Networking — Something Good to Know

October 5, 2010

Voice Call Continuity: 3GPP v.s. 3GPP2 — Architecture

Filed under: Uncategorized — conningtech @ 9:05 pm

1. Some background information

VCC is a 3GPP and 3GPP2 concept referring to the voice call continuity function in the new IP based IMS mobile core and the traditional circuit based mobile core convergence environment. VCC function will not only provide mobile operators the capability of non service interrupting seamless network evolution, but also enable them with new service accessing methods (such as WiFi, wireline, WiMax etc.) and new service capabilities (such as domain transfer etc.).

In both 3GPP and 3GPP2 worlds, there are two major VCC functions, respective the single radio VCC (SRVCC) which addresses the VCC function over the same radio but different air access methods: circuit and packet accesses respectively, and multiple/dual radio VCC which addresses the VCC function over different radio frequencies and access methods such as ordinary mobile access and WiFi/WiMax access etc.

Here we will focus on the comparison between the 3GPP and 3GPP2 multiple/dual radio VCC functions.

2. 3GPP VCC Architecture Reference Model

3. 3GPP2 VCC Architecture Reference Model

September 28, 2010

Penetrating into Mobile Market

Filed under: Uncategorized — conningtech @ 10:50 pm

How? Click the following link to view …

Penetrating into Mobile Market

IMS Mobile Network Convergence Server Architecture

Filed under: Uncategorized — conningtech @ 10:42 pm

Slides illustrate a general architecture of a IMS mobile convergence server. Click to view details…

IMS mobile convergence server architecture

September 25, 2010

Voice over LTE General Overview

Filed under: Uncategorized — conningtech @ 3:04 pm

A general overview about voice over LTE is presented in the following slides, click to view….

Voice over LTE General Overview

3GPP MMTel Architectural Overview

Filed under: Uncategorized — conningtech @ 2:56 pm

3GPP Multi-media Tephony service architectural overview is presented in the following slides, click to view details…

3GPP MMTel Architectural Overview

September 24, 2010

3GPP ICS General Overview

Filed under: Uncategorized — conningtech @ 9:05 pm

3GPP ICS general overview is demonstrated in the slides pointed by the following link. Click to view.

3GPP ICS general overview

3GPP UMTS HNB Architectuure

Filed under: Uncategorized — conningtech @ 8:49 pm

3GPP UMTS HNB Architectuure is briefed in the slides pointed by the following link. Click to view.

3GPP UMTS HNB Architectuure

System High Availability Architecture

Filed under: Uncategorized — conningtech @ 8:35 pm

System High Availability Architecture

The slides pointed by above link demonstrated the generic architectural concept of a system high availability implementation.

IMS Signaling Convergence Architecture

Filed under: Uncategorized — conningtech @ 7:52 pm

The slides pointed by the following link showed the architectural outlines of an IMS signaling convergence system. For more details, click on the following link.

IMS Signaling Convergence Architecture

System Event Log Architecture Guidelines

Filed under: Uncategorized — conningtech @ 7:24 pm

The following document described the generic architectural guidelines in implementing a switching system event log. For more details, click on the following link.

Event Log Architecture Guildeline

A Generic System Management Plane Architecture

Filed under: Uncategorized — conningtech @ 6:56 pm

The following document described a generic system management plane architecture. To view the documentm please click the following link.

Management plane reference model

3GPP2 Femto Architecture Meeting Summary

Filed under: Uncategorized — conningtech @ 6:04 pm

These slides presented the 3GPP2 femto architecture standard activities in 2008. To view the slides, click on the following link.


August 7, 2010

3GPP2 CDMA Authentication

Filed under: Uncategorized — conningtech @ 3:21 am

1. Introduction

CDMA mobile network authentication mechanism evolved with the network evolution from CDMAone to CDMA2000 Rev.0, A, B, C and later.

Cellular Authentication and Voice Encryption (CAVE) is the mechanism used in CDMA2000 Rev.B and earlier generations. Authentication and Key Agreement (AKA) plus optional UIM authentication procedure to prove presence of a valid UIM and prevent rogue shell attacks is an enhanced mechanism used by CDMA2000 Rev C and later generations. With the network gradually migrates toward all IP solutions, IS-856 specified the authentication and security key assignment mechanism used for authenticating mobile users with RAN/PDSN etc. core network elements.


