UNIT II MOBILE TELECOMMUNICATION SYSTEM: Introduction to Cellular Systems -

GSM – Services & Architecture – Protocols – Connection Establishment – Frequency Allocation –

Routing – Mobility Management – Security – GPRSUMTS – Architecture – Handover - Security.

INTRODUCTION TO CELLULAR NETWORKS

Digital cellular networks are the segment of the market for mobile and wireless devices which are
growing most rapidly. They are the wireless extensions of traditional PSTN or ISDN networks and
allow for seamless roaming with the same mobile phone nation or even worldwide. Today, these
systems are mainly used for voice traffic. However, data traffic is continuously growing and
therefore, these are handled by several technologies for wireless data transmissions
●​ AMPS(Advanced Mobiles Phone System) à1G
●​ GSM, TDMA, CDMA, and PDC (Personal Digital Cellular) and PCS (Personal
Communication System) are all second generation systems.
●​ Examples for second generation (2G) mobile phone networks- GSM, GPRS à2.5GNetworks
●​ DECT (Digital European Cordless Telephone) and TERTA (Terrestrial Trunked
Radio) àexamples for cordless telephony and trunked radio systems.
●​ UMTS example forà3G mobile telecommunication networks.
●​ 2Gà1990’s to 2000, 2.5Gà 2001 to 2004, 3Gà2004to 2015, 4Gà2010 – 2020, 5G now

Global System for Mobile Communications (GSM)

GSM (Global System for Mobile Communications) is at present being used in India. It is possibly
the most successful digital mobile system to have ever been used till now. An important
characteristic of the GSM system is that it provides data services in addition to voice services, and
yet is compatible to 1G system. GSM networks operate in four different radio frequencies. Most
GSM networks operate either in the 900 MHz or in the 1800 MHz frequency bands. Some countries
in the American continent (especially the USA and Canada) use the 850 MHz and 1900MHz bands
because the 900 MHz and 1800 MHz frequency bands are already allocated for other purposes. The
relatively rarely used 400 MHz and 450 MHz frequency bands are assigned in some countries,
notably Scandinavia where these frequencies were previously used for the first generation systems.
In the 900 MHz band, the uplink frequency band is 890–915 MHz, and the downlink frequency
band is 935–960 MHz
Performance characteristics of GSM :

​ Communication
♦​ Mobile, wireless communication; support for voice and data services
●​ International access, chip-card enables
​ Total mobility
use of access points of different providers

​ Worldwide connectivity
●​ One number, the network handles localization
​ High capacity
●​ Better frequency efficiency, smaller cells, more customers per cell
​ High transmission quality
●​ High audio quality and reliability for wireless, uninterrupted phone calls
at higher speeds (e.g., from cars, trains)
​ Security functions
●​ Access control, authentication via chip-card and PIN

Disadvantages of GSM:

​ There is no perfect system!!

•​ No end-to-end encryption of user data
•​ No full ISDN bandwidth of 64 Kbit/s to the user, no transparent B-channel
​ Reduced concentration while driving
​ Electromagnetic radiation
​ Abuse of private data possible
​ Roaming profiles accessible
​ High complexity of the system
​ Several incompatibilities within the GSM standards

GSM Services

GSM provides three main categories of services. These are: (i) Bearer services (ii) Teleservices

(iii)​ Supplementary services. In the following, we elaborate these different categories ofservices.

Bearer services:

Bearer services give the subscribers the capability to send and receive data to/from remote
computers or mobile phones. For this reason, bearer services are also known as data services.
These services also enable the transparent transmission of data between GSM and other networks
like PSTN, ISDN, etc. at rates from 300 bps to 9600 bps. These services are implemented on the
lower-three layers of the OSI reference model. Besides supporting SMS, e-mail, voice mailbox,
and Internet access, this service provides the users with the capability to execute remote
applications. GSM supports data transfer rates of up to 9.6 kbps.

Figure 2.1.1 Reference Model for GSM Services

Figure 2.1.1 shows the reference model for GSM services.

The Mobile station MS is connected to GSM public Land Mobile Network via a Um interface.
This network is connected to Transit ISDN or PSTN. The Bearer services permit either
transparent or non-transparent, and either synchronous or asynchronous modes of data
transmission. We elaborate these in the following.

