Beruflich Dokumente
Kultur Dokumente
ISSUE 2.0
CONTENT
GSM Security Management GSM Basic Call Sequence Location Update Sequence SMS Sequence Handover Sequence
2
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Authentication
Authentication may be executed during setup, location updating and supplementary services
4
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Authentication Sequence
HLR/AUC AUC
IMSI(m) IMSI(n)
RAND GENERATOR KI M) KI N) KI(IMSI)
HLR VLR
AUTH REQ
SIM
KC
A8 A3 KC
A5 KC(M)+KC (MS/BSS) M
KI(IMSI)
(MS/BSS)
RAND
1 2
TEMP DATA
A8 A3 KC
BSS
RAND 16byte KI 16byte kc 8byte SERS 4byte CKSN low 3bits of 1byte
5
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
6
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
< SDCCH>
RAND
7
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
< SDCCH>
RAND
<SDCCH> (SRES)
8
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
< SDCCH>
RAND
<SDCCH> (SRES)
9
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
2 Authenticate Authentication Request 3 Authenticate Response 4 Start Ciphering 5 Cipher Mode Command Cipher Mode Complete
< SDCCH>
RAND
<SDCCH> (SRES)
10
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
TMSI Reallocation
VLR
(TMSI)
11
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Equipment Identification
MS
1 Equipment ID Request
BSS
MSC
VLR
<SDCCH>
12
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Equipment Identification
MS
1 Equipment ID Request 2 ID Response
BSS
MSC
VLR
<SDCCH>
<SDCCH> IMEI)
13
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Equipment Identification
MS
1 Equipment ID Request 2 ID Response
BSS
MSC
VLR
<SDCCH>
<SDCCH> IMEI)
14
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
The process for calling MS and called MS are two independent flow. The calling party begins with channel request and ends with TCH assignment competition. In general, the calling party includes following several stages: access process, authentication and ciphering process, TCH assignment process. So, we take the sequence from mobile to land as example, in this sequence, we mainly devote to the calling party.
16
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
PSTN
<RACH> <AGCH>
17
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
PSTN
<RACH> <AGCH>
CR CC
18
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
PSTN
<RACH> <AGCH>
CR CC
19
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
PSTN
<RACH> <AGCH>
<SDCCH> 2 REQ. FOR SERVICE 3 AUTHENTICATION SET Cipher MODE 4 SET-UP <SDCCH> Call Info
CR CC
SFOC
20
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
PSTN
<RACH> <AGCH>
<SDCCH> 2 REQ. FOR SERVICE 3 AUTHENTICATION SET Cipher MODE 4 SET-UP 5 EQUIP. ID REQ. <SDCCH> Call Info
CR CC
SFOC
21
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
PSTN
<RACH> <AGCH>
<SDCCH> 2 REQ. FOR SERVICE 3 AUTHENTICATION SET Cipher MODE 4 SET-UP 5 EQUIP. ID REQ. 6 COMPLETE CALL CALL PROCEEDING
Confidential Information of Huawei. No Spreading without Permission.
CR CC
SFOC
<SDCCH>
22
Security Level: Internal
MS
7 ASSIG. COMMAND ASSIG. COMPLETE
BSS
MSC
VLR
HLR
PSTN
23
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MS
7 ASSIG. COMMAND ASSIG. COMPLETE Initial and Final Address 8 Message (IFAM) Address Complete(ACM) Alerting
BSS
24
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
PSTN
<SDCCH>
25
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MS
7 ASSIG. COMMAND ASSIG. COMPLETE Initial and Final Address 8 Message (IFAM) Address Complete(ACM) Alerting
BSS
9 Answer (ANS)Connect <FACCH> Ring tone stops 10 Connect Acknowledge <FACCH> <TCH>
26
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BILLING STARTS
HELLO!
Question
27
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Answer
MS
1 CHANNEL REQUEST DCCH ASSIGN
SIGNALING LINK ESTABLISHED
BSS
MSC
VLR
HLR
PSTN
<RACH> <AGCH>
<SDCCH> 2 REQ. FOR SERVICE 3 AUTHENTICATION SET Cipher MODE 4 SET-UP 5 EQUIP. ID REQ. 6 COMPLETE CALL CALL PROCEEDING
Confidential Information of Huawei. No Spreading without Permission.
CR CC
SFOC
Call Barred
<SDCCH>
28
Security Level: Internal
For the called party, the flow for the called party begins when MSC sends paging command to the called party, ends when two party start talk. In general, this call flow includes several stages: access process, authentication and ciphering process, TCH assignment process, talk process, release process.