CAVE is the access authentication mechanism used in CDMA/1xRTT Rev.B and earlier systems. Two key network entities involved in the CAVE-based authentication are the Authentication Center (AC) a.k.a. HLR/AC, AuC, and the Visitor Location Register (VLR).

Authentication Center (AC) is a home network element, responsible for controlling the authentication process by either authenticating the Mobile Station or sharing the shared secret data (SSD) with the serving VLR to allow authentication bing done locally.

Visitor Location Register (VLR) is in the visiting network. If SSD is shared with the visited network, the VLR can locally authenticates a roamer. Otherwise, the VLR proxies authentication requests and responses between the roamers and their home HLR/AC for authentication.

CAVE uses a symmetry key cryptosystem together with a Challenge-Response protocol to achieve the authentication functions. It is based on the CAVE algorithm and two shared keys, respectively the Authentication key (A-key) – A 64-bit primary secret key known only to the MS and AC, and the Shared Secret Data (SSD) – A 128-bit secondary secret key that is calculated using the CAVE algorithm during an SSD Update procedure. SSD consists of two 64-bit keys: SSD_A, which is used during authentication to calculate authentication signatures, and SSD_B, which is used in the generation of session keys for encryption and voice privacy.

CAVE-based authentication provides two types of challenges, Global challenge and Unique challenge respectively.

Global challenge is the procedure that requires any MS attempting to access the serving network to respond to a common challenge value being broadcast in the overhead message train. The MS must generate an authentication signature response (AUTHR) using CAVE with inputs of the global challenge value, ESN, either the last six dialed digits (for an origination attempt) or IMSI_S1 (for any other system access attempt), and SSD_A.

AUTHU generation for global challenge

Global challenge when SSD is not shared

Global challenge when SSD is shared

Unique challenge is the procedure that allows a visited network (if SSD is shared) and/or home network to uniquely challenge a particular MS for any reason. The MS must generate an authentication signature response (AUTHU) using CAVE with inputs of the unique challenge value, ESN, IMSI_S1, and SSD_A.

AUTHU generation for unique challenge

Unique challenge initiated by roamer’s home system

Unique challenge initiated by visited system

SSD update process when SSD is not shared

SSD update process when SSD is shared

3. AKA

AKA stands for the Authentication and Key Agreement. It is a security protocol used in 3G networks (both CDMA and UMTS). In the CDMA world, it is the successor to the CAVE-based Authentication. AKA provides procedures for mutual authentication of the MS and serving system. The successful execution of AKA results in the establishment of a security association (i.e., set of security data) between the MS and serving system.

Compared to the CAVE-based authentication, AKA has the following advantages

–> Larger authentication keys (128-bit )
–> Stronger hash function (SHA-1)
–> Support for mutual authentication
–> Support for signaling message data integrity
–> Support for signaling information encryption
–> Support for user data encryption
–> Protection from rogue MS when dealing with R-UIM

In order to ensure interoperability with current devices and partner networks, support for AKA in CDMA networks and handsets will likely be in addition to CAVE-based authentication.

Authentication vectors (AVs)

A fundamental concept in AKA is the authentication vector (AV). An AV is essentially a group of information used for one AKA attempt. AVs are generated by the home AC and distributed to the visited network. Each AV contains all information required by the visited network to locally perform AKA with an AKA-enabled mobile station.

AKA authentication process

Similar to CAVE, AKA relies on an authentication key associated with the MS and available only to the MS and its home AC. In CAVE, this key is known as the authentication key (A-key). In AKA, the key is known as the master key (K).

Also similar to CAVE, AKA involves a challenge process that allows the network to authenticate the MS. However, in AKA the information provided during this challenge also enables the MS to authenticate the network, providing for bilateral authentication.