●​ The transparent bearer services use the functions of the physical layer of transmission of
data leading to constant delay and throughput if no transmission errors occur. There is a
mechanism called FEC (Forward Error Correction) to increase the quality of data
transmission.
●​ The non-transparent bearer services use protocols of the second and third layers to
implement error correction and flow control. They use transparent bearer services in
addition to a Radio Link Protocol (RLP). This protocol comprises mechanisms of high
level data link control.

Tele services:

GSM provides both the voice-oriented teleservices and the non-voice teleservices, as discussed
below. Telephony: The main goal of GSM was to provide high quality digital voice transmission,
offering the bandwidth of 3.1 kHz of analog phone systems. Special codecs are used for voice
transmission, while other codecs are used for the transmission of analog data for communication
with traditional computer modems used in fax machines.

​ Telecommunication services that enable voice communication via mobile phones

​ All these basic services have to obey cellular functions, security measurements etc.
​ Offered services
•​ Mobile telephony
primary goal of GSM was to enable mobile telephony offering the traditional
bandwidth of 3.1 kHz
 •​ Emergency number
common number throughout Europe (112); mandatory for all service providers; free
of charge; connection with the highest priority (preemption of other connections
possible)
•​ Multi numbering
several ISDN phone numbers per user possible

​ Additional services

❖​ Non-Voice-Teleservices
✔​ Group 3 fax-two data is transmitted as digital data over the analog telephone
network.
✔​ Voice mailbox (implemented in the fixed network supporting the mobile
terminals)
✔​ Electronic mail (MHS-Message Handling System, implemented in the fixed
network)
❖​ Short Message Service (SMS)
✔​ Alphanumeric data transmission to/from the mobile terminal (160 characters)
using the signalling channel, thus allowing simultaneous use of basic
services and SMS (almost ignored in the beginning now the most successful
add-on!)

Emergency number: The same number is used throughout an area. This service is free of cost
and mandatorily provided by all service providers. This connection will automatically be set up
with the closest emergency centre.

Short message services: This service offers transmission of text messages of sizes up to 160
characters. SMS services use the signalling channels, making possible the duplex system of the
sending and receiving the SMSs messages.

Fax: In this service, using modems fax data is transmitted as digital data over the analog telephone
network according to the ITU-T Standards T.4 and T.30.

Supplementary services: GSM provides certain supplementary services such as

useridentification, call redirection, and forwarding of ongoing calls. In addition, standard ISDN
features such as ‘close user groups’ and ‘multiparty’ communication are available.

​ Services in addition to the basic services, cannot be offered stand-alone

​ Similar to ISDN services besides lower bandwidth due to the radio link
​ May differ between different service providers, countries and protocol versions
​ Important services
•​ Identification: forwarding of caller number
•​ Suppression of number forwarding
•​ Automatic call-back
•​ Conferencing with up to 7 participants
•​ Locking of the mobile terminal (incoming or outgoing calls)

System Architecture of GSM

A GSM system consists of three main subsystems:

(i)​ Radio Subsystem (RSS)

(ii)​ (ii) Networking and Switching Subsystem (NSS)
(iii)​ Operation Subsystem (OSS)
(iv)​ ​A schematic of the functional architecture of a GSM system is shown in Fig. 2.1.2.
Thedifferent components of this architecture are briefly explained in the following.

Figure 2.1.2 Functional Architecture of a GSM System Radio

subsystem (RSS)

This subsystem comprises all the radio specific entities. That is, the mobile stations, the base
station subsystems, the base transceiver station and the base station controller. We brieflyexplain
the important components of the radio subsystem in the following:
Mobile Station (MS):
A mobile station (MS) or cell phone contains two major components: the subscriber identity
module (SIM) and the mobile device. The SIM is a removable smart card. Each mobile device has
a unique identifier that is known as its IMEI (International Mobile Equipment Identity). Apart
from the telephone interface, an MS also offers other types of interfaces to the users suchas USB,
Bluetooth, etc. Despite its small size, a SIM card is a very important component of a GSM
network. It contains all the subscription information of a subscriber and holds the key information
that activates the phone after it is powered on. It contains a microcontroller to primarily store and
retrieve data from the flash storage on the SIM. Identification information is stored in the SIM
card’s protected memory (ROM) that is not accessible or modifiable by the customer.

