance Center (OMC) • logical, central structure with HLR, AuC und EIR • Authentication Center (AuC) • authentication, storage of symmetrical keys, generation of encryption keys • Equipment Identity Register (EIR) • storage of device attributes of allowed, faulty and blocked devices (white, gray, black list) • Mobile Switching Center (MSC) • networking center, partially with gateways to other networks, assigned to one VLR each • Base Station Subsystem (BSS): technical radio center • Base Station Controller (BSC): control center • Base Transceiver Station (BTS): radio tower / antenna 4
  • 5. GSM: Protocols, incoming call 5 VLR BSS BSS MSC GMSC HLRBSS BSS (4) (2)(4) (5) (3) (10) (6) (11) (7)(8) (8) (9) (12) (8) (1) (12) (9) (8) PSTN/ ISDN (1) Call from fixed network was switched via GMSC (2) GMSC finds out HLR from phone number (3) HLR checks whether participant is authorized for corresponding service and asks for MSRN at the responsible VLR (4) MSRN will be returned to GMSC, can now contact responsible MSC
  • 6. GSM: Protocols, incoming call 6 VLR BSS BSS MSC GMSC HLRBSS BSS (4) (2)(4) (5) (3) (10) (6) (11) (7)(8) (12) (1) (12) (9) (8) PSTN/ ISDN (5) GMSC transmits call to current MSC (6) Ask for the state of the mobile station (7) Information whether end terminal is active (8) Call to all cells of the Location Area (LA) (9) Answer from end terminal (10 - 12) Security check and connection setup (8) (9) (8)
  • 7. GSM: Protocols, outgoing call 7 VLR BSS BSS MSC GMSC HLRBSS (5) (3)(4) (2)(1) (1) Connection request (via random access channel, possible collision handling) (2) Transfer by BSS (3-4) Authorization control (5) Switching of the call request to fixed network
  • 8. Radio structure 8 1 TDMA-Slot, 144 Bit in 4,615 ms 8 TDMA-channels, together 271 kBit/s including error protection information 124 radio frequency channels (carrier), each 200 kHz 2 frequency bands, each 25 MHz, divided into radio cells 890 935 915 MHz 960 MHz downlink uplink • One or several carrier frequencies per BSC • Physical channels defined by number and position of time slots
  • 9. GSM: channel structure Traffic Channel • Full-rate codec (13 kbit/s; differential encoding) • Half-rate codec: more efficient speech encoding at 7 kbit/s (two phone calls per time slot can be encoded) Paging Channel • Signalize incoming calls (BSC to MS) (Broadcast) Control Channel • Allocation of identity, frequency order etc. (BSC to MS) • Monitoring of BSCs for recognition of handover Random Access Channel • Control of channel entry with Aloha-procedure for collision handling between competing participants (MS to BSC) 9
  • 10. Databases Home Location Register (HLR), stores data of participants which are registered in an HLR-area • Semi-permanent data:  Call number (Mobile Subscriber International ISDN Number) - MSISDN, e.g. +49/171/333 4444 (country, network, number)  Identity (International Mobile Subscriber Identity) - IMSI: MCC = Mobile Country Code (262 for .de) + MNC = Mobile Network Code (01-T-Mobile, 02-Vodafone, 03-eplus, 07-O2) + MSIN = Mobile Subscriber Identification Number  Personal data (name, address, mode of payment)  Service profile (call transfer, roaming-limits etc.) • Temporary data:  MSRN (Mobile Subscriber Roaming Number) (country, network, MSC)  VLR-address, MSC-address  Authentication Sets of AuC (RAND (128 Bit), SRES (128 Bit), KC (64Bit))  Billing data 10
  • 11. Databases Visitor Location Register (VLR) local database of each MSC with following data: • IMSI, MSISDN • Service profile • Billing and accounting information • TMSI (Temporary Mobile Subscriber Identity) - pseudonym for data security • MSRN • LAI (Location Area Identity) • MSC-address, HLR-address 11
  • 12. Location Area: Concept 12 MSC-area HLR VLR Location areaadvantage of the architecture: Location Update in case of limited mobility only at VLR, rarely at (perhaps very remote) HLR
  • 13. Localization with GSM 13 participant call number in HLR country code Network provider Internal area +49 (0)177-26 32311 LA 5 LA 3 LA 2 LA 3 0x62F220 01E5e.g. VLR 10 VLR 9 IMSI LA 2 HLR 1 32311 VLR 9 IMSI