An AKA process includes 4 phases

1. Distribution of AVs. Authentication vectors (AVs) are generated by the home system and provided to the visited system in an AV list
2. Authentication of the network by the MS. The message authentication code (MAC_A) received from the network is verified against the expected MAC_A (XMAC_A) generated by the MS. The sequence number (SQN) received from the network is verified against the SQN locally maintained by the MS.
3. Authentication of the MS by the network. The authentication response (RES) received from the MS is verified against the expected RES (XRES) received from the home system in the network authentication token (AUTN).
4. Establishment of security association between MS and MSC. Cipher key (CK), integrity key (IK), and UIM authentication key (UAK) are generated by the MS in such a way that they are identical to the ones provided to the visited network in the AV. The security association between MS and MSC involves using these keys to support security services such as confidentiality and integrity.

4. IS-856 Authentication

In IS-856 Authentication mechanism, RAN and PDSN are the two network elements that serve authenticating the mobile users.

* RAN:
–> Initial connection establishment is neither authenticated nor encrypted.
–> Session establishment includes Diffie-Hellman key negotiation.
–> Subsequent RAN-domain messages can be authenticated and/or encrypted using the negotiated keys.
–> PPP/LCP setup follows session establishment.
–> RAN user identity is optionally authenticated by CHAP via the RAN-AAA.
–> Data integrity protection (encryption, keyed MAC) prevents packet insertion or similar theft of service.

–> Separate PPP/LCP instance created.
–> CHAP and/or MIP authentication of PDSN user identity via the home AAA server.
–> RAN security ensures integrity of the PPP connection.

August 6, 2010

3GPP UMTS Authentication and Key Agreement

Filed under: Uncategorized — conningtech @ 7:48 pm

1. Overview

3GPP defined authentication and key agreement procedure specified in TS 33.102 V9.2.0 (2010-03) defined the mechanism for achieving mutual authentication between the user and the network by showing knowledge of a secret key K which is shared between and available only to the Universal Subscriber Identity Module (USIM) and the AuC in the user’s Home Environment (HE).

The mechanism was chosen to achieve maximum compatibility with the current GSM security architecture and facilitate migration from GSM to UMTS.

The mechanism is composed of a challenge/response protocol identical to the GSM subscriber authentication and key establishment protocol combined with a sequence number-based one-pass protocol for network authentication derived from ISO/IEC 9798-4(section 5.1.1).

2. Authentication Vector Distribution

Upon receipt of a request from the VLR/SGSN, the HE/AuC sends an ordered array of n authentication vectors (the equivalent of a GSM “triplet”) to the VLR/SGSN. The authentication vectors are ordered based on sequence number.

Each authentication vector consists of the following components:
–> a random number RAND,
–> an expected response XRES,
–> a cipher key CK,
–> an integrity key IK and
–> an authentication token AUTN.

Each authentication vector is good for one authentication and key agreement between the VLR/SGSN and the USIM.

3. Authentication and key Establishment

When the VLR/SGSN initiates an authentication and key agreement with the MS, it selects the next authentication vector from the ordered array and sends the parameters RAND and AUTN to the MS.

The MS/USIM checks whether AUTN can be accepted and, if so, produces a response RES which is sent back to the VLR/SGSN. The MS/USIM also computes CK and IK.

The VLR/SGSN compares the received RES with XRES. If they match the VLR/SGSN considers the authentication and key agreement exchange to be successfully completed.

The established keys CK and IK will then be transferred by the MS/USIM and the VLR/SGSN to the entities which perform ciphering and integrity functions.

4. Other Aspects

VLR/SGSNs can offer secure service even when HE/AuC links are unavailable by allowing them to use previously derived cipher and integrity keys for a user so that a secure connection can still be set up without the need for an authentication and key agreement. Authentication is in that case based on a shared integrity key, by means of data integrity protection of signalling messages.

5. Authentication Vector (AV) Generation

Authentication vector (AV) is generated by the HE/AuC.

f1 and f2 are message authentication functions, f3, f4 and f5 are key generating functions.

6. User Authentication Function

Upon receipt of RAND and AUTN the USIM first computes the anonymity key AK = f5K (RAND) and retrieves the sequence number SQN = (SQN * AK) * AK.

After that, the USIM computes XMAC = f1K (SQN || RAND || AMF) and compares this with MAC which is included in AUTN. If they are different, the user sends user authentication reject back to the VLR/SGSN with an indication of the cause and the user abandons the procedure. In this case, VLR/SGSN shall initiate an Authentication Failure Report procedure towards the HLR. VLR/SGSN may also decide to initiate a new identification and authentication procedure towards the user.