Additional flash memory is included in the mobile device to allow storage of other information
such as addresses, pictures, audio and video clips, and short messages. The SIM card contains
many other identifiers and tables such as card type, serial number, a list of subscribed services, and
a Personal Identity Number (PIN).

Base Station Subsystem (BSS):

A GSM network comprises many BSSs. Each BSS consists of a Base Station Controller (BSC)
and several Base Transceiver Stations (BTSs). We will explain these components subsequently. A
BSS performs all functions necessary to maintain radio connections to an MS, as well as does
coding/decoding of voice.

Base Transceiver Station (BTS):

A BTS comprises all radio equipment such as antenna, signal processors and amplifiers that are
necessary for radio transmission. It encodes the received signal, modulates it on a carrier wave,
and feeds the RF signals to the antenna. It communicates with both the mobile station and the
BSC.

Base Station Controller (BSC):

A BSC manages the radio resource of the BTSs in the sense that it assigns frequency and time
slots for all MSs in the area. It also manages the handoff from one BTS to another within the BSS.
The BSC also multiplexes the radio channels onto the fixed network connection to the Mobile
Switching Centre (MSC).

Network and switching subsystem (NSS)

This subsystem forms the heart of the GSM system. It connects the wireless networks to the
standard public networks and carries out usage-based charging, accounting, and also handles
roaming. NSS consists of a switching centre and several databases as described below.
Mobile Switching Center (MSC):

An MSC can be considered to form the heart of a GSM network. An MSC sets up connectionsto
other MSCs and to other networks such as Public Data Network (PDN). An MSC is responsible
for the connection setup, connection release, and call handoff to other MSCs. A Gateway MSC
(GMSC) is responsible for gateway functions, while a customer roams to other networks. It also
performs certain other supplementary services such as call forwarding, multiparty calls, etc.

Home Location Registers (HLRs):

A HLR stores in a database important information that is specific to each subscriber. The information
contains subscriber’s IMSI, pre/post paid, user’s current location, etc.

Visitor Location Register (VLR):

It is essentially a temporary database that is updated whenever a new MS enters its area by
roaming. The information is obtained from the corresponding HLR database. The function of the
VLR is to reduce the number of queries to the HLR and make the user feel as if he were in his
home network.

Operation subsystem (OSS)

The operation subsystem contains all the functions necessary for network operation and maintenance.
It consists of the following:

Operation and Maintenance Centre (OMC):

It supervises all other network entities. Its functions are traffic monitoring, subscribers, security
management and accounting billing.

Authentication Centre ( AuC ) :

It protects against intruders targeting the air interface. The AuC stores information concerned with
security features such as user authentication and encryption. The AuC is related to the HLR.
Equipment Identity Register (EIR):

It is essentially a database that is used to track handsets using the IMEI. It helps to block calls
from stolen, unauthorized, or defective mobiles.
GSM PROTOCOLS
The signalling protocol in GSM is structured into three general layers depending on the interface,
as shown below. Layer 1 is the physical layer that handles all radio-specific functions. This
includes the creation of bursts according to the five different formats, multiplexing of bursts into
a TDMA frame, synchronization with the BTS, detection of idle channels, and measurement of
the channel quality on the downlink. The physical layer at Um uses GMSK for digital
modulation and performs encryption/decryption of data, i.e., encryption is not performed end-
to-end, but only between MS and BSS over the air interface.

Figure 2.1.3 Protocol architecture for Signalling

The main tasks of the physical layer comprise channel coding and error detection/correction,
which is directly combined with the coding mechanisms. Channel coding makes extensive use of

different forward error correction (FEC) schemes. Signalling between entities in a GSM
network requires higher layers. For this purpose, the LAPDm protocol has been defined at the
Um interface for layer two. LAPDm has been derived from link access procedure for the D-
channel (LAPD) in ISDN systems, which is a version of HDLC. LAPDm is a lightweight LAPD
because it does not need synchronization flags or checksumming for error detection. LAPDm
offers reliable data transfer over connections, re- sequencing of data frames, and flow control.
 The network layer in GSM, layer three, comprises several sublayers. The lowest sublayer is the
radio resource management (RR). Only a part of this layer, RR’, is implemented in the BTS, the
remainder is situated in the BSC. The functions of RR’ are supported by the BSC via the BTS
management (BTSM). The main tasks of RR are setup, maintenance, and release of
radiochannels. Mobility management (MM) contains functions for registration, authentication,
identification, location updating, and the provision of a temporary mobile subscriber identity
(TMSI).

Finally, the call management (CM) layer contains three entities: call control (CC), short message
service (SMS), and supplementary service (SS). SMS allows for message transfer using the
control channels SDCCH and SACCH, while SS offers the services like user identification, call
redirection, or forwarding of ongoing calls. CC provides a point-to-point connection between
two terminals and is used by higher layers for call establishment, call clearing and change of call
parameters. This layer also provides functions to send in-band tones, called dual tone multiple
frequency (DTMF), over the GSM network. These tones are used, e.g., for the remote control of
answering machines or the entry of PINs in electronic banking and are, also used for dialing in
traditional analog telephone systems.

Additional protocols are used at the Abis and A interfaces. Data transmission at the physical
layer typically uses pulse code modulation (PCM) systems. LAPD is used for layer two at
Abis, BTSM for BTS management. Signalling system No. 7 (SS7) is used for signalling
between an MSC and a BSC. This protocol also transfers all management information between
MSCs, HLR, VLRs, AuC, EIR, and OMC. An MSC can also control a BSS via a BSS
application part (BSSAP).

GSM SECURITY

Security in GSM is broadly supported at three levels: operator’s level, customer’s level and system
level. These three levels help oversee aspects such as correct billing to the customer, avoiding
fraud, protecting services, and ensuring anonymity. The following are a few important features
associated with providing security in GSM networks.
GSM offers several security services using confidential information stored in the AuC and in the
individual SIM. The SIM stores personal, secret data and is protected with a PIN against
unauthorized use. Three algorithms have been specified to provide security services in GSM.
Algorithm A3 is used for authentication, A5 for encryption, and A8 for the generation of a cipher
key. The various security services offered by GSM are:

ACCESS CONTROL AND AUTHENTICATION:

The first step includes the authentication of a valid user for the SIM. The user needs a secret PINto
access the SIM. The next step is the subscriber authentication. This step is based on a challenge-
response scheme as shown below:

Figure 2.1.4 Subscriber Authentication

AUTHENTICATION :
Authentication is based on the SIM, which stores the individual authentication key Ki, the user
identification IMSI, and the algorithm used for authentication A3. The AuC performs the basic
generation of random values RAND, signed responses SRES, and cipher keys Kc for each IMSI,
and then forwards this information to the HLR. The current VLR requests the appropriate values
for RAND, SRES, and Kc from the HLR.

For authentication, the VLR sends the random value RAND to the SIM. Both sides, network and
subscriber module, perform the same operation with RAND and the key Ki, called A3. The MS
sends back the SRES generated by the SIM; the VLR can now compare both values. If they are the
same, the VLR accepts the subscriber, otherwise the subscriber is rejected.
The purpose of authentication is to protect the network against unauthorized use. In the GSM
context, it helps protect the GSM subscribers by denying the possibility for intruders to
impersonate authorized users. A GSM network operator can verify the identity of the subscriber,
making it highly improbable to clone someone else’s mobile phone identity. Authentication can be
achieved in a simple way by using a password such as Personal Identification Number (PIN). This
method is not very secure in GSM networks as an attacker can “listen” the PIN and easily break
the code.

CONFIDENTIALITY:
A GSM network protects voice, data and sensitive signalling information (e.g. dialed digits)
against eavesdropping on the radio path. Confidentiality of subscriber-dialled information in the
GSM network is achieved by using encryption techniques prescribed by the GSM designers.

Data on the radio path is encrypted between the Mobile Equipment (ME) and the BTS which
protects user traffic and sensitive signalling data against eavesdropping.
All user-related data is encrypted. After authentication, BTS and MS apply encryption to
voice,data, and signalling as shown below.

Figure 3.1.5 Confidentiality

To ensure privacy, all messages containing user-related information are encrypted in GSM over the
air interface. After authentication, MS and BSS can start using encryption by applying the cipher
key Kc, which is generated using the individual key Ki and a random value by applying the
algorithm A8. Note that the SIM in the MS and the network both calculate the same Kc basedon
the random value RAND. The key Kc itself is not transmitted over the air interface. MS and BTS
can now encrypt and decrypt data using the algorithm A5 and the cipher key Kc.
ANONYMITY:
A GSM network protects against someone tracking the location of a user or identifying calls made
to (or from) the user by eavesdropping on the radio path. The anonymity of the subscriber on the
radio access link in the GSM network is achieved by allocating Temporary Mobile Subscriber
Identity (TMSIs) instead of permanent identities. This helps to protect against tracking a user’s
location and obtaining information about a user’s calling pattern.

To provide user anonymity, all data is encrypted before transmission, and user identifiers are not
used over the air. Instead, GSM transmits a temporary identifier (TMSI), which is newly assigned
by the VLR after each location update. Additionally, the VLR can change the TMSI at any time.

GSM HANDOVER (Mobility management)

Cellular systems require handover procedures, as single cells do not cover the whole service area.
However, a handover should not cause a cut-off, also called call drop. GSM aims at maximum
handover duration of 60 ms. There are two basic reasons for a handover:

1.​ The mobile station moves out of the range of a BTS, decreasing the received signal level
increasing the error rate thereby diminishing the quality of the radio link.

2.​ Handover may be due to load balancing, when an MSC/BSC decides the traffic is too high
in one cell and shifts some MS to other cells with a lower load.

The four possible handover scenarios of GSM are shown below:

 ​ Intra-cell handover: Within a cell, narrow-band interference could make transmission at
a certain frequency impossible. The BSC could then decide to change the carrier
frequency (scenario 1).
​ Inter-cell, intra-BSC handover: This is a typical handover scenario. The mobile station
moves from one cell to another, but stays within the control of the same BSC. The BSC
then performs a handover, assigns a new radio channel in the new cell and releases the
old one (scenario 2).
​ Inter-BSC, intra-MSC handover: As a BSC only controls a limited number of cells;
GSM also has to perform handovers between cells controlled by different BSCs. This
handover then has to be controlled by the MSC (scenario 3).
​ Inter MSC handover: A handover could be required between two cells belonging to
different MSCs. Now both MSCs perform the handover together (scenario 4).
To provide all the necessary information for a handover due to a weak link, MS and BTS
both perform periodic measurements of the downlink and uplink quality respectively.
Measurement reports are sent by the MS about every half-second and contain the quality
of the current link used for transmission as well as the quality of certain channels in
neighboring cells (the BCCHs).

GSM CONNECTION ESTABLISHMENT / CALL SETUP

(Localization & Calling)

The fundamental feature of the GSM system is the automatic, worldwide localization of users for
which, the system performs periodic location updates. The HLR always contains information
about the current location and the VLR currently responsible for the MS informs the HLR about
the location changes. Changing VLRs with uninterrupted availability is called roaming.
Roamingcan take place within a network of one provider, between two providers in a country and
also between different providers in different countries.

To locate and address an MS, several numbers are needed:

▪​ Mobile station international ISDN number (MSISDN):- The only important number for
a user of GSM is the phone number. This number consists of the country code (CC), the national
destination code (NDC) and the subscriber number (SN).

▪​ International mobile subscriber identity (IMSI): GSM uses the IMSI for internal unique
identification of a subscriber. IMSI consists of a mobile country code (MCC), the mobile network
code (MNC), and finally the mobile subscriber identification number (MSIN).

▪​ Temporary mobile subscriber identity (TMSI): To hide the IMSI, which would give
away the exact identity of the user signalling over the air interface, GSM uses the 4 byte TMSI for
local subscriber identification.

