Bluetooth

The main concept behind Bluetooth Technology was unifying the telecom and computing industries

Why Bluetooth
Various problems with IrDa (Infrared Data Association ) interface Limited range (abt 2 m) The need of line-of-sight between interface Usually limited to two participants, only point-to-point connections are supported It does not have internet working function, has no media access, or any other enhanced communication mechanism Only advantage is low cost and can be found in any mobile device

Bluetooth

Bluetooth is under the category of Wireless Personal Area Network (WPAN).

Bluetooth enabled chips can easily transfer data at a speed of about 1 Mbps in basic mode within 50 m (150 feet) range

Bluetooth radio is built into a small microchip & operates in a globally available frequency band ensuring interoperability worldwide

It uses the unlicensed 2.4 GHz ISM (Industrial Scientific and Medical) frequency band.

There are 79 available Bluetooth channels

Bluetooth

Bluetooth

The Bluetooth standard is managed and maintained by Bluetooth Special Interest Group (www.bluetooth.com)

IEEE standard for bluetooth is 802.15.1a Power level 1mW 100mW suitable for short device zone to personal area networks within a home

It supports unicast (point-to-point) and multicast (point-to multipoint) connections

Uses concept of master slave protocol In master-slave protocol, a device cant talk when desire but has to wait until master allows them to talk

Bluetooth

The master and slaves together form a Piconet Piconet : Collection of bluetooth devices which are synchronized to the same hopping frequency

Bluetooth

One device in the piconet can acts as master (M), all other devices connected to the master must acts as slaves(S)

Master determines the hopping pattern in the piconet and the slaves have to synchronizes to this pattern.

Each piconet has a unique pattern If device want to participate, it has to synchronized with this. Two additional types of devices
Parked devices (P) can not actively participate in the piconet, but are known and can be reactivated within some milliseconds Device in Standby (SB) do not participate in the piconet.

Bluetooth

In each piconet, up to seven slave devices can be set to communicate with a master because 3-bit address is used in

bluetooth.

More than 200 devices can be parked Process to form bluetooth piconet
Master sends its clock and device ID All bluetooth devices have same capabilities i.e. they can be master or slave The unit establishing piconet automatically becomes the master, all other will become slave After adjusting the internal clock according to master, a device may participate in the piconet. All active devices are assigned a 3-bit active member address (AMA)

All parked devices use an 8-bit parked member address (PMA)

Bluetooth

All users within one piconet have the same hopping sequence and share the same 1 MHz channel

As more users join the piconet, the throughput per user drops Thus, several piconets can be linked together to form a larger network in an ad hoc manner

This network of piconets is called Scatternet A scatternet is formed when a device from one piconet also acts as a member of another piconet.

A device being master in one piconet can simultaneously be a slave in the other one.

Bluetooth
Bluetooth Scatternet

Bluetooth

If a device wants to participate in more than one piconet, it has to synchronize to the hopping sequence of the other.

If a device acts as slave in one piconet, it simply starts to synchronize with hopping sequence of other piconet.

After synchronization, it acts as a slave in that piconet and no longer

the member of former piconet

Before leaving the piconet, a slave has to inform to master of current piconet.

A master can also leave its piconet and acts as a slave in another piconet.

If master leaves a piconet, all traffic within this piconet is suspended until the master returns

Bluetooth Protocol Stack

Bluetooth protocol is a combination of different protocols Two Basic protocols :

Bluetooth Core Specification : Describes the protocols from physical layer to data link control together with management functions Profile Specification : Described many protocols required to adapt wireless bluetooth technology to legacy and new application.

At physical layer, Bluetooth uses spread spectrum technologies Different applications can run over bluetooth core protocols by using

application oriented protocol formed by Cable replacement protocol,

Telephony control layer and Adopted protocol layer

Bluetooth Protocol Stack

Bluetooth uses connectionless (ACL-Asynchronous Connectionless Link) and connection oriented (SCO Synchronous Connection oriented Link) links.

The SCO link is point-to-point between master and slave. The master maintains the link by using reserved timeslots at regular intervals. Packet retransmissions are not allowed.

ACL provides packet-switched connections between the master and all active slaves. Packet retransmissions are usually applied to assure data integrity.

Bluetooth Protocol Stack

It is a combination of multiple application specific stacks Three major protocols are RFCOMM (Radio Frequency

COMMunication), TCS Binary (Telephony Control Specification) and SDP (Service Discovery Protocol)

Common data link and physical layer for all application L2CAP (Logical Link Control and Adaptation Protocol) or TCS may use LMP (Link Manager Protocol) to control link manager

Bluetooth

Bluetooth Protocol Stack

Four Basic layers according to their functionalities

Bluetooth Core Protocols : Comprises Baseband, Link Manager Protocol (LMP), Logical Link Control and Adaptation Protocol (L2CAP) and SDP Cable Replacement Protocol : This layer has only one member viz. Radio Frequency Communication (RFCOMM) Telephony Control Protocol : This comprises two protocol stacks viz. Telephony Control Specification Binary (TCS BIN) and AT Commands Adopted Protocols : Many protocol stacks like Point-to-Point Protocol (PPP), TCP/IP Protocol, OBEX (Object Exchange Protocol), Wireless Application Protocol (WAP) , vCard, vCalender, Infrared Mobile

Communication etc.

Bluetooth Protocol Stack

BaseBand Bluetooth Core Protocol

Description of basic connection establishment, packet formats, timing and QoS parameters Enables the physical RF link between Bluetooth units forming a piconet. Uses inquiry and paging procedures to synchronize the transmission

with different bluetooth devices

The Inquiry procedure is used for obtaining Bluetooth addresses and clocks of devices in range. Paging is used to connect to devices whose addresses and approximate clock values are known.

Using SCO & ACL link different packets can be multiplexed over the
same RF link ACL packets are used for data only, while SCO packet can contain audio or combination of audio and data

Bluetooth Protocol Stack

Link Manager Protocol (LMP) Bluetooth Core Protocol

Link set-up and management between devices including security functions and parameter negotiation of baseband packet size When two bluetooth devices come within each others radio range, link manager of either device discover each other LMP engage itself in peer-to-peer message exchange Message performs various security checks Performs key generation and exchange of encryption keys as well

Performs link setup and negotiation of baseband packet size

Controls power modes, connection state and duty cycles of bluetooth devices in piconet

Bluetooth Protocol Stack

Logical Link Control and Adaptation Protocol (L2CAP) Bluetooth Core Protocol
Adaptation of higher layers to the baseband (Connectionless and connection-oriented services) Layer is responsible for segmentation of large packets and reassembly of fragmented packets Also responsible for multiplexing of bluetooth packets from different applications It provides logical channels between bluetooth devices with QoS properties L2CAP is available for ACLs only, while audio applications using SCO have to use the baseband layer directly

Bluetooth Protocol Stack

Logical Link Control and Adaptation Protocol (L2CAP) Bluetooth Core Protocol (Cont..)
L2CAP provides three types of logical channels that are transported via the ACL between master and slave 1. Connectionless : used for broadcast from a master to its slave 2. Connection-oriented : Bidirectional and for providing QoS parameter (average data rate, maximum burst size, latency, jitter) in each direction 3. Signaling : Used to exchange signaling messages

Bluetooth Protocol Stack

Service Discovery Protocol (SDP) Bluetooth Core Protocol

Main objective is device discovery in close proximity plus querying of service characteristics Enables bluetooth device to join a piconet

Using SDP, a device inquires what services are available in a

piconet and how to access them SDP uses client-server model where server has a list of services

defined through service records

One service record in a server describes the characteristics of one service

Bluetooth Protocol Stack

Service Discovery Protocol (SDP) Bluetooth Core Protocol (Cont..)