Finally, the USIM verifies that the received sequence number SQN is in the correct range. If the USIM considers the sequence number to be not in the correct range, it sends synchronisation failure back to the VLR/SGSN including an appropriate parameter, and abandons the procedure.

August 3, 2010

Mobile Network Numbering and Routing

Filed under: Uncategorized — conningtech @ 3:24 pm

1. Overview

* Mobile Subscriber ISDN Number (MSISDN)
–> is a number uniquely identifying a subscription in a mobile network.
–> it is the telephone number of the SIM card in a mobile/cellular phone.
–> it is Mapped to the Mobile Station Roaming Number (MSRN) by HLR.

* International Mobile Subscriber Identify (IMSI)
–> is a unique number associated with all mobile phone users.
–> Stored in SIM/HLR

* Temporary Mobile Subscriber Identity (TMSI)
–> is randomly assigned by the VLR to every mobile in the area, the moment it is switched on.
–> is local to a location area
–> is assigned by VLR and stored in VLR

* International Mobile Equipment Identity (IMEI)
–> Unique ID to handset, used by air interface

2. Encoding

–> MSISDN: Mobile Station ISDN Number
–> CC: Country Code
–> NDC: National Destination Code
–> SN: Subscriber Number

–> IMSI: International Mobile Subscriber Identity
–> MCC: Mobile Country Code
–> MNC: Mobile Network Code
–> MSIN: Mobile Station Identification Number

* MSRN = CC + NDC + SN
–> MSRN: Mobile Station Roaming Number
–> CC: Country Code
–> NDC: National Destination Code
–> SN: Subscriber Number

–> MCC: Mobile Country Code
–> MNC: Mobile Network Code
–> LAC: Location Area Code

* IMEI = TAC + FAC + SNR + spare
–> IMEI: Internal Mobile Equipment Identity
–> TAC: Type Approval Code
–> FAC: Final Assembly Code
–> SNR: Serial Number

–> IMEISV: International Mobile Equipment Identity and Software Version Number
–> SVN: Software Version Number

* CGI = MCC + MNC + LAC + CI
–> CGI: Cell Global Identity
–> CI: Cell Identity
–> BSIC: = NCC + BCC
–> BSIC: Base Station Identity Code
–> NCC: Network Color Code (3bits)
–> BCC: Base Station Color Code (3bits)

* LN = CC + NCD + LSP
–> LN: Location Number
–> CC: Country Code
–> NCD: National Destination Code
–> LSP: Locally Significant Part

* RSZI = CC + NDC + ZC
–> RSZI: Regional Subscription Zone Identity
–> CC: Country Code
–> NDC: National Destination Code
–> ZC: length of the Zone code (2 octets)

3. Usage

* Information resident in MS & SIM
–> misc. information

* Routing Information used by Network

4. Numbering and Routing

July 28, 2010

Mobile Network Evolution: UMTS

Filed under: Uncategorized — conningtech @ 3:15 pm

Universal Mobile Telecommunications System (UMTS) is one of the third-generation (3G) cell phone technologies. Currently, the most common form of UMTS uses W-CDMA as the underlying air interface. It is standardized by the 3GPP, and is the European answer to the ITU IMT-2000 requirements for 3G cellular radio systems.

UMTS is packet-based and it allows transmission of text, digitized voice, video, and multimedia at data rates up to 2 megabits per second (Mbps). UMTS offers a consistent set of services to mobile computer and phone users, no matter where they are located in the world.

1. UMTS Network Architecture

A UMTS network consists of three domains; Core Network (CN), UMTS Terrestrial Radio Access Network (UTRAN) and User Equipment (UE). The main function of the core network is to provide switching, routing and transit for user traffic. Core network also contains the databases and network management functions.

The basic Core Network architecture for UMTS is based on GSM network with GPRS. All equipment has to be modified for UMTS operation and services. The UTRAN provides the air interface access method for User Equipment. Base Station is referred as Node-B and control equipment for Node-B’s is called Radio Network Controller (RNC).