29
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
GMSC
PSTN
(MSISDN)
30
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
GMSC
PSTN
(MSISDN) (MSISDN)
31
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MS
Initial and Final 1 Address Message 2 Send Routing Info
BSS
MSC
VLR
HLR
GMSC
(MSISDN) (MSISDN)
(IMSI) 3 Routing Info Ack Initial and Final Address Message (MSRN) (MSRN)
(MSRN)
32
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MS
Initial and Final 1 Address Message 2 Send Routing Info
BSS
MSC
VLR
HLR
GMSC
(MSISDN) (MSISDN)
(IMSI) 3 Routing Info Ack Initial and Final Address Message (MSRN) (MSRN) 4 Send Info For I/C Call Setup
(MSRN)
(MSRN)
33
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
GMSC
PSTN
(MSISDN) (MSISDN)
(MSRN)
(MSRN)
MS
6 Channel Request DCCH Assign Signaling Link Established Page Response *Authentication
BSS
<AGCH>
MSC
VLR
HLR
GMSC
PSTN
<RACH>
CR
(Status)
35
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLR
HLR
GMSC
PSTN
<RACH>
CR
(Status)
<TMSI> <SDCCH>
36
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLR
HLR
GMSC
PSTN
<RACH>
CR
(Status)
8 Call Confirmation
MS
9 Assignment Command Assignment Complete Alert Address Complete
BSS
MSC
VLR
HLR
GMSC
(circuit)
38
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
GMSC
PSTN
(circuit)
Subscriber picks up
Connect ACK ANS < FACCH>
Questions
Please give the sequence: 1.The called MS is powered off. 2.The called MS activates the CFU to a PSTN No. 3.The called MS has been barred all incoming call. 4.The Called MS are not known at HLR
40
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Answers
1. The called MS is powered off
MS
Initial and Final 1 Address Message 2 Send Routing Info ( IMSI) 3 Routing Info Ack
BSS
MSC
VLR
HLR
GMSC
PSTN
( MSISDN)
( MSISDN)
Subscriber Absent The Land hears the announcement of mobile is powered off
41
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Answers
2. The called MS activates the CFU to a PSTN No.
MS
Initial and Final 1 Address Message 2 Send Routing Info
BSS
MSC
VLR
HLR
GMSC
PSTN
(MSISDN)
(MSISDN)
CFN 4 IFAM
42
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Answers
3. The called MS has been barred all incoming call.
MS
Initial and Final 1 Address Message 2 Send Routing Info (MSISDN) 3 Routing Info Ack
BSS
MSC
VLR
HLR
GMSC
PSTN
(MSISDN)
Call Barred
43
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Answers
4. The Called MS are not known at HLR
MS
Initial and Final 1 Address Message 2 Send Routing Info (MSISDN) 3 Routing Info Ack
BSS
MSC
VLR
HLR
GMSC
PSTN
(MSISDN)
Unknown Subscriber
44
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MS
1 Disconnect PSTN Release Mobile Release
BSS
MSC
VLR
HLR
PSTN
45
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MS
1 Disconnect PSTN Release Mobile Release 2 PSTN Release Complete Mobile Release Complete
MS-MSC Signalling Released
BSS
MSC
VLR
HLR
PSTN
< FACCH>
46
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MS
1 Disconnect PSTN Release Mobile Release 2 PSTN Release Complete Mobile Release Complete
MS-MSC Signalling Released
BSS
MSC
VLR
HLR
PSTN
< FACCH>
47
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MS
4 DISC UA Clear Complete
BSS
MSC
VLR
HLR
PSTN
<FACCH> <FACCH>
48
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MS
4 DISC UA Clear Complete 5 RLSD Release Complete
BSS
MSC
VLR
HLR
PSTN
<FACCH> <FACCH>
49
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
to
50
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
51
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
52
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
53
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
54
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
55
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
56
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLR
HLR
57
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLR
HLR
Only sent to HLR if this is the first time the MS has Location Updated in this VLR
<RACH>
<SDCCH>
<SDCCH> <SDCCH>
58
Security Level: Internal
59
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLRn
HLR VLRo
<RACH>
60
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLRn
HLR VLRo
<RACH>
61
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLRn
HLR VLRo
<RACH>
.