There is only one SDP server

Multiple applications in a device may use a single SDP client to query servers
for service records A device in inquiry mode broadcasts ID packets on 32 frequency channels of the Inquiry Hopping Sequence It sends two ID packets and then listens for response Then a unique ID (globalID) of device is exchanged globalID indicates a devices profile along with capability functions

Upon matching of device profile a connection is set up and devices exchange

data In piconet, a master device can be a laptop/PDA and slave may be printer, mouse, cellular phone

Bluetooth Protocol Stack

RFCOMM - Cable Replacement Protocol

It is a serial line communication protocol and is based on ETSI 07.10 specification It emulates RS-232 control and data signals over bluetooth baseband protocol RFCOMM provides transport capabilities for high-level services (e.g. OBEX

protocol) that use serial line as the transport mechanism.

Bluetooth Protocol Stack

Telephony Control Protocol Binary (TCS BIN) Telephony Control Protocol

It is bit-oriented protocol Defines the call control signaling protocol for set up of speech and data calls between bluetooth devices Also defines mobility management procedures for handling groups of bluetooth TCS devices

Bluetooth Protocol Stack

AT (Attention) Commands Telephony Control Protocol

Defines a set of AT commands by which a mobile phone can be used and controlled as a modem for fax and data transfer They are used from a computer or DTE (Data Terminal Equipment) to control a modem or DCE (Data Circuit terminating Equipment)

Bluetooth Protocol Stack

PPP Bluetooth Adopted Protocol

This offers PPP over RFCOMM to accomplish point-to-point communications Point-to-Point is the means of taking IP packets to/from the PPP layer and placing them onto LAN

TCP/IP Adopted Protocol

It is used by various devices (printers, handheld computers, mobile)for communication across the Internet Access to these protocols is operating system independent

Bluetooth Protocol Stack

OBEX Protocol Adopted Protocol

Developed by Infrared Data Association (IrDA) to exchange objects It defines a folderlisting object, which can be used to browse the contents of folders on remote devices

Bluetooth Security

Bluetooth

offers

security

infrastructure

starting

from

authentication, key exchange, to encryption

A frequency hopping scheme with 1600 hops/sec is employed which makes system difficult to eavesdrop

At lowest layer, it uses the publicity available cipher algorithm known as SAFER+(Secure and Fast Encryption) to authenticate a devices identity

In addition to these, different applications use their own security infrastructure

Bluetooth Application Models

Each application model in bluetooth is realized through a profile Profile defines the protocols and protocol features supporting a particular usage model

File Transfer :
Offers the ability to transfer data objects from one device ( e.g. PC, smartphone, PDA) to another Object types include .xls, .ppt, .wav, .jpg, .doc files, folders or streaming media formats

This model also offers a possibility to browse the contents of the folders on a
remote device.

Bluetooth Application Models

Internet Bridge :
In this model, a mobile phone or cordless modem acts as modem to the PC, providing dial-up networking and fax capabilities without need for physical connection to the PC.

LAN Access :
Multiple data terminals use a LAN access point (LAP) as a wireless connection
to the Ethernet LAN Once connected, the terminals operate as if they were connected directly to the LAN

Bluetooth Application Models

Headset :
The headset can be wirelessly connected for the purpose of acting as a

remote devices audio input and output interface

Convenient for hands-free cellular phone usage in automobiles

Others
A Bluetooth-mouse could be used at a further distance from a monitor, and while moving about in the room. A Bluetooth-keyboard could be used further away from the monitor. A Bluetooth-keyboard could also be used to address more than one computer,

in a dynamic, switchless manner.

Cable-less connection to printers and faxes. Cable-less connection to digital cameras and video projectors.

Cordless connection from cell phone to handsfree headset.

Radio Frequency Identification (RFID)

Radio-frequency identification (RFID) is a technology that uses communication through the use of radio waves to transfer data between a reader and an electronic tag attached to an object for the purpose of identification and tracking.

Advantages over Bar code system

With bar codes, it is only possible to identify the brand and type of package in
a grocery store RFID does not require line of sight to "see" an RFID tag Unlike barcodes RFID tags can be read hundreds at a time. Bar codes can only read one at a time

Radio Frequency Identification (RFID)

It is a radio transponder carrying an ID (identification) that can read through radio frequency (RD) interface

Transponders are known as RFID tags To assign an identity to an object, a tag is attached to the object Data within the tag provides identification for the object Object could be an entity in a manufacturing shop, goods in transit, item in retail store, a vehicle in a parking lot, a pet, or a book in a library

Biologists use RFID to track animals for studying animal behavior and conservation

Radio Frequency Identification (RFID)

RFID system comprises different functional areas like

Means of reading or interrogating the data in the tag Mechanism to filter some of the data Means to communicate the data in the tag with a host computer Means for updating or entering customized data into tag

RFID tags are categorized on three basic criteria

On frequency, On application area and

On the power level

Radio Frequency Identification (RFID)

On frequency :
Six basic frequencies on which RFID operates Low frequency (30 KHz to 500 KHz) systems have short reading ranges and lower system costs Tags in this frequency range are slow in data transfer and suitable for slow-

moving objects
Mostly used in security access, asset tracking and animal identification applications High frequency systems offer long read ranges and high data transfer speeds High reading speed is required for fast moving objects like railway wagon tracking and identification of vehicles on freeways for automated toll collection The higher the frequency, the higher is the data transfer rate

Radio Frequency Identification (RFID)

On Application :
RFID also grouped according to application and range Speed of the objects and distance to read determines the type of tags The advantage of all types of RFID systems is the contactless, nonline-of-sight nature Tags can be read through variety of substances such as snow, fog, paint, plastic,wall, container and other challenging conditions Tags can also be read at high speed RFID tag contains two segments of memory First Segment : Factory Set :- Used to uniquely identify a tag Second segment : Usable by application to store related data