▪​ Mobile station roaming number (MSRN): Another temporary address that hides the
identity and location of a subscriber is MSRN. The VLR generates this address on request from
the MSC, and the address is also stored in the HLR. MSRN contains the current visitor country
code (VCC), the visitor national destination code (VNDC), the identification of the current MSC
together with the subscriber number. The MSRN helps the HLR to find a subscriber for an
incoming call.

For a mobile terminated call (MTC), the following figure shows the different steps that take place:

Figure 2.1.9 Mobile Terminated Call (MTC)

Step 1: User dials the phone number of a GSM subscriber.

Step 2: The fixed network (PSTN) identifies the number belongs to a user in GSM network

and forwards the call setup to the Gateway MSC (GMSC).

Step 3: The GMSC identifies the HLR for the subscriber and signals the call setup to

HLR Step 4: The HLR checks for number existence and its subscribed services and

requests an MSRN from the current VLR.

Step 5: VLR sends the MSRN to HLR

Step 6: Upon receiving MSRN, the HLR determines the MSC responsible for MS and forwards

the information to the GMSC

Step 7: The GMSC can now forward the call setup request to the MSC indicated
Step 8: The MSC requests the VLR for the current status of the MS

Step 9: VLR sends the requested information

Step 10: If MS is available, the MSC initiates paging in all cells it is responsible for.

Step 11: The btss of all bsss transmit the paging signal to the MS

Step 12: Step 13: If MS answers, VLR performs security checks

Step 15: Till step 17: Then the VLR signals to the MSC to setup a connection to the MS

For a mobile originated call (MOC), the following steps take place:

Figure 2.1.10 Mobile Originated Call (MOC)

Step 1: The MS transmits a request for a new connection

Step 2: The BSS forwards this request to the MSC
 Step 3: The MSC then checks if this user is allowed to set up a call with the requested

and checks the availability of resources through the GSM network and into the PSTN.

Step 4: If all resources are available, the MSC sets up a connection between the MS and

the fixed network.

General Packet Radio Service (GPRS)

GPRS when integrated with GSM, significantly improves and simplifies Internet access. It
transfers data packets from GSM mobile stations to external packet data networks (PDNs). Packets
can be directly routed from the GPRS mobile stations to packet switched networks making it easy
to connect to the Internet. GSM uses a billing system based on the time (duration)of connection,
whereas GPRS uses a billing system based on the amount of transmitted data rather than the
duration of the connection. So, users can remain continuously connected to the system, and yet get
charged only for the amount of transmitted data.

✔​ GPRS extends data capability of GSM and provides connection to external packet data
network through GSM infrastructure with short access time to network for independent
short packets (500-1000bytes)
✔​ It is an enhancement of GSM. It uses same physical channels as GSM and only new
logical GPRS radio channels are defined.
✔​ One to eight radio interface timeslots can be allocated per TDMA frame.
✔​ The active users share time slots and uplink and downlink are allocated separately
✔​ Allocation of GPRS is done dynamically according to “capacity on demand”
✔​ GPRS offers permanent connections to internet with volume based charging that enables
a user to obtain a less expensive connection to the internet.
✔​ This should also allow for broadcast, multicast and unicast service.
✔​ GPRS MSs are of three types:
•​ Class A terminals operate GPRS and other GSM services simultaneously
•​ Class B terminals can monitor all services but operate either GPRS or GSM
 •​ Class C terminals operate only GPRS service.
✔​ Depending on coding, transfer rate up to 170kbits is possible
✔​ In phase 1, GPRS offers a point-to-point (PTP) packet transfer service
✔​ One of the PTP version offer is PTP connection oriented Network service (PTP-CONS),
which includes the ability of GPRS to maintain a virtual circuit upon change of the cell
with in the GSM network.
✔​ The other PTP version offered is PTP Connectionless Network service (PTP-CLNS)
which supports IP applications
✔​ Multicasting called Point –to-multipoint (PTM) service is left for GPRS phase 2
✔​ Users of GPRS can specify a QoS-profile. This determines the service precedence (high,
normal, low), reliability class and delay class of the transmission.

GPRS SERVICES

GPRS offers end-to-end packet-switched data transfer services which​ can be categorized
into the following two types:

(i)​ Point-to-Point (PTP) service

(ii)​ Point-to-Multipoint (PTM) service.

