GSM Network Architecture Quiz

Questions and Answers

Which of the following is NOT a primary component of the GSM network architecture?

Base Station Subsystem (BSS)

Network Switching Subsystem (NSS)

Application Programming Interface (API) (correct)

Mobile Station (MS)

Which subsystem within a GSM network is responsible for managing the radio interface?

Operation and Maintenance Subsystem (OMS)

Network Switching Subsystem (NSS)

Base Station Subsystem (BSS) (correct)

Subscriber Identity Module (SIM)

Which of these components is associated with Mobile Station functionality in GSM?

SIM (correct)

BTS

MSC

HLR

The EIR component in GSM network is primarily responsible for:

Tracking stolen or invalid mobile equipment. (D)

Which component within the GSM's Network Switching Subsystem (NSS) is responsible for managing subscriber information relevant to their current location?

Visitor Location Register (VLR) (A)

What is the primary function of the HLR component within a GSM network?

To manage permanent subscriber information. (D)

Which element of the GSM architecture is responsible for managing connections between different network boundaries?

Mobile Switching Center (MSC) (A)

Which of the following best describes the function of the AUC in a GSM network?

Handling security keys and authentication (A)

Which key is primarily used for encrypting user data in GSM?

Kc (D)

What is the role of the A3 algorithm in GSM authentication?

To generate the signed response (SRES) based on RAND and Ki (A)

Which entity is typically responsible for pre-calculating authentication vectors?

HLR/AUC (D)

What information is transmitted between the VLR and HLR/AUC during the request for authentication data?

IMSI (B)

Where is the user's private key (Ki) primarily stored?

SIM Card (D)

What value is specifically used by the A8 algorithm to generate the session key (Kc)?

Ki (A)

Which function is responsible for offering an interface for external applications to interact with the 3GPP network?

Network Exposure Function (D)

What is the primary role of the Policy Control Function in a 5G network?

Governing network behavior through policy rules (A)

What does the term 'SRES' represent in the GSM authentication process?

Signed Response for authentication (B)

What is the primary purpose of the A5 algorithm?

To encrypt user data and signaling (A)

Which component is primarily responsible for the establishment, modification, and release of data sessions?

Session Management Function (C)

What is the key function of the User Plane Function?

Serving as the anchor point for Radio Access Technology mobility (C)

Which of the following is a characteristic of New Radio technology?

Millimeter waves (D)

Which of the following is a key aspect of softwarization in 5G networks?

Network Function Virtualization (D)

What is a primary focus of mobile edge protection?

Protection of cached data and authentication vectors (D)

Why is isolation important for virtualized computing environments?

To protect resources by limiting access (C)

Which component of the GSM network is responsible for storing both static and dynamic data for user identification?

Subscriber Identity Module (SIM) (C)

What is the primary function of the Visitor Location Register (VLR) in a GSM network?

To store temporary data for visiting users in a specific MSC region (D)

Which of the following is NOT typically stored within a Subscriber Identity Module (SIM)?

Equipment Identity Register (EIR) (C)

Which component is responsible for managing the mobile stations within its service area?

Mobile Switching Center (MSC) (D)

What type of data is the International Mobile Subscriber Identity (IMSI)?

A fixed identification number (A)

What is the main function of the Home Location Register (HLR)?

To keep central records of each mobile user. (D)

Which of the following best describes the purpose of the RAND shown in the figure?

It is a random number used in the authentication process. (D)

What does the acronym TMSI stand for?

Temporary Mobile Subscriber Identity (C)

Which component of the Evolved Packet Core (EPC) is responsible for bridging the EPC to the Internet?

PDN Gateway (PGW) (A)

What is the primary function of the Policy and Charging Rules Function (PCRF) within the Evolved Packet System?

Enforcing filtering rules for the PDN Gateway (PGW). (D)

Which of the following is NOT a function of the Mobility Management Entity (MME)?

Scheduling and resource control. (D)

What is the main role of the Home Subscription Server (HSS) in the Evolved Packet System?

To store user authentication and subscription information. (A)

In LTE security features, what is a key concern regarding the transmission of device identities?

Ensuring the confidentiality of transmission before traffic protection is activated. (B)

Which security feature aims to protect the integrity of signaling data in LTE networks?

Signaling Data Integrity (C)

Besides lawful interception, what is another security concern related to network components within the eNB?

