UMTS Services and Applications

UMTS System Overview

©Informa Telecoms
 UMTS Services and Applications

UMTS Services and Applications

1. FUNDAMENTAL UMTS SERVICE CONCEPTS
1.1 Fundamental UMTS Service Concepts 1:
Service Support Requirements 1
1.2 Fundamental UMTS service concepts 2:
Interactive vs. Distribution Services 3
1.3 Fundamental UMTS service concepts 3:
Service Differentiation 5
1.4 Fundamental UMTS service concepts 4:
Telecommunications Service Types 7
1.5 Fundamental UMTS service concepts 5:
The Service Architecture Concept 15

2. EXAMPLE SERVICES
2.1 Multimedia services – circuit-switched domain 17
2.2 Multimedia services – packet-switched domain 19
2.3 The Multimedia Messaging Service 21

3. QUALITY OF SERVICE
3.1 Quality of Service in UMTS 23
3.2 UMTS bearer service attributes 25
3.3 QoS Classes in UMTS 29

4. THE VIRTUAL HOME ENVIRONMENT

4.1 The VHE concept 31
4.2 Open Services Architecture (OSA) 33
4.3 Toolkits in UMTS 35

5. SECURITY
5.1 Security requirements for UMTS services 41
5.2 UMTS Security Domains 43

6. USER EQUIPMENT
6.1 Mobile Equipment service capabilities 47
6.2 The UMTS IC Card (UICC) and UMTS Subscriber
Identity Module (USIM) 49

UMTS System Overview

©Informa Telecoms
 UMTS Services and Applications

1. FUNDAMENTAL UMTS SERVICE CONCEPTS

1.1 Fundamental UMTS Service Concepts 1:

Service Support Requirements

The continued evolution of GSM is the foundation on which UMTS is based, and
therefore key GSM Phase 2+ features carry straight forward into UMTS.

In relation to services, some relevant GSM Phase 2+ features include:

• toolkits to provide operator-specific services: SIM Application Toolkit, CAMEL

(Customised Applications for Mobile Networks Enhanced Logic) & MExE (Mobile
Execution Environment)

• AMR; the Advanced Multi-Rate codec, to deliver speech services

• CTS (Cordless Telephony System)

• the SIM, including Java on SIM and low voltage SIM

• Number Portability

• Cell Broadcast services

• SMS (Point to Point Short Message Service)

Specific service requirements also arise, adding the following features which are new
or enhanced in UMTS:

• flexible support for a full range of services from narrowband (e.g. speech) to
wideband (up to 2Mbps). Note that the circuit-switched services are in practice
limited to 64kb/s in UMTS networks which retain the GSM-based circuit-switched
domain, since this is the capability of the MSC switching

• service creation which allows innovative and individualised services, in some cases
by third party developers or service providers. In order to achieve this goal, UMTS
is designed to offer a “Toolkit of functionality”, i.e. guidelines and service capability
definitions which application developers can follow, rather than fully standardising
the various services themselves (which is the case in early GSM)

• efficient interworking with the Internet

• support for services made up of different media sources, capable of being delivered
at the same time (multimedia)

• definitions and guarantees on service quality

Seamless roaming with UMTS applications and services is of course another key
requirement in building the UMTS system, and meeting the requirements of the global
IMT2000 vision.

UMTS System Overview

1 ©Informa Telecoms
 Open QoS Efficient
Service Guarantees Interworking
Creation With the Internet

High Flexible and Roaming

Data Rates Multimedia With All
(up to 2Mbps) Service Support Services

GSM Phase 2+ Services

Fig. 1 – UMTS Service Requirements

©Informa Telecoms 2
 UMTS Services and Applications

1.2 Fundamental UMTS service concepts 2:

Interactive vs. Distribution Services

Interactive services are two-way services, usually one-to-one, whereas distribution

services are one-to-many broadcast services. These two broad categories can be
subdivided further as follows:

Interactive services
• conversational (real-time communications, involving no storage of information.
Conversational services are usually symmetrical, with the same data rates in both
directions)

• messaging (“store & forward” – units of data may be stored before being forwarded
on to the user at a convenient time, or upon request)

• retrieval (of information stored somewhere, for example a user may request to
download a file)

Distribution services
• without user control (broadcast services where information is supplied by a single
source and the user can access but without controlling the start or the order, e.g.
broadcast TV)

• with user control (broadcast services where there is a repetitive sequence, and
access to the sequence numbering allows the user to control the start or order)

Although not used greatly in GSM, Cell Broadcast is defined as a requirement in

Release ’99 to guarantee continuity with any such GSM services, and to provide
broadcast services seamlessly across both GSM and UMTS.

UMTS System Overview

3 ©Informa Telecoms
 INTERACTIVE • Conversational, Real-time,
(2-way) • Messaging, Store & Forward
• Retrieval

DISTRIBUTION • Without User Control

(Broadcast) • With User Control

Fig. 2 – Service Categories

©Informa Telecoms 4
 UMTS Services and Applications

1.3 Fundamental UMTS service concepts 3: Service Differentiation

In terms of understanding the levels of standardisation and operator specificity of

services and applications, three categories can be recognised:

1.3.1 Standardised services

These are implemented on GSM/UMTS network entities using standardised interfaces
to ensure interoperability. This means that they are available to all operators, since
they are defined “end-to-end”. Basic speech service is an obvious example. Under
this category fall services such as teleservices, bearer services and supplementary
services.

1.3.2 Operator specific services

These are not standardised, and thus offer differentiation between operators. They
can be implemented at GSM/UMTS entities or by using toolkits, such as CAMEL,
SAT, MExE. These toolkits use standardised interfaces to the underlying network or
use standardised bearers to transport the applications and data.