  • 14. Data transmission • Each GSM-channel configurable as data channel • Kinds of channels:  non-transparent (repeat of faulty data frames; very low error rate, but also very low throughput below 10 kbit/s)  transparent (only very simple forward error correction; slightly higher data rate; error rate 10-3 up to 10-4)  in practice, only faster extensions like GPRS, UMTS and LTE are used (explained later)  Speech channels have higher priority than data channels • Short-Message-Service (SMS)  connectionless transmission (up to 160 Byte) on signaling channel • Cell Broadcast (CB)  connectionless transmission (up to 80 Byte) on signaling channel to all participants in one cell or location area, e.g. for location based services; further refinement: triangulation- based location check like in global positioning system (GPS) 14
  • 15. Data transmission - structure 15 MSCBSC BTS IWF Modem PSTN Internet Modem TA ISDN IWF - Inter Working Function TA - Terminal Adapter
  • 16. Security aspects: Subscriber Identity Module (SIM) • Chip-card (Smart Cart) to personalize a mobile subscriber (MS): • IMSI (International Mobile Subscriber Identity) • symmetric key Ki of participant, stored also at AuC • algorithm “A3” for Challenge-Response-Authentication • algorithm “A8” for key generation of Kc for content data • algorithm “A5” for encryption • PIN (Personal Identification Number) for access control • Temporary data: • TMSI (Temporary Mobile Subscriber Identity) - pseudonym • LAI (Location Area Identification) • Encryption key Kc 16
  • 17. Security aspects: Authentication 17 MSC, VLR, AuCMS Authentication Request RAND (128 Bit) Random number generator A3 SRES SRES (Signed Response; 32 Bit) A3 Authentication Response = • Location Registration • Location Update with VLR-change • Call setup (in both directions) • SMS (Short Message Service) 128 Bit iK iK
  • 18. Security aspects: Session Key 18 Network MS Authentication Request RAND (128 Bit) A8 A8 64 Bit or 128 Bit cK • Key generation: Algorithm A8 – Stored on SIM and in AuC – one way function parameterized with Ki – no global standard, can differ between countries – can be determined by network operator – Interfaces are standardized iK Random number generator cK iK
  • 19. Security aspects: Encryption 19 NetMS Ciphering Mode Command A5A5 • Data encryption with algorithm A5: – stored in the Mobile Station – standardized in Europe and world wide – enhancement: A5/3 with improved security and 128 Bit key length cKTDMA-frame- number TDMA-frame- number Key block + Plain text block + Plain text block Ciphering Mode Complete Encrypted Text 114 Bit cK
  • 20. GSM-Security: assessment • low key length Ki with max. 128 Bit (could be hacked by using Brute Force Attack in less than an hour using a regular computers as documented recently again) • key generation and -administration not controlled by the participants (symmetric: network operator knows all keys) • cryptographic methods secret, so they were not „well examined“ (but A5/3 and other enhancements open now) • no mutual authentication; attacker can pretend a GSM- Net • no end-to-end encryption or end-to-end authentication 20
  • 21. HSCSD: High Speed Circuit Switched Data • GSM extension for higher data rates • parallel usage of several time slots (TS) of one frequency on Um (air interface) • channel bundling with asymmetric transmission (1 TS Uplink / 3 TS or 4 TS Downlink) • Data rates up to 4 * 14,4 kbit/s = 57,6 kbit/s (theoretically 8 time slots, but limited bundling in practice) 21
  • 22. HSCSD: structure 22 BTS IWF - Inter Working Function TA - Terminal Adapter n time slots of each TDMA frame (theoretically max. 8) MSCBSC IWF Modem PSTN Internet Modem TA ISDN
  • 23. HSCSD: changes 23 Um Abis A MSCBSCBTS n time slots of each TDMA frame (theoretically max. 8) certain changes are necessary at the component several changes of the software/firmware minimal changes of the software/firmware multiplex of the time slots on each 64 kBit/s channel
  • 24. HSCSD radio interface • parallel usage of several time slots limited to one frequency, in half-duplex mode due to technical limitations of the end devices • Cost factor limits number of used TS to (2+2) or (1+3, uplink, downlink); (1+4) with improved timing 24 Required time for setting to receiving mode 7654321076543210 4321076543210765 Required time for setting to transmission mode Required time for signal strength measure and setting to receiving mode MS RECEIVE MS TRANSMIT MS MONITOR
