Fraud Forum Webinar

LTE Demystified
Prepared by Henry Hayter

Document Number

FR Doc 31_01

Meeting Date

9 Jan 2012

Meeting Venue

Conference call & webinar

For Approval
For Information

Version

1.0

Security Classification

Confidential to GSMA Full,

Associate, Rapporteurs & Parent
Group Members

Confidential Information
GSMA 2011
All GSMA meetings are conducted in full compliance with the GSMAs anti-trust compliance policy

Agenda / Contents

Confidential

Why LTE?
Overview of LTE
Key New Terms
LTE and 3G/GPRS a comparison
LTE Mobile Operation
Sampled LTE Roaming Scenarios
LTE Roaming Considerations for Operators
Questions and Answers

Why LTE?
Terabytes per Month (Millions)
6.3

3.8

Soaring Mobile Data

2.2
1.2
0.6
0.24
2010

2011

2012

2013

Source: Cisco VNI Mobile, 2011

Confidential

2014

2015

The Mobile Operators Challenge

Need to meet user traffic demand at profitable level
Consumer demand continues to grow
New Business
Models

Traffic
User Paid
Revenues

Non-user
Paid
Revenue
Total Cost of
Ownership

2000-2005
Confidential

2005-2010

2010-2015
4

Projections flat or even decline

Efficient network
and operations

Existing and New Business Model Enablement

IMS Services

Over-the-Top

Machine-to-Machine

Voice
SMS

eNode
B

RCS

PGW

SGW

PCRF

MME

LTE (4G)

Confidential

HSS

Evolved Packet Core

Overview of LTE improvements

Confidential

New and improved radio interface (OFDMA)

Newer, flatter, all-IP architecture (EPC)
More control over subscribers QoE

Key New Terms for LTE networks

Term
EPC

Definition
Evolved Packet Core Evolution of the 2G/3G packet core networks to an all-IP based core

E-UTRAN

Evolved Universal Terrestrial Radio Access Network the 4G LTE wireless network

HSS

Home Subscriber Server database of subscriber profiles (similar to HLR in GSM)

MME

Mobility Management Entity key control-node for LTE that can support monitoring of idle UE,
authentication with HSS, select the S-GW, and bearer activation/de-activation

PCRF

Policy and Charging Rules Function supports the creation of rules around subscribers
network usage (V PCRF is in the visited network, H PCRF is the home network)

PDN

Packet Data Network external IP network such as the public Internet or private IP network

P-GW

PDN Gateway - provides connectivity from UE to external packet data networks, performs
policy enforcement and packet screening

S-GW

Serving Gateway - provides routing and forwarding between E-UTRAN and PDN

UE
Confidential

User Equipment handsets, tablets, PCs, etc. that connect to the wireless network
7

LTE and GPRS networks a comparison

Packet Core
BTS

BSC

GPRS, EDGE (2.x G)

Node
B

RNC

HLR

SGSN

GGSN

Internet
Intranet

UMTS, HSxPA (3.x G)

eNode
B

PGW

SGW

PCRF

MME

LTE (4G)

Confidential

HSS

Evolved Packet Core

LTE Mobile Phases

Setup Phase

Data Transfer

Authentication
Mobility Management
Subscriber Data
Quota Mgmt
Bandwidth Mgmt
Charging
MME

Confidential

HSS

SGW

PGW

PCRF

Introduction to LTE Roaming network view

LTE Roaming network traffic is separated into categories

Signaling (S6a, S9)

User Data or Bearer (S8)

2 types of Roaming in LTE defined by 3GPP; Home Routed and Local

Breakout

Confidential

Home Routed - the traffic from the UE is sent to the home EPC (network)
Local Breakout - the traffic from the UE is serviced by the visited EPC (network)

10

Interfaces for LTE networks

Interface

Function

Gx

Provides transfer of policy (QoS) and charging rules from PCRF to P-GW

Gxc

Serves similar function as Gx when PMIP is used rather than GTP

S1-u

Defines the user plane between the E-UTRAN and S-GW

S1-MME

Used for signaling between the E-UTRAN and MME

S6a

Enables transfer of subscription and authentication data between MME and HSS

S6d

Enables transfer of subscription and authentication data between SGSN and HSS

S8

Provides user plane and control plane between the S-GW and the P-GW (bearer between
home and visited networks)

S9

Transfers (QoS) policy and charging control information between HPCRF and VPCRF (in
support of local breakout)

S11

Used by MME to control path switching and bearer establishment in S-GW

Sgi

Used to connect the P-GW to the PDN

Confidential

11

TNS Confidential

11

Diagram - LTE+LTE Home Routed

VPMN

Evolved Packet Core

SGW

PCRF

eNode
B
LTE (4G)

MME
PGW
HSS

IPX

IPX

Mobility Management

HPMN
Policy Information

HSS

eNode
B

SGW

LTE (4G)
User (Bearer) Data
Confidential

PGW

MME

12

Evolved Packet Core

PCRF

Diagram - LTE+LTE Local Breakout

VPMN

Evolved Packet Core

SGW

PCRF

eNode
B
LTE (4G)

MME
PGW
HSS

IPX

IPX

Mobility Management

HPMN
HSS
Policy Information

eNode
B

SGW

LTE (4G)
User (Bearer) Data
Confidential

PGW

MME

13

Evolved Packet Core

PCRF

LTE Roaming NRTRDE Support

LTE is already supported by NRTRDE, using GPRS record types

NRTRDE for GPRS is not mandatory by default

P-GW is populated in the GGSN address field

S-GW is populated in the SGSN address field
Refer to TD.35 for complete information

Your obligations for GPRS depend on your roaming agreements

VoLTE is not supported by NRTRDE

3GPP has approved a CR to make the IMSI available from S-CSF

Confidential

(Rel 8+)

All roaming records available at the HPMN

14

LTE Different Fraud Considerations

Will airtime frauds become comparatively insignificant?

Probably, except in VoLTE

Focus on potential high impact frauds e.g. involving financial

services

M-Banking, M-Commerce

Execution of fraud via Hacking and Malware

Motives may change:

Confidential

Financial gain is commonly the primary motive

But Hacking and Malware may be motivated by glory hunters
Be careful not to focus on analysis solely by value

Fraud analysis required at bearer level and service level

15

Questions?

Confidential

16