Implementation of these services on the different platforms is completely vendor

specific, but because the toolkits are standardised, developers who use a toolkit to
develop an application can be sure that the same application will work in other
networks supporting such toolkits. Thus even an operator-specific service can be
accessed via a different operator’s network when roaming.

1.3.3 Applications
These are not standardised, but can be implemented using standardised application
programming interfaces (APIs) to the service capabilities (the underlying bearers and
mechanisms to support services). They can be independent of operators.

Service Capability Features (which describe the functionality of the service

capabilities) are standardised in UMTS, and therefore can be used by developers as
guidelines to build applications and services which will work in other UMTS systems.
Within the end-user terminal, service capabilities are again accessed via APIs, (MExE,
SAT are examples), and so the terminals can communicate, using GSM/UMTS
bearers, with applications which may be held either inside or outside the network.

UMTS System Overview

5 ©Informa Telecoms
 STANDARDISED Defined Available to
SERVICES “end-to-end” operators

OPERATOR- Use “toolkits” Enable

SPECIFIC to ensure operator
SERVICES roaming differentiation

APPLICATIONS Access May be

UMTS network operator
through APIs independent

Fig. 3 – Service Differentiation

©Informa Telecoms 6
 UMTS Services and Applications

1.4 Fundamental UMTS service concepts 4:

Telecommunications Service Types

Two types of basic telecommunications service exist, “bearer services” and

“teleservices”, which can be offered within a network and/or by a network in
connection with other networks.

In addition, a third category is Supplementary Services, which cannot be offered

independently, but must be offered in addition to a bearer or teleservice.

UMTS System Overview

7 ©Informa Telecoms
 Basic Bearer Teleservices
Services Services

Bearer Service Teleservice

Additional & &
Services Supplementary Supplementary
Service Service

Fig. 4 – Telecommunications Service Types

©Informa Telecoms 8
 UMTS Services and Applications

1.4.1 Bearer Services

Bearer services are defined as basic transport “pipes” with specified capabilities.
Thus in order for a user-requested service to be delivered, the network will assign the
most relevant bearer services needed to carry that service type. Bearer services are
an important element in the new QoS control capabilities of UMTS.

Assignment and release of bearers is provided by a bearer control function, and

bearers are independent of radio environment, radio interface technology, or fixed
wire transmission systems (i.e. the underlying transport).

Bearer services can be considered as layers. The overall UMTS bearer service
required to enable an end-to-end service must in turn depend on lower level bearer
services which cover specific parts of the network transport, for example Radio
Access Bearer and Core Network Bearer.

In general terms, bearer services fall into two categories. Circuit Switched bearer
services provide end-to-end connection for the duration of a call, whereas Packet
Switched bearer services create a logical link between entities over which packets of
information may be exchanged. The physical resources may in this case be used by
packets of information belonging to other logical links.

UMTS System Overview

9 ©Informa Telecoms
 Core Network

User Mobile Radio Core Gateway External Service

Terminal Access Network Network Creation
Edge
GMSC
MSC
SGSN
GGSN

UTMS Network

End-to-End Service

Local Bearer External Bearer

Service UMTS Bearer Service Service

Core
Network
Radio Access Bearer
Bearer Service Service

Backbone
Radio Iu Bearer Bearer
Bearers Service Service

Physical
Utra Bearer
Service Service

Fig. 5 – Bearer Services

©Informa Telecoms 10
 UMTS Services and Applications

1.4.2 Teleservices
Teleservices are completely defined from an end-to-end perspective, so they include
definition of the terminal equipment function.

The most well known teleservice is speech, which requires definition of a speech
codec to allow a default service to be achieved and inter-worked in all UMTS
networks. In particular, the AMR (Adaptive MultiRate) codec has been defined, to
provide the option to vary the bit-rate assigned to voice in order to balance quality
requirements flexibly with system capacity.

Another teleservice defined in UMTS is access to the Internet. Since this is clearly a
fundamental aim of the UMTS system, it is important that such access is defined to
allow consistent optimisation & QoS when inter-working between networks.

Other basic teleservices defined in UMTS are:

• Emergency Call

• SMS (short message service), which is itself divided into three types:

– Mobile Terminated, point-to-point

– Mobile Originated, point-to-point

– Cell Broadcast

• Fax, divided into:

– Alternate speech & fax (“group 3” – an ITU definition)

– Automatic fax (“group 3”)

• Voice Group Services:

– Voice Group Call

– Voice Broadcast

UMTS System Overview

11 ©Informa Telecoms
 Speech
(AMR)

Voice Group Internet

Services Access

Teleservices

Fax Emergency
Call

SMS

Fig. 6 – Teleservices in UMTS

©Informa Telecoms 12
 UMTS Services and Applications

1.4.3 Supplementary Services

Supplementary services modify or supplement basic telecommunications services,
and may be used by subscribers at their discretion. Therefore they cannot be offered
standalone and must be associated with a basic telecoms service, either bearer or
teleservice. The same supplementary service may be offered with more than one
telecoms service.

Supplementary services can be offered on a subscription basis, pre-arranged

with the service provider, or can be offered to all users with access to the
serving network.

For UMTS, Supplementary Services are almost all carried over from GSM and
act to offer more advanced services than basic speech, so enabling Caller ID,
Call Forwarding, Call Barring and so on.

The supplementary services which apply to UMTS are listed opposite.

