Presentation is loading. Please wait.

Presentation is loading. Please wait.

IN Intelligent Network Basic IN concept & technology

Similar presentations


Presentation on theme: "IN Intelligent Network Basic IN concept & technology"— Presentation transcript:

1 IN Intelligent Network Basic IN concept & technology
Some basic IN services

2 Intelligent Network (IN) Concept
The intelligent network concept: intelligence is taken out of exchanges and placed in computer nodes that are distributed throughout the network. Intelligence => access to various databases This provides the network operator with the means to develop and control services more efficiently. New capabilities can be rapidly introduced into the network. Once introduced, services are easily customized to meet individual customer's needs.

3 Intelligent Network (IN) Concept
Operator implements service logic (IN Service) STP SCP Service Control Point (a network element containing the service logic, a database or register) MAP INAP CAP SSP Exchange Service Switching Point (enables service triggering in an exchange) ISUP

4 IN service subscriber and customer
In a typical IN service scenario, the network operator or a 3rd party service provider implements the service for one or several subscribers, after which customers can use the service. Service subscriber = company offering the service (e.g. the 0800 number that anybody can call) Customers = those who use the service (e.g. those who call the 0800 number) Confusion possible: IN service subscriber  PSTN subscriber

5 Typical call-related IN procedure (1)
3. SCP 2. 4. SSP 1. 5. Exchange Exchange 1. Call routing proceeds up to Exchange 2. Trigger activated in Basic Call State Model at SSP 3. SSP requests information from SCP (database) 4. SCP provides information 5. Call routing continues (routing to next exchange) based on information received from SCP

6 Typical call-related IN procedure (2)
3. SCP 2. 4. SSP 1. 5. Exchange Exchange 2. Trigger activated in Basic Call State Model at SSP Typical triggers: Called number (or part of number) Called user (destination) is busy Called user does not answer in predefined time

7 Typical call-related IN procedure (3)
3. SCP 2. 4. SSP 1. 5. Exchange Exchange 4. SCP provides information Example: Number translation in SCP SSP sends 800 number ( ) SCP translates into ”real” number which is used for routing the call ( ) translation may be based on several variables

8 Examples of how SCP can affect call (1)
Called number SCP Time or date SSP Exchange Destination 1 Destination 2 SCP decides the destination of the call depending on the calling time or date: => Destination 1 => Destination 2

9 Examples of how SCP can affect call (2)
Called number, Calling number SCP SSP Exchange Destination 1 Destination 2 SCP decides the destination of the call depending on the location of calling user: Calling user in southern Finland => Destination 1 Calling user in northern Finland => Destination 2

10 Examples of how SCP can affect call (3)
Called number SCP Network load SSP Exchange Destination 1 Destination 2 SCP decides the destination of the call depending on the traffic load in the network: Traffic load situation 1 => Destination 1 Traffic load situation 2 => Destination 2

11 Additional IN features (1)
SCP SSP Exchange Exchange IP Intelligent Peripheral (IP) can (a) send announcements to the user (usually: calling user) and (b) receive DTMF digits from the user. IP is not a database; connection to exchange not via SS7, instead via digital TDM channels.

12 Additional IN features (2)
SCP SSP Exchange Exchange IP Typical applications: 1) Whenever services need user interaction 2) User authentication

13 User interaction in IN service
Announcement: “for this .. press 1, for that .. press 2” SCP 1. SSP 4. Exchange Exchange 2. IP 3. 1. SCP orders IP to select and send announcement 2. IP sends announcement to calling user 3. User replies by giving DTMF number(s) to IP 4. IP sends number information to SCP in a signalling message

14 User authentication (1)
Announcement: “please press your PIN code ...” SCP 1. SSP 4. Exchange Exchange 2. IP 3. 1. SCP orders IP to select and send announcement 2. IP sends announcement to calling user 3. User gives authentication code (in DTMF form) to IP 4. IP sends authentication code to SCP in a signalling message

15 User authentication (2)
Display message: “please press your PIN code ...” SCP 1. SSP 3. 1. Exchange IP 2. When connected to the network via a digital subscriber line, the calling user can be notified with a digital message (“please press your PIN code ...”) instead of having to use the corresponding voice announcement.