62
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLRn
HLR VLRo
<RACH>
63
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLRn
HLR
VLRo
<RACH>
BSS
MSC
VLRn
HLR
VLRo
65
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLRn
HLR
VLRo
66
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLRn
HLR
VLRo
<RACH>
67
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLRn
HLR VLRo
<RACH>
68
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLRn
HLR VLRo
<RACH>
.
69
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
<AGCH>
MSC
VLRn
HLR VLRo
<RACH>
4 Location Update Request Insert Subscriber Data Insert Subscriber Data Ack Location Update accept
70
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLRn
HLR
VLRo
71
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLRn
HLR
VLRo
72
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
BSS
MSC
VLRn
HLR
VLRo
73
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MO SMS Transfer
MS
1 CHANNEL REQUEST DCCH ASSIGN SIGNALING LINK ESTABLISHED
BSS
MSC
VLR
Interworking MSC
SC
<RACH> <AGCH>
74
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MO SMS Transfer
MS
1 CHANNEL REQUEST DCCH ASSIGN SIGNALING LINK ESTABLISHED 2 REQ. FOR SERVICE <SDCCH> CR CC
BSS
MSC
VLR
Interworking MSC
SC
<RACH> <AGCH>
75
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MO SMS Transfer
MS
1 CHANNEL REQUEST DCCH ASSIGN SIGNALING LINK ESTABLISHED 2 REQ. FOR SERVICE <SDCCH> CR CC 3 AUTHENTICATION SET Cipher MODE
BSS
MSC
VLR
Interworking MSC
SC
<RACH> <AGCH>
76
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MO SMS Transfer
MS
1 CHANNEL REQUEST DCCH ASSIGN SIGNALING LINK ESTABLISHED 2 REQ. FOR SERVICE <SDCCH> CR CC
BSS
MSC
VLR
Interworking MSC
SC
<RACH> <AGCH>
MO SMS Transfer
MS
5 MO_Forward_SM Short_Message Short_Message_Ack MO_Forward_SM_Ack
BSS
MSC
VLR
Interworking MSC
SC
(SC_No.)
78
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MO SMS Transfer
MS
5 MO_Forward_SM Short_Message Short_Message_Ack MO_Forward_SM_Ack
BSS
MSC
VLR
Interworking MSC
SC
(SC_No.)
79
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MT SMS Transfer
80
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
VLR
HLR
Gateway MSC
SC
81
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
VLR
HLR
Gateway MSC
SC
82
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
VLR
HLR
Gateway MSC
SC
83
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Servicing MSC
VLR
HLR
Gateway MSC
SC
84
VLR
HLR
Gateway MSC
SC
85
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MS
1 Short Message SRI_For_SM SRI_For_SM_Ack MT_Forward_SM MT_Forward_SM (The More message To Send Flag is True) 2 SIF_MT_SMS Page Paging Request
VLR
HLR
Gateway MSC
SC
86
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
VLR
HLR
Gateway MSC
SC
VLR
HLR
Gateway MSC
SC
88
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
VLR
HLR
Gateway MSC
SC
89
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Question
What is the sequence when the originating subscriber sets the wrong SC No. in the mobile station.
90
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Answer
MS
MO_Forward_SM Short_Message Short_Message_Ack
Illegal Subscriber
BSS
MSC
VLR
Interworking MSC
SC
(SC_No.)
MO_Forward_SM_Ack
Illegal Subscriber
91
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Handover Sequence
92
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
oBSS
nBSS
MSC
93
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
oBSS
nBSS
MSC
94
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
oBSS
nBSS
MSC
95
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
oBSS
nBSS
MSC
96
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
oBSS
nBSS
MSC
97
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
oBSS
nBSS
MSC
98
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
oBSS
nBSS
MSC
99
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
oBSS
nBSS
MSC
100
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
oBSS
<SACCH>
nBSS
MSC
<SACCH>
101
Security Level: Internal
102
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MSCB
VLRB
MSCB
VLRB
104
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MSCB
VLRB
105
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MSCB
VLRB
MSCB
VLRB
MSCB
VLRB
MSC/VLRB
109
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MSC/VLRB
110
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
MSC/VLRB
HLRA
MSC/VLRB
HLRA
MSC/VLRB
HLRA
MSC/VLRB
HLRA
MSC/VLRB
MSC/VLRC
MSC/VLRB
MSC/VLRC
MSC/VLRB
MSC/VLRC
MSC/VLRB
MSC/VLRC
Summary
1. GSM Security Mangement 2. GSM Basic Call Sequence 3. Location UpdateSequence 4. SMS Sequence 5. HandoverSequence
119
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
120
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal