Third Generation (3G)

3G comes with enhancements over previous wireless technologies, like high-speed transmission, advanced multimedia access and global roaming. 3G is mostly used with mobile phones and handsets as a means to connect the phone to the Internet or other IP networks in order to make voice and video calls, to download and upload data and to surf the net.

Basically, 3G wireless technology corresponds to the convergence of various 2G wireless telecommunications systems into a single global system that includes both terrestrial and satellite components. The 3G wireless technology unifies existing cellular standards, such as CDMA, GSM and TDMA under one umbrella. The following three air interface modes accomplish this result: wideband CDMA, CDMA2000 and the Universal Wireless Communication (UWC-136) interfaces.

Wideband CDMA (W-CDMA) is compatible with the current 2G GSM networks used for high-capacity applications and 2G digital wireless systems will be used for voice calls. The second radio interface is CDMA2000, backward compatible with the second generation CDMA IS-95 standard predominantly used in US. The third radio interface, Universal Wireless Communications – UWC-136 is designed to comply with ANSI-136, the North American TDMA standard

Specifically, 3G wireless networks support the following maximum data transfer rates:

o 2.05 Mbits/second to stationary devices.

o 384 Kbits/second for slowly moving devices, such as a handset carried by a walking user.

o 128 Kbits/second for fast moving devices, such as handsets in moving vehicles.

3G has the following enhancements over 2.5G and previous networks- o Several times higher data speed,

o Enhanced audio and video streaming,

o Video-conferencing support, Web and WAP browsing at higher speeds, o IPTV (TV through the Internet) support.

4.3.1 3G Architecture

3G wireless networks consist of a Radio Access Network (RAN) and a core 3G network. RAN is connected to the core 3G network and the core 3G network is connected to the IP Network i.e. Internet and the Circuit Switched Network i.e. PSTN (Public Switched Telephone Network). Internet connectivity enables 3G users to receive data services, such as weather reports, stock reports, sports information, chat, electronic mail; Cross Network Services such as Call Forwarding Services, Client Billing Service and Location Based Instant Messaging; Location Based Services such as navigation, restaurant information, etc. In 2G systems network access is provided either to the PSTN or the Internet, so Cross Network Services are unavailable [3]. The architecture of the 3G network is illustrated in the Figure-4.1.

Figure-4.1: 3G Network Architecture Model

The Radio Access Network consists of new network elements, known as Node B and Radio Network Controllers (RNCs). Node B is comparable to the Base Transceiver Station in 2G wireless networks. RNC replaces the Base Station Controller. It provides the radio resource management, handover control and support for the connections to circuit-switched and packet-switched domains.

The core 3G network contains the Circuit Switched (CS) domain, the Packet Switched (PS) domain and the IP Multimedia Subsystem (IMS) based on the functional viewpoint. The Circuit Switched domain includes 3G MSC and Gateway Mobile Switching Center (GMSC) for switching of voice calls. The CS Domain is used to access the PSTN. The Packet Switched domain includes 3G SGSNs and GGSNs, which provide the same functionality that they provide in a GPRS system. The PS domain is used to access the Internet. The CS and PS domain may have some entities in common. The IP Multimedia Subsystem includes a set of all core network entities for provision of multimedia services. The IMS enables the mobile network operators to offer their subscriber’s multimedia services based on and built upon Internet

4.3.2 3G Network

Subscribers may be related with two networks in a 3G system: a home network and a serving network. The responsibilities of the home network are to provide services to the subscriber, management and maintenance of subscriber profiles, billing and authenticating the subscriber to receive service. On the other hand the serving network changes as the user location changes. It provides radio resources, mobility management, routing and handling services for the subscribers.

All subscribers are permanently assigned a geographical region called a home network from where they may roam to other visiting networks. The Home Location Register (HLR) is in the home network and stores permanent subscriber profile data and relevant temporary data such as current subscriber location (pointer to Visitor Location Register i.e. VLR). The VLR is assigned to a specific administrative area and associated with one Mobile Switching Centers (MSCs) that act as an interface between the radio system and the fixed network, and handles circuit switched services for subscribers currently roaming in its area. The VLR acts as a temporary repository and stores data of all mobile stations (user handset) that are currently roaming in its assigned area. The VLR obtains this data from the HLR assigned to the mobile station. The VLR and MSC are either in the home or home network depending on the location of the subscriber [18].