2. UMTS Protocol Stacks

July 16, 2010

Mobile Network Evolution: EDGE

Filed under: Uncategorized — conningtech @ 1:17 pm

EDGE, Enhanced Data rates for GSM Evolution, is a further step for GSM to migrate to 3G. It uses a new air-interface technology — 8 Phase Shift Keying Modulation (8-PSK) to offer 48 kbits/s per GSM timeslot. The overall offered data speeds of 384Kbps places EDGE as an early pre-taste of 3G and it is actually labeled as 2.75G by the industry.

EDGE is occasionally referred to as Enhanced GPRS (EGPRS) because it increases the capacity and data throughput of GPRS by three to four times. Like GPRS, EDGE is a packet-based service, which provides customers with a constant data connection.

1. EDGE Network Architecture
On top of the GPRS network, it is only necessary to upgrade the MS and the radio access network RAN (BTS + BSC) to support the EDGE functionalities. The RAN for EDGE is referred as GERAN (GSM/EDGE Radio Access Network).

2. EDGE Network Entities

All EDGE network entities are same as those of GPRS except that the MS and the BTS are upgraded with new physical layers to support the new modulation technology. Some industrial notations also included the migration of BSC to RNC (Radio Node Controller) into the EDGE for the new Iu-cs and Iu-ps interface support.

3. EDGE Interfaces and Protocols

Besides all other interfaces that are common with GPRS, the EDGE specific interfaces are between the BSC/RNC and SGSN. Between these two network entites, both the GPRS Gb and the new Iu-ps interfaces are supported. The protocol stacks of the Iu-ps interface control plane and user plane are as below.

Iu-ps Control Plane Protocol Stacks

Iu-ps User Plane Protocol Stacks

4. EDGE Evolution

EDGE Evolution is an upgraded version of EDGE that completed standardization work in 2007 within Release 7 at 3GPP. EDGE Evolution is also referred to as EDGE II or Evolved EDGE by some industry sources. EDGE Evolution boosts the data speeds by up to 300 percent and significantly improves latency, coverage, and spectrum efficiency of existing GSM/EDGE equipment.

Compared to EDGE, EDGE Evolution is expected to provide:
• A dramatic increase in data rates. The actual amount depends on the version used, but EDGE Evolution is expected to quadruple the throughput rates for EDGE with peak theoretical network speeds of 1184 kbps to 1894 kbps in type 1 or type 2 respectively for the downlink and 473 to 947 kbps for the uplink.
• A 50 percent increase in spectral efficiency and capacity
• Reduced latency for initial access and round trip time, enabling better quality of service (QoS) for Push-to-Talk (PTT) and Voice over IP (VoIP)
• Compatibility with existing frequency plans, thus facilitating rapid deployment in existing networks
• A simple upgrade to existing GSM equipment allowing a more efficient use of scarce existing spectrum
• A better seamless experience for subscribers as they roam from HSPA networks to EDGE networks
• Compatibility with existing frequency plans, thus facilitating rapid deployment in existing networks

July 15, 2010

Mobile Network Evolution: GPRS

Filed under: Uncategorized — conningtech @ 1:16 pm

GPRS (General Packet Radio Service) is a packet based upgrade to the GSM networks. It allows GSM networks to be truly compatible with the Internet. GPRS uses a packet-mode technique to transfer bursty traffic in an efficient manner. It promises data rates from 56 up to 114 Kbps and continuous connection to the Internet for mobile phone and computer users. Along the evolution path of the GSM network towards 3G and beyond, GPRS is refered as a 2.5G technology.

1. GPRS Network Architecture

2. GPRS Network Entities

2.1 MS
GPRS enabled MS.

2.2 BTS
Same as the GSM BTS.

2.3 BSC
The GSM BSC enhanced with the Packet Control Unit (PCU) to differentiates whether data is to be routed to the packet switched or circuit switched networks.

The PCU or Packet Control Unit is a hardware router that is added to the BSC. It differentiates data destined for the standard GSM network (circuit switched data) and data destined for the GPRS network (Packet Switched Data). The PCU itself may be a separate physical entity, or more often these days it is incorporated into the base station controller, BSC, thereby saving additional hardware costs.