The eNB platform security itself. (C)

Which of the following is NOT a primary security feature in LTE networks?

Transmission of device identities before traffic protection (D)

What is the primary purpose of the Global Unique Temporary Identity (GUTI) in cellular networks?

To provide a temporary identifier for signaling purposes. (B)

When a User Equipment (UE) reattaches or moves to a new MME which does not know the GUTI, how is the UE's identity usually resolved?

The old MME translates the GUTI to the IMSI or requests it from the UE. (A)

Which key is generated at the UE and distributed from the HSS to MMEs, and acts as an intermediate key?

KASME (B)

Where is the KASME typically kept?

Primarily in the core network (A)

What does the EPS NAS context primarily protect?

Signaling between the MME and UE. (D)

Which of the following is NOT a general handover option for transferring keys?

Direct transfer of keys from the UE to the new eNB. (C)

What is the main purpose of 'optimistic access' in the context of handover options?

To allow a UE early access using a preliminary ticket before full authentication. (D)

How does 'pre-authentication' improve the handover process?

By authenticating the UE to multiple base stations through one before handover. (A)

Flashcards

Cellular Networks

A communication system that uses cellular technology to enable mobile connectivity.

GSM (2G)

Global System for Mobile Communications, the second generation mobile network standard.

UMTS (3G)

Universal Mobile Telecommunications System, a third generation mobile network technology.

LTE (4G)

Long-Term Evolution, the fourth generation standard for mobile networks, enhancing speed and capacity.

5G

Fifth generation cellular network technology designed for ultra-high-speed data and low latency.

Mobile Station

The device used by a mobile subscriber to access cellular services.

Base Station Subsystem (BSS)

Part of a mobile network that connects mobile devices to the network.

Radio Subsystem

Component that handles radio communications between mobile devices and the base station.

Evolved Packet System

A network architecture used in LTE for data communication, integrating mobile and Internet services.

Mobility Management Entity (MME)

Manages user mobility, authentication, and bearer management in the Evolved Packet Core.

Packet Data Network (PDN) Gateway

Connects the Evolved Packet Core to external networks like the Internet.

Service Gateway (SGW)

Handles user data transport and acts as a mobility anchor in the Evolved Packet System.

User Equipment (UE)

Devices used by end-users to access the mobile network, like smartphones and tablets.

Policy and Charging Rules Function (PCRF)

Manages charging policies and quality of service regulations in the network.

Signaling Data Integrity

Ensures the security and integrity of signaling messages in the cellular network.

User and Device Confidentiality

Protects user identities and device information during mobile communication.

GUTI

Globally Unique Temporary Identifier used in signaling.

Translation of GUTI

The process of converting GUTI into IMSI by the old MME or requesting it from UE.

KASME

Key Access Security Management Entity, derived for securing connections.

EPS security context

Includes security parameters, keys, and identifiers for protecting signaling and radio links.

Handover options

Strategies for transferring keys and securing connections when a UE moves between networks.

Optimistic access

Method allowing UE preliminary access before final authentication through shared keys.

Pre-authentication

UE authenticates with multiple base stations before finalizing keys with one station.

Session Keys Context

Contains multiple session keys encrypted for different base stations, facilitating secure transfers.

GSM

Global System for Mobile Communications, a standard for mobile networks.

Subscriber Identity Module (SIM)

A tamper-resistant smart card storing user identification and data.

Home Location Register (HLR)

Database storing information about subscribers in a network.

Visitor Location Register (VLR)

Stores data for mobile users visiting a certain MSC region.

Mobile Switching Center (MSC)

Central component managing call routing and switching in the network.

Base Station Subsystem

Component handling radio communication between user devices and network.

Equipment Identity Register (EIR)

Database storing information about the identities of mobile devices.

Authentication Center (AUC)

Component providing security and authentication for mobile users.

Network Exposure Function

Interface for applications to communicate with the 3GPP network.

Policy Control Function

Supports unified policy framework to govern network behavior and enforce rules.

Session Management Function

Establishes, modifies, and releases data sessions while managing traffic policies.

User Plane Function

Handles packet routing, traffic reporting, and quality of service in user data traffic.

New Radio

Introduces advanced features like millimeter waves and beam-forming for better connectivity.

Network Function Virtualization

Enables network functions to run as virtualized services on hardware.

Mobile Edge Protection

Ensures protection of cached data and computing resources at the edge of the network.