UMTS System Overview

13 ©Informa Telecoms
 • Call Deflection (Filtering)

• Number Identification (Calling line ID functions)

• Call Offering (Call forwarding functions)

• Call Completion (Call waiting, call hold)

• Multi Party Service

• Community of Interest (Closed User Groups)

• User to User signalling

• Charging Advice & Information

• Call Restriction (Call Barring functions)

• Call Transfer

• Call Completion when busy

• Name Identification

• Multicall

Fig. 7 – UMTS Supplementary Services

©Informa Telecoms 14
 UMTS Services and Applications

1.5 Fundamental UMTS service concepts 5:

The Service Architecture Concept

The figure opposite summarises the service concept in UMTS, in particular the
separation of service creation, control and transport by standardised interfaces.

The “service platform” provides interfaces appropriate to support creation of services,

and then also provides interfaces to functions which control the delivery. The latter
functions include:

• Bearer Control = in order to assign the most appropriate resources in transport of

the application data

• Call Control = to set-up, manage and release circuit-switched call connections

• Session Management = to manage packet-switched data transport

• Mobility Management = to track a user’s movements and ensure data delivery to

the current location

The key point is that creation and control of services is separated from delivery and
transport, and thus that services can be more easily created which will work correctly
regardless of the underlying network which carries them.

UMTS System Overview

15 ©Informa Telecoms
 Applications Supplementary Teleservices
Services

Interfaces

CREATION Service Platform

Interfaces

Call
CONTROL Mobility Control/ Bearer
Management Session Control
Management

Interfaces

TRANSPORT Wired/Wireless sub network

Fig. 8 – Service Architecture Concept

©Informa Telecoms 16
 UMTS Services and Applications

2. EXAMPLE SERVICES

2.1 Multimedia services – circuit-switched domain

A multimedia service is one where two or more media components are combined
within one call, for example speech, video and graphic data. Such a call may involve
several parties and connections, each supplying one or more media element.

Support for such services is one of the key differences between 2nd Generation and
UMTS networks.

Circuit-switched (CS) Multimedia calls

CS multimedia in UMTS is based on H324, a terminal codec defined by the ITU.
In fact, a mobile specific subset of this, and 3G variant, known as 3G-324M is used.
All call scenarios are supported (e.g. mobile originated/terminated, ISDN, PSTN
connected etc.).

In reality, the H.324 codec is made up of a number of different standards, and draws
together codecs for video, speech and data which transpose the UMTS network
transmission to the relevant video, speech and data outputs in the terminal.

CS Multimedia Telephony in UMTS is a bearer service, although it does have some

teleservice-like characteristics, since the application information must be signalled to
the network and to the end terminal.

Speech fallback is included, such that if the set-up of the multimedia call fails, then
the call will be set up as speech only, rather than lost completely. In-call modification
is also supported, to change from a speech call to multimedia call and vice versa as
the user or application requires.

The following bitrate options are defined in UMTS, in order to ease internetworking of
3G-324M calls with external networks:

• 64, 56, 33.6, 32 and 28.8 kb/s for mobile to mobile

• 64 & 56 for mobile to/from N-ISDN

• 33.6 and 28.8 for mobile to/from PSTN

• 32 for mobile to/from PHS call

Since CS multimedia telephony utilises a general bearer service, supplementary

services can also apply, although some restrictions are defined. In particular, call
holding, multiparty, call transfer and calling name presentation do not apply to data
calls. There may also be a future need for supplementary services to be defined in
order to provide some multimedia specific Call Barring.

UMTS System Overview

17 ©Informa Telecoms
 Video Codec
H.263
Video MPEG4
I/O H.261

Speech Codec
3GPP-
Audio AMR
I/O G.723.1 Multiplex/
De-Multiplex UMTS
Data Protocols (3GPP)
H.223 Network
User
Data LAPM
Apps.

System Control
System
Control H.245

Scope of 3G-324M Terminal Codec

Fig. 9 – Example: Circuit-Switched Multimedia

©Informa Telecoms 18
 UMTS Services and Applications

2.2 Multimedia services – packet-switched domain

PS Multimedia was originally the source of some debate, with two solutions
discussed.

The first was to use another ITU defined codec, H.323, but it was eventually
determined that SIP, an IETF protocol, would be chosen. SIP (Session Initiation
Protocol) is a set of functions which provides services similar to H.323, but is less
complex and uses less resources, making it suitable for very small portable devices.

The SIP protocol creates, modifies and terminates sessions which can involve two or
more users. It is an application which is designed to be independent of the type of
underlying transport technology used, although in practice it is discussed with
reference to Internet (IP) telephony.

An initial invitation is used to locate all the user(s) to which a session is directed,
where each “user” may be an actual mobile terminal, or could equally be a media
source of some kind, for example a PC-based application. These users are identified
by SIP URL’s, most commonly IP addresses.

A SIP Initiation/Invitation is sent out by the user who requests a session, and this
invitation contains a Service Description Protocol (SDP) which enables participants to
agree a set of compatible data types, and accept or reject involvement in the session.
Service descriptions sent to a shared group who are invited to take part in a
conference call are sent as a SIP Session Announcement.

The Service Description Protocol contains information on the session name and
purpose, time that the session is active, the media involved, the information needed
to be able to receive those media, the bandwidth to be used for the session, and the
contact details of the person responsible for initiating the session.

SIP is well suited to mobility, in that users are able to register with the hosts which
they are currently using, in which case requests to their normal locations can simply
be relayed on to their current locations.

Once the participating users and their locations have been established,
communication of the various data streams which make up the service can occur.

UMTS System Overview

19 ©Informa Telecoms
 Initiating
User 1

“SDP”

Relay
“Reject” “SDP”
“Accept”
“Accept” “SDP”

“SDP”

Participating Participating Participating

User 4 User 3 User 2

Note: “SDP” (Session Description Protocol) is

being carried within SIP in this example.

Fig. 10 – Example: Packet-Based Multimedia Service Set-up

©Informa Telecoms 20
 UMTS Services and Applications

2.3 The Multimedia Messaging Service

MMS is a non real-time service, in the same vein as SMS. Thus messages can be
stored before being forwarded on to the recipient whenever they are available and/or
request to see the message.

However multimedia messaging is a new service with no direct equivalent in the GSM
world or in the fixed world. It combines different networks and integrates messaging
systems which already exist in these networks, for example SMS in GSM and
so-called “Instant Messaging” via the Internet.

MMS is designed to support either standard e-mail addresses or MSISDN addresses,

and WAP development also provides significant support for MMS.

The user terminal operates the Multimedia Messaging Service Environment, MMSE.
MMSE provides the service elements such as delivery, storage and notification, which
may be located in one network or distributed across networks. The basis of
connectivity between networks is provided by IP and its associated set of messaging
protocols, enabling 2G & 3G wireless messaging to be compatible with Internet
messaging.

The architectural elements of MMS are shown opposite, and are as follows:

The MMSE describes all the elements which provide the complete service to a user. In
the case of roaming, the visited network is included within this environment.

The MMS Relay facilitates transfer between different messaging systems, and can
generate charging data, enabling the service to be billed.

The MMS Server is responsible for storage and handling of incoming and outgoing
messages.

The MMS User Databases contain subscription information and so on.

The MMS User Agent resides on the user equipment or on a device attached to this
(such as a PC). It is an application layer function providing the users with the ability to
view, compose and handle messages.

UMTS System Overview

21 ©Informa Telecoms
 Message Store
MMS User
Agent

2G User Databases
Mobile
Network
MMS

MM
Server

SE
Boun
MMS
Relay
E Boundary

dary
Mailbox
3G Mobile
MMS

Network Internet/IP
Network

Fixed e-mail
Client

Visited
Mobile
Network

MMS User
Agent
Roaming MMS
User Agent

Fig. 11 – Exmple: Multimedia Messaging Service

©Informa Telecoms 22
 UMTS Services and Applications

3. QUALITY OF SERVICE

3.1 Quality of Service in UMTS

Quality of service arises as a concept in UMTS in particular because of the new

concentration on packet-switched services. Since no guaranteed circuit remains open
for the duration of the connection, and since packets of data do not travel together,
they can be lost or delayed en route.

In defining Quality of Service classes, there are some key requirements, in order to fit
in with the vision of UMTS. In particular, any such definitions need to:

• be future-proof

• allow efficient use of radio capacity

• allow independent evolution of core & access networks

• keep overhead and complexity additions from QoS requirements reasonably low

• support asymmetric bearers, for browsing-type services

• ensure that applications can indicate QoS values for their transmissions

Network services are considered end-to-end. To realise a network QoS, a bearer

service with clearly defined characteristics and functionality is set up from source to
destination. The bearer service includes all aspects to enable provision of the desired
QoS, including control signalling, characteristics of the user data transport plus any
QoS management functionality. The “UMTS bearer service” is the part offered by the
UMTS operator and which provides UMTS QoS. This in itself will require the services
of a radio access bearer and core network bearer.

UMTS System Overview

23 ©Informa Telecoms
 •Important for packet-based services

•Designed for efficient use of resources

•Allow independent evolution of radio

access and core networks

•Support asymmetric services

•Enable applications to define required QoS

Based upon assignment of appropriate

UMTS bearer services

Fig. 12 – UMTS and Quality of Service

©Informa Telecoms 24
 UMTS Services and Applications

3.2 UMTS bearer service attributes

A UMTS bearer service will be defined on the basis of a number of factors, including
bit-rates, latency (delays), error rate and error handling, and so on. These categories
are listed opposite. An overall UMTS bearer service can define some or all of the
following features, which will become important in controlling Quality of Service
levels.

• Traffic class. There are four traffic classes; Conversational, Streaming, Interactive,
Background

• Two types of information related to Data rates:

– Maximum bit-rate (kbps). This is the maximum data rate allowed for the
particular service, and can be up to 2048 in UMTS.

– Guaranteed bit-rate (kbps). This is the data rate which must be guaranteed in
order for the service to function to the required QoS.

• Delivery order. This can be a “yes” or “no”, to describe whether Service Data Units
(SDUs), i.e. data packets, must be delivered in sequence.

• Two types of information relating to the size of the SDUs:

– Maximum size of SDU. This is the maximum length that a data packet
can be.

– SDU format information. This lists the possible exact sizes of SDUs, and is
required for the Radio Link Control function in the UTRAN (see later)

• Three types of information relating to errors and error control :

– SDU error rate. This describes the fraction of SDUs which may be lost or in error,
and is used to configure protocols, algorithms and error detection schemes in
the UTRAN particularly.

– Residual bit error ratio. This indicates the undetected bit error ratio in delivered
SDUs – or the actual bit error ratio if error detection isn’t requested. Again this is
used for radio interface planning.

– delivery of erroneous SDUs (“yes”, “no”, “–”). This provides a decision on

whether to deliver or discard erroneous SDUs. “–” means that error detection
isn’t even considered.

• transfer delay (ms). Defines the maximum delay for all delivered SDUs within the
lifetime of the bearer service, where delay is defined as the time from request of
transfer to delivery (used to specify the delay tolerated by the application).

UMTS System Overview

25 ©Informa Telecoms
 • QoS class (Traffic classes)

• Maximum bit-rate

• Guaranteed bit-rate

• Delivery in-sequence?
Possible sizes
• Size of data units
Maximum size
• Error rates

• Deliver erroneous data?

• Maximum transfer delay

• Traffic handling priority

• Allocation/retention priority

Fig. 13 – Bearer Service Attributes

©Informa Telecoms 26
 UMTS Services and Applications

• Two types of priority handling:

– Traffic handling priority, describes the relative importance of handling all SDUs
belonging to a UMTS bearer compared to the SDUs of other bearers.

– Allocation/Retention priority, describes the relative importance compared to

other bearers for allocation and retention of the UMTS bearer. This is negotiated
from the mobile terminal and used for differentiating between bearers when
performing allocation/retention policy when resources are scarce.

UMTS System Overview

27 ©Informa Telecoms
 • QoS class (Traffic classes)

• Maximum bit-rate

• Guaranteed bit-rate

• Delivery in-sequence?
Possible sizes
• Sizes of data units
Maximum size
• Error rates

• Deliver erroneous data?

• Maximum transfer delay

• Traffic handling priority

• Allocation/retention priority

Fig. 13 – Bearer Service Attributes

©Informa Telecoms 28
 UMTS Services and Applications

3.3 QoS Classes in UMTS

Four classes of QoS have been defined in UMTS, corresponding to the traffic classes
shown opposite (which also shows typical examples). The main distinguishing factor
is delay sensitivity, although it is also worth noting that the last two classes below,
which are not delay sensitive, can therefore provide lower error rates due to the use
of retransmission and better coding.

In terms of standardisation, GPRS Release ’99 QoS attributes are equivalent to the
UMTS QoS attributes

3.3.1 Conversational Class (delay sensitive, real time)

Examples include speech, VoIP, video conferencing. The characteristics required are
controlled by human perception, unlike the other schemes. This class needs very low
delay and to keep the time relation between information entities in the stream.

3.3.2 Streaming Class (real time)

For example listening to real time video or audio. This class involves one way
transport, live at the destination. There is the need to preserve the time relation
between information by aligning at the receive end (delays are possible, but can’t be
too big).

3.3.3 Interactive Class

This class is for Internet-type applications, requiring responsiveness, although not
true real-time. At the message destination, a response is expected within a certain
time, so round-trip delay needs to be minimised. Content needs to have very low bit
error rate (i.e. arrive with little or no loss of data)

3.3.4 Background Class

The final class is for applications which are entirely delay insensitive. Thus information
is only sent when resource is available. Examples include file transfer, email delivery,
SMS and so on, where there is no expectation of when data will arrive. However data
loss must be minor.

When matching these classes of QoS, all the various bearer service attributes listed
previously will have values assigned, except for the following cases:

• The Interactive Class is the only one which uses Traffic Handling Priority.

• The Interactive and Background classes do not make use of transfer delay,
guaranteed bit-rate or SDU format attributes in defining the bearer service.

UMTS System Overview

29 ©Informa Telecoms
 QoS Delay Time Error Example
Class Tolerance Relation Tolerance Service

Conversational <<1s Preserve <3% FER Speech (4-25kbps)

Preserve <1% FER Video (32-384kbps)
– No Loss Interactive
games (<1kbps)

Interactive <1s – tolerant Voice Messaging

– intolerant E-commerce
www Browsing

Streaming <10s Preserve tolerant Audio Streaming

Video Streaming
Preserve intolerant Still Image
Paging

Background >10s – tolerant Fax

– intolerant E-mail arrival
notification

FER – Frame Error Rate (Frame Erasure Rate)

Fig. 14 – QoS Classes in UMTS

©Informa Telecoms 30
 UMTS Services and Applications

4. THE VIRTUAL HOME ENVIRONMENT

4.1 The VHE concept

The Virtual Home Environment (VHE) is a cornerstone concept of UMTS. It is defined

as a concept for personal service environment (PSE) portability across network
boundaries and between terminals.

PSE is defined in terms of one or more user profiles, which consist of two kinds
of info:

i. interface related info (User Interface Profile – service look & feel)

ii. service related info (User Services Profile – personalisation etc.)

In the VHE, users are consistently presented with the same personalised features,
user interface customisation and services, in whatever network or terminal they may
be located (assuming that capabilities in the network and terminal exist).

In defining the VHE it is useful to introduce the concept of the Home Environment.
This can be synonymous with the user’s home network & subscribed services, but
can also include other value-added service providers (VASPs) which are accessed
through this home network service provider. The Home Environment provides and
controls the PSE in association with the user’s own personal profile. The serving
network describes the network to which the user is attached at the time, so may be a
network in which they are roaming when travelling abroad. In the VHE concept, this
network should be invisible to the user, with services transported seamlessly through.
It may be another mobile network, but could equally also be applied to a fixed
network, the Internet and so on, depending how the user chooses to access their
services at any one time.

CAMEL, MExE and SAT are the key mechanisms supporting the VHE in R’99 of the
3GPP specifications for UMTS. These provide the “toolkits” for service creation within
UMTS, with the capabilities of these toolkits defined, rather than the specific services
created on them.

VHE also takes account of the possibility of “Value added service providers”, who
may be part of neither the home nor serving environment. For example, a banking
service may be provided directly from a bank VASP. Users should still be able to
transparently access these services whether in their home network or not.