2.4 SGSN
The SGSN or Serving GPRS Support Node element of the GPRS network provides a number of takes focussed on the IP elements of the overall system. It provides a variety of services to the mobiles:

• Packet routing and transfer
• Mobility management
• Attach/detach
• Logical link management
• Authentication
• Charging data

There is a location register within the SGSN and this stores location information (e.g., current cell, current VLR). It also stores the user profiles (e.g., IMSI, packet addresses used) for all the GPRS users registered with the particular SGSN.

2.5 GGSN
The GGSN, Gateway GPRS Support Node is one of the most important entities within the GPRS network architecture.

The GGSN organises the interworking between the GPRS network and external packet switched networks to which the mobiles may be connected. These may include both Internet and X.25 networks.

The GGSN can be considered to be a combination of a gateway, router and firewall as it hides the internal network to the outside. In operation, when the GGSN receives data addressed to a specific user, it checks if the user is active, then forwarding the data. In the opposite direction, packet data from the mobile is routed to the right destination network by the GGSN.

3. GPRS Interfaces and Protocols

4. GPRS Control and User Planes

5. GPRS Core Protocol — GTP

GPRS Tunnelling Protocol (GTP) is the core protocol used in GPRS network between the SGSN and the GGSN for GPRS service control and user data delivery. It is is a group of IP-based communications protocols. GTP can be classified into separate protocol subgroups according to their usage, GTP-C, GTP-U and GTP’ respectively.

GTP-C is used within the GPRS core network for signaling between the GGSN and the SGSN. GTP-C includes the control procedures that allows the SGSN to activate a session on a user’s behalf (PDP context activation), to deactivate the same session, to adjust quality of service parameters, or to update a session for a subscriber who has just arrived from another SGSN.

GTP-U is used for carrying user data within the GPRS Core Network and between the Radio Access Network and the core network. The user data transported can be packets in any of IPv4, IPv6, or PPP formats.

GTP’ (GTP prime) uses the same message structure as GTP-C and GTP-U, but has an independent function. It can be used for carrying charging data from the Charging Data Function (CDF) to the Charging Gateway Function (CGF).

6. GPRS User Sessions — PDP Context
A Packet Data Protocol (PDP) context is a GPRS user session established allowing the MS and the network to exchange IP packets with QoS specifications. A PDP Context has a record of parameters, which consists of all the required information for establishing the end-to-end connection:

• PDP Type
• PDP address type
• QoS profile request (QoS parameters requested by user)
• QoS profile negotiated (QoS parameters negotiated by network)
• Authentication type (PAP or CHAP)
• DNS type (Dynamic DNS or Static DNS)

July 14, 2010

Mobile Network Evolution: GSM — The Starting Point

Filed under: Uncategorized — conningtech @ 6:05 pm

Global System for Mobile Communication (GSM) is a set of ETSI standards specifying the infrastructure for a digital cellular service. As a fully digital system, GSM allows both speech and data services and allows roaming across networks and countries. These features made GSM a very popular system, not only in european countries but also elsewhere in the world.

In the mobile network evolution path shown above, the GSM system is the starting point to be address in this series of articles.

1. GSM Network Architecture

2. GSM Network Entities

2.1 Mobile Station (MS)
The Mobile Station (MS) is the user equipment in GSM, i.e. the cellular phone itself. The MSs in GSM are independent from networks-providers. The identity of the subscriber is obtained from a SIM (Subscriber Identity Module) that has to be inserted into the MS to make it work. The SIM contains the IMSI (International Mobile Subscriber Identity) which uniquely identifies the subscriber to the network. It also contains information necessary to encrypt the connections on the radio interface. The MS itself is identified by an IMEI (International Mobile Equipment Identity), which can be obtained by the network upon request. Without the SIM, calls to and from the mobile station is not allowed, except that the alls to the international emergency number, 112, is allowed without the SIM.

2.2 Base Transciever Station (BTS)
The Base Transciever Station (BTS) is the entity corresponding to one cellular site communicating with the Mobile Stations. Usually, the BTS will have an antenna with several TRXs (radio transcievers) that each communicate on one radio frequency. Speech and data transmissions from the MS is encoded in the BTS from the special encoding used on the radio interface to the standard 64 kbit/s encoding used in telecommunication networks.