Network Slicing

Allows multiple virtual networks to coexist on a single physical network infrastructure.

IMSI

International Mobile Subscriber Identity, a unique identifier for mobile users.

RAND

A random number used in authentication processes within networks.

Authentication Vector

A set of parameters including RAND and SRES used for authentication.

SRES

Signed Response generated during authentication to verify identity.

AUC

Authentication Center, used to generate authentication information.

HLR

Home Location Register, a database for subscriber information.

VLR

Visitor Location Register, stores temporary information for roaming users.

Study Notes

GSM (2G)

• GSM is a second-generation cellular network technology.
• It lacks explicit security and privacy measures.
• Authentication and encryption are basic protections.
• Security challenges include eavesdropping, call interception, and lack of privacy mechanisms.
• Fake base stations, causing radio link security vulnerabilities, are also present.

GSM Components

• Mobile Device: The subscriber identity module (SIM) is used for identification.
• Base Station Subsystem: Consists of base transceiver stations (BTS) and base station controllers.
• Mobile Switching Center (MSC): Handles call routing and switching between mobile stations.
• Home Location Register (HLR): Stores information about registered users.
• Visitor Location Register (VLR): Stores information on a user when located in other GSM regions.

GSM Security Functions

• Subscriber Identity Confidentiality: Protects user identity data.
• Subscriber Identity Authentication: Verifies user identity.
• Signaling Information Element Confidentiality: Protects signaling info between network entities.
• Data Confidentiality: Protects user data transmission.

GSM Security Protection I

• TMSI (Temporary Mobile Subscriber Identity) is used to identify users on the radio channel instead of IMSI (subscriber identity).
• The VLR assigns a TMSI when a mobile station changes location.

GSM Security Protection II

• In some cases (e.g. VLR database failures), the IMSI is requested from the mobile station itself.
• Issues include lack of correct subscriber data, or missing TMSI.

GSM Cryptographic Algorithms

• A3: Subscriber authentication, using the COMP algorithm, often a weak encryption method due to 9 rounds and hashing of 256 to 128 bits.
• A8: Radio encryption, also based on the COMP algorithm, with similar vulnerabilities.

GSM Weakly Secure Authentication

• Secret keys (K) are stored on the SIM card.
• The signature response (SRES) is generated from the secret key and a random number (RAND).
• Sending the secret key from the authentication center to the VLR is a security measure.

GSM Generation of Security Data for HLR

• The authentication center (AUC) calculates security data, which stores the encryption key (Kc) in the HLR for each user.

GSM Highly Secure Subscriber Authentication

• Authentication information (RAND, SRES) is pre-calculated, stored in the HLR, and retrieved by the VLR.

GSM Encryption of Signalling and User Data

• Encryption processes happen during channel coding, burst formation, modulation, and transmission by the transceiver.
• Different keys (A8, A5) are used for encryption based on specific parts of the network.

GSM Combining Payload Data and Ciphering Stream

• Combining user data and key flow for encryption.

GSM Location Registration

• The process of registering a mobile station's location within the cellular network.

GSM Location Update I

• The process involved when the mobile station location changes.

GSM Location Update II

• The IMSI is requested from the mobile station, used for locating the subscriber.

GSM Outgoing Call

• The process of making a call from a mobile station using the cellular network.

GSM Incoming Call

• The process handling an incoming call to a mobile station in a cellular network.

GSM SMS

• Handling Short Message Service (SMS) messages, including paging, authentication, and encryption.

UMTS (3G)

• A third-generation cellular technology that builds upon GSM.
• It includes improvements in security, compared to GSM.
• UMTS uses a more sophisticated architecture with different network components such as RNC (radio network controller), the core network, and the access network.

UMTS Components

• Radio Network Controller (RNC)
• Radio Access Network
• UMTS Terrestrial RAN
• General Packet Radio Service (GPRS).

UMTS Approaches Addressing GSM Security Weaknesses

• Active attacks: False network attacks mitigated with mutual authentication.
• Encryption: Encryption keys transferred securely.
• Clear text transmissions: No clear text transmissions between network components to avoid eavesdropping.
• Network domain security is achieved with network segregation.

UMTS Authentication and Key Agreement

• Permanent key K is shared between ME (mobile equipment) and AUC(authentication center).
• Authentication occurs after the transmission of IMSI/TMSI.

UMTS Encryption

• Parameters, such as direction, LENGTH, and BEARER/5, are used for encryption.