Radio Frequency Identification (RFID)

Power-based Grouping:
Two types as per power requirement
Passive tag : Works with low frequency range Active tag : Works with high / low frequency range

Active RFID tags

Powered by internal battery and can be read/write Life of tag depends upon battery life Data within tag can be rewritten or modified Its memory can vary from few bytes to 1 MB Limitations : Cost depends upon size, limited operational life, larger in size, more maintenance cost

Radio Frequency Identification (RFID)

Passive RFID tags

Operate without a power source of its own It obtains operating power from readers antenna Data within it is in read-only format and cant be changed Lighter, less expensive and has unlimited operational lifetime Shorter read range than active tags and require a higher-powered reader Contains data usually 32 to 128 bits long Having capability to perform independent monitoring and control, initiating communications , performing diagnostics

Radio Frequency Identification (RFID)

Tags can be attached to almost anything: Pallets or cases of product Vehicles company assets or personnel

Items such as apparel,

luggage, laundry People, pets High value electronics such as computers, TVs, camcorders

Radio Frequency Identification (RFID)

A basic RFID system consist of three components

A transponder programmed with unique information (RFID tag) A transceiver with decoder (a reader) An antenna or coil

When an RFID tag passes through the electromagnetic zone of reader, it detects the readers activation signal

The reader decodes the data encoded in the tags

integrated circuit and the data is passed to the host

computer for processing

Radio Frequency Identification (RFID)

The antenna emits radio signals to read data from or write data into the tag.

Antenna controls data acquisition and communication An antenna is fitted with the transceiver to become a

reader

RFID System Components

Antenna Asset/Tag Asset Firmware Tag
Insert

TCP/IP

Host Application Software

~
Power

Customers MIS

API

RFID Operation
Sequence of Communication
Host Manages Reader(s) and Issues Commands Reader and tag communicate via RF signal Carrier signal generated by the reader (upon request from the host application) Carrier signal sent out through the antennas Carrier signal hits tag(s) Tag receives and modifies carrier signal

sends back modulated signal

Antennas receive the modulated signal and send them to the Reader Reader decodes the data

Results returned to the host application

Application areas of RFID

Principal area of application for RFID

Transportation and logistics Manufacturing and processing Security Animal tagging Store in an enterprise Retail store Community library Time and Attendance Airline baggage reconciliation

Wireless Broadband

Wireless technologies are generally known as WLL (Wireless Local Loop) or WiLL (Wireless in Local Loop)

Wireless Local Loop is also known as fixed-wireless system Wireless broadband or Wireless MAN is defined by IEEE 802.16

WirelessMAN is an alternative to high bandwidth wired access

networks like fiber optic, cable modems and DSL (Digital Subscriber line)

Wireless MAN is popularly known as WiMAX (Worldwide

Interoperability for Microwave Access)

WiMAX vs. wi-fi

Wimax Wimax coverage is about 30 miles Wifi Wifi coverage is very limited

Primarily used for large distance

It is like an ISP without any cable to access Internet Wimax architecture is design to make possible metropolitan area networking (MAN).

Used for small area

Wifi will be used inside in your local area network (LAN) for access to the internet. Wifi is providing only local area networking (LAN).

The deployments of Wimax and Wifi network are same The line of sight antennas used to connect tower in Wimax technology.

Wireless Broadband

WiMAX provides wireless transmission of data using variety of modes, from point-to-multipoint links to portable & fully mobile internet access

WiMAX is basically use to link homes and businesses with core telecommunication networks

It provides network access to buildings through exterior antennas communicating with radio base stations

Installation of network is easy by deploying a small number of base stations on buildings or poles to create high-capacity wireless access systems

Wireless Broadband

IEEE 802.16 standards are organized into a three-layer architecture

The Physical Layer :

Specifies the frequency band, the modulation scheme, error-correction techniques, synchronization between transmitter and receiver, data rate and the multiplexing structure

The MAC (Media Access Control) Layer :

Transmission of data in terms of frames and controlling access to the shared wireless medium through media access control layer

Defines how and when a base station may initiate transmission on the
channel

Convergence Layer :
Provides functions specific to service being provided

Wireless Broadband

The Physical Layer :

To support duplexing, 802.16 adapted a burst design that allows both TimeDivision Duplexing (TDD) and Frequency Division Duplexing (FDD). In TDD, the uplink and downlink share a channel but do not transmit simultaneously In FDD, the uplink and downlink operate on a separate channels and

sometimes simultaneously.

Three types of physical layers

WirelessMAN-SC2 uses a single carrier modulation format to support

existing networks and protocols

WirelessMAN-OFDM uses orthogonal frequency-division multiplexing with a 256-point transform Wireless MAN-OFDMA which uses Orthogonal Frequency Division Multiple

Access (OFDMA) with a 2048-point FFT

Wireless Broadband

The MAC Layer :

Designed for point-to-multipoint broadband wireless access Addresses the need for very high bit rates, both uplink(to BS) and downlink(from BS) Supports variety of services like multimedia and voice 802.16 project is also upgraded with MAC having ARQ(Automatic Repeat

Request) and support for mesh, rather than only point-to-multipoint

architecture

Mobile IP

Mobile IP (or IP mobility) is an Internet Engineering Task Force (IETF) standard communications protocol that is designed to

allow mobile device users to move from one network to another

while maintaining a permanent IP address.

A data connection between two end-points through TCP/IP

network

A TCP connection is identified by the tuple (source IP address, source port, destination IP address, destination port)

TCP port number is application specific and remains constant

IP address is network specific and varies from network to network

Mobile IP

In mobile communication environment, a user may be mobile and may change its network and so change of IP address.

This will force the TCP connection to terminate

Most critical issue
How to allow mobility while a data connection is alive?

The solution is given by Mobile IP which signifies that while a

user is connected to applications across Internet and the users attachment changes dynamically, all connections are maintained

despite the change in network properties.

Mobile IP Various Entities

Mobile node (MN): A mobile node is an end-system or router that can change its

point of attachment to the internet using mobile IP.

Correspondent node (CN): At least one partner is needed for communication.

In the following the CN represents this partner for the MN.

The CN can be a fixed or mobile node.

Home network:

The home network is the subnet the MN belongs to with

respect to its IP address. No mobile IP support is needed within the home network.

Mobile IP Various Entities

Foreign network: The foreign network is the current subnet the MN visits and

which is not the home network.

Foreign agent (FA): The FA can provide several services to the MN during its visit to the foreign network. The FA can have the COA (Care Of Address), acting as tunnel endpoint and forwarding packets to the MN. The FA can be the default router for the MN. FAs can also provide security services because they belong to the foreign network as opposed to the MN which is only

Mobile IP Various Entities

Care-of address (COA): The COA defines the current location of the MN from an IP

point of view.
All IP packets sent to MN are delivered to the COA, not directly to the IP address of the MN.

