TN_SP019_E1_1

Mobility Management Flow in

CS Domain

ZTE University

CN Team
Mobility Management Flow in CS Domain

MM layer in CS domain
 Mobility Management Flow in CS Domain

Mobility management service

 Location update
 IMSI Attach/Detach

 Normal Location Update

 Periodical Location Update

 Security management
 Authentication

 Identification

 TMSI Reallocation
 Mobility Management Flow in CS Domain

IMSI Attach/Detach

 VLR record the switch on/off status of MS

Update Location VLR mark the

request status as Update location
Switch on attach

MSC/VLR HLR

Switch off IMSI detach VLR mark the

indication status as
Detach
 Mobility Management Flow in CS Domain

Location Update

 LAC variety belongs to the same MSCS

—No need to interact with HLR

 LAC variety belongs to the different MSCS

—need to announce HLR

 Mobility Management Flow in CS Domain

Processing flow without the need of location

update to HLR

UTRAN MSC/VLR HLR

Update_Location_Area_Req

Authenticate
Encrypt

TMSI reallocation

Update_Location_Area_Ack
 Mobility Management Flow in CS Domain

Processing flow needing location update

initiation to the HLR

Old
UTRAN MSC/VLR HLR MSC/VLR
Update_Location_Area_Req
Update_Location
Cancel_Location
Cancel_Location_Ack

Insert_Subscriber _Data

Insert_Subscriber _Data_Ack

Update_Location_Area_Ack
 Mobility Management Flow in CS Domain

Periodical registration (update location)

 What is periodical update location?

 Why we need periodical update location?

 Signal flow is same to common update location

 If the subscriber doesn’t have any operation, the system

administrator will delete the recorder of this subscriber in
VLR by using Purge message, and VLR will report it to
HLR.
 Mobility Management Flow in CS Domain

Authentication features

 Authentication five element group：

 RAND (Random number)

 XRES (Expected signed responses)

 CK (Ciphering Key)

 IK (Integrity Key)

 AUTN (Authentication token)

 Authenticate each other：user network

 Add integrality protection

 Realizing Authentication and integrality protection in RNC

 Mobility Management Flow in CS Domain

Basic Principle of Authentication Procedure

MS Network
Ki
Ki Random generator
RAND

Algorithm Algorithm

SRES’ SRES
?
 Mobility Management Flow in CS Domain

Authentication Procedure

MS VLR/SGSN HLR/AUC

Step 1: Calculate and Step 1: Generate

verify whether Step 1: Transmit authentication
XMAC_A=MAC_A RAND and AUTN vectors (RAND,
based on Ki and AuthReq to the MS. SendAuthInfoReq AUTN, RES, CK
AUTN. Verify whether and IK) based on
SQN is in the correct Ki, SQN and
range. AMF parameters.

AuthRsp Step 2: Compare SendAuthInfoRsp Step 2: Transmit

Step 2: Calculate the response the generated
XRES, CK and IK. numbers to see authentication
Transmit the XRES to whether parameter set to
the VLR/SGSN XRES=RES. the VLR/SGSN.
 Mobility Management Flow in CS Domain

Authentication Vector Generation in AUC

RAND
K K K
AMF

f5 xor SQN f1 f2 f3 f4

AK SQN  AK MAC-A XRES CK IK

AUTN = SQN [ AK] || AMF || MAC-A

Q = (RAND, XRES, CK, IK, AUTN)
 Mobility Management Flow in CS Domain

Authentication Vector Generation in USIM

RAND
K SQN  AK K K
AMF

f5 xor SQN f1 f2 f3 f4

AK XMAC-A RES CK IK
 Mobility Management Flow in CS Domain

TMSI reallocation

 Adopting TMSI instead IMSI to transport on radio channel

 TMSI only available in VLR area

UTRAN MSC/VLR

TMSI_Reallocate_Cmd

TMSI_Reallocate_Cfm