16 IN services A large number of IN services can be implemented by combining different “building blocks”: Called number translation (at SCP) Routing decision based on calling number, time, date, called user busy, called user alerting timeout, network load ... Announcements (from IP) or user notification (<= ISDN user signalling) DTMF number reception (at IP) and analysis (at SCP) Customised charging (at exchanges)

17 IN service examples “Traditional” IN services:
- Freephone / customised charging schemes - Virtual Privat Network (VPN) - Number portability - Televoting “IN” in mobile networks: - Mobility management (HLR, VLR = databases) - Security management (Authentication ...) - Additional IN services in mobile networks => CAMEL (Customised Applications for Mobile networks Enhanced Logic)

18 Freephone (800) service User calls SSP sends this number to SCP which after number analysis sends back to SSP the real destination address ( ) and call can be routed to the destination. Called party is charged. 3. SCP 2. 4. SSP 1. 5. Exchange Destination Charging: Destination (service subscriber) pays the bill

19 Premium rate service User calls SSP sends this number to SCP which after number analysis sends back to SSP the real destination address ( ) and call can be routed to the destination. Calling party is charged. 3. SCP 2. 4. SSP 1. 5. Exchange Destination Charging: Calling user (customer) pays the (usually rather expensive) bill. Both service subscriber and service provider or network operator make profit!

20 Virtual private network (VPN) service
A VPN provides corporate customers with a private number plan within the PSTN. The customer dials a private (short) number instead of the complete public number in order to contact another user within the VPN. User authentication is usually required. Number translation: 1212 => SCP SSP Customised charging Exchange Destination IP User authentication

21 Screening of incoming calls
This is an example of an IN service related to the call destination end. Alert called user only if calling number is or , otherwise do something else (e.g. reject call or redirect call to another destination). Calling number = or : Accept All other calling numbers: Reject or redirect SCP SSP Exchange Called user Local exchange of called user

22 Mobile terminated call (MTC)
By far the most important "IN service" is mobility management during a mobile terminated call (MTC), which means finding out under which exchange or mobile switching center (MSC) a mobile user is roaming, so that the call can be routed to this exchange. More about this later. 2. HLR 3. 4. 5. VLR 1. 6. 7. GMSC Serving MSC

23 More about IN and IN services…
The link provides some examples in Section 10 (AIN Service Creation Examples), for instance: Example of service creation template:

24 Public Land Mobile Network (official name for mobile network)
PLMN Public Land Mobile Network (official name for mobile network) Circuit-switched (CS) core network (radio access network is not part of this course) Basic concepts and network elements Mobility management in PLMN

25 Cellular concept A cellular network contains a large number of cells with a base station (BS) at the center of each cell to which mobile stations (MS) are connected during a call. If a connected MS (MS in call phase) moves between two cells, the call is not dropped. Instead, the network performs a handover (USA: handoff). BS BS MS BS BS

26 Mobility concept A cellular network is divided into location areas (LA), each containing a certain number of cells. As long as an idle MS (idle = switched on) moves within a location area, it can be reached through paging. Location Area 1 Location Area 2 If an idle MS moves between two location areas, it cannot be reached before it performs location updating. Location Area 3

27 Architecture of a mobile network
CS core network GSM BSS MSC GMSC PSTN VLR HLR MS AuC EIR 3G RAN Internet PS core network

28 Serving MSC CS core network GSM BSS MSC GMSC VLR HLR
PSTN VLR HLR The serving mobile switching center (MSC) is the mobile counterpart to the local exchange in the PSTN. This is the MSC that is currently serving a mobile user. AuC EIR 3G RAN Internet PS core network