Packet delivery towards the MN is done using a tunnel

COA marks the tunnel endpoint, i.e., the address where packets exit the tunnel.

Mobile IP Various Entities

Home agent (HA): It is a router on mobile nodes home network which forwards

datagrams for delivery to the mobile node through a tunnel

when it is away from home The tunnel for packets toward the MN starts at the HA.

The HA maintains a location registry, i.e., it is informed of the

MNs location by the current COA. The HA can be implemented on a router that is responsible for the home network. If changing the routers software is not possible, the HA could also be implemented on an arbitrary node in the subnet.

Mobile IP example network

Mobile IP How does it work?

When the mobile node is located on its home network, it operates without mobility services

When the mobile node detects that it has moved to a foreign

network, it registers with the foreign agent and obtains a COA on the foreign network

The

COA can

be

determined

from

foreign

agents

advertisements, or by some external assignments mechanism such as DHCP

The MN registers its new care-of address with its home agent
information its new location and new care-of-address

The home agent forwards all incoming data packet to the foreign

network using COA

Mobile IP How does it work?

This new packet encapsulates the original packet, causing the mobile nodes home address to have no impact on the

encapsulated packet is routing

On returning to its home network from being registered elsewhere, the mobile node deregisters with its foreign agent,

through exchange of a Registration Request and Registration

Reply message

Mobile IP How does it work?

Fig. 4.6

Mobile IP How does it work?

Mobile IP needs to support three basic capabilities : Discovery , Registration and Tunneling

Discovery One initial problem of an MN after moving is how to find a foreign agent. For this purpose mobile IP describes two methods: Agent Advertisement and Agent Solicitation Foreign agents and home agents advertise their presence

periodically using special agent advertisement messages. These messages can be seen as a beacon broadcast into the subnet. Internet control message protocol (ICMP) messages

Mobile IP How does it work?

Discovery (Cont..) If no agent advertisements are present, MN has not received a COA

by other means, the mobile node must send agent solicitations.

Finally, MN receives a COA, either one for an FA. On receiving this advertisement packet, portion of IP address with its own address MN compares the network

If no match, MN finds it is in foreign network . The MN knows its location (home network or foreign network) and the capabilities of the agent (if needed).

The next step for the MN is the registration with the HA if the MN is in a foreign network

Mobile IP How does it work?

Registration The registration protocol communicates between an application on the

mobile node and an application in the home agent, and hence uses a
transport-level protocol.

Because registration is a simple request/response transaction, the overhead of the connection-oriented TCP is not required, and, therefore, the User Datagram Protocol (UDP) is used as the transport protocol.

Once a MN obtained a COA from foreign network, the same need to be registered with HA

MN sends a registration request to HA with COA information HA updates its routing table and sends registration reply back to MN

Mobile IP How does it work?

Registration Authentication The MN needs to be authenticated Registration messages between MN and HA must be authenticated with an authorization-enabling extension This extension must be the first authentication extension; other foreign agent-specific extension Using HMAC-MD5 hashing algo, a Digital signature is generated

Mobile IP How does it work?

Registration (Cont..) Each MN and HA shares a common secret This secret makes the digital signature unique and allows the agent to authenticate the MN At the end of registration, a triplet (Home address, COA, registration lifetime) is maintained in the home agent This is called MN binding with HA.

Mobile IP How does it work?

Four steps of Registration The MN requests for forwarding service from the foreign network by sending a registration request to the FA The FA relays this registration request to the HA of that MN The HA either accepts or rejects the request and sends a registration reply to the FA The FA relays this reply to MN

Mobile IP How does it work?

Registration Request UDP packets are used for registration requests

The IP source address of the packet is set to the interface address of

the MN IP destination address is that of the FA or HA (depending on the location of the COA) UDP is used because of low overheads and better performance compared to TCP in wireless environments

Mobile IP How does it work?

Registration Request message

Mobile IP How does it work?

Registration Request message Type: 1, indicates that this is a registration request.

S: Simultaneous bindings. When simultaneous bindings are in effect,

the home agent will forward multiple copies of the IP datagram, one to each care-of address currently registered for this mobile node. Multiple simultaneous bindings can be useful in wireless handoff situations to improve reliability.

B: Broadcast datagrams. Indicates that the mobile node would like to receive copies of broadcast datagrams that it would have received if it were attached to its home network.

D: Decapsulation by mobile node. The mobile node is using a colocated care-of address and will decapsulate its own tunneled IP datagrams.

Mobile IP How does it work?

Registration Request message M: Indicates that the home agent should use minimal encapsulation

V: Indicates that the home agent should use Van Jacobson header
compression,

G: Indicates that the home agent should use GRE encapsulation Lifetime: Denotes the validity of the registration in seconds. A value of zero indicates deregistration; all bits set indicates infinity.

Home address: The home IP address (Original IP address before moving into foreign area) of the mobile node. The home agent can expect to receive IP datagrams with this as a destination address

Mobile IP How does it work?

Registration Request message Home agent: The IP address of the mobile node home agent. This

informs the foreign agent of the address to which this request should be
relayed.

Care-of address: The IP address at this end of the tunnel. The home agent should forward IP datagrams that it receives with the mobile node home address to this destination address.

Identification: A 64-bit number generated by the mobile node, used for matching registration requests to registration replies and for security purposes

Extensions: extension

The only extension so far defined is the authentication

Mobile IP How does it work?

Registration Reply message

Mobile IP How does it work?

Registration Reply message Type: 3, indicates that this is a registration reply.

Code: Indicates result of the registration request.

Lifetime: If the code field indicates that the registration was accepted, the number of seconds before the registration is considered expired. A value of zero indicates that the mobile node has been deregistered.

Home address: The home IP address of the mobile node. Home agent: The IP address of the mobile node home agent. Identification: A 64-bit number used for matching registration requests to registration replies.

Mobile IP How does it work?

Tunneling Tunneling is performed at the IP level.

In mobile-IP, an IP-within-IP encapsulation (two level addressing)

mechanism is used A tunnel establishes a virtual pipe for data packets between a tunnel entry and a tunnel endpoint. Packets entering a tunnel are forwarded inside the tunnel and leave the tunnel unchanged. Tunneling, i.e., sending a packet through a tunnel, is achieved by using encapsulation.

Mobile IP How does it work?

Tunneling In Mobile IP, the HA adds a new IP header called tunnel header The tunnel header uses the MNs COA as the tunnel destination IP address The tunnel source IP address is the HAs IP address The tunnel header uses 4 as the protocol number, indicating that the next protocol header is again as IP header The entire original IP header is preserved as the first part of payload of the tunnel header The FA after receiving the packet, drops the tunnel header and delivers the rest to MN

Mobile IP How does it work?

Fig. 4.7

Mobile IP How does it work?

