CSC 290e Mobile Computing Cellular Telephone systems 3 October 2001 Reference: Mobile Communications by Schiller Chapter 4 ------------------------ Notes: Extra TA session: 7th floor UG lab 6:30-7:30 tonight Project Due: Friday 11:59pm No class Monday - fall break NSA summer internship subject: secure networking deadline Nov 15, must be US Citizen, junior/senior/grad, background check See JoMarie Carpenter ------------------------ Case study (GSM) continued ------------------------ more details from last time: AMPS = advanced mobile phone system "typical" digital cell: 168 channels TDMA frame has 8 time slots each time slot (burst) lasts .5465 ms inside each time slot: guard -- tail -- user -- s -- training -- s -- user -- tail -- guard space -- -- data -- -- -- -- data -- -- -- 5 -- 57 -- 1 -- 26 -- 1 -- 57 -- 3 -- bits bits bit bits bit bits bits s == flag indicating user data/network control data 114 user bits repeated every 4.6 ms = 24.7 kb/s max TCH/F (Traffic channel/full) really only send user bits 24/26 bursts, result 22.9 kb/s original voice encodings required 13kbit/s, extra used for error correction new encodings can use TCH/H (traffic channel/half): 11.4 kb/s increases capacity for voice ------------------------ handover max speed 250 km/h why handover? 1. mobile moves out of range 2. load balancing - traffic in one cell too high types of handover 1. intra-cell handover (within a cell)- change to different carrier frequency due to interference 2. inter-cell, intra BSC handover - most typical 3. inter-BSC, intra-MSC handover 4. inter MSC handover when to handover: MS and BTS perform periodic measurements of the up/down links look at signal level and bit error rate measure this cell and neighboring cells. MS reports every .5 sec, BTS in charge of making decision built in hysteresis to avoid ping-pong effect security SIM - physical card moved from MS to MS. Associated with a user protected with a pin contains a secret key used for authentication and encryption access control and authentication authenticate the user with PIN subscriber authentication: challenge-response base generates RAND, sends RAND to mobile unit mobile unit f(RAND, key) = SRES (signed Response) sends SRES to base base computes f(RAND, key) = SRES* base compares SRES =? SRES* confidentiality all user data is encrypted between MS and BTS, not end to end key computed per session with RAND sent from base to mobile base and mobile individually compute g(RAND, key) = session key key never sent over wireless interface h(data, session key) sent wirelessly and decrypted at other side anonymity user's identifier is not actually transmitted instead a temporary identity is assigned by the VLR after each location update or on demand This temporary ID is transmitted Data services 9.6 kbit/s standard bandwidth choice of traffic channel usage options to increase: 1. combine several channels to increase bandwidth HSCSD - high speed circuit switched data 2. switch from connection-oriented to packet-oriented GPRS - general packet radio service HSCD basically allocated several TDMA slots within a frame can be asymmetrical: more up or down, depending on if sending/receiving software-only upgrades: split traffic stream into several streams and recombine In theory, use all frames of a 14.4 stream: 115.2 kbit/s, but channels are split to send/receive, so reality is 57.6 kb/s not good for bursty traffic handover much more complicated, need to allocate many channels each time GPRS packet-oriented frequent transmission of small volumes or infrequent transmissions of medium volumes should allow broadcast/multicast/unicast more closely match web traffic rather than connections - charge by volume 8 TDMA slots available in a frame not allocated in a fixed manner, but on demand up/down links allocated separately