UMTS System Overview

31 ©Informa Telecoms
 USER

Serving
Network

Value
Added Personal User
Service Service Profile
Provider Environment

Home
Environment

Value Added Service

Service Provider Platform

Fig. 15 – The VHE Concept

©Informa Telecoms 32
 UMTS Services and Applications

4.2 Open Services Architecture (OSA)

OSA defines an architecture to enable operators and 3rd party developers

(e.g. VASPs) to make use of network functionality through an open standardised
Application Programming Interface (API). It provides applications with access to
“service capability servers”, and thus provides the “glue” between the applications
and the service capabilities of the network. These service capabilities are
standardised, through the CAMEL Service Environment, MExE Servers, SAT Servers
and so on.

In this way, applications become independent of the network, another key VHE feature.

Applications constitute the top layer of OSA. This level is connected to Service
Capability Servers (SCSs) via the OSA API. These servers map the OSA API onto the
underlying telecom specific protocols for transport, and therefore hide network
complexity from the applications.

Applications can be either network/server centric, or terminal centric. The latter reside
in the user terminal, MExE and SAT applications being examples. This category
includes applications downloaded to the terminal as Java applets for example.

Network/server applications on the other hand can be located outside the core
network and make use of service capability features through the OSA API. These
applications can be executed in application servers physically separated from the
core network entities. They may be part of the operator “domain”, or may be
3rd party applications.

The OSA API is secure, independent of vendor specific solutions and programming
languages, operating systems and so on. It is also independent of the location of the
home environment and of the supported server capabilities in the network.

UMTS System Overview

33 ©Informa Telecoms
 APPLICATIONS
Application Servers

OSA API
Service
Capability
Servers

Bearer Access Service

CAMEL MExE Capabilities
Control etc…

Standardised Protocols

NETWORK

Collectively provides a "Personal Service Environment"

Fig. 16 – The Open Services Architecture

©Informa Telecoms 34
 UMTS Services and Applications

4.3 Toolkits in UMTS

UMTS supports the following service creation toolkits carried over from GSM,
enabling the development of operator specific services which can be delivered
wherever the appropriate environment is supported:

SIM Application Toolkit (SAT)

CAMEL (Customised Applications for Mobile Networks Enhanced Logic)
MExE (Mobile Execution Environment)

4.3.1 SIM Application Toolkit (SAT)

All GSM phones contain a SIM card, which is owned by the operator and whose
primary purpose is to provide authentication of the user to the network.

SIM Application Toolkit was standardised for GSM by ETSI in 1996 and allows the SIM
to be programmed by downloading an application, which can then be seen (or heard)
on the handset. The application runs on the handset rather than in the network.

The applications can be entirely operator defined, and the operator can also install
additional menus on the handset through the SIM (e.g. operator specific menus for
mobile banking etc.).

SIM Toolkit therefore provides a layer to install value added services on top of bearer
services, and was the first example of the toolkit concept applied to mobile
communications.

The key reasons for putting VAS into the SIM are as follows:

• the SIM belongs to the operator

• the SIM can be remote controlled using appropriate tools
• operators keep control of the applications: i.e. when to download, when to remove
• the SIM is secure, so the operator can control whether applications downloaded are
certified or not, and stop access if need be (i.e. a “walled garden” of services)

In order to achieve these aims, SAT features fall into these categories:

• Control of the MMI (Man Machine Interface)

• Communications services
• Menu Management and application control
• Accessory management
• Miscellaneous

The SAT defines how the card should interact with the outside world, and extends to
the communications protocol between the card and handset. Thus the card has a
proactive role and can initiate commands independently of the handset or network.

UMTS System Overview

35 ©Informa Telecoms
 •SIM belongs to the operator

•Enables remote downloading of

Value Added Services

•Secure

•Enables operator-specific services

and handset customisation:
– control of MMI
– menu management
– application control
– accessory management
– communications & proactive
commands

Fig. 17 – Features of SIM Toolkit

©Informa Telecoms 36
 UMTS Services and Applications

4.3.2 CAMEL
CAMEL stands for “Customised Applications for Mobile Network Enhanced Logic”.
It is an extension of the “Intelligent Network” service provision concept used by fixed
network operators, and provides a mechanism to support these services consistently,
independently of the serving network.

CAMEL facilitates service control of operator specific services external from the
serving network (i.e. provision of operator-defined services even when roaming
outside the home network), and is a network feature, not a supplementary service.

CAMEL is defined in phases:

i. Phase I: covered simple mobile originated and terminated call related activities

ii. Phase 2: added supplementary services and user interactions

iii. Phase 3 : added –

SMS mobile originated,

GPRS sessions and PDP contexts;

control of HLR data

control of network signalling load

CAMEL Phase 4 is part of 3GPP Release ’00.

In order for CAMEL to work, information exchange is needed between the serving
and home network (which contains a new element: the CAMEL Service Environment
(CSE)). At a service event, the serving network will make contact with the CSE, with
information related to the CAMEL subscriber. The CSE can then tell the serving
network whether to continue with the service, perform charging and so on.

UMTS System Overview

37 ©Informa Telecoms
 • Roaming support for IN Applications and
Services provided by CAMEL Service
Environment in the Home Network

Phase 1 basic call-related activity

Phase 2 includes supplementary

services and user interaction

Phase 3 includes SMS, GPRS, HLR

data, network signalling load

(Phase 4 is part of 3GPP Release 4)

Home Network

CAMEL
Service
Environment
Interaction Between
Serving Network and
CSE in Order to
Provide Required Service

Serving Network

Fig. 18 – CAMEL

©Informa Telecoms 38
 UMTS Services and Applications

4.3.3 MExE (Mobile Execution Environment)

MExE provides a standardised execution environment within a mobile terminal, and
the ability for the terminal to negotiate its supported capabilities with the MExE
service provider. Thus applications can be developed independently of any particular
terminal platform, and the terminal can support a range of implementations from
limited (low bandwidth, small device) to full capabilities, with the MExE service
provider able to know which services it can send to the terminal, and which services
the terminal will be unable to handle. Negotiation may also include the user profile
and network capabilities. Communication between the MExE application and the
Mobile terminal uses the HTTP protocol.