29 VLR CS core network GSM BSS MSC GMSC VLR HLR
PSTN VLR HLR The visitor location register stores temporary information on mobile users roaming in a location area under the control of the MSC/VLR. AuC EIR 3G RAN Internet PS core network

30 Gateway MSC CS core network GSM BSS MSC GMSC VLR
PSTN VLR The gateway MSC (located in the home PLMN of a mobile user) is the first contact point in the mobile network when there is an incoming call to the mobile user. HLR AuC EIR 3G RAN Internet PS core network

31 HLR CS core network GSM BSS MSC GMSC VLR HLR
PSTN VLR HLR The home location register stores information on mobile users belonging to this mobile network (e.g. subscription data and present VLR under which the mobile user is roaming). AuC EIR 3G RAN Internet PS core network

32 AuC CS core network GSM BSS MSC GMSC VLR HLR
PSTN VLR HLR The authentication center safely stores authentication keys (Ki) of mobile subscribers belonging to this mobile network. AuC EIR 3G RAN Internet PS core network

33 EIR CS core network GSM BSS MSC GMSC VLR HLR
PSTN VLR HLR The equipment identity register stores information on stolen handsets (not stolen SIMs). AuC EIR 3G RAN Internet PS core network

34 SIM CS core network GSM BSS MSC GMSC VLR SIM HLR
PSTN VLR SIM HLR Important mobile user information is stored in the subscriber identity module within the handset. AuC EIR 3G RAN Internet PS core network

35 CS core network CS core network GSM BSS MSC GMSC
The CS core network architecture is basically the same in 2G (GSM) and 3G mobile networks. In North America, IS-MAP signalling is used instead of GSM-MAP signalling. Europe: GSM core network N. America: ANSI-41 core network PSTN VLR HLR AuC EIR 3G RAN Internet PS core network

36 Basic functions in a mobile network
Radio Resource Management (RRM) Number refers to following slides in the the slide set 1 Random access and channel reservation Handover management Ciphering (encryption) over radio interface Mobility Management (MM) IMSI/GPRS Attach (switch on) and Detach (switch off) Location updating (MS moves to other Location Area) Authentication 3 2 Call Control (CC) MOC, MTC 4 Session Management (SM) PDP Context Later lecture

37 Range of functions RRM CS core network CC GSM BSS or 3G RAN MM SM
PS core network

38 Random access in a mobile network
1 Communication between MS and network is not possible before going through a procedure called random access. Random access must consequently be used in: Network-originated activity paging, e.g. for a mobile terminated call (MTC) MS-originated activity IMSI attach, IMSI detatch GPRS attach, GPRS detach location updating mobile originated call (MOC) SMS (short message service) message transfer

39 Random access in action (GSM)
1 1. MS sends a short access burst over the Random Access CHannel (RACH) in uplink using Slotted Aloha (in case of collision => retransmission after random time) 2. After detecting the access burst, the network returns an ”immediate assignment” message which includes the following information: - allocated physical channel (frequency, time slot) in which the assigned signalling channel is located - timing advance (for correct time slot alignment) 3. The MS now sends a message on the dedicated signalling channel assigned by the network, indicating the reason for performing random access.

40 Multiplexing vs. multiple access
In downlink, multiplexing (e.g. TDM) Network decides channel… In uplink, multiple access (e.g. TDMA) Network decides channel also in this case Multiple access is always associated with random access. MS requests signalling channel, and network decides which channel (e.g. time slot) will be used.