If a network delivering a call to the mobile network cannot locate the HLR, the call is routed to an MSC. This MSC will locate the appropriate HLR and then route the call to the MSC where the mobile station is located. The MSC in charge of routing the call to the actual location of the mobile station is called the Gateway MSC (GMSC). The GMSC’s are available to pass voice traffic between the PSTN network and the 3G network [17].

One of the basic 3G services is call delivery service that is used to deliver incoming calls to any subscriber with a mobile device regardless of their location. The signal flow for call delivery service is illustrated in the Fig.4.2. When a call is placed to a mobile subscriber, the call (signaling message ‘IAM’) is sent to the nearest GMSC

which is responsible for routing calls and passing voice traffic between different networks. Each signaling message contains data items used to invoke functions at the destination service nodes. For an example, the IAM signaling message contains the

‘called number’ data item and is used to invoke the function that finds the assigned HLR (home network) of the called party at the GMSC [5]. The GMSC checks the called number in the incoming call (‘IAM’) and resolves it to the assigned HLR of the called party. Then it sends the signaling message ‘SRI’ to HLR. The SRI message contains data items such as the called number and the alerting pattern. Basically the alerting pattern denotes the pattern like packet switched data or short message service or circuit switched call. An alerting pattern is used to alert the called mobile subscriber.

Figure-4.2: Signal flow for call delivery service

9. Page

The HLR is aware of the location where the called subscriber is currently visiting and requests the corresponding VLR for a ‘roaming number’ (‘PRN’) to route the call and downloads the incoming call profile to the VLR. The VLR then assigns a roaming number for routing the call and passes it on to the HLR (‘PRN_ACK’). Then the HLR passes on this ‘roaming number’ to the GMSC (‘SRI_ACK’). The GMSC uses this

‘roaming number’ to route the incoming call to the MSC where the subscriber is currently visiting. The MSC requests the VLR for the incoming call profile for the called subscriber (‘SIFIC’) and receives the profile in the ‘Page MS’ signaling message. The MSC alerts (‘Page’) the mobile station [17-18].

4.3.3 3G Network Security

A set of security requirements defined by ITU, for IMT-2000 systems within the structure of Open Systems Security Architecture (ITU Recommendation X.800) are:

o Only authorized users should be able to access and use telecommunication networks;

o Authorized users should be able to access and operate on assets they are authorized to access;

o Telecommunication networks should provide privacy at the level set by the security policies of the network;

o All users should be held accountable for their own but only their own actions in telecommunication networks;

o In order to ensure availability, telecommunication networks should be protected against unsolicited access or operations;

o It should be possible to retrieve security-related information from

telecommunication networks (but only authorized users should be able to retrieve such information);

o If security violations are detected, they should be handled in a controlled way in accordance with a pre-defined plan to minimize potential damage;

o After a security breach is detected, it should be possible to restore normal security levels;

The security architecture of telecommunication networks should provide certain flexibility in order to support different security policies, e.g., different strength of security mechanisms; [40]

The first five of the above goals are to be achieved by implementing confidentiality, data integrity, accountability – including authentication, non-repudiation, and access control and availability mechanisms [40].

The security implementation of 3G network is important as 3G is based on IP technology. The 1G and 2G networks were isolated because they did not provide connectivity to any public networks to which end subscribers had direct access. The vulnerabilities of these networks are few and well assessed. 3G provides direct access to the public network so; it becomes open to the attacker. In 3G more users of varied data-capable devices who are accessing content and communicating with one another across multiple networks, so there will be more traffic on the cellular networks. That implies a higher likelihood of attacks occurring from any number of sources. For an example, many sophisticated attacks disguise themselves in data flows across sessions and ports – the more traffic there is, the harder it is to identify the threats.