Tunneling When MN is in foreign network, the HA is able to intercept all IP datagram packets sent to MN It forwards all these datagrams via tunnel The HA steals the identity of MN in order to capture packets destined for that are transmitted across the home network For this purpose ARP (Address Resolution Protocol) is used to notify all nodes in the home network

Mobile IP How does it work?

Fig. 4.8

Routing for Mobile Hosts

Types of hosts Stationary hosts : Permanently connected to network through cables

Mobile hosts Migratory : Can move from one fixed site to another from time to time but use the network only when they connected to it Roaming : Can do computation on run and want to maintain

connection as they move around

Routing for Mobile Hosts

A WAN to which LANs, MANs, and wireless cells are attached

Locating a mobile host

Mobile Adhoc Network (MANET)(Schiller)

Mobile IP requires, e.g., a home agent, tunnels, and default routers

Several situations where users of a network cannot rely on an

infrastructure, it is too expensive

So the choice is Adhoc Network which is completely self

configurable network

It does not depend on network infrastructure, All hosts may be routers

Hosts are usually mobile and wireless and may enter/leave the
network anytime

Significant examples of such scenarios include establishing

Mobile Adhoc Network (MANET)(Schiller)

MANET and Mobile IP

Routing in MANET

In fixed wireless network, a base station always reaches all mobile nodes, this is not always the case in an ad-hoc network

In MANET, destination node might be out of range of a source

node transmitting packets

Routing is needed to find a path between source and destination

and to forward the packets appropriately.

In fixed wireless n/w, a cell is defined and a base station is available within cell which is responsible to route each packet

In MANET, each node must be able to forward data for other

nodes.

Mobile Adhoc Network (MANET)(Schiller)

Example of Adhoc network

Routing in MANET

Fundamental differences between wired networks and ad-hoc wireless networks

Asymmetric links
Redundant links Interference Dynamic topology

Routing in MANET

Some characteristics for routing in ad-hoc wireless networks Routing in wireless ad-hoc networks requires knowledge of

network and all lower layers to find good path

Centralized approaches will not really work, because it takes too long to collect the current status and disseminate it again.

Many nodes need routing capabilities

Ad-hoc networks will be connectionless To forward a packet across an unknown topology is flooding which is very inefficient

Routing in MANET

DSDV (Destination sequence distance vector) is one of the algorithm of routing

It is extended version of ad-hoc on-demand distance vector

(AODV) which has count-to-infinity problem

DSDV adds two things

Sequence number to avoid loop which was the problem because of
change in topology in adhoc network Damping: Transient changes in topology that are of short duration

should not destabilize the routing mechanisms.

Routing in MANET

DSDV maintains routes between all nodes, although there may currently be no data exchange at all which causes unnecessary traffic and prevents nodes from saving battery power.

Dynamic source routing (DSR), therefore, divides the task of routing into two separate problems Route discovery : A node only tries to discover a route to a

destination if it has to send something to this destination and there is currently no known route. Route maintenance: If a node is continuously sending packets via a route, it has to make sure that the route is held upright. As soon as a node detects problems with the current route, it has to find an alternative.

Routing in MANET

Dynamic source routing (DSR), If a node needs to discover a route, it broadcasts a route

request with a unique identifier and the destination address

as parameters. Any node that receives a route request does the following.
If the node has already received the request (which is identified
using the unique identifier), it drops the request packet. If the node recognizes its own address as the destination, the

request has reached its target.

Otherwise, the node appends its own address to a list of traversed hops in the packet and broadcasts this updated route request.

Routing in MANET

Dynamic source routing (DSR)

N1 broadcasts the request ((N1), id = 42, target = N3), N2 and N4 receive this request. N2 then broadcasts ((N1, N2), id = 42, target = N3), N4 broadcasts ((N1, N4), id = 42, target = N3). N3 and N5 receive N2s broadcast, N1, N2, and N5 receive N4s broadcast. N3 recognizes itself as target, N5 broadcasts ((N1, N2, N5), id = 42,

target = N3). N3 and N4 receive N5s broadcast. N1, N2, and N5

drop N4s broadcast packet, because they all recognize an already received route request (and N2s broadcast reached N5 before N4s did).

Mobile Transport layer (Schiller)

TCP

provides connection oriented services while UDP is

connection-less

A connection TCP gives certain guarantees, such as in-order

delivery or reliable data transmission using retransmission techniques.

TCP has built-in mechanisms to behave in a network friendly

manner.

It is better suited for mobile environment

TCP is much more complex and, needs special mechanisms to

be useful in mobile environments

Mobile transport layer

Features of traditional TCP

Congestion Control : Through retransmission policy, dynamically

reducing transmission rates

Slow start : The behavior TCP shows after the detection of congestion is called slow start. The sender always calculates a congestion window for a receiver. The start size of the congestion window is one segment (TCP packet). The sender sends one packet and waits for acknowledgement.

Mobile transport layer

Features of traditional TCP

Slow start: (Cont..)

If this acknowledgement arrives, the sender increases the congestion

window by one, now sending two packets (congestion window = 2). After arrival of the two corresponding acknowledgements, the sender

again adds 2 to the congestion window, one for each of the

acknowledgements. Now the congestion window equals 4. This scheme doubles the congestion window every time the acknowledgements come back. This is called the exponential growth of the congestion window in the slow start mechanism.

Mobile transport layer

Features of traditional TCP

Slow start: (Cont..)

The exponential growth stops at the congestion threshold.

As soon as the congestion window reaches the congestion threshold, further increase of the transmission rate is only linear by adding 1 to

the congestion window

Indirect TCP (I-TCP)

Two points about traditional TCP TCP performs poorly together with wireless links.

TCP within the fixed network cannot be changed.

I-TCP segments a TCP connection into two parts
Fixed part

Wireless part.

Indirect TCP (I-TCP)

Indirect TCP (I-TCP)

TCP improvements- Indirect TCP

Standard TCP is used between the fixed computer and the access

point.
Instead of the mobile host, the access point now terminates the standard TCP connection, acting as a proxy. The access point is now seen as the mobile host for the fixed host and as the fixed host for the mobile host. Between the access point and the mobile host, a special TCP, adapted to wireless links, is used. In mobile IP, FA can be working as access point The foreign agent controls the mobility of the mobile host anyway and can also hand over the connection to the next foreign agent when the

Indirect TCP (I-TCP)

TCP improvements- Indirect TCP If the correspondent host sends a packet, the foreign agent

acknowledges this packet and tries to forward the packet to

the mobile host. If the mobile host receives the packet, it acknowledges the

packet.
If the mobile host sends a packet, the foreign agent acknowledges this packet and tries to forward it to the

correspondent host.
If a packet

is lost on the wireless link; the CH would not notice

this.