41 Security measures in a mobile network
1) PIN code (local authentication of handset => local security measure, network is not involved) 2) Authentication (performed by network) 3) Ciphering of information sent over air interface 4) Usage of TMSI (instead of IMSI) over air interface IMSI = International Mobile Subscriber Identity (globally unique identity) TMSI = Temporary Mobile Subscriber Identity (local and temporary identity)

42 Basic principle of authentication
2 SIM (in handset) Air interface Network (algorithm running in AuC) Challenge RAND Random number Response Algorithm Algorithm SRESS Authentication key Authentication key Ki Ki SRESA The same? If yes, authentication is successful

43 Where does the algorithm run?
2 Algorithm for calculating SRES runs within SIM (user side) and AuC (network side). The authentication key (Ki) is stored safely in SIM and AuC, and remains there during authentication. The two SRES values are compared in the VLR. Air interface RAND SIM AuC SRESS SRESA VLR Ki Ki

44 Algorithm considerations
2 Using output and one or more inputs, it is in practice not possible to calculate “backwards” other input(s), “brute force approach”, “extensive search” Key length in bits (N) is important (in case of brute force approach 2N calculation attempts may be needed) Strength of algorithm is that it is secret => bad idea! “Security through obscurity” Better: open algorithm can be tested by engineering community (security through strong algorithm)

45 Case study: Location updating (1)
3 (Most generic scenario, see van Bosse for details) MSC IMSI TMSI LAI 1 SIM VLR 1 (in broadcast messages) IMSI LAI 1 TMSI HLR MSC IMSI LAI 1 VLR 2 Most recently allocated TMSI and last visited LAI (Location Area ID) are stored in SIM even after switch-off. After switch-on, MS monitors LAI. If stored and monitored LAI values are the same, no location updating is needed.

46 (in broadcast messages)
Location updating (2) 3 MSC IMSI TMSI (in broadcast messages) SIM VLR 1 LAI 2 IMSI LAI 1 TMSI HLR MSC IMSI LAI 1 VLR 2 MS has moved from a cell belonging to VLR 1 to another cell belonging to VLR 2. MS notices that the LAI values are different => location update is required!

47 Location updating (3) 3 MSC IMSI TMSI SIM VLR 1 LAI 1, TMSI IMSI LAI 1 TMSI HLR MSC IMSI LAI 1 VLR 2 No TMSI - IMSI context! SIM sends old LAI (i.e., LAI 1) and TMSI to VLR 2. VLR 2 does not recognize TMSI since there is no TMSI-IMSI context. Who is this user?

48 Location updating (4) 3 Address: LAI 1 MSC IMSI TMSI SIM VLR 1 IMSI LAI 1 TMSI IMSI HLR MSC IMSI LAI 1 IMSI TMSI VLR 2 However, VLR 2 can contact VLR 1 (address: LAI 1) and request IMSI. IMSI is sent to VLR 2. There is now a TMSI-IMSI context.

49 Location updating (5) 3 MSC IMSI TMSI SIM VLR 1 IMSI LAI 1 TMSI HLR IMSI TMSI MSC IMSI LAI 1 LAI 2 VLR 2 LAI 2 Important: HLR must be updated (new LAI). If this is not done, incoming calls can not be routed to new MSC/VLR. HLR also requests VLR 1 to remove old user data.

50 Location updating (6) 3 MSC SIM VLR 1 IMSI LAI 1 TMSI LAI 2 TMSI HLR MSC LAI 2 TMSI IMSI TMSI TMSI IMSI LAI 2 VLR 2 VLR 2 generates new TMSI and sends this to user. User stores new LAI and TMSI safely in SIM. Location updating was successful!

51 Trade-off when choosing LA size
3 If LA size is very large (e.g. whole mobile network) location updating not needed very often paging load is very heavy If LA size is very small (e.g. single cell) small paging load location updating must be done very often + High paging channel capacity required + Affects signalling load

52 Role of TMSI CC or MM transaction UsesTMSI MS Network Random access
Authentication IMSI is not sent over air interface if not absolutely necessary! Start ciphering CC or MM transaction IMSI detach New TMSI allocated by network New TMSI stored in SIM

53 Mobile network identifiers (1)
E.164 numbering format MSISDN = CC NDC SN Globally unique number CC = Country Code (1-3 digits) NDC = National Destination Code (1-3 digits) SN = Subscriber Number Mobile station ISDN (MSISDN) numbers are based on the ITU-T E.164 numbering plan and can therefore be used for routing a circuit-switched call. When the calling (PSTN or PLMN) user dials an MSISDN number, the call is routed to the gateway MSC (GMSC) located in the home network of the called (mobile) user.