  • 25. Assessment of HSCSD + existing network structure and accounting model maintained; only small changes were necessary + HSCSD is still circuit switched + has defined QoS-settings (data rate, delay)  one logical channel will be established on all interfaces for the time of the connection (inefficient)  badly suited for burst-like traffic (Internet) or Flat Rate billing (Logistics)  Only limited international acceptance (Roaming!) • also uses more resources on the radio interface  problems with handover into a new cell 25
  • 26. GPRS: General Packet Radio Service • GSM extension based on packet switching service (end-to-end) and channel bundling based on multiple time slots • Data rates up to 171,2 kbit/s (theoretical) – in practice however similar to HSCSD • Effective and flexible administration of the radio interface; adaptive channel encoding • Internetworking with IP networks standardized • Dynamic sharing of resources with „classical“ GSM speech services • Advantage: Billing and Accounting according to data volume 26
  • 27. GPRS: Structure 27 MSCBSC BTS Internet HLR GSM GPRS Backbone Frame Relay / ATM GGSN GGSN SGSN Border Gateway GPRS Nets other operators other packet switching networks SGSN - Serving GPRS Support Node GGSN - Gateway GPRS Support Node signalization data user data
  • 28. GPRS: Changes 28 GMSC Circuit switched traffic HLR/AuC GPRS register MAP MAP A GGSN Abis Gb Gn Gi other packet switched networks public fixed networks Packet switched traffic Gs Um n time slots (TS) per TDMA frame (theoretically max. 8) per packet! modified network components new components or extensively modified components Existing components PCU - Packet Control Unit SGSN MSC BSCBTS PCU
  • 29. MAP Signalization (SGSN) MAP Signalization (GGSN) Tasks: SGSN, GGSN 29 SGSN: - packet delivery - mobility management - session management - QoS - Security - Billing External Data Domain Intranet SGSN HLR Internet BSS PCU BSS PCU BSS PCU Client GGSN Client Server SGSN, GGSN: - Routing and Signalization - Mapping to PDP (Packet Data Protocol) - Address conversion (IP to GSM) - Resource management SGSN
  • 30. Quality of Service • QoS profile agrees service parameters inside the whole network for the duration of PDP (Packet Data Protocol) context (session):  temporary address (IP) for mobile station  tunneling information, among others GGSN, which is used for access to corresponding packet switched network  type of the connection  QoS profile • QoS profile commits:  precedence class, priority against other services (high, normal, low)  packet delay class, times valid for traffic inside the GPRS network  reliability class  peak throughput class  mean throughput class 30
  • 31. Quality of Service: Examples 31 Packet delay classes Error classes GPRS data rates (only CS-1 and CS-2 comprise reasonable error correction and are relevant in practice) Coding # of timeslots Scheme 1 2 3 4 5 6 7 8 CS-1 9,05 18,1 27,15 36,2 45,25 54,3 63,35 72,4 CS-2 13,4 26,8 40,2 53,6 67 80,4 93,8 107,2 CS-3 15,6 31,2 46,8 62,4 78 93,6 109,2 124,8 CS-4 21,4 42,8 64,2 85,6 107 128,4 149,8 171,2 Probability for Class Lost packet Duplicated p. Out of Sequence p. Corrupted p. 1 10-9 10-9 10-9 10-9 2 10-4 10-5 10-5 10-6 3 10-2 10-5 10-5 10-2 Size: 128 octets Size: 1024 octets Class Mean Delay 95% Delay Mean Delay 95% Delay 1 (predicitive) < 0,5 s < 1,5 s < 2 s < 7 s 2 (predicitive) < 5 s < 25 s < 15 s < 75 s 3 (predicitive) < 50 s < 250 s < 75 s < 375 s 4 (best effort) Best effort
  • 32. Assessment of GPRS + An up to four times higher data rate in comparison to ordinary GSM data services + better resource management through packet switched service + „always on” data service (email, etc.) + GPRS is a more suitable carrier for the mobile Internet - IP-derivate, no true service guarantees (QoS) - GPRS does not provide the data rates that advertising has sometimes promised, therefore most operators migrated to UMTS and LTE where possible, e.g. in urban areas 32
  • 33. Some further readings • ETSI standards (GSM etc.) in general: www.etsi.org • GSM, HSCSD, GPRS: good overviews on www.wikipedia.org • GPRS tutorial: www.telecomspace.com/datatech-gprs.html • SMS tutorial: www.developershome.com/sms/ 33