2.3 Base Station Controller (BSC)
A Base Station Controller (BSC) controls the magnitude of several hundred BTSs for subscriber registration, location update, call setup and handover control etc. It is the entrance point for an MS to gain access to the overall mobile network services.

2.4 Mobile Switching Centre (MSC)
The Mobile Switching Centre (MSC) is a typical telecom switch with extended functionalities to support mobile services. The basic function of the MSC is to switch speech and data connections between BSCs, with other MSCs or other GSM-networks and external non-mobile-networks. It also takes care of all mobility management tasks.

2.5 Visitors Location Register (VLR)
For each MSC, there is an associated VLR to store the information about all subscribers that are roaming within its service coverage. The subscriber infromation is obtained either through the MS initiated location update procedure when it enters the covered area or through the notification from the subscriber’s Home Location Register (HLR). The VLR serves the routing of all service initiated or targeted to the MS.

2.6 Home Location Register (HLR)
The HLR is the home register of a subscriber. It is where the subscriber information, allowed services, authentication information, location information etc. of a subscriber are permanently stored.

2.7 Equipment Identity Register (EIR)
The Equipment Identity Register (EIR) is an optional register. Its purpose is to register IMEIs of mobile stations in use. By implementing the EIR the network provider can implement a widely range of control functions to the served MSs, such as blacklisting malfunctional or stolen mobile stations etc.

2.8 Gateway MSC (GMSC)
A Gateway Mobile Switching Centre (GMSC) provides the edge function within the mobile network. It terminates the PSTN (Public Switched Telephone Network) signalling and traffic formats and converts to protocols employed in mobile networks. For mobile terminated services, it interacts with the HLR (Home Location Register) to perform routing functions.

3. GSM Interfaces and Protocols

4. GSM Air Interface Channel Structure

July 13, 2010

Mobile Network Evolution: CDMAone to CDMA2000

Filed under: Uncategorized — conningtech @ 3:11 pm

Code Division Multiple Access (CDMA) is a method for transmitting simultaneous digital signals over a shared portion of the spectrum. As a competing technology to its European GSM peer and its successors, this American technology initiates an alternative cellular system implementation.

1. CDMAone

CDMAone refers to the original ITU IS-95 (CDMA) wireless interface protocol that was first standardized in 1993 and employed to build up the first CDMA cellular network. In the mobile network evolution term, CDMAone is considered as a second-generation (2G) mobile wireless technology.

There are two versions of IS-95, called IS-95A and IS-95B. The IS-95A protocol employs a 1.25-MHz carrier, operates in radio-frequency bands at either 800 MHz or 1.9 GHz, and supports data speeds of up to 14.4 Kbps. IS-95B can support data speeds of up to 115 kbps by bundling up to eight channels.

2. CDMA2000 Overview

CDMA2000 represents a family of standards which includes technologies as listed below. CDMA2000 is also known by its ITU name, IMT-2000 CDMA Multi-Carrier (MC).

i. CDMA 2000 1x
ii. CDMA 2000 1x EV DO
a) CDMA2000 1xEV-DO Release 0
b) CDMA2000 1xEV-DO Revision A (Rev A)
c) CDMA2000 1xEV-DO Revision B(Rev B)
d) CDMA2000 1xEV-DO Revision C(Rev C)
iii. CDMA 2000 1x EVDV
iv. CDMA 2000 3x

The CDMA 2000 standard was divided into two phases 1x and 3x. 1x is used to refer that the standard carrier on the air interface is 1.25 MHz, which is the same as for IS-95A/B. 3X is a multi-carrier approach, and is used to refer 3 times standard carrier of 1.25 MHz i.e. 3.75 MHz.

CDMA 2000 1x utilizes a single carrier of 1.25 MHz of radio spectrum as IS-95. However, it uses a different vocoder and walshcodes, 256/ 128 verses 64, allowing for higher data rates and more voice conversions than are possible over cdmaOne systems. 1x EV-DO means one carrier, which is data only, while 1x EV-DV means one carrier that supports data and voice services. However, when referring to CDMA 2000 3x, the use of 3.75 MHz of the spectrum, or 3×1.25 MHz, is defined with a change in the modulation scheme as well as the vocoders.

