Mobility Management Flow in

CS Domain
MM layer in CS domain
Mobility management service
Location update
IMSI Attach/Detach
Normal Location Update
Periodical Location Update
Security management
Authentication
Identification
TMSI Reallocation
MSC/VLR HLR
Update Location
request
Update location
VLR mark the
status as
attach Switch on
IMSI detach
indication
Switch off VLR mark the
status as
Detach
IMSI Attach/Detach
VLR record the switch on/off status of MS
Location Update
LAC variety belongs to the same MSCS
No need to interact with HLR
LAC variety belongs to the different MSCS
need to announce HLR
UTRAN MSC/VLR HLR
Update_Location_Area_Req
Authenticate
Encrypt
TMSI reallocation
Update_Location_Area_Ack
Processing flow without the need of location
update to HLR
UTRAN MSC/VLR HLR
Update_Location_Area_Req
Update_Location_Area_Ack
Old
MSC/VLR
Update_Location
Cancel_Location
Cancel_Location_Ack
Insert_Subscriber _Data
Insert_Subscriber _Data_Ack
Update_Location_Area_Ack
Processing flow needing location update
initiation to the HLR
Periodical registration (update location)
What is periodical update location?
Why we need periodical update location?
Signal flow is same to common update location
If the subscriber doesnt have any operation, the
system administrator will delete the recorder of
this subscriber in VLR by using Purge message,
and VLR will report it to HLR.
Authentication features
Authentication five element group
RAND (Random number)
XRES (Expected signed responses)
CK (Ciphering Key)
IK (Integrity Key)
AUTN (Authentication token)
Authenticate each otheruser network
Add integrality protection
Realizing Authentication and integrality protection
in RNC
Random generator
Algorithm
?
Algorithm
MS
Network
SRES
RAND
SRES
Ki
Ki
Basic Principle of Authentication Procedure
Authentication Procedure
Step 1: Calculate and
verify whether
XMAC_A=MAC_A
based on Ki and
AUTN. Verify whether
SQN is in the correct
range.
Step 2: Calculate
XRES, CK and IK.
Transmit the XRES to
the VLR/SGSN
Step 1: Generate
authentication
vectors (RAND,
AUTN, RES, CK
and IK) based on
Ki, SQN and
AMF parameters.
Step 2: Transmit
the generated
authentication
parameter set to
the VLR/SGSN.
MS VLR/SGSN HLR/AUC
SendAuthInfoReq
SendAuthInfoRsp
AuthReq
AuthRsp

Step 1: Transmit
RAND and AUTN
to the MS.
Step 2: Compare
the response
numbers to see
whether
XRES=RES.
K K
SQN
RAND
AMF
CK IK MAC-A XRES
f
3
f
4
f
1
f
2
AK
f
5
SQN

AK
xor
K
AUTN = SQN [

AK] || AMF || MAC-A

Q = (RAND, XRES, CK, IK, AUTN)
Authentication Vector Generation in AUC
K K
SQN
RAND
AMF
CK IK XMAC-A RES
f
3
f
4
f
1
f
2
AK
f
5
SQN

AK
xor
K
Authentication Vector Generation in USIM
UTRAN MSC/VLR
TMSI_Reallocate_Cmd
TMSI_Reallocate_Cfm
TMSI reallocation
Adopting TMSI instead IMSI to transport on radio
channel
TMSI only available in VLR area