Indirect TCP (I-TCP)

TCP improvements- Indirect TCP Similarly, if the mobile host sends a packet, the foreign agent

acknowledges this packet and tries to forward it to the

correspondent host. If the packet is lost on the wireless link, the mobile hosts can

directly retransmit the packet.

Packet loss in the wired network is now handled by the foreign agent.

Indirect TCP (I-TCP)

TCP improvements- Indirect TCP I-TCP requires several actions as soon as a handover takes

place
Access point acts as a proxy buffering packets for retransmission.

After the handover, the old proxy must forward buffered data
to the new proxy because it has already acknowledged the data.

After registration with the new FA, this new FA can inform the
old one about its location to enable packet forwarding. Besides buffer content, the sockets of the proxy, too, must

Indirect TCP (I-TCP)

TCP improvements- Indirect TCP The socket reflects the current state of the TCP connection,

i.e., sequence number, addresses, ports etc.

No new connection may be established for the mobile host, and the correspondent host must not see any changes in

connection state.

Indirect TCP (I-TCP)

Advantages I-TCP does not require any changes in the TCP protocol as

used by the hosts in the fixed network or other hosts in a

wireless network Due to the strict partitioning into two connections, transmission

errors on the wireless link, i.e., lost packets, cannot propagate

into the fixed network. Partitioning into two connections also allows the use of a

different transport layer protocol between the foreign agent

and the mobile host or the use of compressed headers etc.

Indirect TCP (I-TCP)

Disadvantages The loss of the end-to-end semantics of TCP might cause

problems if the foreign agent partitioning the TCP connection

crashes. In practical use, increased handover latency may be much

more problematic
The foreign agent must be a trusted entity because the TCP connections end at this point.

Snooping TCP

I-TCP losses the end-to-end semantics of TCP Snooping TCP works completely transparently and leaves the

TCP end-to-end connection intact.

The main function of the enhancement is to buffer data close to the mobile host to perform fast local retransmission in case of

packet loss.

In this approach, the foreign agent buffers all packets with destination mobile host and additionally snoops (observe) the

packet flow in both directions to recognize acknowledgements

Snooping TCP

Foreign agent can perform a local retransmission in case of packet loss on the wireless link.

The foreign agent buffers every packet until it receives an acknowledgement from the mobile host.

If the foreign agent does not receive an acknowledgement from

the mobile host within a certain amount of time, either the packet
or the acknowledgement has been lost.

Alternatively, the foreign agent could receive a duplicate ACK (it

is because out-of-order packet received by receiver) which also

shows the loss of a packet.

Snooping TCP

Now the foreign agent retransmits the packet directly from the buffer, performing a much faster retransmission compared to the correspondent host.

To remain transparent, the foreign agent must not acknowledge data to the correspondent host.

This would make the correspondent host believe that the mobile host had received the data and would violate the end-to-end semantic in case of a foreign agent failure.

However, the foreign agent can filter the duplicate acknowledgements to avoid unnecessary retransmissions of data from the correspondent host.

Snooping TCP

If

the

foreign

agent

crashes,

the

time-out

of

the

correspondent host still works and triggers a retransmission.

The foreign agent may discard duplicates of packets already retransmitted locally and acknowledged by the mobile host. This avoids unnecessary traffic on the wireless link.

Snooping TCP

Data

transfer

from

the

mobile

host

with

destination

correspondent host works as follows.

The foreign agent snoops into the packet stream to detect gaps in the sequence numbers of TCP.

As soon as the foreign agent detects a missing packet, it returns a

negative acknowledgement (NACK) to the mobile host.

The mobile host can now retransmit the missing packet immediately.

Reordering of packets is done automatically at the correspondent

host by TCP.

Snooping TCP

Advantages The end-to-end TCP semantic is preserved.

The correspondent host does not need to be changed; most of

the enhancements are in the foreign agent. It does not need a handover of state as soon as the mobile host

moves to another foreign agent.

Mobile transport layer

Mobile TCP M-TCP wants to improve overall throughput, to lower the

delay, to maintain end-to-end semantics of TCP, and to

provide a more efficient handover. M-TCP splits the TCP connection into two parts.

An unmodified TCP is used on the standard hostsupervisory host (SH) connection, while an optimized TCP is used on the SH-MH connection.

The supervisory host is responsible for

exchanging data

between both parts similar to the proxy in ITCP

Mobile transport layer

Mobile TCP The SH monitors all packets sent to the MH and ACKs

returned from the MH.

If the SH does not receive an ACK for some time, it assumes that the MH is disconnected.

It then chokes the sender by setting the senders window size

to 0. Setting the window size to 0 forces the sender to go into

persistent mode, i.e., the state of the sender will not change
no matter how long the receiver is disconnected. This means that the sender will not try to retransmit data.

Mobile transport layer

Mobile TCP As soon as the SH detects connectivity again, it reopens the

window of the sender to the old value.

The sender can continue sending at full speed. This mechanism does not require changes to the senders

TCP.

Mobile transport layer

Mobile TCP Advantages It maintains the TCP end-to-end semantics. The SH does not

send any ACK itself but forwards the ACKs from the MH
If the MH is disconnected, it avoids useless retransmissions, slow starts or breaking connections by simply shrinking the

senders window to 0.
Since it does not buffer data in the SH as I-TCP does, it is not necessary to forward buffers to a new SH while handover.

Transmission/time-out freezing

Mobile TCP, I-TCP etc. are used to handle a short interruptions of the connection, either due to handover or transmission errors on the wireless link

In the case of longer interruptions of transmission, the TCP connection will be break

The MAC layer knows the real reason for the interruption and does not assume congestion

The MAC layer can inform the TCP layer about the current

interruption is not caused by congestion

TCP can now stop sending and freezes the current state of its congestion window and further timers.

Transmission/time-out freezing

As soon as the MAC layer detects connectivity again, it signals TCP that it can resume operation at exactly the same point where it had been forced to stop.

Advantage : this approach offers a way to resume TCP connections even after longer interruptions of the connection.

It is independent of any other TCP mechanism, such as acknowledgements or sequence numbers, so it can be used together with encrypted data

Disadvantages : Software at MN as well as correspondent host needs to be hanged

All mechanisms rely on the capability of the MAC layer

Selective retransmission

TCP acknowledgements are cumulative, i.e., they acknowledge in-order receipt of packets up to a certain packet

If a single packet is lost, the sender has to retransmit everything starting from the lost packet (go-back-n retransmission). This obviously wastes bandwidth

In Selective retransmission, TCP can indirectly request a selective retransmission of packets.

The receiver can acknowledge single packets, not only trains of

in-sequence packets.

The sender can now determine precisely which packet is needed and can retransmit it.

Selective retransmission

Advantage : A sender retransmits only the lost packets. This lowers bandwidth requirements and is extremely helpful in

slow wireless links.