PTP (Point-To-Point) Services

Some of the GPRS services are not likely to be provided by network operators during early
deployment of GPRS due in part to the phased development of the standard. Market demand is
another factor affecting the decision of the operators regarding which services to offer first.
The PTP service is between two users and can either be connectionless or connection-oriented.

GPRS will support applications based on IP. Applications based on the Connection Oriented
Network Protocols are also defined to be supported. The X.25 protocol was initially mentioned
but has been dropped in recent standard developments. Table 1 illustrates the general description
of the PTP services and some possible applications.
PTM (Point-To-Multipoint) Services

The PTM is a data transfer service from one user to multiple users. Again, there are two types of
PTM services. One is multicast PTM where the data packets are broadcast in a certain area and the
other is group call PTM where the data packets are addressed to a group of users. The PTM
services provide the subscribers with the capability to send data to multiple destinations within one
single service request. Table 2 shows a general description of these services and some possible
applications. With the exception of PTM-M (Point-To-Multi-point Multicast) services, groups
must be defined and members are required to join an ongoing call to become participants.A
PTM-G (Point-to-Multipoint Group) call is usually restricted to members located within a specific
geographical area. An IP-M (IP-Multicast) call is on the other hand independent of the
geographical area of the participants and can be internal to the network or distributed across the
internet.
GPRS ARCHITECTURE

GPRS architecture introduces two new network elements, called GPRS Support Node (GSN)and
the Gateway GPRS Support Node (GGSN) . A GSN is essentially a router. All GSNs are
integrated into a standard GSM architecture. The GGSN is the interworking unit between the
GPRS network and the external packet data network (PDN). The GGSN contains routing
information for GPRS users, performs address connection and tunnells data to a user through
encapsulation. In Fig. 2.10, the GGSN is connected to an external network and it transfers packets
to the SGSN through an IP- based GPRS backbone network.
 Figure 2.2.1 GPRS Architecture Reference Model

As shown in Fig. SGSN (Serving GPRS Support Node) helps support MS. The SGSN is
connected to BSC through frame relay and it is at the same hierarchy level as the MSC. The
GPRS Register (GR) is a part of HLR which stores all the relevant GPRS data. In a part of HLR
which stores all the relevant data of GPRS in a mobile IP network, GGSN and SGSNs can be
compared with home agent and foreign agent respectively. The data packets are transmitted tothe
BSS and finally to the MS through the GGSN and SGSN. The MSC as we have already
discussed is responsible for data transport in the traditional circuit-switched GSM.

❖​ GPRS network elements

Two new network element which are called GSN (GPRS Support Nodes): GGSN
and SGSN

​ GGSN (Gateway GSN)

o​ Interworking unit between GPRS and PDN (Packet Data Network)

o​ PDN contains routing information for GPRS users and
performs address conversion
 ​ SGSN (Serving GSN)

o​ Supports the MS via the Gb interface(location, billing, security)

Request user addresses from GPRS register (GR) keeps track of
individual MSs location and it is responsible for collecting billing
information.

​ GR (GPRS Register)

​ stores all GPRS relevant data and user addresses

All GSN are integrated into standard GSM architecture. Packet data is transmitted from PDN, via
GGSN and SGSN directly to the BSS and finally to MS. Before sending data over GPRS
network, An MS must attach a Temporary Logical link Identity (TLLI) and a Ciphering key
sequence Number (CKSN) for data encryption. Besides attachment and detachment Mobility
management also comprises functions for authentication, location management etc. For each MS,
a GPRS context is set up and stored in the MS and in the corresponding SGSN.This context
comprises the status of MS (ready, idle, standby) In idle mode an MS is not reachable and all
contexts are deleted. In standby only movement across routing areas is updated to SGSN but not
changes of the cell. In ready state every movement of MS is indicated to the SGSN.

