technical training 2009 - session4 (ruim introduction)

5/14/2018 Technical Training 2009 - Session4 (RUIM Introduction) - slidepdf.com

http://slidepdf.com/reader/full/technical-training-2009-session4-ruim-introduction 1/30

SMART CARD SMART CARDSMART CARD SMART CARD

Technical Training 2009(Session 4: RUIM Introduction)

Trainer: Melvin LEE



-Telecom- - Finance – -ID & Security-

2009年1月20日星期二 page 2ConfidentialSMART CARD SOLUTIONS FOR EVERYONE

Presentation OutlinePresentation Outline

• What is CDMA?

• CDMA Standards• Types of CDMA Networks

•

CDMA Migration path• Roaming in CDMA





What is CDMA?What is CDMA?

• CDMA stands for Code Division MultipleAccess

• CDMA is a "spread spectrum" technology,allowing many users to occupy the sametime and frequency allocations in a given

band/space.• It assigns unique codes to each

communication to differentiate it from others

in the same spectrum.• It enables many more people to share the

airwaves at the same time than otheralternative technologies





CDMA ArchitectureCDMA Architecture

The core network

GMSC

Gateway to

•PLMN roaming

•PSTN

•others

CDMAMC

BSCBSC

BSC

BSCBSC

EIRAC HLR VLR

OMC

MSC VLR





CDMA Key StandardsCDMA Key Standards

• TIA//EIA/IS-808 (Stage 1: Networkrequirements)

• TIA//EIA/IS-820 (Stage 2 & 3: ME-R-UIM)• TIA/EIA/IS-820-1 (Addendum)

• TIA/EIA/IS-683-A (OTASP / OTAPA)• TIA.AHAG (Authentication Algorithm CAVE)

• TIA//EIA/IS-95A & B (CDMA Air Interface)

• TIA/EIA/IS-637 (SMS)

• TIA/EIA/TSB-58 (CDMA Numbering Schema)

• ANSI--41 (CDMA Network Protocols)





Standards DevelopmentStandards Development

CDMA2000 standards development

Source : Ericsson

CDG





Types of CDMA networksTypes of CDMA networks

cdmaOne: The Family of IS-95 CDMA TechnologiesIS-95A : The first CDMA cellular standardIS-95B : 2.5G

(TIA/EIA IS-95 : Telecommunications Industry Association / Electronic Industries Association Interim Standard - 95)

CDMA2000: Leads the 3G revolution

CDMA 1x RTT (One Carrier Radio Transmission Technology )CDMA 1xEV–DO1x = single 1.25 MHz spaced carrierEV = EVolution

DO = Data Optimized (no voice traffic)CDMA 1xEV–DV

1x = single 1.25 MHz spaced carrierEV = EVolution

DV = Data and Voice





CDMA Migration PathCDMA Migration Path

NetworkGeneration

Type ofNetwork

Channel

Bandwidth

Peak DataRate

Actual DataRate

2G 9.6kbps

64Kbps

144 kbps

621 kbps

1117 kbps

2.5G

3G

Evolved 3G

Enhanced3G

cdmaOneIS-95A

1.25 Mhz 14.4 kbps

cdmaOne

IS-95B

1.25 Mhz 115kbps

CDMA2000 1xRTT

1.25 Mhz 384 kbps

CDMA2000 1xEV-DO 1.25 Mhz 2.4 Mbps

CDMA2000 1xEV-DV

3.75 Mhz 4 Mbps





CDMA/GSM RoamingCDMA/GSM Roaming

• Different Protocol

Difficulty in obtaining network parametersacross networks

• Different Authentication methods

GSM subscribers uses the A3A8 algorithm CDMA subscribers uses the CAVE algorithm

•

GSM Handsets does not support CDMAnetworks and vice versa

• The GSM SIM is different from the CDMA RUIM

smart cards





Outline of presentation Objectives of RUIM

RUIM standards

RUIM Status

RUIM File Structure Coding RUIM Files

RUIM Security Features

Roaming with RUIM (Plastic Roaming)

RUIM cardsRUIM cards





RUIM stands for Removable User IdentityModule

Removable - Phonebook/Number portability

Puts operator in control of subscriber

relationship Customizable post issuance

Facilitate roaming (Plastic roaming)

RUIM ObjectivesRUIM Objectives





RUIM StatusRUIM Status

• Standardized by TIA 820

• Memory range from 32K to 128K (Cansupport large PRLs)

• Java or native

• CCAT (Application Toolkit) Standardized in3GPP2

• OTASP/OTAPA





Document Title Doc. No.