3. CDMA2000 1xRTT

CDMA2000 1xRTT is considered as a 2.5G (or 2.75G) technology. CDMA2000 1xRTT is the core CDMA2000 wireless air interface standard and is also known as 1x, 1xRTT, and IS-2000. The designation “1x”, meaning “1 times Radio Transmission Technology”, indicates the same RF bandwidth as IS-95 (CDMA-One): a duplex pair of 1.25 MHz radio channels. 1xRTT almost doubles the capacity of IS-95 by adding 64 more traffic channels to the forward link, orthogonal to the original set of 64. Although capable of higher data rates, most deployments are limited to a peak of 144 kbit/s. IS-2000 also made changes to the data link layer for the greater use of data services, including medium and link access control protocols and QoS.

4. CDMA2000 EV-DO

CDMA2000 EV-DO (Evolution-Data Optimized or Evolution-Data only) is refered as the CDMA version of 3G technology. It is a broadband access radio technology standardized by 3rd Generation Partnership Project 2 (3GPP2), provides access to mobile devices with air interface speeds of up to 2.4 Mbit/s with Rev. 0, up to 3.1 Mbit/s with Rev. A, upto 14.7 Mbit/s with Rev. B and upto 200 Mbit/s with Rev. C, etc.

CDMA2000 1xEV-DO requires a multi-mode device to be fully backward compatible with 1X and cdmaOne systems to support the all-IP network and the air interface that has been optimized for data.

CDMA2000 1xEV-DO Rev.0 provides a peak data rate of 2.4 Mbps in the forward link and 153 kbps in the reverse link in a 1.25 MHz CDMA carrier. With average throughput of 400-800 kbps in the forward link.

CDMA2000 1xEV-DO Rev A is an enhanced version of Rev.0,represents a major step in the evolution of CDMA2000 standards towards converged communication networks and ubiquitous delivery of voice and data services across fixed and wireless networks. The key features that the Rev.A provides are:
• High-speed data: Delivers a peak data rate of 1.8 Mbps on the reverse link and 3.1 Mbps on the forward link.
• Higher system capacity: Improves sector capacity within the 1.25 MHz channel. It has twice the sector capacity on the down link and is 1.2 times higher on the forward link compared to Release 0.
• Improved Quality of Service (QoS): Lower latency, prioritization of low-latency applications and QoS software enhancements added to Revision A improve performance of delay-sensitive applications such as VoIP, push-to-talk, instant messaging and video telephony.
• VoIP: Is possible because of the high data rate on the reverse link, lower latency and improved QoS.

CDMA 2000 1x Ev-DO Rev-B introduces a 64-QAM modulation scheme and will deliver peak rates of 73.5 Mbps in the forward link and 27 Mbps in the reverse link through the aggregation of 15, 1.25 MHz carriers within 20 MHz of bandwidth. A single 1.25 MHz carrier and an aggregated 5 MHz carrier in the forward link will deliver a peak rate of up to 4.9 Mbps and 14.7 Mbps, respectively.

CDMA 2000 1x Ev-DO Rev-C delivers higher data rates and spectral efficiency along with low latency, making it ideal for enriched multimedia services. Revision C supports flexible and dynamic channel bandwidth scalability from 1.25 MHz up to 20 MHz and are backward-compatible with Revisions A and B. Revision C not only increases the peak rates up to 200 Mbps in the downlink but also provides significant gain in sector throughput.

5. CDMA2000 EV-DV

CDMA2000 EV-DV supports up to 3.1 Mbps forward link throughput. One of the advantageous of EV-DV is its ability to give carriers both voice and broadband data on a single channel, using the same legacy digital voice technology operating over current 1x networks.

EV-DV has been commercially unsuccessful due to lack of carrier interest.

6. CDMA2000 3x

CDMA2000 3x is an ITU-approved third-generation (3G) mobile wireless technology. It is also known as Multi-Carrier or MC.

CDMA2000 3x utilizes a pair of 3.75-MHz radio channels (i.e., 3 X 1.25 MHz) to achieve higher data rates. The 3x version of CDMA2000 has not been deployed and is not under development at present.

« Previous PageNext Page »

Blog at