Universal Mobile Telecommunications System (UMTS)

​ UTRA (was: UMTS, now: Universal Terrestrial Radio Access)

​ Enhancements of GSM
●​ EDGE (Enhanced Data rates for GSM Evolution): uses enhanced modulation
( 8 PSK) and GSM up to 384 kbit/s
●​ CAMEL (Customized Application for Mobile Enhanced Logic)
●​ VHE (virtual Home Environment)
​ Fits into GMM (Global Multimedia Mobility) initiative from ETSI
​ Requirements
●​ min. 144 kbit/s rural (goal: 384 kbit/s)
●​ min. 384 kbit/s suburban (goal: 512 kbit/s)
●​ up to 2 Mbit/s urban
•​ UTRA-FDD:
(FDD - Frequency Division Duplex)

●​ Uplink 1920-1980 MHz

 ●​ Downlink 2110-2170 MHz
●​ Duplex spacing 190 MHz
●​ 12 channels, each 5 MHz
•​ UTRA-TDD:
(TDD - Time Division Duplex)

●​ 1900-1920 MHz,
●​ 2010-2025 MHz;
●​ 5 MHz channels

UMTS Network Architecture

The UMTS network architecture can be divided into three main elements:

User Equipment (UE):

The User Equipment (UE) is the name by which a cell phone is referred to. The new name was
chosen because of the considerably greater functionality that the UE incorporates compared to a
cell phone. It can be thought of as both a mobile phone used for talking and a data terminal
attached to a computer with no voice capability. The UTRAN is connected to UE via the radio
interface Uu and via Iu interface the UTRAN communicates with Core Network (CN)

Figure 2.3.1 UMTS Network Architecture

UTRAN (Universal Terrestrial Radio Access Network):

✔​ Cell level mobility

✔​ Radio Network Subsystem (RNS)
●​ Function of this system include ciphering, deciphering, hand over
control, Radio resource management etc.

✔​ Encapsulation of all radio specific tasks

Core Network:
The core network is the equivalent of the GSM Network Switching Subsystem (NSS).
✔​ Inter system handover
✔​ Contains the function for inter-system handover, gateways to other networks etc
✔​ Location management if there is no dedicated connection between UE and UTRAN
​ UMTS further subdivides the above architecture into

Domains UMTS DOMAINS AND INTERFACES

​ User Equipment Domain

✔​ Assigned to a single user in order to access UMTS services
​ Infrastructure Domain
✔​ Shared among all users
✔​ Offers UMTS services to all accepted users
​ Universal Subscriber Identity Module (USIM)
✔​ Functions for encryption and authentication of users
✔​ Located on a SIM inserted into a mobile device
​ Mobile Equipment Domain
✔​ Functions for radio transmission
✔​ User interface for establishing/maintaining end-to-end connections
​ Access Network Domain
✔​ Access network dependent functions
✔​ Contains Radio Access Networks(RAN) and Core network Domain
 ​ Core Network Domain
✔​ Access network independent functions
✔​ This domain separated into three domains with specific tasks: Service Network
domain and Home network domain
✔​ Serving Network Domain
●​ Network currently responsible for communication
✔​ Home Network Domain
​ Location and access network independent functions

UMTS HANDOVER

▪​ Handover or handoff is as important for UMTS as any other form of cellular

telecommunicationssystem.
▪​ As with any other cellular telecommunications system it is essential that UMTS handover
is performed seamlessly so that the user is not aware of anychange.
▪​ Any failures within the UMTS handover procedure will lead to dropped calls which will
in turn result in user dissatisfaction and ultimately it may lead to users changingnetworks.

Handovers are an important part of every cellular communication system. They

are used for providing mobility in cellular architectures.

Types of Handover
There are four basic types of handover:

(1)​Softer handover: Intra-node B,Intra-RNC

Not a full form of UMTS handover, but the UE communicates with more than one sector
managed by the same Node B.
(2)​ Soft handover : Inter-node B,Intra-RNC
This form of handover is more gradual and the UE communicates simultaneously with more
than one Node B or base station during the handover process.

(3)​Hard handover:​ (i) Inter-RNC, Intra-MSC &(ii)Inter-MSC

This form of handover is essentially the same as that used for 2G networks where one link is
broken and another established.

(4)​Inter-System handover:​ (UMTS -GSM)

This form of handover occurs when mobiles have to change between Radio Access Technologies
(i.e. between 3G and2G).