MExE servers may exist outside the UMTS network but must support the MExE
service environment. The make-up of the server itself is not specified, with the
specifications simply covering the interaction between the terminal and the MExE
service environment (the negotiation process). Thus the network is simply the
transport for the negotiation process, but doesn’t necessarily include the MExE
service provision itself: the latter may be network nodes, external nodes or even other
mobile terminals.

MExE specifications are applicable to both GSM & UMTS. The bearers available to
MExE applications of course depend on those available to the MS, as defined for
GSM & UMTS.

Amongst the High-level requirements to support MExE are the following:

• a common set of APIs and development tools

• that both user and MExE service provider can control “look and feel”

• that MExE service providers can authenticate MExE users

• that users can control content and acceptance of any applets transferred by MExE

• that MExE applications can negotiate QoS requirements

The applications themselves are independent of the underlying wireless network and
a generic API provides the link to lower level network bearers. Therefore developers
need not pay attention to the underlying transport.

Two types of execution environment are currently defined in MExE:

i. WAP 1.2

ii. Personal Java 1.1

A 3rd platform based on K-Java will be added soon.

UMTS System Overview

39 ©Informa Telecoms
 Bearer/QoS Request
Capability Negotiation
Authentication & Security

Transport Network(s) MExE Application

Service Development
Environment
WAP
JAVA
API

MExE

Fig. 19 – Mobile Execution Environment

©Informa Telecoms 40
 UMTS Services and Applications

5. SECURITY

5.1 Security requirements for UMTS services

Given that a key aspect of UMTS services is to avoid excessive standardisation, and
allow much more open access to UMTS networks, security needs to consider all
possible threats and aim at generic security requirements. There is clearly the need
to update security systems as the standards evolve, and the real service market
becomes clearer.

It is possible to define the general objectives for security, as follows:

• need to protect user info

• need to protect system resources and services

• must ensure worldwide security availability & inter-operability

• must improve on current mobile and fixed networks

• must be flexible enough to enhance in future

Evidence from existing mobile systems shows that the most significant threats come
from these types of activity:

• masquerading as others to gain service access (which are then charged to another
user’s account)

• eavesdropping on calls or data transfer

• subscription fraud (usage without any intention to pay – e.g. setting up a

subscription under a false identity)

Other generic security threats include:

• unauthorised manipulation of data

• misusing network services (e.g. denial of service/reduced availability may result), by

jamming, overloading etc.

• repudiation (denial that an action has taken place)

UMTS System Overview

41 ©Informa Telecoms
 • Masquerading

• Eavesdropping most common

in 2G systems

• Subscription fraud

• Data manipulation

• Service mis-use

• Repudiation

Fig. 20 – Security Threats

©Informa Telecoms 42
 UMTS Services and Applications

5.2 UMTS Security Domains

The security architecture for UMTS has five feature groups:

– user domain security – providing secure access to the mobile terminal.

The cornerstone of this is the USIM. As in GSM, the USIM contains user i.d. and an
association with a home environment, and is based on Phase 2+ GSM SIM. A valid
USIM must be present before access is granted to any UMTS service. The exception
is for emergency calls, which are at the discretion of the operator to allow without
USIM if they wish.

Authentication of the User by USIM is through a 4 to 8 digit PIN (which may be

disabled by the user). If the wrong PIN is entered three times, then a further
unblocking PIN is needed to reactivate the card. The link between the USIM and the
terminal itself is also through a PIN-type (secret sharing) arrangement.

– network access security – providing secure access to UMTS, in particular

protecting the radio access link.

The user is identified by a temporary ID given by the visited serving network, or by

an encrypted permanent ID. Any signalling or user data which might reveal the ID is
ciphered on the radio access network. Authentication of the user and confirmation
that the network is permitted to provide services happens each time a user sets up
a connection with the network.

Confidentiality is provided by a cipher algorithm operating between terminal and the

serving network node, and another algorithm checks integrity of the data, by
allowing the receiving entity (either terminal or serving network node) to ensure that
data has not been modified since it was sent.

– network domain security – provides secure exchange of info between nodes

within the fixed part of the network, e.g. between the serving network and home
environment.

– application domain security – enables users and applications to securely

exchange messages.

Application Domain Security involves secure messaging between the USIM and
network, which requires authentication of the application, and the origin of the data
received. Once again a check is made that data has not been altered since being
sent. Other checks include the detection of replay of application data, arrival in
sequence, and proof of receipt. These features are all based on GSM SIM
Application Toolkit security features.

UMTS System Overview

43 ©Informa Telecoms
 Authentication, data
User alteration checks etc Provider
Application Application
Applications
Stratum

Home/
Serving
Stratum Pin Authentication Signalling Home
USIM
Network
Serving
Network
Transport Ciphering
Mobile Access
Stratum Equipment Network

Network Access Security

Network Domain Security
User Domain Security
Application Domain Security
(plus Visibility & Configurability)

Fig. 21 – UMTS Security Architecture

©Informa Telecoms 44
 UMTS Services and Applications

– visibility and configurability of security – enables user to know whether a security

feature is in operation, and whether service provision is dependent on the feature.