Disadvantage : more complex software on the receiver side, because now more buffer is necessary to resequence data and

to wait for gaps to be filled.

Transaction-oriented TCP

If an application running on the mobile host that sends a short request to a server from time to time, which responds with a short message.

If the application requires reliable transport of the packets, it may use TCP

Using TCP now requires several packets over the wireless link. First, TCP uses a three-way handshake to establish the connection.

At least one additional packet is usually needed for transmission of the request, and requires three more packets to close the connection via a three-way handshake.

In an example of only one data packet, TCP may need seven

Transaction-oriented TCP

A transaction-oriented TCP (T-TCP) can combine packets for connection establishment and connection release with user data packets. This can reduce the number of packets down to two instead of seven.

Advantage : the reduction in the overhead which standard TCP has for connection setup and connection release.

Disadvantage : it requires changes in the mobile host and all

correspondent hosts

Internet Protocol Version 6 (IPV6)

It is the current version of the Internet Protocol (IP). It is designed to succeed the older Internet Protocol version 4

(IPv4).

The Internet operates by transferring data in small packets that are independently routed across networks as specified by an

international communications protocol known as the Internet

Protocol.

The growth of the Internet has created a need for more

addresses than are possible with IPv4

IPv6 was developed by the Internet Engineering Task Force (IETF)

IPV6- Address Space

IPv6 uses 128 bit addresses for each packet creating virtually infinite number of IP addresses

In IPv6, there are global addresses and local addresses. Global addresses are used for routing of global Internet Link local addresses are available within subnet IPv6 uses hierarchical addressing with three-level of addresses which includes Public Topology(48-bit external routing prefix), a site

topology(16-bit subnet number) and an interface identifier(64-bit unique number on local LAN segment

End-user sites get their address prefix from an ISP that provides them the IPv6 service.

IPV6- Address Space

General IPv6 host is given a linklocal addresses such as fe80::EUI-64 and more than one global address such as global-

prefix::EUI-64

Interface ID is used to specific Interface in the same link It is generated to use Interfaces link layer address

An Ethernet MAC address for a device is 48-bits long

Interface ID is generated by adding 2 octet 0xfffe in its center

IPV6 Security

All IPv6 nodes are expected to implement strong authentication and encryption features to improve Internet security

IPv6 comes with native security protocol IP Security (IPSec) It provides confidentiality, integrity and authenticity to information transferred across IP networks

Fundamental components of IPSec Security Association (SA) Security Protocol Authentication Header (AH) / Encapsulating Security Payload (ESP) Cryptographic Algorithms Key Management manual and automated (the Internet Key

Exchange (IKE))

IPV6 Security

SA it uses to track all peers entities which are using the same IPSec protocol

It is a logical uni-directional connection that can be defined as relationships between entities (hosts, firewalls, gateways, routers etc)

To secure bidirectional communication between two entities, two SAs are required

The protection offered by IPSec is based on the requirements

defined by a Security
maintained by admin

Policy Database (SPD) which is

IPV6 Security

When security service is chosen, two IPSec peers must be determine which algorithms to use

IKE explicitly creates SA pairs in recognition of this common usage requirement

The Peer Authentication Database (PAD) provides a link

between an SA management protocol

In an entity there will be many SAs which are stored in SA Database (SAD)

To identify a particular SA in SAD, a pointer known as Security

Parameter Index (SPI) is used

IPV6 Security

Security is afforded to an SA by the use of AH or ESP, but not both

AH is used to provide integrity and data origin authentication and to provide protection against replays

ESP offers confidentiality, integrity, authentication and anti-

replay

If both AH and ESP protection are applied to a traffic stream, then two SAs must be created and coordinated to effect

protection through iterated application of the security protocols

IPV6 Security

IPSec uses Diffie-Hellman key exchange mechanism for deriving key

between peers on public network

PKC to guarantee the identity of the two parties and avoids man-in-middle attacks

Bulk-encryption algorithm 3DES for data encryption

Keyed hash algorithm HMAC combined with MD5 or SHA Digital certificate IPSec provides IP network-layer encryption

Mobile IP with IPv6

IPSec uses Mobile IPv6 operates in any location without any special

support from local router so FA is not required

It provides route optimization The IPv6 Neighbor Unreachability Detection assures

symmetric reachability between MN and its default router in

the current location (HA) It uses Neighbor Discovery instead of ARP

GSM

GSM is Global System for Mobile Communication Some characteristics

Support for international roaming

Good speech quality Ability to support handheld terminals Low terminal and service cost Spectral efficiency Support for a range of a new service and facilities ISDN compatibility

GSM

GSM uses a combination of FDMA and TDMA GSM has allocation of 50MHz bandwidth in the 900 MHz

frequency band

Using FDMA, this band is divided into 124 channels Using TDMA, each of these channel is further divide into 8 time

slots

So total 992 channels are available for transmitting and receiving

To serve large number of users, the frequency must be reused

and is done through cells

GSM

The essential characteristics of frequency reuse are

The area is subdivided into cells. Generally the shape of a cell is

hexagon and base station is placed at the center of the cell

Each cell i receives a subset of frequencies fbi from the total set assigned to the respective mobile network. To avoid any type of cochannel interference, two neighboring cells frequencies Only at the distance of D (frequency reuse distance), the same frequency from the set fbi can be reused. Cells with distance D from never use the same

cell I, can be assigned one or all the frequencies from the set fbi
belonging to cell i. When moving from one cell to another during an ongoing

conversation, an automatic channel change occurs which is known

GSM

Here k= 4 Cluster Size within entire cluster frequency cant be reused

GSM Architecture

Hierarchic fashion Consists at the minimum one administrative region assigned to

one MSC (Mobile Switching Centre)

Administrative region is known as PLMN (Public Land Mobile Network)

Each administrative region is subdivided into Location Area

(LA)

One LA consists of many cell groups

Each cell group is assigned to one BSC (Base Station

Controller)

For each LA there will be at least one BSC

GSM Architecture
Fig. 5.2

GSM Architecture

Cells are formed by radio areas covered by BTS (Base Transceiver Station)

Several BTSs are controlled by one BSC Traffic from the MS (Mobile Station) is routed through MSC Calls originating from or terminating in a fixed network or other

mobile networks is handled by GMSC (Gateway MSC)

For all subscribers registered with a cellular network, their permanent datas are stored in Home Location Register (HLR)

GSM Architecture

GSM Architecture

GSM Architecture

Datas available in HLR are

Authentication information like International Mobile Subscriber

Identity (IMSI)
Identification information like name, address, Mobile Subscriber ISDN (MSISDN) Billing information like prepaid or postpaid customer Operator selected Denial of service to a subscriber Handling of supplementary services like CFU (Call Forwarding Unconditional), CFB (Call Forwarding Busy), CFNR (Call

