Читайте также:
|
|
The information on the air interface needs to be protected, to provide user data (including speech) confidentiality and to prevent fraudulent use of subscriber and mobile identities. The basic mechanisms employed are user authentication and user data encryption. Each mobile user is provided with a Subscriber Identity Module (SIM) which contains the IMSI, the individual subscriber authentication key (Ki) and the authentication algorithm (A3). After the mobile user has made an access and service request, the network checks the identity of the user by sending a random number (RAND) to the mobile. The mobile uses the RAND, Ki and A3 algorithm to produce a signed response SRES. This response is compared with a similar response calculated by the network, and access only continues if the two responses match.
The SIM also contains a cipher key generating algorithm (A8). The MS uses the RAND and A8 to calculate a ciphering key (Kc) which is used to encrypt and decrypt signalling and user data information.
The authentication centre (AUC) is responsible for all security aspects and its function is closely linked with the HLR. The AUC generates the Ki's and associates them with IMSIs, and provides the HLR with sets of RAND, SRES and Kc for each IMSI. The HLR then provides the appropriate VLR with these sets and it is the VLR which carries out the authentication check. Authentication of mobile users can be carried out on call set up, both mobile originated and mobile terminated, on location updating, and on activation of supplementary services. As the authentication sets are used up in the VLR, further sets are requested from the HLR.
An additional security feature of GSM is the equipment identity register (E1R). This enables monitoring ofthe mobile equipment 1MEI (International Mobile Equipment Identity) which is used to validate mobile equipments thus preventing non-approved, faulty or stolen equipment from using the system. This range ofsecurity features provide a high degree of protection to the user and the network operator.
Figure 47.13 Mobile originating call
Дата добавления: 2015-11-16; просмотров: 52 | Нарушение авторских прав
<== предыдущая страница | | | следующая страница ==> |
GSM signalling | | | GSM services and features |