Visibility refers to an indication that encryption is enabled and may include

indication of the level of security provided. This may be particularly important when
roaming between networks providing different levels of security, e.g. from 3G to 2G.

Configurability means that the user and user’s home environment can both configure
whether provision of a service depends on a certain security feature being in
operation. For example a user and/or user’s home environment should be able to
control USIM authentication, reject non-ciphered incoming calls, reject non-ciphered
call setup, reject use of certain ciphering algorithms and so on.

For multiple services, user ID, authentication and key agreement take place
independently in each service domain. User plane traffic is ciphered with the cipher
key agreed for a service domain.

UMTS System Overview

45 ©Informa Telecoms
 Authentication, data
User alteration checks etc Provider
Application Application
Applications
Stratum

Home/
Serving
Stratum Pin Authentication Signalling Home
USIM
Network
Serving
Network
Transport Ciphering
Mobile Access
Stratum Equipment Network

Network Access Security

Network Domain Security
User Domain Security
Application Domain Security
(plus Visibility & Configurability)

Fig. 21 – UMTS Security Architecture

©Informa Telecoms 46
 UMTS Services and Applications

6. USER EQUIPMENT

6.1 Mobile Equipment service capabilities

Terminals must be able to establish and maintain several connections simultaneously,

and also must be able to support a wide range of teleservices, bearer services and
applications. Terminals must be able to specify their capabilities to the network (e.g.
for MExE negotiations), and to support new supplementary services which may be
developed.

There are basic mandatory requirements as shown opposite, but in general,

standardisation and specification processes for UMTS aim to avoid limiting terminals,
and so are not extensive. Certain interfaces within the terminal are referenced to
existing interface standards, and of course, the USIM forms a key part of service
access and application control.

As well as the USIM, Mobile Equipment in UMTS must support both GSM phase 2
and phase 2+ SIM as access modules to 3G, even if this limits security to GSM levels.

UMTS System Overview

47 ©Informa Telecoms
 • Encrypted interface between terminal & UICC
(UMTS IC Card)

• Support GSM Ph2 & Ph2+ SIM

• Home & Serving Network registration/deregistration

• Location update

• Originate/receive a connection/connectionless
service

• Possess an IMEI (International Mobile

Equipment Identifier)

• Terminal capability i.d. (e.g. MExE classmark,

bearer service support)

• Emergency call support

• Encryption algorithm execution

• Ciphering indicator

• Network selection

Fig. 22 – Mandatory User Equipment Requirements

©Informa Telecoms 48
 UMTS Services and Applications

6.2 The UMTS IC Card (UICC) and UMTS Subscriber Identity Module (USIM)

6.2.1 UICC
A new feature in UMTS is the introduction of the UICC, a physically secure chip card
device which can be removed from terminals.

The plug-in format of the UICC is as for GSM smart cards, although a smaller format
is undergoing further study. Electrical specifications cover the 1.8V and 3V ranges
specified for GSM.

However, unlike in 2nd generation SIM cards, the UICC can host a number of
applications, of which USIM is just one. Others may include banking applications,
address books and so on.

Each application has its own domain on the UICC, and it is possible to manage each
application separately, such that security and operation of one application is not
influenced by the actions of one in a different domain. However, applications can
share common address book information.

In order to access a UMTS network, one of the applications on the UICC must be a
USIM, however it is also possible to host more than one USIM on a single UICC.
Only one USIM is permitted to be active at a time.

6.2.2 USIM
The USIM provides storage for subscription and subscriber related information and is
used to provide security features (as seen earlier). If the USIM is removed, service
terminates immediately. The USIM may also contain the user profile(s).

Functions of the USIM include authenticating the user, and providing additional
security functions which may be required.

It is not possible to access data which is for internal USIM use only
(e.g. authentication keys).

USIM allows for the transfer of applications (download), and may include an
application environment (such as MExE). In this respect, a mechanism is specified by
which the Mobile Equipment, USIM and Network can exchange service capability
information for QoS and negotiation purposes.

UMTS System Overview

49 ©Informa Telecoms
 Mobile Equipment

Standardised Interface

USIM USIM Application UICC

1 2 1

Application Address
2 Book
Info

• Subscriber Information
USIM • Authentication & Security
• Application Environments, eg MExE

Fig. 23 – Elements of the UMTS IC Card

©Informa Telecoms 50
 UMTS Services and Applications

6.2.3 Information Storage on UICC and USIM

UICC related information includes:

– the IC card i.d., uniquely identifying the UICC and card issuer

– preferred language information

– a directory of applications stored on the UICC

Information related to the USIM is listed opposite. In addition to this, there

is also information associated with security requirements, including the PIN,
an indicator of whether it is enabled or not, and a counter for PIN errors.
Other security information includes the Unblock PIN, which has its own error
counter, as well as data integrity keys and subscriber authentication keys.

Address book information stored on the UICC may be available to both the USIM
and to other applications.

UMTS System Overview

51 ©Informa Telecoms
 a) UICC Information
• UICC card i.d.
• Preferred language
• Directory of applications

b) USIM Information
• Administrative info
• USIM service table: optional services provided
• IMSI (unique subscriber i.d. number)
• Language indicator
• Location information
• Cipher key and sequence number
• Access control classes
• Forbidden networks
• Phase identification (GSM Phase 2, 2+, UMTS Phase 1 etc.)
• Ciphering key for GPRS
• GPRS location information
• Cell broadcast information
• Emergency call codes
• Phone numbers
• Short messages and related info
• Capability & configuration info
• Home Network search period
• Broadcast channel info – used in cell selection
• Various security information

Fig. 24 – Information Storage on UICC and USIM

©Informa Telecoms 52