54 Mobile network identifiers (2)
E.164 numbering format MSRN = CC NDC TN Temporarily allocated number CC = Country Code (1-3 digits) NDC = National Destination Code (1-3 digits) TN = Temporary Number Mobile station roaming numbers (MSRN) are also based on the ITU-T E.164 numbering plan and can therefore be used for routing a circuit-switched call. The MSRN is selected by the MSC/VLR serving the called (mobile) user, sent to the GMSC, and used for routing the call from the GMSC to the serving MSC.

55 Mobile network identifiers (3)
E.212 numbering format IMSI = MCC MNC MSIN Globally unique number MCC = Mobile Country Code (3 digits) MNC = Mobile Network Code (2 digits) MSIN = Mobile Subscriber Identity Number (10 digits) The international mobile station identity (IMSI) is based on the ITU-T E.212 numbering plan and cannot be used for routing a circuit-switched call (exchanges or switching centers do not understand such numbers). The IMSI is stored in the HLR and SIM of the mobile user.

56 Mobile network identifiers (4)
E.212 numbering format LAI = MCC MNC LAC Globally unique number MCC = Mobile Country Code (3 digits) MNC = Mobile Network Code (2 digits) LAC = Location Area Code (10 digits) The location area identity (LAI) points to a location area belonging to a certain MSC/VLR. This identity must be stored in the HLR so that mobile terminated calls can be routed to the correct serving MSC/VLR. IMEI ≈ ”Serial number of handset” (not SIM)

57 Case study: Mobile terminated call (1)
4 (see van Bosse for details) Using the MSISDN number (dialled by the calling user located in the PSTN or the PLMN of another operator) and standard SS7/ISUP signalling, the call is routed to the GMSC in the home network of the called mobile user. 2. HLR 3. 4. 4. VLR 1. 5. 6. GMSC Serving MSC

58 Mobile terminated call (2)
4 The GMSC contacts the HLR of the called mobile user. The SS7/MAP signalling message contains the MSISDN number which points to the mobile user record (containing IMSI, LAI where user is roaming, etc.) in the HLR database. 2. HLR 3. 4. 4. VLR 1. 5. 6. GMSC Serving MSC

59 Mobile terminated call (3)
4 Using global title translation (GTT), the HLR translates the IMSI and LAI information into the signalling point code of the serving MSC/VLR. The HLR sends SS7/MAP request “Provide roaming number” (i.e. MSRN) to the VLR. 2. HLR 3. 4. 4. VLR 1. 5. 6. GMSC Serving MSC

60 Mobile terminated call (4)
The VLR selects a temporary MSRN. Note that there must be binding between MSRN and IMSI in the VLR. The VLR sends the MSRN to the GMSC (using SS7/MAP signalling). 2. HLR 3. MSRN  IMSI 4. 4. VLR 1. 5. 6. GMSC Serving MSC

61 Mobile terminated call (5)
4 Using the MSRN number and standard SS7/ISUP signalling, the call is routed to the serving MSC. Although not shown in the figure, there may be intermediate switching centers (serving MSC/VLR may be located at the other end of the world). 2. HLR 3. 4. 4. VLR 1. 5. 6. GMSC Serving MSC

62 Mobile terminated call (6)
4 MSC/VLR starts paging within the location area (LA) in which the called mobile user is located, using TMSI for identification. Only the mobile user with the corresponding TMSI responds to the paging via the random access channel (RACH). 2. HLR 3. MSRN  IMSI IMSI  TMSI 4. 4. VLR 1. 5. 6. GMSC Serving MSC


Download ppt "IN Intelligent Network Basic IN concept & technology"

Similar presentations


Ads by Google