UMTS Integrity Protection

• Security context with IK, 128-bit key, and a random number.
• Protection against replay attacks using a FRESH random number.

UMTS Confidentiality

• TMSI and P-TMSI are transferred to the user after encryption.
• Used for paging and location update/deletion.

UMTS Cryptographic Algorithms

• SNOW 3G
• UIA2
• KASUMI

UMTS Network Domain Security

• Security domains are managed by a single authority (administrator).
• Security gateways, ensuring security at network domain borders.
• Services: Use protocols, including integrity, Data Integrity, anti-replay protections, confidentiality and traffic analysis safeguards.

UMTS WLAN Interworking with EAP-Authentication and Key Agreement

• Supports user access to 3G networks via WIFI.

LTE (4G)

• A fourth-generation cellular technology that enhances 3G.
• It uses the Evolved Packet System (EPS) architecture with new components like EPC (Evolved Packet Core), HSS (Home Subscription Server), and MME (Mobile Management Entity).

LTE EPS Security Features

• User and device confidentiality ensures secure transmission of device identities.
• Mutual UE and Network authentication ensures secure user authentication.
• Confidentiality ensures security of user and signaling data.

LTE EPS Design Decisions

• Establishing a permanent security association between UE and AUC.
• Reusing 3G USIM, but not 2G SIM.
• Delegated authentication for security between HSS and MME, and securing keys.
• Key requests from base stations and distributing session keys.

LTE EPS Security Architecture

• Key agreement and authentication in the EPS architecture.
• Key distribution methods (especially for handover).

LTE Signaling Plane Protection

• Ensuring security of signalling data that flows between the network entities.

LTE Data Plane Protection

• Protection of data flowing between the network endpoints, including applications and endpoints.

LTE EPS Authentication and Key Agreement

• Methods like IMSI-based identification, AKA (Authentication and Key Agreement) protocols, and securing of keys, including generation and distribution.

LTE Authentication Vector Generation in HSS

• Generating authentication vectors in the HSS using methods like a sequence number, random numbers, and KASME (key management entity)
• Key derivations and the expected response parameters.

LTE User Authentication in USIM

• Generating and verifying authentication vectors and verifying correct authentication contexts.

LTE Distribution of Authentication Data inside SNS

• Issue and solving of problems with MME that don't know the GUTI in situations such as reattachments and mobility.
• Methods for securing data transfers including translations between IMSI and GUTI, and authentications via keys for consistent security across network regions.

LTE Key Hierarchy

• Methods for creating and distributing cryptographic keys, with an emphasis on the security and handling of the KASME (intermediate key).

LTE Security Contexts

• security context with parameters such as cryptographic keys.
• protection and handling of signalling and user data.

LTE General Handover Options

• Methods for transferring authentication keys between network entities during handovers.
• Optimistic access with a preliminary ticket before authentication.

LTE Key Handling in Handovers

• Key exchange with new base stations and updating authentication information as handovers occur.

LTE Lawful Interception

• Legal authorization for monitoring private communications in cellular networks.
• Providing methods for communication monitoring, such as at the administration level.

5G Service-Based Network Architecture

• The Network functions are distinct and integrated in a service-based model.
• The individual network elements, like NRF, NCF, UDM, NEF and AF coordinate.

5G Network Architecture Components

• Access and mobility management handles mobile procedures and signaling, with a separation of network and access functionality.
• Authentication Management for secure UE authentication and Network Exposure for outside application communication.

5G Policy Control Function

• Centralized policy management, defining network protocols.
• Policies for controlling networks and enforcing behaviour.

5G Unified Data Management

• Data management for users and applications.

5G Features

• Wireless technologies like millimeter waves, beamforming, and multiple input and multiple output (MIMO) are introduced.

5G Mobile Edge Protection

• Security of cached data and authentication vectors protects virtual computing environments.

5G 3GPP System Security Architecture

• Secure access and data exchange with user authentication and validation processes.
• Domain security features include registering, discovering, authorizing, and securing services and applications.

UICC (Universal Integrated Circuit Card) Evolution

• Evolution of hardware and software components in SIM cards across the generations of cellular networks from 2G to 5G.

Description

Test your knowledge on GSM network architecture with this quiz that covers key components, functionalities, and management systems within the GSM framework. Understand the roles of various subsystems like HLR, VLR, and AUC, and enhance your understanding of mobile communications.