Forwarding Not Reachable) or CFNA (Call Forwarding Not Answered) Storage of SMS service Center (SC) number in case the mobile is

not connectable

GSM Architecture

Datas available in HLR are

Provisioning information like whether long distance and international

calls are allowed or not

Provisioning information like whether roaming is enabled or not Information related to auxiliary services like Voice mail, data, fax service Information related to auxiliary services like Identification ) Information related to supplementary services for call routing Some variable information like pointer to VLR, location are of subscriber, Power OFF status of the handset etc.. CLI (Caller Line

GSM Entities

Mobile Station(MS) includes Mobile Equipment (ME) and the Subscriber Identity Module (SIM)

Base Station Subsystems (BSS) includes Base Transceiver Station (BTS) and Base Station Controller (BSC)

Network and Switching Subsystems (NSS) includes Mobile Switching Center (MSC) , Home Location Register (HLR), Visitors Location Registers (VLR), Equipment Identity Registers(EIR) and the

Authentication Center (AUC)

Operation and Support Subsystems (OSS) includes the operation and

Maintenance Center(OMC)

Data infrastructure includes PSTN, Integrated System Digital Network and Public Data network (PDN)

Mobile Station (MS)

It is a technical name of mobile device/ cellular phone Two man elements

Mobile equipment- it is phone without SIM
SIM

SIM is installed in every GSM phone and identifies the terminal

Without SIM card, the terminal is not operational

SIM card is smart processing card containing processor and memory

SIM card contains International Mobile Subscriber Identity (IMSI)

used to identity the subscriber to system, a secret key for authentication and other security information

Advantage provide mobility to user

The Base Station Subsystem(BSS)

It connects the MS and NSS It is in charge of transmission/reception for the last mile

Divided into two parts

BTS or Base station BSC

BTS corresponds to the transceivers and antennas used in each

cell of the network

It is usually placed at the center of cell

Its transmitting power defines the size of a cell

The BTS houses the radio transmitter and the receivers that defines a cell and handles the radio-link protocols with the Mobile

Station

The Base Station Subsystem(BSS)

The BSC is the connection between the BTS and MSC It manages the radio resources for one or more BTSs

Handles handovers, radio channel setup, control of radio

frequency power levels of the BTSs, exchange function and frequency hopping

The Network and Switching Subsystem(BSS)

The central component of the Network Subsystems is the Mobile Switching Center (MSC)

Functions of MSC
Acts like a normal switching node for mobile subscriber of the same network Acts like a normal switching node for the PSTN fixed telephone (connection between phone to fixed phone) Acts like a normal switching node for ISDN Provides all the functionality needed to handle a mobile subscriber, such as registration, authentication, location updating, handovers and call routing Includes DBs needed for storing information to manage the mobility of

The Network and Switching Subsystem(BSS)

All the previous services are provided in conjunction with several functional entities which together form the Network Subsystem (NSS)

The signaling between functional entities in the NSS uses Signaling System Number (SS7)

SS7 is used for signaling in ISDN, SMS, prepaid, roaming and other intelligent network functions

MSC together HLR and VLR databases, provide the call routing

and roaming capabilities of GSM

When phone is powered off, this information is stored in the HLR The location of the mobile is typically in the form of the signaling

address of the VLR associated with the MS

The Network and Switching Subsystem(BSS)

HLR is always fixed and stored in the home network, whereas the VLR locally moves with the subscriber

VLR is a temporary copy of some of the important information stored in the HLR

VLR is similar to a cache, whereas HLR is persistent storage

VLR contains selected administrative information borrowed from

the HLR, necessary for call control and provisioning of subscribed services

GSM standards define interface to HLR

The Network and Switching Subsystem(BSS)

When a subscriber enters the covering area of a new MSC, the VLR associated with this MSC will request information about the new subscriber from its corresponding HLR in the home network

The VLR will then have enough information in order to assure the subscribed services without needing to refer to the HLR each time a communication is established

Within the NSS there is a component called gateway MSC (GMSC) that is associated with the MSC

GMSC is the interface between the mobile cellular network and the PSTN

The Network and Switching Subsystem(BSS)

It is in charge of routing calls from the fixed network towards a GSM user and vice versa

The GMSC is implemented in the same node as the MSC

The Operation and Support Subsystem(OSS)

It controls and monitors the GSM system It is connected to different components of the NSS and to the

BSC

It is in charge of controlling the traffic load of the BSS Equipment Identity Register (EIR) is a database that contains a

list of all valid mobile equipment within the network, where each
mobile station is identified by its International Mobile Equipment Identity (IMEI)

EIR contains a list of IMEIs of all valid terminals

IMEI is marked as invalid for stolen mobile Authentication Center(AUC) is responsible for the authentication

The Operation and Support Subsystem(OSS)

Authentication Center(AUC) is responsible for the authentication of the subscriber

It is a protected database and stores a copy of the secret key stored in each subscribers SIM card

Message Centre

A popular service within GSM is Short Message Service (SMS) It is always on service

Message centre is also known as Service Centre (SC)or SMS

controller (SMSC)

SMSC is a system within core GSM which works as store /

forward system for SMS messages

Two types of SMS

SMMT (Short Message Mobile Terminated Point-to-Point) Incoming Message

SMMO (Short Message Mobile Originated Point-to-Point) Outgoing Message

Call Routing in GSM

Digitizer and source coding :

User speech is digitized using Regular Pulse Excited Linear Predictive Coder (RPE-LPC) This digitized value is then passed to the coder with frames of 160 samples Encoder compresses these 160 samples into 260-bits GSM frames

Channel Coding
Add some extra information into data for error detection and error correction

Interleaving
Rearranges a group of bits in a particular way to improve performance of error correction mechanisms Reduces the possibility of losing entire burst of data during transmission

Call Routing in GSM

Ciphering
Encrypts blocks of user data using a symmetric key shared by the mobile station and the BTS

Burst formatting
Add some binary information to the ciphered block which is used for synchronization and equalization of received data

Modulation
Gaussian Minimum Shift Keying (GMSK) which converts binary data back into analog signal to fit the frequency and time requirements for multiple access

rules
The signal is then radiated as radio wave over air

Call Routing in GSM

Call Routing in GSM

Multipath and equalization

Radio waves reflect from buildings, cars, hills etc So apart from right signal, Many reflected signals which corrupt the information, with different phases are also received An equalizer is in charge of extracting the right signal from the received signal

It estimates the channel impulse response of the GSM system and then
constructs an inverse filter In order to extract the right signal, the received signal is passed through the inverse filter

Call Routing in GSM

Synchronization
For successful operation, a mobile radio system, time and frequency synchronization are needed Frequency synchronization is necessary so that the transmitter and receiver frequency match (in FDMA) Time synchronization is used to identify the frame boundary and bits within

frame (in TDMA)