Removable User Identity Module for Spread SpectrumSystems

3GPP2 C.S0023-A

IMSI 3GPP2 N.S0009-0

CDMA Card Application Toolkit (CCAT) 3GPP2 C.S0035-0

Short Message Service for Spread Spectrum Systems 3GPP2 C.S0015

OTASP and OTAP 3GPP2 N.S0011-0

Over-the-Air Service Provisioning of Mobile Stations inSpread 3 Spectrum Systems. 4

TIA/EIA/ IS-683-A

Over-the-Air Service Provisioning of Mobile Stations inSpread Spectrum Standards

3GPP2 C.S0016-B

REMOVABLE USER IDENTITY MODULE (R-UIM) / MOBILE EQUIPMENT (ME) INTERFACE TESTING

3GPP2 S.R0060

RUIM StandardsRUIM Standards





RUIM FilesRUIM Files





Mandatory Files from GSM 11.11

1. Contents of the EFs at the MF levela. EF_ICCID

2. DFs at the GSM application level3. Contents of files at the telecom level

a. EF_ADNb. EF_FDN

c. EF_LNDd. EF_SDNe. EF_EXT1f. EF_EXT2

g. EF_EXT34. DFs at the telecom level5. Contents of files at the telecom graphics level

a. EF_IMG

b. Image Instance Data Files






3 main security functions of the RUIM

Managing Shared Secret Data (SSD) Performing Authentication Calculations and

generating Encryption Keys Managing the Call History Parameter

RUIM functionsRUIM functions

SRUIM S i





RUIM SecurityRUIM Security

Commands used:

• Update SSD• Base Station Challenge

•

Confirm SSD• Run CAVE

• Generate Key/VPM

• Store ESN_ME

RUIM h i iRUIM th ti ti





RUIM authenticationRUIM authentication

• The algorithm used by the R-UIM for

authentication and key generation is CAVE• CAVE stands for “Cellular Authentication and

Voice Encryption”

• This is performed by the Run CAVE function.

• Provides encryption for Voice, Data and

Signaling

RUIM d t SSDRUIM d t SSD





UIM Network ME

Random

NumberGenerator

Rand SSD

Rand BS

Rand SEED

TempStorage

Random

numberenhancer

Rand BS

RUIM update SSDRUIM update SSD

RUIM d t SSDRUIM d t SSD





UIM Network ME

Select ESNUIMID

Select

IMSI_M IMSI_T

CAVE

RANDBS AUTHBS

Rand SSD

A Key

CAVE

SSD(new)


RUIM d t SSDRUIM pdate SSD





UIM Network ME

CAVE

Compare

If equal SSD= SSD (new)

AUTH BS

AUTH BS

Update

SSD OK?


GSM SIM a thenticationGSM SIM authentication





RAND

Ki RAND

A3

SRES

A8

Kc

Ki RAND

A3

SRES’

GSM SIM authenticationGSM SIM authentication

RUIM functionsRUIM functions Call HistoryCall History





RUIM functionsRUIM functions – – Call HistoryCall History

• CALL COUNT is used as a simple “clone”detector.

• During network access protocols, the R-UIMreports its value of CALL COUNT to the network.If the value is consistent with the network’s valueof CALL COUNT, the network will grant access

• If value of CALL COUNT is out of sequence, thenetwork may choose to investigate the possibilitythat the R-UIM has been “cloned” and take

action.• Both the mobile and the network track the Call

History Count

Plastic RoamingPlastic Roaming





RUIM can facilitate “Plastic Roaming” betweenCDMA and GSM networks using a DUAL mode card.

A smart card that supports both the RUIM and SIMfunctionality is known as a DUAL mode card.

Roaming 2 methods

First method:Two phones – 1 CDMA, 1 GSM1 dual mode card with both CDMA and GSM files

populated







Second method:

• 1 dual mode phone with 1 dual mode cardwith both CDMA and GSM files populated






Thank you!Thank you!

technical training 2009 - session4 (ruim introduction)

Documents